firesunCN/BlueLotus_XSSReceiver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
59cf793f51e5cbeed73c2be7ceb04378e3a2d5e9
BlueLotus_XSSReceiver/auth.php
firesun 795980ca02 Version 2.2 
增加登录界面与登录校验
2015-10-29 00:59:57 +08:00

24 lines
960 B
PHP
Raw Blame History

<?php
if(!defined('IN_XSS_PLATFORM')) {
exit('Access Denied');
}
ini_set("session.cookie_httponly", 1);
session_start();
if(!(isset($_SESSION['isLogin']) && $_SESSION['isLogin']===true && isset($_SESSION['user_IP']) &&$_SESSION['user_IP']!="" &&$_SESSION['user_IP']=== $_SERVER['REMOTE_ADDR'] &&isset($_SESSION['user_agent']) &&$_SESSION['user_agent']!="" &&$_SESSION['user_agent']=== $_SERVER['HTTP_USER_AGENT'] ))
{
$_SESSION['isLogin']=false;
$_SESSION['user_IP']="";
$_SESSION['user_agent']="";
session_unset();
session_destroy();
header("Location: login.php");
exit();
}
header("Content-Security-Policy: default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; frame-src 'none'");
header("X-Content-Security-Policy: default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; frame-src 'none'");
header("X-WebKit-CSP: default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; frame-src 'none'");
?>
Reference in New Issue View Git Blame Copy Permalink