From c451cbe0b6de0707d891937d7f61596491e81565 Mon Sep 17 00:00:00 2001
From: Minteck <contact@minteck.org>
Date: Thu, 23 Dec 2021 19:41:28 +0100
Subject: Commit

---
 private/head.php    | 17 ++++++++++++-----
 private/session.php | 25 +++++++++++--------------
 2 files changed, 23 insertions(+), 19 deletions(-)

(limited to 'private')

diff --git a/private/head.php b/private/head.php
index e3ac096..ebaf361 100644
--- a/private/head.php
+++ b/private/head.php
@@ -1,6 +1,6 @@
 <?php
 
-if ($_SERVER['SERVER_NAME'] === "flsh.sytes.net") {
+if ($_SERVER['SERVER_NAME'] === "viewer.familine.minteck.org") {
     header("Location: /f");
     die();
 }
@@ -8,8 +8,15 @@ if ($_SERVER['SERVER_NAME'] === "flsh.sytes.net") {
 require_once $_SERVER['DOCUMENT_ROOT'] . "/private/session.php";
 require_once $_SERVER['DOCUMENT_ROOT'] . "/private/space.php";
 
+global $_FULLNAME;
+global $_SUID;
+
 $_CONF_URN = $_FULLNAME;
 $_CONF_UID = $_SUID;
+
+if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/private/profiles/" . $_CONF_UID . ".json")) {
+    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/private/profiles/" . $_CONF_UID . ".json", file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/profiles/_base.json"));
+}
 $_CONF_USP = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/private/profiles/" . $_CONF_UID . ".json"), true);
 
 if (count($_CONF_USP['strikes']) > 2): ?>
@@ -131,13 +138,13 @@ endif;
         <div class="collapse navbar-collapse" id="collapsibleNavbar">
             <ul class="navbar-nav">
                 <li class="nav-item">
-                    <a class="nav-link" href="/files">Mes fichiers</a>
+                    <a class="nav-link" href="/files/">Mes fichiers</a>
                 </li>
                 <li class="nav-item">
-                    <a class="nav-link" href="/usage">Mon quota</a>
+                    <a class="nav-link" href="/usage/">Mon quota</a>
                 </li>
                 <li class="nav-item">
-                    <a class="nav-link" href="/strikes">Mes avertissements <?php
+                    <a class="nav-link" href="/strikes/">Mes avertissements <?php
 
                         if (count($_CONF_USP['strikes']) > 0) {
                             if (count($_CONF_USP['strikes']) > 1) {
@@ -154,7 +161,7 @@ endif;
             <span class="navbar-text" style="margin-left: auto;">
                 <?= $_CONF_URN ?> (<?= $_CONF_UID ?>)
             </span>
-            <a class="btn btn-primary" href="/share" style="margin-left:5px;">Partager un fichier</a>
+            <a class="btn btn-primary" href="/share/" style="margin-left:5px;">Partager un fichier</a>
         </div>
 
     </nav>
diff --git a/private/session.php b/private/session.php
index 9f38ca4..d55d34d 100644
--- a/private/session.php
+++ b/private/session.php
@@ -3,28 +3,25 @@
 global $_CONFIG;
 $_CONFIG = json_decode(file_get_contents("/mnt/familine/private/FamilineConfig.json"), true);
 
-if ($_SERVER['REMOTE_ADDR'] !== "127.0.0.1" && $_SERVER['REMOTE_ADDR'] !== "::0") {
-    if (isset($_COOKIE['FL_SESSION_TOKEN'])) {
-        if (file_exists("/mnt/familine/private/tokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['FL_SESSION_TOKEN'])))) {
-            $_PROFILE = json_decode(file_get_contents("/mnt/familine/private/tokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['FL_SESSION_TOKEN']))), true);
+if (isset($_COOKIE['FL_SESSION_TOKEN'])) {
+    if (file_exists("/mnt/familine/private/tokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['FL_SESSION_TOKEN'])))) {
+        $_PROFILE = json_decode(file_get_contents("/mnt/familine/private/tokens/" . str_replace(".", "", str_replace("/", "", $_COOKIE['FL_SESSION_TOKEN']))), true);
 
-            if (isset($_PROFILE['familine'])) {
-                header("Location: https://" . $_CONFIG["Global"]["domain"] . "/welcome");
-                die();
-            }
-
-            $_USER = $_PROFILE['login'];
-            $_SUID = $_PROFILE['login'];
-            $_FULLNAME = $_PROFILE['name'];
-        } else {
+        if (isset($_PROFILE['familine'])) {
             header("Location: https://" . $_CONFIG["Global"]["domain"] . "/welcome");
             die();
         }
+
+        $_USER = $_PROFILE['login'];
+        $_SUID = $_PROFILE['login'];
+        $_FULLNAME = $_PROFILE['name'];
     } else {
         header("Location: https://" . $_CONFIG["Global"]["domain"] . "/welcome");
         die();
     }
-
+} else {
+    header("Location: https://" . $_CONFIG["Global"]["domain"] . "/welcome");
+    die();
 }
 
 if (isset($_PROFILE["projectRoles"]) && is_array($_PROFILE["projectRoles"]) && isset($_PROFILE["projectRoles"][0]) && is_array($_PROFILE["projectRoles"][0]) && isset($_PROFILE["projectRoles"][0]["role"]) && is_array($_PROFILE["projectRoles"][0]["role"]) && isset($_PROFILE["projectRoles"][0]["role"]["key"]) && is_string($_PROFILE["projectRoles"][0]["role"]["key"]) && $_PROFILE["projectRoles"][0]["role"]["key"] === "system-admin") {
-- 
cgit