Файл: includes/aut.php
Строк: 15
<?php
include '../controller/controller.php';
up('Авторизация');
if(isset($user)) {
header('Location: '.HOME);
exit();
}
echo '<div class="header"><img src="'.HOME.'/templates/images/55.png" alt="*" /> Авторизация</div>';
if(isset($_REQUEST['ok'])) {
$wmid = xss($_POST['wmid']);
$pass = xss($_POST['pass']);
$sql = mysql_fetch_assoc(mysql_query('select * from `user` where `wmid` = "'.$wmid.'" and `pass` = "'.md5(md5($pass)).'" limit 1'));
if($sql != true) $error = 'Пользователь не существует.';
if(isset($error)){
echo '<div class="home"><div class="error">'.$error.'</div></div>';
}else{
setcookie('userwmid', $wmid, time()+86400*365, '/');
setcookie('userpass', md5(md5($pass)), time()+86400*365, '/');
header('Location: /');
exit();
}
}
echo '<div class="home"><form method="POST">
Ваш WMID:<br /><input type="text" name="wmid" /><br />
Ваш пароль:<br /><input type="password" name="pass" /><br />
<input type="submit" name="ok" value="Авторизация" />
</form></div>';
down();
?>