View file wap-meet/auth.php

File size: 1.6Kb
<?php
require_once('system/config.php');
require_once('system/functions.php');

if ($is_logged) {
	header('location: ' . $config['site']['home'], true, 302);
} else {
	echo head();
		if ( empty($_POST['login']) || empty($_POST['pass']) ) {
			echo '<div class="menu">
<form action="' . $_SERVER['PHP_SELF'] . '" method="post" />
Логин: <br/><input type="text" name="login" /><br/>
Пароль: <br/><input type="password" name="pass" /><br/>
<input type="submit" value="Войти&#187;" />
</form>
</div>';
		} else {
			$q = mysql_query("SELECT * FROM `users` WHERE `login` = '" . mysql_real_escape_string($_POST['login']) . "' AND `pass` = '" . md5($_POST['pass']) . "' ");
				if ( mysql_num_rows($q) < 1) {
					echo '<div class="menu">Введенные Вами данные не верны.<br /><a href="' . $config['site']['home'] .'auth.php">Повторить</a></div>';
				} else {
					$data = mysql_fetch_assoc($q);
					$data['hash'] = rand_letter(32);
					mysql_query("UPDATE `users` SET `online_time` = {$_SERVER['REQUEST_TIME']}, `hash` = '" . $data['hash'] . "' WHERE `user_id` = '" . $data['user_id'] . "' ");
					$_SESSION['user_id'] = $data['user_id'];
					$_SESSION['user_hash'] = $data['hash'];
					setcookie('user_id',  $data['user_id'], $_SERVER['REQUEST_TIME'] + 3600 * 24 * 7, '/');
					setcookie('user_hash', $data['hash'], $_SERVER['REQUEST_TIME'] + 3600 * 24 * 7, '/');
					echo '<div class="menu">
Авторизация прошла успешно!<br />
<a href="' . $config['site']['home'] .'">Продолжить</a>
</div>';
				}
		}
	echo foot();
}