<?php
//([^\.])(\/)?(.)*
//if (!preg_match('/^(http:\/\/)(capitalcity\.|top\.|admin\.|test\.)?(AntikombatZ.com)((\/(.)*)|(\b))/i',trim($_SERVER['HTTP_REFERER']))>0) die("Для входа в AntikombatZ воспользуйтесь этой ссылкой: <a href='http://AntikombatZ.com'>http://AntikombatZ.com</a>".$_SERVER['HTTP_REFERER']);
//http://scrolls.combats.com/~Taxman/449125.html
include "connect.php";
session_start();
if($_POST['code'] && $_SESSION['sid'] && $_SESSION['puid'] && $_SESSION['stap']){
$data4 = mysql_fetch_array(mysql_query("SELECT pass2,pass FROM `users` WHERE `id` = '{$_SESSION['puid']}' LIMIT 1;"));
if(md5($_POST['code'])==$data4['pass2']){
$chkps1="yes";
}else{$koko="<FONT COLOR=\"white\">Неверный пароль</FONT>
";}
}
if(($chkps1=="yes" or $koko) && $_SESSION['stap']==$data4['pass']){
$_SESSION['stap'] = addslashes($_SESSION['stap']);
$data = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '{$_SESSION['puid']}' AND `pass` = '".$_SESSION['stap']."' LIMIT 1;"));
}else{
$data = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `login` = '{$_POST['login']}' AND `pass` = '".md5($_POST['psw'])."' LIMIT 1;"));
}
if ($data[0] == null) {
echo "<html><head><META http-equiv=Content-type content='text/html; charset=windows-1251'><title>Произошла ошибка</title></head><body>
Произошла ошибка!
Неверный пароль, войдите с <a href=index.php>главной страницы</a>.
<hr><table width=100%><tr><td align=left>[b][url="'java"]Назад[/url][/b]</td><td align=right>(C) AntikombatZ</td></tr></table></body></html>";
}
// elseif ($data['klan'] != 'adminion') {
// echo "<html><head><META http-equiv=Content-type content='text/html; charset=windows-1251'><title>Произошла ошибка</title></head><body>
Произошла ошибка!
Временная приостановка. После всех технических работ вы снова сможете войти на сайт. <font color=red>[b]Открытие в 17:15 по Москве.[/b]</font>
<hr><table width=100%><tr><td align=left>[b][url="'java"]Назад[/url][/b]</td><td align=right>(C) AntikombatZ</td></tr></table></body></html>";
// }
elseif($data['block']==1)
{
echo "<html><head><META http-equiv=Content-type content='text/html; charset=windows-1251'><title>Произошла ошибка</title></head><body>
Произошла ошибка!
Персонаж заблокирован.
<hr><table width=100%><tr><td align=left>[b][url="'java"]Назад[/url][/b]</td><td align=right>(C) AntikombatZ</td></tr></table></body></html>";
}
else
{
include("functions.php");
if(($chkps1!="yes") or empty($koko)){
session_destroy();
session_start();
//delo_multi
if($_COOKIE['battle']!= null && $data['id'] != $_COOKIE['battle']) {
mysql_query("INSERT INTO `delo_multi` (`idperslater`,`idpersnow`) values ('".$_COOKIE['battle']."','".$data['id']."');");
}
///
setcookie("battle", $data['id']);
$_SESSION['puid'] = $data['id'];
$_SESSION['sid'] = session_id();
if(!empty($data['pass2'])){$_SESSION['stap'] = $data['pass'];}
}
if($_SESSION['sid'] && $_SESSION['puid'] && $_SESSION['stap']==$data['pass'] && $chkps1!="yes"){
?>
<HTML><HEAD>
<link rel=stylesheet type="text/css" href="http://img.combats.com/i/main.css">
<meta content="text/html; charset=windows-1251" http-equiv=Content-type>
<META Http-Equiv=Cache-Control Content=no-cache>
<meta http-equiv=PRAGMA content=NO-CACHE>
<META Http-Equiv=Expires Content=0>
<TITLE>Второй пароль</TITLE>
</HEAD>
<body bgcolor=666666>
<H3><FONT COLOR="black">Запрос второго пароля к персонажу.</FONT></H3>
<?=$koko?>
<div align="center">
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" width="600" height="250">
<param name=movie value="/i/psw2.swf">
<param name=quality value=high>
</object>
</div>
</BODY>
</HTML>
<?
include("mail_ru.php");
exit();
}
$_SESSION['uid'] = $data['id'];
unset($_SESSION['stap']);
unset($_SESSION['puid']);
mysql_query("UPDATE `online` SET `date` = ".time()." WHERE `id` = {$data['id']};");
mysql_query("UPDATE `users` SET `sid` = '".session_id()."' WHERE `id` = {$data['id']};");
//mysql_query("UPDATE `users` SET `ip` = '".$_SERVER['REMOTE_ADDR']."' WHERE `id` = {$data['id']};");
if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
{
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$_SERVER['REMOTE_ADDR'];
}
$time_now=time();
mysql_query("INSERT INTO `iplog` (owner,ip,date) values ('".$data['id']."','$ip','$time_now');");
$drugi1 = mysql_query("SELECT user FROM `friends` WHERE `friend` = '{$data['id']}';");
while ($drugi = mysql_fetch_array($drugi1)) {
$dat = mysql_fetch_array(mysql_query("SELECT `login`, `room`, (select `id` from `online` WHERE `date` >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `id` = '{$drugi['user']}' LIMIT 1;"));
if($dat['online']>0){
addchp ('<font color=red>Внимание!</font> <font color="Black">Вас приветствует [url="java"]'.$data['login'].'[/url]</font>','{[]}'.nick7 ($drugi['user']).'{[]}');
}
}
$rs=mysql_query("SELECT * FROM `telegraph` WHERE `owner` = '".$data['id']."';");
mysql_query("DELETE FROM `telegraph` WHERE `owner` = '".$data['id']."';");
while($r = mysql_fetch_array($rs)) {
addchp ($r['text'],'{[]}'.$data['login'].'{[]}');
}
header("Location:battle.php");
}
?>