1 files changed, 22 insertions, 0 deletions

diff --git a/includes/session.locked.initial.php b/includes/session.locked.initial.php
new file mode 100644
index 0000000..9832790
--- /dev/null
+++ b/includes/session.locked.initial.php
@@ -0,0 +1,22 @@
+<?php
+
+if (isset($_COOKIE['MMSP_SESSION_TOKEN'])) {
+    if (str_contains($_COOKIE['MMSP_SESSION_TOKEN'], ".") || str_contains($_COOKIE['MMSP_SESSION_TOKEN'], "/")) {
+        header("Location: /explore");
+        die();
+    }
+
+    if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['MMSP_SESSION_TOKEN'])))) {
+        $_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['MMSP_SESSION_TOKEN']))), true);
+
+        $_USER = $_PROFILE['login'];
+        $_SUID = $_PROFILE['login'];
+        $_FULLNAME = $_PROFILE['name'];
+    } else {
+        header("Location: /explore");
+        die();
+    }
+} else {
+    header("Location: /explore");
+    die();
+}
\ No newline at end of file