查看源代码
<?php
error_reporting
(0);
header("Content-Type: text/html; charset=utf-8");
define("METHOD""aes-256-cbc");
session_start();

function 
get_random($length){
    
$rnd='';
    for(
$i=0;$i<$length;$i++){
        
$rnd.=chr(rand(1,255));
    }
    return 
$rnd;
}

if (!isset(
$_SESSION['DHZAMEUF_secret_key']))
    
$_SESSION['DHZAMEUF_secret_key'] = get_random(16);
$SECRET_KEY $_SESSION['DHZAMEUF_secret_key'];

function 
login($info){
    
$iv get_random(32);
    
$plain serialize($info);
    
$cipher openssl_encrypt($plainMETHOD$SECRET_KEYOPENSSL_RAW_DATA$iv);
    
$_SESSION['DHZAMEUF_username'] = $info['username'];
    
setcookie("DHZAMEUF_iv"base64_encode($iv));
    
setcookie("DHZAMEUF_cipher"base64_encode($cipher));
}

function 
show_homepage(){
    
header('Location: panel.php');
    die(
'登录成功!');
}

function 
check_login(){
    if(isset(
$_COOKIE['DHZAMEUF_cipher']) && isset($_COOKIE['DHZAMEUF_iv'])){
        
$cipher base64_decode($_COOKIE['DHZAMEUF_cipher']);
        
$iv base64_decode($_COOKIE["DHZAMEUF_iv"]);
        if(
$plain openssl_decrypt($cipherMETHOD$SECRET_KEYOPENSSL_RAW_DATA$iv)){
            
$info unserialize($plain) or die("base64_decode('".base64_encode($plain)."') can't unserialize");
            
$_SESSION['DHZAMEUF_username'] = $info['username'];
        }else{
            die(
"ERROR DECRYPTION!");
        }
    }
}

if (isset(
$_POST['username'])&&isset($_POST['password'])) {
    
$username = (string) $_POST['username'];
    
$password = (string) $_POST['password'];
    if(
$username === 'admin'){
        die(
'You are not real admin!');
    }else{
        
$info = array('token'=>base64_encode(get_random(8)),'username'=>$username,'password'=>$password);
        
login($info);
        
show_homepage();
    }
}else{
    if(isset(
$_SESSION["DHZAMEUF_username"])){
        
check_login();
        
show_homepage();
    }
}
?>