From 6949fae7eb92b164c33b139cccf7918230928b57 Mon Sep 17 00:00:00 2001 From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com> Date: Tue, 9 Mar 2021 16:04:19 +0800 Subject: [PATCH] sha1 admin pass in submit --- common.php | 60 +++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 44 insertions(+), 16 deletions(-) diff --git a/common.php b/common.php index 361cea4..3f0d5e6 100644 --- a/common.php +++ b/common.php @@ -166,11 +166,11 @@ function main($path) } else { $url = path_format($_SERVER['PHP_SELF'] . '/'); } - if ($_POST['password1']==getConfig('admin')) { - return adminform('admin', pass2cookie('admin', $_POST['password1']), $url); + if (compareadminsha1($_POST['password1'], $_POST['timestamp'], getConfig('admin'))) { + return adminform('admin', adminpass2cookie('admin', getConfig('admin')), $url); } else return adminform(); } - if ( isset($_COOKIE['admin'])&&$_COOKIE['admin']==pass2cookie('admin', getConfig('admin')) ) { + if ( isset($_COOKIE['admin'])&&compareadminmd5($_COOKIE['admin'], 'admin', getConfig('admin')) ) { $_SERVER['admin']=1; $_SERVER['needUpdate'] = needUpdate(); } else { @@ -436,9 +436,27 @@ function isreferhost() { return false; } -function pass2cookie($name, $pass) +function adminpass2cookie($name, $pass) { - return md5($name . ':' . md5($pass)); + $timestamp = time()+7*24*60*60; + return md5($name . ':' . md5($pass) . '@' . $timestamp) . "(" . $timestamp . ")"; +} +function compareadminmd5($admincookie, $name, $pass) +{ + $c = splitfirst($admincookie, '('); + $c_md5 = $c[0]; + $c_time = substr($c[1], 0, -1); + if (!is_numeric($c_time)) return false; + if (time() > $c_time) return false; + if (md5($name . ':' . md5($pass) . '@' . $c_time) == $c_md5) return true; + else return false; +} +function compareadminsha1($adminsha1, $timestamp, $pass) +{ + if (!is_numeric($timestamp)) return false; + if (abs(time()-$timestamp) > 5*60) return false; + if ($adminsha1 == sha1($timestamp . $pass)) return true; + else return false; } function proxy_replace_domain($url, $domainforproxy) @@ -868,9 +886,9 @@ function adminform($name = '', $pass = '', $path = '')