<?php include_once '_template/_header.php'; if (!_getUsername()) { Header('Location: index.php'); } $REALSON = null; $connection = _MySQLConnect($AccountDBHost, $DBUser, $DBPassword, $AccountDB); $query = mysql_query("SELECT FROM_UNIXTIME(`bandate`) AS `BAN_DATE`, FROM_UNIXTIME(`unbandate`) AS `UNBAN_DATE`,`bannedby`,`banreason` FROM `account_banned` WHERE `id` = " . (int) _getAccountID() . " AND `active` = 1;", $connection) or die(mysql_error()); $result = mysql_fetch_array($query); if (!$result) { $_SESSION['TCA'] = false; echo _getAlreadyEffectSTR("<h2>" . $L[38] . "</h2>"); } else { if (isset($_SESSION['TCA']) && $_SESSION['TCA']) { if (_isEnoughMythCoins($PriceForUnban, $connection)) { _SpendMythCoins($PriceForUnban, 9, $_SESSION['AccountUN'], (int) _getAccountID(), 0, 0, !empty($result['bannedby']) ? $result['bannedby'] : "Server" . " : " . $result['banreason'], $connection); //_UnbanAccount($connection); $REALSON = _GDiv($L[17]); $_SESSION['TCA'] = false; } else { $REALSON = _RDiv($L[18]); } } else { $_SESSION['TCA'] = true; } echo "\n <div class = 'text-center'>" . $REALSON . "\n <h2>" . $L[94] . "</h2>\n </div>\n <fieldset>\n <div class = 'charBox alert alert-error'>\n <table>\n <tr>\n <td width = '73'>\n <img class = 'img-rounded' src = '_template/img/_faces/0-0-0-0.png' border = 'none'>\n </td>\n <td width = '340'>\n <h4>" . $result['banreason'] . "</h4>\n <span class = ''>" . $L[165] . "</span>" . _AU_BAN_AUTHOR_STR($result['bannedby']) . "<br/>\n <span class = ''>" . $L[166] . "</span>" . $result['BAN_DATE'] . "<br/>\n <span class = ''>" . $L[167] . "</span>" . $result['UNBAN_DATE'] . "\n </td>\n </tr>\n </table>\n </div>\n <div class = 'charBox alert alert-success'>\n <table>\n <tr>\n <td width = '73'>\n <img class = 'img-rounded' src = '_template/img/_faces/0-0-0-0.png' border = 'none'>\n </td>\n <td width = '340'>\n <h4>" . $result['banreason'] . "</h4>\n <span class = ''>" . $L[165] . "</span>" . _AU_BAN_AUTHOR_STR($result['bannedby']) . "<br/>\n <span class = ''>" . $L[166] . "</span>" . $result['BAN_DATE'] . "<br/>\n <span class = ''>" . $L[167] . "</span>" . $L[168] . "\n </td>\n </tr>\n </table>\n </div>\n </fieldset>\n <fieldset>\n <form action = " . $_SERVER['PHP_SELF'] . " method = 'POST'>\n " . _BDiv(_PRICE_STR($PriceForUnban)) . "\n <div class = 'text-center'>\n <button class = 'btn btn-primary' type = 'submit'>" . _getPriceButtonSTR($PriceForUnban) . "</button>\n </div>\n </form>\n </fieldset>"; } mysql_close($connection) or die(mysql_error()); include_once '_template/_footer.php'; ob_end_flush();
if (!_getUsername()) { Header('Location: index.php'); } if (!isset($_POST['cur_password']) || !isset($_POST['new_password']) || !isset($_POST['new_password2']) || empty($_POST['cur_password']) || empty($_POST['new_password']) || empty($_POST['new_password2'])) { $reason = _BDiv($L[214]); } else { if ($_POST['new_password'] !