Alıntı
<?php
if(!defined("NDB")){
die("Der Aufruf dieser Datei ist nicht gestattet!");
}

class validate {
public function __construct(){
$key = (isset($_GET['key'])) ? $_GET['key']:'';
if(!empty($key)){
$getData = NDB::getDB()->fetchArray(NDB::getDB()->sendquery("SELECT * FROM [WarZ].[dbo].[webValidate] WHERE [key]='".$key."'"));
if(!empty($getData['key'])){
switch($getData['type']){
case 'register':
$checkData = NDB::getDB()->count('[WarZ].[dbo].[Accounts]', "[Username]='".$getData['account']."' OR [email]='".$getData['email']."'");
if(!$checkData){
NDB::getDB()->sendquery("INSERT INTO [WarZ].[dbo].[Accounts]([email],[Username],[MD5Password],[dateregistered],[ReferralID],[lastlogindate],[lastloginIP],[SeQu],[SeAn]) VALUES('".$getData['email']."', '".$getData['account']."', '".$getData['pass']."', GETDATE(), '".$getData['refID']."', GETDATE(), '0.0.0.0', '".$getData['secretQuestions']."', '".$getData['secretAnswer']."');");
$getID = NDB::getDB()->fetchArray(NDB::getDB()->sendquery("SELECT * FROM [WarZ].[dbo].[Accounts] WHERE [email]='".$getData['email']."'"));
echo 'ID: '.$getID["CustomerID"];
NDB::getDB()->sendquery("INSERT INTO [WarZ].[dbo].[UsersData]([CustomerID],[AccountType],[dateregistered],[TradingDollars]) VALUES('".$getID['CustomerID']."', '2', GETDATE(), '0')");
NDB::getDB()->sendquery('exec FN_AddItemToUser '.$getID['CustomerID'].', 20174, 2000');
NDB::getDB()->sendquery('exec FN_AddItemToUser '.$getID['CustomerID'].', 20182, 2000');
NDB::getDB()->sendquery('exec FN_AddItemToUser '.$getID['CustomerID'].', 20184, 2000');
NDB::getDB()->sendquery("DELETE FROM [WarZ].[dbo].[webValidate] WHERE [email]='".$getData['email']."'");
NDB::Template()->setMSG('Thanks for Register, now you can Login and Play! Have Fun!', 'success', 'center');
}else{
NDB::Template()->setMSG('You already Registered!', 'error', 'center');
}
break;
case 'changemail':
$checkData = NDB::getDB()->count('[WarZ].[dbo].[Accounts]', "[Username]='".$getData['account']."' OR [email]='".$getData['email']."'");
if($checkData){
NDB::getDB()->sendquery("UPDATE [WarZ].[dbo].[Accounts] SET [email]='".$getData['email']."' WHERE [Username]='".$getData['account']."'");
NDB::getDB()->sendquery("DELETE FROM [WarZ].[dbo].[webValidate] WHERE [email]='".$getData['email']."'");
NDB::Template()->setMSG('Your E-Mail successfully changed!', 'success', 'center');
}else{
NDB::Template()->setMSG('Sorry, there is an Error in the System!', 'error', 'center');
}
break;
case 'changepass':
$checkData = NDB::getDB()->count('[WarZ].[dbo].[Accounts]', "[Username]='".$getData['account']."' OR [email]='".$getData['email']."'");
if($checkData){
NDB::getDB()->sendquery("UPDATE [WarZ].[dbo].[Accounts] SET [MD5Password]='".$getData['pass']."' WHERE [Username]='".$getData['account']."'");
NDB::getDB()->sendquery("DELETE FROM [WarZ].[dbo].[webValidate] WHERE [email]='".$getData['email']."'");
NDB::Template()->setMSG('Your Password successfully changed!', 'success', 'center');
}else{
NDB::Template()->setMSG('Sorry, there is an Error in the System!', 'error', 'center');
}
break;
}
}else{
NDB::Template()->setMSG('The given validation key is wrong!', 'error', 'center');
}
}else{
NDB::Template()->setMSG('<script>document.location = "/home/";</script>', 'info');
}
}
}
?>
SQL Kodu Budur