Browse Source

move cid checking to a separate function

Andrew Dolgov 4 months ago
parent
commit
25aea62430
2 changed files with 19 additions and 18 deletions
  1. 1 18
      backend.php
  2. 18 0
      include/functions.php

+ 1 - 18
backend.php

@@ -1009,24 +1009,7 @@
 		/* special handling for android client, cid is a sha1()-hashed SID */
 
 		if (!$_SESSION['uid']) {
-			@$cid = $_REQUEST['cid'];
-
-			$valid_cid = false;
-
-			if ($cid) {
-				$sessions = $redis->keys("ttirc_sessions,*");
-
-				foreach ($sessions as $session) {
-					list ($tmp, $sid) = explode(",", $session);
-
-					if (sha1($sid . date("Ymd")) == $cid) {
-						$valid_cid = true;
-						break;
-					}
-				}
-			}
-
-			if (!$valid_cid) {
+			if ([email protected]_valid_cid($_REQUEST['cid'])) {
 				header("Location: $url");
 				return;
 			}

+ 18 - 0
include/functions.php

@@ -2294,4 +2294,22 @@
 		}
 	}
 
+	function is_valid_cid($cid) {
+		global $redis;
+
+		if ($cid) {
+			$sessions = $redis->keys("ttirc_sessions,*");
+
+			foreach ($sessions as $session) {
+				list ($tmp, $sid) = explode(",", $session);
+
+				if (sha1($sid . date("Ymd")) == $cid) {
+					return true;
+				}
+			}
+		}
+
+		return false;
+	}
+
 ?>