Файл: enter.php
Строк: 12
<?php
$log = htmlspecialchars(stripslashes(addslashes($_POST['log'])));
$pas = htmlspecialchars(stripslashes(addslashes($_POST['pas'])));
include_once("files/zag.php");
include_once"files/ini.php";
////////////////////////////////////////////////////////
$polz=mysql_query("SELECT * FROM `users` WHERE `udata0`='$log' AND `udata1`='$pas' LIMIT 1");
if(mysql_num_rows($polz)==0){
$ip=htmlspecialchars(stripslashes($_SERVER['REMOTE_ADDR']));
$time = date("H:i d.m.y");
mysql_query("INSERT INTO
`hystory` SET
`nick` = '$log',
`mod` = '2',
`ip` = '$ip',
`time` = '$time'");
header ("Location: index.php?errors");
}else{
$a=mysql_query("SELECT * FROM `users` WHERE `udata0`='$log' AND `udata1`='$pas' LIMIT 1");
while($arr=mysql_fetch_array($a)){
SetCookie("log",$arr['udata0'],time()+86400);
SetCookie("pas",$_POST['pas'],time()+86400);
$ip=htmlspecialchars(stripslashes($_SERVER['REMOTE_ADDR']));
$time = date("H:i d.m.y");
mysql_query("INSERT INTO
`hystory` SET
`nick` = '$log',
`mod` = '1',
`ip` = '$ip',
`time` = '$time'");
}
header ("Location: gorod");
}
?>