new-combats/game
3
0
Fork 0
Code Issues 23 Pull Requests Releases Wiki Activity

Хороним $_COOKIE['pass'], отказываемся от md5('pass'). Это не регистрация, а чёрная дыра!

Browse Source
This commit is contained in:
Ivor Barhansky
2023-01-06 16:57:25 +02:00
parent e9ec7eb2f2
commit 9e45f170c7
50 changed files with 1470 additions and 2242 deletions
Download Patch File Download Diff File Expand all files Collapse all files
forum_script/_forum.class.php
+1 -1
View File
@@ -135,7 +135,7 @@ class forum
public function startForum()
{
//Âûäåëÿåì ïîëüçîâàòåëÿ
$ufr = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `login` = "' . mysql_real_escape_string($_COOKIE['login']) . '" AND `pass` = "' . mysql_real_escape_string($_COOKIE['pass']) . '" AND `banned` = "0" LIMIT 1'));
$ufr = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `login` = "' . mysql_real_escape_string($_COOKIE['login']) . '" AND `banned` = 0'));
if (!isset($ufr['id']) || $ufr['banned'] > 0) {
unset($u);
} else {