diff --git a/app/contacts/contact_attachment.php b/app/contacts/contact_attachment.php
index 3701728cbf..11b7bac938 100644
--- a/app/contacts/contact_attachment.php
+++ b/app/contacts/contact_attachment.php
@@ -34,6 +34,7 @@
 //get attachment uuid
 	$contact_attachment_uuid = $_GET['id'] ?? '';
 	$action = $_GET['action'] ?? '';
+	$session_id = $_GET['sid'] ?? '';
 
 //get media
 	if (!empty($contact_attachment_uuid) && is_uuid($contact_attachment_uuid)) {
@@ -45,14 +46,13 @@
 		$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
 		$database = new database;
 		$attachment = $database->select($sql, $parameters ?? null, 'row');
-		// view_array($database->message);
 		unset($sql, $parameters);
 
 		$attachment_type = strtolower(pathinfo($attachment['attachment_filename'] ?? '', PATHINFO_EXTENSION));
 
 		//determine mime type
 		$content_type = 'application/octet-stream'; //set default
-		$allowed_attachment_types = json_decode($_SESSION['contacts']['allowed_attachment_types']['text'] ?? '', true);
+		$allowed_attachment_types = json_decode($_SESSION['contact']['allowed_attachment_types']['text'] ?? '', true);
 		if (!empty($allowed_attachment_types)) {
 			if ($allowed_attachment_types[$attachment_type] != '') {
 				$content_type = $allowed_attachment_types[$attachment_type];
@@ -64,6 +64,10 @@
 				header("Content-type: ".$content_type."; charset=utf-8");
 				header("Content-Disposition: attachment; filename=\"".$attachment['attachment_filename']."\"");
 				header("Content-Length: ".strlen(base64_decode($attachment['attachment_content'])));
+				if (!empty($session_id)) {
+					header("Cache-Control: max-age=86400"); // 24h
+					header("Expires: ". gmdate('D, d M Y H:i:s \G\M\T', time() + 86400)); // 24h
+				}
 				echo base64_decode($attachment['attachment_content']);
 				break;
 			case 'display':
diff --git a/app/contacts/contact_edit.php b/app/contacts/contact_edit.php
index 11c8e08122..605f7045fc 100644
--- a/app/contacts/contact_edit.php
+++ b/app/contacts/contact_edit.php
@@ -496,19 +496,17 @@
 			$y = 0;
 			if (!empty($contact_attachments)) {
 				foreach ($contact_attachments as $row) {
-					if (!empty($row['attachment_description'])) {
-						$array['contacts'][0]['contact_attachments'][$y]['contact_attachment_uuid'] = $row["contact_attachment_uuid"];
-						$array['contacts'][0]['contact_attachments'][$y]['domain_uuid'] = $row["domain_uuid"];
-						$array['contacts'][0]['contact_attachments'][$y]['contact_uuid'] = $row["contact_uuid"];
-						$array['contacts'][0]['contact_attachments'][$y]['attachment_primary'] = $row["attachment_primary"];
-						//$array['contacts'][0]['contact_attachments'][$y]['attachment_filename'] = $row["attachment_filename"];
-						//$array['contacts'][0]['contact_attachments'][$y]['attachment_content'] = $row["attachment_content"];
-						$array['contacts'][0]['contact_attachments'][$y]['attachment_description'] = $row["attachment_description"];
-						//$array['contacts'][0]['contact_attachments'][$y]['attachment_uploaded_date'] = $row["attachment_uploaded_date"];
-						//$array['contacts'][0]['contact_attachments'][$y]['attachment_uploaded_user_uuid'] = $row["attachment_uploaded_user_uuid"];
-						//$array['contacts'][0]['contact_attachments'][$y]['attachment_size'] = $row["attachment_size"];
-						$y++;
-					}
+					$array['contacts'][0]['contact_attachments'][$y]['contact_attachment_uuid'] = $row["contact_attachment_uuid"];
+					$array['contacts'][0]['contact_attachments'][$y]['domain_uuid'] = $row["domain_uuid"];
+					$array['contacts'][0]['contact_attachments'][$y]['contact_uuid'] = $row["contact_uuid"];
+					$array['contacts'][0]['contact_attachments'][$y]['attachment_primary'] = $row["attachment_primary"];
+					//$array['contacts'][0]['contact_attachments'][$y]['attachment_filename'] = $row["attachment_filename"];
+					//$array['contacts'][0]['contact_attachments'][$y]['attachment_content'] = $row["attachment_content"];
+					$array['contacts'][0]['contact_attachments'][$y]['attachment_description'] = $row["attachment_description"] ?? null;
+					//$array['contacts'][0]['contact_attachments'][$y]['attachment_uploaded_date'] = $row["attachment_uploaded_date"];
+					//$array['contacts'][0]['contact_attachments'][$y]['attachment_uploaded_user_uuid'] = $row["attachment_uploaded_user_uuid"];
+					//$array['contacts'][0]['contact_attachments'][$y]['attachment_size'] = $row["attachment_size"];
+					$y++;
 				}
 			}
 
