ThinkPHP system background password to forget the solution, ThinkPHP background password quickly retrieve tutorials
Article Description:
现在国内很多PHP网站源码都是用ThinkPHP开发的后台,大家经常会碰到密码忘记或者拿来的代码忘了带上后台账号,这种情况下账号名可以从数据库获取,但是密码是加过密的,所以行不通,得从后台登录代码里面找到密码匹配判断语句,这里有两种处理方法:
1)直接返回true,这样无论输入啥密码都可以登录后台,登录以后恢复代码,然后在后台修改密码;
2)在密码匹配判断处用调试的方法输出用函数加密过的密码值,只要输入任意密码,比如12345,在判断语句处就会输出12345的加密密码,然后将这个密码填入到数据库里面admin账号对应的密码字段就可以了,登录密码就是12345;
前面第一种方法有个不足的地方,就是在后台改密码如果要验证旧密码,这种方法就行不通,下面重点介绍第二种方法。
首先安装emeditor文本编辑器,然后在点击源码文件夹,右键菜单中点击“用Emeditor在文件中查找”
弹出的查找框中输入“密码错误”(就是输入密码弹出的错误提示),点击“查找”,然后会出现密码错误出现过的文件和位置:
既然是要后台登录的密码,那找到关键词admin和login,上图中密码判断语句就在admin\controller\LoginController.class.php中了,在该文件中出现过三次,逐一检查,找到了语句所在函数:
public function index($username = NULL, $password = NULL, $verify = NULL, $urlkey = NULL)
{
if (IS_POST) {
if (!check_verify($verify)) {
$this->error('验证码输入错误!');
}
$admin = M('Admin')->where(array('username' => $username))->find();
if ($admin['password'] != md5($password)) {
$this->error('用户名或密码错误!');
} else {
$uids = $admin['id'];
$admin_auth = M('AuthGroupAccess')->where(array('uid' => $uids))->find();
if(!$admin_auth){
$this->error('用户暂未分组!');
}
$group_id = $admin_auth['group_id'];
$admin_gid = M('AuthGroup')->where(array('id' => $group_id))->find();
if(!$admin_gid){
$this->error('用户所在分组不存在!');
}
M('Admin')->where(array('username' => $username))->save(array('last_login_time' => time(), 'last_login_ip' => get_client_ip()));
session('admin_id', $admin['id']);
S('5df4g5dsh8shnfsf', $admin['id']);
session('admin_username', $admin['username']);
session('admin_password', $admin['password']);
$this->success('登陆成功!', U('Index/index'));
}
} else {
defined('ADMIN_KEY') || define('ADMIN_KEY', '');
if (ADMIN_KEY && ($urlkey != ADMIN_KEY)) {
//$this->redirect('Home/Index/index');
}
if (session('admin_id')) {
$this->redirect('Admin/Index/index');
}
$this->display();
}
}if ($admin[‘password’] != md5($password))这条语句就是判断密码是否匹配的了,可以看出密码是MD5加密存储的,这个就好办了,直接在数据库密码字段里输入md5加密后的密文,如果这里不是md加密,可能是别的函数,比如encryptxxx($password),那就要在这条判断语句前输出encryptxxx($password)的返回值,这里方法很多,我使用的是:
die(encryptxxx($password));
- Can free downloads or VIP member-only resources be commercialized directly?
- The resources on this site are collected and organized through the network, for personal research and study purposes only. The copyright belongs to the legal owner of the software and program code, users should verify the copyright and legality of the resources, prohibited for commercial use, illegal activities or any violation of national laws and regulations.
- Disclaimer of liability for program or code bugs, compatibility issues or functional defects, etc.
- As the resources on this site are collected and organized through the network, not the site's original, it can not fully guarantee its functionality or code compatibility. Users need to verify whether the resources meet the needs of their own, due to the following circumstances lead to losses, this site does not assume any responsibility:
Programs, source code and other computer software resources may contain code vulnerabilities (bugs), compatibility issues or functional defects left by the developer. This site does not provide free repair services for such technical defects, users need to bear the risk of debugging, modification or abandonment of the use.
