diff options
author | RaindropsSys <contact@minteck.org> | 2023-07-07 18:57:17 +0200 |
---|---|---|
committer | RaindropsSys <contact@minteck.org> | 2023-07-07 18:57:17 +0200 |
commit | d41e523af3b8ff5dce6158fb42a46a8980de7bc6 (patch) | |
tree | 594847e0db325c5883c361710d3abae746a4f803 | |
parent | 1a8b9c5349780ed02e5af24c0e68daa12d9e08c3 (diff) | |
download | synccenter-d41e523af3b8ff5dce6158fb42a46a8980de7bc6.tar.gz synccenter-d41e523af3b8ff5dce6158fb42a46a8980de7bc6.tar.bz2 synccenter-d41e523af3b8ff5dce6158fb42a46a8980de7bc6.zip |
-rw-r--r-- | auth/callback/index.php | 2 | ||||
-rw-r--r-- | includes/session.php | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/auth/callback/index.php b/auth/callback/index.php index 228d35d..b5daf0c 100644 --- a/auth/callback/index.php +++ b/auth/callback/index.php @@ -46,7 +46,7 @@ if (isset($result["access_token"])) { $token = "sc" . str_replace("/", ".", base64_encode(random_bytes(96))); - file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token, $result); + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token, json_encode($result)); header("Set-Cookie: SC_SESSION_TOKEN=" . $token . "; SameSite=None; Path=/; Secure; HttpOnly; Expires=" . date("r", time() + (86400 * 730))); diff --git a/includes/session.php b/includes/session.php index 4a421a8..05021ad 100644 --- a/includes/session.php +++ b/includes/session.php @@ -3,7 +3,7 @@ $isLoggedIn = false; global $_PROFILE; -$token = $authorization ?? $post ?? $_POST["_session"] ?? $_GET["_session"] ?? $_COOKIE['SC_SESSION_TOKEN'] ?? null; +$token = $_POST["_session"] ?? $_GET["_session"] ?? $_COOKIE['SC_SESSION_TOKEN'] ?? null; if (isset($token)) { if (!(str_contains($token, "/") || trim($token) === "" || trim($token) === "." || trim($token) === "..")) { |