fe / YOHOBUYWAP · Commits

Go to a project

Authored by 郭成尧
Commit d4c3f6825848051b69c469569af59d31960a0ea2 1 parent 59b9f3ac

uid-salt

Inline Side-by-side
Showing 1 changed file with 4 additions and 5 deletions
@@ -363,11 +363,10 @@ class AbstractAction extends Controller_Abstract @@ -363,11 +363,10 @@ class AbstractAction extends Controller_Abstract
363 $cookieList[1] = intval(Encryption::decrypt($cookieList[1])); 363 $cookieList[1] = intval(Encryption::decrypt($cookieList[1]));
364 if (isset($cookieList[1]) && $cookieList[1]) { 364 if (isset($cookieList[1]) && $cookieList[1]) {
365 if ($useSession) { 365 if ($useSession) {
366 - $token = $this->getSession('_TOKEN');  
367 - if (empty($token)) {  
368 - $token = $this->getCookie('_TOKEN');  
369 - }  
370 - if ($token === Helpers::makeToken($cookieList[1])) { 366 + $token = $cookieList[3];
  367 + $salt = substr($token, -8);
  368 +
  369 + if ($token === Helpers::makeToken($cookieList[1] . $salt)) {
371 $this->_uid = $cookieList[1]; 370 $this->_uid = $cookieList[1];
372 } 371 }
373 } else { 372 } else {