网上找了一个网站的源码,建好以后首页没问题就是后台进不去,输入账号密码后提示登录成功,但是点击确定后又回到了登录界面,有人说是 PHP 版本的问题,它支持 5.2-5.5,我都挨个试过了,还是不行。是 login.php 的问题吗?代码我也贴上来,大佬给看看。我看到里面有验证码的代码,我在登录的时候没有看到验证码。
============================================
<?php
/**
* 登录
**/
$verifycode = 0;//验证码开关
if(!function_exists("imagecreate") || !file_exists('code.php'))$verifycode=0;
include '../ayangw/common.php';
if(isset($_POST['user']) && isset($_POST['pass'])){
$user=daddslashes($_POST['user']);
$pass=daddslashes($_POST['pass']);
$code=daddslashes($_POST['code']);
$pass = md5($pass.$password_hash);
if ($verifycode==1 && (!$code || strtolower($code) != $_SESSION['vc_code'])) {
unset($_SESSION['vc_code']);
@
header('Content-Type: text/html; charset=UTF-8');
exit("<script language='javascript'>alert('验证码错误!');history.go(-1);</script>");
}elseif($user == $conf['admin'] && $pass== $conf['pwd']) {
unset($_SESSION['vc_code']);
$session=md5($user.$pass.$password_hash);
$token=authcode("{$user}\t{$session}", 'ENCODE', SYS_KEY);
setcookie("admin_token", $token, time() + 604800);
wsyslog("登陆后台成功!","登陆 IP:".real_ip().",城市:".get_ip_city(real_ip()));
@
header('Content-Type: text/html; charset=UTF-8');
exit("<script language='javascript'>alert('登陆管理中心成功!');window.location.href='./';</script>");
}else {
unset($_SESSION['vc_code']);
@
header('Content-Type: text/html; charset=UTF-8');
exit("<script language='javascript'>alert('用户名或密码不正确!');history.go(-1);</script>");
}
}elseif(isset($_GET['logout'])){
setcookie("admin_token", "", time() - 604800);
@
header('Content-Type: text/html; charset=UTF-8');
exit("<script language='javascript'>alert('您已成功注销本次登陆!');window.location.href='./login.php';</script>");
}elseif($islogin==5){
@
header('Content-Type: text/html; charset=UTF-8');
exit("<script language='javascript'>alert('您已登陆!');window.location.href='./';</script>");
}
$title='用户登录';
?>
<?php
@
header('Content-Type: text/html; charset=UTF-8');
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<title><?php echo $title ?></title>
<link href="//
lib.baomitu.com/twitter-bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet"/>
<link href="//
lib.ayangw.com/nifty/nifty.min.css" rel="stylesheet">
<script src="//
lib.baomitu.com/jquery/1.12.4/jquery.min.js"></script>
<script src="//
lib.baomitu.com/twitter-bootstrap/3.3.7/js/bootstrap.min.js"></script>
<!--[if lt IE 9]>
<script src="//
lib.baomitu.com/html5shiv/3.7.3/html5shiv.min.js"></script>
<script src="//
lib.baomitu.com/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<div style="padding-top:70px;">
<div class="col-xs-12 col-sm-10 col-md-8 col-lg-6 center-block" style="float: none;">
<div class="panel panel-primary">
<div><h3>管理员登陆</h3></div>
<div>
<form action="./login.php" method="post" role="form">
<div>
<span><span class="glyphicon glyphicon-user"></span></span>
<input type="text" name="user" value="<?php echo @$_POST['user'];?>" placeholder="用户名" required="required"/>
</div><br/>
<div>
<span><span class="glyphicon glyphicon-lock"></span></span>
<input type="password" name="pass" placeholder="密码" required="required"/>
</div><br/>
<?php if($verifycode==1){?>
<div>
<span><span class="glyphicon glyphicon-adjust"></span></span>
<input type="text" class="form-control input-lg" name="code" placeholder="输入验证码" autocomplete="off" required>
<span style="padding: 0">
<img src="./code.php?r=<?php echo time();?>"height="35"onclick="this.src='./code.php?r='+Math.random();" title="点击更换验证码">
</span>
</div><br/>
<?php }?>
<div>
<div><input type="submit" value="登陆" class="btn btn-primary form-control"/></div>
</div>
</form>
</div>
</div>
</div>
</div>
V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。
V2EX is a community of developers, designers and creative people.