From b239b736899893c6c28a508870d32402a744daad Mon Sep 17 00:00:00 2001
From: Yasen Pramatarov <yasen@lindeas.com>
Date: Mon, 15 Dec 2025 17:58:42 +0200
Subject: [PATCH] Fixes public pages that are also authenticated pages.

---
 public_html/index.php | 19 +++++++------------
 1 file changed, 7 insertions(+), 12 deletions(-)

diff --git a/public_html/index.php b/public_html/index.php
index 3d7943b..47d9561 100644
--- a/public_html/index.php
+++ b/public_html/index.php
@@ -122,18 +122,10 @@ $pipeline->add(function() {
     return true;
 });
 
-// For public pages, we don't need to validate the session
-// The Router will handle authentication for protected pages
-$validSession = false;
-$userId = null;
-
-// Only check session for non-public pages
-if (!in_array($page, $public_pages)) {
-    $validSession = Session::isValidSession(true);
-    if ($validSession) {
-        $userId = Session::getUserId();
-    }
-}
+// Always detect authenticated session so templates shared
+// between public and private pages behave consistently.
+$validSession = Session::isValidSession(true);
+$userId = $validSession ? Session::getUserId() : null;
 
 // Initialize feedback message system
 require_once '../app/classes/feedback.php';
@@ -162,6 +154,9 @@ $allowed_urls = filter_allowed_urls($allowed_urls);
 require_once __DIR__ . '/../app/core/Router.php';
 use App\Core\Router;
 $currentUser = Router::checkAuth($config, $app_root, $public_pages, $page);
+if ($currentUser === null && $validSession) {
+    $currentUser = Session::getUsername();
+}
 
 // Connect to DB via DatabaseConnector
 require_once __DIR__ . '/../app/core/DatabaseConnector.php';