nobigtech
/
realfan
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add cookie validation on base.php and include web/index.php if ok

This commit is contained in:
Bofh 2021-11-27 02:03:34 +01:00
parent f65402204e
commit a2f03869d1
4 changed files with 27 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
public/index.php
View File

@ -5,6 +5,10 @@ if (str_starts_with($_SERVER['REQUEST_URI'], '/@')) {
require 'user/index.php'; die; require 'user/index.php'; die;
} }
if ($valid_cookie) {
require 'web/index.php'; die;
}
$p = [ $p = [
'title' => 'RealFan - Your Way' 'title' => 'RealFan - Your Way'
]; ];

3
public/web/index.php Normal file
View File

@ -0,0 +1,3 @@
<?php
echo 'web';

19
src/base.auth.php Normal file
View File

@ -0,0 +1,19 @@
<?php
# check session cookie
$cookie = null;
$valid_cookie = false;
if (isset($_COOKIE['rf_sess'])) {
$cookie = trim($_COOKIE['rf_sess']);
if (preg_match('/^[a-z0-9]+$/', $cookie)) {
require_once '/src/classes/database.php';
$sm = $db->prepare('SELECT id FROM oauth_tokens WHERE cookie = ?');
$sm->execute([$cookie]);
if (($oauth = $sm->fetch()) !== false) {
if (isset($oauth['id']))
$valid_cookie = true;
}
}
if (!$valid_cookie)
setcookie('rf_sess', null);
}

1
src/base.php
View File

@ -44,3 +44,4 @@ function conf($key, $default='') {
} }
require_once '/src/base.methods.php'; require_once '/src/base.methods.php';
require_once '/src/base.auth.php';