forked from Star-lion/WPPSniffStorage
-
Notifications
You must be signed in to change notification settings - Fork 7
/
login.php
42 lines (38 loc) · 1.17 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
<?php
require_once('includes/header.php');
if (!empty($_POST["user"]) && !empty($_POST["pass"])) {
$safeHash = strtolower($_POST['user']) . ":" . sha1(substr($config['unused'], 0, 5) . strtoupper($_POST["user"]) . ":" . strtoupper($_POST['pass']) . substr($config['unused'], 5));
// die($safeHash); // Uncomment to get a hash pair to store in pair.txt
$pairs = array_map("trim", explode(PHP_EOL, file_get_contents("./pair.txt")));
$valid = false;
foreach ($pairs as $pair) {
if (empty($pair))
continue;
if ($safeHash == $pair) {
$_SESSION['uid'] = $_POST['user'];
$valid = true;
break;
}
}
if (!$valid)
echo "Sorry, wrong credentials. Try <a href=\"./login.php\">again</a>.";
else
echo "Welcome, " . $_SESSION['uid'];
} else {
?>
<form method="post">
Username: <input type="text" name="user" /><br />
Password: <input type="password" name="pass" /><br />
<input type="submit" value="Kaboom!" />
</form>
<?php
}
?>
<script src="./includes/jquery.js"></script>
<script type="text/javascript">
$(function() {
});
</script>
<?php
require_once('includes/footer.php');
?>