Файл: monst/ok_login.php
Строк: 42
<?
$logged_user_id = ( isset($_GET['logged_user_id']) ? $_GET['logged_user_id'] : 0 );
$session_key = ( isset($_GET['session_key']) ? $_GET['session_key'] : 0 );
$application_secret_key = 'D13B0D81BD6FC99F9DD7E02C';
$session_secret_key = $_GET['session_secret_key'];
$auth_sig = ( isset($_GET['auth_sig']) ? $_GET['auth_sig'] : 0 );
if ( !$logged_user_id OR !$session_key OR !$auth_sig ) {
echo 'empty';
exit;
}
$md5 = md5($logged_user_id . $session_key . $application_secret_key);
if ( $md5 != $auth_sig ) {
echo 'no md5';
exit;
}
// ---------------------------------------------------------------------------------------------------------------------
session_start();
$_SESSION['ok__session_key'] = $session_key;
$_SESSION['ok__session_secret_key'] = $session_secret_key;
$HOME = $_SERVER['DOCUMENT_ROOT'];
include $HOME . '/core/in/fnct.php';
include $HOME . '/core/in/db.php';
$user_agent = null_html($_SERVER['HTTP_USER_AGENT']);
if ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) ) { # miniopera real ip
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif ( isset($_SERVER['HTTP_CF_CONNECTING_IP'] ) ) { # cloudflare
$ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
$find = $_users -> findOne(
[
'ok_id' => $logged_user_id
]
);
if ( $find ) {
Cook_set('id', $find['id']);
Cook_set('pass', $find['pass']);
} else {
$id = new_id('_users');
$name = 'Новичок ' . $id;
$pass = md5(r() . r() . 'demonpass');
$insert = $_users -> insert(
[
'id' => $id,
'ok_id' => $logged_user_id,
'name' => $name,
'pass' => $pass,
'r_time' => time(),
'l_time' => time(),
'user_agent' => $user_agent,
'ip' => $ip,
'account_saved' => 0,
'lang' => 'ru'
]
);
Cook_set('id', $id);
Cook_set('pass', $pass);
}
g('/main');