修复登录漏洞

2 years ago · cbd6aa0107
2 changed files with 3 additions and 3 deletions
--- a/controller/admin.php
+++ b/controller/admin.php
@ -139,7 +139,7 @@ function check_auth($user,$password){
				@@ -139,7 +139,7 @@ function check_auth($user,$password){
    //获取cookie
    $cookie = $_COOKIE['key'];
    //如果cookie的值和计算的key不一致，则没有权限
-    if( $cookie != $key ){
+    if( $cookie !== $key ){
        $msg = "<h3>认证失败，请<a href = 'index.php?c=login'>重新登录</a>！</h3>";
        require('templates/admin/403.php');
        exit;
--- a/controller/login.php
+++ b/controller/login.php
@ -11,7 +11,7 @@ $key = md5($username.$password.'onenav');
				@@ -11,7 +11,7 @@ $key = md5($username.$password.'onenav');
 $cookie = $_COOKIE['key'];

 //如果已经登录，直接跳转
-if( $cookie == $key ){
+if( $cookie === $key ){
    header('location:index.php?c=admin');
    exit;
 }
@ -21,7 +21,7 @@ if( $_GET['check'] == 'login' ) {
				@@ -21,7 +21,7 @@ if( $_GET['check'] == 'login' ) {
    $user = $_POST['user'];
    $pass = $_POST['password'];
    header('Content-Type:application/json; charset=utf-8');
-    if( ($user == $username) && ($pass == $password) ) {
+    if( ($user === $username) && ($pass === $password) ) {
        $key = md5($username.$password.'onenav');
        setcookie("key", $key, time()+30 * 24 * 60 * 60,"/");
        $data = [