Add cookie validation on base.php and include web/index.php if ok
parent
f65402204e
commit
a2f03869d1
|
|
@ -5,6 +5,10 @@ if (str_starts_with($_SERVER['REQUEST_URI'], '/@')) {
|
|||
require 'user/index.php'; die;
|
||||
}
|
||||
|
||||
if ($valid_cookie) {
|
||||
require 'web/index.php'; die;
|
||||
}
|
||||
|
||||
$p = [
|
||||
'title' => 'RealFan - Your Way'
|
||||
];
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
<?php
|
||||
|
||||
echo 'web';
|
||||
|
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
|
||||
# check session cookie
|
||||
$cookie = null;
|
||||
$valid_cookie = false;
|
||||
if (isset($_COOKIE['rf_sess'])) {
|
||||
$cookie = trim($_COOKIE['rf_sess']);
|
||||
if (preg_match('/^[a-z0-9]+$/', $cookie)) {
|
||||
require_once '/src/classes/database.php';
|
||||
$sm = $db->prepare('SELECT id FROM oauth_tokens WHERE cookie = ?');
|
||||
$sm->execute([$cookie]);
|
||||
if (($oauth = $sm->fetch()) !== false) {
|
||||
if (isset($oauth['id']))
|
||||
$valid_cookie = true;
|
||||
}
|
||||
}
|
||||
if (!$valid_cookie)
|
||||
setcookie('rf_sess', null);
|
||||
}
|
||||
|
|
@ -44,3 +44,4 @@ function conf($key, $default='') {
|
|||
}
|
||||
|
||||
require_once '/src/base.methods.php';
|
||||
require_once '/src/base.auth.php';
|
||||
|
|
|
|||
Loading…
Reference in New Issue