Файл: anifun.ru/ac.php
Строк: 25
<?php
############################################
## By Holopsicon
## https://psgame.net
############################################
if(isset($_GET['log'])){
$log = htmlspecialchars(stripslashes(addslashes($_GET['log'])));
$pas = htmlspecialchars(stripslashes(addslashes($_GET['pas'])));
}else{
$log = htmlspecialchars(stripslashes(addslashes($_POST['log'])));
$pas = htmlspecialchars(stripslashes(addslashes($_POST['pas'])));
}
#$log = mysql_real_escape_string($_GET['log']);
#$pas = mysql_real_escape_string($_GET['pas']);
#$log = mysql_real_escape_string($_POST['log']);
#$pas = mysql_real_escape_string($_POST['pas']);
include"files/db.php";
$s = DB::$dbs->queryFetch("SELECT `salt` FROM `account` WHERE `name` = ? and `del` != ? LIMIT 1",array($log,on));
if (!empty($s)) {
$pas = md5(md5($pas).$s[salt]);
}
$polz = DB::$dbs->queryFetch("SELECT * FROM `account` WHERE `name` = ? and `password` = ? and `del` != ? LIMIT 1",array($log,$pas,on));
if (empty($polz)) {
header ("Location: /login/error/");
}
$arr = DB::$dbs->queryFetch("SELECT `id` FROM `account` WHERE `name` = ? and `password` = ? and `del` != ? LIMIT 1",array($log,$pas,on));
if (!empty($arr)) {
SetCookie("user_id",$arr['id'],time()+86400*24*1000, '/');
SetCookie("pas",$pas,time()+86400*24*1000, '/');
header ("Location: /");exit();
}
?>