Файл: KOSMOS/inc/auth.php
Строк: 38
<?
if(isset($_POST['nick']) && isset($_POST['password']))
{
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `kolhoz_user` WHERE `nick` = '".my_esc($_POST['nick'])."' AND `password` = '".md5($_POST['password'])."' LIMIT 1"),0)==0)err_game("Неверный ник или пароль");
else
{
$_SESSION['id_user']=mysql_result(mysql_query("SELECT `id` FROM `kolhoz_user` WHERE `nick` = '".my_esc($_POST['nick'])."' AND `password` = '".md5($_POST['password'])."' LIMIT 1"),0);
$timee=3600*1;
$ps=100;
if($ku['hydropinics_time']>$time)
{
$ps=$ku['hydropinics_type']+$ps;
if($ps>300)$ps=300;
}
mysql_query("UPDATE `kolhoz_user` SET `hydropinics_time` = '".($ku['hydropinics_time']>$time?"".($ku['hydropinics_time']+$timee)."":"".($time+$timee)."")."', `hydropinics_type` = '$ps' WHERE `id` = '$ku[id]'");
header("Location:/?myfarm");
exit;
}
}
?>
<div class="event">
<div><h1>Вход</h1></div>
</div>
<div class="content">
<div class="block">
<form method="post"><ul>
<li>
<label>Ник:<br>
<input type="text" value="" name="nick">
</label>
</li>
<li class="pt">
<label>Пароль:<br>
<input type="password" value="" name="password">
</label>
</li>
<li class="pt">
<input type="submit" value="Войти">
</li>
</ul>
</form>
<div class="pt">
<ul>
<li><img width="16" height="16" src="images/icons/rename.png" alt="*">
<a href="?pass">Восстановление пароля</a></li>
</ul>
</div>
</div>
<div class="block event">
<img width="16" height="16" src="images/icons/back.png" alt="o"> <a href="/">В начало</a>
</div>
</div>
<?
echo "<div class='block event'>";
echo "Онлайн <span class='title'>".mysql_result(mysql_query("SELECT COUNT(*) FROM `kolhoz_user` WHERE `date_last` > '".(time()-600)."'"), 0)."</span>, регистраций
<span class='title'>".mysql_result(mysql_query("SELECT COUNT(*) FROM `kolhoz_user`"), 0)."</span></div>";
echo "</div>";
echo "<div></div><div style='text-align:center;' class='pt small minor'>Добавь в закладки";
echo " <a href='http://$_SERVER[HTTP_HOST]' class='epic'><span>$_SERVER[HTTP_HOST]</span></a><br>";
exit;
?>