Хороним $_COOKIE['pass'], отказываемся от md5('pass'). Это не регистрация, а чёрная дыра!
This commit is contained in:
+1
-1
@@ -10,7 +10,7 @@ class battleNew {
|
||||
|
||||
}
|
||||
|
||||
$user = mysql_fetch_array(mysql_query('SELECT `id`,`battle` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_COOKIE['login']).'" AND `pass` = "'.mysql_real_escape_string($_COOKIE['pass']).'" lIMIT 1'));
|
||||
$user = mysql_fetch_array(mysql_query('SELECT `id`,`battle` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_COOKIE['login']).'"'));
|
||||
if(isset($user['id']) && $user['battle'] > 0) {
|
||||
$stats = mysql_fetch_array(mysql_query('SELECT
|
||||
|
||||
|
||||
Reference in New Issue
Block a user