⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.124
Server IP:
50.28.103.30
Server:
Linux host.jcukjv-lwsites.com 4.18.0-553.22.1.el8_10.x86_64 #1 SMP Tue Sep 24 05:16:59 EDT 2024 x86_64
Server Software:
nginx/1.28.0
PHP Version:
8.3.12
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
www
/
wwwroot
/
china-democracyparty.com
/
5
/
View File Name :
admin.php
<?php // ======= 1. 开启 Session,做简单密码验证 ======= session_start(); // 自定义后台密码(自己改) const ADMIN_PASSWORD = 'yanglan999'; // 如果还没通过验证 if (empty($_SESSION['admin_logged'])) { $error = ''; // 提交了密码表单 if ($_SERVER['REQUEST_METHOD'] === 'POST') { $pwd = $_POST['password'] ?? ''; if ($pwd === ADMIN_PASSWORD) { // 记录登录状态 $_SESSION['admin_logged'] = true; // 防止重复提交,跳回本页 header('Location: ' . $_SERVER['PHP_SELF']); exit; } else { $error = '密码错误,请重试。'; } } // 显示简单的登录页,然后退出,不继续往下执行 ?> <!DOCTYPE html> <html lang="zh-CN"> <head> <meta charset="utf-8"> <title>后台登录</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <link href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.1/css/bootstrap.min.css" rel="stylesheet"> </head> <body class="bg-light"> <div class="container d-flex justify-content-center align-items-center" style="min-height: 100vh;"> <div class="card shadow-sm" style="max-width: 360px; width: 100%;"> <div class="card-body"> <h4 class="card-title mb-3 text-center">后台管理登录</h4> <?php if ($error): ?> <div class="alert alert-danger py-2"><?= htmlspecialchars($error) ?></div> <?php endif; ?> <form method="post"> <div class="mb-3"> <label for="password" class="form-label">请输入密码</label> <input type="password" name="password" id="password" class="form-control" required autofocus> </div> <button type="submit" class="btn btn-primary w-100">进入后台</button> </form> </div> </div> </div> </body> </html> <?php exit; // 非常重要:不再往下执行真正的后台页面 } // ======= 2. 通过验证后才加载数据库和后台内容 ======= require_once __DIR__ . '/sql.php'; $sql = "SELECT * FROM blogs ORDER BY id DESC"; $result = $conn->query($sql); ?> <?php if (!empty($_GET['msg']) && $_GET['msg'] == 'deleted'): ?> <div class="alert alert-danger">删除成功!</div> <?php endif; ?> <!DOCTYPE html> <html> <head> <title>后台管理</title> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.1/css/bootstrap.min.css" rel="stylesheet"> <script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.1/js/bootstrap.bundle.min.js"></script> <style> .bd-placeholder-img{font-size:1.125rem;text-anchor:middle;-webkit-user-select:none;-moz-user-select:none;user-select:none} @media (min-width:768px){.bd-placeholder-img-lg{font-size:3.5rem}} .b-example-divider{height:3rem;background-color:rgba(0,0,0,.1);border:solid rgba(0,0,0,.15);border-width:1px 0;box-shadow:inset 0 .5em 1.5em rgba(0,0,0,.1),inset 0 .125em .5em rgba(0,0,0,.15)} .form-control-dark{color:#fff;background-color:var(--bs-dark);border-color:var(--bs-gray)} .form-control-dark:focus{color:#fff;background-color:var(--bs-dark);border-color:#fff;box-shadow:0 0 0 .25rem rgba(255,255,255,.25)} .bi{vertical-align:-.125em;fill:currentColor} .text-small{font-size:85%} .dropdown-toggle{outline:0} .time{font-size:0.9rem;color:#888;margin-left:8px;} </style> </head> <body> <!-- 下面开始就是你原来的 SVG 和页面结构,保持不变 --> <svg xmlns="https://www.w3.org/2000/svg" style="display: none;"> <!-- ... 保留你原来的 symbol 定义 ... --> </svg> <main> <div class="container"> <header class="d-flex flex-wrap align-items-center justify-content-center justify-content-md-between py-3 mb-4 border-bottom"> <a href="/" class="d-flex align-items-center col-md-3 mb-2 mb-md-0 text-dark text-decoration-none"> <svg class="bi me-2" width="40" height="32" role="img" aria-label="Bootstrap"><use xlink:href="#bootstrap"/></svg> </a> <ul class="nav col-12 col-md-auto mb-2 justify-content-center mb-md-0"> <li><a href="edithead.php" class="nav-link px-2 link-secondary">基本内容</a></li> <li><a href="#" class="nav-link px-2 link-dark">Features</a></li> <li><a href="#" class="nav-link px-2 link-dark">Pricing</a></li> <li><a href="#" class="nav-link px-2 link-dark">FAQs</a></li> <li><a href="#" class="nav-link px-2 link-dark">About</a></li> </ul> <div class="col-md-3 text-end"> <a href="addblog.php" class="btn btn-outline-primary me-2">Add blog</a> <a href="logout.php" class="btn btn-primary">log out</a> </div> </header> </div> <div class="container mt-3"> <h2>博客列表</h2> <?php while($row = $result->fetch_assoc()): ?> <div class="card mb-3"> <div class="card-body"> <h4 class="card-title"> <?= htmlspecialchars($row['title']) ?> <span class="time"><?= date("Y-m-d H:i", strtotime($row['created_at'])) ?></span> </h4> <p class="card-text"><?= nl2br(htmlspecialchars($row['description'])) ?></p> <a href="deleteblogs.php?id=<?= (int)$row['id'] ?>" class="card-link">删除</a> <a href="edit-blog.php?id=<?= (int)$row['id'] ?>" class="card-link">修改</a> </div> </div> <?php endwhile; ?> </div> </main> </body> </html>