|
|
@@ -90,6 +90,20 @@ function startSession() {
|
|
|
if (isset($_COOKIE[SESSION_COOKIE_NAME]))
|
|
|
startSession(); // Resume session
|
|
|
|
|
|
+if (isset($_SESSION['id'])) {
|
|
|
+ if (!isset($_COOKIE['display-username-decryption-key']))
|
|
|
+ output(403, 'The display username decryption key has not been sent.');
|
|
|
+ $decryption_result = htmlspecialchars(sodium_crypto_aead_xchacha20poly1305_ietf_decrypt(
|
|
|
+ $_SESSION['display-username-cyphertext'],
|
|
|
+ NULL,
|
|
|
+ $_SESSION['display-username-nonce'],
|
|
|
+ base64_decode($_COOKIE['display-username-decryption-key'])
|
|
|
+ ));
|
|
|
+ if ($decryption_result === false)
|
|
|
+ output(403, 'Unable to decrypt display username.');
|
|
|
+ define('DISPLAY_USERNAME', $decryption_result);
|
|
|
+}
|
|
|
+
|
|
|
if (in_array(SERVICE, ['reg', 'ns', 'ht']) AND CONF[SERVICE]['enabled'] !== true)
|
|
|
output(403, 'Ce service est désactivé.');
|
|
|
|
|
|
@@ -125,20 +139,6 @@ if ($_POST !== []) {
|
|
|
require 'pg-act/' . PAGE_ADDRESS . '.php';
|
|
|
}
|
|
|
|
|
|
-if (isset($_SESSION['id'])) {
|
|
|
- if (!isset($_COOKIE['display-username-decryption-key']))
|
|
|
- output(403, 'The display username decryption key has not been sent.');
|
|
|
- $decryption_result = htmlspecialchars(sodium_crypto_aead_xchacha20poly1305_ietf_decrypt(
|
|
|
- $_SESSION['display-username-cyphertext'],
|
|
|
- NULL,
|
|
|
- $_SESSION['display-username-nonce'],
|
|
|
- base64_decode($_COOKIE['display-username-decryption-key'])
|
|
|
- ));
|
|
|
- if ($decryption_result === false)
|
|
|
- output(403, 'Unable to decrypt display username.');
|
|
|
- define('DISPLAY_USERNAME', $decryption_result);
|
|
|
-}
|
|
|
-
|
|
|
function displayPage($data) {
|
|
|
|
|
|
require 'view.php';
|
Miraty