EngineGP/system/sections/user/auth.php

<?php
if (!DEFINED('EGP'))
    exit(header('Refresh: 0; URL=http://' . $_SERVER['SERVER_NAME'] . '/404'));

// Проверка на авторизацию
sys::auth();

sys::cookie('egp_login', 'quit', -1);
sys::cookie('egp_passwd', 'quit', -1);
sys::cookie('egp_authkeycheck', 'quit', -1);

// Генерация новой капчи
if (isset($url['captcha']))
    sys::captcha('auth', $uip);

// Авторизация
if ($go) {
    $nmch = 'go_auth_' . $uip;

    if ($mcache->get($nmch))
        sys::outjs(array('e' => sys::text('other', 'mcache')), $nmch);

    $mcache->set($nmch, 1, false, 15);

    // Проверка капчи
    if (!isset($_POST['captcha']) || sys::captcha_check('auth', $uip, $_POST['captcha']))
        sys::outjs(array('e' => sys::text('other', 'captcha')), $nmch);

    $aData = array();

    $aData['login'] = isset($_POST['login']) ? $_POST['login'] : '';
    $aData['passwd'] = isset($_POST['passwd']) ? sys::passwdkey($_POST['passwd']) : '';

    // Проверка входных данных
    foreach ($aData as $val)
        if ($val == '')
            sys::outjs(array('e' => sys::text('input', 'all')), $nmch);

    // Проверка логина/почты на валидность
    if (sys::valid($aData['login'], 'other', $aValid['mail']) and sys::valid($aData['login'], 'other', $aValid['login'])) {
        $out = 'login';

        // Если в логине указана почта
        if (sys::ismail($aData['login']))
            $out = 'mail';

        sys::outjs(array('e' => sys::text('input', $out . '_valid')), $nmch);
    }

    $sql_q = '`login`';

    // Если в логине указана почта
    if (sys::ismail($aData['login']))
        $sql_q = '`mail`';

    // Проверка существования пользователя
    $sql->query('SELECT `id`, `login`, `mail`, `security_ip`, `security_code` FROM `users` WHERE ' . $sql_q . '="' . $aData['login'] . '" AND `passwd`="' . $aData['passwd'] . '" LIMIT 1');
    if (!$sql->num())
        sys::outjs(array('e' => sys::text('input', 'auth')), $nmch);

    $user = $sql->get();

    $subnetwork = sys::whois($uip);

    // Если включена защита по ip
    if ($user['security_ip']) {
        $sql->query('SELECT `id` FROM `security` WHERE `user`="' . $user['id'] . '" AND `address`="' . $uip . '" LIMIT 1');

        if (!$sql->num()) {
            if ($subnetwork != 'не определена') {
                $sql->query('SELECT `id` FROM `security` WHERE `user`="' . $user['id'] . '" AND `address`="' . $subnetwork . '" LIMIT 1');

                if (!$sql->num())
                    sys::outjs(array('e' => 'Ваш ip адрес не найден в числе указаных адресов для авторизации.'), $nmch);
            } else
                sys::outjs(array('e' => 'Ваш ip адрес не найден в числе указаных адресов для авторизации.'), $nmch);
        }
    }

    // Если включена защита по коду
    if ($user['security_code']) {
        $code = isset($_POST['code']) ? $_POST['code'] : '';

        if ($code == '' || $code != $mcache->get('auth_code_security_' . $user['id'])) {
            $ncod = sys::code();

            // Отправка сообщения на почту
            if (sys::mail('Авторизация', sys::updtext(sys::text('mail', 'security_code'), array('site' => $cfg['name'], 'code' => $ncod)), $user['mail'])) {
                $mcache->set('auth_code_security_' . $user['id'], $ncod, false, 180);

                if ($code == '')
                    sys::outjs(array('i' => 'На вашу почту отправлено письмо с кодом подтверждения.', 'mail' => sys::mail_domain($user['mail'])), $nmch);

                sys::outjs(array('i' => 'На вашу почту отправлено письмо с кодом подтверждения снова.', 'mail' => sys::mail_domain($user['mail'])), $nmch);
            }

            // Выхлоп: не удалось отправить письмо
            sys::outjs(array('e' => sys::text('error', 'mail')), $nmch);
        }
    }

    $_SERVER['HTTP_USER_AGENT'] = mb_substr($_SERVER['HTTP_USER_AGENT'], 0, 200);

    // Обновление информации о пользователе
    $sql->query('UPDATE `users` set `ip`="' . $uip . '", `browser`="' . sys::browser($_SERVER['HTTP_USER_AGENT']) . '", `time`="' . $start_point . '" WHERE `id`="' . $user['id'] . '" LIMIT 1');

    // Логирование ip
    $sql->query('INSERT INTO `auth` set `user`="' . $user['id'] . '", `ip`="' . $uip . '", `date`="' . $start_point . '", `browser`="' . sys::hb64($_SERVER['HTTP_USER_AGENT']) . '"');

    // Запись cookie пользователю
    sys::cookie('egp_login', $user['login'], 14);
    sys::cookie('egp_passwd', $aData['passwd'], 14);
    sys::cookie('egp_authkeycheck', md5($user['login'] . $uip . $aData['passwd']), 14);

