(25 июл 2016, 21:59) (0/0)
[0]
Макс Шустов, <?php
$title = 'Авторизация';
include_once "sys/functions.php";
include_once "sys/connect.php";
include_once "sys/core.php";
include_once "sys/head.php";
if (!isset($user))
{
if (isset($_GET['login']) && isset($_GET['pass']))
{
$login = filter($_GET['login']);
$pass = in_md5($_GET['pass']);
$browser = filter($_SERVER['HTTP_USER_AGENT']);
$ip = filter($_SERVER['REMOTE_ADDR']);
$q1 = $db->prepare("SELECT * FROM `user` WHERE `login` = ? AND `pass` = ? LIMIT 1"
;
$q1->execute([$login,$pass]);
if ($q1->rowCount() >0)
{
$us = $db->prepare("SELECT * FROM `user` WHERE `login` = ? AND `pass` = ? LIMIT 1";
$us->execute([$login,$pass]);
$us = $user->fetch(PDO::FETCH_OBJ);
$_SESSION['user_id'] = $us->id;
setcookie('us', (int)$us->id, time() + 3600 * 24 * 365, '/');
setcookie('ps', $pass, time() + 3600 * 24 * 365, '/');
header('Location: /');
$db->query("INSERT INTO `logs_user` (`id_user`, `ip`, `browser`, `time`, `success`, `method`) values ('".$user->id."', '".$ip."', '".$browser."', '".time()."', '1', '1')";
exit;
}
else
{
echo '<div class="err">Неправильный логин или пароль.</div>';
$db->query("INSERT INTO `logs_user` (`id_user`, `ip`, `browser`, `time`, `success`, `method`) values ('".$user->id."', '".$ip."', '".$browser."', '".time()."', '0', '1')";
echo '<div class="menu"><a href="/"> На главную</a></div>';
include 'sys/foot.php';
exit;
}
}
}
if (isset($_POST['submit']) && $_SERVER['REQUEST_METHOD'] == 'POST' && $csrf->checkCsrf())
{
$login = filter($_POST['login']);
$pass = filter($_POST['pass']);
$user_pass = $db->prepare("SELECT `id` FROM `user` WHERE `login` = ? LIMIT 1";
$user_pass->execute([$login]);
if ($user_pass->rowCount() == 1)
{
$q2 = $db->prepare("SELECT COUNT(*) FROM `user` WHERE `login` = ? AND `pass` = ? LIMIT 1";
$q2->execute([$login,in_md5($pass)]);
if ($q2->rowCount())
{
$user = $db->prepare("SELECT `id` FROM `user` WHERE `login` = ? AND `pass` = ? LIMIT 1";
$user->execute([$login,in_md5($pass)]);
$user = $user->fetch(PDO::FETCH_OBJ);
setcookie('us', (int)$user->id, time() + 3600 * 24 * 365, '/');
setcookie('ps', in_md5($pass), time() + 3600 * 24 * 365, '/');
$db->query("INSERT INTO `logs_user` (`id_user`, `ip`, `browser`, `time`, `success`, `method`) values ('".$user->id."', '".filter($_SERVER['REMOTE_ADDR'])."', '".filter($_SERVER['HTTP_USER_AGENT'])."', '".time()."', '1', '2')";
header("Location: /";
exit;
}
else
{
$user_no = $db->prepare("SELECT `id` FROM `user` WHERE `login` = ? LIMIT 1";
$user_no->execute([$login]);
$user_no = $user_no->fetch(PDO::FETCH_OBJ);
$error = true;
$errort = '<div class="err">Неправильный логин или пароль.</div>';
$db->query("INSERT INTO `logs_user` (`id_user`, `ip`, `browser`, `time`, `success`, `method`) values ('".$user_no->id."', '".filter($_SERVER['REMOTE_ADDR'])."', '".filter($_SERVER['HTTP_USER_AGENT'])."', '".time()."', '0', '2')";
}
}
else
{
$error = true;
$errort = '<div class="err">Неправильный логин или пароль.</div>';
}
echo $errort;
}
echo '<div class="post_title1">Вход</div>';
echo '
<form class="post" method="post">
'.$csrf->field().'
