+3
-2
@@ -23,7 +23,8 @@ session_set_cookie_params([
|
|||||||
session_start();
|
session_start();
|
||||||
|
|
||||||
$authToken = $_GET['auth'] ?? '';
|
$authToken = $_GET['auth'] ?? '';
|
||||||
$errorRedirect = isSafeRedirect($_GET['redirect'] ?? '') ? $_GET['redirect'] : '/';
|
$rawRedirect = $_GET['redirect'] ?? '/';
|
||||||
|
$errorRedirect = isSafeRedirect($rawRedirect) ? $rawRedirect : '/';
|
||||||
|
|
||||||
if (!$authToken) {
|
if (!$authToken) {
|
||||||
$_SESSION['auth_error'] = 'Missing authentication token.';
|
$_SESSION['auth_error'] = 'Missing authentication token.';
|
||||||
@@ -83,6 +84,6 @@ $_SESSION['telegram_id'] = $data['telegram_id'] ?? '';
|
|||||||
$_SESSION['user_token'] = $userToken;
|
$_SESSION['user_token'] = $userToken;
|
||||||
unset($_SESSION['auth_error']);
|
unset($_SESSION['auth_error']);
|
||||||
|
|
||||||
$redirect = isSafeRedirect($_GET['redirect'] ?? '') ? $_GET['redirect'] : '/';
|
$redirect = isSafeRedirect($rawRedirect) ? $rawRedirect : '/';
|
||||||
header('Location: ' . $redirect);
|
header('Location: ' . $redirect);
|
||||||
exit;
|
exit;
|
||||||
Reference in New Issue
Block a user