Browse Source

修复登录漏洞

pull/43/head
xiaoz 3 years ago
parent
commit
cbd6aa0107
  1. 2
      controller/admin.php
  2. 4
      controller/login.php

2
controller/admin.php

@ -139,7 +139,7 @@ function check_auth($user,$password){ @@ -139,7 +139,7 @@ function check_auth($user,$password){
//获取cookie
$cookie = $_COOKIE['key'];
//如果cookie的值和计算的key不一致,则没有权限
if( $cookie != $key ){
if( $cookie !== $key ){
$msg = "<h3>认证失败,请<a href = 'index.php?c=login'>重新登录</a></h3>";
require('templates/admin/403.php');
exit;

4
controller/login.php

@ -11,7 +11,7 @@ $key = md5($username.$password.'onenav'); @@ -11,7 +11,7 @@ $key = md5($username.$password.'onenav');
$cookie = $_COOKIE['key'];
//如果已经登录,直接跳转
if( $cookie == $key ){
if( $cookie === $key ){
header('location:index.php?c=admin');
exit;
}
@ -21,7 +21,7 @@ if( $_GET['check'] == 'login' ) { @@ -21,7 +21,7 @@ if( $_GET['check'] == 'login' ) {
$user = $_POST['user'];
$pass = $_POST['password'];
header('Content-Type:application/json; charset=utf-8');
if( ($user == $username) && ($pass == $password) ) {
if( ($user === $username) && ($pass === $password) ) {
$key = md5($username.$password.'onenav');
setcookie("key", $key, time()+30 * 24 * 60 * 60,"/");
$data = [

Loading…
Cancel
Save