Файл: wap-ads.ru/auth.php
Строк: 43
<?
if(isset($_GET['nick']) && isset($_POST['nick']) && isset($_POST['password']))
{
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `nick` = '".my_esc($_POST['nick'])."' AND `password` = '".md5($_POST['password'])."' LIMIT 1"),0)==0)
{
err_game("Неверный ник или пароль");
}
else
{
$_SESSION['id_user']=mysql_result(mysql_query("SELECT `id` FROM `users` WHERE `nick` = '".my_esc($_POST['nick'])."' AND `password` = '".md5($_POST['password'])."' LIMIT 1"),0);
setcookie('id_user',$user['id'],time()+60*60*24*365);
//setcookie('password', cookie_encrypt($_POST['password'],$user['id']), time()+60*60*24*365);
if(!empty($_GET['r'])){$_SESSION['refer']=intval($_GET['r']);}
header("Location:/?");
include_once 'foot.php';
}
}
$title='Вход';
include_once 'h.php';
?>
<div class="list_item busis">
<form action="?auth&nick" method="post">
<div class="pad_t_a">
<label class="link">Ник:<br>
<input type="text" value="" name="nick">
</label>
</div>
<div class="pad_t_a">
<label class="link">Пароль:<br>
<input type="password" value="" name="password">
</label>
</div>
<div class="pad_t_a">
<input type="submit" value="Войти">
</div>
</form>
<?
echo "<br><span class='link'>Незарегистрированны? Тогда пройдите простую</span> <a class='link' href='?reg'>регистрацию</a>.</div></div>";
include_once 'foot.php'; ?>
<ul>
<center><li><img width="16" height="16" src="images/icons/rename.png" alt="*">
<a href="?pass">Восстановление пароля</a></li><//center>
</ul>
</div>
</div>
</div>
</div>
<?
echo "<div class='block event'>";
echo "<center>Онлайн <span class='epic'>".mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `date_last` > '".(time()-600)."'"), 0)."</span>, регистраций
<span class='epic'>".mysql_result(mysql_query("SELECT COUNT(*) FROM `users`"), 0)."</span></div>";
echo "</div>";
echo "(с) <a href='http://$_SERVER[HTTP_HOST]' class='epic'><span>$_SERVER[HTTP_HOST]</span></a><br>";
exit;
?>