#!/usr/bin/env php make('Illuminate\Contracts\Console\Kernel')->bootstrap(); if ($argc < 4) { echo "Usage: php test-session-manipulation.php [session_id] [profile_id] [profile_type]\n"; echo "\nExample:\n"; echo " php test-session-manipulation.php \"abc123\" 2 \"App\\\\Models\\\\User\"\n"; echo "\nTo get your session ID:\n"; echo " 1. Login to the app\n"; echo " 2. Open DevTools → Storage → Cookies\n"; echo " 3. Copy the value of 'laravel_session' cookie\n"; exit(1); } $sessionId = $argv[1]; $newProfileId = $argv[2]; $newProfileType = $argv[3]; // Decode the session ID (Laravel encrypts cookies) $encrypter = app('encrypter'); try { $decodedSessionId = $encrypter->decrypt($sessionId, false); } catch (\Exception $e) { echo "ERROR: Could not decrypt session ID. Make sure you copied the entire cookie value.\n"; echo "Error: " . $e->getMessage() . "\n"; exit(1); } // Get session store $session = app('session.store'); // Load the session $session->setId($decodedSessionId); $session->start(); echo "Current session data:\n"; echo " activeProfileId: " . ($session->get('activeProfileId') ?? 'NOT SET') . "\n"; echo " activeProfileType: " . ($session->get('activeProfileType') ?? 'NOT SET') . "\n"; echo "\n"; // Manipulate session $session->put('activeProfileId', $newProfileId); $session->put('activeProfileType', $newProfileType); $session->save(); echo "Session manipulated successfully!\n"; echo " NEW activeProfileId: $newProfileId\n"; echo " NEW activeProfileType: $newProfileType\n"; echo "\n"; echo "Now refresh your browser to see the changes.\n"; echo "WARNING: This is for security testing only!\n";