@@ -2622,7 +2620,7 @@ if (permission_exists('contact_attachment_view')) {
 		echo "		</select>\n";
 		echo "	</div>\n";
 
-		echo "	<div class='label required'>\n";
+		echo "	<div class='label'>\n";
 		echo "		".$text['label-description']."\n";
 		echo "	</div>\n";
 		echo "	<div class='field no-wrap'>\n";
diff --git a/core/authentication/resources/classes/authentication.php b/core/authentication/resources/classes/authentication.php
index f2199f9b1b..f2995de820 100644
--- a/core/authentication/resources/classes/authentication.php
+++ b/core/authentication/resources/classes/authentication.php
@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2023
+	Portions created by the Initial Developer are Copyright (C) 2008-2024
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -78,6 +78,9 @@ class authentication {
 				$_SESSION['authentication']['methods'][] = 'database';
 			}
 
+		//check if contacts app exists
+			$contacts_exists = file_exists($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/contacts/') ? true : false;
+
 		//use the authentication plugins
 			foreach ($_SESSION['authentication']['methods'] as $name) {
 				//already processed the plugin move to the next plugin
@@ -118,6 +121,12 @@ class authentication {
 						$result['username'] = $array["username"];
 						$result['user_uuid'] = $array["user_uuid"];
 						$result['contact_uuid'] = $array["contact_uuid"];
+						if ($contacts_exists) {
+							$result["contact_organization"] = $array["contact_organization"];
+							$result["contact_name_given"] = $array["contact_name_given"];
+							$result["contact_name_family"] = $array["contact_name_family"];
+							$result["contact_image"] = $array["contact_image"];
+						}
 						$result['domain_uuid'] = $array["domain_uuid"];
 						$result['authorized'] = $array["authorized"];
 
@@ -256,6 +265,13 @@ class authentication {
 					$_SESSION["user"]["user_uuid"] = $result["user_uuid"];
 					$_SESSION["user"]["username"] = $result["username"];
 					$_SESSION["user"]["contact_uuid"] = $result["contact_uuid"];
+					if ($contacts_exists) {
+						$_SESSION["user"]["contact_organization"] = $result["contact_organization"] ?? null;
+						$_SESSION["user"]["contact_name"] = trim(($result["contact_name_given"] ?? '').' '.($result["contact_name_family"] ?? ''));
+						$_SESSION["user"]["contact_name_given"] = $result["contact_name_given"] ?? null;
+						$_SESSION["user"]["contact_name_family"] = $result["contact_name_family"] ?? null;
+						$_SESSION["user"]["contact_image"] = !empty($result["contact_image"]) && is_uuid($result["contact_image"]) ? $result["contact_image"] : null;
+					}
 
 				//empty the  permissions
 					if (isset($_SESSION['permissions'])) {
diff --git a/core/authentication/resources/classes/plugins/database.php b/core/authentication/resources/classes/plugins/database.php
index bd684f6df7..26966d88d8 100644
--- a/core/authentication/resources/classes/plugins/database.php
+++ b/core/authentication/resources/classes/plugins/database.php
@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2023
+	Portions created by the Initial Developer are Copyright (C) 2008-2024
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -38,6 +38,10 @@ class plugin_database {
 	public $domain_uuid;
 	public $user_uuid;
 	public $contact_uuid;
+	public $contact_organization;
+	public $contact_name_given;
+	public $contact_name_family;
+	public $contact_image;
 	public $username;
 	public $password;
 	public $key;
@@ -101,7 +105,7 @@ class plugin_database {
 					$view->assign("project_path", PROJECT_PATH);
 					$view->assign("login_destination_url", $login_destination);
 					$view->assign("login_domain_name_visible", $login_domain_name_visible);
-					$view->assign("login_domain_names", $login_domain_name);			
+					$view->assign("login_domain_names", $login_domain_name);
 					$view->assign("favicon", $theme_favicon);
 					$view->assign("login_logo_width", $theme_login_logo_width);
 					$view->assign("login_logo_height", $theme_login_logo_height);
@@ -166,12 +170,40 @@ class plugin_database {
 		//set the default status
 			$user_authorized = false;
 
