diff --git a/controller/admin.php b/controller/admin.php
index ed60299..b30ced8 100755
--- a/controller/admin.php
+++ b/controller/admin.php
@@ -139,7 +139,7 @@ function check_auth($user,$password){
//获取cookie
$cookie = $_COOKIE['key'];
//如果cookie的值和计算的key不一致,则没有权限
- if( $cookie != $key ){
+ if( $cookie !== $key ){
$msg = "
";
require('templates/admin/403.php');
exit;
diff --git a/controller/login.php b/controller/login.php
index 58a9caf..f7a7fde 100755
--- a/controller/login.php
+++ b/controller/login.php
@@ -11,7 +11,7 @@ $key = md5($username.$password.'onenav');
$cookie = $_COOKIE['key'];
//如果已经登录,直接跳转
-if( $cookie == $key ){
+if( $cookie === $key ){
header('location:index.php?c=admin');
exit;
}
@@ -21,7 +21,7 @@ if( $_GET['check'] == 'login' ) {
$user = $_POST['user'];
$pass = $_POST['password'];
header('Content-Type:application/json; charset=utf-8');
- if( ($user == $username) && ($pass == $password) ) {
+ if( ($user === $username) && ($pass === $password) ) {
$key = md5($username.$password.'onenav');
setcookie("key", $key, time()+30 * 24 * 60 * 60,"/");
$data = [