514 lines
16 KiB
PHP
514 lines
16 KiB
PHP
|
<?php
|
|||
|
define('GAME',true);
|
|||
|
|
|||
|
function GetRealIp()
|
|||
|
{
|
|||
|
if (!empty($_SERVER['HTTP_CLIENT_IP']))
|
|||
|
{
|
|||
|
$ip=$_SERVER['HTTP_CLIENT_IP'];
|
|||
|
}
|
|||
|
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
|
|||
|
{
|
|||
|
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$ip=$_SERVER['REMOTE_ADDR'];
|
|||
|
}
|
|||
|
return $ip;
|
|||
|
}
|
|||
|
|
|||
|
define('IP',GetRealIp());
|
|||
|
|
|||
|
include('_incl_data/__config.php');
|
|||
|
include('_incl_data/class/__db_connect.php');
|
|||
|
include('_incl_data/class/__chat_class.php');
|
|||
|
//session_reset();
|
|||
|
session_start();
|
|||
|
|
|||
|
if( isset($_GET['login'])) {
|
|||
|
$_POST['login'] = $_GET['login'];
|
|||
|
$_POST['pass'] = $_GET['pass'];
|
|||
|
$_POST['code']=$_GET['code'];
|
|||
|
}
|
|||
|
|
|||
|
if(isset($_POST['psw'])) {
|
|||
|
$_POST['pass'] = $_POST['psw'];
|
|||
|
}
|
|||
|
|
|||
|
if( isset($_SESSION['login']) ) {
|
|||
|
$_POST['login'] = $_SESSION['login'];
|
|||
|
$_POST['pass'] = $_SESSION['pass'];
|
|||
|
}
|
|||
|
|
|||
|
if( isset($_GET['cookie_login']) && $_GET['cookie_login'] != '' ) {
|
|||
|
setcookie('login',$_GET['cookie_login'],time()+60*60*24*7,'',$c['host']);
|
|||
|
setcookie('pass',$_GET['cookie_pass'],time()+60*60*24*7,'',$c['host']);
|
|||
|
//header('location: /bk');
|
|||
|
die();
|
|||
|
}
|
|||
|
|
|||
|
function error($e)
|
|||
|
{
|
|||
|
global $c;
|
|||
|
//$_SESSION['login']='';
|
|||
|
//$_SESSION['pass']='';
|
|||
|
|
|||
|
//die('<script>location = "index.php?error='.$e.'";</script>')
|
|||
|
//die('Location: index.php?error='.$e);
|
|||
|
die('
|
|||
|
<link rel="stylesheet" href="error.css">
|
|||
|
<div class="text-wrapper">
|
|||
|
<div class="title" data-content="<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>">
|
|||
|
<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>!!
|
|||
|
</div>
|
|||
|
|
|||
|
<div class="subtitle">
|
|||
|
'.$e.'
