diff options
| author | RaindropsSys <contact@minteck.org> | 2023-05-13 19:25:44 +0200 |
|---|---|---|
| committer | RaindropsSys <contact@minteck.org> | 2023-05-13 19:25:44 +0200 |
| commit | 21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1 (patch) | |
| tree | 8bdad11e806ad4ac6c68902eaf72913a4554e484 /pages/api/disconnect.php | |
| parent | f80190dddaa72d9f8863b0b922e557668b6cba27 (diff) | |
| download | pluralconnect-21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1.tar.gz pluralconnect-21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1.tar.bz2 pluralconnect-21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1.zip | |
Updated 14 files and added 6 files (automated)
Diffstat (limited to 'pages/api/disconnect.php')
| -rw-r--r-- | pages/api/disconnect.php | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/pages/api/disconnect.php b/pages/api/disconnect.php new file mode 100644 index 0000000..13363e6 --- /dev/null +++ b/pages/api/disconnect.php @@ -0,0 +1,26 @@ +<?php + +require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc"; +require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; global $_PROFILE; +if (!$isLoggedIn && !$isLowerLoggedIn) { + header("Location: /-/login"); + die(); +} + +$list = array_filter([...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens"), ...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens")], function ($token) use ($_PROFILE) { + $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true); + + return $token !== "." && $token !== ".." && isset($session["last"]) && isset($session["profile"]) && $session["profile"]["id"] === $_PROFILE["id"]; +}); + +foreach ($list as $token) { + $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true); + + if (isset($_GET["id"]) && sha1($token) . md5($token) === $_GET["id"]) { + if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token)) { + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token); + } else { + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token); + } + } +}
\ No newline at end of file |