Файл: rusikanlove/rusikanlove/enter.php
Строк: 27
<?php
include_once"template/session.php";
include_once"ini.php";
//АВТОРИЗАЦИЯ ЧЕРЕЗ ФОРМУ
if(($_POST['id']!="")&&($_POST['ps']!="")){
if(true||preg_match('#^[0-9]{1,10}$#',$_POST['id'])){
$id = $_POST['id'];
$ps = $_POST['ps'];
if(!get_magic_quotes_gpc()){
$id=mysql_real_escape_string($id);
}
$query = mysql_query("SELECT id,login,pass,level FROM `user` WHERE id='$id' OR login='$id'");
$result = mysql_num_rows($query);
if($result!="0"){
$arr = mysql_fetch_array($query);
$pass = $arr['pass'];
if($ps==$pass){
$_SESSION['id']=$arr['id'];
$_SESSION['auth']=1;
$ua = htmlspecialchars(addslashes($_SERVER['HTTP_USER_AGENT']));
$ip = htmlspecialchars(addslashes($_SERVER['REMOTE_ADDR']));
mysql_query("UPDATE user SET time='$time', online='1', lastdate=CURRENT_TIMESTAMP(),ua='$ua', ip='$ip' WHERE id='$id'");
header('Location: menu.php?'.sid.'');
exit;
} else { session_destroy(); header('Location: index.php'); exit; }
} else { session_destroy(); header('Location: index.php'); exit; }
} else { session_destroy(); header('Location: index.php'); exit; }
} else { session_destroy(); header('Location: index.php'); exit; }
?>