|
|||
|
</div>
|
|||
|
|
|||
|
<div class="buttons">
|
|||
|
<a class="button" href="https://new-combats.com"><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD></a>
|
|||
|
</div>
|
|||
|
</div>
|
|||
|
|
|||
|
|
|||
|
');
|
|||
|
}
|
|||
|
|
|||
|
function md5m($src)
|
|||
|
{
|
|||
|
|
|||
|
$tar = Array(16);
|
|||
|
$res = Array(16);
|
|||
|
$src = utf8_encode ($src);
|
|||
|
for ($i = 0; $i < strlen($src) || $i < 16; $i++)
|
|||
|
{
|
|||
|
$res[$i] = ord($src{$i}) ^ $i * 4;
|
|||
|
}
|
|||
|
for ($i = 0; $i < 4; $i++)
|
|||
|
{
|
|||
|
for ($j = 0; $j < 4; $j++)
|
|||
|
{
|
|||
|
$tar[$i * 4 + $j] = ($res[$j * 4 + $i] + 256) % 256;
|
|||
|
}
|
|||
|
}
|
|||
|
return ($tar);
|
|||
|
}
|
|||
|
function array2HStr($src)
|
|||
|
{
|
|||
|
$hex = Array("0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "A", "B", "C", "D", "E", "F");
|
|||
|
$res = "";
|
|||
|
for ($i = 0; $i < 16; $i++)
|
|||
|
{
|
|||
|
$res = $res . ($hex[$src[$i] >> 4] . $hex[$src[$i] % 16]);
|
|||
|
}
|
|||
|
return ($res);
|
|||
|
}
|
|||
|
|
|||
|
$socauth = false;
|
|||
|
|
|||
|
/*
|
|||
|
if(isset($_GET['vk-auth'])) {
|
|||
|
|
|||
|
$client_id = '5145826'; // ID <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
$client_secret = 'V90yIzlgSglfgrnHw7Ny'; // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>
|
|||
|
$redirect_uri = 'https://new-combats.com/enter?vk-auth'; // <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
|
|||
|
$url = 'https://oauth.vk.com/authorize';
|
|||
|
|
|||
|
$params = array(
|
|||
|
'client_id' => $client_id,
|
|||
|
'redirect_uri' => $redirect_uri,
|
|||
|
'response_type' => 'code'
|
|||
|
);
|
|||
|
|
|||
|
if(isset($_GET['code'])) {
|
|||
|
$result = false;
|
|||
|
$params = array(
|
|||
|
'client_id' => $client_id,
|
|||
|
'client_secret' => $client_secret,
|
|||
|
'code' => $_GET['code'],
|
|||
|
'redirect_uri' => $redirect_uri
|
|||
|
);
|
|||
|
|
|||
|
$token = json_decode(file_get_contents('httpss://oauth.vk.com/access_token' . '?' . urldecode(https_build_query($params))), true);
|
|||
|
|
|||
|
if (isset($token['access_token'])) {
|
|||
|
$params = array(
|
|||
|
'uids' => $token['user_id'],
|
|||
|
'fields' => 'uid,first_name,last_name,screen_name,sex,bdate,photo_big',
|
|||
|
'access_token' => $token['access_token']
|
|||
|
);
|
|||
|
|
|||
|
$userInfo = json_decode(file_get_contents('httpss://api.vk.com/method/users.get' . '?' . urldecode(https_build_query($params))), true);
|
|||
|
if (isset($userInfo['response'][0]['uid'])) {
|
|||
|
$userInfo = $userInfo['response'][0];
|
|||
|
$result = true;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
if(isset($userInfo['uid'])) {
|
|||
|
$scl = mysql_fetch_array(mysql_query('SELECT * FROM `mini_actions` WHERE `val` = "vkauth" AND `ok` = "'.mysql_real_escape_string($userInfo['uid']).'" ORDER BY `time` DESC LIMIT 1'));
|
|||
|
if(isset($scl['id'])) {
|
|||
|
$scl = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `id` = "'.$scl['uid'].'" LIMIT 1'));
|
|||
|
$_POST['login'] = $scl['login'];
|
|||
|
$socauth = true;
|
|||
|
}else{
|
|||
|
error('<27><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>#'.$userInfo['uid'].' <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.');
|
|||
|
}
|
|||
|
}else{
|
|||
|
error('<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>');
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
*/
|
|||
|
//ReCapthca
|
|||
|
require_once "./recaptchalib.php";
|
|||
|
// <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>
|
|||
|
$secret = "6Lf3EjsaAAAAALe3zRwxyPGf13ZMWZvCmvad3-jQ";
|
|||
|
|
|||
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
$response = null;
|
|||
|
|
|||
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
