From ab4979666113bac7b795b486a0aef43030bba86e Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Thu, 11 Mar 2021 18:48:43 +0800
Subject: [PATCH] Show error in login
---
common.php | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/common.php b/common.php
index 81bef93..5261b6f 100644
--- a/common.php
+++ b/common.php
@@ -166,8 +166,11 @@ function main($path)
} else {
$url = path_format($_SERVER['PHP_SELF'] . '/');
}
- if (compareadminsha1($_POST['password1'], $_POST['timestamp'], getConfig('admin'))) {
- return adminform('admin', adminpass2cookie('admin', getConfig('admin')), $url);
+ if (isset($_POST['password1'])) {
+ $compareresult = compareadminsha1($_POST['password1'], $_POST['timestamp'], getConfig('admin'));
+ if ($compareresult=='') {
+ return adminform('admin', adminpass2cookie('admin', getConfig('admin')), $url);
+ } else return adminform($compareresult);
} else return adminform();
}
if ( isset($_COOKIE['admin'])&&compareadminmd5($_COOKIE['admin'], 'admin', getConfig('admin')) ) {
@@ -453,10 +456,10 @@ function compareadminmd5($admincookie, $name, $pass)
}
function compareadminsha1($adminsha1, $timestamp, $pass)
{
- if (!is_numeric($timestamp)) return false;
- if (abs(time()-$timestamp) > 5*60) return false;
- if ($adminsha1 == sha1($timestamp . $pass)) return true;
- else return false;
+ if (!is_numeric($timestamp)) return 'Timestamp not Number';
+ if (abs(time()-$timestamp) > 5*60) return 'The timestamp in server is ' . time() . ' (' . date("Y-m-d\TH:i:s\Z") . '),
and your posted timestamp is ' . $timestamp . ' (' . date("Y-m-d\TH:i:s\Z", $timestamp) . ')';
+ if ($adminsha1 == sha1($timestamp . $pass)) return '';
+ else return 'Error password';
}
function proxy_replace_domain($url, $domainforproxy)
@@ -870,10 +873,9 @@ function time_format($ISO)
function adminform($name = '', $pass = '', $path = '')
{
- $html = '