nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2025-12-30 00:53:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Security - validate session

Browse Source
This commit is contained in:
FusionPBX
2024-01-22 14:20:28 -07:00
committed by GitHub
parent 34321b2b1d
commit ee202cd61d
2 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
core/authentication/resources/classes/authentication.php
View File

@@ -229,6 +229,9 @@ class authentication {
$_SESSION["user_uuid"] = $result["user_uuid"];
$_SESSION["context"] = $result['domain_name'];
//used to validate the session
$_SESSION["user_hash"] = hash('sha256', $_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT']);
//user session array
$_SESSION["user"]["domain_uuid"] = $result["domain_uuid"];
$_SESSION["user"]["domain_name"] = $result["domain_name"];
@@ -236,7 +239,7 @@ class authentication {
$_SESSION["user"]["username"] = $result["username"];
$_SESSION["user"]["contact_uuid"] = $result["contact_uuid"];
//get the groups assigned to the user
//get the groups assigned to the user
$group = new groups;
$group->session($result["domain_uuid"], $result["user_uuid"]);