change admin md5 cookie

2020-08-21 16:44:55 +08:00 · 2020-08-21 16:44:55 +08:00 · 3571c47671
parent 1bee94cf43
commit 3571c47671
1 changed files with 12 additions and 3 deletions
--- a/common.php
+++ b/common.php
@ -229,14 +229,14 @@ function main($path)
        }
        if (getConfig('admin')!='') {
            if ($_POST['password1']==getConfig('admin')) {
-                return adminform('admin',md5($_POST['password1']),$url);
+                return adminform('admin', pass2cookie('admin', $_POST['password1']), $url);
            } else return adminform();
        } else {
            return output('', 302, [ 'Location' => $url ]);
        }
    }
    if (getConfig('admin')!='')
-        if ( isset($_COOKIE['admin'])&&$_COOKIE['admin']==md5(getConfig('admin')) ) {
+        if ( isset($_COOKIE['admin'])&&$_COOKIE['admin']==pass2cookie('admin', getConfig('admin')) ) {
            $_SERVER['admin']=1;
            $_SERVER['needUpdate'] = needUpdate();
        } else {
@ -396,7 +396,11 @@ function main($path)
                    $url = proxy_replace_domain($url, $domainforproxy);
                }
                if ( strtolower(splitlast($files['name'],'.')[1])=='html' ) return output($files['content']['body'], $files['content']['stat']);
-                else return output('', 302, [ 'Location' => $url ]);
+                else {
+                    if ($_SERVER['HTTP_RANGE']!='') $header['Range'] = $_SERVER['HTTP_RANGE'];
+                    $header['Location'] = $url;
+                    return output('', 302, $header);
+                }
            }
        }
        if ( isset($files['folder']) || isset($files['file']) ) {
@ -412,6 +416,11 @@ function main($path)
    }
 }

+function pass2cookie($name, $pass)
+{
+    return md5($name . ':' . md5($pass));
+}
+
 function proxy_replace_domain($url, $domainforproxy)
 {
    $tmp = splitfirst($url, '//');