<?php // change_password_success.php is public, executed automatically. require_once 'config.php'; require_once 'class.mysqli.php'; require_once 'class.util.php'; require_once 'class.customs.php'; // HNAuthLib if (!defined('HNAUTH_DIR')) { define('HNAUTH_DIR', './HNAuthLib/'); } require_once HNAUTH_DIR . 'HNAuth.php'; $errorMsg = ''; $session = new Session(); if ($session->getItem('username') !== '' && $session->getItem('userlevel') !== '') { $session->destroy(); } ?> <!DOCTYPE html> <!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]--> <!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]--> <!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js"> <!--<![endif]--> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <title></title>
// index.php is public to everyone. require_once 'config.php'; require_once 'class.mysqli.php'; require_once 'class.util.php'; require_once 'class.customs.php'; // HNAuthLib if (!defined('HNAUTH_DIR')) { define('HNAUTH_DIR', './HNAuthLib/'); } require_once HNAUTH_DIR . 'HNAuth.php'; $errorMsg = ''; if (!is_user_logged_in()) { $authenticated = false; } else { $session = new Session(); $loggedInUser = $session->getItem('username'); $loggedInLevel = $session->getItem('userlevel'); $user_loggedin_id = get_userid($loggedInUser); $authenticated = true; } ?> <!DOCTYPE html> <!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]--> <!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]--> <!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js"> <!--<![endif]--> <head>
function delete_account($username, $current_password) { global $hndb, $lang, $loc, $responseMsg; $session = new Session(); $db = DB::getInstance(); $username = $db->filter($username); $current_password = $db->filter($current_password); if ($current_password == '') { $responseMsg['hnauth'] = $lang['hnauth'][$loc]['field_empty']; return false; } else { $query = "SELECT password FROM " . $hndb['table'] . " WHERE username='******'"; if ($db->num_rows($query) > 0) { list($mysql_password) = $db->get_row($query); if (_hashPassword($current_password) !== $mysql_password) { $responseMsg['hnauth'] = $lang['hnauth'][$loc]['incorrect_password']; return false; } else { $data_delete = array('username' => $username); $deleted = $db->delete($hndb['table'], $data_delete, 1); if ($deleted) { if ($session->getItem('username') !== '' && $session->getItem('userlevel')) { $session->destroy(); } return true; } } } else { $responseMsg['hnauth'] = $lang['hnauth'][$loc]['username_not_exist_in_database']; return false; } } }