jiangsir/ceshi2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

更新 src/index.php

Browse Source
This commit is contained in:
jiangsir 2024-09-12 17:54:00 +08:00
parent 14ec7379f3
commit a3f65eb516
1 changed files with 32 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
src/index.php
View File

@ -4,9 +4,9 @@
<head> <head>
<meta charset="UTF-8"> <meta charset="UTF-8">
<title>登录</title> <title>??</title>
</head> </head>
<p>这里是管理员登录入口</p> <p>??????????</p>
<form method="POST" action=""> <form method="POST" action="">
Username: <input type="text" name="username"> <br> Username: <input type="text" name="username"> <br>
Password: <input type="password" name="password"> <br> Password: <input type="password" name="password"> <br>
@ -14,4 +14,33 @@
</form> </form>
<!-- /source.txt --> <!-- /source.txt -->
</body> </body>
</html <?php
$flag = "flag{G_du93ksy639_sjd}";
$secret = "sGucne9iD0"; // 10 characters long
setcookie("ahash", md5($secret . urldecode("admin" . "admin")), time() + (60 * 60 * 24 * 7)); setcookie("ahash", md5($secret . urldecode("admin" . "admin")), time() + (60 * 60 * 24 * 7));
if(!isset($_POST["username"]) || !isset($_POST["password"])){
exit();
}
$username = $_POST["username"];
$password = $_POST["password"];
if (!empty($_COOKIE["check"])) {
if (urldecode($username) === "admin" && urldecode($password) != "admin") {
if ($_COOKIE["check"] === md5($secret . urldecode($username . $password))) {
echo "Login successful.\n";
die ("The flag is ". $flag);
}
else {
die ("Wrong Cookies. Get out!");
}
}
else {
die ("Admins only");
}
}