new-combats/game
3
0
Fork 0
Code Issues 23 Pull Requests Releases Wiki Activity

Хороним $_COOKIE['pass'], отказываемся от md5('pass'). Это не регистрация, а чёрная дыра!

Browse Source
This commit is contained in:
Ivor Barhansky
2023-01-06 16:57:25 +02:00
parent e9ec7eb2f2
commit 9e45f170c7
50 changed files with 1470 additions and 2242 deletions
Download Patch File Download Diff File Expand all files Collapse all files
fight/take.user.php
+1 -1
View File
@@ -11,7 +11,7 @@ require_once('../_incl_data/class/__db_connect.php');
mysql_query('SET NAMES utf8');
if($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
$user = mysql_fetch_array(mysql_query('SELECT `id`,`battle` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_COOKIE['login']).'" AND `pass` = "'.mysql_real_escape_string($_COOKIE['pass']).'" LIMIT 1'));
$user = mysql_fetch_array(mysql_query('SELECT `id`,`battle` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_COOKIE['login']).'"'));
if( isset($user['id']) && $user['battle'] > 0 ) {
//
function json_fix_cyr($json_str) {