Файл: playtox.tk/files/auth.php
Строк: 33
<?
defined('PROTECTOR') or die('Error: restricted access');
$user_id = 0; //гость
if (isset ($_SESSION['log']) && isset ($_SESSION['pas'])) {
$log = $_SESSION['log'];
$pas = $_SESSION['pas'];
}
// //////////////////////////////////////////////////////////
// Авторизация по COOKIE //
// //////////////////////////////////////////////////////////
elseif (isset ($_COOKIE['log']) && isset ($_COOKIE['pas'])) {
$log = base64_decode($_COOKIE['log']);
$_SESSION['log'] = $log;
$pas = $_COOKIE['pas'];
$_SESSION['pas'] = $pas;
}
$req = mysql_query("SELECT * FROM `users` WHERE `usr` = '$log' and `pass`='".mysql_real_escape_string($pas)."' LIMIT 1");
// //////////////////////////
$avto = mysql_num_rows($req);
if ($avto == 1) {
$user_id = 1; //авторизованый
$udata = mysql_fetch_assoc($req);
$sett = mysql_query("SELECT * FROM `set` WHERE `usr` = '$log' LIMIT 1");
$set = mysql_fetch_assoc($sett);
$in_battle = mysql_num_rows(mysql_query("SELECT * FROM tmp WHERE usr = '$log' LIMIT 1"));
/////////////////////////
$kvs=mysql_query("SELECT * FROM `kves` WHERE `us_id`='$udata[id]'");
$kv=mysql_fetch_assoc($kvs);
/////////////////////////
/////////////////////////
$kv1s=mysql_query("SELECT * FROM `kvest` WHERE `us_id`='$udata[id]'");
$kvest=mysql_fetch_assoc($kv1s);
$kvv=mysql_num_rows($kv1s);
if($kvv=="0"){
mysql_query("INSERT INTO `kvest` SET
`us_id`='$udata[id]',
`zd1`='used',
`zd2`='used',
`zd1_p`='0',
`zd2_p`='0'");
}
/////////////////////////
$podarok=mysql_query("SELECT * FROM `podarok` WHERE `id_us`='$udata[id]'");
$pod=mysql_fetch_assoc($podarok);
$pod_k=mysql_num_rows($podarok);
if($pod_k=="0"){
mysql_query("INSERT INTO `podarok` SET
`id_us`='$udata[id]',
`day1`='yes',
`day2`='no',
`day3`='no',
`day4`='no',
`day5`='no'");
}
/////////////
$inpk = mysql_num_rows(mysql_query("SELECT * FROM pk WHERE usr = '$log' LIMIT 1"));
$dueli = mysql_num_rows(mysql_query("SELECT * FROM userduel WHERE usr = '$log' LIMIT 1"));
$inar = mysql_num_rows(mysql_query("SELECT * FROM arena WHERE usr = '$log' LIMIT 1"));
$inryd = mysql_num_rows(mysql_query("SELECT * FROM rydnik WHERE usr = '$log' LIMIT 1"));
$div = "</div><div class='menu'>";
include($path.'files/vip.php');
include($path.'files/online.php');
include($path.'files/regeneration.php');
@include('lvl.php');
// ///////////последний визит
$dater = date("d F, Y", time());
$time = date("H:i:s", time());
$dater = str_replace("January", "января", $dater);
$dater = str_replace("February", "февраля", $dater);
$dater = str_replace("March", "марта", $dater);
$dater = str_replace("April", "апреля", $dater);
$dater = str_replace("May", "мая", $dater);
$dater = str_replace("June", "июня", $dater);
$dater = str_replace("July", "июля", $dater);
$dater = str_replace("August", "августа", $dater);
$dater = str_replace("September", "сентября", $dater);
$dater = str_replace("October", "октября", $dater);
$dater = str_replace("November", "ноября", $dater);
$dater = str_replace("December", "декабря", $dater);
mysql_query("UPDATE `users` SET `lvisit` = '$dater $time' WHERE usr = '$log' LIMIT 1");
// /получаем местоположение
if (isset($head)) {
mysql_query("UPDATE `mesto` SET `place` = '$head' WHERE `usr` = '$log' LIMIT 1");
} //фиксируем положение
}
if(isset($_GET[site])){
$_SESSION['site']=$_GET[site];
}
?>