lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-14 20:40:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

improve get_user_from_cookie()

Browse Source
This commit is contained in:
xiaomlove
2025-04-21 18:59:41 +07:00
parent bfdc86391b
commit cedd7887bd
1 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
include/globalfunctions.php
View File

@@ -1393,11 +1393,24 @@ function get_challenge_key(string $challenge): string {
function get_user_from_cookie(array $cookie, $isArray = true): array|\App\Models\User|null {
$log = "cookie: " . json_encode($cookie);
if (empty($_COOKIE["c_secure_pass"])) {
if (empty($cookie["c_secure_pass"])) {
do_log("$log, param not enough");
return null;
}
list($tokenJson, $signature) = explode('.', base64_decode($_COOKIE["c_secure_pass"]));
$base64Decoded = base64_decode($cookie["c_secure_pass"]);
if (empty($base64Decoded)) {
do_log("$log, invalid c_secure_pass");
return null;
}
$log .= ", base64 decoded: " . $base64Decoded;
$tokenJsonAndSignature = explode(".", $base64Decoded);
if (count($tokenJsonAndSignature) != 2) {
do_log("$log, invalid c_secure_pass base64_decoded");
return null;
}
$tokenJson = $tokenJsonAndSignature[0];
$signature = $tokenJsonAndSignature[1];
// list($tokenJson, $signature) = explode('.', base64_decode($_COOKIE["c_secure_pass"]));
if (empty($tokenJson) || empty($signature)) {
do_log("$log, no tokenJson or signature");
return null;