<?php if(!defined('BRAIN_CMS')) { die('Sorry but you cannot access this

1. <?php
2. if(!defined('BRAIN_CMS'))
3. {
4. die('Sorry but you cannot access this file!');
5. }
6. /*
7. Functions list Class User.
8. ---------------
9. checkUser();
10. hashed();
11. validName();
12. userData();
13. emailTaken();
14. userTaken();
15. refUser();
16. login();
17. login2faSetup();
18. login2fa();
19. register();
20. userRefClaim();
21. editPassword();
22. editEmail();
23. editHotelSettings();
24. editUsername();
25. */
26. class User
27. {
28. public static function checkUser($password, $passwordDb, $username)
29. {
30. global $dbh;
31. if (substr($passwordDb, 0, 1) == "$")
32. {
33. if (password_verify($password, $passwordDb))
34. {
35. return true;
36. }
37. return false;
38. }
39. else
40. {
41. $passwordBcrypt = self::hashed($password);
42. if (md5($password) == $passwordDb)
43. {
44. $stmt = $dbh->prepare("UPDATE users SET password = :password WHERE username = :username");
45. $stmt->bindParam(':username', $username);
46. $stmt->bindParam(':password', $passwordBcrypt);
47. $stmt->execute();
48. return true;
49. }
50. return false;
51. }
52. }
53. public static function hashed($password)
54. {
55. return password_hash($password, PASSWORD_BCRYPT);
56. }
57. public static function validName($username)
58. {
59. if(strlen($username) <= 12 && strlen($username) >= 3 && ctype_alnum($username))
60. {
61. return true;
62. }
63. return false;
64. }
65. public static function userData($key)
66. {
67. global $dbh,$config;
68. if (loggedIn())
69. {
70. if ($config['hotelEmu'] == 'arcturus')
71. {
72. if ( in_array($key, array('activity_points', 'vip_points')) )
73. {
74. switch($key)
75. {
76. case "activity_points":
77. $key = '0';
78. break;
79. case "vip_points":
80. $key = '5';
81. break;
82. default:
83. break;
84. }
85. $stmt = $dbh->prepare("SELECT ".$key.",user_id,type,amount FROM users_currency WHERE user_id = :id AND type = :type");
86. $stmt->bindParam(':id', $_SESSION['id']);
87. $stmt->bindParam(':type', $key);
88. $stmt->execute();
89. if ($stmt->RowCount() > 0)
90. {
91. $row = $stmt->fetch();
92. return $row['amount'];
93. }
94. else
95. {
96. return '0';
97. }
98. }
99. else
100. {
101. $stmt = $dbh->prepare("SELECT ".$key." FROM users WHERE id = :id");
102. $stmt->bindParam(':id', $_SESSION['id']);
103. $stmt->execute();
104. $row = $stmt->fetch();
105. return filter($row[$key]);
106. }
107. }
108. else
109. {
110. $stmt = $dbh->prepare("SELECT ".$key." FROM users WHERE id = :id");
111. $stmt->bindParam(':id', $_SESSION['id']);
112. $stmt->execute();
113. $row = $stmt->fetch();
114. return filter($row[$key]);
115. }
116. }
117. if ($_SESSION['2fa_status'] == 1) {
118. $stmt = $dbh->prepare("SELECT ".$key." FROM users WHERE id = :id");
119. $stmt->bindParam(':id', $_SESSION['id']);
120. $stmt->execute();
121. $row = $stmt->fetch();
122. return filter($row[$key]);
123. }
124. }
125. public static function emailTaken($email)
126. {
127. global $dbh;
128. $stmt = $dbh->prepare("SELECT mail FROM users WHERE mail = :email LIMIT 1");
129. $stmt->bindParam(':email', $email);
130. $stmt->execute();
131. if ($stmt->RowCount() > 0)
132. {
133. return true;
134. }
135. else
136. {
137. return false;
138. }
139. }
140. public static function userTaken($username)
141. {
142. global $dbh;
143. $stmt = $dbh->prepare("SELECT username FROM users WHERE username = :username LIMIT 1");
144. $stmt->bindParam(':username', $username);
145. $stmt->execute();
146. if ($stmt->RowCount() > 0)
147. {
148. return true;
149. }
150. else
151. {
152. return false;
153. }
154. }
