Заменить в файле modules/account/index.php функцию login() на эту
function login() { global $prefix, $db, $conf, $stop; $code = ($conf['captyp'] == 1) ? $_SESSION['captcha'] : substr(hexdec(md5(date("F j").$_SESSION['captcha'].$conf['sitekey'])), 2, 6); unset($_SESSION['captcha']); if (extension_loaded("gd") && $code != $_POST['check'] && ($conf['gfx_chk'] == 2 || $conf['gfx_chk'] == 4 || $conf['gfx_chk'] == 5 || $conf['gfx_chk'] == 7)) $stop[] = _SECCODEINCOR; $uname = htmlspecialchars(trim(substr($_POST['user_name'], 0, 25))); $upass = htmlspecialchars(trim(substr($_POST['user_password'], 0, 25))); if (!$uname || !$upass) $stop[] = _LOGININCOR; $result = $db->sql_query("SELECT user_id, user_name, user_email, user_password, user_storynum, user_blockon, user_theme FROM ".$prefix."_users WHERE (user_name='".$uname."' or user_email= '".$uname."') AND user_password='".md5_salt($upass)."'"); if ($db->sql_numrows($result) != 1) $stop[] = _LOGININCOR; list($user_id, $user_name, $user_email, $user_password, $user_storynum, $user_blockon, $user_theme) = $db->sql_fetchrow($result); $check = true; if($user_name != $uname)$check = false; if($user_email != $uname)$check = false; if (!$user_id || $check!=false || $user_password != md5_salt($upass) ) $stop[] = _LOGININCOR; if (!$stop) { cookieset($user_id, $user_name, $user_password, $user_storynum, $user_blockon, $user_theme); $uip = getip(); $uvisit = save_datetime(1, ""); $uagent = getagent(); $db->sql_query("DELETE FROM ".$prefix."_session WHERE uname='".$uip."' AND guest='0'"); $db->sql_query("UPDATE ".$prefix."_users SET user_last_ip='".$uip."', user_lastvisit='".$uvisit."', user_agent='".$uagent."' WHERE user_name='".$user_name."'"); login_report(0, 1, $uname, ""); if ($conf['forum']) { new_user($user_name, $upass, $user_email); log_in($uname, $upass); } referer("index.php?name=".$conf['name']."&op=profil"); } else { login_report(0, 0, $uname, $upass); if ($conf['forum']) check_user($uname, $upass); account(); } }