+		//check if contacts app exists
+			$contacts_exists = file_exists($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/contacts/') ? true : false;
+
 		//check the username and password if they don't match then redirect to the login
-			$sql = "select u.user_uuid, u.contact_uuid, u.username, u.password, ";
-			$sql .= "u.user_email, u.salt, u.api_key, u.domain_uuid, d.domain_name ";
-			$sql .= "from v_users as u, v_domains as d ";
-			$sql .= "where u.domain_uuid = d.domain_uuid ";
-			$sql .= "and (user_type = 'default' or user_type is null) ";
+			$sql = "select ";
+			$sql .= "	d.domain_name, ";
+			$sql .= "	u.user_uuid, ";
+			$sql .= "	u.contact_uuid, ";
+			$sql .= "	u.username, ";
+			$sql .= "	u.password, ";
+			$sql .= "	u.user_email, ";
+			$sql .= "	u.salt, ";
+			$sql .= "	u.api_key, ";
+			$sql .= "	u.domain_uuid ";
+			if ($contacts_exists) {
+				$sql .= ",";
+				$sql .= "c.contact_organization, ";
+				$sql .= "c.contact_name_given, ";
+				$sql .= "c.contact_name_family, ";
+				$sql .= "a.contact_attachment_uuid ";
+			}
+			$sql .= "from ";
+			$sql .= "	v_domains as d, ";
+			$sql .= "	v_users as u ";
+			if ($contacts_exists) {
+				$sql .= "left join v_contacts as c on u.contact_uuid = c.contact_uuid and u.contact_uuid is not null ";
+				$sql .= "left join v_contact_attachments as a on u.contact_uuid = a.contact_uuid and u.contact_uuid is not null and a.attachment_primary = 1 and a.attachment_filename is not null and a.attachment_content is not null ";
+			}
+			$sql .= "where ";
+			$sql .= "	u.domain_uuid = d.domain_uuid ";
+			$sql .= "	and (";
+			$sql .= "		user_type = 'default' ";
+			$sql .= "		or user_type is null";
+			$sql .= "	) ";
 			if (isset($this->key) && strlen($this->key) > 30) {
 				$sql .= "and u.api_key = :api_key ";
 				$parameters['api_key'] = $this->key;
@@ -236,6 +268,12 @@ class plugin_database {
 							$this->username = $row['username'];
 							$this->user_email = $row['user_email'];
 							$this->contact_uuid = $row['contact_uuid'];
+							if ($contacts_exists) {
+								$this->contact_organization = $row['contact_organization'];
+								$this->contact_name_given = $row['contact_name_given'];
+								$this->contact_name_family = $row['contact_name_family'];
+								$this->contact_image = $row['contact_attachment_uuid'];
+							}
 
 						//debug info
 							//echo "user_uuid ".$this->user_uuid."<br />\n";
@@ -308,6 +346,12 @@ class plugin_database {
 						$result["user_uuid"] = $this->user_uuid;
 						$result["domain_uuid"] = $_SESSION['domain_uuid'];
 						$result["contact_uuid"] = $this->contact_uuid;
+						if ($contacts_exists) {
+							$result["contact_organization"] = $this->contact_organization;
+							$result["contact_name_given"] = $this->contact_name_given;
+							$result["contact_name_family"] = $this->contact_name_family;
+							$result["contact_image"] = $this->contact_image;
+						}
 						$result["user_email"] = $this->user_email;
 						$result["sql"] = $sql;
 						$result["authorized"] = $valid_password;
diff --git a/core/authentication/resources/classes/plugins/email.php b/core/authentication/resources/classes/plugins/email.php
index ad14d65d01..dc822d7a01 100644
--- a/core/authentication/resources/classes/plugins/email.php
+++ b/core/authentication/resources/classes/plugins/email.php
@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2023
+	Portions created by the Initial Developer are Copyright (C) 2008-2024
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -403,14 +403,35 @@ class plugin_email {
 				//clear posted authentication code
 				unset($_POST['authentication_code']);
 
