AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #278 from wrongecho/firefox-ext 

Commenting for now
This commit is contained in:
Johnny 2022-01-15 12:08:29 -05:00 committed by GitHub
parent 7b6598a63a be8a18acc6
commit 55dafd42a8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
get_credential.php
View File

@ -1,13 +1,17 @@
<?php
/*
// Headers to allow extensions access (CORS)
$chrome_id = "to-be-confirmed";
$firefox_id = "to-be-confirmed";
$http_origin = $_SERVER['HTTP_ORIGIN'];
if ($http_origin == "$chrome_id" || $http_origin == "$firefox_id")
{
header("Access-Control-Allow-Origin: $http_origin");
header("Access-Control-Allow-Credentials: true");
$chrome_id = "chrome-extension://afgpakhonllnmnomchjhidealcpmnegc";
$firefox_id = "moz-extension://857479e9-3992-4e99-9a5e-b514d2ad0a82";
if (isset($_SERVER['HTTP_ORIGIN'])) {
if($_SERVER['HTTP_ORIGIN'] == $chrome_id OR $_SERVER['HTTP_ORIGIN'] == $firefox_id){
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
}
}
// Additionally, will require cookies set to SameSite None.
include("config.php");
include("functions.php");
@ -60,16 +64,18 @@ if($session_user_role < 4){
if(isset($_GET['host'])){
$url = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['host'])));
if(!empty($_GET['host'])){
$url = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['host'])));
$sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE (login_uri = '$url' AND company_id = '$session_company_id') LIMIT 1");
$sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE (login_uri = '$url' AND company_id = '$session_company_id') LIMIT 1");
if(mysqli_num_rows($sql_logins) > 0){
$row = mysqli_fetch_array($sql_logins);
$data['found'] = "TRUE";
$data['username'] = htmlentities($row['login_username']);
$data['password'] = decryptLoginEntry($row['login_password']);
echo json_encode($data);
if(mysqli_num_rows($sql_logins) > 0){
$row = mysqli_fetch_array($sql_logins);
$data['found'] = "TRUE";
$data['username'] = htmlentities($row['login_username']);
$data['password'] = decryptLoginEntry($row['login_password']);
echo json_encode($data);
}
}
}