View file aut.php

File size: 6.22Kb
<?php
#############################################
# 0JXRgdC70Lgg0YLRiyDRh9C40YLQsNC10YjRjCDRj #
# dGC0L4g0YHQvtC+0LHRidC10L3QuNC1LCDQt9C90L #
# DRh9C40YIg0YLRiyDQvdC10LzQvdC+0LPQviDQt9C #
#          90LDQtdGI0YwgUEhQIQ==            #
#__---------------------------------------__#
#__        0JrQu9C40Log0JrQu9GD0LE=       __#
#  ---------------------------------------  #
# 0JDQstGC0L7RgCA6IE1vcmdhbg==              #
# SUNRIDog0L3QtSDRgdC60LDQttGDIHhE          #
#                                           #
#############################################

require 'inc/start.php';
require 'inc/regvars.php';
require 'inc/db.php';
require 'inc/config.php';
require 'inc/funct.php';
require 'inc/antidos.php';
require 'inc/gzip.php';
require 'inc/header.php';
$title = 'Авторизация';
require 'inc/head.php';

if(empty($_SESSION['code']))$_SESSION['code'] = rand(100,999);


#if($user_in_site == 1)location('index.php');

 echo '<div class="sec">
Авторизация
</div><div class="vstavka">';
if($user_in_site == 1 && empty($_SESSION['auth']['code']) && $config['antispam_bot_code'] > 0)
 {

 if(!empty($_POST['code']))
  {

  $code = obr($_POST['code'],'string',4);

  if($code == $_SESSION['code'])
   {
   	$_SESSION['code'] = rand(1000,9999);

   $_SESSION['auth']['code'] = true;

   if(!empty($_SESSION['url_refresh'])){$link = $_SESSION['url_refresh'];}
   else{$link = ($user_prof['admin'] == 3 ? '/admin/stat.php' : '/menu/index.php');}

   echo 'Успешно<br />
-> <a href="'.$link.'">'.$link.'</a>';

   }else{$_SESSION['code'] = rand(1000,9999);
   echo 'Код введен неверно<br />
<a href="aut.php?">&lt;&lt;&lt;Назад</a>';}

  }
 else
  {

  $_SESSION['code'] = rand(1000,9999);

  echo '<form action="aut.php?'.rand(100,999).'" method="POST">
Введите код ';

if($config['antispam_bot_code']==2)echo '<img src="/captcha.php?'.rand(100,999).'" alt="captcha"/>';
elseif($config['antispam_bot_code']==1)echo '<b> '.$_SESSION['code'].'</b>';

echo ' : <br />
<input name="code" type="text" maxlength="4" size="4"><br />
<input type="submit" value="Вход">
</form>';
  }


 }else
 {

 if($user_in_site == 1)location('index.php');

 if(!empty($_GET['login']) && !empty($_GET['pass']))
  {
#  if($config['antispam_bot_code']>0)$code = obr($_POST['code'],'string',6);
  $login = obr($_GET['login'],'string',30);
  $pass = obr($_GET['pass'],'string',32);
  $res = query("SELECT login,pass,active,id,ip,ua,admin FROM `$db[prefix]users` WHERE `login`='$login'");
  if(mysql_num_rows($res)>0)
   {
   $user = mysql_fetch_array($res);
   if($user['active']==1)
    {
    if($user['login']==$login && $user['pass']==my_md5($pass))
     {


      $_SESSION['auth']['login'] = $login;
      $_SESSION['auth']['pass'] = my_md5($pass);
      $_SESSION['auth']['secret_code'] = md5(substr($_ua,-15).substr($_ip,-3).$config['salt'].$user['login']);

      query("UPDATE `$db[prefix]users` SET `ip`='$_ip',`ua`='$_ua',`last_time`='$sitetime',`count_authorised`=count_authorised+1 WHERE `id`=$user[id] ");

     if($config['time_life_cookies'] > 0 && !empty($_GET['cookie']) && $_GET['cookie'] == 1)
      {
      setcookie('auth_login',base64_encode(strrev(base64_encode($login))),$sitetime + $config['time_life_cookies']);
      setcookie('auth_pass',base64_encode(strrev(base64_encode(my_md5($pass)))),$sitetime + $config['time_life_cookies']);
      }

#      if($_ip != $user['ip'])echo '<div class="zero">Внимание! Ваш IP : <i>'.$_ip.'</i> не совпадает с прошлым IP <i>'.$user['ip'].'</i></div>';

     if($config['logs_auth'])query("INSERT INTO `$db[prefix]logs_aut` SET `user` = '$user[id]',`date` = '$sitetime',`ip` = '$_ip',`ua` = '$_ua'");
#      header('Refresh: 3 url='.str_replace('&amp;','&',$link));

     if(!empty($_SESSION['url_refresh'])){$link = $_SESSION['url_refresh'];}
     else{$link = ($user['admin'] == 3 ? '/admin/stat.php' : '/menu/index.php');}

#     if(!isset($_POST['not_al'])){}
location($link);
exit;

/*
       echo 'Вы успешно авторизованы.<br />
Ваш автологин : <input name="alogin" type="text" value="'.$config['link_url'].'/aut.php?login='.$login.'&pass='.$pass.'&cookie=1" /><br />
-> <a href="'.str_replace('&amp;','&',$link).'">'.$link.'</a><br />';
if($link != '/menu/index.php')echo '--> <a href="/menu/index.php">/menu/index.php</a><br />';
*/
      }else{$_SESSION['attempts_enter'] ++;
echo 'Ошибка авторизации<br />
Неправильный логин или пароль!<br />
<a href="aut.php">&lt;&lt;&lt;Назад</a><br />';}
     }else{echo 'Ошибка авторизации<br />
Учетная запись не активирована!<br />
<a href="aut.php">&lt;&lt;&lt;Назад</a><br />';}
   }else{$_SESSION['attempts_enter'] ++;
echo 'Ошибка авторизации<br />
Неправильный логин или пароль!<br />
<a href="aut.php">&lt;&lt;&lt;Назад</a><br />';}

}else
{
  echo '<form action="aut.php" method="GET">
Ваш логин : <br />
<input type="text" maxlength="30" name="login"><br />
Ваш пароль : <br />
<input type="password" maxlength="32" name="pass"><br />';
/*
if($config['antispam_bot_code']==2){echo 'Код подтверждения <img src="/captcha.php?'.rand(100,999).'" alt="captcha"/> : <br />
<input name="code" type="text" size="7" maxlength="6" /><br />';}
elseif($config['antispam_bot_code']==1){echo 'Код подтверждения <b> '.$_SESSION['code'].'</b> : <br />
<input name="code" type="text" size="7" maxlength="6" /><br />';}
*/
if($config['time_life_cookies'] > 0)echo '<input name="cookie" type="checkbox" value="1"> Запомнить меня<br />';
echo '<input type="submit" value="Вход">
</form><br />
&raquo;<a href="/reg.php">Регистрация</a><br />';
if($config['restore_pass']==1)echo '&raquo;<a href="/pass.php">Забыли пароль?</a><br />';
  }

  }

require 'inc/foot.php';

################################################
# 0KHQutGA0LjQv9GCINC90LUg0L/QsNCx0LvQuNC6IQ== #
#   0KHRgtCw0LLRgNC+0L/QvtC70YwsIDIwMDkg0LMu   #
################################################

?>