File manager - Edit - /home/webtrixia/.trash/licenses.1/admin/auth.php
Back
<?php /** * Админ вход — сесия през Hub администратор или паролата от инсталацията. */ require_once dirname(__DIR__) . '/lib/db.php'; if (session_status() === PHP_SESSION_NONE) { session_start(); } function wt_admin_hash(): ?string { try { $s = wt_db()->query("SELECT admin_pass_hash FROM settings WHERE id=1")->fetch(); return $s['admin_pass_hash'] ?? null; } catch (Throwable $e) { return null; } } function wt_is_admin(): bool { return !empty($_SESSION['wt_admin']) || !empty($_SESSION['hub_is_admin']); } function wt_require_admin(): void { if (!wt_is_admin()) { wt_json(['ok' => false, 'error' => 'auth', 'message' => 'Не сте влезли.'], 401); } } /** Обработва вход/изход, когато файлът се извика директно. */ if (basename($_SERVER['SCRIPT_NAME'] ?? '') === 'auth.php') { header('Content-Type: application/json; charset=utf-8'); $act = $_GET['do'] ?? ''; if ($act === 'login') { $b = wt_body(); $username = trim((string)($b['username'] ?? '')); if ($username !== '') { try { $st = wt_db()->prepare("SELECT id,password,is_admin FROM users WHERE username=? LIMIT 1"); $st->execute([$username]); $u = $st->fetch(); if ($u && (int)($u['is_admin'] ?? 0) === 1 && password_verify($b['password'] ?? '', $u['password'])) { $_SESSION['wt_admin'] = true; $_SESSION['hub_user_id'] = (int)$u['id']; $_SESSION['hub_is_admin'] = true; wt_ok(true); } } catch (Throwable $e) {} } $hash = wt_admin_hash(); if ($hash && password_verify($b['password'] ?? '', $hash)) { $_SESSION['wt_admin'] = true; wt_ok(true); } wt_json(['ok' => false, 'error' => 'Грешна парола.'], 401); } if ($act === 'logout') { $_SESSION = []; session_destroy(); wt_ok(true); } if ($act === 'check') { wt_ok(['authed' => wt_is_admin()]); } wt_err('unknown', 404); }
| ver. 1.4 |
Github
|
.
| PHP 8.2.31 | Generation time: 0.01 |
proxy
|
phpinfo
|
Settings