    // Выхлоп удачной авторизации
    sys::outjs(array('s' => 'ok'), $nmch);
}

$html->get('auth', 'sections/user');
$html->pack('main');
?>
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
+								<?php
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								if (!DEFINED('EGP'))
 								    exit(header('Refresh: 0; URL=http://' . $_SERVER['SERVER_NAME'] . '/404'));
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								// Проверка на авторизацию
 								sys::auth();
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								sys::cookie('egp_login', 'quit', -1);
 								sys::cookie('egp_passwd', 'quit', -1);
 								sys::cookie('egp_authkeycheck', 'quit', -1);
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								// Генерация новой капчи
 								if (isset($url['captcha']))
 								    sys::captcha('auth', $uip);
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								// Авторизация
 								if ($go) {
 								    $nmch = 'go_auth_' . $uip;
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    if ($mcache->get($nmch))
 								        sys::outjs(array('e' => sys::text('other', 'mcache')), $nmch);
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    $mcache->set($nmch, 1, false, 15);
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    // Проверка капчи
 								    if (!isset($_POST['captcha']) || sys::captcha_check('auth', $uip, $_POST['captcha']))
 								        sys::outjs(array('e' => sys::text('other', 'captcha')), $nmch);
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    $aData = array();
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    $aData['login'] = isset($_POST['login']) ? $_POST['login'] : '';
 								    $aData['passwd'] = isset($_POST['passwd']) ? sys::passwdkey($_POST['passwd']) : '';
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    // Проверка входных данных
 								    foreach ($aData as $val)
 								        if ($val == '')
 								            sys::outjs(array('e' => sys::text('input', 'all')), $nmch);
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    // Проверка логина/почты на валидность
 								    if (sys::valid($aData['login'], 'other', $aValid['mail']) and sys::valid($aData['login'], 'other', $aValid['login'])) {
 								        $out = 'login';
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								        // Если в логине указана почта
 								        if (sys::ismail($aData['login']))
 								            $out = 'mail';
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								        sys::outjs(array('e' => sys::text('input', $out . '_valid')), $nmch);
 								    }
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    $sql_q = '`login`';
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    // Если в логине указана почта
 								    if (sys::ismail($aData['login']))
 								        $sql_q = '`mail`';
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    // Проверка существования пользователя
 								    $sql->query('SELECT `id`, `login`, `mail`, `security_ip`, `security_code` FROM `users` WHERE ' . $sql_q . '="' . $aData['login'] . '" AND `passwd`="' . $aData['passwd'] . '" LIMIT 1');
 								    if (!$sql->num())
 								        sys::outjs(array('e' => sys::text('input', 'auth')), $nmch);
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    $user = $sql->get();
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    $subnetwork = sys::whois($uip);
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    // Если включена защита по ip
 								    if ($user['security_ip']) {
 								        $sql->query('SELECT `id` FROM `security` WHERE `user`="' . $user['id'] . '" AND `address`="' . $uip . '" LIMIT 1');
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								        if (!$sql->num()) {
 								            if ($subnetwork != 'не определена') {
 								                $sql->query('SELECT `id` FROM `security` WHERE `user`="' . $user['id'] . '" AND `address`="' . $subnetwork . '" LIMIT 1');
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								                if (!$sql->num())
 								                    sys::outjs(array('e' => 'Ваш ip адрес не найден в числе указаных адресов для авторизации.'), $nmch);
 								            } else
 								                sys::outjs(array('e' => 'Ваш ip адрес не найден в числе указаных адресов для авторизации.'), $nmch);
 								        }
 								    }
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    // Если включена защита по коду
 								    if ($user['security_code']) {
 								        $code = isset($_POST['code']) ? $_POST['code'] : '';
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								        if ($code == '' || $code != $mcache->get('auth_code_security_' . $user['id'])) {
 								            $ncod = sys::code();
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								            // Отправка сообщения на почту
 								            if (sys::mail('Авторизация', sys::updtext(sys::text('mail', 'security_code'), array('site' => $cfg['name'], 'code' => $ncod)), $user['mail'])) {
 								                $mcache->set('auth_code_security_' . $user['id'], $ncod, false, 180);
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								                if ($code == '')
 								                    sys::outjs(array('i' => 'На вашу почту отправлено письмо с кодом подтверждения.', 'mail' => sys::mail_domain($user['mail'])), $nmch);
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								                sys::outjs(array('i' => 'На вашу почту отправлено письмо с кодом подтверждения снова.', 'mail' => sys::mail_domain($user['mail'])), $nmch);
 								            }
-												Conversion to PSR code format. Part #1

											
										
										
											2023-05-05 01:17:19 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								            // Выхлоп: не удалось отправить письмо
 								            sys::outjs(array('e' => sys::text('error', 'mail')), $nmch);
 								        }
 								    }
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    $_SERVER['HTTP_USER_AGENT'] = mb_substr($_SERVER['HTTP_USER_AGENT'], 0, 200);
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    // Обновление информации о пользователе
 								    $sql->query('UPDATE `users` set `ip`="' . $uip . '", `browser`="' . sys::browser($_SERVER['HTTP_USER_AGENT']) . '", `time`="' . $start_point . '" WHERE `id`="' . $user['id'] . '" LIMIT 1');
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    // Логирование ip
 								    $sql->query('INSERT INTO `auth` set `user`="' . $user['id'] . '", `ip`="' . $uip . '", `date`="' . $start_point . '", `browser`="' . sys::hb64($_SERVER['HTTP_USER_AGENT']) . '"');
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    // Запись cookie пользователю
 								    sys::cookie('egp_login', $user['login'], 14);
 								    sys::cookie('egp_passwd', $aData['passwd'], 14);
 								    sys::cookie('egp_authkeycheck', md5($user['login'] . $uip . $aData['passwd']), 14);
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								    // Выхлоп удачной авторизации
 								    sys::outjs(array('s' => 'ok'), $nmch);
 								}
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
-												Reformat code

This update contains code reformatting to meet PHP standards.

											
										
										
											2023-11-12 18:12:42 +00:00
+								$html->get('auth', 'sections/user');
 								$html->pack('main');
-												add files

											
										
										
											2023-03-04 23:45:46 +00:00
+								?>