beenull/servnest
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix display username decryption error handling

Browse source
This commit is contained in:
Miraty 2023-06-14 22:23:15 +02:00
parent e4ae765486
commit 256bd51e0f
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
router.php
View file

@ -70,15 +70,15 @@ if (isset($_SESSION['id'])) {
// Decrypt display username
if (!isset($_COOKIE['display-username-decryption-key']))
output(403, 'The display username decryption key has not been sent.');
$decryption_result = htmlspecialchars(sodium_crypto_aead_xchacha20poly1305_ietf_decrypt(
$decryption_result = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt(
$_SESSION['display-username-cyphertext'],
'',
$_SESSION['display-username-nonce'],
base64_decode($_COOKIE['display-username-decryption-key'])
));
);
if ($decryption_result === false)
output(403, 'Unable to decrypt display username.');
define('DISPLAY_USERNAME', $decryption_result);
define('DISPLAY_USERNAME', htmlspecialchars($decryption_result));
// Enable not already enabled services for this user
$user_services = array_filter(explode(',', query('select', 'users', ['id' => $_SESSION['id']], 'services')[0]));