diff options
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/util/session.inc | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/includes/util/session.inc b/includes/util/session.inc index e3af58b..6449ee9 100644 --- a/includes/util/session.inc +++ b/includes/util/session.inc @@ -36,13 +36,13 @@ $token = $authorization ?? $post ?? $_POST["_session"] ?? $_GET["_session"] ?? $ if (isset($token)) { if (!(str_contains($token, "/") || trim($token) === "" || trim($token) === "." || trim($token) === "..")) { if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token))) { - $data = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token))), true); + $data = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token))), true); if (isset($data["profile"])) { - $_PROFILE = $data["profile"]; + $_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)), true); if (time() - $data["last"] > 86400 * 30) { - unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)); + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)); unset($_PROFILE); $isLoggedIn = false; $isLowerLoggedIn = false; @@ -52,18 +52,18 @@ if (isset($token)) { if (!isset($data["addresses"])) $data["addresses"] = []; $data["addresses"][$_SERVER["HTTP_X_FORWARDED_FOR"] ?? $_SERVER["REMOTE_ADDR"]] = time(); - copy($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token), $_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token) . ".old"); + copy($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token), $_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token) . ".old"); - file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token), pf_utf8_encode(json_encode($data))); + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token), pf_utf8_encode(json_encode($data))); - if (trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)) === "")) { - unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)); - copy($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token) . ".old", $_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)); + if (trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)) === "")) { + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)); + copy($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token) . ".old", $_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)); } - unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token) . ".old"); + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token) . ".old"); } else { - $_PROFILE = $data; + $_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)), true); } if (isset($_GET['invert'])) { @@ -73,13 +73,13 @@ if (isset($token)) { $isLoggedIn = true; } elseif (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token))) { - $data = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token))), true); + $data = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token))), true); if (isset($data["profile"])) { - $_PROFILE = $data["profile"]; + $_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token)), true); if (time() - $data["last"] > 86400 * 30) { - unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)); + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)); unset($_PROFILE); $isLoggedIn = false; $isLowerLoggedIn = false; @@ -89,18 +89,18 @@ if (isset($token)) { if (!isset($data["addresses"])) $data["addresses"] = []; $data["addresses"][$_SERVER["HTTP_X_FORWARDED_FOR"] ?? $_SERVER["REMOTE_ADDR"]] = time(); - copy($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token), $_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token) . ".old"); + copy($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token), $_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token) . ".old"); - file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token), pf_utf8_encode(json_encode($data))); + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token), pf_utf8_encode(json_encode($data))); - if (trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token)) === "")) { - unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token)); - copy($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token) . ".old", $_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token)); + if (trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)) === "")) { + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)); + copy($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token) . ".old", $_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)); } - unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token) . ".old"); + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token) . ".old"); } else { - $_PROFILE = $data; + $_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token)), true); } $isLowerLoggedIn = true; |