$reCaptcha = new ReCaptcha($secret);
|
|||
|
|
|||
|
if ($_POST["g-recaptcha-response"]) {
|
|||
|
$response = $reCaptcha->verifyResponse(
|
|||
|
$_SERVER["REMOTE_ADDR"],
|
|||
|
$_POST["g-recaptcha-response"]
|
|||
|
);
|
|||
|
}
|
|||
|
//ReCapthca
|
|||
|
|
|||
|
if (1==1)//(($response != null && $response->success=true) || $_POST['code'] != '' || $_GET['code'] != '')
|
|||
|
{
|
|||
|
|
|||
|
|
|||
|
|
|||
|
|
|||
|
$u = mysql_fetch_array(mysql_query('SELECT `u`.`pass2`,`u`.`id`,`u`.`auth`,`u`.`login`,`u`.`pass`,`u`.`city`,`u`.`ip`,`u`.`ipreg`,`u`.`online`,`u`.`banned`,`u`.`admin`,`u`.`host_reg`,`u`.`securetime`,`u`.`timereg` FROM `users` AS `u` WHERE `u`.`login`="'.mysql_real_escape_string($_POST['login']).'" ORDER BY `id` ASC LIMIT 1'));
|
|||
|
|
|||
|
$auth = mysql_fetch_array(mysql_query('SELECT * FROM `logs_auth` WHERE `uid` = "'.$u['id'].'" AND `ip` = "'.mysql_real_escape_string(IP).'" LIMIT 1'));
|
|||
|
if( $c['securetime'] > 0 && IP != $u['ip'] && IP != $u['ipreg'] && !isset($auth['id']) && $u['securetime'] < $c['securetime'] && $u['timereg'] < $c['securetime'] ) {
|
|||
|
error('<27><> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> "'.$_POST['login'].'".<br><3E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>. <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>: <a href="/repass.php?login='.htmlspecialchars($_POST['login'],NULL,'cp1251').'"><3E><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD></a><br><br><3E><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><> <20><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.<br><3E><><EFBFBD><EFBFBD> <20> <20><><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> E-mail: <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.');
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
/*if($u['host_reg'] == 'new-combats.com' && $u['online'] == 0) {
|
|||
|
$_POST['pass'] = md5($_POST['pass']);
|
|||
|
if($u['pass'] == md5($_POST['pass'])) {
|
|||
|
$u['pass'] = $_POST['pass'];
|
|||
|
mysql_query('UPDATE `users` SET `pass` = "'.mysql_real_escape_string($_POST['pass']).'",`online` = "'.time().'" WHERE `id` = "'.mysql_real_escape_string($u['id']).'" LIMIT 1');
|
|||
|
error('<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD>. <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.');
|
|||
|
}
|
|||
|
}*/
|
|||
|
|
|||
|
if( md5(md5($_POST['pass'])) == $u['pass'] ) {
|
|||
|
$_POST['pass'] = md5($_POST['pass']);
|
|||
|
}
|
|||
|
|
|||
|
if(!isset($u['id']))
|
|||
|
{
|
|||
|
error('<27><><EFBFBD><EFBFBD><EFBFBD> "'.$_POST['login'].'" <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD>.');
|
|||
|
}elseif($u['pass']!=md5($_POST['pass']) && $socauth == false)
|
|||
|
{
|
|||
|
error('<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> "'.$_POST['login'].'".');
|
|||
|
mysql_query("INSERT INTO `logs_auth` (`uid`,`ip`,`browser`,`type`,`time`,`depass`) VALUES ('".$u['id']."','".mysql_real_escape_string(IP)."','".mysql_real_escape_string($_SERVER['HTTP_USER_AGENT'])."','3','".time()."','".mysql_real_escape_string($_POST['pass'])."')");
|
|||
|
}elseif($u['banned']>0)
|
|||
|
{
|
|||
|
$fm = mysql_fetch_array(mysql_query('SELECT * FROM `users_delo` WHERE `uid` = "'.$u['id'].'" AND `hb`!=0 ORDER BY `id` DESC LIMIT 1'));
|
|||
|
if(!isset($fm['id'])) {
|
|||
|
$fm['text'] = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>: <i><3E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>-<2D><><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.</i>';
|
|||
|
}
|
|||
|
error(
|
|||
|
'<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <b>'.$_POST['login'].'</b> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.'.
