Updated 15 files (automated)

1 files changed, 5 insertions, 2 deletions

diff --git a/pages/api/disconnect.php b/pages/api/disconnect.php
index 13363e6..c4cf0bd 100644
--- a/pages/api/disconnect.php
+++ b/pages/api/disconnect.php
@@ -7,10 +7,13 @@ if (!$isLoggedIn && !$isLowerLoggedIn) {
     die();
 }
 
-$list = array_filter([...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens"), ...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens")], function ($token) use ($_PROFILE) {
+$list = array_filter([...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens"), ...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens")], function ($token) {
+    global $_PROFILE;
+    if ($token === "." || $token === "..") return false;
+
     $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true);
 
-    return $token !== "." && $token !== ".." && isset($session["last"]) && isset($session["profile"]) && $session["profile"]["id"] === $_PROFILE["id"];
+    return isset($session["last"]) && isset($session["profile"]) && ($session["profile"]["id"] ?? "") === ($_PROFILE["id"] ?? "");
 });
 
 foreach ($list as $token) {