Website
/
Manager
1
0
Fork 0
Code Releases 11 Activity

Fix/improve middleware classes

master
Anonymous Contributor 2023-09-05 01:09:59 +02:00
parent 686e991266
commit 27899ce9c1
3 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/middleware/AdminMiddleware.php
View File

@ -8,7 +8,7 @@ class AdminMiddleware extends LoginRequiredMiddleware
public function canAccess(): bool
{
if (parent::canAccess()) {
return $_SESSION['UserLevel'] > 100;
return $_SESSION['LEVEL'] > 100;
}
return false;

1
app/middleware/LoginRequiredMiddleware.php
View File

@ -25,7 +25,6 @@ class LoginRequiredMiddleware extends SessionMiddleware
$getLevel->execute([$_SESSION['UUID']]);
if ($row = $getLevel->fetch()) {
$_SESSION['LEVEL'] = $row['UserLevel'];
session_set_cookie_params(86400);
return true;
}
else {

2
app/middleware/SessionMiddleware.php
View File

@ -38,7 +38,7 @@ abstract class SessionMiddleware implements Middleware
break;
}
if(!isset($_SESSION['csrf']) || strlen($_SESSION['csrf']) != 64) {
if(!isset($_SESSION['csrf']) || !preg_match('/^[0-9a-f]{64}$/', $_SESSION['csrf'])) {
$_SESSION['csrf'] = bin2hex(random_bytes(32));
}
}