|
|||
|
'<br>'.$fm['text'].'<br>'.
|
|||
|
'<br><b><3E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>!</b> <20><><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>!</a>'.
|
|||
|
'<br><3E><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <b><3E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD></b> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <a target="_blank" href="https://new-combats.com/lib/zakon/"><3E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.'
|
|||
|
.'<br><br><3E><><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><> <20> <20><><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.'
|
|||
|
);
|
|||
|
}else{
|
|||
|
|
|||
|
//<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
if( $u['pass2'] != '' && $u['pass2'] != '0' ) {
|
|||
|
$_SESSION['login'] = $_POST['login'];
|
|||
|
$_SESSION['pass'] = $_POST['pass'];
|
|||
|
$good2 = false;
|
|||
|
$koko = '';
|
|||
|
if( md5(array2HStr(md5m($_POST['code']))) == $u['pass2'] ) {
|
|||
|
$good2 = true;
|
|||
|
unset($_SESSION['login'],$_SESSION['pass']);
|
|||
|
}else{
|
|||
|
if (isset($_POST['code']))
|
|||
|
{$koko = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><br>';};
|
|||
|
setcookie('login','',time()-60*60*24,'',$c['host']);
|
|||
|
setcookie('pass','',time()-60*60*24,'',$c['host']);
|
|||
|
setcookie('login','',time()-60*60*24);
|
|||
|
setcookie('pass','',time()-60*60*24);
|
|||
|
}
|
|||
|
|
|||
|
if( $koko != '' ) {
|
|||
|
$koko = '<font color="red"><b>'.$koko.'</b></font>';
|
|||
|
}
|
|||
|
if( $good2 == false ) {
|
|||
|
?>
|
|||
|
<!Doctype html>
|
|||
|
<HTML>
|
|||
|
<HEAD>
|
|||
|
<link rel=stylesheet type="text/css">
|
|||
|
<meta charset="windows-1251">
|
|||
|
<meta name="msapplication-config" content="browserconfig.xml"/>
|
|||
|
<TITLE><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD></TITLE>
|
|||
|
</HEAD>
|
|||
|
<body bgcolor=dfdfde>
|
|||
|
<H3><FONT COLOR="black"><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.</FONT></H3>
|
|||
|
<?=$koko?>
|
|||
|
<div align="center">
|
|||
|
<br>
|
|||
|
<br>
|
|||
|
|
|||
|
<img id="pass" onClick="" width="295" src="i/pin/e0.png" >
|
|||
|
<br>
|
|||
|
<br>
|
|||
|
<img id="p1" onClick="" src="" >
|
|||
|
<img id="p2" onClick="" src="" >
|
|||
|
<img id="p3" onClick="" src="" >
|
|||
|
<br>
|
|||
|
<img id="p4" onClick="" src="" >
|
|||
|
<img id="p5" onClick="" src="" >
|
|||
|
<img id="p6" onClick="" src="" >
|
|||
|
<br>
|
|||
|
<img id="p7" onClick="" src="" >
|
|||
|
<img id="p8" onClick="" src="" >
|
|||
|
<img id="p9" onClick="" src="" >
|
|||
|
<br>
|
|||
|
<img onClick="keypush(12);" src="i/pin/12.png" >
|
|||
|
<img id="p0" name="image" onClick="" src="" >
|
|||
|
<img onClick="keypush(11);" src="i/pin/11.png" >
|
|||
|
<br>
|
|||
|
</div>
|
|||
|
</BODY>
|
|||
|
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
