From ddb90fcdaaedf4c81c5dcf0669036725713ac80b Mon Sep 17 00:00:00 2001
From: "Igor Barkov [iwork]" <lopar.4ever@gmail.com>
Date: Tue, 6 Mar 2018 15:08:21 +0200
Subject: [PATCH] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5?=
 =?UTF-8?q?=D0=BD=D0=B0=20=D0=B2=D0=BE=D0=B7=D0=BC=D0=BE=D0=B6=D0=BD=D0=BE?=
 =?UTF-8?q?=D1=81=D1=82=D1=8C=20=D0=BF=D0=B5=D1=80=D0=B5=D1=85=D0=B5=D1=88?=
 =?UTF-8?q?=D0=B8=D1=80=D0=BE=D0=B2=D0=B0=D1=82=D1=8C=20=D0=BF=D0=B0=D1=80?=
 =?UTF-8?q?=D0=BE=D0=BB=D1=8C=20=D0=BF=D0=BE=20=D0=B7=D0=B0=D0=BF=D1=80?=
 =?UTF-8?q?=D0=BE=D1=81=D1=83.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 enter.php | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/enter.php b/enter.php
index 420c262..90aba51 100644
--- a/enter.php
+++ b/enter.php
@@ -7,17 +7,17 @@ foreach ($_POST as $key => $val) { //???????????????
 }
 
 $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_SPECIAL_CHARS);
-$password = password_hash(filter_input(INPUT_POST, 'password'), PASSWORD_DEFAULT);
+$password = filter_input(INPUT_POST, 'password');
 $battle = filter_input(INPUT_COOKIE, 'battle');
 $error = "";
 
 if ($username && $password) {
-    $data = db::c()->query('SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s" AND `pass` = "?s"', $username, $password)->fetch_assoc();
+    $data = db::c()->query('SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s"', $username,)->fetch_assoc();
 
     if (!$data['id']) {
-        $error = 'Неверные учётные данные!';
+        $error = 'Ой! Такого пользователя нет!';
     } elseif ($data['block'] == 1) {
-        $error = 'Ваш персонаж был заблокирован!';
+        $error = 'Ой! Вы заблокированы!';
     } elseif (password_verify($password, $data['pass'])) {
 
         if (!$error) {
@@ -66,11 +66,9 @@ if ($username_upd && $password_upd) {
     $data = db::c()->query('SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s" AND `pass` = "?s"', $username_upd, md5($password_upd))->fetch_assoc();
     if ($data['id']) {
         db::c()->query('UPDATE `users` SET `pass` = "?s" WHERE `login` = "?s"', password_hash($password_upd, PASSWORD_DEFAULT), $username_upd);
-        echo "Успешно!";
         header("Location: index.php");
     } else {
-        echo '<span class="redalert">Ошибка!</span>';
-        header("Location: index.php");
+        $error = 'Ошибка!'
     }
 }