Файл: test.otwap.aux.su/tizer.php
Строк: 36
<?php
if($_SERVER['REQUEST_METHOD'] == 'TRACE'){ die('Bad Request.'); }
if(isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])){ die('Bad Request.'); }
if(!is_array($GLOBALS)){ die('Bad Request.'); }
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------
session_start("q");
if ($_REQUEST[cat] == '') $cat = 'index';
else $cat = $_REQUEST[cat];
if ($_GET[quit] == "off") {
setcookie ("reguser", "");
setcookie ("regpass", "");
$_COOKIE['reguser'] = "";
$_COOKIE['regpass'] = "";
}
if (isset($_GET[spid])) {
setcookie("spid", "$_GET[spid]", time() + 10000000);
}
$forreg = $HTTP_SESSION_VARS["sess_login"];
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', FALSE);
header('Pragma: no-cache');
header("Content-type:text/html; charset=windows-1251");
require("lib/config.php");
require("lib/functions.php");
$query = "SELECT * FROM `pages` WHERE `html` = '$cat' AND NOW() <= '2030-12-31'";
$set = select($query);
$row = mysql_fetch_array($set);
$title = $row[title];
$keywords = $row[keywords];
$description = $row[description];
$page = $row[url];
$access_page = $row[access];
if (isset($_POST[login]) and isset($_POST[parol])) {
if (true) {// ($_POST[number] == $HTTP_SESSION_VARS["sess_login"]) {
$md5_psw = md5($_POST[parol]);
$login = $_POST[login];
$query = "SELECT COUNT(*) FROM `user` WHERE `login` = '$login' AND `password` = '$md5_psw'";
$set = select($query);
$row = mysql_fetch_row($set);
if ($row[0] > 0) {
setcookie("reguser", "$login");
setcookie("regpass", "$md5_psw");
$_COOKIE['reguser'] = $login;
$_COOKIE['regpass'] = $md5_psw;
$query = "UPDATE `user` SET `last_visit` = `now_visit`, `now_visit` = NOW() WHERE `login` = '$login' AND `password` = '$md5_psw'";
updata($query);
} else {
$title = "Ошибка авторизации!";
$page = "pages/error.php";
$header = "Ошибка авторизации!";
$messenge = "Вы ввели неверный логин или пароль!";
}
} else {
$title = "Ошибка авторизации!";
$page = "pages/error.php";
$header = "Ошибка авторизации!";
$messenge = "Вы ввели неверный проверочный код!";
}
}
$user = cook($_COOKIE['reguser'], $_COOKIE['regpass']);
if ($user) {
$id_user = $user[0];
$access_user = $user[1];
$logus = $user[2];
} else {
$access_user = 0;
}
if ($access_page > $access_user) {
$header = 'Доступ запрещён';
$messenge = 'У вас нет прав для просмотра данной страницы!<br>Возможно, вы не авторизовались!';
$title = $header . " к затребованной странице";
$description = $title;
$page = "pages/error.php";
}
require("block/body.php");/* */
?>