2018-01-28 16:40:49 +00:00
< ? php
session_start ();
include ( " config.php " );
2020-08-27 12:53:01 +00:00
define ( 'ERROR_NO_SUCH_USER' , 'Такого пользователя не существует!' );
define ( 'ERROR_USER_IS_BLOCKED' , 'Пользователь заблокирован!' );
define ( 'ERROR_WRONG_PASSWORD' , 'Неверный пароль!' );
define ( 'ERROR_EMPTY_CREDENTIALS' , 'Вы не ввели логин или пароль!' );
2019-03-28 15:02:04 +00:00
foreach ( $_POST as $key => $val ) { //Проверка всех значений массива POST одним махом.
2018-01-28 16:40:49 +00:00
$_POST [ $key ] = iconv ( mb_detect_encoding ( $_POST [ $key ], 'auto' ), 'utf-8' , $val );
}
$username = filter_input ( INPUT_POST , 'username' , FILTER_SANITIZE_SPECIAL_CHARS );
2020-06-23 08:49:49 +00:00
$password = $_POST [ 'password' ] ? ? '' ;
$battle = $_COOKIE [ 'battle' ] ? ? '' ;
2018-01-28 16:40:49 +00:00
$error = " " ;
2018-03-05 18:02:24 +00:00
if ( $username && $password ) {
2020-07-29 05:48:24 +00:00
$user_query = db :: c () -> query ( 'SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s"' , $username ) -> fetch_assoc ();
2018-01-28 16:40:49 +00:00
2020-07-29 05:48:24 +00:00
if ( ! $user_query [ 'id' ]) {
2020-08-27 12:53:01 +00:00
$error = ERROR_NO_SUCH_USER ;
2020-07-29 05:48:24 +00:00
} elseif ( $user_query [ 'block' ] == 1 ) {
2020-08-27 12:53:01 +00:00
$error = ERROR_USER_IS_BLOCKED ;
2020-07-29 05:48:24 +00:00
} elseif ( password_verify ( $password , $user_query [ 'pass' ])) {
2018-01-28 16:40:49 +00:00
2018-03-05 18:02:24 +00:00
if ( ! $error ) {
2018-12-11 17:40:12 +00:00
# Проверка на мультоводство по используемому кукису.
2020-07-29 05:48:24 +00:00
if ( $battle != null && $user_query [ 'id' ] != $battle ) {
db :: c () -> query ( 'INSERT INTO users_logs (user_id, type, text) VALUES (?i, "?s", "?s")' , $user_query [ 'id' ], " multiaccounts " , " Разные ID на входе. Возможно используются несколько аккаунтов. " );
2018-03-05 18:02:24 +00:00
}
2020-07-29 05:48:24 +00:00
setcookie ( " battle " , $user_query [ 'id' ]);
$_SESSION [ 'uid' ] = $user_query [ 'id' ];
setcookie ( " uid " , $user_query [ 'id' ], time () + 43200 , " / " , GAMEDOMAIN );
setcookie ( " hashcode " , md5 ( $user_query [ 'id' ] . $user_query [ " pass " ] . $user_query [ " login " ]), time () + 43200 , " / " , GAMEDOMAIN );
2018-03-05 18:02:24 +00:00
$_SESSION [ 'sid' ] = session_id ();
2020-07-29 05:48:24 +00:00
$onl = db :: c () -> query ( 'SELECT user_id FROM online WHERE user_id = "?s"' , $user_query [ 'id' ]) -> fetch_assoc ();
2020-06-23 15:15:47 +00:00
if ( isset ( $onl [ 'user_id' ])) {
2020-07-29 05:48:24 +00:00
db :: c () -> query ( 'UPDATE online SET date = ?i WHERE user_id = "?s"' , time (), $user_query [ 'id' ]);
2018-03-05 18:02:24 +00:00
} else {
2020-10-27 19:55:51 +00:00
db :: c () -> query ( 'INSERT INTO online (user_id, date, room, real_time) VALUES (?i, ?i, ?i, ?i)' , $user_query [ 'id' ], time (), $user_query [ 'room' ], time ());
2018-03-05 18:02:24 +00:00
}
2018-01-28 16:40:49 +00:00
2020-07-29 05:48:24 +00:00
db :: c () -> query ( 'UPDATE `users` SET `session_id` = "?s", `enter_game` = ?i WHERE `id` = ?i' , session_id (), 1 , $user_query [ 'id' ]);
2018-03-05 18:02:24 +00:00
header ( " Location: fight.php " );
}
2020-08-27 12:45:53 +00:00
} else {
2020-08-27 12:53:01 +00:00
$error = ERROR_WRONG_PASSWORD ;
2018-01-28 16:40:49 +00:00
}
2020-08-27 12:45:53 +00:00
} else {
2020-08-27 12:53:01 +00:00
$error = ERROR_EMPTY_CREDENTIALS ;
2018-03-05 18:02:24 +00:00
}
2018-01-28 16:40:49 +00:00
2020-09-30 14:36:55 +00:00
Template :: header ( 'Входим...' );
if ( $error ) {
echo sprintf ( '<a href="/"> ← на главную</a><h1>%s</h1>' , $error );
}