+				//check if contacts app exists
+				$contacts_exists = file_exists($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/contacts/') ? true : false;
+
 				//get the user details
 				if ($auth_valid) {
 					//get user data from the database
-					$sql = "select user_uuid, username, user_email, contact_uuid from v_users ";
-					$sql .= "where user_uuid = :user_uuid ";
+					$sql = "select ";
+					$sql .= "	u.user_uuid, ";
+					$sql .= "	u.username, ";
+					$sql .= "	u.user_email, ";
+					$sql .= "	u.contact_uuid ";
+					if ($contacts_exists) {
+						$sql .= ",";
+						$sql .= "c.contact_organization, ";
+						$sql .= "c.contact_name_given, ";
+						$sql .= "c.contact_name_family, ";
+						$sql .= "a.contact_attachment_uuid ";
+					}
+					$sql .= "from ";
+					$sql .= "	v_users as u ";
+					if ($contacts_exists) {
+						$sql .= "left join v_contacts as c on u.contact_uuid = c.contact_uuid and u.contact_uuid is not null ";
+						$sql .= "left join v_contact_attachments as a on u.contact_uuid = a.contact_uuid and u.contact_uuid is not null and a.attachment_primary = 1 and a.attachment_filename is not null and a.attachment_content is not null ";
+					}
+					$sql .= "where ";
+					$sql .= "	u.user_uuid = :user_uuid ";
 					if ($settings['users']['unique'] != "global") {
 						//unique username per domain (not globally unique across system - example: email address)
-						$sql .= "and domain_uuid = :domain_uuid ";
+						$sql .= "and u.domain_uuid = :domain_uuid ";
 						$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
 					}
 					$parameters['user_uuid'] = $_SESSION["user_uuid"];
@@ -472,7 +493,13 @@ class plugin_email {
 				$result["username"] = $_SESSION["username"];
 				$result["user_uuid"] = $_SESSION["user_uuid"];
 				$result["domain_uuid"] = $_SESSION["domain_uuid"];
-				$result["contact_uuid"] = $_SESSION["contact_uuid"];
+				if ($contacts_exists) {
+					$result["contact_uuid"] = $_SESSION["contact_uuid"];
+					$result["contact_organization"] = $row["contact_organization"];
+					$result["contact_name_given"] = $row["contact_name_given"];
+					$result["contact_name_family"] = $row["contact_name_family"];
+					$result["contact_image"] = $row["contact_attachment_uuid"];
+				}
 				$result["authorized"] = $auth_valid ? true : false;
 
 				//add the failed login to user logs
diff --git a/core/authentication/resources/classes/plugins/totp.php b/core/authentication/resources/classes/plugins/totp.php
index d170355df0..5bb5134857 100644
--- a/core/authentication/resources/classes/plugins/totp.php
+++ b/core/authentication/resources/classes/plugins/totp.php
@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2023
+	Portions created by the Initial Developer are Copyright (C) 2008-2024
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -327,15 +327,35 @@ class plugin_totp {
 				//clear posted authentication code
 				unset($_POST['authentication_code']);
 
