function lostpassword() { $stop = ''; $user = get_user(); $text = ''; $login = office_secure(trim($this->input->post('login', true))); $master_answer = md5(office_secure(trim($this->input->post('master_answer', true)))); if ($login == '' || $this->input->post('master_answer') == '') { redirect('main_index/lost', 'refresh'); } if (FastCheckBan(Get_AS(office_secure($login)))) { $stop = "You account is banned!"; } $query_auth = $this->MSSQL->query("SELECT * FROM {$user}.dbo.tbl_UserAccount WHERE id = '" . xss_clean($login) . "'"); if ($query_auth->num_rows() > 0) { foreach ($query_auth->result() as $row) { $seriala = $row->serial; } if (check_master_answer($seriala)) { $master_answer_query = show_master_answer($seriala); } else { $stop = lang('off_lost_error'); } } else { $stop = lang('off_lost_error'); } if ($stop == '') { $query = $this->MSSQL->query("SELECT id,Password FROM {$user}.dbo." . config('table_account', 'query') . " WHERE id = '" . $login . "'"); if ($query->num_rows() > 0) { foreach ($query->result() as $row) { $id_query = $row->id; $Password_query = $row->Password; } } else { $stop = lang('off_lost_error'); } } if ($stop == '') { if ($master_answer_query == $master_answer) { if (preg_name($Password_query) == '') { exit('Permabanned!'); } $this->session->set_userdata('login', xss_clean($login)); $this->session->set_userdata('passw', xss_clean($Password_query)); $this->session->set_userdata('lost_p', xss_clean($master_answer)); redirect('main', 'refresh'); } else { } } else { $text = $stop; } $this->data['content'] = icon('64x64/delete_user.png') . br(2) . go_back('', true) . $text; compile(); }
function uprofile() { $this->data['title'] = lang('off_acc') . get_login(); $username = urlencode(office_secure($this->input->post('username'))); $icq = (int) trim(office_secure($this->input->post('icq')), "-"); $skype = urlencode(office_secure($this->input->post('skype'))); $master_answer = office_secure($this->input->post('master_answer')); $allow_ip = office_secure($this->input->post('allow_ip')); $mac_adress = urlencode(office_secure($this->input->post('mac_adress'))); if ($master_answer != $this->input->post('master_answer')) { redirect(base_url() . 'profile/#error'); } $block = TRUE; if (strlen($this->session->userdata('ip_address')) > 2) { if (substr($this->session->userdata('ip_address'), 0, strlen($allow_ip)) != $allow_ip) { $this->data['content'] = icon('32x32/edit_profile.png') . lang('off_profile_check_ip'); compile(); $block = FALSE; } } if (!check_master_answer() && $master_answer && $block != FALSE) { $this->MYSQL->query("\n INSERT INTO profile SET username='******',\n icq='{$icq}',\n skype='{$skype}',\n master_answer='" . md5($master_answer) . "',\n mac_adress='{$mac_adress}',\n allow_ip='{$allow_ip}',\n AccountSerial=" . Get_AccountSerial()); $this->data['content'] = icon('32x32/edit_profile.png') . lang('off_profile_save_ok'); } else { if (check_master_answer() == FALSE && $block != FALSE) { redirect('main/profile'); } $this->MYSQL->query("\n UPDATE profile\n SET username='******',\n icq='{$icq}',\n skype='{$skype}',\n allow_ip='{$allow_ip}'\n WHERE AccountSerial=" . Get_AccountSerial()); $this->data['content'] = icon('32x32/edit_profile.png') . lang('off_profile_save_up'); } compile(); }