spread_8php_source.html

<?php


// Should work only on HTTPS requests


use Bitrix\Main;

use Bitrix\Main\Web;


header("P3P: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"");

header("Content-type: image/png");


if (isset($_GET['k']) && isset($_GET['s']) && is_string($_GET['k']) && is_string($_GET['s']) && $_GET['k'] != '')

{

    // "SameSite: None" requires "secure"

    ini_set('session.cookie_secure', 1);

    ini_set('session.cookie_samesite', 'None');


    require_once(__DIR__.'/include.php');


    $application = Main\Application::getInstance();


    $cookieString = base64_decode($_GET['s']);

    $salt = $_SERVER['REMOTE_ADDR'] . '|' . @filemtime($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/main/classes/general/version.php') . '|' . $application->getLicense()->getKey();


    if (md5($cookieString . $salt) === $_GET['k'])

    {

        $arr = explode(chr(2), $cookieString);


        if (is_array($arr))

        {

            $context = Main\Context::getCurrent();

            $request = $context->getRequest();

            $response = $context->getResponse();


            $host = $request->getHttpHost();


            foreach ($arr as $str)

            {

                if ($str != '')

                {

                    $ar = explode(chr(1), $str);


                    // "SameSite: None" requires "secure"

                    $cookie = (new Web\Cookie($ar[0], $ar[1], $ar[2], false))

                        ->setPath($ar[3])

                        ->setDomain($host)

                        ->setSecure(true)

                        ->setHttpOnly($ar[6])

                        ->setSameSite(Web\Http\Cookie::SAME_SITE_NONE)

                    ;


                    $response->addCookie($cookie);


                    //logout

                    if(substr($ar[0], -5) == '_UIDH' && $ar[1] == '')

                    {

                        $kernelSession = $application->getKernelSession();

                        $kernelSession["SESS_AUTH"] = [];

                        unset($kernelSession["SESS_AUTH"]);

                        unset($kernelSession["SESS_OPERATIONS"]);

                    }

                }

            }

        }

    }


    $application->end();

}

$request
if(!Loader::includeModule('catalog')) if(!AccessController::getCurrent() ->check(ActionDictionary::ACTION_PRICE_EDIT)) if(!check_bitrix_sessid()) $request
Определения catalog_reindex.php:36

Bitrix\Main\Application\getInstance
static getInstance()
Определения application.php:98

Bitrix\Main\Web\Cookie
Определения cookie.php:9

$str
$str
Определения commerceml2.php:63

$arr
$arr
Определения file_new.php:624

$host
$host
Определения .description.php:9

$_SERVER
$_SERVER["DOCUMENT_ROOT"]
Определения cron_frame.php:9

$context
$context
Определения csv_new_setup.php:223

$application
$application
Определения bitrix.php:23

$kernelSession
$kernelSession
Определения include.php:181

Bitrix\Main\Web\Http
Определения clientexception.php:3

Bitrix\Main\Web
Определения cookie.php:3

Bitrix\Main

$ar
$ar
Определения options.php:199

$response
$response
Определения result.php:21