Просмотр файла enter.php

Размер файла: 3.31Kb
<?
Error_Reporting(E_ALL & ~E_NOTICE);
Error_Reporting (ERROR | WARNING);

extract($HTTP_GET_VARS);
extract($HTTP_POST_VARS);
extract($HTTP_COOKIE_VARS);
extract($HTTP_SERVER_VARS);
extract($HTTP_SESSION_VARS);
session_name("ID");
session_start();

include"inc/conf.php";
include "inc/conf_db.php";
include"inc/head.php";

if(empty($login)||empty($password))
{
 echo"Вы не ввели логин или пароль! Вернитесь <a href=\"vhod.php\">назад!</a><br/><tr><td bgcolor=\"#CCCCFF\" align=\"center\"><font color=\"#008080\"><b>CLICK-CLUB</b></td></tr></table></body></html>"; exit;}
////////////////////////////
////// Mod 1 by Stanislav
////////////////////////////
$login = htmlspecialchars(stripslashes(trim($login)));
$password = htmlspecialchars(stripslashes(trim($password)));

$login=str_replace("@","", $login);
$login=str_replace(" ","_", $login);
$login=str_replace("$","", $login);
$login=str_replace("`","", $login);
$login=str_replace("~","", $login);
$login=str_replace("!","", $login);
$login=str_replace("#","", $login);
$login=str_replace("%","", $login);
$login=str_replace("","", $login);
$login=str_replace(":","", $login);
$login=str_replace("?","", $login);
$login=str_replace("&","", $login);
$login=str_replace("*","", $login);
$login=str_replace("(","", $login);
$login=str_replace(")","", $login);
$login=str_replace(",","", $login);
$login=str_replace("/","", $login);
$login=str_replace("|","", $login);
$login=str_replace("'","", $login);

$password=str_replace("@","", $password);
$password=str_replace(" ","_", $password);
$password=str_replace("$","", $password);
$password=str_replace("`","", $password);
$password=str_replace("~","", $password);
$password=str_replace("!","", $password);
$password=str_replace("#","", $password);
$password=str_replace("%","", $password);
$password=str_replace("","", $password);
$password=str_replace(":","", $password);
$password=str_replace("?","", $password);
$password=str_replace("&","", $password);
$password=str_replace("*","", $password);
$password=str_replace("(","", $password);
$password=str_replace(")","", $password);
$password=str_replace(",","", $password);
$password=str_replace("/","", $password);
$password=str_replace("|","", $password);
$password=str_replace("'","", $password);

if(ereg("[а-яА-Я]",$login) || ereg("[а-яА-Я]",$password)) { 
 echo"Использовать кирилицу запрещено!<br/> Вернитесь <a href=\"registration.php\">назад!</a><br/><tr><td bgcolor=\"#CCCCFF\" align=\"center\"><font color=\"#008080\"><b>CLICK-CLUB</b></td></tr></table></body></html>"; exit;}
////////////////////////////

$login=preobraz(substr(trim($login), 0, 30));
$password=preobraz(substr(trim($password), 0, 30));
$q = mysql_query("select * from `user` where  login='$login';");
$data = mysql_fetch_array($q);
if($data['pass']==$password){



session_register("login");
session_register("password");

echo"Нажмите для входа<br/>";
echo"» <b><a href=panel.php>Войти в панель</a></b>";
header("Location: panel.php?".SID.""); exit;
} else {

echo"Логин или пароль неверен!<br/>Вы не выполнили вход!<br/>» <a href=\"vhod.php\">Войти</a><br/>
<tr><td bgcolor=\"#CCCCFF\" align=\"center\"><font color=\"#008080\"><b>CLICK-CLUB</b></td></tr></table></body></html>"; exit; }
?>