AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-25 06:45:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #278 from wrongecho/firefox-ext

Browse Source 
Commenting for now
This commit is contained in:
Johnny
2022-01-15 12:08:29 -05:00
committed by GitHub
parent 7b6598a63a be8a18acc6
commit 55dafd42a8
1 changed files with 21 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
get_credential.php
View File

@@ -1,13 +1,17 @@
<?php <?php
/*
// Headers to allow extensions access (CORS) // Headers to allow extensions access (CORS)
$chrome_id = "to-be-confirmed"; $chrome_id = "chrome-extension://afgpakhonllnmnomchjhidealcpmnegc";
$firefox_id = "to-be-confirmed"; $firefox_id = "moz-extension://857479e9-3992-4e99-9a5e-b514d2ad0a82";
$http_origin = $_SERVER['HTTP_ORIGIN'];
if ($http_origin == "$chrome_id" || $http_origin == "$firefox_id") if (isset($_SERVER['HTTP_ORIGIN'])) {
{ if($_SERVER['HTTP_ORIGIN'] == $chrome_id OR $_SERVER['HTTP_ORIGIN'] == $firefox_id){
header("Access-Control-Allow-Origin: $http_origin"); header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header("Access-Control-Allow-Credentials: true"); header('Access-Control-Allow-Credentials: true');
}
} }
// Additionally, will require cookies set to SameSite None.
include("config.php"); include("config.php");
include("functions.php"); include("functions.php");
@@ -60,16 +64,18 @@ if($session_user_role < 4){
if(isset($_GET['host'])){ if(isset($_GET['host'])){
$url = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['host']))); if(!empty($_GET['host'])){
$url = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['host'])));
$sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE (login_uri = '$url' AND company_id = '$session_company_id') LIMIT 1"); $sql_logins = mysqli_query($mysqli, "SELECT * FROM logins WHERE (login_uri = '$url' AND company_id = '$session_company_id') LIMIT 1");
if(mysqli_num_rows($sql_logins) > 0){ if(mysqli_num_rows($sql_logins) > 0){
$row = mysqli_fetch_array($sql_logins); $row = mysqli_fetch_array($sql_logins);
$data['found'] = "TRUE"; $data['found'] = "TRUE";
$data['username'] = htmlentities($row['login_username']); $data['username'] = htmlentities($row['login_username']);
$data['password'] = decryptLoginEntry($row['login_password']); $data['password'] = decryptLoginEntry($row['login_password']);
echo json_encode($data); echo json_encode($data);
}
} }
} }