<?php
include_once '_template/_header.php';
if (!_getUsername()) {
Header('Location: index.php');
}
$REALSON = null;
$connection = _MySQLConnect($AccountDBHost, $DBUser, $DBPassword, $AccountDB);
$query = mysql_query("SELECT FROM_UNIXTIME(`bandate`) AS `BAN_DATE`, FROM_UNIXTIME(`unbandate`) AS `UNBAN_DATE`,`bannedby`,`banreason` FROM `account_banned` WHERE `id` = " . (int) _getAccountID() . " AND `active` = 1;", $connection) or die(mysql_error());
$result = mysql_fetch_array($query);
if (!$result) {
$_SESSION['TCA'] = false;
echo _getAlreadyEffectSTR("<h2>" . $L[38] . "</h2>");
} else {
if (isset($_SESSION['TCA']) && $_SESSION['TCA']) {
if (_isEnoughMythCoins($PriceForUnban, $connection)) {
_SpendMythCoins($PriceForUnban, 9, $_SESSION['AccountUN'], (int) _getAccountID(), 0, 0, !empty($result['bannedby']) ? $result['bannedby'] : "Server" . " : " . $result['banreason'], $connection);
//_UnbanAccount($connection);
$REALSON = _GDiv($L[17]);
$_SESSION['TCA'] = false;
} else {
$REALSON = _RDiv($L[18]);
}
} else {
$_SESSION['TCA'] = true;
}
echo "\n <div class = 'text-center'>" . $REALSON . "\n <h2>" . $L[94] . "</h2>\n </div>\n <fieldset>\n <div class = 'charBox alert alert-error'>\n <table>\n <tr>\n <td width = '73'>\n <img class = 'img-rounded' src = '_template/img/_faces/0-0-0-0.png' border = 'none'>\n </td>\n <td width = '340'>\n <h4>" . $result['banreason'] . "</h4>\n <span class = ''>" . $L[165] . "</span>" . _AU_BAN_AUTHOR_STR($result['bannedby']) . "<br/>\n <span class = ''>" . $L[166] . "</span>" . $result['BAN_DATE'] . "<br/>\n <span class = ''>" . $L[167] . "</span>" . $result['UNBAN_DATE'] . "\n </td>\n </tr>\n </table>\n </div>\n <div class = 'charBox alert alert-success'>\n <table>\n <tr>\n <td width = '73'>\n <img class = 'img-rounded' src = '_template/img/_faces/0-0-0-0.png' border = 'none'>\n </td>\n <td width = '340'>\n <h4>" . $result['banreason'] . "</h4>\n <span class = ''>" . $L[165] . "</span>" . _AU_BAN_AUTHOR_STR($result['bannedby']) . "<br/>\n <span class = ''>" . $L[166] . "</span>" . $result['BAN_DATE'] . "<br/>\n <span class = ''>" . $L[167] . "</span>" . $L[168] . "\n </td>\n </tr>\n </table>\n </div>\n </fieldset>\n <fieldset>\n <form action = " . $_SERVER['PHP_SELF'] . " method = 'POST'>\n " . _BDiv(_PRICE_STR($PriceForUnban)) . "\n <div class = 'text-center'>\n <button class = 'btn btn-primary' type = 'submit'>" . _getPriceButtonSTR($PriceForUnban) . "</button>\n </div>\n </form>\n </fieldset>";
}
mysql_close($connection) or die(mysql_error());
include_once '_template/_footer.php';
ob_end_flush();
if (!_getUsername()) {
Header('Location: index.php');
}
if (!isset($_POST['cur_password']) || !isset($_POST['new_password']) || !isset($_POST['new_password2']) || empty($_POST['cur_password']) || empty($_POST['new_password']) || empty($_POST['new_password2'])) {
$reason = _BDiv($L[214]);
} else {
if ($_POST['new_password'] !== $_POST['new_password2']) {
$reason = _RDiv($L[211]);
} else {
$SHA1Password = SHA1Password(_getUsername(), _Z($_POST['cur_password']));
$SHA1PasswordNEW = SHA1Password(_getUsername(), _Z($_POST['new_password']));
$connection = _MySQLConnect($AccountDBHost, $DBUser, $DBPassword, $AccountDB);
$query = mysql_query("SELECT `id` FROM `account` WHERE `username` = '" . _getUsername() . "' AND `sha_pass_hash` = '" . _X($SHA1Password) . "';", $connection) or die(mysql_error());
