e4fa310d38
1. 升级PHPMailer至5.2.22 2. 安装后删除无用文件 3. 开启X-Frame-Options,X-Content-Type-Options 4. 修复一系列bug Todo 修复jqxgrid的一些问题
35 lines
1020 B
PHP
35 lines
1020 B
PHP
<?php
|
||
if (!defined('IN_XSS_PLATFORM')) {
|
||
exit('Access Denied');
|
||
}
|
||
|
||
require_once("functions.php");
|
||
|
||
//设置httponly
|
||
ini_set("session.cookie_httponly", 1);
|
||
session_start();
|
||
|
||
//判断登陆情况,ip和useragent是否改变,改变则强制退出
|
||
if ( !(isset($_SESSION['isLogin']) && $_SESSION['isLogin'] === true && isset($_SESSION['user_agent']) && $_SESSION['user_agent'] != "" && $_SESSION['user_agent'] === $_SERVER['HTTP_USER_AGENT']) ) {
|
||
$_SESSION['isLogin'] = false;
|
||
$_SESSION['user_IP'] = "";
|
||
$_SESSION['user_agent'] = "";
|
||
session_unset();
|
||
session_destroy();
|
||
header("Location: login.php");
|
||
exit();
|
||
}
|
||
|
||
if ( ADMIN_IP_CHECK_ENABLE && !(isset($_SESSION['user_IP']) && $_SESSION['user_IP'] != "" && $_SESSION['user_IP'] === getRealIP()) ) {
|
||
$_SESSION['isLogin'] = false;
|
||
$_SESSION['user_IP'] = "";
|
||
$_SESSION['user_agent'] = "";
|
||
session_unset();
|
||
session_destroy();
|
||
header("Location: login.php");
|
||
exit();
|
||
}
|
||
|
||
//开启CSP
|
||
require_once("waf.php");
|