function login_check_login() { if (!$GLOBALS['cfg']['enable_feature_signin']) { return 0; } if ($GLOBALS['cfg']['user']['id']) { return 1; } $auth_cookie = login_get_cookie($GLOBALS['cfg']['auth_cookie_name']); if (!$auth_cookie) { return 0; } $auth_cookie = crypto_decrypt($auth_cookie, $GLOBALS['cfg']['crypto_cookie_secret']); list($user_id, $password) = explode(':', $auth_cookie, 2); if (!$user_id) { return 0; } $user = users_get_by_id($user_id); if (!$user) { return 0; } if ($user['deleted']) { return 0; } if ($user['password'] !== $password) { return 0; } $GLOBALS['cfg']['user'] = $user; return 1; }
function invite_codes_get_by_cookie($cookie = '') { $cookie = login_get_cookie('invite'); if (!$cookie) { return null; } $cookie = crypto_decrypt($cookie, $GLOBALS['cfg']['crypt_invite_secret']); if (!$cookie) { return null; } $cookie = explode("-", $cookie, 2); if (count($cookie) != 2) { return null; } return invite_codes_get_by_code($cookie[0], $cookie[1]); }
<?php include "include/init.php"; loadlib("flickr_api"); loadlib("flickr_users"); loadlib("random"); $extra = get_str("extra"); if ($extra) { $_extra = urldecode($extra); parse_str($_extra, $extra); } $has_crumb = is_array($extra) && isset($extra['crumb']) ? 1 : 0; $user_id = 0; if ($GLOBALS['cfg']['user']['id'] && $has_crumb) { $crumb = crypto_decrypt($extra['crumb'], $GLOBALS['cfg']['flickr_api_secret']); list($user_id, $timestamp) = explode(":", $crumb, 2); $ok = 1; if ($user_id != $GLOBALS['cfg']['user']['id']) { $ok = 0; } if (time() - $timestamp > 120) { $ok = 0; } if (!$ok) { header("location: {$GLOBALS['cfg']['abs_root_url']}"); exit; } } else { if ($GLOBALS['cfg']['user']['id']) { header("location: {$GLOBALS['cfg']['abs_root_url']}"); exit;