battles/enter.php

69 lines
3.0 KiB
PHP
Raw Normal View History

2018-01-28 16:40:49 +00:00
<?php
session_start();
include("config.php");
2019-03-28 15:02:04 +00:00
foreach ($_POST as $key => $val) { //Проверка всех значений массива POST одним махом.
2018-01-28 16:40:49 +00:00
$_POST[$key] = iconv(mb_detect_encoding($_POST[$key], 'auto'), 'utf-8', $val);
}
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_SPECIAL_CHARS);
2020-06-23 08:49:49 +00:00
$password = $_POST['password'] ?? '';
$battle = $_COOKIE['battle'] ?? '';
2018-01-28 16:40:49 +00:00
$error = "";
if ($username && $password) {
$user_query = db::c()->query('SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s"', $username)->fetch_assoc();
2018-01-28 16:40:49 +00:00
if (!$user_query['id']) {
$error = 'Ой! Такого пользователя нет!';
} elseif ($user_query['block'] == 1) {
$error = 'Ой! Вы заблокированы!';
} elseif (password_verify($password, $user_query['pass'])) {
2018-01-28 16:40:49 +00:00
if (!$error) {
2018-12-11 17:40:12 +00:00
# Проверка на мультоводство по используемому кукису.
if ($battle != null && $user_query['id'] != $battle) {
db::c()->query('INSERT INTO users_logs (user_id, type, text) VALUES (?i, "?s", "?s")', $user_query['id'], "multiaccounts", "Разные ID на входе. Возможно используются несколько аккаунтов.");
}
setcookie("battle", $user_query['id']);
$_SESSION['uid'] = $user_query['id'];
setcookie("uid", $user_query['id'], time() + 43200, "/", GAMEDOMAIN);
setcookie("hashcode", md5($user_query['id'] . $user_query["pass"] . $user_query["login"]), time() + 43200, "/", GAMEDOMAIN);
$_SESSION['sid'] = session_id();
$onl = db::c()->query('SELECT user_id FROM online WHERE user_id = "?s"', $user_query['id'])->fetch_assoc();
2020-06-23 15:15:47 +00:00
if (isset($onl['user_id'])) {
db::c()->query('UPDATE online SET date = ?i WHERE user_id = "?s"', time(), $user_query['id']);
} else {
db::c()->query('INSERT INTO online (user_id, date, room) VALUES (?i, ?i, ?i)', $user_query['id'], time(), $user_query['room']);
}
2018-01-28 16:40:49 +00:00
db::c()->query('UPDATE `users` SET `session_id` = "?s", `enter_game` = ?i WHERE `id` = ?i', session_id(), 1, $user_query['id']);
2020-06-23 15:13:46 +00:00
// DEPRECATED. NO TABLE IN DB!
// $sms = db::c()->query('SELECT * FROM `telegraph` WHERE `receiver` = ?i', $data['id']);
// while ($res = $sms->fetch_assoc()) {
// db::c()->query('INSERT INTO `chat` (`touid`, `msg`, `type`) VALUES (?i, "?s", "?s")', $res['receiver'], $res['text'], 'sms');
// }
// db::c()->query('DELETE FROM `telegraph` WHERE `receiver` = ?i', $data['id']);
2018-01-28 16:40:49 +00:00
header("Location: fight.php");
}
2018-01-28 16:40:49 +00:00
}
}
2018-01-28 16:40:49 +00:00
?>
<!doctype html>
<html lang="ru-RU">
<head>
<meta charset=UTF-8">
<link href="css/main.css" rel="stylesheet">
<title>Входим...</title>
</head>
<body>
<?php if (!empty($error)): ?>
<a href="/"> на главную</a>
<h1><?php echo $error; ?></h1>
<?php endif; ?>
2018-01-28 16:40:49 +00:00
</body>
</html>