+				//check if contacts app exists
+				$contacts_exists = file_exists($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/contacts/') ? true : false;
+
 				//get the user details
 				if ($auth_valid) {
 					//get user data from the database
-					$sql = "select user_uuid, username, user_email, contact_uuid ";
-					$sql .= "from v_users ";
-					$sql .= "where user_uuid = :user_uuid ";
+					$sql = "select ";
+					$sql .= "	u.user_uuid, ";
+					$sql .= "	u.username, ";
+					$sql .= "	u.user_email, ";
+					$sql .= "	u.contact_uuid ";
+					if ($contacts_exists) {
+						$sql .= ",";
+						$sql .= "c.contact_organization, ";
+						$sql .= "c.contact_name_given, ";
+						$sql .= "c.contact_name_family, ";
+						$sql .= "a.contact_attachment_uuid ";
+					}
+					$sql .= "from ";
+					$sql .= "	v_users as u ";
+					if ($contacts_exists) {
+						$sql .= "left join v_contacts as c on u.contact_uuid = c.contact_uuid and u.contact_uuid is not null ";
+						$sql .= "left join v_contact_attachments as a on u.contact_uuid = a.contact_uuid and u.contact_uuid is not null and a.attachment_primary = 1 and a.attachment_filename is not null and a.attachment_content is not null ";
+					}
+					$sql .= "where ";
+					$sql .= "	u.user_uuid = :user_uuid ";
 					if ($settings['users']['unique'] != "global") {
 						//unique username per domain (not globally unique across system - example: email address)
-						$sql .= "and domain_uuid = :domain_uuid ";
+						$sql .= "and u.domain_uuid = :domain_uuid ";
 						$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
 					}
 					$parameters['user_uuid'] = $_SESSION["user_uuid"];
@@ -392,6 +412,12 @@ class plugin_totp {
 				$result["user_uuid"] = $_SESSION["user_uuid"];
 				$result["domain_uuid"] = $_SESSION["domain_uuid"];
 				$result["contact_uuid"] = $_SESSION["contact_uuid"];
+				if ($contacts_exists) {
+					$result["contact_organization"] = $row["contact_organization"];
+					$result["contact_name_given"] = $row["contact_name_given"];
+					$result["contact_name_family"] = $row["contact_name_family"];
+					$result["contact_image"] = $row["contact_attachment_uuid"];
+				}
 				$result["authorized"] = $auth_valid ? true : false;
 
 				//add the failed login to user logs
diff --git a/resources/classes/menu.php b/resources/classes/menu.php
index 0424c8b690..01e72a33eb 100644
--- a/resources/classes/menu.php
+++ b/resources/classes/menu.php
@@ -1098,6 +1098,10 @@ if (!class_exists('menu')) {
 		 */
 		public function menu_vertical($menu_array) {
 
