1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
<?php
global $SessionManagerAllowDisallowed;
if (isset($_COOKIE['BITS_SESSION_TOKEN'])) {
if (str_contains($_COOKIE['BITS_SESSION_TOKEN'], ".") || str_contains($_COOKIE['BITS_SESSION_TOKEN'], "/")) {
header("Content-Type: application/json"); die("{\n \"status\": 1\n}");
}
if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['BITS_SESSION_TOKEN'])))) {
$_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/SessionTokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['BITS_SESSION_TOKEN']))), true);
if (!in_array($_PROFILE["id"], json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/AllowedUsers.json"), true)) && !$SessionManagerAllowDisallowed) {
header("Content-Type: application/json"); die("{\n \"status\": 1\n}");
} else {
$users = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Data/Users.json"), true);
$users[$_PROFILE["id"]] = $_PROFILE["name"];
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/Private/Data/Users.json", json_encode($users));
}
} else {
header("Content-Type: application/json"); die("{\n \"status\": 1\n}");
}
} else {
header("Content-Type: application/json"); die("{\n \"status\": 1\n}");
}
|
