| Server IP : 85.193.89.191 / Your IP : 3.133.156.208 Web Server : Apache System : Linux 956367-cx40159.tmweb.ru 3.10.0-1160.105.1.el7.x86_64 #1 SMP Thu Dec 7 15:39:45 UTC 2023 x86_64 User : bitrix ( 600) PHP Version : 8.1.27 Disable Function : NONE MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /home/bitrix/www/bitrix/modules/main/ |
Upload File : |
<?php
// Should work only on HTTPS requests
use Bitrix\Main;
use Bitrix\Main\Web;
header("P3P: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"");
header("Content-type: image/png");
if (isset($_GET['k']) && isset($_GET['s']) && is_string($_GET['k']) && is_string($_GET['s']) && $_GET['k'] != '')
{
// "SameSite: None" requires "secure"
ini_set('session.cookie_secure', 1);
ini_set('session.cookie_samesite', 'None');
require_once(__DIR__.'/include.php');
$application = Main\Application::getInstance();
$cookieString = base64_decode($_GET['s']);
$salt = $_SERVER['REMOTE_ADDR'] . '|' . @filemtime($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/main/classes/general/version.php') . '|' . $application->getLicense()->getKey();
if (md5($cookieString . $salt) === $_GET['k'])
{
$arr = explode(chr(2), $cookieString);
if (is_array($arr))
{
$context = Main\Context::getCurrent();
$request = $context->getRequest();
$response = $context->getResponse();
$host = $request->getHttpHost();
foreach ($arr as $str)
{
if ($str != '')
{
$ar = explode(chr(1), $str);
// "SameSite: None" requires "secure"
$cookie = (new Web\Cookie($ar[0], $ar[1], $ar[2], false))
->setPath($ar[3])
->setDomain($host)
->setSecure(true)
->setHttpOnly($ar[6])
->setSameSite(Web\Http\Cookie::SAME_SITE_NONE)
;
$response->addCookie($cookie);
//logout
if(substr($ar[0], -5) == '_UIDH' && $ar[1] == '')
{
$kernelSession = $application->getKernelSession();
$kernelSession["SESS_AUTH"] = [];
unset($kernelSession["SESS_AUTH"]);
unset($kernelSession["SESS_OPERATIONS"]);
}
}
}
}
}
$application->end();
}