Файл: files/auth.php
Строк: 35
<?
defined('PROTECTOR') or die('Error: restricted access');
$user_id = 0; //гость
if (isset ($_SESSION['log']) && isset ($_SESSION['pas'])) {
$log = $_SESSION['log'];
$pas = $_SESSION['pas'];
}
// //////////////////////////////////////////////////////////
// Авторизация по COOKIE //
// //////////////////////////////////////////////////////////
elseif (isset ($_COOKIE['log']) && isset ($_COOKIE['pas'])) {
$log = base64_decode($_COOKIE['log']);
$_SESSION['log'] = $log;
$pas = $_COOKIE['pas'];
$_SESSION['pas'] = $pas;
}$clos=0;
$req = mysql_query("SELECT * FROM `users` WHERE `usr` = '".$log."' and `pass`='".mysql_real_escape_string($pas)."' LIMIT 1");
// //////////////////////////
$avto = mysql_num_rows($req);
if ($avto == 1) {
$user_id = 1; //авторизованый
$udata = mysql_fetch_assoc($req);
if($clos==1 and $udata['admin']!=6)
{
$user_id = 0;
}
$bans = mysql_query("SELECT * FROM `ban` WHERE `usr` = '".$udata['id']."' and `place`='4'");
$banq=mysql_num_rows($bans);
if($banq!=0)
{
$user_id = 0;
}
$regen=0;
$boss=mysql_fetch_array(mysql_query("SELECT * FROM `boss_activ` WHERE `id`='1'"));
$st=mysql_fetch_array(mysql_query("SELECT * FROM `users_stats` WHERE `usr`='".$udata['id']."'"));
$b_okr=mysql_num_rows(mysql_query("SELECT * FROM `okr_usrs` WHERE `usr`='".$udata['id']."' and `enemy`!=''"));
$b_oh=mysql_num_rows(mysql_query("SELECT * FROM `labir_usr` WHERE `usr`='".$udata['id']."'"));
$b_ar_m=mysql_num_rows(mysql_query("SELECT * FROM `arena_m_usr` WHERE `usr`='".$udata['id']."'"));
$b_ar=mysql_num_rows(mysql_query("SELECT * FROM `arena_usr` WHERE `usr`='".$udata['id']."'"));
$b_str=mysql_num_rows(mysql_query("SELECT * FROM `stt_usr` WHERE `usr`='".$udata['id']."'"));
$b_av=mysql_num_rows(mysql_query("SELECT * FROM `avan_usr` WHERE `usr`='".$udata['id']."'"));
$b_boss=mysql_num_rows(mysql_query("SELECT * FROM `boss_usr` WHERE `usr`='".$udata['id']."'"));
$b_port=mysql_num_rows(mysql_query("SELECT * FROM `battle_ships` WHERE `usr`='".$udata['id']."'"));
$b_terr=mysql_num_rows(mysql_query("SELECT * FROM `terr_usr` WHERE `usr`='".$udata['id']."'"));
if($b_okr!=0 or $b_oh!=0 or $b_ar_m!=0 or $b_ar!=0 or $b_str!=0 or $b_av!=0 or $b_boss!=0 or $b_port!=0 or $b_terr!=0){$regen=1;}
if($regen==0 and $st['hp']<$st['hp_max'] and $st['hp_regen_activ']!=1){
mysql_query("UPDATE `users_stats` SET `hp_regen_activ`='1' WHERE `usr`='".$udata['id']."'");
}
}
?>