Файл: wenr.online/app/user/start.php
Строк: 41
<?php
if ($user->isAuth()) {
redirect('/game');
exit;
}
$check = $db->prepare('select * from `users` where `ip` = ?');
$check -> execute([get_ip()]);
$check = $check -> rowCount();
if($check > 10){
Notif :: error('Слишком много аккаунтов для вашего IP адреса','/');
exit;
}
$form =
['value' =>
[
'password' => random_string(12),
'nick' => 'Безымянный',
]];
$password = password_hash($form['value']['password'], PASSWORD_DEFAULT);
$created_at = date('Y-m-d H:i:s', time());
$ref = 0;
if(isset($_SESSION['inv'])) $ref = $_SESSION['inv'];
$stmt = $db->prepare("INSERT INTO users SET password = :password, nick = :nick, created_at = :created_at, ref = :ref");
$stmt->bindParam(':password', $password, PDO::PARAM_STR);
$stmt->bindParam(':nick', $form['value']['nick'], PDO::PARAM_STR);
$stmt->bindParam(':created_at', $created_at, PDO::PARAM_STR);
$stmt->bindParam(':ref', $ref, PDO::PARAM_STR);
$stmt->execute();
$user_id = $db->lastInsertId();
$token = md5(random_string());
$auth = $db->prepare("INSERT INTO users_sessions SET user_id = :user_id, token = :token, created_at = :created_at");
$auth->bindParam(':user_id', $user_id, PDO::PARAM_INT);
$auth->bindParam(':token', $token, PDO::PARAM_STR);
$auth->bindParam(':created_at', $created_at, PDO::PARAM_STR);
$auth->execute();
$session = json_encode([
'user_id' => base64_encode($user_id),
'token' => base64_encode($token),
]);
$session = base64_encode($session);
setcookie('__session', $session, 86400 * 365 + time(), '/');
$_SESSION['__session'] = $session;
redirect('/start/quest');
exit;