$ugly salt to fix download problem on multilogin

Signed-off-by: Bruno Ribas <brunoribas@gmail.com>
author: Bruno Ribas <brunoribas@gmail.com> 2020-11-16 18:25:04 +0000
committer: Bruno Ribas <brunoribas@gmail.com> 2020-11-16 18:25:04 +0000
commit: ef742cb0a6f9cb92749337804900c8df304ba6a8 (patch)
tree: 86afde1c341f1f8c66f3cbbd3011b52ef715e96a /src/filedownload.php
parent: 4e92fd902583003f392cafdb56149ca2e193d6a6 (diff)
download: boca-ef742cb0a6f9cb92749337804900c8df304ba6a8.tar.gz
boca-ef742cb0a6f9cb92749337804900c8df304ba6a8.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/src/filedownload.php b/src/filedownload.php
index e1ef6b9..df45beb 100644
--- a/src/filedownload.php
+++ b/src/filedownload.php
@@ -34,12 +34,12 @@ if(!isset($_GET["oid"]) || !is_numeric($_GET["oid"]) || !isset($_GET["filename"]
 }
 
 $cf = globalconf();
-$fname = decryptData(myrawurldecode($_GET["filename"]), session_id() . $cf["key"]);
+$fname = decryptData(myrawurldecode($_GET["filename"]), $uglysalt . $cf["key"]);
 
 if(isset($_GET["msg"]))
-	$p = myhash($_GET["oid"] . $fname . myrawurldecode($_GET["msg"]) . session_id() . $cf["key"]);
+	$p = myhash($_GET["oid"] . $fname . myrawurldecode($_GET["msg"]) . $uglysalt . $cf["key"]);
 else
-	$p = myhash($_GET["oid"] . $fname . session_id() . $cf["key"]);
+	$p = myhash($_GET["oid"] . $fname . $uglysalt . $cf["key"]);
 
 if($p != $_GET["check"]) {
         echo "<html><head><title>View Page</title>";
author	Bruno Ribas <brunoribas@gmail.com>	2020-11-16 18:25:04 +0000
committer	Bruno Ribas <brunoribas@gmail.com>	2020-11-16 18:25:04 +0000
commit	ef742cb0a6f9cb92749337804900c8df304ba6a8 (patch)
tree	86afde1c341f1f8c66f3cbbd3011b52ef715e96a /src/filedownload.php
parent	4e92fd902583003f392cafdb56149ca2e193d6a6 (diff)
download	boca-ef742cb0a6f9cb92749337804900c8df304ba6a8.tar.gz boca-ef742cb0a6f9cb92749337804900c8df304ba6a8.zip