From 6b796258d413f00e498ce7f80f73a9f6c061f29c Mon Sep 17 00:00:00 2001
From: RaindropsSys <raindrops@equestria.dev>
Date: Sat, 30 Mar 2024 23:40:33 +0100
Subject: Updated 5 files, added 2 files, deleted 495 files and renamed 7 files
 (automated)

---
 includes/util/session.inc | 109 ----------------------------------------------
 1 file changed, 109 deletions(-)
 delete mode 100644 includes/util/session.inc

(limited to 'includes/util/session.inc')

diff --git a/includes/util/session.inc b/includes/util/session.inc
deleted file mode 100644
index 867b306..0000000
--- a/includes/util/session.inc
+++ /dev/null
@@ -1,109 +0,0 @@
-<?php
-
-require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc";
-
-global $isLoggedIn;
-global $isLowerLoggedIn;
-global $_PROFILE;
-
-$isLoggedIn = false;
-$isLowerLoggedIn = false;
-
-if (!function_exists("formatPonypush")) {
-    function formatPonypush($message) {
-        return "Update to Ponypush 3.1.0 or later — (\$PA1$\$" . base64_encode($message) . "\$\$)";
-    }
-}
-
-$authorization = null;
-$post = null;
-
-if ($_SERVER['REQUEST_METHOD'] === "POST") {
-    $request_raw = file_get_contents('php://input');
-    $json_object = $data = json_decode($request_raw, true);
-
-    if (json_last_error() === JSON_ERROR_NONE) {
-        $post = $data["_session"] ?? null;
-    }
-}
-
-if (isset($_SERVER['HTTP_AUTHORIZATION']) && str_starts_with(trim($_SERVER['HTTP_AUTHORIZATION']), "Bearer ")) {
-    $authorization = trim(substr($_SERVER['HTTP_AUTHORIZATION'], 7));
-}
-
-$token = $authorization ?? $post ?? $_POST["_session"] ?? $_GET["_session"] ?? $_COOKIE['PEH2_SESSION_TOKEN'] ?? null;
-
-if (isset($token)) {
-    if (!(str_contains($token, "/") || trim($token) === "" || trim($token) === "." || trim($token) === "..")) {
-        if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token))) {
-            $data = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token))), true);
-
-            if (isset($data["profile"])) {
-                $_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)), true);
-
-                if (time() - $data["last"] > 86400 * 30) {
-                    unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token));
-                    unset($_PROFILE);
-                    $isLoggedIn = false;
-                    $isLowerLoggedIn = false;
-                }
-
-                $data["last"] = time();
-                if (!isset($data["addresses"])) $data["addresses"] = [];
-                $data["addresses"][$_SERVER["HTTP_X_FORWARDED_FOR"] ?? $_SERVER["REMOTE_ADDR"]] = time();
-
-                copy($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token), $_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token) . ".old");
-
-                file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token), pf_utf8_encode(json_encode($data)));
-
-                if (trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)) === "")) {
-                    unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token));
-                    copy($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token) . ".old", $_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token));
-                }
-
-                unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token) . ".old");
-            } else {
-                $_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $token)), true);
-            }
-
-            $isLoggedIn = true;
-        } elseif (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token))) {
-            $data = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token))), true);
-
-            if (isset($data["profile"])) {
-                $_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token)), true);
-
-                if (time() - $data["last"] > 86400 * 30) {
-                    unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token));
-                    unset($_PROFILE);
-                    $isLoggedIn = false;
-                    $isLowerLoggedIn = false;
-                }
-
-                $data["last"] = time();
-                if (!isset($data["addresses"])) $data["addresses"] = [];
-                $data["addresses"][$_SERVER["HTTP_X_FORWARDED_FOR"] ?? $_SERVER["REMOTE_ADDR"]] = time();
-
-                copy($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token), $_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token) . ".old");
-
-                file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token), pf_utf8_encode(json_encode($data)));
-
-                if (trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)) === "")) {
-                    unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token));
-                    copy($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token) . ".old", $_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token));
-                }
-
-                unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token) . ".old");
-            } else {
-                $_PROFILE = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . str_replace("/", "", $token)), true);
-            }
-
-            $isLowerLoggedIn = true;
-        }
-    }
-} else if ($_SERVER["REMOTE_ADDR"] === "127.0.0.1") {
-    $isLowerLoggedIn = false;
-    $isLoggedIn = true;
-}
-
-unset($data);
\ No newline at end of file
-- 
cgit