优化加密

2022-05-23 13:04:15 +08:00 · 2022-05-23 13:04:15 +08:00 · 79a83f768a
parent 610ed8c386
commit 79a83f768a
2 changed files with 9 additions and 7 deletions
--- a/include/go.php
+++ b/include/go.php
@ -10,10 +10,11 @@ if($_POST['exit']=='exit'){
 }
 if($_SESSION['pass'] != 1){
    //未登录
-    if(!empty($_POST['pass'])){
+	$pass = daddslashes($_POST['pass']);
+    if(!empty()){
        //用户提交登录
        $show = array();
-        $pwds = $DB->query("SELECT `pwd_id`, `pwd_key` FROM `lylme_pwd` WHERE `pwd_key` LIKE '".$_POST['pass']."';"); 
+        $pwds = $DB->query("SELECT `pwd_id`, `pwd_key` FROM `lylme_pwd` WHERE `pwd_key` LIKE '".$pass."';"); 
    	while ($pwd = $DB->fetch($pwds)) {
    	    array_push($show,$pwd[pwd_id]);
    	}
@ -30,9 +31,9 @@ if($_SESSION['pass'] != 1){
 }
 else {
    //已登录
-    if(!empty($_POST['pass'])){
+    if(!empty($pass)){
        $show = array();
-        $pwds = $DB->query("SELECT `pwd_id`, `pwd_key` FROM `lylme_pwd` WHERE `pwd_key` LIKE '".$_POST['pass']."';"); 
+        $pwds = $DB->query("SELECT `pwd_id`, `pwd_key` FROM `lylme_pwd` WHERE `pwd_key` LIKE '".$pass."';"); 
    	while ($pwd = $DB->fetch($pwds)) {
    	    array_push($show,$pwd['pwd_id']);
    	}
--- a/index.php
+++ b/index.php
@ -1,8 +1,9 @@
 <?php
@header('Content-Type: text/html; charset=UTF-8');
 if (!file_exists('install/install.lock'))
-exit('<title>六零导航页 - 安装程序</title>您还未安装，点击<a href="install"><font color="blue">这里</font></a>开始安装！');
+exit('<title>安装程序</title>您还未安装，点击<a href="install"><font color="blue">这里</font></a>开始安装！');
 include "./include/common.php";
-session_start();
+session_start(); //设置session
+$_SESSION['list'] = isset($_SESSION['list'])?$_SESSION['list']:array();
 include $template;
-?>
+?>