beenull/servnest
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix display username decryption when using output()

Browse source
This commit is contained in:
Miraty 2023-01-21 04:14:40 +01:00
parent b872ec8281
commit 2c6d8b8ac9
1 changed files with 14 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
router.php
View file

@ -90,6 +90,20 @@ function startSession() {
if (isset($_COOKIE[SESSION_COOKIE_NAME]))
startSession(); // Resume session
if (isset($_SESSION['id'])) {
if (!isset($_COOKIE['display-username-decryption-key']))
output(403, 'The display username decryption key has not been sent.');
$decryption_result = htmlspecialchars(sodium_crypto_aead_xchacha20poly1305_ietf_decrypt(
$_SESSION['display-username-cyphertext'],
NULL,
$_SESSION['display-username-nonce'],
base64_decode($_COOKIE['display-username-decryption-key'])
));
if ($decryption_result === false)
output(403, 'Unable to decrypt display username.');
define('DISPLAY_USERNAME', $decryption_result);
}
if (in_array(SERVICE, ['reg', 'ns', 'ht']) AND CONF[SERVICE]['enabled'] !== true)
output(403, 'Ce service est désactivé.');
@ -125,20 +139,6 @@ if ($_POST !== []) {
require 'pg-act/' . PAGE_ADDRESS . '.php';
}
if (isset($_SESSION['id'])) {
if (!isset($_COOKIE['display-username-decryption-key']))
output(403, 'The display username decryption key has not been sent.');
$decryption_result = htmlspecialchars(sodium_crypto_aead_xchacha20poly1305_ietf_decrypt(
$_SESSION['display-username-cyphertext'],
NULL,
$_SESSION['display-username-nonce'],
base64_decode($_COOKIE['display-username-decryption-key'])
));
if ($decryption_result === false)
output(403, 'Unable to decrypt display username.');
define('DISPLAY_USERNAME', $decryption_result);
}
function displayPage($data) {
require 'view.php';