内容:
<?php
session_name( "Autoit" )//自己修改Autoit,对应administrator/index.php
session_start()
$_SESSION['admin_user'] = "Y"//自己修改admin_user,对应administrator/index.php
session_write_close()
?>
<meta http-equiv="refresh" content="0url=(原来的后台地址)">
2.修改administrator/index.php
define('_JEXEC', 1) //原文件Line 9
define('DS', DIRECTORY_SEPARATOR)
//对比上面加入下面内容
// Add by Autoit!
session_name( "Autoit" )//自己修改Autoit,对应myadmin.php
session_start()
$ok_to_browse = ( $_SESSION['admin_user'] == "Y" )//自己修改admin_user,对应myadmin.php
if (! $ok_to_browse ) {
header('Location:(你的404页面地址或其他地址)')
exit(0)
}else{
$_SESSION['admin_user'] = "Y"
session_write_close()
}
// Add by Autoit!
//原理:只有经过我们自己定义的myadmin.php文件才会注册到session,否则后台链接将视为非法,退出。
注:文件名、session名,自己一定要自行定义,安全起见!!
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)