} else {
include_once '_transfer/language.php';
if (!isset($_POST['username']) || !isset($_POST['username'])) {
include_once 'template/t_header.php';
$reason = "<font color=\"darkred\">" . $write[2] . "</font><br>";
} else {
if ($captchaEnable != 0 && $_SESSION['CaptchaText'] != $_POST['CaptchaText']) {
include_once 'template/t_header.php';
$reason = "<font color=\"darkred\">Wrong Captcha code!</font><br>";
} else {
$username = strtoupper(addslashes($_POST['username']));
$SHA1Password = SHA1Password($username, strtoupper(addslashes($_POST['password'])));
$connection = mysql_connect($AccountDBHost, $DBUser, $DBPassword);
mysql_select_db($AccountDB, $connection);
mysql_set_charset('utf8', $connection);
$query = mysql_query("SELECT `id`,`username` FROM `account` WHERE `username` = \"" . _Y($username) . "\" AND `sha_pass_hash` = \"" . _Y($SHA1Password) . "\";", $connection) or die(mysql_error());
$result = mysql_fetch_array($query);
mysql_close($connection);
if ($result['username'] == "") {
include_once 'template/t_header.php';
$reason = "<font color=\"darkred\">Wrong Password!</font><br>";
} else {
if ($result['username']) {
$_SESSION['loged'] = $SHA1Password;
$_SESSION['id'] = $result['id'];
$_SESSION['user'] = $result['username'];
Header('Location: playerside.php');
}
}
}
}
function _lookForAccount($connection, $U)
{
$query = mysql_query("SELECT `id` FROM `account` WHERE `username` = '" . _Y($U) . "';", $connection) or die(mysql_error());
$row = mysql_fetch_array($query);
return isset($row[0]) ? $row[0] : -1;
}