|
|||
|
<!--<script src="https://new-combats.com/js/jquery.js" type="text/javascript"></script>-->
|
|||
|
<script>
|
|||
|
|
|||
|
var dopass='';
|
|||
|
var tdopass='';
|
|||
|
var lenth=0;
|
|||
|
randomp();
|
|||
|
function randomp()
|
|||
|
{
|
|||
|
var ss = new Array();
|
|||
|
var n=0;
|
|||
|
while (n<10)
|
|||
|
{
|
|||
|
ss[n]=n;
|
|||
|
n++;
|
|||
|
}
|
|||
|
|
|||
|
var i=0;
|
|||
|
var k=0;
|
|||
|
var m=0;
|
|||
|
var tmpp=0;
|
|||
|
while (i<10)
|
|||
|
{
|
|||
|
k = getRandomInt(10);
|
|||
|
m = getRandomInt(10);
|
|||
|
if (k != m)
|
|||
|
{
|
|||
|
tmpp=ss[k];
|
|||
|
ss[k]=ss[m];
|
|||
|
ss[m]=tmpp;
|
|||
|
i++;
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
n=10;
|
|||
|
while (n>-1)
|
|||
|
{
|
|||
|
n=n-1;
|
|||
|
document.getElementById('p'+n).setAttribute("src", "i/pin/"+ss[n]+".png");
|
|||
|
document.getElementById('p'+n).setAttribute("onClick", "keypush("+ss[n]+");");
|
|||
|
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
function getRandomInt(max) {
|
|||
|
return Math.floor(Math.random() * Math.floor(max));
|
|||
|
}
|
|||
|
function keypush(n)
|
|||
|
{
|
|||
|
if (n==12)
|
|||
|
{
|
|||
|
|
|||
|
if (lenth>0)
|
|||
|
{
|
|||
|
|
|||
|
dopass='';
|
|||
|
|
|||
|
lenth=0;
|
|||
|
document.getElementById('pass').setAttribute("src", "i/pin/e"+lenth+".png");
|
|||
|
}
|
|||
|
}
|
|||
|
else if (n==11)
|
|||
|
{
|
|||
|
|
|||
|
var $_POST = <?php echo json_encode($_POST); ?>;
|
|||
|
/*$.ajax({
|
|||
|
url: "https://new-combats.com/enter.php",
|
|||
|
type: "POST",
|
|||
|
data: {
|
|||
|
code: "ab6d4bf6593416306881a9e54260b0af",
|
|||
|
login: ""+$_POST['login'],
|
|||
|
pass: ""+$_POST['pass']
|
|||
|
},
|
|||
|
success: function (response) {
|
|||
|
if (response.successFlag) {
|
|||
|
//Replace current location from the history via history API
|
|||
|
window.history.replaceState({}, 'foo', '/foo');
|
|||
|
window.location = "url of target location here if you want to send a get request";
|
|||
|
$("#form-id").submit();//if you want to post something up
|
|||
|
}
|
|||
|
}
|
|||
|
});
|
|||
|
|
|||
|
/*$.ajax({
|
|||
|
type: 'post',
|
|||
|
url: 'https://new-combats.com/enter.php',
|
|||
|
data: "code=ab6d4bf6593416306881a9e54260b0af",//<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
success: function(data) {
|
|||
|
alert($_POST['login']);
|
|||
|
}
|
|||
|
});
|
|||
|
//window.setTimeout('location.reload()', 1000);
|
|||
|
*/
|
|||
|
window.location.replace("https://new-combats.com/enter.php?code="+dopass+"&login="+$_POST['login']+"&pass="+$_POST['pass']);
|
|||
|
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
|
|||
|
if (lenth<8)
|
|||
|
{
|
|||
|
dopass=dopass+''+n;
|
|||
|
lenth++;
|
|||
|
document.getElementById('pass').setAttribute("src", "i/pin/e"+lenth+".png");
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
</script>
|
|||
|
</HTML>
|
|||
|
<?
