/
enter.php
158 lines (152 loc) · 6.58 KB
/
enter.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
<?
session_start();
@ob_start("ob_gzhandler");
include("conf.php");
include ("functions.php");
if (getenv('REMOTE_ADDR')!="85.132.96.76")include("browser.php");
$times=md5(time());
//-----------------------------------------
if($break == 1) {Header("Location: index.php?tmp=$times"); die();}
$ip=userip();
$my_remote=getenv('REMOTE_ADDR');
if (isset($_SESSION['logins']) && isset($_SESSION['psw']))
{
$login_auth=$_SESSION['logins'];
$password=$_SESSION['psw'];
unset($_SESSION['logins']);
unset($_SESSION['psw']);
}
else if (isset($_POST['logins']) && isset($_POST['psw']))
{
$login_auth=$_POST['logins'];
$password=$_POST['psw'];
}
$login_auth=htmlspecialchars(addslashes($login_auth));
$password=htmlspecialchars(addslashes($password));
$chas = date("H");
$server_date=date("d.m.Y", mktime($chas));
$server_time=date("H:i:s", mktime($chas));
$data = @mysql_connect($base_name, $base_user, $base_pass) or die('Íå ïîëó÷àåòñÿ ïîäêëþ÷èòüñÿ. Ïðîâåðüòå èìÿ ñåðâåðà, èìÿ ïîëüçîâàòåëÿ è ïàðîëü!');
mysql_select_db($db_name) or die('Îøèáêà âõîäà â áàçó äàííûõ');
$is_ip=mysql_fetch_array(mysql_query("SELECT end_time, remote_ip FROM ip_block WHERE remote_ip='".$my_remote."' and end_time>".time()));
if ($is_ip)
{
$error="Îøèáêà! Âàø IP <b>".$is_ip[1]."</b> çàáëîêèðîâàí äî ".date('d.m.Y H:i', $is_ip[0])."<br>";
}
else
{
if($login_auth!="" && $password!="")
{
$DATA = mysql_fetch_array(mysql_query("SELECT * FROM `users` LEFT JOIN info on info.id_pers=users.id WHERE login='".$login_auth."'"));
if ($DATA)
{
if($password != base64_decode($DATA["password"]))
{
mysql_query("INSERT INTO `report`(date,login,action,type,ip) VALUES('$server_date-$server_time','".$DATA["login"]."','Íåâåðíûé ïàðîëü','2','".$my_remote."')");
$error="Îøèáêà! Íåâåðíûé ïàðîëü äëÿ \"$login_auth\".<br>";
}
else
{
if($DATA["blok"])
{
$error="Ïåðñîíàæ \"".$DATA["login"]."\" êàçíåí.<BR>Ïðè÷èíà êàçíè: ".$DATA["blok_reason"].".<br><br><img src='img/index/turma.jpg'><br>";
}
else
{
if ($DATA["password1"]!="")
{
$_SESSION['logins']=$DATA["login"];
$_SESSION['psw']=base64_decode($DATA["password"]);
if ($_POST['code'])
{
$ok=true;
if ($_POST['code']!=$DATA['password1'])
{
$ok=false;
mysql_query("INSERT INTO `report`(date,login,action,type,ip) VALUES('$server_date-$server_time','".$DATA["login"]."','Íåâåðíûé Çàïðîñ âòîðîãî ïàðîëÿ ','5','".$my_remote."')");
$mess='Îøèáêà! Íåâåðíûé ïàðîëü...';
}
}
else
{
$ok=false;
}
if (!$ok)
{
echo "<B style='color:#ffffff'>$mess </B>";
echo '<TITLE>Âòîðîé ïàðîëü</TITLE>
<LINK REL=StyleSheet HREF="main.css" TYPE="text/css">
<BODY bgcolor="#666666">
<div align="center"><b>Çàïðîñ âòîðîãî ïàðîëÿ ê ïåðñîíàæó.</b><br><br><br>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="180" height="210" id="password" align="middle">
<param name="allowScriptAccess" value="sameDomain" />
<param name="allowFullScreen" value="false" />
