diff options
| author | RaindropsSys <contact@minteck.org> | 2023-05-13 19:25:44 +0200 |
|---|---|---|
| committer | RaindropsSys <contact@minteck.org> | 2023-05-13 19:25:44 +0200 |
| commit | 21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1 (patch) | |
| tree | 8bdad11e806ad4ac6c68902eaf72913a4554e484 /includes/util/session.inc | |
| parent | f80190dddaa72d9f8863b0b922e557668b6cba27 (diff) | |
| download | pluralconnect-21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1.tar.gz pluralconnect-21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1.tar.bz2 pluralconnect-21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1.zip | |
Updated 14 files and added 6 files (automated)
Diffstat (limited to 'includes/util/session.inc')
| -rw-r--r-- | includes/util/session.inc | 42 |
1 files changed, 37 insertions, 5 deletions
diff --git a/includes/util/session.inc b/includes/util/session.inc index 0a5999f..81192b9 100644 --- a/includes/util/session.inc +++ b/includes/util/session.inc @@ -16,9 +16,25 @@ if (!function_exists("formatPonypush")) { } if (isset($_COOKIE['PEH2_SESSION_TOKEN'])) { - if (!(str_contains($_COOKIE['PEH2_SESSION_TOKEN'], ".") || str_contains($_COOKIE['PEH2_SESSION_TOKEN'], "/") || trim($_COOKIE["PEH2_SESSION_TOKEN"]) === "")) { - if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN'])))) { - $_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN']))), true); + if (!(str_contains($_COOKIE['PEH2_SESSION_TOKEN'], "/") || trim($_COOKIE["PEH2_SESSION_TOKEN"]) === "" || trim($_COOKIE["PEH2_SESSION_TOKEN"]) === "." || trim($_COOKIE["PEH2_SESSION_TOKEN"]) === "..")) { + if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN']))) { + $data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN'])), true); + + if (isset($data["profile"])) { + $_PROFILE = $data["profile"]; + $data["last"] = time(); + $data["addresses"][$_SERVER["HTTP_X_FORWARDED_FOR"] ?? $_SERVER["REMOTE_ADDR"]] = time(); + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN']), json_encode($data)); + + if (time() - $data["last"] > 86400 * 30) { + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN'])); + unset($_PROFILE); + $isLoggedIn = false; + $isLowerLoggedIn = false; + } + } else { + $_PROFILE = $data; + } if (isset($_GET['invert'])) { $_PROFILE["login"] = $_PROFILE["login"] === "raindrops" ? "cloudburst" : "raindrops"; @@ -26,8 +42,24 @@ if (isset($_COOKIE['PEH2_SESSION_TOKEN'])) { } $isLoggedIn = true; - } elseif (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN'])))) { - $_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN']))), true); + } elseif (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN']))) { + $data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN'])), true); + + if (isset($data["profile"])) { + $_PROFILE = $data["profile"]; + $data["last"] = time(); + $data["addresses"][$_SERVER["HTTP_X_FORWARDED_FOR"] ?? $_SERVER["REMOTE_ADDR"]] = time(); + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN']), json_encode($data)); + + if (time() - $data["last"] > 86400 * 30) { + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN'])); + unset($_PROFILE); + $isLoggedIn = false; + $isLowerLoggedIn = false; + } + } else { + $_PROFILE = $data; + } $isLowerLoggedIn = true; } |