Permalink
Browse files

Fixed invitation key using $_SESSION, starting session globally as well

  • Loading branch information...
sergeychernyshev committed Sep 12, 2016
1 parent 5590f21 commit 1b0e4ae284d563ed0b7e2c2748cb5db6be47d2c4
Showing with 10 additions and 30 deletions.
  1. +5 −9 classes/User.php
  2. +0 −1 controller/engine/choose_engine.php
  3. +4 −0 global.php
  4. +0 −4 plans.php
  5. +1 −8 register.php
  6. +0 −4 subscription_details.php
  7. +0 −4 view/engine/choose_engine.php
View
@@ -489,15 +489,11 @@ public function getInvitation() {
* @throws DBException
*/
private function init() {
$storage = new MrClay_CookieStorage(array(
'secret' => UserConfig::$SESSION_SECRET,
'mode' => MrClay_CookieStorage::MODE_ENCRYPT,
'path' => UserConfig::$SITEROOTURL,
'httponly' => true
));
$invitation_code = $storage->fetch(UserConfig::$invitation_code_key);
$storage->delete(UserConfig::$invitation_code_key);
$invitation_code = null;
if (array_key_exists(UserConfig::$invitation_code_key, $_SESSION)) {
$invitation_code = $_SESSION[UserConfig::$invitation_code_key];
unset($_SESSION[UserConfig::$invitation_code_key]);
}
$invitation = null;
if (!is_null($invitation_code)) {
@@ -7,7 +7,6 @@
$account = Account::getCurrentAccount($user);
$engine = htmlspecialchars($_REQUEST['engine']);
session_start();
// Check for no-op
if (!is_null($account->getPaymentEngine()) && $account->getPaymentEngine()->getSlug() == $engine) {
View
@@ -3,6 +3,10 @@
mb_internal_encoding('UTF-8');
header('Content-type: text/html; charset=utf-8');
if (!session_id()) {
session_start();
}
require_once(__DIR__.'/classes/StartupAPI.php');
require_once(__DIR__.'/default_config.php');
View
@@ -30,10 +30,6 @@
$template_info = StartupAPI::getTemplateInfo();
$template_info['account_name'] = $account->getName();
if (!session_id()) {
session_start();
}
if (array_key_exists('plan', $_POST)) {
$data = explode('.', $_REQUEST['plan']);
View
@@ -31,14 +31,7 @@
throw new StartupAPIException('Invitation code is invalid');
}
$storage = new MrClay_CookieStorage(array(
'secret' => UserConfig::$SESSION_SECRET,
'mode' => MrClay_CookieStorage::MODE_ENCRYPT,
'path' => UserConfig::$SITEROOTURL,
'httponly' => true
));
$storage->store(UserConfig::$invitation_code_key, $code);
$_SESSION[UserConfig::$invitation_code_key] = $code;
}
try {
View
@@ -10,10 +10,6 @@
$account = Account::getCurrentAccount($user);
$template_info = StartupAPI::getTemplateInfo();
if (!session_id()) {
session_start();
}
if (isset($_SESSION['message'])) {
$template_info['message'] = $_SESSION['message'];
unset($_SESSION['message']);
@@ -3,10 +3,6 @@
$user = User::require_login();
if (!session_id()) {
session_start();
}
if(isset($_SESSION['message'])) {
$template_data['message'] = $_SESSION['message'];
unset($_SESSION['message']);

0 comments on commit 1b0e4ae

Please sign in to comment.