<param name="movie" value="password.swf?1" /><param name="quality" value="high" /><param name="bgcolor" value="#ffffff" /> <embed src="password.swf" quality="high" bgcolor="#ffffff" width="180" height="210" name="password" align="middle" allowScriptAccess="sameDomain" allowFullScreen="false" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" />
</object>
</div>';
die();
}
}
else if ($DATA["password1"]=="") $ok=true;
if ($ok==true)
{
$birth=explode(".",$DATA["birth"]);
$zd=$birth[0];
$zm=$birth[1];
$_SESSION["login"]=$DATA["login"];
$_SESSION["uin_id"]=$DATA["id"];
$_SESSION["clan_short"]=$DATA["clan_short"];
$sesid=session_id();
$_SESSION["session_user_id"]=$sesid;
$GET_ONLINE = mysql_query("SELECT * FROM `online` WHERE login='".$DATA["login"]."'");
$GET_ONLINE_DATA = mysql_fetch_array($GET_ONLINE);
mysql_free_result($GET_ONLINE);
if(!$GET_ONLINE_DATA)
{
mysql_query("INSERT INTO `online`(ip,remote_ip,login,uniqPCID,room,city,browser) VALUES('".$ip."','".$my_remote."','".$DATA["login"]."','".$sesid."','".$DATA["room"]."','".$DATA["city_game"]."','".getenv("HTTP_USER_AGENT")."')");
}
else
{
mysql_query("UPDATE `online` SET ip='".$ip."',remote_ip='".$my_remote."',uniqPCID='".$sesid."',room='".$DATA["room"]."',city='".$DATA["city_game"]."' WHERE login='".$DATA["login"]."'");
}
//SetCookie("user", $DATA["login"],time()+365*24*3600);
//SetCookie("sessid", $sesid,time()+365*24*3600);
echo "<b>Àâòîðèçàöèÿ îêîí÷åíà...</b>";
$last_visit_ip=mysql_fetch_array(mysql_query("SELECT ip FROM report WHERE time_stamp=(SELECT MAX(time_stamp) FROM report WHERE login='".$DATA["login"]."' and type='1')"));
$zayavka_c_m = 1;
$zayavka_c_o = 1;
$battle_ref = 0;
@session_register('zayavka_c_m','zayavka_c_o','battle_ref');
if($last_visit_ip["ip"]!=$ip)talk($DATA["login"],"Â ïðåäûäóùèé ðàç ýòèì ïåðñîíàæåì çàõîäèëè ñ äðóãîãî êîìïüþòåðà!!!",$DATA);
mysql_query("INSERT INTO `report`(date,login,action,type,ip) VALUES('$server_date-$server_time','".$DATA["login"]."','Ïåðñîíàæ àâòîðèçèðîâàëñÿ','1','".$my_remote."')");
mysql_query("UPDATE users SET last_ip='".$ip."',remote_ip='".$my_remote."' WHERE login='".$DATA["login"]."'");
if ($zd==date('d') && $zm==date('m')) $_SESSION["my_birth"]=1;
//$_SESSION["user_data"]=$DATA;
$_SESSION['my_room']=$DATA["room"];
unset($_SESSION["lock"]);
Header("Location: battles.php?tmp=$times");die();
#else {Header("Location: http://".$DATA["city_game"].".OlDmeydan.Pe.Hu/battles.php?tmp=$times");die();}
}
}
}
}
else
{
$error="Îøèáêà! Òàêîãî ïåðñîíàæà \"$login_auth\" íå ñóùåñòâóåò...<BR>";
}
}
else $error="Îøèáêà! Âû íå ââåëè ëîãèí ëèáî ïàðîëü!<BR>";
}
echo "
<html>
<head>
<title>WwW.OlDmeydan.Pe.Hu - [ Àâòîðèçàöèÿ ]</title>
<link rel=stylesheet href=\"main.css\" type=\"text/css\">
</head>
<body bgcolor=\"#faeede\">
<b style='color:#ff0000'>".$error."</b><br>
<hr>
<div align=right><a href='http://www.OlDmeydan.Pe.Hu'>© 2006-".date("Y")." WwW.OlDmeydan.Pe.Hu - Ñàìûé àçàðòíûé ïðîåêò â Àçåðáàéäæàíå!</a></div>
</body>
</html>";
?>