2018-01-28 16:40:49 +00:00
< ? php
session_start ();
include ( " config.php " );
2019-03-28 15:02:04 +00:00
foreach ( $_POST as $key => $val ) { //Проверка всех значений массива POST одним махом.
2018-01-28 16:40:49 +00:00
$_POST [ $key ] = iconv ( mb_detect_encoding ( $_POST [ $key ], 'auto' ), 'utf-8' , $val );
}
$username = filter_input ( INPUT_POST , 'username' , FILTER_SANITIZE_SPECIAL_CHARS );
2020-06-23 08:49:49 +00:00
$password = $_POST [ 'password' ] ? ? '' ;
$battle = $_COOKIE [ 'battle' ] ? ? '' ;
2018-01-28 16:40:49 +00:00
$error = " " ;
2018-03-05 18:02:24 +00:00
if ( $username && $password ) {
2020-07-29 05:48:24 +00:00
$user_query = db :: c () -> query ( 'SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s"' , $username ) -> fetch_assoc ();
2018-01-28 16:40:49 +00:00
2020-07-29 05:48:24 +00:00
if ( ! $user_query [ 'id' ]) {
2018-03-06 13:08:21 +00:00
$error = 'Ой! Такого пользователя нет!' ;
2020-07-29 05:48:24 +00:00
} elseif ( $user_query [ 'block' ] == 1 ) {
2018-03-06 13:08:21 +00:00
$error = 'Ой! Вы заблокированы!' ;
2020-07-29 05:48:24 +00:00
} elseif ( password_verify ( $password , $user_query [ 'pass' ])) {
2018-01-28 16:40:49 +00:00
2018-03-05 18:02:24 +00:00
if ( ! $error ) {
2018-12-11 17:40:12 +00:00
# Проверка на мультоводство по используемому кукису.
2020-07-29 05:48:24 +00:00
if ( $battle != null && $user_query [ 'id' ] != $battle ) {
db :: c () -> query ( 'INSERT INTO users_logs (user_id, type, text) VALUES (?i, "?s", "?s")' , $user_query [ 'id' ], " multiaccounts " , " Разные ID на входе. Возможно используются несколько аккаунтов. " );
2018-03-05 18:02:24 +00:00
}
2020-07-29 05:48:24 +00:00
setcookie ( " battle " , $user_query [ 'id' ]);
$_SESSION [ 'uid' ] = $user_query [ 'id' ];
setcookie ( " uid " , $user_query [ 'id' ], time () + 43200 , " / " , GAMEDOMAIN );
setcookie ( " hashcode " , md5 ( $user_query [ 'id' ] . $user_query [ " pass " ] . $user_query [ " login " ]), time () + 43200 , " / " , GAMEDOMAIN );
2018-03-05 18:02:24 +00:00
$_SESSION [ 'sid' ] = session_id ();
2020-07-29 05:48:24 +00:00
$onl = db :: c () -> query ( 'SELECT user_id FROM online WHERE user_id = "?s"' , $user_query [ 'id' ]) -> fetch_assoc ();
2020-06-23 15:15:47 +00:00
if ( isset ( $onl [ 'user_id' ])) {
2020-07-29 05:48:24 +00:00
db :: c () -> query ( 'UPDATE online SET date = ?i WHERE user_id = "?s"' , time (), $user_query [ 'id' ]);
2018-03-05 18:02:24 +00:00
} else {
2020-07-29 05:48:24 +00:00
db :: c () -> query ( 'INSERT INTO online (user_id, date, room) VALUES (?i, ?i, ?i)' , $user_query [ 'id' ], time (), $user_query [ 'room' ]);
2018-03-05 18:02:24 +00:00
}
2018-01-28 16:40:49 +00:00
2020-07-29 05:48:24 +00:00
db :: c () -> query ( 'UPDATE `users` SET `session_id` = "?s", `enter_game` = ?i WHERE `id` = ?i' , session_id (), 1 , $user_query [ 'id' ]);
2020-06-23 15:13:46 +00:00
// DEPRECATED. NO TABLE IN DB!
// $sms = db::c()->query('SELECT * FROM `telegraph` WHERE `receiver` = ?i', $data['id']);
// while ($res = $sms->fetch_assoc()) {
// db::c()->query('INSERT INTO `chat` (`touid`, `msg`, `type`) VALUES (?i, "?s", "?s")', $res['receiver'], $res['text'], 'sms');
// }
// db::c()->query('DELETE FROM `telegraph` WHERE `receiver` = ?i', $data['id']);
2018-01-28 16:40:49 +00:00
2018-03-05 18:02:24 +00:00
header ( " Location: fight.php " );
}
2018-01-28 16:40:49 +00:00
}
2018-03-05 18:02:24 +00:00
}
2018-01-28 16:40:49 +00:00
?>
<! doctype html >
< html lang = " ru-RU " >
< head >
< meta charset = UTF - 8 " >
< link href = " css/main.css " rel = " stylesheet " >
< title > Входим ...</ title >
</ head >
< body >
< ? php if ( ! empty ( $error )) : ?>
< a href = " / " > ← на главную </ a >
< h1 >< ? php echo $error ; ?> </h1>
2020-06-23 05:02:30 +00:00
< ? php endif ; ?>
2018-01-28 16:40:49 +00:00
</ body >
</ html >