예제 #1
0
         $login = isset($_REQUEST['login']) ? $_REQUEST['login'] : (isset($var['login']) ? $var['login'] : '');
         $password = isset($_REQUEST['password']) ? $_REQUEST['password'] : (isset($var['password']) ? $var['password'] : '');
         // has the user submitted empty fields
         if (empty($login) || empty($password)) {
             $msg = 'Please enter login and password!';
             header('Location: ' . URL . '/login.php?msg=' . rawurlencode(htmlspecialchars($msg, ENT_QUOTES)));
             exit;
         }
         $db->query('SELECT account_id,old_account_id FROM account ' . 'WHERE login = '******' AND ' . 'password = '******' LIMIT 1');
         if ($db->nextRecord()) {
             // register session
             SmrSession::$account_id = $db->getField('account_id');
             SmrSession::$old_account_id = $db->getField('old_account_id');
         } else {
             if (USE_COMPATIBILITY) {
                 if (!SmrAccount::upgradeAccount($login, $password)) {
                     $msg = 'Password is incorrect!';
                     header('Location: ' . URL . '/login.php?msg=' . rawurlencode(htmlspecialchars($msg, ENT_QUOTES)));
                     exit;
                 }
             } else {
                 $msg = 'Password is incorrect!';
                 header('Location: ' . URL . '/login.php?msg=' . rawurlencode(htmlspecialchars($msg, ENT_QUOTES)));
                 exit;
             }
         }
     }
 }
 // ********************************
 // *
 // * G a m e   O p e n