include "../config.php"; require "PassAuth.php"; $username = $_POST['username']; $password = $_POST['password']; if (empty($username) || empty($password)) { echo 'You have left something blank'; } else { $stmt = $db->prepare("SELECT * FROM " . $prefix . "users WHERE username = ? LIMIT 1"); $stmt->bind_param('s', $username); $stmt->execute(); $stmt->store_result(); } if ($stmt->num_rows == 0) { echo 'Your username or password was incorrect [0x001]'; } else { $stmt->bind_result($nid, $nusername, $npassword, $nprivileges); while ($stmt->fetch()) { if (PassAuth::checkPassword($password, $npassword)) { session_start(); $_SESSION['online'] = true; $_SESSION['username'] = $nusername; $_SESSION['privileges'] = $nprivileges; $page = $_SERVER['PHP_SELF']; echo 'Logging you in...<meta http-equiv="refresh" content="0">'; } else { echo 'Your username or password was incorrect [0x002]'; } } } $stmt->free_result(); $stmt->close();
$stmt->store_result(); $stmt->bind_result($remPassword); if ($stmt->num_rows > 0) { while ($stmt->fetch()) { $oldpassword = $remPassword; } $stmt->close(); if (!PassAuth::checkPassword($password, $oldpassword)) { echo "Your current password is incorrect."; } else { if ($pass1 != $pass2 || empty($pass2) || empty($pass1)) { echo "Your new passwords do not match"; } else { if (PassAuth::checkPassword($pass1, $oldpassword)) { echo "You can't change your password to that!"; } else { $password = PassAuth::encryptPassword($pass1); $stmt = $db->prepare("UPDATE " . $prefix . "users SET password=? WHERE username=?"); $stmt->bind_param("ss", $password, $_SESSION['username']); $stmt->execute(); $stmt->close(); echo "Your password has been changed. You must login again before proceeding to another page."; session_destroy(); } } } } else { $stmt->close(); echo "There was an error processing your request. Please try again later."; } }
} } if ($bool) { ?> <h2>Installation Completed</h2> Please delete the install.php file for security reasons. Then, return to your index page and sign in with your new account. If you do not delete your install.php file you will not be able to access your AntiCheat panel. <?php } else { if (isset($_POST['submit'])) { $pass1 = $_POST['pass1']; $pass2 = $_POST['pass2']; if (empty($pass1) || empty($pass2)) { echo 'You must enter a password.'; } else { if ($pass1 == $pass2) { $password = PassAuth::encryptPassword($_POST['pass1']); $username = $_POST['username']; if (empty($username)) { echo 'You must enter a username.'; } else { $db->query("CREATE TABLE ac_users(id INT UNSIGNED PRIMARY KEY NOT NULL AUTO_INCREMENT,username VARCHAR(16),password VARCHAR(256),privileges VARCHAR(45) DEFAULT 'admin')"); $stmt = $db->prepare("INSERT INTO ac_users(`username`,`password`,`privileges`) VALUES(?,?,?)"); $privilege = "superadmin"; $stmt->bind_param('sss', $username, $password, $privilege); $stmt->execute(); ?> <h2>Installation Completed</h2> Please delete the install.php file for security reasons. Then, return to your index page and sign in with your new account. If you do not delete your install.php file you will not be able to access your AntiCheat panel. <?php $stmt->close(); return;