<?php $unserialize_str = 'a:2:{s:4:"user";b:1;s:4:"pass";b:"s878926199a";}'; echo unserialize($unserialize_str); $_POST='a:3:{s:8:"username";b:1;s:8:"password";b:0;s:5:"login";s:5:"Login";}'; //$USER="ADMIN"; //$PASS="PASS"; $P=unserialize($_POST); echo $P; if(isset($_POST['login'])) { $user = addslashes($_POST['username']); if(strlen($user)>50) die("用户名长度不能超过50个字符"); $user=urldecode($user); $user_arr=unserialize($user); $pass = addslashes($_POST['password']); $adminpass="!1793422703!"; if($pass==$adminpass){die("请勿攻击admin账户!");} if(md5($pass)==md5($adminpass)){ if($user_arr['user']==$USER && $user_arr['pass']==$PASS) echo "Well done, the key:".$KEY;//KEY隐藏了 else die("用户名错误"); }else{ die("密码错误!"); } } ?>
You have javascript disabled. You will not be able to edit any code.