Correction pb de token interne
This commit is contained in:
xdrm-brackets
parent
dba4975ce0
commit
050f7259d4
|
|
@ -1,6 +1,8 @@
|
|||
<?php
|
||||
|
||||
namespace manager;
|
||||
use \manager\Repo;
|
||||
use \manager\sessionManager;
|
||||
|
||||
|
||||
class ResourceDispatcher{
|
||||
|
|
@ -245,10 +247,21 @@
|
|||
header('Content-Type: '.$this->header);
|
||||
|
||||
// On recupere le contenu
|
||||
$svg_content = file_get_contents($this->path);
|
||||
$content = file_get_contents($this->path);
|
||||
|
||||
|
||||
|
||||
////////////////////////////////////////
|
||||
///////////// SI FICHIER JS ////////////
|
||||
////////////////////////////////////////
|
||||
if( $this->flags['extension'] == 'js' )
|
||||
$content = 'var js_access_token = "'. substr($_SESSION['session_token'], 0, 40) .'";' . "\n\n" . $content;
|
||||
|
||||
|
||||
|
||||
|
||||
// On affiche tout
|
||||
echo str_replace( '</svg>', $this->stylesheet.'</svg>', $svg_content );
|
||||
echo str_replace( '</svg>', $this->stylesheet.'</svg>', $content );
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -263,10 +276,10 @@
|
|||
|
||||
|
||||
// On inclut le contenu
|
||||
$svg_content = file_get_contents($this->path);
|
||||
$content = file_get_contents($this->path);
|
||||
|
||||
// On retourne tout
|
||||
return str_replace( '</svg>', $this->stylesheet.'</svg>', $svg_content );
|
||||
return str_replace( '</svg>', $this->stylesheet.'</svg>', $content );
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@
|
|||
/* INITIALISATION DE SESSION */
|
||||
/*****************************/
|
||||
private static function reset_session($session_id=null){
|
||||
|
||||
// On ferme la session
|
||||
session_destroy();
|
||||
|
||||
|
|
@ -36,7 +37,6 @@
|
|||
// On met a jour le token
|
||||
self::update_token();
|
||||
|
||||
|
||||
header('Refresh: 0');
|
||||
}
|
||||
|
||||
|
|
@ -86,16 +86,14 @@
|
|||
self::reset_session( $sessid ); // On initialise la session (bon id session)
|
||||
|
||||
|
||||
// si id session invalide
|
||||
|
||||
|
||||
/* [3] Verification du token
|
||||
==============================================================*/
|
||||
// On verifie que le token est valide
|
||||
$valid_token = $session_token != null; // verification de l'existence du cookie
|
||||
$valid_token = $valid_token && strpos($session_token, self::$prefix) === 0; // verification des donnes personnelles
|
||||
$valid_token = $valid_token && isset($_SESSION['session_token']); // verification que la variable session associee existe
|
||||
$valid_token = $valid_token && $_SESSION['session_token'] == $_COOKIE['session_token']; // verification que la session est coherente
|
||||
$valid_token = $session_token != null; // verification de l'existence du cookie
|
||||
$valid_token = $valid_token && strpos($session_token, self::$prefix) === 0; // verification des donnes personnelles
|
||||
$valid_token = $valid_token && isset($_SESSION['session_token']); // verification que la variable session associee existe
|
||||
$valid_token = $valid_token && $_SESSION['session_token'] == $_COOKIE['session_token']; // verification que la session est coherente
|
||||
|
||||
/* [4] Si token inexistant
|
||||
==============================================================*/
|
||||
|
|
|
|||
Loading…
Reference in New Issue