lopar/battles
lopar/battles
0
0
Fork 0
Code Issues 21 Pull Requests Releases Wiki Activity

Добавлена возможность перехешировать пароль по запросу.

Browse Source
This commit is contained in:
Igor Barkov [iwork] 2018-03-06 15:08:21 +02:00
parent e5cfec57b4
commit ddb90fcdaa
1 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
enter.php
View File

@ -7,17 +7,17 @@ foreach ($_POST as $key => $val) { //???????????????
} }
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_SPECIAL_CHARS); $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_SPECIAL_CHARS);
$password = password_hash(filter_input(INPUT_POST, 'password'), PASSWORD_DEFAULT); $password = filter_input(INPUT_POST, 'password');
$battle = filter_input(INPUT_COOKIE, 'battle'); $battle = filter_input(INPUT_COOKIE, 'battle');
$error = ""; $error = "";
if ($username && $password) { if ($username && $password) {
$data = db::c()->query('SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s" AND `pass` = "?s"', $username, $password)->fetch_assoc(); $data = db::c()->query('SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s"', $username,)->fetch_assoc();
if (!$data['id']) { if (!$data['id']) {
$error = 'Неверные учётные данные!'; $error = 'Ой! Такого пользователя нет!';
} elseif ($data['block'] == 1) { } elseif ($data['block'] == 1) {
$error = 'Ваш персонаж был заблокирован!'; $error = 'Ой! Вы заблокированы!';
} elseif (password_verify($password, $data['pass'])) { } elseif (password_verify($password, $data['pass'])) {
if (!$error) { if (!$error) {
@ -66,11 +66,9 @@ if ($username_upd && $password_upd) {
$data = db::c()->query('SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s" AND `pass` = "?s"', $username_upd, md5($password_upd))->fetch_assoc(); $data = db::c()->query('SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s" AND `pass` = "?s"', $username_upd, md5($password_upd))->fetch_assoc();
if ($data['id']) { if ($data['id']) {
db::c()->query('UPDATE `users` SET `pass` = "?s" WHERE `login` = "?s"', password_hash($password_upd, PASSWORD_DEFAULT), $username_upd); db::c()->query('UPDATE `users` SET `pass` = "?s" WHERE `login` = "?s"', password_hash($password_upd, PASSWORD_DEFAULT), $username_upd);
echo "Успешно!";
header("Location: index.php"); header("Location: index.php");
} else { } else {
echo '<span class="redalert">Ошибка!</span>'; $error = 'Ошибка!'
header("Location: index.php");
} }
} }