diff options
| author | RaindropsSys <contact@minteck.org> | 2023-07-04 09:01:50 +0200 |
|---|---|---|
| committer | RaindropsSys <contact@minteck.org> | 2023-07-04 09:01:50 +0200 |
| commit | f4d52a3f0c35968b2007c808da6fd409d50fe8aa (patch) | |
| tree | 72901c7cea443f4769f9b01cfda79c5fbf03d493 /includes/util/session.inc | |
| parent | 7ceb1d721e1e084be80d3ce7342bc05e2ebcbd1e (diff) | |
| download | pluralconnect-f4d52a3f0c35968b2007c808da6fd409d50fe8aa.tar.gz pluralconnect-f4d52a3f0c35968b2007c808da6fd409d50fe8aa.tar.bz2 pluralconnect-f4d52a3f0c35968b2007c808da6fd409d50fe8aa.zip | |
Updated 5 files (automated)
Diffstat (limited to 'includes/util/session.inc')
| -rw-r--r-- | includes/util/session.inc | 29 |
1 files changed, 25 insertions, 4 deletions
diff --git a/includes/util/session.inc b/includes/util/session.inc index 6cee8be..e3af58b 100644 --- a/includes/util/session.inc +++ b/includes/util/session.inc @@ -36,7 +36,7 @@ $token = $authorization ?? $post ?? $_POST["_session"] ?? $_GET["_session"] ?? $ if (isset($token)) { if (!(str_contains($token, "/") || trim($token) === "" || trim($token) === "." || trim($token) === "..")) { if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token))) { - $data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)), true); + $data = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token))), true); if (isset($data["profile"])) { $_PROFILE = $data["profile"]; @@ -51,7 +51,17 @@ if (isset($token)) { $data["last"] = time(); if (!isset($data["addresses"])) $data["addresses"] = []; $data["addresses"][$_SERVER["HTTP_X_FORWARDED_FOR"] ?? $_SERVER["REMOTE_ADDR"]] = time(); - file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token), json_encode($data)); + + copy($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token), $_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token) . ".old"); + + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token), pf_utf8_encode(json_encode($data))); + + if (trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)) === "")) { + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)); + copy($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token) . ".old", $_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)); + } + + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token) . ".old"); } else { $_PROFILE = $data; } @@ -63,7 +73,7 @@ if (isset($token)) { $isLoggedIn = true; } elseif (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token))) { - $data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token)), true); + $data = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token))), true); if (isset($data["profile"])) { $_PROFILE = $data["profile"]; @@ -76,8 +86,19 @@ if (isset($token)) { } $data["last"] = time(); + if (!isset($data["addresses"])) $data["addresses"] = []; $data["addresses"][$_SERVER["HTTP_X_FORWARDED_FOR"] ?? $_SERVER["REMOTE_ADDR"]] = time(); - file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token), json_encode($data)); + + copy($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token), $_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token) . ".old"); + + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token), pf_utf8_encode(json_encode($data))); + + if (trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token)) === "")) { + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token)); + copy($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token) . ".old", $_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token)); + } + + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token) . ".old"); } else { $_PROFILE = $data; } |