155. public static function refUser($refUsername)
156. {
157. global $dbh, $lang;
158. $getUsernameRef = $dbh->prepare("SELECT username,ip_reg FROM users WHERE username = :username LIMIT 1");
159. $getUsernameRef->bindParam(':username', $refUsername);
160. $getUsernameRef->execute();
161. $getUsernameRefData = $getUsernameRef->fetch();
162. if ($getUsernameRef->RowCount() > 0)
163. {
164. if ($getUsernameRefData['ip_reg'] == userIp())
165. {
166. //html::error($lang["RsameIpRef"]);
167. echo 'ref_error';
168. }
169. else
170. {
171. return true;
172. }
173. }
174. else
175. {
176. html::error($lang["RnotExist"]);
177. return false;
178. }
179. }
180. public static function login()
181. {
182. global $dbh,$config,$lang,$emuUse;
183. if (isset($_POST['login']))
184. {
185. if (!empty($_POST['username']))
186. {
187. if (!empty($_POST['password']))
188. {
189. $stmt = $dbh->prepare("SELECT id, password, username, rank, 2fa_status FROM users WHERE username = :username");
190. $stmt->bindParam(':username', $_POST['username']);
191. $stmt->execute();
192. if ($stmt->RowCount() == 1)
193. {
194. $row = $stmt->fetch();
195. if (self::checkUser($_POST['password'], $row['password'],$row['username']))
196. {
197. if ($row['2fa_status'] == '1')
198. {
199. $_SESSION['2fa_status'] = 1;
200. $_SESSION['id'] = $row['id'];
201. }
202. if (!$config['maintenance'] == true)
203. {
204. $userUpdateIp = $dbh->prepare("UPDATE users SET ".$emuUse['ip_last']." = :userip WHERE id = :id");
205. $userUpdateIp->bindParam(':id', $row['id']);
206. $userUpdateIp->bindParam(':userip', userIp());
207. $userUpdateIp->execute();
208. //User Session Log//
209. $insertUserSession = $dbh->prepare("
210. INSERT INTO
211. user_session_log
212. (userid,ip,date,browser)
213. VALUES
214. (
215. :userid,
216. :ip,
217. :date,
218. :browser
219. )");
220. $insertUserSession->bindParam(':userid', $row['id']);
221. $insertUserSession->bindParam(':ip', userIp());
222. $insertUserSession->bindParam(':date', strtotime('now'));
223. $insertUserSession->bindParam(':browser', $_SERVER['HTTP_USER_AGENT']);
224. $insertUserSession->execute();
225. if ($row['2fa_status'] == '1')
226. {
227. header('Location: '.$config['hotelUrl'].'/login2fa');
228. } else {
229. $_SESSION['2fa_status'] = 2;
230. $_SESSION['id'] = $row['id'];
231. header('Location: '.$config['hotelUrl'].'/me');
232. }
233. }
234. else
235. {
236. if ($row['rank'] >= $config['maintenancekMinimumRankLogin'])
237. {
238. $_SESSION['adminlogin'] = true;
239. $_SESSION['2fa_status'] = 2;
240. $_SESSION['id'] = $row['id'];
241. header('Location: '.$config['hotelUrl'].'/me');
242. }
243. return html::error($lang["Mnologin"]);
244. }
245. }
246. return html::error($lang["Lpasswordwrong"]);
247. }
248. return html::error($lang["Lnotexistuser"]);
249. }
250. return html::error($lang["Lnopassword"]);
251. }
252. return html::error($lang["Lnousername"]);
253. }
254. }
255. public static function login2faSetup()
256. {
257. global $dbh,$config,$lang;
258. $pga = new GoogleAuthenticator();
259. if (empty(User::userData('google_secret_code'))) {
260. $secretCode = $pga->createSecret();
261. $secretCodeSql = $dbh->prepare("UPDATE users SET google_secret_code = :code WHERE id = :id");
262. $secretCodeSql->bindParam(':code', $secretCode);
263. $secretCodeSql->bindParam(':id', User::userData('id'));
264. $secretCodeSql->execute();
265. }
266. $qr_code = $pga->getQRCodeGoogleUrl(User::userData('mail'), User::userData('google_secret_code'), $config['hotelName']);
267. if (isset($_POST['btnValidate'])) {
268. $code = filter($_POST['code']);
269. if ($code == "") {