+			//add multi-lingual support
+				$language = new text;
+				$text = $language->get();
+
 			//menu brand image and/or text
 				$html .= "	<div id='menu_side_control_container'>\n";
 				$html .= "		<div class='menu_side_control_state' style='float: right; ".($_SESSION['theme']['menu_side_state']['text'] != 'expanded' ? 'display: none' : null)."'>\n";
@@ -1173,6 +1177,43 @@ if (!class_exists('menu')) {
 				$content_container_onclick = "onclick=\"clearTimeout(menu_side_contract_timer); if ($(window).width() >= 576) { menu_side_contract(); }\"";
 			}
 			$html .= "<div id='content_container' ".$content_container_onclick.">\n";
+
+			//user menu on body header when side menu
+				//styles below are defined here to prevent caching (following a permission change, etc)
+				$html .= "<style>\n";
+				$html .= "div#body_header_user_menu {\n";
+				$html .= "	right: ".(permission_exists('domain_select') ? '170px' : '30px')." !important;\n";
+				$html .= "	}\n";
+				$html .= "@media (max-width: 575.98px) {\n";
+				$html .= "	div#body_header_user_menu {\n";
+				$html .= "		right: 10px !important;;\n";
+				$html .= "		}\n";
+				$html .= "	}\n";
+				$html .= "</style>\n";
+
+				$html .= "<div id='body_header_user_menu'>\n";
+				$html .= "	<div class='row m-0'>\n";
+				if (!empty($_SESSION['user']['contact_image']) && is_uuid($_SESSION['user']['contact_image'])) {
+					$html .= "	<div class='col-5 col-sm-6 p-0' style=\"min-width: 130px; background-image: url('".PROJECT_PATH."/app/contacts/contact_attachment.php?id=".$_SESSION['user']['contact_image']."&action=download&sid=".session_id()."'); background-repeat: no-repeat; background-size: cover; background-position: center;\"></div>\n";
+				}
+				$html .= "		<div class='".(!empty($_SESSION['user']['contact_image']) && is_uuid($_SESSION['user']['contact_image']) ? 'col-7 col-sm-6 pr-0' : 'col-12 p-0')." ' style='min-width: 130px; text-align: left;'>\n";
+				if (!empty($_SESSION['user']['contact_name'])) {
+					$html .= "		<div style='line-height: 95%;'><strong>".$_SESSION['user']['contact_name']."</strong></div>\n";
+				}
+				if (!empty($_SESSION['user']['contact_organization'])) {
+					$html .= "		<div class='mt-2' style='font-size: 85%; line-height: 95%;'>".$_SESSION['user']['contact_organization']."</div>\n";
+				}
+				if (!empty($_SESSION['user']['extension'][0]['destination'])) {
+					$html .= "		<div class='mt-2' style='font-size: 90%;'><i class='fa-solid fa-phone' style='margin-right: 5px; color: #00b043;'></i><strong>".$_SESSION['user']['extension'][0]['destination']."</strong></div>\n";
+				}
+				$html .= "			<div class='pt-2 mt-3' style='border-top: 1px solid ".color_adjust($_SESSION['theme']['body_header_shadow_color']['text'], 0.05).";'>\n";
+				$html .= "				<a href='".PROJECT_PATH."/core/users/user_edit.php?id=user'>".$text['title-account_settings']."</a><br>\n";
+				$html .= "				<a href='".PROJECT_PATH."/logout.php'>".$text['title-logout']."</a>\n";
+				$html .= "			</div>";
+				$html .= "		</div>";
+				$html .= "	</div>";
+				$html .= "</div>";
+
 			$html .= "	<div id='body_header'>\n";
 			//header: left
 				$html .= "<div class='float-left'>\n";
@@ -1192,39 +1233,22 @@ if (!class_exists('menu')) {
 			//header: right
 				$html .= "<div class='float-right' style='white-space: nowrap;'>";
 				//current user
+					//set (default) user graphic size and icon
+					$user_graphic_size = 18;
 					$user_graphic = "<i class='".(!empty($_SESSION['theme']['body_header_icon_user']['text']) ? $_SESSION['theme']['body_header_icon_user']['text'] : 'fa-solid fa-user-circle')." fa-lg fa-fw' style='margin-right: 5px;'></i>";
-					//determine usage of icon or image
-					if ($_SESSION['theme']['body_header_user_image']['boolean'] == true && !empty($_SESSION['user']['contact_uuid']) && is_uuid($_SESSION['user']['contact_uuid'])) {
-						//load if not already in session
-						if (empty($_SESSION['user']['image'])) {
-							$sql = "select attachment_filename, attachment_content from v_contact_attachments where contact_uuid = :contact_uuid and attachment_primary = 1 and attachment_filename is not null and attachment_content is not null";
-							$parameters['contact_uuid'] = $_SESSION['user']['contact_uuid'];
-							$contact_attachment = $this->database->select($sql, $parameters, 'row');
-							if (!empty($contact_attachment) && is_array($contact_attachment)) {
-								$contact_attachment_extension = pathinfo($contact_attachment['attachment_filename'], PATHINFO_EXTENSION);
-								if (in_array($contact_attachment_extension,['jpg','jpeg','png'])) {
-									$_SESSION['user']['image']['filename'] = $contact_attachment['attachment_filename'];
-									$_SESSION['user']['image']['base64'] = $contact_attachment['attachment_content'];
-									$_SESSION['user']['image']['mime'] = mime_content_type($contact_attachment['attachment_filename']);
-								}
-							}
-							unset($sql, $parameters);
-						}
-						if (!empty($_SESSION['user']['image'])) {
-							$user_graphic_size = str_replace(['px','%'], '', ($_SESSION['theme']['body_header_user_image_size']['numeric'] ?? 18));
-							$user_graphic = "<span style=\"display: inline-block; vertical-align: middle; width: ".$user_graphic_size."px; height: ".$user_graphic_size."px; border-radius: 50%; margin-right: 7px; margin-top: ".($user_graphic_size > 18 ? '-'.(ceil(($user_graphic_size - 18) / 2) - 4) : '-4')."px; background-image: url('data:".$_SESSION['user']['image']['mime'].";base64,".$_SESSION['user']['image']['base64']."'); background-repeat: no-repeat; background-size: cover; background-position: center;\"></span>";
