Файл: sys/core/user.php
Строк: 33
<?php
/*
Dcms-Fiera v 1.3.x
*/
# если сессия не пуста
if (!empty($_SESSION['id_user']))
{
# проверяем наличие пользователя
$q = mysql_query("SELECT `id` FROM `user` WHERE `id` = '".$_SESSION['id_user']."'");
# если такой нашелся
if (mysql_num_rows($q) == 1)
{
# определяем пользователя
$user=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".$_SESSION['id_user']."' LIMIT 1"));
mysql_query("UPDATE `user` SET `date_last` = '".$time."' WHERE `id` = '".$user['id']."' LIMIT 1");
$user['type_input']='session';
}
} # если сесии нет, то проверяем куки
elseif (!empty($_COOKIE['id_user']) && !empty($_COOKIE['pass']) && (!isset($input_page)))
{
header('Location: /dev/auth.php?return='.urlencode($_SERVER['REQUEST_URI'])); exit;
}
if (isset($user))
{
$timeactiv=time() - $user['date_last'];
if($timeactiv < 120)
{
$newtimeactiv=$user['time']+$timeactiv;
mysql_query("UPDATE `user` SET `time` ='".$newtimeactiv."' WHERE `id` = '".$user['id']."' LIMIT 1");
}
if (!isset($banpage)) // бан пользователя
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `ban` WHERE `id_user` = '$user[id]' AND (`time` > '$time' OR `view` = '0')"), 0)!=0)
{
header('Location: /dev/ban.php?'.SID);exit;
}
}
if (isset($ip2['add']))mysql_query("UPDATE `user` SET `ip` = ".ip2long($ip2['add'])." WHERE `id` = '$user[id]' LIMIT 1");
else mysql_query("UPDATE `user` SET `ip` = null WHERE `id` = '$user[id]' LIMIT 1");
if (isset($ip2['cl']))mysql_query("UPDATE `user` SET `ip_cl` = ".ip2long($ip2['cl'])." WHERE `id` = '$user[id]' LIMIT 1");
else mysql_query("UPDATE `user` SET `ip_cl` = null WHERE `id` = '$user[id]' LIMIT 1");
if (isset($ip2['xff']))mysql_query("UPDATE `user` SET `ip_xff` = ".ip2long($ip2['xff'])." WHERE `id` = '$user[id]' LIMIT 1");
else mysql_query("UPDATE `user` SET `ip_xff` = null WHERE `id` = '$user[id]' LIMIT 1");
if ($ua)mysql_query("UPDATE `user` SET `ua` = '".my_esc($ua)."' WHERE `id` = '$user[id]' LIMIT 1");
/*
$collision_q=mysql_query("SELECT * FROM `user` WHERE `ip` = '$iplong' AND `ua` = '".my_esc($ua)."' AND `date_last` > '".(time()-600)."' AND `id` <> '$user[id]'");
while ($collision = mysql_fetch_assoc($collision_q))
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user_collision` WHERE `id_user` = '$user[id]' AND `id_user2` = '$collision[id]' OR `id_user2` = '$user[id]' AND `id_user` = '$collision[id]'"), 0)==0)
mysql_query("INSERT INTO `user_collision` (`id_user`, `id_user2`, `type`) values('$user[id]', '$collision[id]', 'ip_ua_time')");
}
*/
}
if (!isset($user) || $user['acces']==0)
{
@error_reporting(0);
@ini_set('display_errors',false); // показ ошибок
if (function_exists('set_time_limit'))@set_time_limit(20); // Ставим ограничение на 20 сек
}
?>