From 67942844978685d4002beec20ff5c9360ae77493 Mon Sep 17 00:00:00 2001
From: Ivor Barhansky <me@lopar.space>
Date: Fri, 6 Jan 2023 21:26:10 +0200
Subject: [PATCH] =?UTF-8?q?=D0=91=D0=B0=D0=B3=D0=B8=20=D0=B2=20=D1=80?=
 =?UTF-8?q?=D0=B5=D0=B3=D0=B8=D1=81=D1=82=D1=80=D0=B0=D1=86=D0=B8=D0=B8.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 _incl_data/class/UserRegister.php |  3 +-
 register.php                      | 49 +++++++++++++++----------------
 2 files changed, 24 insertions(+), 28 deletions(-)

diff --git a/_incl_data/class/UserRegister.php b/_incl_data/class/UserRegister.php
index 2b0ffb18..a81180ac 100644
--- a/_incl_data/class/UserRegister.php
+++ b/_incl_data/class/UserRegister.php
@@ -98,14 +98,13 @@ class UserRegister
     public static function new(string $login, string $password, string $email, $ref, $birthday, $sex): string
     {
         $password = password_hash($password, PASSWORD_DEFAULT);
-        $ref = (int)$ref;
         $ip = UserIp::get();
         $sex = (int)$sex - 10; //На входе 10\11, а передать надо 0\1.
         Db::sql(
             'insert into users (users.real,login,host_reg,pass,ip,ipreg,room,timereg,mail,bithday,sex,fnq,molch2,level,hobby,clan_zv) values (1,?,?,?,?,?,9,unix_timestamp(),?,?,?,0,unix_timestamp() + 86400,8,\'\',0)',
             [
                 $login,
-                $ref,
+                $ref ?? '',
                 $password,
                 $ip,
                 $ip,
diff --git a/register.php b/register.php
index abf64450..5a5656c3 100644
--- a/register.php
+++ b/register.php
@@ -313,7 +313,7 @@ if (!isset ($_POST['nick_u'])) {
     <?php
 } ?>
 <?php
-if (empty($_POST['email_u']) && !empty($_POST['nick_u']) && errorCheck(1, $_POST['nick_u']) == "") {
+if (empty($_POST['email_u']) && !empty($_POST['nick_u']) && empty(errorCheck(1, $_POST['nick_u']))) {
     ?>
     <div class="visible_class">
         <h3>Введите ваш действующий и настоящий "Email" адрес </h3>
@@ -321,7 +321,7 @@ if (empty($_POST['email_u']) && !empty($_POST['nick_u']) && errorCheck(1, $_POST
         <h3>Внимание! Проверьте папку "СПАМ", иногда, письмо с кодом подтверждения может попасть туда.</h3>
     </div>
     <?php
-} elseif (isset ($_POST['email_u']) && errorCheck(2, $_POST['email_u']) != "") {
+} elseif (!empty($_POST['email_u']) && !empty(errorCheck(2, $_POST['email_u']))) {
     ?>
     <div class="visible_class">
         <h3>Введите ваш действующий и настоящий "Email" адрес </h3>
@@ -340,8 +340,8 @@ if (empty($_POST['email_u']) && !empty($_POST['nick_u']) && errorCheck(1, $_POST
 if (
     empty($_POST['secure_code']) &&
     !empty($_POST['email_u']) &&
-    errorCheck(2, $_POST['email_u']) == "" &&
-    errorCheck(3, $_POST['email_u'], $_POST['nick_u']) == ""
+    empty(errorCheck(2, $_POST['email_u'])) &&
+    empty(errorCheck(3, $_POST['email_u'], $_POST['nick_u']))
 ) {
     ?>
     <div class="visible_class">
@@ -351,7 +351,7 @@ if (
         <input type="text" name="secure_code" placeholder="Проверочный Код"/>
     </div>
     <?php
-} elseif (isset ($_POST['secure_code']) && errorCheck(4, $_POST['secure_code'], $_POST['email_u']) != "") {
+} elseif (!empty($_POST['secure_code']) && !empty(errorCheck(4, $_POST['secure_code'], $_POST['email_u']))) {
     ?>
     <div class="visible_class">
         <h3>На email: <?php
@@ -373,7 +373,7 @@ if (
 if (
     (empty($_POST['pass1_u']) || empty($_POST['pass2_u'])) &&
     !empty($_POST['secure_code']) &&
-    errorCheck(4, $_POST['secure_code'], $_POST['email_u']) == ""
+    empty(errorCheck(4, $_POST['secure_code'], $_POST['email_u']))
 ) {
     ?>
     <div class="visible_class">
@@ -412,7 +412,8 @@ if (
 if (
     empty($_POST['pol_u']) &&
     !empty($_POST['pass1_u']) &&
-    !empty($_POST['pass2_u']) && errorCheck(5, $_POST['pass1_u'], $_POST['pass2_u']) == ""
+    !empty($_POST['pass2_u']) &&
+    empty(errorCheck(5, $_POST['pass1_u'], $_POST['pass2_u']))
 ) {
     ?>
     <div class="visible_class">
@@ -508,11 +509,11 @@ if (
     !empty($_POST['pol_u']) &&
     !empty($_POST['bday_u']) &&
     !empty($_POST['class_u']) &&
-    errorCheck(4, $_POST['secure_code'], $_POST['email_u']) == ""
+    empty(errorCheck(4, $_POST['secure_code'], $_POST['email_u']))
 ) {
 