270. return html::error($lang['errorCode2']);
271. }
272. else
273. {
274. if($pga->verifyCode(User::userData('google_secret_code'), $code, 2))
275. {
276. $status2FA = $dbh->prepare("UPDATE users SET 2fa_status = 1 WHERE id = :id");
277. $status2FA->bindParam(':id', User::userData('id'));
278. $status2FA->execute();
279. header("Location: {$config['hotelUrl']}/settings2fa/3");
280. return html::error($lang['succes2']);
281. }
282. else
283. {
284. return html::error($lang['errorScanCode2']);
285. }
286. }
287. }
288. }
289. public static function login2fa()
290. {
291. global $config,$lang;
292. $fa = new GoogleAuthenticator();
293. if (isset($_POST['sent2facode'])) {
294. $code = $_POST['code'];
295. if ($code == "") {
296. return html::error('Please enter authentication code to validated!');
297. }
298. else
299. {
300. if($fa->verifyCode(User::userData('google_secret_code'), $code, 2))
301. {
302. $_SESSION['2fa_status'] = 2;
303. $_SESSION['id'] = User::userData('id');
304. header('Location: '.$config['hotelUrl'].'/me');
305. }
306. else
307. {
308. return html::error($lang['invalidCode']);
309. }
310. }
311. }
312. }
313. public static function register()
314. {
315. $userRealIp = userIp();
316. global $config, $lang, $dbh,$emuUse;
317. if (isset($_POST['register']))
318. {
319. if ($config['registerEnable'] == true)
320. {
321. if (!empty($_POST['username']))
322. {
323. if (self::validName($_POST['username']))
324. {
325. if (!empty($_POST['password']))
326. {
327. if (!empty($_POST['password_repeat']))
328. {
329. if (!empty($_POST['email']))
330. {
331. if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
332. {
333. if (!self::userTaken($_POST['username']))
334. {
335. if (!self::emailTaken($_POST['email']))
336. {
337. if (strlen($_POST['password']) >= 6)
338. {
339. if ($_POST['password'] == $_POST['password_repeat'])
340. {
341. $stmt = $dbh->prepare("SELECT ".$emuUse['ip_last']." FROM users WHERE ".$emuUse['ip_last']." = :userip");
342. $stmt->bindParam(':userip', userIp());
343. $stmt->execute();
344. if ($stmt->RowCount() < 4)
345. {
346. if (self::refUser($_POST['referrer']) || empty($_POST['referrer']))
347. {
348. if(!$config['recaptchaSiteKeyEnable'] == true)
349. {
350. $_POST['g-recaptcha-response'] = true;
351. }
352. if ($_POST['g-recaptcha-response'])
353. {
354. $motto = filter($_POST['motto'] );
355. $avatar = filter($_POST['avatar']);
356. $password = self::hashed($_POST['password']);
357. if ($config['hotelEmu'] == 'arcturus')
358. {
359. $addNewUser = $dbh->prepare("
360. INSERT INTO
361. users
362. (username, password, rank, auth_ticket, motto, account_created, last_online, mail, look, ip_current, ip_register, credits)
363. VALUES
364. (
365. :username,
366. :password,
367. '1',
368. :sso,
369. :motto,
370. :time,
371. :last_online,
372. :email,
373. 'hr-115-40.lg-281-1408.hd-190-10.ch-215-1408.sh-295-64',
374. :userip,
375. :userip,
376. :credits
377. )");
378. $addNewUser->bindParam(':username', $_POST['username']);
379. $addNewUser->bindParam(':password', $password);
380. $addNewUser->bindParam(':motto', $motto);
381. $addNewUser->bindParam(':sso', game::sso('register'));
382. $addNewUser->bindParam(':email', $_POST['email']);
383. $addNewUser->bindParam(':avatar', $avatar);
384. $addNewUser->bindParam(':credits', $config['credits']);
385. $addNewUser->bindParam(':userip', userIp());
386. $addNewUser->bindParam(':time', strtotime('now'));
387. $addNewUser->bindParam(':last_online', strtotime('now'));
388. $addNewUser->execute();
389. if (!$addNewUser) {
390. echo "\nPDO::errorInfo():\n";
391. print_r($addNewUser->errorInfo());
