</center> </div>'); } /* Spruce up username, check length */ $_POST['user'] = trim($_POST['user']); if (strlen($_POST['user']) > 30) { die("br>\n <div align=center>\n <center>\n <table border=1 cellpadding=5 cellspacing=0 style=border-collapse: collapse id=AutoNumber1 bordercolor=#FFFFFF>\n <tr>\n <td width=100% bgcolor=#666666>\n \n <font color=#FF0000><b>ALERT:</b></font>Sorry, the username is longer than 30 characters, please shorten it.<br>\n </tr>\n </table>\n </center>\n</div>"); } require "classes/error_class.php"; $error = new error_handle(); /* Checks that username is in database and password is correct */ $md5pass = md5($_POST['pass']); $result = confirmUser($_POST['user'], $md5pass); /* Check error codes */ if ($result == 1) { $error->error_text(1); } else { if ($result == 2) { $error->error_text(1); } } $selectv = mysql_fetch_assoc(mysql_query("SELECT * FROM players WHERE username='******'user']}'")); $checkv = mysql_num_rows(mysql_query("SELECT * FROM players_confirm WHERE id='{$selectv['id']}'")); if ($checkv > '0') { echo "<br>\n <div align=center>\n <center>\n <table border=1 cellpadding=5 cellspacing=0 style=border-collapse: collapse bordercolor=#FFFFFF>\n <tr>\n <td width=100% bgcolor=#666666>\n \n <font color=#FF0000><b>ALERT:</b></font> This account has not been activated yet!<br>\n </tr>\n </table>\n </center>\n</div>"; include "includes/footer.inc.php"; exit; } $ip = $_SERVER["REMOTE_ADDR"]; $suspend = mysql_fetch_assoc(mysql_query("SELECT * FROM players WHERE username='******'user']}'")); if ($suspend['suspended'] == 'Y') {
require "classes/error_class.php"; require "classes/user_class.php"; require "classes/levguide.inc.php"; // Initial handlers $error = new error_handle(); if ($logged_in == true) { $user = new userinfo(); $user->fetch_info($_SESSION['username'], $_SESSION['password']); $user->get_info(); $user->get_header_info(); $user->get_bonus($user->id); } $ip = $_SERVER['REMOTE_ADDR']; $ban = mysql_num_rows(mysql_query("SELECT * from banned where ip='{$ip}'")); if ($ban >= '1') { $error->error_text(3, NULL, NULL); } if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch') { // This is a prefetch request. Block it. header('HTTP/1.0 403 Forbidden'); echo '403: Forbidden<br><br>Prefetching not allowed here.'; die; } if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch') { ob_end_clean(); header('HTTP/1.1 403 Prefetch Forbidden'); die; } if ($logged_in) { $ctime = time(); $stat = mysql_fetch_assoc(mysql_query("SELECT * from players where username='******'username']}' and password='******'password']}'"));