Blocking Accounts on web

[Cotizado]

like blocking the 1/1 from accessing the accountmanagement on web site

 

[Jotran]

like blocking the 1/1 from accessing the accountmanagement on web site

delete it from the database

 

[Evil Puncker]

delete it from the database

seems like he want to keep both acc manager and website to be able to register

 

[Jotran]

Would help if they posted the AAC version.. all I can do like anyone is give advice based on information provided

 

[Cotizado]

well i dont want to delete it cuz then it wont be able to log in game gesior 2012 lastest

 

[Jotran]

Since you said the latest this is Geisor 2012
Backup your visitors.php in the classes directory and save this in its place

<?php
if(!defined('INITIALIZED'))
    exit;

class Visitor
{
    const LOGINSTATE_NOT_TRIED = 1;
    const LOGINSTATE_NO_ACCOUNT = 2;
    const LOGINSTATE_WRONG_PASSWORD = 3;
    const LOGINSTATE_LOGGED = 4;

    private static $loginAccount;
    private static $loginPassword;
    private static $account;
    private static $loginState = self::LOGINSTATE_NOT_TRIED;

    public static function setAccount($value)
    {                        // if account name is 1 don't let them login
        $_SESSION['account'] = ($value != (1 || '1')) ? $value : null;
    }

    public static function setPassword($value)
    {                        // if account password is 1 don't let them login
        $_SESSION['password'] = ($value != (1 || '1')) ? $value : null;
    }

    public static function getAccount()
    {
        if(!isset(self::$account))
            self::loadAccount();
        return self::$account;
    }

    public static function loadAccount()
    {
        self::$account = new Account();
        if(!empty(self::$loginAccount))
        {
            self::$account->loadByName(self::$loginAccount);
            if(self::$account->isLoaded())
                if(self::$account->isValidPassword(self::$loginPassword))
                    self::$loginState = self::LOGINSTATE_LOGGED;
                else
                    self::$loginState = self::LOGINSTATE_WRONG_PASSWORD;
            else
                self::$loginState = self::LOGINSTATE_NO_ACCOUNT;
        }
        else
            self::$loginState = self::LOGINSTATE_NOT_TRIED;
        if(self::$loginState != self::LOGINSTATE_LOGGED)
            self::$account = new Account();
    }

    public static function isTryingToLogin()
    {
        return !empty(self::$loginAccount);
    }

    public static function getLoginState()
    {
        return self::$loginState;
    }


    public static function isLogged()
    {
        return self::isTryingToLogin() && self::getAccount()->isLoaded();
    }

    public static function login()
    {
        if(isset($_SESSION['account']))
            self::$loginAccount = $_SESSION['account'];
        if(isset($_SESSION['password']))
            self::$loginPassword = $_SESSION['password'];
    }

    public static function logout()
    {
        unset($_SESSION['account']);
        unset($_SESSION['password']);
        self::$loginAccount = null;
        self::$loginPassword = null;
        self::$account = new Account();
        self::$loginState = self::LOGINSTATE_NOT_TRIED;
    }

    public static function getIP()
    {
        return ip2long($_SERVER['REMOTE_ADDR']);
    }
}

 

[GOD Fito]

Just add this in accountmanagement.php

$acc_id = $account_logged->getId();
if($acc_id == 1) die("Access Denied!");

 

[Jotran]

I guess it doesn't matter

 

[Cotizado]

it didn't matter but i tested god fito's one and worked fine thanks both