392. }
393. }
394. else
395. {
396. $addNewUser = $dbh->prepare("
397. INSERT INTO
398. users
399. (username, password, rank, auth_ticket, motto, account_created, last_online, mail, look, ip_last, ip_reg, credits, activity_points, vip_points)
400. VALUES
401. (
402. :username,
403. :password,
404. '1',
405. :sso,
406. :motto,
407. :time,
408. :last_online,
409. :email,
410. :avatar,
411. :userip,
412. :userip,
413. :credits,
414. :duckets,
415. :diamonds
416. )");
417. $addNewUser->bindParam(':username', $_POST['username']);
418. $addNewUser->bindParam(':password', $password);
419. $addNewUser->bindParam(':motto', $motto);
420. $addNewUser->bindParam(':sso', game::sso('register'));
421. $addNewUser->bindParam(':email', $_POST['email']);
422. $addNewUser->bindParam(':avatar', $avatar);
423. $addNewUser->bindParam(':credits', $config['credits']);
424. $addNewUser->bindParam(':duckets', $config['duckets']);
425. $addNewUser->bindParam(':diamonds', $config['diamonds']);
426. $addNewUser->bindParam(':userip', userIp());
427. $addNewUser->bindParam(':time', strtotime('now'));
428. $addNewUser->bindParam(':last_online', strtotime('now'));
429. $addNewUser->execute();
430. }
431. $lastId = $dbh->lastInsertId();
432. //User referrer//
433. if (!empty($_POST['referrer']))
434. {
435. $getUserRef = $dbh->prepare("SELECT id,username FROM users WHERE username = :username LIMIT 1");
436. $getUserRef->bindParam(':username', $_POST['referrer']);
437. $getUserRef->execute();
438. $getInfoRefUser = $getUserRef->fetch();
439. $addRef = $dbh->prepare("
440. INSERT INTO
441. referrer
442. (userid, refid,diamonds)
443. VALUES
444. (
445. :lastid,
446. :refid,
447. :diamonds
448. )");
449. $addRef->bindParam(':lastid', $lastId);
450. $addRef->bindParam(':refid', $getInfoRefUser['id']);
451. $addRef->bindParam(':diamonds', $config['diamondsRef']);
452. $addRef->execute();
453. $stmt = $dbh->prepare("SELECT*FROM referrerbank WHERE userid = :id LIMIT 1");
454. $stmt->bindParam(':id', $getInfoRefUser['id']);
455. $stmt->execute();
456. if ($stmt->RowCount() == 0)
457. {
458. $addDiamondsRow = $dbh->prepare("
459. INSERT INTO
460. referrerbank
461. (userid,diamonds)
462. VALUES
463. (
464. :lastid,
465. :diamonds
466. )");
467. $addDiamondsRow->bindParam(':lastid', $getInfoRefUser['id']);
468. $addDiamondsRow->bindParam(':diamonds', $config['diamondsRef']);
469. $addDiamondsRow->execute();
470. }
471. else
472. {
473. $addDiamonds = $dbh->prepare("
474. UPDATE referrerbank SET
475. diamonds=diamonds + :diamonds
476. WHERE
477. userid=:lastid
478. ");
479. $addDiamonds->bindParam(':lastid', $getInfoRefUser['id']);
480. $addDiamonds->bindParam(':diamonds', $config['diamondsRef']);
481. $addDiamonds->execute();
482. }
483. $_SESSION['id'] = $lastId;
484. $insertUserSession = $dbh->prepare("
485. INSERT INTO
486. user_session_log
487. (userid,ip,date,browser)
488. VALUES
489. (
490. :userid,
491. :ip,
492. :date,
493. :browser
494. )");
495. $insertUserSession->bindParam(':userid', $_SESSION['id']);
496. $insertUserSession->bindParam(':ip', userIp());
497. $insertUserSession->bindParam(':date', strtotime('now'));
498. $insertUserSession->bindParam(':browser', $_SERVER['HTTP_USER_AGENT']);
499. $insertUserSession->execute();
500. $_SESSION['2fa_status'] = 2;
501. echo 'succes';
502. return;
503. }
504. //User referrer//
505. else
506. {
507. $_SESSION['id'] = $lastId;
508. $insertUserSession = $dbh->prepare("
509. INSERT INTO
510. user_session_log
511. (userid,ip,date,browser)
512. VALUES
513. (
514. :userid,
515. :ip,
516. :date,
517. :browser
518. )");
