(в паре со сложным админским паролем это непробиваемая броня для XSS атак)
Код: Выделить всё
##############################################################
## MOD Title: eXtra Protection
## MOD Author: Vladson < vladson@heatpc.com > (n/a) http://phpbbguru.net/
## MOD Description: Passworded Administration Panel
## MOD Version: 1.0.0
##
## Installation Level: (Easy)
## Installation Time: ~1 Minutes
## Files To Edit(1): admin/pagestart.php
## Included Files: (n/a)
##############################################################
## For Security Purposes, Please Check: http://phpbbguru.net/mods/ for the
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code
## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered
## in our MOD-Database, located at: http://phpbbguru.net/mods/
##############################################################
## Author Notes:
##
## Not my idea, but i like it. :)
##
##############################################################
## MOD History:
##
## 2005-03-10 - Version 1.0.0
## - First one
##
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD
##############################################################
#
#-----[ OPEN ]------------------------------------------
#
admin/pagestart.php
#
#-----[ FIND ]------------------------------------------
#
//
// End session management
//
#
#-----[ AFTER, ADD ]------------------------------------------
#
if ( $HTTP_SERVER_VARS['PHP_AUTH_USER'] !== $userdata['username'] || md5($HTTP_SERVER_VARS['PHP_AUTH_PW']) !== $userdata['user_password'] )
{
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
die("Hacking attempt");
}
#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM