diff --git a/build/api/core/Authentification.php b/build/api/core/Authentification.php index 103a7e4..f7c36e3 100644 --- a/build/api/core/Authentification.php +++ b/build/api/core/Authentification.php @@ -48,33 +48,25 @@ if( !isset($GLOBALS['TOKEN']) ) $GLOBALS['TOKEN'] = null; - echo "1. ".$GLOBALS['TOKEN']."\n"; - /* (1) Liste des permissions */ if( !isset($GLOBALS['PERM']) ) $GLOBALS['PERM'] = []; - echo "2. ".$GLOBALS['TOKEN']."\n"; /* (2) Gestion de AUTH (authentification) dans HEADER ---------------------------------------------------------*/ $GLOBALS['TOKEN'] = isset($_SERVER['PHP_AUTH_DIGEST']) ? $_SERVER['PHP_AUTH_DIGEST'] : ''; - echo "3. ".$GLOBALS['TOKEN']."\n"; /* (3) Gestion de AUTH en fonction du token ---------------------------------------------------------*/ - if( preg_match('/^[a-f0-9]{64}$/', $GLOBALS['TOKEN'], $match) ) - $GLOBALS['TOKEN'] = $match[0]; - else - $GLOBALS['TOKEN'] = null; + $GLOBALS['TOKEN'] = preg_match('/^[a-f0-9]{64}$/', $GLOBALS['TOKEN'], $match) ? $match[0] : null; - echo "4. ".$GLOBALS['TOKEN']."\n"; + echo "regexp- ".$GLOBALS['TOKEN']."\n"; /* (4) On vérifie l'authentification par BDD ---------------------------------------------------------*/ if( !self::deepCheck() ) $GLOBALS['TOKEN'] = null; - echo "5. ".$GLOBALS['TOKEN']."\n"; } @@ -90,6 +82,7 @@ if( is_null($GLOBALS['TOKEN']) ) return false; + echo 'a'; /* [2] Vérification du système =========================================================*/ @@ -98,12 +91,14 @@ if( !is_file($fn) ) return false; + echo 'b'; /* (2) Read file -> check content */ $fc = file_get_contents($fn); if( strlen($fc) !== 64 ) return false; + echo 'c'; /* [3] Hash comparison =========================================================*/ @@ -112,6 +107,7 @@ if( $hashed !== $fc ) return false; + echo 'd'; /* (2) Stores new content */ file_put_contents($fn, $GLOBALS['TOKEN']);