blob: 4c1a7c13c5233aa8b2d86d423782b8de85de1b18 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
<?php
$_AUTH = true;
if (isset($_COOKIE['MMSP_SESSION_TOKEN'])) {
if (str_contains($_COOKIE['MMSP_SESSION_TOKEN'], ".") || str_contains($_COOKIE['MMSP_SESSION_TOKEN'], "/")) {
$_AUTH = false;
$_PROFILE['mmsp_username'] = "system";
}
if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['MMSP_SESSION_TOKEN'])))) {
$_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['MMSP_SESSION_TOKEN']))), true);
$users = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/users.json"), true);
if (in_array($_PROFILE['id'], array_keys($users)) && file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/" . $users[$_PROFILE['id']])) {
$_PROFILE['mmsp_username'] = $users[$_PROFILE['id']];
$_USER = $_PROFILE['login'];
$_SUID = $_PROFILE['login'];
$_FULLNAME = $_PROFILE['name'];
} else {
$_AUTH = false;
$_PROFILE['mmsp_username'] = "system";
}
} else {
$_AUTH = false;
$_PROFILE['mmsp_username'] = "system";
}
} else {
$_AUTH = false;
$_PROFILE['mmsp_username'] = "system";
}
|
