lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-03 14:10:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix logincookie() error

Browse Source
This commit is contained in:
xiaomlove
2025-04-05 22:09:20 +07:00
parent 291f5c03b5
commit 0d3a46231d
3 changed files with 15 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/Http/Controllers/AuthenticateController.php
View File

@@ -57,14 +57,6 @@ class AuthenticateController extends Controller
$user = User::query()->where('passkey', $passkey)->first(['id', 'passhash', 'secret', 'auth_key']);
if ($user) {
$ip = getip();
/**
* Not IP related
* @since 1.8.0
*/
// $passhash = md5($user->passhash . $ip);
// $passhash = md5($user->passhash);
// do_log(sprintf('passhash: %s, ip: %s, md5: %s', $user->passhash, $ip, $passhash));
// logincookie($user->id, $passhash,false, get_setting('system.cookie_valid_days', 365) * 86400, true, true, true);
logincookie($user->id, $user->auth_key);
$user->last_login = now();
$user->save();

2
app/Models/User.php
View File

@@ -185,7 +185,7 @@ class User extends Authenticatable implements FilamentUser, HasName
'username', 'email', 'passhash', 'secret', 'stylesheet', 'editsecret', 'added', 'enabled', 'status',
'leechwarn', 'leechwarnuntil', 'page', 'class', 'uploaded', 'downloaded', 'clientselect', 'showclienterror', 'last_home',
'seedbonus', 'downloadpos', 'vip_added', 'vip_until', 'title', 'invites', 'attendance_card',
'seed_points_per_hour', 'passkey', 'auth_key'
'seed_points_per_hour', 'passkey', 'auth_key', 'last_login', 'lang'
];
/**

21
include/functions.php
View File

@@ -2958,7 +2958,7 @@ function httperr($code = 404) {
function logincookie($id, $authKey, $duration = 0)
{
if (empty($authKey)) {
throw new \RuntimeException("user secret or auth_key is empty");
throw new \RuntimeException("auth_key is empty");
}
if ($duration <= 0) {
$duration = get_setting('system.cookie_valid_days', 365) * 86400;
@@ -2972,7 +2972,14 @@ function logincookie($id, $authKey, $duration = 0)
$signature = hash_hmac('sha256', $tokenJson, $authKey);
$authToken = base64_encode($tokenJson . '.' . $signature);
setcookie("c_secure_pass", $authToken, $expires, "/", "", true, true);
sql_query("UPDATE users SET last_login = NOW(), lang=" . sqlesc(get_langid_from_langcookie()) . " WHERE id = ".sqlesc($id));
$update = [
'last_login' => now(),
];
$langId = get_langid_from_langcookie();
if ($langId > 0) {
$update['lang'] = $langId;
}
\App\Models\User::query()->where("id", $id)->update($update);
}
function set_langfolder_cookie($folder, $expires = 0x7fffffff)
@@ -3005,12 +3012,12 @@ function get_protocol_prefix()
function get_langid_from_langcookie($lang = '')
{
if (empty($lang)) {
global $CURLANGDIR;
$lang = $CURLANGDIR;
$lang = get_langfolder_cookie();
}
$row = mysql_fetch_array(sql_query("SELECT id FROM language WHERE site_lang = 1 AND site_lang_folder = " . sqlesc($lang) . "ORDER BY id ASC")) or sqlerr(__FILE__, __LINE__);
return $row['id'];
$row = \App\Models\Language::query()->where('site_lang', 1)->where("site_lang_folder", $lang)->orderBy("id")->first();
return $row->id ?? 0;
// $row = mysql_fetch_array(sql_query("SELECT id FROM language WHERE site_lang = 1 AND site_lang_folder = " . sqlesc($lang) . "ORDER BY id ASC")) or sqlerr(__FILE__, __LINE__);
// return $row['id'];
}
function make_folder($pre, $folder_name)