$result = mysql_fetch_array($query);
if (!empty($result['id'])) {
mysql_query("UPDATE `account` SET `sha_pass_hash` = '" . _X($SHA1PasswordNEW) . "',`sessionkey` = '',`v` = '',`s` = '' WHERE `username` = '" . _getUsername() . "';", $connection) or die(mysql_error());
_SpendMythCoins(0, 13, "", 0, "", 0, "", $connection);
$reason = _BDiv($L[213]);
mysql_close($connection) or die(mysql_error());
} else {
$reason = _RDiv($L[212]);
mysql_close($connection) or die(mysql_error());
}
}
}
?>
<div class = 'text-center'>
<h2><?php
echo $L[93];
?>
</h2>
<?php
if (is_dir("_!_DELETE_AFTER_INSTALL_!_") && $_SERVER['REMOTE_ADDR'] != "127.0.0.1") {
die("DELETE INSTALATION FOLDER");
}
include_once '_template/_header.php';
if (_getUsername()) {
Header('Location: _userside.php');
}
if (!isset($_POST['username']) || !isset($_POST['password']) || !isset($_POST['CaptchaText']) || empty($_POST['username']) || empty($_POST['password']) || empty($_POST['CaptchaText'])) {
$REASON = _RDiv($L[147]);
} else {
if ($_SESSION['capcha'] != strtolower($_POST['CaptchaText'])) {
$REASON = _RDiv($L[145]);
} else {
$username = _Z($_POST['username']);
$SHA1Password = SHA1Password($username, _Z($_POST['password']));
$connection = _MySQLConnect($AccountDBHost, $DBUser, $DBPassword, $AccountDB);
$query = mysql_query("SELECT `id`,`username` FROM `account` WHERE `username` = '" . _X($username) . "' AND `sha_pass_hash` = '" . _X($SHA1Password) . "';", $connection) or die(mysql_error());
$result = mysql_fetch_array($query);
if (empty($result['username'])) {
$REASON = _RDiv($L[157]);
mysql_close($connection) or die(mysql_error());
} else {
$_SESSION['AccountID'] = $result['id'];
$_SESSION['AccountUN'] = strtoupper($result['username']);
$query = mysql_query("SELECT `id` FROM `account_details` WHERE `id` = " . (int) _getAccountID() . ";", $connection) or die(mysql_error());
$result = mysql_fetch_array($query);
if (empty($row[0])) {
mysql_query("INSERT IGNORE INTO `account_details`(`id`) VALUES (" . (int) _getAccountID() . ");", $connection) or die(mysql_error());
}
<?php
include_once '_template/_header.php';
if (!_getUsername()) {
Header('Location: index.php');
}
if (isset($_GET['CL'])) {
unset($_SESSION['R']);
}
$connection = _MySQLConnect($AccountDBHost, $DBUser, $DBPassword, $AccountDB);
if (_isGMAllowed($connection) && isset($_POST['HowMuch']) && isset($_POST['HowMuchReason'])) {
_modifyFirePoints($_POST['HowMuch'], _isset($_POST['HowMuchReason']) ? $_POST['HowMuchReason'] : _getUsername(), $connection, $_SESSION['R']['ID']);
}
_AH_FORM($connection, _isGMAllowed($connection));
mysql_close($connection) or die(mysql_error());
include_once '_template/_footer.php';
ob_end_flush();
function _AH_FORM($connection, $ADMIN_MODE = false)
{
global $L;
$RealmID = isset($_GET['R']) ? (int) $_GET['R'] : null;
$PostQuery = isset($_POST['U']) ? trim($_POST['U']) : null;
if (isset($PostQuery)) {
$PostQuery = !empty($PostQuery) ? $PostQuery : null;
}
$Done = null;
$H = $ADMIN_MODE ? $L[221] : $L[95];
$Q_STR = "SELECT DATE(`whenItDone`),`action`,`text`,`realmName`,`charName`,`myth_coins_spend`,`myth_coins_balance`,`IP`\n FROM `account_billing_history` ";
_getRealmArray($connection);
echo "\n <div class = 'text-center'>\n <h2>" . $H . "</h2>";
if ($ADMIN_MODE) {
