<?php
include_once '_template/_header.php';
if (!_getUsername()) {
Header('Location: index.php');
}
if (!isset($_POST['cur_password']) || !isset($_POST['new_password']) || !isset($_POST['new_password2']) || empty($_POST['cur_password']) || empty($_POST['new_password']) || empty($_POST['new_password2'])) {
$reason = _BDiv($L[214]);
} else {
if ($_POST['new_password'] !== $_POST['new_password2']) {
$reason = _RDiv($L[211]);
} else {
$SHA1Password = SHA1Password(_getUsername(), _Z($_POST['cur_password']));
$SHA1PasswordNEW = SHA1Password(_getUsername(), _Z($_POST['new_password']));
$connection = _MySQLConnect($AccountDBHost, $DBUser, $DBPassword, $AccountDB);
$query = mysql_query("SELECT `id` FROM `account` WHERE `username` = '" . _getUsername() . "' AND `sha_pass_hash` = '" . _X($SHA1Password) . "';", $connection) or die(mysql_error());
$result = mysql_fetch_array($query);
if (!empty($result['id'])) {
mysql_query("UPDATE `account` SET `sha_pass_hash` = '" . _X($SHA1PasswordNEW) . "',`sessionkey` = '',`v` = '',`s` = '' WHERE `username` = '" . _getUsername() . "';", $connection) or die(mysql_error());
_SpendMythCoins(0, 13, "", 0, "", 0, "", $connection);
$reason = _BDiv($L[213]);
mysql_close($connection) or die(mysql_error());
} else {
$reason = _RDiv($L[212]);
mysql_close($connection) or die(mysql_error());
}
}
}
?>
<div class = 'text-center'>
<h2><?php
if (is_dir("_!_DELETE_AFTER_INSTALL_!_") && $_SERVER['REMOTE_ADDR'] != "127.0.0.1") {
die("DELETE INSTALATION FOLDER");
}
include_once '_template/_header.php';
if (_getUsername()) {
Header('Location: _userside.php');
}
if (!isset($_POST['username']) || !isset($_POST['password']) || !isset($_POST['CaptchaText']) || empty($_POST['username']) || empty($_POST['password']) || empty($_POST['CaptchaText'])) {
$REASON = _RDiv($L[147]);
} else {
if ($_SESSION['capcha'] != strtolower($_POST['CaptchaText'])) {
$REASON = _RDiv($L[145]);
} else {
$username = _Z($_POST['username']);
$SHA1Password = SHA1Password($username, _Z($_POST['password']));
$connection = _MySQLConnect($AccountDBHost, $DBUser, $DBPassword, $AccountDB);
$query = mysql_query("SELECT `id`,`username` FROM `account` WHERE `username` = '" . _X($username) . "' AND `sha_pass_hash` = '" . _X($SHA1Password) . "';", $connection) or die(mysql_error());
$result = mysql_fetch_array($query);
if (empty($result['username'])) {
$REASON = _RDiv($L[157]);
mysql_close($connection) or die(mysql_error());
} else {
$_SESSION['AccountID'] = $result['id'];
$_SESSION['AccountUN'] = strtoupper($result['username']);
$query = mysql_query("SELECT `id` FROM `account_details` WHERE `id` = " . (int) _getAccountID() . ";", $connection) or die(mysql_error());
$result = mysql_fetch_array($query);
if (empty($row[0])) {
mysql_query("INSERT IGNORE INTO `account_details`(`id`) VALUES (" . (int) _getAccountID() . ");", $connection) or die(mysql_error());
}
mysql_close($connection) or die(mysql_error());
session_start();
include_once '_transfer/t_config.php';
if (isset($_SESSION['loged'])) {
Header('Location: playerside.php');
} else {
include_once '_transfer/language.php';
if (!isset($_POST['username']) || !isset($_POST['username'])) {
include_once 'template/t_header.php';
$reason = "<font color=\"darkred\">" . $write[2] . "</font><br>";
} else {
if ($captchaEnable != 0 && $_SESSION['CaptchaText'] != $_POST['CaptchaText']) {
include_once 'template/t_header.php';
$reason = "<font color=\"darkred\">Wrong Captcha code!</font><br>";
} else {
$username = strtoupper(addslashes($_POST['username']));
$SHA1Password = SHA1Password($username, strtoupper(addslashes($_POST['password'])));
$connection = mysql_connect($AccountDBHost, $DBUser, $DBPassword);
mysql_select_db($AccountDB, $connection);
mysql_set_charset('utf8', $connection);
$query = mysql_query("SELECT `id`,`username` FROM `account` WHERE `username` = \"" . _Y($username) . "\" AND `sha_pass_hash` = \"" . _Y($SHA1Password) . "\";", $connection) or die(mysql_error());
$result = mysql_fetch_array($query);
mysql_close($connection);
if ($result['username'] == "") {
include_once 'template/t_header.php';
$reason = "<font color=\"darkred\">Wrong Password!</font><br>";
} else {
if ($result['username']) {
$_SESSION['loged'] = $SHA1Password;
$_SESSION['id'] = $result['id'];
$_SESSION['user'] = $result['username'];
Header('Location: playerside.php');
