Updated 30 files and deleted 2976 files (automated)

1 files changed, 10 insertions, 2 deletions

diff --git a/pages/api/disconnect.php b/pages/api/disconnect.php
index c4cf0bd..ffd3f40 100644
--- a/pages/api/disconnect.php
+++ b/pages/api/disconnect.php
@@ -13,13 +13,21 @@ $list = array_filter([...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens")
 
     $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true);
 
-    return isset($session["last"]) && isset($session["profile"]) && ($session["profile"]["id"] ?? "") === ($_PROFILE["id"] ?? "");
+    return isset($session["id"]) && $session["id"] === ($_PROFILE["id"] ?? "");
 });
 
+var_dump($list);
+
 foreach ($list as $token) {
     $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true);
 
-    if (isset($_GET["id"]) && sha1($token) . md5($token) === $_GET["id"]) {
+    var_dump(bin2hex(substr($token, 0, 50)), trim($_GET["id"]));
+
+    if (bin2hex(substr($token, 0, 50)) === trim($_GET["id"])) {
+        if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $token)) {
+            unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $token);
+        }
+
         if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token)) {
             unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token);
         } else {