diff options
Diffstat (limited to 'Neutron-trunk/cms-special/admin-v2/login-old')
| -rw-r--r--[-rwxr-xr-x] | Neutron-trunk/cms-special/admin-v2/login-old/index.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/Neutron-trunk/cms-special/admin-v2/login-old/index.php b/Neutron-trunk/cms-special/admin-v2/login-old/index.php index d4428d7..a2f09ba 100755..100644 --- a/Neutron-trunk/cms-special/admin-v2/login-old/index.php +++ b/Neutron-trunk/cms-special/admin-v2/login-old/index.php @@ -14,7 +14,7 @@ if (isset($_POST['authkey'])) { $callback = $_GET['pr']; } } else { - $callback = "{$GLOBALS["SYSTEM_ROOT"]}/cms-special/admin/home"; + $callback = "{$GLOBALS["SYSTEM_ROOT"]}/cms-special/admin-v2"; } if (password_verify($_POST['password'], file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/password"))) { $token = str_ireplace("/", "-", password_hash(password_hash(rand(0, 999999) + rand(0, 999999) + rand(0, 999999) + rand(0, 999999) + rand(0, 999999), PASSWORD_BCRYPT, ['cost' => 12,]), PASSWORD_BCRYPT, ['cost' => 12,])); @@ -37,7 +37,7 @@ if (isset($_POST['authkey'])) { } } -if (isset($_COOKIE['_NEUTRON_ADMIN_TOKEN']) && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != "." && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != ".." && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != "/") { +if (isset($_COOKIE['_NEUTRON_ADMIN_TOKEN']) && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != "." && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != ".." && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != "/" && strpos($_COOKIE['_NEUTRON_ADMIN_TOKEN'], "/") === false) { if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/tokens/" . $_COOKIE['_NEUTRON_ADMIN_TOKEN'])) { if (isset($_GET['pr'])) { if (isset($_GET['pa'])) { @@ -46,7 +46,7 @@ if (isset($_COOKIE['_NEUTRON_ADMIN_TOKEN']) && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] $callback = $_GET['pr']; } } else { - $callback = "{$GLOBALS["SYSTEM_ROOT"]}/cms-special/admin/home"; + $callback = "{$GLOBALS["SYSTEM_ROOT"]}/cms-special/admin-v2"; } header("Location: " . $callback); } @@ -94,7 +94,7 @@ if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent")) { <div class="centered"> <img src="<?= $GLOBALS["SYSTEM_ROOT"] ?>/resources/upload/siteicon.png" style="border-radius:100%;" class="intro-element"> <h2 style="margin-bottom:0;"><?= $lang["login"]["title"] ?></h2> - <p><small><?= str_replace("}", "</a>", str_replace("{", "<a class=\"clink\" href=\"{$GLOBALS["SYSTEM_ROOT"]}/cms-special/admin/login\">", $lang["login"]["redirect"])); ?></small></p> + <p><small><?= str_replace("}", "</a>", str_replace("{", "<a class=\"clink\" href=\"{$GLOBALS["SYSTEM_ROOT"]}/cms-special/admin-v2/login\">", $lang["login"]["redirect"])); ?></small></p> <p><?php if (isset($_GET['authkey'])) { @@ -114,7 +114,7 @@ if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent")) { <?php else: ?> <form action="#" method="post"> <input name="authkey" type="password" placeholder="<?= isset($_GET['authkey']) ? $lang["login"]["authph"] : $lang["login"]["password"] ?>" disabled><br><br> - <small><?= $lang["login"]["nokey"][0] . " <a class=\"clink\" href=\"{$GLOBALS["SYSTEM_ROOT"]}/cms-special/admin/login\">" . $lang["login"]["nokey"][1] . "</a> " . $lang["login"]["nokey"][2] ?></small> + <small><?= $lang["login"]["nokey"][0] . " <a class=\"clink\" href=\"{$GLOBALS["SYSTEM_ROOT"]}/cms-special/admin-v2/login\">" . $lang["login"]["nokey"][1] . "</a> " . $lang["login"]["nokey"][2] ?></small> </form><br> <?php endif ?> </div> |