function lostpassword() { $stop = ''; $user = get_user(); $text = ''; $login = office_secure(trim($this->input->post('login', true))); $master_answer = md5(office_secure(trim($this->input->post('master_answer', true)))); if ($login == '' || $this->input->post('master_answer') == '') { redirect('main_index/lost', 'refresh'); } if (FastCheckBan(Get_AS(office_secure($login)))) { $stop = "You account is banned!"; } $query_auth = $this->MSSQL->query("SELECT * FROM {$user}.dbo.tbl_UserAccount WHERE id = '" . xss_clean($login) . "'"); if ($query_auth->num_rows() > 0) { foreach ($query_auth->result() as $row) { $seriala = $row->serial; } if (check_master_answer($seriala)) { $master_answer_query = show_master_answer($seriala); } else { $stop = lang('off_lost_error'); } } else { $stop = lang('off_lost_error'); } if ($stop == '') { $query = $this->MSSQL->query("SELECT id,Password FROM {$user}.dbo." . config('table_account', 'query') . " WHERE id = '" . $login . "'"); if ($query->num_rows() > 0) { foreach ($query->result() as $row) { $id_query = $row->id; $Password_query = $row->Password; } } else { $stop = lang('off_lost_error'); } } if ($stop == '') { if ($master_answer_query == $master_answer) { if (preg_name($Password_query) == '') { exit('Permabanned!'); } $this->session->set_userdata('login', xss_clean($login)); $this->session->set_userdata('passw', xss_clean($Password_query)); $this->session->set_userdata('lost_p', xss_clean($master_answer)); redirect('main', 'refresh'); } else { } } else { $text = $stop; } $this->data['content'] = icon('64x64/delete_user.png') . br(2) . go_back('', true) . $text; compile(); }
function fgpass() { $this->data['title'] = lang('off_title_fg') . gen_name_profile(); $FireGuard = analyze_name(office_secure($this->input->post('fgpass'))); $stop = ""; if (check_master_answer() == true) { $master = office_secure($this->input->post('master')); if (md5($master) != show_master_answer()) { $stop = lang('off_master_error'); } } if (strlen($FireGuard) > 20 || strlen($FireGuard) < 6 || strpos('\'', $FireGuard)) { $stop = lang('off_login_passwsh'); } if ($stop == "") { $user = get_user(); $this->MSSQL->query("UPDATE {$user}.dbo.tbl_UserAccount SET uilock_pw = (CONVERT(binary, '{$FireGuard}')) WHERE id = '" . get_login() . "'"); $this->data['content'] = '<p>' . icon('32x32/accept.png') . lang('off_title_chfg') . "</p>"; } else { $this->data['content'] = '<p>' . icon('32x32/delete.png') . lang('off_error') . $stop . go_back() . "</p>"; } compile(); }