-						}
-					}
-					else {
-						$user_graphic_size = 18;
+					//overwrite user graphic with image from session, if exists
+					if ($_SESSION['theme']['body_header_user_image']['boolean'] == true && !empty($_SESSION['user']['contact_image']) && is_uuid($_SESSION['user']['contact_image'])) {
+						$user_graphic_size = str_replace(['px','%'], '', ($_SESSION['theme']['body_header_user_image_size']['numeric'] ?? 18));
+						// $user_graphic = "<span style=\"display: inline-block; vertical-align: middle; width: ".$user_graphic_size."px; height: ".$user_graphic_size."px; border-radius: 50%; margin-right: 7px; margin-top: ".($user_graphic_size > 18 ? '-'.(ceil(($user_graphic_size - 18) / 2) - 4) : '-4')."px; background-image: url('data:".$_SESSION['user']['contact_image']['mime'].";base64,".$_SESSION['user']['contact_image']['content']."'); background-repeat: no-repeat; background-size: cover; background-position: center;\"></span>";
+						$user_graphic = "<span style=\"display: inline-block; vertical-align: middle; width: ".$user_graphic_size."px; height: ".$user_graphic_size."px; border-radius: 50%; margin-right: 7px; margin-top: ".($user_graphic_size > 18 ? '-'.(ceil(($user_graphic_size - 18) / 2) - 4) : '-4')."px; background-image: url('".PROJECT_PATH."/app/contacts/contact_attachment.php?id=".$_SESSION['user']['contact_image']."&action=download&sid=".session_id()."'); background-repeat: no-repeat; background-size: cover; background-position: center;\"></span>";
 					}
 					$html .= "<span style='display: inline-block; padding-right: 20px; font-size: 90%;'>\n";
-					$html .= "	<a href='".PROJECT_PATH."/core/users/user_edit.php?id=user' title=\"".$this->text['theme-label-user']."\">".($user_graphic ?? null).$_SESSION['username']."</a>";
+					$html .= "	<a href='show:usermenu' title=\"".$_SESSION['username']."\" onclick=\"event.preventDefault(); $('#body_header_user_menu').toggleFadeSlide();\">".($user_graphic ?? null)."<span class='d-none d-sm-inline'>".escape($_SESSION['username'])."</span></a>";
 					$html .= "</span>\n";
 				//domain name/selector (sm+)
 					if (!empty($_SESSION['username']) && permission_exists('domain_select') && count($_SESSION['domains']) > 1 && $_SESSION['theme']['domain_visible']['text'] == 'true') {
 						$html .= "<span style='display: inline-block; padding-right: 10px; font-size: 90%;'>\n";
-						$html .= "	<a href='#' id='header_domain_selector_domain' title='".$this->text['theme-label-open_selector']."'><i class='".(!empty($_SESSION['theme']['body_header_icon_domain']['text']) ? $_SESSION['theme']['body_header_icon_domain']['text'] : 'fa-solid fa-earth-americas')." fa-fw' style='vertical-align: middle; font-size: ".($user_graphic_size - 1)."px; margin-top: ".($user_graphic_size > 18 ? '-'.(ceil(($user_graphic_size - 18) / 2) - 4) : '-3')."px; margin-right: 3px; line-height: 40%;'></i>".escape($_SESSION['domain_name'])."</a>";
+						$html .= "	<a href='show:domainselector' id='header_domain_selector_domain' title='".$this->text['theme-label-open_selector']."'><i class='".(!empty($_SESSION['theme']['body_header_icon_domain']['text']) ? $_SESSION['theme']['body_header_icon_domain']['text'] : 'fa-solid fa-earth-americas')." fa-fw' style='vertical-align: middle; font-size: ".($user_graphic_size - 1)."px; margin-top: ".($user_graphic_size > 18 ? '-'.(ceil(($user_graphic_size - 18) / 2) - 4) : '-3')."px; margin-right: 3px; line-height: 40%;'></i><span class='d-none d-sm-inline'>".escape($_SESSION['domain_name'])."</span></a>";
 						$html .= "</span>\n";
 					}
 				//logout icon
diff --git a/themes/default/css.php b/themes/default/css.php
index 45796acd8b..d711c5476f 100644
--- a/themes/default/css.php
+++ b/themes/default/css.php
@@ -1065,6 +1065,37 @@ else { //default: white
 			color: <?=$body_header_text_link_color_hover?>;
 			text-decoration: none;
 			}
+
+		div#body_header_user_menu {
+			z-index: 6;
+			display: none;
+			position: absolute;
+			top: 50px;
+			/* right: specified in /resources/classes/menu.php */
+			padding: 15px;
+			background-color: <?=$body_header_background_color?>;
+			border: 1px solid <?=color_adjust($body_header_shadow_color, 0.05)?>;
+			<?php $br = format_border_radius($dashboard_border_radius, '5px'); ?>
+			-webkit-border-radius: <?php echo $br['tl']['n'].$br['tl']['u']; ?> <?php echo $br['tr']['n'].$br['tr']['u']; ?> <?php echo $br['br']['n'].$br['br']['u']; ?> <?php echo $br['bl']['n'].$br['bl']['u']; ?>;
+			-moz-border-radius: <?php echo $br['tl']['n'].$br['tl']['u']; ?> <?php echo $br['tr']['n'].$br['tr']['u']; ?> <?php echo $br['br']['n'].$br['br']['u']; ?> <?php echo $br['bl']['n'].$br['bl']['u']; ?>;
+			border-radius: <?php echo $br['tl']['n'].$br['tl']['u']; ?> <?php echo $br['tr']['n'].$br['tr']['u']; ?> <?php echo $br['br']['n'].$br['br']['u']; ?> <?php echo $br['bl']['n'].$br['bl']['u']; ?>;
+			<?php unset($br); ?>
+			-webkit-box-shadow: 0 2px <?=$body_header_shadow_size ?? '7px'?> <?=$body_header_shadow_color?>;
+			-moz-box-shadow: 0 2px <?=$body_header_shadow_size ?? '7px'?> <?=$body_header_shadow_color?>;
+			box-shadow: 0 2px <?=$body_header_shadow_size ?? '7px'?> <?=$body_header_shadow_color?>;
+			}
+
+		@media (max-width: 575.98px) {
+			div#body_header_user_menu {
+				width: calc(100% - 20px);
+				/* right: specified in /resources/classes/menu.php */
+				}
+			}
+
+		div#body_header_user_menu a {
+			font-size: 90%;
+			text-decoration: none;
+			}
 	<?php } else { ?>
 		div#body_header {
 			padding: 10px;
@@ -1452,7 +1483,7 @@ else { //default: white
 
