EcShop团购插件Ecgroupon不能登录的bug
操作方法
- 01
之前装了个ecshop 后来 弄团购 又装了ecgroupon插件,按正常来说,应该直接用ecshop的后台账号密码就能登陆,但是我登陆好多遍也登陆不了。总提示不正确。原来ecshop的管理员登录验证,加了一层盐值加密。而ecgroupon管理员登录,又忽略的盐值加密判断。解决办法是这样的:找到 /mygroupon/privilege.php 文件,找到:$sql = “SELECT user_id, user_name, password, last_login, action_list, last_login, suppliers_id”.” FROM ” . $ecs->table(‘admin_user’) .” WHERE user_name = ‘” . $_POST['username']. “‘ AND password = ‘” . md5($_POST['password']) . “‘”; 将上面的整条$sql(不包括下面的$row)替换为:$sql=”SELECT `ec_salt` FROM “. $ecs->table(‘admin_user’) .”WHERE user_name = ‘” . $_POST['username'].”‘”;$ec_salt =$db->getOne($sql);if(!empty($ec_salt)){ $sql = “SELECT user_id, user_name, password, last_login, action_list, last_login, suppliers_id”.” FROM ” . $ecs->table(‘admin_user’) .” WHERE user_name = ‘” . $_POST['username']. “‘ AND password = ‘” . md5(md5($_POST['password']).$ec_salt) . “‘”;}else{ $sql = “SELECT user_id, user_name, password, last_login, action_list, last_login,suppliers_id”.” FROM ” . $ecs->table(‘admin_user’) .” WHERE user_name = ‘” . $_POST['username']. “‘ AND password = ‘” . md5($_POST['password']) . “‘”;} 这样用默认的admin admin888 就可以登陆了。擦 累死哥了。