Updated 6 files (automated)

author: RaindropsSys <contact@minteck.org> 2023-07-07 22:09:19 +0200
committer: RaindropsSys <contact@minteck.org> 2023-07-07 22:09:19 +0200
commit: a5c8dce987df2f59f4605c8a34033b120b449db5 (patch)
tree: b1e3e839ba15423bfbd047bc6f323575b1de5831 /pages
parent: 7da33614f1a8708bebcb4f04ee99224c5d6db1d3 (diff)
download: pluralconnect-a5c8dce987df2f59f4605c8a34033b120b449db5.tar.gz
pluralconnect-a5c8dce987df2f59f4605c8a34033b120b449db5.tar.bz2
pluralconnect-a5c8dce987df2f59f4605c8a34033b120b449db5.zip
4 files changed, 10 insertions, 10 deletions
diff --git a/pages/api/rename.php b/pages/api/rename.php
index 3aab034..4e01b06 100644
--- a/pages/api/rename.php
+++ b/pages/api/rename.php
@@ -15,7 +15,7 @@ $obj = [
 ];
 
 global $token;
-$data = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token))), true);
+$data = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token))), true);
 
 $data["name"] = $_POST["name"] ?? $_GET["name"] ?? $data["name"];
 $obj["pre_name"] = $data["name"];
@@ -33,5 +33,5 @@ if (json_last_error() === JSON_ERROR_NONE) {
 
 $obj["new_name"] = $data["name"];
 
-file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token), pf_utf8_encode(json_encode($data)));
+file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token), pf_utf8_encode(json_encode($data)));
 die(json_encode($obj));
 \ No newline at end of file
diff --git a/pages/api/session.php b/pages/api/session.php
index d410c10..25d833d 100644
--- a/pages/api/session.php
+++ b/pages/api/session.php
@@ -7,9 +7,9 @@ header("Content-Type: application/json");
 global $token;
 
 if (isset($_GET["raw"])) {
-    die(json_encode(json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)), true), JSON_PRETTY_PRINT));
+    die(json_encode(json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)), true), JSON_PRETTY_PRINT));
 } else {
-    if (!$isLoggedIn || $isLowerLoggedIn) {
+    if  (!$isLoggedIn || $isLowerLoggedIn) {
         die(json_encode([
             "name" => null,
             "created" => null,
@@ -18,7 +18,7 @@ if (isset($_GET["raw"])) {
         ], JSON_PRETTY_PRINT));
     }
 
-    $data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)), true);
+    $data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)), true);
 
     die(json_encode([
         "name" => $data["name"],
diff --git a/pages/home.inc b/pages/home.inc
index 6e2c073..8ea2879 100644
--- a/pages/home.inc
+++ b/pages/home.inc
@@ -184,7 +184,7 @@ function members() { global $isLoggedIn; global $isLowerLoggedIn; global $app; ?
 
     <?php if (isset($_COOKIE["PEH2_SESSION_TOKEN"]) && $_COOKIE["PEH2_SESSION_TOKEN"] !== "" && !$isLoggedIn && !$isLowerLoggedIn): ?>
         <div class="alert alert-warning" style="margin-top:20px;">
-            <b>You were previously logged in to Cold Haze, </b>however you have been logged out due to inactivity, due to your device being removed, or due to switching to a new authentication system. Please log in again. <a href="https://bugs.equestria.dev/issue/CH-56/Better-session-security" target="_blank">Learn more.</a>
+            <b>You were previously logged in to Cold Haze, </b>however you have been logged out due to inactivity, due to your device being removed, or due to switching to a new authentication system (such as the v3). Please log in again. <a href="https://bugs.equestria.dev/issue/CH-56/Better-session-security" target="_blank">Learn more.</a>
         </div>
     <?php endif; ?>
 
diff --git a/pages/sessions.inc b/pages/sessions.inc
index e24a78f..f324494 100644
--- a/pages/sessions.inc
+++ b/pages/sessions.inc
@@ -37,13 +37,13 @@ $verifiedNames = [
         $list = array_filter([...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens"), ...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens")], function ($token) {
             if ($token === "." || $token === "..") return false;
 
-            $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true);
+            $session = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $token), true);
 
             return isset($session["last"]) && isset($session["profile"]);
         });
         usort($list, function ($token1, $token2) {
-            $session1 = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token1) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token1), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token1), true);
-            $session2 = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token2) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token2), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token2), true);
+            $session1 = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $token1), true);
+            $session2 = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $token2), true);
 
             if (isset($session1["last"]) && isset($session2["last"])) {
                 return $session2["last"] - $session1["last"];
@@ -54,7 +54,7 @@ $verifiedNames = [
 
         $addressFetchIndex = 0;
 
-        foreach ($list as $token): $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true); if (isset($session["profile"]) && isset($session["name"]) && ($session["profile"]["id"] ?? "") === ($_PROFILE["id"] ?? "")): uasort($session["addresses"], function ($a, $b) {
+        foreach ($list as $token): $session = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $token), true); if (isset($session["profile"]) && isset($session["name"]) && ($session["profile"]["id"] ?? "") === ($_PROFILE["id"] ?? "")): uasort($session["addresses"], function ($a, $b) {
             return $b - $a;
         }); ?>
         <a class="list-group-item list-group-item-action" onclick="logOut(&quot;<?= sha1($token) . md5($token) ?>&quot;);">
author	RaindropsSys <contact@minteck.org>	2023-07-07 22:09:19 +0200
committer	RaindropsSys <contact@minteck.org>	2023-07-07 22:09:19 +0200
commit	a5c8dce987df2f59f4605c8a34033b120b449db5 (patch)
tree	b1e3e839ba15423bfbd047bc6f323575b1de5831 /pages
parent	7da33614f1a8708bebcb4f04ee99224c5d6db1d3 (diff)
download	pluralconnect-a5c8dce987df2f59f4605c8a34033b120b449db5.tar.gz pluralconnect-a5c8dce987df2f59f4605c8a34033b120b449db5.tar.bz2 pluralconnect-a5c8dce987df2f59f4605c8a34033b120b449db5.zip