From 12c5b431cb184f4086a4bd297e483ade5aa984e2 Mon Sep 17 00:00:00 2001
From: Lncvrt <lncvrtreal@gmail.com>
Date: Wed, 31 Dec 2025 16:46:54 -0700
Subject: [PATCH] Remove ability to change account password or username or
 register on 1.8.2 and below

---
 .../backported/1.2-beta2/registerAccount.php  | 45 --------------
 database/backported/1.21/registerAccount.php  | 45 --------------
 .../1.3-beta1/changeAccountUsername.php       | 52 -----------------
 .../1.3-beta2/changeAccountUsername.php       | 52 -----------------
 database/backported/1.5/registerAccount.php   | 42 --------------
 database/changeAccountPassword.php            | 58 ++++++-------------
 database/changeAccountUsername.php            | 58 +++++--------------
 database/registerAccount.php                  | 58 ++++---------------
 8 files changed, 45 insertions(+), 365 deletions(-)
 delete mode 100644 database/backported/1.2-beta2/registerAccount.php
 delete mode 100644 database/backported/1.21/registerAccount.php
 delete mode 100644 database/backported/1.3-beta1/changeAccountUsername.php
 delete mode 100644 database/backported/1.3-beta2/changeAccountUsername.php
 delete mode 100644 database/backported/1.5/registerAccount.php

diff --git a/database/backported/1.2-beta2/registerAccount.php b/database/backported/1.2-beta2/registerAccount.php
deleted file mode 100644
index 6502e83..0000000
--- a/database/backported/1.2-beta2/registerAccount.php
+++ /dev/null
@@ -1,45 +0,0 @@
-<?php
-$conn = newConnection();
-
-$username = $_POST['username'] ?? '';
-$password = $_POST['password'] ?? '';
-$email = $_POST['email'] ?? '';
-
-if (empty($username) || empty($password) || empty($email)) {
-    exit("-2");
-}
-
-if (!preg_match('/^[a-zA-Z0-9]{3,16}$/', $username)) {
-    exit("-3");
-}
-
-if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
-    exit("-4");
-}
-
-if (!preg_match('/^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d!@#$%^&*()_\-+=]{8,}$/', $password)) {
-    exit("-5");
-}
-
-$stmt = $conn->prepare("SELECT id FROM users WHERE username = ? OR email = ?");
-$stmt->bind_param("ss", $username, $email);
-$stmt->execute();
-$res = $stmt->get_result();
-
-if ($res->num_rows > 0) {
-    exit("-7");
-}
-
-$hashed = password_hash($password, PASSWORD_DEFAULT);
-$token = bin2hex(random_bytes(256));
-$ip = getIPAddress();
-$time = time();
-
-$stmt = $conn->prepare("INSERT INTO users (token, username, password, email, register_time, latest_ip) VALUES (?, ?, ?, ?, ?, ?)");
-$stmt->bind_param("ssssis", $token, $username, $hashed, $email, $time, $ip);
-$stmt->execute();
-
-$stmt->close();
-$conn->close();
-
-echo '1';
\ No newline at end of file
diff --git a/database/backported/1.21/registerAccount.php b/database/backported/1.21/registerAccount.php
deleted file mode 100644
index 4681917..0000000
--- a/database/backported/1.21/registerAccount.php
+++ /dev/null
@@ -1,45 +0,0 @@
-<?php
-$conn = newConnection();
-
-$username = $_POST['username'] ?? '';
-$password = $_POST['password'] ?? '';
-$email = $_POST['email'] ?? '';
-
-if (empty($username) || empty($password) || empty($email)) {
-    exit("-2");
-}
-
-if (!preg_match('/^[a-zA-Z0-9]{3,16}$/', $username)) {
-    exit("-3");
-}
-
-if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
-    exit("-4");
-}
-
-if (!preg_match('/^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d!@#$%^&*()_\-+=]{8,}$/', $password)) {
-    exit("-5");
-}
-
-$stmt = $conn->prepare("SELECT id FROM users WHERE username = ? OR email = ?");
-$stmt->bind_param("ss", $username, $email);
-$stmt->execute();
-$res = $stmt->get_result();
-
-if ($res->num_rows > 0) {
-    exit("-8");
-}
-
-$hashed = password_hash($password, PASSWORD_DEFAULT);
-$token = bin2hex(random_bytes(256));
-$ip = getIPAddress();
-$time = time();
-
-$stmt = $conn->prepare("INSERT INTO users (token, username, password, email, register_time, latest_ip) VALUES (?, ?, ?, ?, ?, ?)");
-$stmt->bind_param("ssssis", $token, $username, $hashed, $email, $time, $ip);
-$stmt->execute();
-
-$stmt->close();
-$conn->close();
-
-echo '1';
\ No newline at end of file