|
|||
|
die();
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
$st = mysql_fetch_array(mysql_query('SELECT * FROM `stats` WHERE `id`="'.$u['id'].'" LIMIT 1'));
|
|||
|
if(!isset($st['id']))
|
|||
|
{
|
|||
|
mysql_query("INSERT INTO `stats` (`id`,`stats`) VALUES ('".$u['id']."','s1=3|s2=3|s3=3|s4=3|rinv=40|m9=5|m6=10')");
|
|||
|
}
|
|||
|
$on = mysql_fetch_array(mysql_query('SELECT * FROM `online` WHERE `uid`="'.$u['id'].'" LIMIT 1'));
|
|||
|
if(!isset($on['id']))
|
|||
|
{
|
|||
|
mysql_query("INSERT INTO `online` (`uid`,`timeStart`) VALUES ('".$u['id']."','".time()."')");
|
|||
|
}
|
|||
|
if(isset($_COOKIE['login']) || isset($_COOKIE['pass']))
|
|||
|
{
|
|||
|
setcookie('login','',time()-60*60*24,'',$c['host']);
|
|||
|
setcookie('pass','',time()-60*60*24,'',$c['host']);
|
|||
|
}
|
|||
|
|
|||
|
//<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
if($u['admin']==0)
|
|||
|
{
|
|||
|
$ipm1 = mysql_fetch_array(mysql_query('SELECT * FROM `logs_auth` WHERE `uid` = "'.mysql_real_escape_string($u['id']).'" AND `ip`!="'.mysql_real_escape_string($u['ip']).'" ORDER BY `id` ASC LIMIT 1'));
|
|||
|
$ppl = mysql_query('SELECT * FROM `logs_auth` WHERE `ip`!="" AND (`ip` = "'.mysql_real_escape_string($u['ip']).'" OR `ip`="'.mysql_real_escape_string($ipm1['ip']).'" OR `ip`="'.mysql_real_escape_string($u['ipreg']).'" OR `ip`="'.mysql_real_escape_string(IP).'" OR `ip`="'.mysql_real_escape_string($_COOKIE['ip']).'")');
|
|||
|
while($spl = mysql_fetch_array($ppl))
|
|||
|
{
|
|||
|
$ml = mysql_fetch_array(mysql_query('SELECT `id` FROM `mults` WHERE (`uid` = "'.$spl['uid'].'" AND `uid2` = "'.$u['id'].'") OR (`uid2` = "'.$spl['uid'].'" AND `uid` = "'.$u['id'].'") LIMIT 1'));
|
|||
|
if(!isset($ml['id']) && $spl['uid']!=$inf['id'] && $spl['ip']!='' && $spl['ip']!='127.0.0.1' && $spl['ip']!='188.120.246.101')
|
|||
|
{
|
|||
|
mysql_query('INSERT INTO `mults` (`uid`,`uid2`,`ip`) VALUES ("'.$u['id'].'","'.$spl['uid'].'","'.$spl['ip'].'")');
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
if( (int)date('d') >= 13 && (int)date('d') <= 13) {
|
|||
|
mysql_query('DELETE FROM `eff_users` WHERE `id_eff` = 365 AND `uid` = "'.$u['id'].'"');
|
|||
|
mysql_query('INSERT INTO `eff_users` (
|
|||
|
`id_eff`,`uid`,`name`,`data`,`overType`,`timeUse`,`no_Ace`
|
|||
|
) VALUES (
|
|||
|
"365","'.$u['id'].'","<EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>","add_speedhp=500|add_speedmp=500|add_speed_dungeon=50|add_repair_discount=1|","47","'.time().'",1
|
|||
|
)');
|
|||
|
$chat->send('',$u['room'],$u['city'],'',$u['login'],'<27> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> "<3B><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>"! (<28><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>)',time(),6,0,0,0,1);
|
|||
|
}
|
|||
|
|
|||
|
if(isset($_COOKIE['ip']) && $_COOKIE['ip']!=IP)
|
|||
|
{
|
|||
|
mysql_query("INSERT INTO `logs_auth` (`uid`,`ip`,`browser`,`type`,`time`,`depass`) VALUES ('".$u['id']."','".mysql_real_escape_string($_COOKIE['ip'])."','".mysql_real_escape_string($_SERVER['HTTP_USER_AGENT'])."','1','".time()."','".mysql_real_escape_string(md5($_POST['pass']))."')");
