Файл: sign.php
Строк: 43
<?php
require_once 'core/sys.php';
require_once 'core/online_guest.php';
unreg();
if(isset($_GET['exit']))
{
setcookie('login', '', time()-1, '/');
setcookie('pass', '', time()-1, '/');
session_destroy();
header("Location: ../index.php");
exit;
}
if(isset($_GET) and !empty($_GET['login']) and !empty($_GET['pass']))
{
$login = protect($_GET['login'], 12);
$password = protect(md5_sault($_GET['pass']));
$check = mysql_result(mysql_query("SELECT count(*) FROM `users` WHERE `login` = '".$login."' and `pass` = '".$password."'"),0);
if($check == 0)
{
head('Авторизация');
echo '<div id="error">Неверный логин и/или пароль!</div>';
foot();
exit;
}
else
{
setcookie('login', $login, time()+3600*24*365, '/');
setcookie('pass', $password, time()+3600*24*365, '/');
head('Авторизация');
if(!empty($_GET['r'])){
$r = int($_GET['r']);
$test_ref = mysql_fetch_assoc(mysql_query("SELECT `id`,`login` FROM `users` WHERE `id`='".$r."' LIMIT 1"));
if($test_ref and $test_ref['login']!= $login){
$id_ref_us= mysql_fetch_assoc(mysql_query("SELECT `id` FROM `users` WHERE `login`='".$login."' and `pass` = '".$password."' LIMIT 1"));
$test_ref = mysql_result(mysql_query("SELECT COUNT(id) FROM `referal` WHERE `user_ref`='".$id_ref_us['id']."'"),0);
if($test_ref == 0){
mysql_query("INSERT INTO `referal` SET
`ref_id`='".$r."',
`user_ref`='".$id_ref_us['id']."',
`time`='".time()."',
`ok`='0'");
}
}
}
echo '<div class="row">Вы успешно вошли!<br />Вы можете сделать здесь закладку!<br />
<a href="index.php">дальше -></a><br>
<input name="al" type="text" value="'.$set['http'].'/sign.php?login='.$login.'&pass='.protect($_GET['pass']).'">
</div>';
foot();
exit;
}
}
head('Авторизация');
?>
<div class="title">Авторизация</div>
<div class="row">
<form action="sign.php" method="get">
Логин:<br />
<input name="login" type="text" /><br />
Пароль:<br />
<input name="pass" type="pass" /><br />
<input type="submit" value="Авторизация" />
</form>
</div>
<?php
foot();
?>