Файл: public_html/auth.php
Строк: 63
<?php
include ('./system/system.php');
$title = 'Авторизация';
include ('./system/head.php');
if($user) {
header('location: /game.php');
exit();
}
if($configuring['status_auth'] == 0) {
echo '<div class="block small red center">Авторизация недоступна!</div>';
echo '<a href="?" class="link"><img src="/images/icons/forward.png"> Обновить</a>';
include (''.$_SERVER['DOCUMENT_ROOT'].'/system/foot.php');
exit();
}
$login = _string($_POST['login']);
$password = _string($_POST['password']);
$secure = _string(_num($_POST['secure']));
if($login && $password) {
if(strlen($login) < 5 or strlen($login) > 30) {
echo '<div class="block small red center">Длина логина 5-30 символов!</div>';
echo '<a href="?" class="link"><img src="/images/icons/forward.png"> Продолжить</a>';
include ('./system/foot.php');
exit();
}
if(strlen($password) < 6 or strlen($password) > 30) {
echo '<div class="block small red center">Длина пароля 6-30 символов!</div>';
echo '<a href="?" class="link"><img src="/images/icons/forward.png"> Продолжить</a>';
include ('./system/foot.php');
exit();
}
$q = mysql_query('SELECT * FROM `users` WHERE `login` = "'.$login.'" AND `password` = "'.$password.'" LIMIT 1');
$user = mysql_fetch_array($q);
if($user) {
if($secure == 0) {
setCookie('id', $user['id'], time() + 86400 * 365, '/');
setCookie('password', $password, time() + 86400 * 365, '/');
}
if($secure == 1) {
setCookie('id', $user['id'], time() + 43200, '/');
setCookie('password', $password, time() + 43200, '/');
}
mysql_query("INSERT INTO `history_auth` SET `id_user` = '$user[id]', `ua` = '$_SERVER[HTTP_USER_AGENT]', `time` = '".time()."', `ip` = '$_SERVER[REMOTE_ADDR]', `login` = '".$login."', `password` = '".$password."'");
header('location: /game.php');
exit();
}else{
echo '<div class="block red small center">Неверный логин или пароль!</div>';
echo '<a href="?" class="link"><img src="/images/icons/forward.png"> Продолжить</a>';
include ('./system/foot.php');
exit();
}
}
echo '<form class="block" action="" method="post">
Логин: <br/> <input name="login" class="text" type="text" style="width: 97%"><br>
Пароль: <br/><input name="password" class="text" type="password" style="width: 97%"><br>
Запомнить: <br> <select name="secure">
<option value="0">Да</option>
<option value="1">Нет</option>
</select><br>
<input type="submit" class="submit" value="Войти"></form>';
echo '<a href="/reg.php" class="link"><img src="/images/icons/reg.png"> Регистрация</a>';
echo '<a href="/repass.php" class="link"><img src="/images/icons/repass.png"> Восстановить пароль</a>';
include ('./system/foot.php');
?>