<?php
$user_id = false;
$user = false;
$arr_user = false;
if (!empty($_POST['auth_mail']) && !empty($_POST['auth_pass']))
{
$auth_mail = check($_POST['auth_mail']);
$auth_pass = md5(md5(check($_POST['auth_pass'])));
$result1 = $mysqli->query("SELECT * FROM `users` WHERE `mail` = '".$auth_mail."' AND `pass` = '".$auth_pass."' LIMIT 1");
if ($result1->num_rows == true)
{
$user = $result1->fetch_array();
$user_id = $user['id'];
setcookie('uid', $user_id, time()+86400*365, '/');
setcookie('upass', $auth_pass, time()+86400*365, '/');
$mysqli->query("UPDATE `users` SET `online` = 1, `visit` = '".time()."', `ip` = '".$ip."', `ua` = '".$ua."', `device` = '".$device."' WHERE `id` = '".$user_id."' AND `pass` = '".$user['pass']."' LIMIT 1");
go(URL.'/');
} elseif ($mysqli->query("SELECT * FROM `users_new` WHERE `mail` = '".$auth_mail."' AND `pass` = '".$auth_pass."' LIMIT 1")->num_rows == true)
{
$q = $mysqli->query("SELECT * FROM `users_new` WHERE `mail` = '".$auth_mail."' AND `pass` = '".$auth_pass."' LIMIT 1")->fetch_array();
if (mysql_query("INSERT INTO `users` SET
`name` = '".$q['name']."',
`surname` = '".$q['surname']."',
`mail` = '".$q['mail']."',
`pass` = '".$q['pass']."',
`sex` = 1,
`regtime` = '".time()."'
") == true)
{
$mysqli->query("DELETE FROM `users_new` WHERE `mail` = '".$auth_mail."' AND `pass` = '".$auth_pass."' LIMIT 1");
$u = $mysqli->query("SELECT * FROM `users` WHERE `mail` = '".$auth_mail."' AND `pass` = '".$auth_pass."' LIMIT 1")->fetch_array();
$user_id = $u['id'];
setcookie('uid', $user_id, time()+86400*365, '/');
setcookie('upass', $auth_pass, time()+86400*365, '/');
$mysqli->query("UPDATE `users` SET `online` = 1, `visit` = '".time()."', `ip` = '".$ip."', `ua` = '".$ua."', `device` = '".$device."' WHERE `id` = '".$user_id."' AND `pass` = '".$auth_pass."' LIMIT 1");
go(URL.'/user/settings.php');
}
}
else
{
setcookie('uid', '', time() - 86400*31);
setcookie('upass', '', time() - 86400*31);
}
}
if (!empty($_COOKIE['uid']) && !empty($_COOKIE['upass']))
{
$uid = abs(intval($_COOKIE['uid']));
$upass = check($_COOKIE['upass']);
if ($mysqli->query("SELECT * FROM `users` WHERE `id` = '".$uid."' AND `pass` = '".$upass."' LIMIT 1")->num_rows == true)
{
$user = $mysqli->query("SELECT * FROM `users` WHERE `id` = '".abs(intval($_COOKIE['uid']))."' AND `pass` = '".check($_COOKIE['upass'])."' LIMIT 1")->fetch_array();
$user_id = $user['id'];
$mysqli->query("UPDATE `users` SET `online` = 1, `visit` = '".time()."', `ip` = '".$ip."', `ua` = '".$ua."', `device` = '".$device."' WHERE `id` = '".$user_id."' AND `pass` = '".$upass."' LIMIT 1");
if ($mysqli->query("SELECT * FROM `friends` WHERE `friend_id` = '".$user_id."' AND `online` < '".(time()-300)."' LIMIT 1")->num_rows == true) $mysqli->query("UPDATE `friends` SET `online` = '".time()."' WHERE `friend_id` = '".$user_id."'");
}
else
{
setcookie('uid', '', time() - 86400*31);
setcookie('upass', '', time() - 86400*31);
}
}
?>