Файл: dev/auth.php
Строк: 79
<?
include_once '../sys/core/start.php';
include_once '../sys/core/compress.php';
include_once '../sys/core/sess.php';
include_once '../sys/core/home.php';
include_once '../sys/core/settings.php';
include_once '../sys/core/db_connect.php';
include_once '../sys/core/ipua.php';
include_once '../sys/core/fnc.php';
include_once '../sys/core/shif.php';
$input_page=true;
include_once '../sys/core/user.php';
include_once '../sys/inc/fnc_game.php';
include_once '../sys/inc/thead.php';
only_unreg();
if (isset($_GET['id']) && isset($_GET['pass']))
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '".intval($_GET['id'])."' AND `pass` = '".shif($_GET['pass'])."' LIMIT 1"), 0)==1)
{
$user=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id`='".intval($_GET['id'])."'"));
$_SESSION['id_user']=$user['id'];
mysql_query("UPDATE `user` SET `date_aut` = ".time()." WHERE `id` = '$user[id]' LIMIT 1");
mysql_query("UPDATE `user` SET `date_last` = ".time()." WHERE `id` = '$user[id]' LIMIT 1");
header("Location: /dev/garage.php");
}
else $err[]='Неправильный логин или пароль';
}
elseif (isset($_POST['nick']) && isset($_POST['pass']))
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `nick` = '".my_esc($_POST['nick'])."' AND `pass` = '".shif($_POST['pass'])."' LIMIT 1"), 0))
{
$user=mysql_fetch_assoc(mysql_query("SELECT `id` FROM `user` WHERE `nick` = '".my_esc($_POST['nick'])."' AND `pass` = '".shif($_POST['pass'])."' LIMIT 1"));
$_SESSION['id_user']=$user['id'];
$user=$_SESSION['id_user'];
// сохранение данных в COOKIE
setcookie('id_user', $user['id'], time()+60*60*24*365);
setcookie('pass', cookie_encrypt($_POST['pass'],$user['id']), time()+60*60*24*365);
mysql_query("UPDATE `user` SET `date_aut` = '$time', `date_last` = '$time' WHERE `id` = '$user[id]' LIMIT 1");
header("Location: /dev/garage.php");
}
else $err[]='Неправильный логин или пароль';
}
elseif (isset($_COOKIE['id_user']) && isset($_COOKIE['pass']) && $_COOKIE['id_user'] && $_COOKIE['pass'])
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = ".intval($_COOKIE['id_user'])." AND `pass` = '".shif(cookie_decrypt($_COOKIE['pass'],intval($_COOKIE['id_user'])))."' LIMIT 1"), 0)==1)
{
$user=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id`='".intval($_COOKIE['id_user'])."'"));
$_SESSION['id_user']=$user['id'];
mysql_query("UPDATE `user` SET `date_aut` = '$time', `date_last` = '$time' WHERE `id` = '$user[id]' LIMIT 1");
$user['type_input']='cookie';
header("Location: /dev/garage.php");
}
else
{
$err[]='Ошибка авторизации по COOKIE';
setcookie('id_user');
setcookie('pass');
}
}
echo "<table class='wdt' style='background-color: #221e1f;'>";
echo "<tr><td align='center' class='white' style='padding: 0px;'><img src='/style/theme/logos.png' alt='Super Race'><br></td></tr></table>";
echo "<table class='wdt brown-header'>";
echo "<tr><td align='left'>Вход:</td></tr></table>";
echo "<table class='wdt gray-table'>";
echo "<tr><td class='white' align='center' style='padding: 10px;'>";
err();
echo "<form method='post'><table>";
echo "<tr><td>Логин:</td><td><input style='height:25px' type='text' name='nick' maxlength='25'></td></tr>";
echo "<tr><td>Пароль:</td><td><input style='height:25px' type='password' name='pass' maxlength='45'></td></tr>";
echo "<tr><td colspan='2'><input class='yes-btn' type='submit' value='Играть!'></td></tr></table></form></td></tr>";
echo "<tr><td class='white' align='center' style='padding: 10px;'><a class='yellow' href='/dev/reg.php'>Регистрация</a></td></tr>";
echo "<tr><td colspan='2' style='text-align: right;'><a style='color:white; font-size: 90%;' href='/dev/pass.php'>Восстановить пароль</a></td></tr></tbody></table>";
include_once '../sys/inc/tfoot.php';
?>