Permalink
Browse files

Fixed invitation key using $_SESSION, starting session globally as well

  • Loading branch information...
1 parent 5590f21 commit 1b0e4ae284d563ed0b7e2c2748cb5db6be47d2c4 @sergeychernyshev sergeychernyshev committed Sep 12, 2016
Showing with 10 additions and 30 deletions.
  1. +5 −9 classes/User.php
  2. +0 −1 controller/engine/choose_engine.php
  3. +4 −0 global.php
  4. +0 −4 plans.php
  5. +1 −8 register.php
  6. +0 −4 subscription_details.php
  7. +0 −4 view/engine/choose_engine.php
View
@@ -489,15 +489,11 @@ public function getInvitation() {
* @throws DBException
*/
private function init() {
- $storage = new MrClay_CookieStorage(array(
- 'secret' => UserConfig::$SESSION_SECRET,
- 'mode' => MrClay_CookieStorage::MODE_ENCRYPT,
- 'path' => UserConfig::$SITEROOTURL,
- 'httponly' => true
- ));
-
- $invitation_code = $storage->fetch(UserConfig::$invitation_code_key);
- $storage->delete(UserConfig::$invitation_code_key);
+ $invitation_code = null;
+ if (array_key_exists(UserConfig::$invitation_code_key, $_SESSION)) {
+ $invitation_code = $_SESSION[UserConfig::$invitation_code_key];
+ unset($_SESSION[UserConfig::$invitation_code_key]);
+ }
$invitation = null;
if (!is_null($invitation_code)) {
@@ -7,7 +7,6 @@
$account = Account::getCurrentAccount($user);
$engine = htmlspecialchars($_REQUEST['engine']);
-session_start();
// Check for no-op
if (!is_null($account->getPaymentEngine()) && $account->getPaymentEngine()->getSlug() == $engine) {
View
@@ -3,6 +3,10 @@
mb_internal_encoding('UTF-8');
header('Content-type: text/html; charset=utf-8');
+if (!session_id()) {
+ session_start();
+}
+
require_once(__DIR__.'/classes/StartupAPI.php');
require_once(__DIR__.'/default_config.php');
View
@@ -30,10 +30,6 @@
$template_info = StartupAPI::getTemplateInfo();
$template_info['account_name'] = $account->getName();
-if (!session_id()) {
- session_start();
-}
-
if (array_key_exists('plan', $_POST)) {
$data = explode('.', $_REQUEST['plan']);
View
@@ -31,14 +31,7 @@
throw new StartupAPIException('Invitation code is invalid');
}
- $storage = new MrClay_CookieStorage(array(
- 'secret' => UserConfig::$SESSION_SECRET,
- 'mode' => MrClay_CookieStorage::MODE_ENCRYPT,
- 'path' => UserConfig::$SITEROOTURL,
- 'httponly' => true
- ));
-
- $storage->store(UserConfig::$invitation_code_key, $code);
+ $_SESSION[UserConfig::$invitation_code_key] = $code;
}
try {
@@ -10,10 +10,6 @@
$account = Account::getCurrentAccount($user);
$template_info = StartupAPI::getTemplateInfo();
-if (!session_id()) {
- session_start();
-}
-
if (isset($_SESSION['message'])) {
$template_info['message'] = $_SESSION['message'];
unset($_SESSION['message']);
@@ -3,10 +3,6 @@
$user = User::require_login();
-if (!session_id()) {
- session_start();
-}
-
if(isset($_SESSION['message'])) {
$template_data['message'] = $_SESSION['message'];
unset($_SESSION['message']);

0 comments on commit 1b0e4ae

Please sign in to comment.