<?phperror_reporting(0);$msg['prot'] = '<login><bSuccess>0</bSuccess><sMsg

1. <?php
2. error_reporting(0);
3.  
4. $msg['prot'] = '<login><bSuccess>0</bSuccess><sMsg><![CDATA[Your account has been disabled because of a violation of the Terms and Condition. If you believe this is an error, please contact Staff as soon as possible.</a></u>]]></sMsg></login>';
5. $msg['bann'] = '<login><bSuccess>0</bSuccess><sMsg><![CDATA[Your account has been disabled because of a violation of the Terms and Condition. If you believe this is an error, please contact Staff as soon as possible.</a></u>]]></sMsg></login>';
6. $msg['erro'] = '<login><bSuccess>0</bSuccess><sMsg><![CDATA[Please try again later. If you are seeing this messaage it means theres an problem that need to be fixed. Be patient]]></sMsg></login>';
7.  
8. /** Content Type is XML **/
9. header("Content-Type: text/xml");
10.  
11. $sql['host'] = 'localhost';
12. $sql['user'] = 'root';
13. $sql['pass'] = '';
14. $sql['name'] = 'eatl_db';
15.  
16. $con = mysqli_connect($sql['host'], $sql['user'], $sql['pass'], $sql['name']) or die($msg['erro']);
17. if(isset($_POST['strUsername'])) {
18.    $username = $con->real_escape_string(stripslashes($_POST['strUsername']));
19.    $password = md5($_POST['strPassword']);
20.  
21.    $ip = $_SERVER['REMOTE_ADDR'];
22.  
23.    $user_quer = $con->query('SELECT id,dUpgExp,iSendEmail,iAge,iUpg,iAccess,strEmail,iUpgDays FROM etl_users WHERE strUsername="'.$username.'" AND strPassword="'.$password.'" LIMIT 1');
24.    $user_info = $user_quer->fetch_assoc();
25.    $user_id = $user_info['id'];
26.  
27.    if ($user_quer->num_rows === 0) {
28.       print '<login bSuccess="0" sMsg="If you are seeing this, most likely you typed in your username or password wrong. If you see this screen after receiving a name change, most likely one of the Staff misspelled your new username. Please contact Staff as soon as possible."/>';
29.    } else {
30.       $chck_bann = $con->query('SELECT id,protection FROM etl_users_banned WHERE user_id='.$user_id.' AND active=1');
31.       if ($chck_bann->num_rows > 0) {
32.          $user_prot = $chck_bann->fetch_assoc();
33.          if($user_prot['protection'] === 1) {
34.             print $msg['prot'];
35.          } else {
36.             print $msg['bann'];
37.          }
38.       } else {
39.          $con->query('UPDATE etl_users SET login_ip='.$ip.' WHERE id='.$user_id);
40.          $upg_date = preg_replace('/\s+/', 'T', $user_info['dUpgExp']);
41.          /** Login Data **/
42.          print '<login bSuccess="1" userid="'.$user_id.'" iAccess="'.$user_info['iAccess'].'" iUpg="'.$user_info['iUpg'].'" iAge="'.$user_info['iAge'].'" sToken="'.$password.'" dUpgExp="'.$upg_date.'" iUpgDays="'.$user_info['iUpgDays'].'" iSendEmail="'.$user_info['iSendEmail'].'" strEmail="'.$user_info['strEmail'].'" bCCOnly="0">';
43.          /** List Servers **/
44.          $server_info_list = $con->query("SELECT * FROM etl_servers LIMIT 10");
45.          while ($server_info = $server_info_list->fetch_assoc()) {
46.             print '<servers sName="'. $server_info['sName'] .'" sIP="'. $server_info['sIP'] .'" iCount="'. $server_info['iCount'] .'" iMax="'. $server_info['iMax'] .'" bOnline="'. $server_info['bOnline'] .'" iChat="'. $server_info['iChat'] .'" bUpg="'. $server_info['bUpg'] .'" sLang="'. $server_info['sLang'] .'" />';
47.          }
48.          print '</login>';
49.          
50.       }
51.    }
52. } else {
53.    print '<login bSuccess="0" sMsg="Invalid Input"/>';
54. }
55. #0.0274
56. #0.0273
57. #0.0272
58. ?