if (is_dir("_!_DELETE_AFTER_INSTALL_!_") && $_SERVER['REMOTE_ADDR'] != "127.0.0.1") { die("DELETE INSTALATION FOLDER"); } include_once '_template/_header.php'; if (_getUsername()) { Header('Location: _userside.php'); } if (!isset($_POST['username']) || !isset($_POST['password']) || !isset($_POST['CaptchaText']) || empty($_POST['username']) || empty($_POST['password']) || empty($_POST['CaptchaText'])) { $REASON = _RDiv($L[147]); } else { if ($_SESSION['capcha'] != strtolower($_POST['CaptchaText'])) { $REASON = _RDiv($L[145]); } else { $username = _Z($_POST['username']); $SHA1Password = SHA1Password($username, _Z($_POST['password'])); $connection = _MySQLConnect($AccountDBHost, $DBUser, $DBPassword, $AccountDB); $query = mysql_query("SELECT `id`,`username` FROM `account` WHERE `username` = '" . _X($username) . "' AND `sha_pass_hash` = '" . _X($SHA1Password) . "';", $connection) or die(mysql_error()); $result = mysql_fetch_array($query); if (empty($result['username'])) { $REASON = _RDiv($L[157]); mysql_close($connection) or die(mysql_error()); } else { $_SESSION['AccountID'] = $result['id']; $_SESSION['AccountUN'] = strtoupper($result['username']); $query = mysql_query("SELECT `id` FROM `account_details` WHERE `id` = " . (int) _getAccountID() . ";", $connection) or die(mysql_error()); $result = mysql_fetch_array($query); if (empty($row[0])) { mysql_query("INSERT IGNORE INTO `account_details`(`id`) VALUES (" . (int) _getAccountID() . ");", $connection) or die(mysql_error()); } mysql_close($connection) or die(mysql_error());
<?php include_once '_template/_header.php'; if (!_getUsername()) { Header('Location: index.php'); } if (!isset($_POST['cur_password']) || !isset($_POST['new_password']) || !isset($_POST['new_password2']) || empty($_POST['cur_password']) || empty($_POST['new_password']) || empty($_POST['new_password2'])) { $reason = _BDiv($L[214]); } else { if ($_POST['new_password'] !== $_POST['new_password2']) { $reason = _RDiv($L[211]); } else { $SHA1Password = SHA1Password(_getUsername(), _Z($_POST['cur_password'])); $SHA1PasswordNEW = SHA1Password(_getUsername(), _Z($_POST['new_password'])); $connection = _MySQLConnect($AccountDBHost, $DBUser, $DBPassword, $AccountDB); $query = mysql_query("SELECT `id` FROM `account` WHERE `username` = '" . _getUsername() . "' AND `sha_pass_hash` = '" . _X($SHA1Password) . "';", $connection) or die(mysql_error()); $result = mysql_fetch_array($query); if (!empty($result['id'])) { mysql_query("UPDATE `account` SET `sha_pass_hash` = '" . _X($SHA1PasswordNEW) . "',`sessionkey` = '',`v` = '',`s` = '' WHERE `username` = '" . _getUsername() . "';", $connection) or die(mysql_error()); _SpendMythCoins(0, 13, "", 0, "", 0, "", $connection); $reason = _BDiv($L[213]); mysql_close($connection) or die(mysql_error()); } else { $reason = _RDiv($L[212]); mysql_close($connection) or die(mysql_error()); } } } ?> <div class = 'text-center'> <h2><?php