change admin md5 cookie

3571c476 · qkqpttgf · GitHub · 1bee94cf · 3571c476
隐藏空白更改
内联并排

Showing with 12 addition and 3 deletion

common.php common.php +12 -3

未找到文件。
--- a/common.php
+++ b/common.php
@@ -229,14 +229,14 @@ function main($path)
        }
        if (getConfig('admin')!='') {
            if ($_POST['password1']==getConfig('admin')) {
-                return adminform('admin',md5($_POST['password1']),$url);
+                return adminform('admin', pass2cookie('admin', $_POST['password1']), $url);
            } else return adminform();
        } else {
            return output('', 302, [ 'Location' => $url ]);
        }
    }
    if (getConfig('admin')!='')
-        if ( isset($_COOKIE['admin'])&&$_COOKIE['admin']==md5(getConfig('admin')) ) {
+        if ( isset($_COOKIE['admin'])&&$_COOKIE['admin']==pass2cookie('admin', getConfig('admin')) ) {
            $_SERVER['admin']=1;
            $_SERVER['needUpdate'] = needUpdate();
        } else {
@@ -396,7 +396,11 @@ function main($path)
                    $url = proxy_replace_domain($url, $domainforproxy);
                }
                if ( strtolower(splitlast($files['name'],'.')[1])=='html' ) return output($files['content']['body'], $files['content']['stat']);
-                else return output('', 302, [ 'Location' => $url ]);
+                else {
+                    if ($_SERVER['HTTP_RANGE']!='') $header['Range'] = $_SERVER['HTTP_RANGE'];
+                    $header['Location'] = $url;
+                    return output('', 302, $header);
+                }
            }
        }
        if ( isset($files['folder']) || isset($files['file']) ) {
@@ -412,6 +416,11 @@ function main($path)
    }
 }

+function pass2cookie($name, $pass)
+{
+    return md5($name . ':' . md5($pass));
+}
+
 function proxy_replace_domain($url, $domainforproxy)
 {
    $tmp = splitfirst($url, '//');