zloj/ez-pro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
18d77ba43e
ez-pro/core/bitrix/modules/main/spread.php
root 240d0aba5f Init
2025-11-13 19:04:05 +03:00

68 lines
1.7 KiB
PHP
Raw Blame History

<?php
// Should work only on HTTPS requests
use Bitrix\Main;
use Bitrix\Main\Web;
header("P3P: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"");
header("Content-type: image/png");
if (isset($_GET['k']) && isset($_GET['s']) && is_string($_GET['k']) && is_string($_GET['s']) && $_GET['k'] != '')
{
// "SameSite: None" requires "secure"
ini_set('session.cookie_secure', 1);
ini_set('session.cookie_samesite', 'None');
require_once(__DIR__.'/include.php');
$application = Main\Application::getInstance();
$cookieString = base64_decode($_GET['s']);
$salt = $_SERVER['REMOTE_ADDR'] . '|' . @filemtime($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/main/classes/general/version.php') . '|' . $application->getLicense()->getKey();
if (md5($cookieString . $salt) === $_GET['k'])
{
$arr = explode(chr(2), $cookieString);
if (is_array($arr))
{
$context = Main\Context::getCurrent();
$request = $context->getRequest();
$response = $context->getResponse();
$host = $request->getHttpHost();
foreach ($arr as $str)
{
if ($str != '')
{
$ar = explode(chr(1), $str);
// "SameSite: None" requires "secure"
$cookie = (new Web\Cookie($ar[0], $ar[1], $ar[2], false))
->setPath($ar[3])
->setDomain($host)
->setSecure(true)
->setHttpOnly($ar[6])
->setSameSite(Web\Http\Cookie::SAME_SITE_NONE)
;
$response->addCookie($cookie);
//logout
if(substr($ar[0], -5) == '_UIDH' && $ar[1] == '')
{
$kernelSession = $application->getKernelSession();
$kernelSession["SESS_AUTH"] = [];
unset($kernelSession["SESS_AUTH"]);
unset($kernelSession["SESS_OPERATIONS"]);
}
}
}
}
}
$application->end();
}
Reference in New Issue View Git Blame Copy Permalink