Файл: vk.com_vhllam/login.php
Строк: 108
<?
//////Автор OPPS (Kasell)////
/////Скрипт бесплатный //////
////Плтную версию можно купить vk.com/vhllam///
include_once 'sys/inc/start.php';
include_once 'sys/inc/compress.php';
include_once 'sys/inc/sess.php';
include_once 'sys/inc/home.php';
include_once 'sys/inc/settings.php';
include_once 'sys/inc/db_connect.php';
include_once 'sys/inc/ipua.php';
include_once 'sys/inc/fnc.php';
include_once 'sys/inc/shif.php';
$show_all = true; // показ для всех
$input_page = true;
include_once 'sys/inc/user.php';
only_unreg();
if (isset($_GET['id']) && isset($_GET['pass']))
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '".intval($_GET['id'])."' AND `pass` = '".shif($_GET['pass'])."' LIMIT 1"), 0)==1)
{
$user = get_user($_GET['id']);
$_SESSION['id_user'] = $user['id'];
mysql_query("UPDATE `user` SET `date_aut` = ".time()." WHERE `id` = '$user[id]' LIMIT 1");
mysql_query("UPDATE `user` SET `date_last` = ".time()." WHERE `id` = '$user[id]' LIMIT 1");
mysql_query("INSERT INTO `user_log` (`id_user`, `time`, `ua`, `ip`, `method`) values('$user[id]', '$time', '$user[ua]' , '$user[ip]', '0')");
// Уведомление о входе друзьям
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` INNER JOIN `user` ON `frends`.`frend`=`user`.`id` WHERE `frends`.`user` = '$user[id]' AND `frends`.`i` = '1' AND `user`.`date_last`>'".(time()-1111)."'"), 0) > 0)
{
$q = mysql_query("SELECT * FROM `frends` INNER JOIN `user` ON `frends`.`frend`=`user`.`id` WHERE `frends`.`user` = '$user[id]' AND `frends`.`i` = '1' AND `user`.`date_last`>'".(time()-1111)."' ORDER BY `user`.`date_last` DESC");
// Cписок друзей онлайн
while ($frend = mysql_fetch_assoc($q))
{
mysql_query("INSERT INTO `frends_aut` (`id_user`, `time`, `id_frend`) values('$user[id]', '$time', '$frend[frend]')");
}
}
}
else $err[] = 'Неправильный логин или пароль';
}
elseif (isset($_POST['nick']) && isset($_POST['pass']))
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `nick` = '".my_esc($_POST['nick'])."' AND `pass` = '".shif($_POST['pass'])."' LIMIT 1"), 0))
{
$user=mysql_fetch_assoc(mysql_query("SELECT `id` FROM `user` WHERE `nick` = '".my_esc($_POST['nick'])."' AND `pass` = '".shif($_POST['pass'])."' LIMIT 1"));
$_SESSION['id_user'] = $user['id'];
$user = get_user($user['id']);
// сохранение данных в COOKIE
if (isset($_POST['aut_save']) && $_POST['aut_save'])
{
setcookie('id_user', $user['id'], time()+60*60*24*365);
setcookie('pass', cookie_encrypt($_POST['pass'],$user['id']), time()+60*60*24*365);
}
mysql_query("UPDATE `user` SET `date_aut` = '$time', `date_last` = '$time' WHERE `id` = '$user[id]' LIMIT 1");
mysql_query("INSERT INTO `user_log` (`id_user`, `time`, `ua`, `ip`, `method`) values('$user[id]', '$time', '$user[ua]' , '$user[ip]', '1')");
// Уведомление о входе друзьям
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` INNER JOIN `user` ON `frends`.`frend`=`user`.`id` WHERE `frends`.`user` = '$user[id]' AND `frends`.`i` = '1' AND `user`.`date_last`>'".(time()-600)."'"), 0) > 0)
{
$q = mysql_query("SELECT * FROM `frends` INNER JOIN `user` ON `frends`.`frend`=`user`.`id` WHERE `frends`.`user` = '$user[id]' AND `frends`.`i` = '1' AND `user`.`date_last`>'".(time()-600)."' ORDER BY `user`.`date_last` DESC");
// Cписок друзей онлайн
while ($frend = mysql_fetch_assoc($q))
{
mysql_query("INSERT INTO `frends_aut` (`id_user`, `time`, `id_frend`) values('$user[id]', '$time', '$frend[frend]')");
}
}
}
else $err[] = 'Неправильный логин или пароль';
}
elseif (isset($_COOKIE['id_user']) && isset($_COOKIE['pass']) && $_COOKIE['id_user'] && $_COOKIE['pass'])
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = ".intval($_COOKIE['id_user'])." AND `pass` = '".shif(cookie_decrypt($_COOKIE['pass'],intval($_COOKIE['id_user'])))."' LIMIT 1"), 0)==1)
{
$user = get_user($_COOKIE['id_user']);
$_SESSION['id_user'] = $user['id'];
mysql_query("UPDATE `user` SET `date_aut` = '$time', `date_last` = '$time' WHERE `id` = '$user[id]' LIMIT 1");
$user['type_input'] = 'cookie';
// Уведомление о входе друзьям
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` INNER JOIN `user` ON `frends`.`frend`=`user`.`id` WHERE `frends`.`user` = '$user[id]' AND `frends`.`i` = '1' AND `user`.`date_last`>'".(time()-1111)."'"), 0) > 0)
{
$q = mysql_query("SELECT * FROM `frends` INNER JOIN `user` ON `frends`.`frend`=`user`.`id` WHERE `frends`.`user` = '$user[id]' AND `frends`.`i` = '1' AND `user`.`date_last`>'".(time()-1111)."' ORDER BY `user`.`date_last` DESC");
// Cписок друзей онлайн
while ($frend = mysql_fetch_assoc($q))
{
mysql_query("INSERT INTO `frends_aut` (`id_user`, `time`, `id_frend`) values('$user[id]', '$time', '$frend[frend]')");
}
}
}
else
{
$err[] = 'Ошибка авторизации по COOKIE';
setcookie('id_user');
setcookie('pass');
}
}
else $err[]='Ошибка авторизации';
if (!isset($user))
{
$set['title']='Авторизация';
include_once 'sys/inc/thead.php';
title();
aut();
err();
header('Refresh: 1; url=/aut.php');
echo "<div class='menu'>n";
echo "<a href='/aut.php?$passgen'>Повторить попытку входа</a><br />n";
echo "</div>n";
include_once 'sys/inc/tfoot.php';
}
$set['title']='Дайджест';
if ($set['web']) // для web темы
{
if (is_dir(H.'style/themes/'.$user['set_them2']))$set['set_them']=$user['set_them2'];
else mysql_query("UPDATE `user` SET `set_them2` = '$set[set_them2]' WHERE `id` = '$user[id]' LIMIT 1");
}
else
{
if (is_dir(H.'style/themes/'.$user['set_them']))$set['set_them']=$user['set_them'];
else mysql_query("UPDATE `user` SET `set_them` = '$set[set_them]' WHERE `id` = '$user[id]' LIMIT 1");
}
if (isset($_GET['return']))
header('Location: '.urldecode($_GET['return']));
else header("Location: /my_aut.php?".SID);
exit;
?>