519. $insertUserSession->bindParam(':userid', $_SESSION['id']);
520. $insertUserSession->bindParam(':ip', userIp());
521. $insertUserSession->bindParam(':date', strtotime('now'));
522. $insertUserSession->bindParam(':browser', $_SERVER['HTTP_USER_AGENT']);
523. $insertUserSession->execute();
524. $_SESSION['2fa_status'] = 2;
525. echo 'succes';
526. return;
527. }
528. }
529. else
530. {
531. echo 'robot';
532. return;
533. }
534. }
535. }
536. else
537. {
538. echo 'to_many_ip';
539. return;
540. }
541. }
542. else
543. {
544. echo 'password_repeat_error';
545. return;
546. }
547. }
548. else
549. {
550. echo 'short_password';
551. return;
552. }
553. }
554. else
555. {
556. echo 'used_email';
557. return;
558. }
559. }
560. else
561. {
562. echo 'used_username';
563. return;
564. }
565. }
566. else
567. {
568. echo 'valid_email';
569. return;
570. }
571. }
572. else
573. {
574. echo 'empty_email';
575. return;
576. }
577. }
578. else
579. {
580. echo 'empty_password_repeat';
581. return;
582. }
583. }
584. else
585. {
586. echo 'empty_password';
587. return;
588. }
589. }
590. else
591. {
592. echo 'empty_username';
593. return;
594. }
595. }
596. else
597. {
598. echo 'empty_username';
599. return;
600. }
601. }
602. else
603. {
604. echo 'register_disable';
605. return;
606. }
607. }
608. }
609. public static function userRefClaim()
610. {
611. global $dbh, $lang;
612. if (isset($_POST['claimdiamonds']))
613. {
614. if (User::userData('online') == 0)
615. {
616. $bankCount = $dbh->prepare("SELECT userid,diamonds FROM referrerbank WHERE userid = :userid");
617. $bankCount->bindParam(':userid', $_SESSION['id']);
618. $bankCount->execute();
619. $bankCountData = $bankCount->fetch();
620. if ($bankCountData['diamonds'] == 0)
621. {
622. return html::error($lang["MrefNoDia"]);
623. }
624. else
625. {
626. $addDiamondsRef = $dbh->prepare("
627. UPDATE users SET
628. vip_points=vip_points + :diamonds
629. WHERE
630. id=:id
631. ");
632. $addDiamondsRef->bindParam(':id', $_SESSION['id']);
633. $addDiamondsRef->bindParam(':diamonds', $bankCountData['diamonds']);
634. $addDiamondsRef->execute();
635. $DiamondsCountRemove = $dbh->prepare("
636. UPDATE referrerbank SET
637. diamonds = 0
638. WHERE
639. userid=:userid
640. ");
641. $DiamondsCountRemove->bindParam(':userid', $_SESSION['id']);
642. $DiamondsCountRemove->execute();
643. return html::errorSucces($lang["MrefOnline"]);
644. }
645. }
646. else
647. {
648. return html::error('Je mag niet online zijn om je diamanten te claimen!');
649. }
650. }
651. }
652. Public static function editPassword()
653. {
654. global $dbh,$lang;
655. if (isset($_POST['password']))
656. {
657. if (isset($_POST['oldpassword']) && !empty($_POST['oldpassword']))
658. {
659. if (isset($_POST['newpassword']) && !empty($_POST['newpassword']))
660. {
661. $stmt = $dbh->prepare("SELECT id, password, username FROM users WHERE id = :id");
662. $stmt->bindParam(':id', $_SESSION['id']);
663. $stmt->execute();
664. $getInfo = $stmt->fetch();
665. if (self::checkUser(filter($_POST['oldpassword']), $getInfo['password'], filter($getInfo['username'])))
666. {
667. if (strlen($_POST['newpassword']) >= 6)
668. {
669. $newPassword = self::hashed($_POST['newpassword']);
670. $stmt = $dbh->prepare("
671. UPDATE
672. users
673. SET password =
674. :newpassword
675. WHERE id =
676. :id
677. ");
678. $stmt->bindParam(':newpassword', $newPassword);
679. $stmt->bindParam(':id', $_SESSION['id']);
680. $stmt->execute();
681. return html::errorSucces($lang["Ppasswordchanges"]);
682. }
683. else
684. {
685. return html::error($lang["Ppasswordshort"]);
686. }
687. }
688. else
689. {
