From 60b732088877ccedf2edb75cfa86a4c4043da9d6 Mon Sep 17 00:00:00 2001
From: Peter Rotich <peter@osticket.com>
Date: Wed, 3 Oct 2012 16:44:14 -0400
Subject: [PATCH] Support auto-login if auth token is available.

---
 view.php | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/view.php b/view.php
index 984b04c3..10e5374f 100644
--- a/view.php
+++ b/view.php
@@ -3,6 +3,7 @@
     view.php
 
     Ticket View.
+    TODO: Support different views based on auth_token - e.g for BCC'ed users vs. Ticket owner.
 
     Peter Rotich <peter@osticket.com>
     Copyright (c)  2006-2010 osTicket
@@ -14,8 +15,22 @@
     vim: expandtab sw=4 ts=4 sts=4:
     $Id: $
 **********************************************************************/
-require('secure.inc.php');
-if(!is_object($thisclient) || !$thisclient->isValid()) die('Access denied'); //Double check again.
-//We are now using tickets.php but we need to keep view.php for backward compatibility
+require_once('client.inc.php');
+
+//If the user is NOT logged in - try auto-login (if params exists).
+if(!$thisclient || !$thisclient->isValid()) {
+    // * On login Client::login will redirect the user to tickets.php view.
+    // * See TODO above for planned multi-view.
+    $user = null;
+    if($_GET['t'] && $_GET['e'] && $_GET['a'])
+        $user = Client::login($_GET['t'], $_GET['e'], $_GET['a'], $errors);
+
+    //XXX: For now we're assuming the user is the ticket owner
+    // (multi-view based on auth token will come later).
+    if($user && $user->getTicketID()==trim($_GET['t']))
+        @header('Location: tickets.php?id='.$user->getTicketID());
+}
+
+//Simply redirecting to tickets.php until multiview is implemented.
 require('tickets.php');
 ?>