$ip = GetRealIP();$bottom_scripts = ' <script src="libs/datatables/media/js/

1. $ip = GetRealIP();
2. $bottom_scripts = '
3. <script src="libs/datatables/media/js/jquery.dataTables.min.js"></script>
4. <script src="libs/datatables/media/js/dataTables.select.js"></script>
5. <script src="libs/datatables/media/js/dataTables.bootstrap.js"></script>
6. <script src="js/template/table_data.js"></script>';
7.  
8. if(empty($_GET['username'])){
9. $erreur = 'User not found';
10. $continue = false;
11. }else {
12. $req = $mysqli->query("SELECT * FROM ac_users WHERE username='".$_GET['username']."'");
13. $row = $req->num_rows;
14. if($row >= 1) {
15. $query = $req->fetch_assoc();
16. $continue = true;
17. }else {
18. $erreur = 'User not found';
19. $continue = false;
20. }
21. }
22.  
23. if(isset($_POST['add'])){
24. if(empty($_POST['mail']) OR $_POST['admin']){
25. $error = 'Fill empty';
26. }elseif($_POST['coins'] < 0 OR $_POST['coins'] > 10000){
27. $error = 'Error is occurrence';
28. }else{
29. if($_POST['package'] == 0){ $time = ""; }else { $time = strtotime($_POST['tempo']); }
30. if(!empty($_POST['password'])){
31. $salt = randomSalt(9);
32. $password_hash = hash('sha512', $salt.$_POST['password']);
33. $mysqli->query("UPDATE ac_users SET password = '".$password_hash."', salt = '".$salt."' WHERE username = '".$query['username']."'");
34. $mysqli->query("INSERT INTO ac_logs SET timestamp='".time()."', user='{$_SESSION['USER_ID']}', action='Password Change ".$query['username']."\'s account', ip_address='{$ip}'");
35. }
36. $mysqli->query("UPDATE ac_users SET mail = '".$_POST['mail']."', coins = '".$_POST['coins']."', package = '".$_POST['package']."', tempo = '".$time."', gyazo_logger = '".$_POST['gyazo_logger']."', admin = '".$_POST['admin']."' WHERE id= '".$query['id']."'");
37. $success = 'Account Edited.';
38. $mysqli->query("INSERT INTO ac_logs SET timestamp='".time()."', user='{$_SESSION['USER_ID']}', action='Edit of ".$query['username']."\'s account', ip_address='{$ip}'");
39. }
40. }