function legacy_GetUserFromCookie()
{
if (isset($_COOKIE['lusha'])) {
$part = explode(".", $_COOKIE['lusha'], 3);
if (count($part) < 2) {
$GLOBALS['ERROR'] = "Parse Error";
return 0;
} else {
if (count($part) === 3) {
$GLOBALS['ERROR'] = "Error: " . $part[2];
return 0;
}
}
$id = intval($part[0]);
$hash = $part[1];
if (defined('LEGACY_DEBUG')) {
$user = [];
$user['hash'] = "this_is_fake";
} else {
$user = legacy_GetUser($id);
}
if (isset($user['hash']) && $user['hash'] == $hash) {
unset($GLOBALS['ERROR']);
return $id;
}
$GLOBALS['ERROR'] = "Login Failed";
}
return 0;
}
$response = json_NewResponse();
// MAIN (Only accept POST requests) //
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
$action = trim($_POST['action']);
if ($action == "LOGOUT") {
setcookie("lusha", "", 0, "/", str_replace("theme", "", $_SERVER['SERVER_NAME']));
$response['logout'] = 1;
} else {
if ($action == "GET_HASH") {
// This is only available to whitelisted clients, or while debugging //
if (defined('LEGACY_DEBUG') || defined('IP_WHITELIST') && core_OnWhitelist($_SERVER['REMOTE_ADDR'], IP_WHITELIST)) {
$id = intval($_POST['id']);
$ip = $_POST['ip'];
if ($id > 0 && inet_pton($ip) !== false) {
//error_log($ip." - ".$_POST['ip']);
$user = legacy_GetUser($id);
// Not in Database yet
if (empty($user)) {
// Do handshake, confirm user exists //
$result = legacy_FetchUserInfo($id);
if (isset($result['register_date'])) {
// Generate Hash //
$user['hash'] = legacy_GenerateUserHash($id);
}
legacy_SetExtraInfo($id, $result);
}
if ($user) {
access_LogUser($id, $ip);
$response['hash'] = $user['hash'];
}
}
