mirror of https://github.com/helloxz/onenav.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
85 lines
2.2 KiB
85 lines
2.2 KiB
<?php |
|
/** |
|
* 登录入口 |
|
*/ |
|
$username = $site_setting['user']; |
|
$password = $site_setting['password']; |
|
$ip = getIP(); |
|
//如果认证通过,直接跳转到后台管理 |
|
$key = md5($username.$password.$ip.'onenav'); |
|
//获取cookie |
|
$cookie = $_COOKIE['key']; |
|
|
|
//如果已经登录,直接跳转 |
|
if( $cookie == $key ){ |
|
$phpSelf = dirname($_SERVER['PHP_SELF']); |
|
$phpSelf = ($phpSelf == "/" || $phpSelf == "\\") ? "" : $phpSelf; |
|
header('location:'.$phpSelf.'/index.php?c=admin'); |
|
exit; |
|
} |
|
|
|
//登录检查 |
|
if( $_GET['check'] == 'login' ) { |
|
$user = $_POST['user']; |
|
$pass = $_POST['password']; |
|
header('Content-Type:application/json; charset=utf-8'); |
|
if( ($user == $username) && ($pass == $password) ) { |
|
$key = md5($username.$password.$ip.'onenav'); |
|
setcookie("key", $key, time()+7 * 24 * 60 * 60,"/"); |
|
$data = [ |
|
'code' => 0, |
|
'msg' => 'successful' |
|
]; |
|
} |
|
else{ |
|
$data = [ |
|
'code' => -1012, |
|
'err_msg' => '用户名或密码错误!' |
|
]; |
|
|
|
|
|
} |
|
exit(json_encode($data)); |
|
} |
|
//如果cookie的值和计算的key不一致,则没有权限 |
|
|
|
|
|
// if ( ($_SERVER['PHP_AUTH_PW'] !== $password) || ($_SERVER['PHP_AUTH_USER'] !== $username) ){ |
|
// header('WWW-Authenticate: Basic realm="Please verify."'); |
|
// header('HTTP/1.0 401 Unauthorized'); |
|
// exit("<h2>认证失败!</h2>"); |
|
// } |
|
// else{ |
|
|
|
// $key = md5($username.$password.$ip.'onenav'); |
|
// //设置cookie |
|
// setcookie("key", $key, time()+7 * 24 * 60 * 60,"/"); |
|
// header('location:index.php?c=admin'); |
|
// } |
|
|
|
//获取访客IP |
|
function getIP() { |
|
if (getenv('HTTP_CLIENT_IP')) { |
|
$ip = getenv('HTTP_CLIENT_IP'); |
|
} |
|
elseif (getenv('HTTP_X_FORWARDED_FOR')) { |
|
$ip = getenv('HTTP_X_FORWARDED_FOR'); |
|
} |
|
elseif (getenv('HTTP_X_FORWARDED')) { |
|
$ip = getenv('HTTP_X_FORWARDED'); |
|
} |
|
elseif (getenv('HTTP_FORWARDED_FOR')) { |
|
$ip = getenv('HTTP_FORWARDED_FOR'); |
|
} |
|
elseif (getenv('HTTP_FORWARDED')) { |
|
$ip = getenv('HTTP_FORWARDED'); |
|
} |
|
else { |
|
$ip = $_SERVER['REMOTE_ADDR']; |
|
} |
|
return $ip; |
|
} |
|
|
|
|
|
// 载入后台登录模板 |
|
require('templates/admin/login.php'); |