/mcsrv/auth.php
PHP | 60 lines | 60 code | 0 blank | 0 comment | 13 complexity | 04f55e48b7721e0b3a7375f133355a7b MD5 | raw file
- <?php
- require_once('../system.php');
- $str = '';
- if (!empty($_POST['user']) and !empty($_POST['password']) and !empty($_POST['version'])) {
- require_once('../inñ/pass.inc.php');
- $login = $_POST['user'];
- $password = $_POST['password'];
- $ver = $_POST['version'];
- if (!preg_match("/^[a-zA-Z0-9_-]+$/", $login)) {
- $str = "Login process [Bad symbols Login] ";
- echo "Bad login";
- } elseif (!preg_match("/^[a-zA-Z0-9_-]+$/", $password)) {
- $str = "Login process [Bad symbols Password] ";
- echo "Bad login";
- } elseif (!preg_match("/^[0-9]+$/", $ver)) {
- $str = "Login process [Bad symbols Version] ";
- echo "Bad login";
- } elseif (getGameInfo('launcher') == $ver) {
- $result = mysql_query("SELECT * FROM " . $db['tables']['users'] . " WHERE " . $db['users']['username'] . "='$login';");
- $line = mysql_fetch_array($result);
- if (!$line) {
- vtxtlog("Login process [Unknown user] User [$login] Password [$password]");
- echo "Bad login";
- exit;
- }
- $user_lvl = $line[$bd_aLvl];
- if ($user_lvl <= 0) {
- $str = "Login process [Banned user] User [$login] Password [$password]";
- echo "Bad login";
- } else {
- $realPass = $line[$bd_aPassword];
- $orig_login = $line[$bd_aUsername];
- if (checkPass($realPass, $password)) {
- $sessid = generateSessionId();
- $gamebuild = getGameInfo('build');
- mysql_query("UPDATE " . $db['tables']['users'] . " SET " . $db['users']['session'] . "='$sessid' WHERE " . $db['users']['username'] . "='$login'");
- $dlticket = md5($orig_login);
- echo $gamebuild . ':' . $dlticket . ':' . $orig_login . ':' . $sessid . ':';
- $str = "Login process [Success] User [$login] Session [$sessid]";
- } else {
- $str = "Login process [Bad login] User [$login] Password [$password]";
- echo "Bad login";
- }
- }
- } else {
- $str = "Login process [Old version]";
- echo 'Old version';
- }
- } else {
- $str = "Login process [POST parameter empty] ";
- if (empty($_POST['user']))
- $str .= "LOGIN parameter is empty | ";
- if (empty($_POST['password']))
- $str .= "PASSWORD parameter is empty";
- if (empty($_POST['version']))
- $str .= "VER parameter is empty";
- echo "Bad login";
- }
- vtxtlog($str);
- ?>