== $_POST['new_password2']) { $reason = _RDiv($L[211]); } else { $SHA1Password = SHA1Password(_getUsername(), _Z($_POST['cur_password'])); $SHA1PasswordNEW = SHA1Password(_getUsername(), _Z($_POST['new_password'])); $connection = _MySQLConnect($AccountDBHost, $DBUser, $DBPassword, $AccountDB); $query = mysql_query("SELECT `id` FROM `account` WHERE `username` = '" . _getUsername() . "' AND `sha_pass_hash` = '" . _X($SHA1Password) . "';", $connection) or die(mysql_error()); $result = mysql_fetch_array($query); if (!empty($result['id'])) { mysql_query("UPDATE `account` SET `sha_pass_hash` = '" . _X($SHA1PasswordNEW) . "',`sessionkey` = '',`v` = '',`s` = '' WHERE `username` = '" . _getUsername() . "';", $connection) or die(mysql_error()); _SpendMythCoins(0, 13, "", 0, "", 0, "", $connection); $reason = _BDiv($L[213]); mysql_close($connection) or die(mysql_error()); } else { $reason = _RDiv($L[212]); mysql_close($connection) or die(mysql_error()); } } } ?> <div class = 'text-center'> <h2><?php echo $L[93]; ?> </h2>
<?php if (is_dir("_!_DELETE_AFTER_INSTALL_!_") && $_SERVER['REMOTE_ADDR'] != "127.0.0.1") { die("DELETE INSTALATION FOLDER"); } include_once '_template/_header.php'; if (_getUsername()) { Header('Location: _userside.php'); } if (!isset($_POST['username']) || !isset($_POST['password']) || !isset($_POST['CaptchaText']) || empty($_POST['username']) || empty($_POST['password']) || empty($_POST['CaptchaText'])) { $REASON = _RDiv($L[147]); } else { if ($_SESSION['capcha'] != strtolower($_POST['CaptchaText'])) { $REASON = _RDiv($L[145]); } else { $username = _Z($_POST['username']); $SHA1Password = SHA1Password($username, _Z($_POST['password'])); $connection = _MySQLConnect($AccountDBHost, $DBUser, $DBPassword, $AccountDB); $query = mysql_query("SELECT `id`,`username` FROM `account` WHERE `username` = '" . _X($username) . "' AND `sha_pass_hash` = '" . _X($SHA1Password) . "';", $connection) or die(mysql_error()); $result = mysql_fetch_array($query); if (empty($result['username'])) { $REASON = _RDiv($L[157]); mysql_close($connection) or die(mysql_error()); } else { $_SESSION['AccountID'] = $result['id']; $_SESSION['AccountUN'] = strtoupper($result['username']); $query = mysql_query("SELECT `id` FROM `account_details` WHERE `id` = " . (int) _getAccountID() . ";", $connection) or die(mysql_error()); $result = mysql_fetch_array($query); if (empty($row[0])) { mysql_query("INSERT IGNORE INTO `account_details`(`id`) VALUES (" . (int) _getAccountID() . ");", $connection) or die(mysql_error()); }
<?php include_once '_template/_header.php'; if (!_getUsername()) { Header('Location: index.php'); } if (isset($_GET['CL'])) { unset($_SESSION['R']); } $connection = _MySQLConnect($AccountDBHost, $DBUser, $DBPassword, $AccountDB); if (_isGMAllowed($connection) && isset($_POST['HowMuch']) && isset($_POST['HowMuchReason'])) { _modifyFirePoints($_POST['HowMuch'], _isset($_POST['HowMuchReason']) ? $_POST['HowMuchReason'] : _getUsername(), $connection, $_SESSION['R']['ID']); } _AH_FORM($connection, _isGMAllowed($connection)); mysql_close($connection) or die(mysql_error()); include_once '_template/_footer.php'; ob_end_flush(); function _AH_FORM($connection, $ADMIN_MODE = false) { global $L; $RealmID = isset($_GET['R']) ? (int) $_GET['R'] : null; $PostQuery = isset($_POST['U']) ? trim($_POST['U']) : null; if (isset($PostQuery)) { $PostQuery = !empty($PostQuery) ? $PostQuery : null; } $Done = null; $H = $ADMIN_MODE ? $L[221] : $L[95]; $Q_STR = "SELECT DATE(`whenItDone`),`action`,`text`,`realmName`,`charName`,`myth_coins_spend`,`myth_coins_balance`,`IP`\n FROM `account_billing_history` "; _getRealmArray($connection); echo "\n <div class = 'text-center'>\n <h2>" . $H . "</h2>"; if ($ADMIN_MODE) {