     session_start();
-    $u = User::start();
+
     //Создаем персонажа
     if ($_POST['ref'] > 0) {
         $_POST['ref'] = Db::getValue('select count(*) from users where id = ?', [$_POST['ref']]) ?: 0;
@@ -520,16 +521,17 @@ if (
 
     $uid = UserRegister::new(
         $_POST['nick_u'],
-        $_POST['ref'],
         $_POST['pass1_u'],
         $_POST['email_u'],
+        $_POST['ref'],
         $_POST['bday_u'],
         $_POST['pol_u']
     );
 
     if ($uid > 0) {
-
-
+        setcookie('login', $_POST['nick_u'], (time() + 60 * 60 * 24 * 7), '', '.new-combats.com');
+        setcookie('registrationModal', 'true', (time() + 60 * 60 * 24 * 7), '', 'new-combats.com');
+        $u = User::start();
 
         if (isset($_COOKIE['from'])) {
             Db::sql(
@@ -637,7 +639,7 @@ if (
         Db::sql('insert into online (uid, timeStart) values (?,unix_timestamp())', [$uid]);
 
         //мульты
-        $ppl = Db::getRow(
+        $ppl = Db::getRows(
             'select * from logs_auth where ip != \'\' and (ip = ? or ip = ? or ip = (select ip from logs_auth where uid = ? and ip != ?))',
             [
                 UserIp::get(), $_COOKIE['ip'], $uid, UserIp::get(),
@@ -655,21 +657,16 @@ if (
 
         //Обновяем таблицы
         Db::sql('update users set ip = ? where id = ?', [UserIp::get(), $uid]);
-
-        if (
-            !setcookie('login', $_POST['nick_u'], (time() + 60 * 60 * 24 * 7), '', '.new-combats.com') ||
-            !setcookie('pass', md5($_POST['pass1_u']), (time() + 60 * 60 * 24 * 7), '', '.new-combats.com') ||
-            !setcookie('registrationModal', 'true', (time() + 60 * 60 * 24 * 7), '', 'new-combats.com')
-        ) {
-            die('Ошибка сохранения cookie.');
-        } else {
-            Db::sql('insert into users_learning_status (uid) values (?)', [$uid]);
-            die(
+        Db::sql('insert into users_learning_status (uid) values (?)', [$uid]);
+        Db::sql('delete from secure_code where email = ?' [$_POST['email_u']]);
+        die(
             'Спасибо за регистрацию в игровом мире Бойцовского Клуба, желаем вам побед и долгой игры.
                 В случае вопросов по игре, Вам будет доступен общий чат!
-                <br><script>function test(){ top.location.href="https://' . Config::get('host') . '/bk"; } setTimeout("test()",100);</script>'
-            );
-        }
+                <br><script>function test(){ top.location.href="https://' . Config::get(
+                'host'
+            ) . '/bk"; } setTimeout("test()",100);</script>'
+        );
+
     }
 } else {
     ?>