libs/phplibrary
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: Расчет хеша для браузера

Browse source
This commit is contained in:
origami11@yandex.ru 2024-02-13 15:33:25 +03:00
parent 548d5daaa9
commit 6ae14fd5f0
2 changed files with 12 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

15
src/Filter/Login.php
View file

@ -108,7 +108,7 @@ class Login extends Filter
break;
*/
default:
$hash = $this->getBrowserSign();
$hash = Authorization::getBrowserSign();
// Если $hash не совпадает $_SESSION['hash'] то удаляем сессию
if (isset($_SESSION ['access']) && isset($_SESSION[self::SESSION_BROWSER_SIGN_KEYNAME])) {
if ($hash == $_SESSION[self::SESSION_BROWSER_SIGN_KEYNAME]) {
@ -125,17 +125,6 @@ class Login extends Filter
return false;
}
private function getBrowserSign() {
$rawSign = self::SESSION_BROWSER_SIGN_SECRET;
//$signParts = array('HTTP_USER_AGENT', 'HTTP_ACCEPT_ENCODING');
$signParts = array();
foreach ($signParts as $signPart) {
$rawSign .= '::' . (isset($_SERVER[$signPart]) ? $_SERVER[$signPart] : 'none');
}
return md5($rawSign);
}
private function enter($result)
{
$this->user = $result;
@ -145,7 +134,7 @@ class Login extends Filter
$_SESSION["group"] = $result->getInt('access');
$_SESSION["access"] = $result->getInt('id_user'); // id_user
$_SESSION["random"] = $random; // id_user
$_SESSION[self::SESSION_BROWSER_SIGN_KEYNAME] = $this->getBrowserSign();
$_SESSION[self::SESSION_BROWSER_SIGN_KEYNAME] = Authorization::getBrowserSign();
$_SESSION["time"] = time();
}