daily pastebin goal
27%
SHARE
TWEET

Untitled

a guest Jun 17th, 2017 71 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. session_start();
  3. $fail=false;
  4. function _htmlspecialchars($str)
  5. {
  6.     $str = preg_replace('/&(?!#[0-9]+;)/s', '&', $str);
  7.     $str = str_replace(array('<', '>', '"'), array('<', '>', '"'), $str);
  8.     return $str;
  9. }
  10.  
  11. $con = @mysql_connect($_SESSION['wwcmsv2install']['db_host'], $_SESSION['wwcmsv2install']['db_user'], $_SESSION['wwcmsv2install']['db_pass']) or $fail=true;
  12.  
  13. if ($fail)
  14. echo '&nbsp;&nbsp;<font color="red">'._htmlspecialchars($_GET['f']).'</font> ('.mysql_error().")";
  15. else
  16. {
  17.     if ($_SESSION['wwcmsv2install']['core']=='ArcEmu')
  18.     {
  19.         $sql1 = mysql_query("SELECT * FROM ". $_SESSION['wwcmsv2install']['logon_db'] .".accounts WHERE login='".$_POST['admin_username']."' LIMIT 1")or die(mysql_error());
  20.         if (mysql_num_rows($sql1)=='1')//account is found
  21.         {
  22.             //check password
  23.             $sql2=mysql_fetch_assoc($sql1);
  24.             if ($sql2['password']==$_POST['admin_password'])
  25.             {
  26.                 //user if confirmed, add him to website db with admin privilages
  27.                 mysql_query("INSERT INTO ". $_SESSION['wwcmsv2install']['web_db'] .".wwc2_users_more (acc_login,vp,userid,dp,gmlevel) VALUES ('".$sql2['login']."','0','".$sql2['acct']."','0','az')")or die(mysql_error());
  28.             }
  29.             else
  30.             {
  31.                 echo 'Admin password is wrong.';exit;
  32.             }
  33.         }
  34.         else //account is not found, create new one
  35.         {
  36.             mysql_query("INSERT INTO ". $_SESSION['wwcmsv2install']['logon_db'] .".accounts (login, password, gm) VALUES ('".$_POST['admin_username']."','".$_POST['admin_password']."','az')") or die(mysql_error());
  37.             $sql3 = mysql_query("SELECT * FROM ". $_SESSION['wwcmsv2install']['logon_db'] .".accounts WHERE login='".$_POST['admin_username']."' LIMIT 1")or die(mysql_error());
  38.             $sql4=mysql_fetch_assoc($sql3);
  39.             mysql_query("INSERT INTO ". $_SESSION['wwcmsv2install']['web_db'] .".wwc2_users_more (acc_login,vp,userid,dp,gmlevel) VALUES ('".$sql4['login']."','0','".$sql4['acct']."','0','az')")or die(mysql_error());
  40.            
  41.         }
  42.     }
  43.     elseif($_SESSION['wwcmsv2install']['core']=='Trinity' or $_SESSION['wwcmsv2install']['core']=='MaNGOS')
  44.     {
  45.         $enc_pass=sha1(strtoupper($_POST['admin_username'].':'.$_POST['admin_password']));
  46.         $sql1 = mysql_query("SELECT * FROM ". $_SESSION['wwcmsv2install']['logon_db'] .".account WHERE username='".$_POST['admin_username']."' LIMIT 1")or die(mysql_error());
  47.         if (mysql_num_rows($sql1)=='1')//account is found
  48.         {
  49.             //check password
  50.             $sql2=mysql_fetch_assoc($sql1);
  51.            
  52.             if ($sql2['sha_pass_hash']==$enc_pass)
  53.             {
  54.                 //user if confirmed, add him to website db with admin privilages
  55.                 mysql_query("INSERT INTO ". $_SESSION['wwcmsv2install']['web_db'] .".wwc2_users_more (acc_login,vp,userid,dp,gmlevel) VALUES ('".$sql2['username']."','0','".$sql2['id']."','0','4')")or die(mysql_error());
  56.             }
  57.             else
  58.             {
  59.                 echo 'Admin password is wrong.';exit;
  60.             }
  61.         }
  62.         else //account is not found, create new one
  63.         {
  64.             mysql_query("INSERT INTO ". $_SESSION['wwcmsv2install']['logon_db'] .".account (username, sha_pass_hash) VALUES ('".$_POST['admin_username']."','".$enc_pass."')") or die(mysql_error());
  65.             $sql3 = mysql_query("SELECT * FROM ". $_SESSION['wwcmsv2install']['logon_db'] .".account WHERE username='".$_POST['admin_username']."' LIMIT 1")or die(mysql_error());
  66.             $sql4=mysql_fetch_assoc($sql3);
  67.             mysql_query("INSERT INTO ". $_SESSION['wwcmsv2install']['web_db'] .".wwc2_users_more (acc_login,vp,userid,dp,gmlevel) VALUES ('".$sql4['username']."','0','".$sql4['id']."','0','az')")or die(mysql_error());
  68.            
  69.         }
  70.     }
  71.     else
  72.     {
  73.         echo "Unknown core.";exit;
  74.     }
  75.        
  76.        
  77.        
  78.        
  79.        
  80.        
  81.        
  82.     echo '<font color="green">Success!</font><br><br><input name="next" type="submit" value="'.$_GET['l'].' (7/8)"></form>';
  83. }
  84.  
  85. @mysql_close( $con );
  86. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top