 	#domains_container {
 		z-index: 99990;
-		position: absolute;
+		position: fixed;
 		right: 0;
 		top: 0;
 		bottom: 0;
@@ -3455,6 +3486,7 @@ else { //default: white
 	.pct-95 { width: 95%; }
 	.pct-100 { width: 100%; }
 
+
 /* SIDE PADDING & MARGIN HELPERS **********************************************************************/
 
 	.pl-1 { padding-left: 1px !important; }		.pr-1 { padding-right: 1px !important; }
diff --git a/themes/default/template.php b/themes/default/template.php
index f2b5b4929a..6f71dab807 100644
--- a/themes/default/template.php
+++ b/themes/default/template.php
@@ -244,8 +244,7 @@
 		//domain selector controls
 			{if $domain_selector_enabled}
 				{literal}
-				$('.domain_selector_domain').on('click', function() { show_domains(); });
-				$('#header_domain_selector_domain').on('click', function() { show_domains(); });
+				$('#header_domain_selector_domain').on('click', function() { event.preventDefault(); show_domains(); });
 				$('#domains_hide').on('click', function() { hide_domains(); });
 
 				function show_domains() {
@@ -258,7 +257,6 @@
 						$('.navbar').css('margin-right',scrollbar_width); //adjust navbar margin to compensate
 						$('#domains_container').css('right',-scrollbar_width); //domain container right position to compensate
 					}
-					$(document).scrollTop(0);
 					$('#domains_container').show();
 					$('#domains_block').animate({marginRight: '+=300'}, 400, function() {
 						$('#domains_search').trigger('focus');
@@ -685,6 +683,19 @@
 						{literal}
 					}
 				});
+
+				//hide an open user menu in the body header on scroll
+				$(window).on('scroll', function() {
+					$('#body_header_user_menu').fadeOut(200);
+				});
+
+				//create function to mimic toggling fade and slide at the same time
+				(function($){
+					$.fn.toggleFadeSlide = function(speed = 200, easing, callback){
+						return this.animate({opacity: 'toggle', height: 'toggle'}, speed, easing, callback);
+					};
+				})(jQuery);
+
 				{/literal}
 			{/if}