|
|
@@ -451,32 +451,33 @@
|
|
|
// logged in, but do the tokens match?
|
|
|
$token = $this->get_user_token($username);
|
|
|
//Check Token with Session
|
|
|
- if($token){
|
|
|
+ if(isset($_SESSION["token"])){
|
|
|
if($token == $_SESSION["token"]) { setcookie("cookiePassword", COOKIEPASSWORD, time() + (86400 * 7), "/", DOMAIN); return true; }
|
|
|
- if(isset($_COOKIE["Organizr"]) && isset($_COOKIE["OrganizrU"]) && isset($_COOKIE["cookiePassword"])){
|
|
|
- if($_COOKIE["cookiePassword"] == COOKIEPASSWORD && strlen($_COOKIE["Organizr"]) == 32){
|
|
|
- return true;
|
|
|
- }else{
|
|
|
- $this->error("cookie token mismatch for $username");
|
|
|
- unset($_COOKIE['Organizr']);
|
|
|
- setcookie('Organizr', '', time() - 3600, '/', DOMAIN);
|
|
|
- setcookie('Organizr', '', time() - 3600, '/');
|
|
|
- unset($_COOKIE['OrganizrU']);
|
|
|
- setcookie('OrganizrU', '', time() - 3600, '/', DOMAIN);
|
|
|
- setcookie('OrganizrU', '', time() - 3600, '/');
|
|
|
- unset($_COOKIE['cookiePassword']);
|
|
|
- setcookie("cookiePassword", '', time() - 3600, '/', DOMAIN);
|
|
|
- setcookie("cookiePassword", '', time() - 3600, '/');
|
|
|
- unset($_COOKIE['Auth']);
|
|
|
- setcookie("Auth", '', time() - 3600, '/', DOMAIN);
|
|
|
- setcookie("Auth", '', time() - 3600, '/');
|
|
|
- unset($_COOKIE['mpt']);
|
|
|
- setcookie("mpt", '', time() - 3600, '/', DOMAIN);
|
|
|
- setcookie("mpt", '', time() - 3600, '/');
|
|
|
- return false;
|
|
|
- }
|
|
|
- }
|
|
|
}
|
|
|
+ if(isset($_COOKIE["Organizr"]) && isset($_COOKIE["OrganizrU"]) && isset($_COOKIE["cookiePassword"])){
|
|
|
+ if($_COOKIE["cookiePassword"] == COOKIEPASSWORD && strlen($_COOKIE["Organizr"]) == 32){
|
|
|
+ return true;
|
|
|
+ }else{
|
|
|
+ $this->error("cookie token mismatch for $username");
|
|
|
+ unset($_COOKIE['Organizr']);
|
|
|
+ setcookie('Organizr', '', time() - 3600, '/', DOMAIN);
|
|
|
+ setcookie('Organizr', '', time() - 3600, '/');
|
|
|
+ unset($_COOKIE['OrganizrU']);
|
|
|
+ setcookie('OrganizrU', '', time() - 3600, '/', DOMAIN);
|
|
|
+ setcookie('OrganizrU', '', time() - 3600, '/');
|
|
|
+ unset($_COOKIE['cookiePassword']);
|
|
|
+ setcookie("cookiePassword", '', time() - 3600, '/', DOMAIN);
|
|
|
+ setcookie("cookiePassword", '', time() - 3600, '/');
|
|
|
+ unset($_COOKIE['Auth']);
|
|
|
+ setcookie("Auth", '', time() - 3600, '/', DOMAIN);
|
|
|
+ setcookie("Auth", '', time() - 3600, '/');
|
|
|
+ unset($_COOKIE['mpt']);
|
|
|
+ setcookie("mpt", '', time() - 3600, '/', DOMAIN);
|
|
|
+ setcookie("mpt", '', time() - 3600, '/');
|
|
|
+ return false;
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
return false;
|
|
|
}
|
|
|
/**
|
causefx