Файл: www/index.php
Строк: 41
<?php
include 'inc/mysql.php';
include 'inc/check.php';
include 'inc/functions.php';
top();
if(isset($_SESSION['auth']) && $_SESSION['auth']==1){
header ("Location: /character.php");
exit;
}
switch($_GET['action']){
default:
?>
<center>
<img src="/data/logo.jpg">
<br>
<form action="?action=enter" method="post">
Имя<br>
<input name="login" class="text"/><br>
Пароль<br>
<input name="password" class="text" type="password"/><br>
<input type="submit" value="Вход" class="submit"/>
</form>
</center>
<?php
echo '<center><a href="/reg.php">Регистрация</a> | <a href="/pasw.php">Забыли пароль?</a> | Онлайн '.mysql_result(mysql_query("SELECT COUNT(*) FROM `account` WHERE '".time()."' - `last_active` < '360'"),0).'</center>';
break;
case 'enter':
$login = mysql_real_escape_string($_POST['login']);
$password = mysql_real_escape_string($_POST['password']);
if(empty($login) or empty($password)){
header ("Location: /?"); exit;
}
$user = mysql_fetch_array(mysql_query("SELECT * FROM `account` WHERE login='".$login."' and password='".$password."'"));
if(empty($user)){
header ("Location: /?"); exit;
}else{
$_SESSION['id']=$user['id'];
$_SESSION['login']=$user['login'];
$_SESSION['password']=$user['password'];
$_SESSION['auth']=1;
mysql_query("update account set server='0' where id='".$user['id']."' limit 1");
echo 'Загрузка...
<br />
<a href="?">Обновите страницу</a>';
}
break;
}
down();
?>