Файл: isvo.ru/APIlogin.php
Строк: 80
<?
require_once 'core/system.php';
echo reg();
$header = 'Регистрация';
require_once 'core/head.php';
if (isset($_POST['token'])) { $s = file_get_contents('http://ulogin.ru/token.php?token=' . $_POST['token'] . '&host=' . $_SERVER['HTTP_HOST']); $_POST['loginAPI'] = true; }
if (isset($_POST['token']))$users = json_decode($s, true);if (isset($_POST['token']) && !isset($user) && $users['network'] && $users['identity'] && $_POST['loginAPI'] == true)
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `network` = '" . $users['network'] . "' AND `identity` = '" . $users['identity'] . "'"),0) == 0)
{
##########################
# Имя к ID
if ($users['network'] == 'odnoklassniki')
$idi = 'ok';
else
$idi = null;
if ($users['sex'] == 2) $sex = 1;
else $sex = 0;
##########################
# Выбираем ник
$identity = $users['identity'];
$identity = str_replace('http://www.facebook.com', '', $identity);
$identity = str_replace('http://openid.yandex.ru', '', $identity);
$identity = str_replace('http://vk.com', '', $identity);
$identity = str_replace('http://odnoklassniki.ru', '', $identity);
$identity = str_replace('http://my.mail.ru/mail', '', $identity);
$identity = str_replace('/', '', $identity);
$identity = str_replace('.', '', $identity);
$identity = $idi . $identity;
##########################
# Наличие подобного ника
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `nick` = '" . $identity . "'"),0)!=0)
$identity = $identity . '_' . rand(0000, 9999);
##########################
# Регистрация
$pass = ''.rand(00000,99999).'_'.rand(000,999).'';
$identity_db = $users['identity'];
$network_db = $users['network'];
mysql_query("INSERT INTO `user` SET
`nick` = '$identity',
`pass` = '$pass',
`pol` = '$sex',
`identity` = '$identity_db',
`network` = '$network_db',
`timereg` = '".time()."',
`mana` = 1050,
`max_mana` = 1050,
`health` = 80,
`max_health` = 80,
`sila` = 80,
`lovk` = 80,
`zashit` = 80");
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `nick` = '". $identity ."' AND `password` = '".$pass."' LIMIT 1"));
setcookie('nick', $identity, time()+86400*365, '/');
setcookie('pass', $pass, time()+86400*365, '/');
header('Location: /index.php');
$_SESSION['message'] = 'Регистрация успешна';
exit;
} else {
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `network` = '" . $users['network'] . "' AND `identity` = '" . $users['identity'] . "' LIMIT 1"));
setcookie('nick', $user['nick'], time()+86400*365, '/');
setcookie('pass', $user['pass'], time()+86400*365, '/');
header('Location: /index.php');
$_SESSION['message'] = 'Авторизация успешна';
exit;
}
}
?>