$owner = 'yesiamtheowner';
} else {
$owner = 'imnot';
}
} else {
$owner = 'yesiamtheowner';
}
$user_rank = mobbo::users_info('rank');
if ($user_rank > 3 && $logged_in or !$logged_in) {
$hkzone = true;
$p = Security::textFilter($_GET['p']);
$do = Security::textFilter($_GET['do']);
$page = Security::textFilter($_GET['page']);
$key = Security::textFilter($_GET['key']);
$search = Security::textFilter($_POST['search']);
if (mobbo::session_is_registered('acp')) {
$session = $_SESSION['acp'];
$admin_username = $_SESSION['hkusername'];
$admin_password = $_SESSION['hkpassword'];
$check = Transaction::query("SELECT * FROM `users` WHERE `username` = '" . $myrow['username'] . "' AND `rank` > 5 LIMIT 1");
$valid = Transaction::num_rows($check);
if ($valid > 0) {
$tmp = Transaction::fetch($check);
if ($p == "logout") {
session_destroy();
$notify_logout = true;
include 'login.php';
} elseif ($p == "home") {
$tab = 1;
require_once 'home.php';
} elseif ($p == "test") {
<?php
/* Security Proof */
$included_files = 2345;
$included_files = get_included_files();
if (!in_array($_SERVER['DOCUMENT_ROOT'] . '\\CORE.php', $included_files)) {
die;
}
if ($hkzone !== true) {
header("Location: index.php?throwBack=true");
exit;
}
if (!mobbo::session_is_registered(acp)) {
header("Location: p/login");
exit;
}
$pagename = "Home";
$pageid = "home";
@(include 'subheader.php');
@(include 'header.php');
?>
<style>
table { border: 1px solid white; }
</style>
<table cellpadding='0' cellspacing='8' width='100%' id='tablewrap'>
<tr>
<td width='100%' valign='top' id='rightblock'>
if (isset($_POST['username'])) {
$form_name = addslashes($_POST['username']);
$form_pass = mobbo::HoloHash($_POST['password']);
$form_pass2 = mobbo::HoloHashMD5($_POST['password']);
$form_code = $_POST['codeword'];
$check = Transaction::query("SELECT * FROM users WHERE username = '******' AND password = '******' AND rank > 3 or username = '******' AND password = '******' AND rank > 3 LIMIT 1");
$valid = Transaction::num_rows($check);
if (!empty($form_name) && !empty($form_pass)) {
if ($valid > 0) {
$row = Transaction::fetch($check);
$_SESSION['acp'] = true;
$_SESSION['hkusername'] = $row['username'];
$_SESSION['hkpassword'] = $form_pass2;
$_SESSION['hkcode'] = $form_code;
$my_id = $row['id'];
if (!mobbo::session_is_registered(username)) {
$_SESSION['username'] = $row['username'];
$_SESSION['password'] = $form_pass2;
$_SESSION['code'] = $form_code;
}
Transaction::query("UPDATE users SET ip_last = '" . $remote_ip . "' WHERE id = '" . $row['id'] . "' LIMIT 1");
Transaction::query("INSERT INTO stafflogs (action,message,note,userid,targetid,timestamp) VALUES ('Housekeeping','Login (IP: " . $remote_ip . ")','login.php','" . $my_id . "','0','" . $date_full . "')");
if ($_POST['headerclient'] == true) {
header("location: {$path}/client");
exit;
} else {
header("location: " . $adminpath . "/p/home");
exit;
}
} else {
$msg = "Nome de usuario, senha o Habbo ID incorrectos.";
