function lostpassword()
{
$stop = '';
$user = get_user();
$text = '';
$login = office_secure(trim($this->input->post('login', true)));
$master_answer = md5(office_secure(trim($this->input->post('master_answer', true))));
if ($login == '' || $this->input->post('master_answer') == '') {
redirect('main_index/lost', 'refresh');
}
if (FastCheckBan(Get_AS(office_secure($login)))) {
$stop = "You account is banned!";
}
$query_auth = $this->MSSQL->query("SELECT * FROM {$user}.dbo.tbl_UserAccount WHERE id = '" . xss_clean($login) . "'");
if ($query_auth->num_rows() > 0) {
foreach ($query_auth->result() as $row) {
$seriala = $row->serial;
}
if (check_master_answer($seriala)) {
$master_answer_query = show_master_answer($seriala);
} else {
$stop = lang('off_lost_error');
}
} else {
$stop = lang('off_lost_error');
}
if ($stop == '') {
$query = $this->MSSQL->query("SELECT id,Password FROM {$user}.dbo." . config('table_account', 'query') . " WHERE id = '" . $login . "'");
if ($query->num_rows() > 0) {
foreach ($query->result() as $row) {
$id_query = $row->id;
$Password_query = $row->Password;
}
} else {
$stop = lang('off_lost_error');
}
}
if ($stop == '') {
if ($master_answer_query == $master_answer) {
if (preg_name($Password_query) == '') {
exit('Permabanned!');
}
$this->session->set_userdata('login', xss_clean($login));
$this->session->set_userdata('passw', xss_clean($Password_query));
$this->session->set_userdata('lost_p', xss_clean($master_answer));
redirect('main', 'refresh');
} else {
}
} else {
$text = $stop;
}
$this->data['content'] = icon('64x64/delete_user.png') . br(2) . go_back('', true) . $text;
compile();
}
function uprofile()
{
$this->data['title'] = lang('off_acc') . get_login();
$username = urlencode(office_secure($this->input->post('username')));
$icq = (int) trim(office_secure($this->input->post('icq')), "-");
$skype = urlencode(office_secure($this->input->post('skype')));
$master_answer = office_secure($this->input->post('master_answer'));
$allow_ip = office_secure($this->input->post('allow_ip'));
$mac_adress = urlencode(office_secure($this->input->post('mac_adress')));
if ($master_answer != $this->input->post('master_answer')) {
redirect(base_url() . 'profile/#error');
}
$block = TRUE;
if (strlen($this->session->userdata('ip_address')) > 2) {
if (substr($this->session->userdata('ip_address'), 0, strlen($allow_ip)) != $allow_ip) {
$this->data['content'] = icon('32x32/edit_profile.png') . lang('off_profile_check_ip');
compile();
$block = FALSE;
}
}
if (!check_master_answer() && $master_answer && $block != FALSE) {
$this->MYSQL->query("\n INSERT INTO profile SET username='******',\n icq='{$icq}',\n skype='{$skype}',\n master_answer='" . md5($master_answer) . "',\n mac_adress='{$mac_adress}',\n allow_ip='{$allow_ip}',\n AccountSerial=" . Get_AccountSerial());
$this->data['content'] = icon('32x32/edit_profile.png') . lang('off_profile_save_ok');
} else {
if (check_master_answer() == FALSE && $block != FALSE) {
redirect('main/profile');
}
$this->MYSQL->query("\n UPDATE profile\n SET username='******',\n icq='{$icq}',\n skype='{$skype}',\n allow_ip='{$allow_ip}'\n WHERE AccountSerial=" . Get_AccountSerial());
$this->data['content'] = icon('32x32/edit_profile.png') . lang('off_profile_save_up');
}
compile();
}