690. return html::error($lang["Poldpasswordwrong"]);
691. }
692. }
693. else
694. {
695. return html::error('Je nieuwe wachtwoord is leeg!');
696. }
697. }
698. else
699. {
700. return html::error('Oude wachtwoord is leeg!');
701. }
702. }
703. }
704. Public static function editEmail()
705. {
706. global $lang,$dbh;
707. if (isset($_POST['account']))
708. {
709. if (isset($_POST['email']) && !empty($_POST['email']))
710. {
711. if (isset($_POST['oldpassword']) && !empty($_POST['oldpassword']))
712. {
713. if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
714. {
715. if (!self::emailTaken($_POST['email']))
716. {
717. $stmt = $dbh->prepare("SELECT id, password, username FROM users WHERE id = :id");
718. $stmt->bindParam(':id', $_SESSION['id']);
719. $stmt->execute();
720. $getInfo = $stmt->fetch();
721. if (self::checkUser(filter($_POST['oldpassword']), $getInfo['password'], filter($getInfo['username'])))
722. {
723. $stmt = $dbh->prepare("
724. UPDATE
725. users
726. SET mail =
727. :newmail
728. WHERE id =
729. :id
730. ");
731. $stmt->bindParam(':newmail', $_POST['email']);
732. $stmt->bindParam(':id', $_SESSION['id']);
733. $stmt->execute();
734. return html::errorSucces($lang["Eemailchanges"]);
735. }
736. else
737. {
738. return html::error('Je wachtwoord is verkeerd!');
739. }
740. }
741. else
742. {
743. return html::error($lang["Eemailexists"]);
744. }
745. }
746. else
747. {
748. return html::error($lang["Eemailnotallowed"]);
749. }
750. }
751. else
752. {
753. return html::error('Wachtwoord is leeg!');
754. }
755. }
756. else
757. {
758. return html::error($lang["Enoemail"]);
759. }
760. }
761. }
762. Public static function editHotelSettings()
763. {
764. global $lang,$dbh;
765. if (isset($_POST['hinstellingenv']))
766. {
767. $stmt = $dbh->prepare("
768. UPDATE
769. users
770. SET ignore_invites =
771. :hinstellingenv
772. WHERE id =
773. :id
774. ");
775. $stmt->bindParam(':hinstellingenv', $_POST['hinstellingenv']);
776. $stmt->bindParam(':id', $_SESSION['id']);
777. $stmt->execute();
778. }
779. if (isset($_POST['hinstellingenl']))
780. {
781. $stmt = $dbh->prepare("
782. UPDATE
783. users
784. SET allow_mimic =
785. :hinstellingenl
786. WHERE id =
787. :id
788. ");
789. $stmt->bindParam(':hinstellingenl', $_POST['hinstellingenl']);
790. $stmt->bindParam(':id', $_SESSION['id']);
791. $stmt->execute();
792. }
793. if (isset($_POST['hinstellingeno']))
794. {
795. $stmt = $dbh->prepare("
796. UPDATE
797. users
798. SET hide_online =
799. :hinstellingeno
800. WHERE id =
801. :id
802. ");
803. $stmt->bindParam(':hinstellingeno', $_POST['hinstellingeno']);
804. $stmt->bindParam(':id', $_SESSION['id']);
805. $stmt->execute();
806. }
807. if (isset($_POST['hotelsettings']))
808. {
809. return html::errorSucces($lang["Hchanges"]);
810. }
811. }
812. Public static function editUsername()
813. {
814. global $lang,$dbh;
815. if (isset($_POST['editusername']))
816. {
817. if(!User::userData('fbenable') == 1)
818. {
819. if(!self::userTaken($_POST['username']))
820. {
821. if(self::validName($_POST['username']))
822. {
823. $stmt = $dbh->prepare("UPDATE users SET username = :username, fbenable = '1' WHERE id = :id");
824. $stmt->bindParam(':username', $_POST['username']);
825. $stmt->bindParam(':id', $_SESSION['id']);
826. $stmt->execute();
827. header('Location: '.$config['hotelUrl'].'/me');
828. }
829. else
830. {
831. return html::error($lang["Cusernameshort"]);
832. }
833. }
834. else
835. {
836. return html::error($lang["Cusernameused"]);
837. }
838. }
839. else
840. {
841. return html::error($lang["Cchangeno"]);
842. }
843. }
844. }
845. }