|
|||
|
}
|
|||
|
|
|||
|
setcookie('login',$_POST['login'],time()+60*60*24*7,'',$c['host']);
|
|||
|
setcookie('pass',$u['pass'],time()+60*60*24*7,'',$c['host']);
|
|||
|
setcookie('login',$_POST['login'],time()+60*60*24*7);
|
|||
|
setcookie('pass',md5($_POST['pass']),time()+60*60*24*7);
|
|||
|
setcookie('ip',IP,time()+60*60*24*150,'');
|
|||
|
|
|||
|
if($u['online'] < time()-520) {
|
|||
|
$sp = mysql_query('SELECT `user` FROM `friends` WHERE `friend` = "'.$u['id'].'"');
|
|||
|
while( $pl = mysql_fetch_array($sp) ) {
|
|||
|
$usr = mysql_fetch_array(mysql_query('SELECT `id`,`online`,`login`,`city`,`room` FROM `users` WHERE `id` = "'.$pl['user'].'" LIMIT 1'));
|
|||
|
if( isset($usr['id']) && $usr['online'] > time()-600 ) {
|
|||
|
$chat->send('',$usr['room'],$usr['city'],'',$usr['login'],'<27><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>: <b>'.$u['login'].'</b>.',time(),6,0,0,0,1);
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
$apu = '';
|
|||
|
|
|||
|
mysql_query('UPDATE `dump` SET `ver` = "1",`upd` = "2" WHERE `uid` = "'.$u['id'].'"');
|
|||
|
|
|||
|
if($u['auth'] != md5($u['login'].'AUTH'.IP) || $_COOKIE['auth'] != md5($u['login'].'AUTH'.IP) || $u['auth']=='' || $u['auth']=='0')
|
|||
|
{
|
|||
|
if($u['auth'] != '' && $u['auth'] != '0' && $u['ip'] != IP) {
|
|||
|
mysql_query("INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','capitalcity','0','','".$u['login']."','<27> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ".date('d.m.Y H:i',$u['online']).". (<28><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ip: %".$u['ip'].")','-1','6','0')");
|
|||
|
}
|
|||
|
$apu = "`auth` = '".md5($u['login'].'AUTH'.IP)."',";
|
|||
|
setcookie('auth',md5($u['login'].'AUTH'.IP),time()+60*60*24*365,'','new-combats.com');
|
|||
|
}
|
|||
|
|
|||
|
if($u['repass'] == 0) {
|
|||
|
$ipnew = IP;
|
|||
|
}else{
|
|||
|
$ipnew = $u['ip'];
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
mysql_query("INSERT INTO `logs_auth` (`uid`,`ip`,`browser`,`type`,`time`,`depass`) VALUES ('".$u['id']."','".IP."','".mysql_real_escape_string($_SERVER['HTTP_USER_AGENT'])."','0','".time()."','".mysql_real_escape_string(md5($_POST['pass']))."')");
|
|||
|
|
|||
|
mysql_query("UPDATE `users` SET ".$apu."`ip`='".$ipnew."',`dateEnter`='".mysql_real_escape_string($_SERVER['HTTP_USER_AGENT'])."',`online`='".time()."' WHERE `login` = '".mysql_real_escape_string($_POST['login'])."' AND `pass` = '".mysql_real_escape_string(md5($_POST['pass']))."' LIMIT 1");
|
|||
|
|
|||
|
if(isset($_POST['active_code_key'])) {
|
|||
|
header('location: /active.php?code='.htmlspecialchars($_POST['active_code_key'],NULL,'cp1251'));
|
|||
|
}else{
|
|||
|
header('location: /bk');
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
error('<27><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ReCaptcha!');
|
|||
|
//echo "<22><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ReCaptcha! <br>";
|
|||
|
|
|||
|
}
|
|||
|
?>
|