Файл: tankon.mobi/loginAPI.php
Строк: 110
<?
//include_once 'sys/inc/mp3.php';ре
//include_once 'sys/inc/zip.php';
include_once 'sys/inc/start.php';
include_once 'sys/inc/compress.php';
include_once 'sys/inc/sess.php';
include_once 'sys/inc/home.php';
include_once 'sys/inc/settings.php';
include_once 'sys/inc/db_connect.php';
include_once 'sys/inc/ipua.php';
include_once 'sys/inc/fnc.php';
include_once 'sys/inc/shif.php';
$show_all=true; // показ для всех
include_once 'sys/inc/user.php';
only_unreg();
include_once 'sys/inc/thead.php';
title();
//aut();
if (isset($_POST['token'])) { $s = file_get_contents('http://ulogin.ru/token.php?token=' . $_POST['token'] . '&host=' . $_SERVER['HTTP_HOST']); $_POST['loginAPI'] = true; }
if (isset($_POST['token']))$users = json_decode($s, true);
if (isset($_POST['token']) && !isset($user) && $users['network'] && $users['identity'] && $_POST['loginAPI'] == true)
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `type_reg` = '" . $users['network'] . "' AND `identity` = '" . $users['identity'] . "'"),0) == 0)
{
/*
================================
Имя к id и пол
================================
*/
if ($users['network'] == 'odnoklassniki')
$idi = 'ok';
else
$idi = null;
if ($users['sex'] == 2) $pol = 1;
else $pol = 0;
/*
================================
Создаем ник
================================
*/
$identity = $users['identity'];
$identity = str_replace('http://www.facebook.com', '', $identity);
$identity = str_replace('http://openid.yandex.ru', '', $identity);
$identity = str_replace('http://vk.com', '', $identity);
$identity = str_replace('http://odnoklassniki.ru', '', $identity);
$identity = str_replace('http://my.mail.ru/mail', '', $identity);
$identity = str_replace('/', '', $identity);
$identity = str_replace('.', '', $identity);
$identity = $idi . $identity;
/*
================================
Проверяем наличие ника в базе
если есть то добавляем случайное
число
================================
*/
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `nick` = '" . $identity . "'"),0)!=0)
$identity = $identity . '_' . mt_rand(0000, 9999);
/*
================================
Регаем пользователя
================================
*/
$pass = $passgen;
mysql_query("INSERT INTO `user` (`nick`, `pass`, `date_reg`, `date_last`, `pol`, `identity`, `type_reg`)
values('$identity', '" . shif($pass) . "', '$time', '$time', '" . $pol . "','" . $users['identity'] . "', '" . $users['network'] . "')",$db);
$user=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `nick` = '".$identity."' AND `pass` = '". shif($pass) ."' LIMIT 1"));
// отправка сообщения
$msgg = "Уважаем".($pol == 1 ? "ый" : "ая")." $users[first_name], поздравляем с успешной регистрацией на сайте! Ваш логин: $identity пароль: $pass .";
mysql_query("INSERT INTO `kolhoz_mail` (`id_user`, `id_kont`, `msg`, `time`, `type`) values('$user[id]', '1', '".my_esc($msgg)."', '$time', 'to')");
$_SESSION['id_user']=$user['id'];
setcookie('id_user', $user['id'], time()+60*60*24*365);
$_SESSION['message'] = 'Поздравляем с успешной регистрацией!';
header("Location: /");
exit;
}else{
$user=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `type_reg` = '" . $users['network'] . "' AND `identity` = '" . $users['identity'] . "' LIMIT 1"));
$_SESSION['id_user'] = $user['id'];
setcookie('id_user', $user['id'], time() + 60 * 60 * 24 * 365);
mysql_query("UPDATE `user` SET `date_aut` = " . time() . " WHERE `id` = '$user[id]' LIMIT 1");
mysql_query("UPDATE `user` SET `date_last` = " . time() . " WHERE `id` = '$user[id]' LIMIT 1");
$_SESSION['message'] = 'Вы успешно авторизовались';
header("Location: /");
exit;
}
}
?>