lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-05 07:20:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

secure login use ip instead of REMOTE_ADDR

Browse Source
This commit is contained in:
xiaomlove
2022-08-25 22:38:06 +08:00
parent e34a11d70c
commit 414aaf9bf5
3 changed files with 10 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
include/functions.php
View File

@@ -1976,8 +1976,8 @@ function userlogin() {
if ($_COOKIE["c_secure_login"] == base64("yeah"))
{
$md5 = md5($row["passhash"].$_SERVER["REMOTE_ADDR"]);
$log .= ", secure login == yeah, passhash: {$row['passhash']}, remote_addr: {$_SERVER["REMOTE_ADDR"]}, md5: $md5";
$md5 = md5($row["passhash"].$ip);
$log .= ", secure login == yeah, passhash: {$row['passhash']}, ip: $ip, md5: $md5";
if ($_COOKIE["c_secure_pass"] != $md5) {
do_log("$log, c_secure_pass != md5");
return $loginResult = false;