From 3571c47671ccf5e28ec2faecaab47bdc5049e8bc Mon Sep 17 00:00:00 2001 From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com> Date: Fri, 21 Aug 2020 16:44:55 +0800 Subject: [PATCH] change admin md5 cookie --- common.php | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/common.php b/common.php index 6f8f3ff..327c2cf 100644 --- a/common.php +++ b/common.php @@ -229,14 +229,14 @@ function main($path) } if (getConfig('admin')!='') { if ($_POST['password1']==getConfig('admin')) { - return adminform('admin',md5($_POST['password1']),$url); + return adminform('admin', pass2cookie('admin', $_POST['password1']), $url); } else return adminform(); } else { return output('', 302, [ 'Location' => $url ]); } } if (getConfig('admin')!='') - if ( isset($_COOKIE['admin'])&&$_COOKIE['admin']==md5(getConfig('admin')) ) { + if ( isset($_COOKIE['admin'])&&$_COOKIE['admin']==pass2cookie('admin', getConfig('admin')) ) { $_SERVER['admin']=1; $_SERVER['needUpdate'] = needUpdate(); } else { @@ -396,7 +396,11 @@ function main($path) $url = proxy_replace_domain($url, $domainforproxy); } if ( strtolower(splitlast($files['name'],'.')[1])=='html' ) return output($files['content']['body'], $files['content']['stat']); - else return output('', 302, [ 'Location' => $url ]); + else { + if ($_SERVER['HTTP_RANGE']!='') $header['Range'] = $_SERVER['HTTP_RANGE']; + $header['Location'] = $url; + return output('', 302, $header); + } } } if ( isset($files['folder']) || isset($files['file']) ) { @@ -412,6 +416,11 @@ function main($path) } } +function pass2cookie($name, $pass) +{ + return md5($name . ':' . md5($pass)); +} + function proxy_replace_domain($url, $domainforproxy) { $tmp = splitfirst($url, '//');