<?php
session_name('cl');
session_start();
$ses=session_id();
require_once('db.php');
if(@$id and @$pass)
{
$id=intval($id);
$pass=mysql_escape_string($pass);
$prov=mysql_query("SELECT * from `user` WHERE `uid`='$id'");
if(!mysql_num_rows($prov))
{
$_SESSION['enter']='no';
}
else
{
$s=mysql_fetch_array($prov);
if($pass!=$s['pass'])
{
$_SESSION['enter']='no';
}
else
{
$_SESSION['enter']='yes';
$_SESSION['uid']=$id;
}
}
}
if(@$_SESSION['enter']=='yes')
{$result=mysql_query("SELECT * from `user` WHERE `uid`='$_SESSION[uid]'");
$info=mysql_fetch_array($result);
if($info['vkl'])
$st=0;
else
$st=1;
mysql_query("UPDATE `user` SET `vkl`='$st' WHERE `uid`='$_SESSION[uid]'");
header("Location: enter.php?str=$str&cl=$ses");
}
?>