Файл: log.in.php
Строк: 33
<?php
include 'system/sys.php';
include 'system/funcs.php';
if (isset ($us)) {
header ('location: /');
exit;
}
H ('Авторизация');
echo '<div class="menu">Авторизация</div>';
if (isset ($_GET['login'])) {
$_POST['nick'] = $_POST['type']=='id' ? (int) $_POST['nick'] : addslashes (trim ($_POST['nick']));
$_POST['pass'] = htmlspecialchars (addslashes ($_POST['pass']));
if (!isset ($_POST['nick']) || !isset ($_POST['pass'])) {
echo '<div class="list1"><b style="color:red;">Ошибка!</b></div>';
}
else {
$query = DB :: $dbs -> query ("SELECT * FROM `us` WHERE (`" . ( $_POST['type'] == 'id' ? 'id' : 'nick' ) . "`=?) AND (`pass`=?)", array ($_POST['nick'], md5 ($_POST['pass'])));
if ($query -> rowCount () == 0) {
echo '<div class="list1"><b style="color:red;">Ошибочные данные!</b></div>';
}
else {
$u = $query -> fetch ();
setcookie ('pass', $u['pass'], time () + 86400 * 365, '/');
setcookie ('id', $u['id'], time () + 86400 * 365, '/');
header ('location: /');
}
}
}
else {
echo '<div class="list1">';
echo '<form method="post" action="/log.in.php?login">';
echo 'Ваш <select name="type">';
echo '<option value="nick"> Ник</option>';
echo '<option value="id">id</option>';
echo '</select>:<br/>';
echo '<input name="nick" type="text" maxlength="16" value=""/><br/>';
echo 'Ваш пароль:<br/><input name="pass" type="password" maxlength="32" value=""/><br/>';
echo '<input type="submit" value="Вход" />';
echo '</form>';
echo '</div>';
}
F ();
?>