X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/507c6d855f2a15a6d5509b27517ee60732006a3c..ebcb7402a9776c5881fbba4d1d60ad50e41a097d:/admin.php?ds=inline diff --git a/admin.php b/admin.php index 6560f10..4a3d25f 100644 --- a/admin.php +++ b/admin.php @@ -65,8 +65,7 @@ if (php_sapi_name() == "cli") { } /* Test web password authentification. */ else if (!empty($cfg['admin_password']) && isset($_POST['admin_password'])) { - if ($cfg['admin_password'] === $_POST['admin_password'] || - $cfg['admin_password'] === hash('sha256', $_POST['admin_password'])) { + if ($cfg['admin_password'] === hash('sha256', $_POST['admin_password'])) { jirafeau_admin_session_start(); } else { require(JIRAFEAU_ROOT . 'lib/template/header.php'); @@ -256,7 +255,12 @@ if (php_sapi_name() == "cli") { header('Content-Disposition: attachment; filename="' . $l['file_name'] . '"'); if (file_exists(VAR_FILES . $p . $l['md5'])) { - readfile(VAR_FILES . $p . $l['md5']); + $r = fopen(VAR_FILES . $p . $l['md5'], 'r'); + while (!feof($r)) { + print fread($r, 1024); + ob_flush(); + } + fclose($r); } exit; }