<?php
// Настройка шаблонизатора и ДБ
include 'includes/kernel.php';
if (isset($_COOKIE['remember_me']) && !isset($_SESSION['username'])) {
$_SESSION['username'] = substr($_COOKIE['remember_me'], 0, strlen($_COOKIE['remember_me']) - 40);
$_SESSION['shapass'] = substr($_COOKIE['remember_me'], strlen($_COOKIE['remember_me']) - 40, 40);
}
if (isset($_SESSION['username']) && isset($_SESSION['shapass'])) {
$user = array();
$user = CheckPwd($_SESSION['username'], $_SESSION['shapass']);
$_SESSION['userid'] = $user['id'];
$_SESSION['roles'] = $user['roles'];
if ($user > 0) {
$smarty->assign('user', $user);
} else {
unset($user);
}
}
$smarty->assign('locale', $_SESSION['locale']);
$smarty->assign('language', $locales[$_SESSION['locale']]);
$conf_file = $locales[$_SESSION['locale']] . '.conf';
$smarty->assign('conf_file', $conf_file);
// Параметры передаваемые скрипту
$queryx = $_SERVER['QUERY_STRING'];
$smarty->assign('query', $queryx);
// Отсекаем ненужные данные
list($str, $trash) = explode('&', $queryx, 2);
// Получаем раздел и подраздел (или значение)
list($razdel, $podrazdel) = explode('=', $str, 2);
// Параметры страницы
INSERT INTO account (username, sha_pass_hash, email, joindate, expansion, last_ip)
VALUES (?, ?, ?, NOW(), ?, ?)
', $_POST['username'], create_usersend_pass($_POST['username'], $_POST['password']), isset($_POST['email']) ? $_POST['email'] : '', $AoWoWconf['expansion'], isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : '');
if ($success > 0) {
// Все отлично, авторизуем
$_REQUEST['account'] = 'signin';
} else {
// Неизвестная ошибка
$smarty->assign('signup_error', $smarty->get_config_vars('Unknow_error_on_account_create'));
}
}
}
}
if ($_REQUEST['account'] == 'signin' && isset($_POST['username']) && isset($_POST['password'])) {
$usersend_pass = create_usersend_pass($_POST['username'], $_POST['password']);
$user = CheckPwd($_POST['username'], $usersend_pass);
if ($user == -1) {
del_user_cookie();
if (isset($_SESSION['username'])) {
unset($_SESSION['username']);
}
$smarty->assign('signin_error', $smarty->get_config_vars('Such_user_doesnt_exists'));
} elseif ($user == 0) {
del_user_cookie();
if (isset($_SESSION['username'])) {
unset($_SESSION['username']);
}
$smarty->assign('signin_error', $smarty->get_config_vars('Wrong_password'));
} else {
// Имя пользователя и пароль совпадают
$_SESSION['username'] = $user['name'];
$success = $rDB->selectCell('INSERT INTO ?_account(`username`, `sha_pass_hash`, `email`, `joindate`, `expansion`, `last_ip`)
VALUES (?, ?, ?, NOW(), ?, ?)', $_POST['username'], create_usersend_pass($_POST['username'], $_POST['password']), isset($_POST['email']) ? $_POST['email'] : '', $UDWBaseconf['expansion'], isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : '');
if ($success > 0) {
// Все отлично, авторизуем
$_REQUEST['account'] = 'signin';
} else {
// Неизвестная ошибка
$smarty->assign('signup_error', $smarty->get_config_vars('Unknow_error_on_account_create'));
}
}
}
}
if ($_REQUEST['account'] == 'signin' and isset($_POST['username']) and isset($_POST['password'])) {
//$usersend_pass = create_usersend_pass($_POST['username'], $_POST['password']);
$shapass = $_POST['password'];
$user = CheckPwd($_POST['username'], $shapass);
if ($user == -1) {
del_user_cookie();
if (isset($_SESSION['username'])) {
unset($_SESSION['username']);
}
$smarty->assign('signin_error', $smarty->get_config_vars('Such_user_doesnt_exists'));
} elseif ($user == 0) {
del_user_cookie();
if (isset($_SESSION['username'])) {
unset($_SESSION['username']);
}
$smarty->assign('signin_error', $smarty->get_config_vars('Wrong_password'));
} else {
// Имя пользователя и пароль совпадают
$_SESSION['username'] = $user['name'];