Логин: <br><input class = "form-control" type="text" name="login" required/>
<br>Пароль: <br>
<input type="password" class = "form-control" name="pass" required/>
<br><input type="submit" name="submit" value="Войти в аккаунт"/>
</form></div>';
echo '<div class="post_title0">Что-то еще?</div>';
echo '<a href="/retry_password.php">'.$div->link.'Восстановить пароль'.$div->off.'</a>';
include_once "sys/foot.php";
?>
$title = 'Авторизация';
include_once "sys/functions.php";
include_once "sys/connect.php";
include_once "sys/core.php";
include_once "sys/head.php";
if (!isset($user))
{
if (isset($_GET['login']) && isset($_GET['pass']))
{
$login = filter($_GET['login']);
$pass = in_md5($_GET['pass']);
$browser = filter($_SERVER['HTTP_USER_AGENT']);
$ip = filter($_SERVER['REMOTE_ADDR']);
$q1 = $db->prepare("SELECT * FROM `user` WHERE `login` = ? AND `pass` = ? LIMIT 1"
;$q1->execute([$login,$pass]);
if ($q1->rowCount() >0)
{
$us = $db->prepare("SELECT * FROM `user` WHERE `login` = ? AND `pass` = ? LIMIT 1"
;$us->execute([$login,$pass]);
$us = $user->fetch(PDO::FETCH_OBJ);
$_SESSION['user_id'] = $us->id;
setcookie('us', (int)$us->id, time() + 3600 * 24 * 365, '/');
setcookie('ps', $pass, time() + 3600 * 24 * 365, '/');
header('Location: /');
$db->query("INSERT INTO `logs_user` (`id_user`, `ip`, `browser`, `time`, `success`, `method`) values ('".$user->id."', '".$ip."', '".$browser."', '".time()."', '1', '1')"
;exit;
}
else
{
echo '<div class="err">Неправильный логин или пароль.</div>';
$db->query("INSERT INTO `logs_user` (`id_user`, `ip`, `browser`, `time`, `success`, `method`) values ('".$user->id."', '".$ip."', '".$browser."', '".time()."', '0', '1')"
;echo '<div class="menu"><a href="/"> На главную</a></div>';
include 'sys/foot.php';
exit;
}
}
}
if (isset($_POST['submit']) && $_SERVER['REQUEST_METHOD'] == 'POST' && $csrf->checkCsrf())
{
$login = filter($_POST['login']);
$pass = filter($_POST['pass']);
$user_pass = $db->prepare("SELECT `id` FROM `user` WHERE `login` = ? LIMIT 1"
;$user_pass->execute([$login]);
if ($user_pass->rowCount() == 1)
{
$q2 = $db->prepare("SELECT COUNT(*) FROM `user` WHERE `login` = ? AND `pass` = ? LIMIT 1"
;$q2->execute([$login,in_md5($pass)]);
if ($q2->rowCount())
{
$user = $db->prepare("SELECT `id` FROM `user` WHERE `login` = ? AND `pass` = ? LIMIT 1"
;$user->execute([$login,in_md5($pass)]);
$user = $user->fetch(PDO::FETCH_OBJ);
setcookie('us', (int)$user->id, time() + 3600 * 24 * 365, '/');
setcookie('ps', in_md5($pass), time() + 3600 * 24 * 365, '/');
$db->query("INSERT INTO `logs_user` (`id_user`, `ip`, `browser`, `time`, `success`, `method`) values ('".$user->id."', '".filter($_SERVER['REMOTE_ADDR'])."', '".filter($_SERVER['HTTP_USER_AGENT'])."', '".time()."', '1', '2')"
;header("Location: /"
;exit;
}
else
{
$user_no = $db->prepare("SELECT `id` FROM `user` WHERE `login` = ? LIMIT 1"
;$user_no->execute([$login]);
$user_no = $user_no->fetch(PDO::FETCH_OBJ);
$error = true;
$errort = '<div class="err">Неправильный логин или пароль.</div>';
$db->query("INSERT INTO `logs_user` (`id_user`, `ip`, `browser`, `time`, `success`, `method`) values ('".$user_no->id."', '".filter($_SERVER['REMOTE_ADDR'])."', '".filter($_SERVER['HTTP_USER_AGENT'])."', '".time()."', '0', '2')"
;}
}
else
{
$error = true;
$errort = '<div class="err">Неправильный логин или пароль.</div>';
}
echo $errort;
}
echo '<div class="post_title1">Вход</div>';
echo '
<form class="post" method="post">
'.$csrf->field().'
Логин: <br><input class = "form-control" type="text" name="login" required/>
<br>Пароль: <br>
<input type="password" class = "form-control" name="pass" required/>
<br><input type="submit" name="submit" value="Войти в аккаунт"/>
</form></div>';
echo '<div class="post_title0">Что-то еще?</div>';
echo '<a href="/retry_password.php">'.$div->link.'Восстановить пароль'.$div->off.'</a>';
include_once "sys/foot.php";
?>
(25 июл 2016, 21:53) (0/0)
[0]
После реги когда входишь выводится кукис deleted типа удалён и не входит.Прикол в том что оно не у всех так
после реги
после реги
- 1 из 1
