Файл: public_html/auth.php
Строк: 39
<?php
include ('./system/common.php');
include ('./system/functions.php');
include ('./system/user.php');
$title = 'Кровавые земли';
include ('./system/h.php');
if($user) {
header('location: /main');
exit;
}
echo '<div class="block center"><img src="/images/logo.png" width="99%">
</div><div class="line"></div>';
$login = _string($_POST['login']);
$login = strToLower($login);
$password = _string($_POST['password']);
if($login && $password) {
$q = mysql_query('SELECT * FROM `users` WHERE `login` = "'.$login.'" AND `password` = "'.$password.'" LIMIT 1');
$user = mysql_fetch_array($q);
if(!$user) {
echo '<div class='block red' align='center'>';
echo 'Неверный логин или пароль!</div><div class="line"></div>';
}
if($user) {
setCookie('id', $user['id'], time() + 86400 * 365, '/');
setCookie('password', $password, time() + 86400 * 365, '/');
header('location: /main');
}
}
echo "<div class='block' align='center'>
<form action='' method='post'>
Логин:<br/> <input name='login'/><br/>
Пароль:<br/><input name='password'/><br/>
<input type='submit' value='Войти'/>
</form></div>
<div class='line'></div>
<a href='/' class='link'>На главную</a>";
include ('./system/f.php');
?>