diff --git a/database/backported/1.3-beta1/changeAccountUsername.php b/database/backported/1.3-beta1/changeAccountUsername.php
deleted file mode 100644
index e81acba..0000000
--- a/database/backported/1.3-beta1/changeAccountUsername.php
+++ /dev/null
@@ -1,52 +0,0 @@
-<?php
-$conn = newConnection();
-
-$userID = isset($_POST['userID']) ? $_POST['userID'] : '';
-$current_password = isset($_POST['currentPassword']) ? $_POST['currentPassword'] : '';
-$new_username = isset($_POST['newUsername']) ? $_POST['newUsername'] : '';
-
-if (empty($userID) || empty($new_username) || empty($current_password)) {
-    die("-2");
-}
-
-if (!preg_match('/^[a-zA-Z0-9]{3,16}$/', $new_username)) {
-    die("-3");
-}
-
-$stmt = $conn->prepare("SELECT * FROM users WHERE id = ?");
-$stmt->bind_param("s", $userID);
-
-$stmt->execute();
-
-$result = $stmt->get_result();
-
-if ($result->num_rows > 0) {
-    $user = $result->fetch_assoc();
-    if (!password_verify($current_password, $user['password'])) {
-        die("-4");
-    }
-} else {
-    die("-5");
-}
-
-$stmt = $conn->prepare("SELECT * FROM users WHERE username = ?");
-$stmt->bind_param("s", $new_username);
-
-$stmt->execute();
-
-$result = $stmt->get_result();
-
-if ($result->num_rows > 0) {
-    die("-6");
-}
-
-$stmt = $conn->prepare("UPDATE users SET username = ? WHERE id = ?");
-$stmt->bind_param("ss", $new_username, $userID);
-
-$stmt->execute();
-$stmt->close();
-$conn->close();
-
-echo '1';
-
-?>
\ No newline at end of file
diff --git a/database/backported/1.3-beta2/changeAccountUsername.php b/database/backported/1.3-beta2/changeAccountUsername.php
deleted file mode 100644
index 6a52588..0000000
--- a/database/backported/1.3-beta2/changeAccountUsername.php
+++ /dev/null
@@ -1,52 +0,0 @@
-<?php
-$conn = newConnection();
-
-$username = isset($_POST['username']) ? $_POST['username'] : '';
-$current_password = isset($_POST['currentPassword']) ? $_POST['currentPassword'] : '';
-$new_username = isset($_POST['newUsername']) ? $_POST['newUsername'] : '';
-
-if (empty($username) || empty($new_username) || empty($current_password)) {
-    die("-2");
-}
-
-if (!preg_match('/^[a-zA-Z0-9]{3,16}$/', $new_username)) {
-    die("-3");
-}
-
-$stmt = $conn->prepare("SELECT * FROM users WHERE username = ?");
-$stmt->bind_param("s", $username);
-
-$stmt->execute();
-
-$result = $stmt->get_result();
-
-if ($result->num_rows > 0) {
-    $user = $result->fetch_assoc();
-    if (!password_verify($current_password, $user['password'])) {
-        die("-6");
-    }
-} else {
-    die("-7");
-}
-
-$stmt = $conn->prepare("SELECT * FROM users WHERE username = ?");
-$stmt->bind_param("s", $new_username);
-
-$stmt->execute();
-
-$result = $stmt->get_result();
-
-if ($result->num_rows > 0) {
-    die("-8");
-}
-
-$stmt = $conn->prepare("UPDATE users SET username = ? WHERE username = ?");
-$stmt->bind_param("ss", $new_username, $username);
-
-$stmt->execute();
-$stmt->close();
-$conn->close();
-
-echo '1';
-
-?>
\ No newline at end of file
diff --git a/database/backported/1.5/registerAccount.php b/database/backported/1.5/registerAccount.php
deleted file mode 100644
index 4aaaa2b..0000000
--- a/database/backported/1.5/registerAccount.php
+++ /dev/null
@@ -1,42 +0,0 @@
-<?php
-$conn = newConnection();
-
-$post = getPostData();
-$username = $post['username'] ?? '';
-$password = $post['password'] ?? '';
-$email = $post['email'] ?? '';
-
-if (!preg_match('/^[a-zA-Z0-9]{3,16}$/', $username)) {
-    exitWithMessage("-1");
-}
-
-if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
-    exitWithMessage("-2");
-}
-
-if (!preg_match('/^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d!@#$%^&*()_\-+=]{8,}$/', $password)) {
-    exitWithMessage("-3");
-}
-
-$stmt = $conn->prepare("SELECT id FROM users WHERE username = ? OR email = ?");
-$stmt->bind_param("ss", $username, $email);
-$stmt->execute();
-$res = $stmt->get_result();
-
-if ($res->num_rows > 0) {
-    exitWithMessage("-4");
-}
-
-$hashed = password_hash($password, PASSWORD_DEFAULT);
-$token = bin2hex(random_bytes(256));
-$ip = getIPAddress();
-$time = time();
-
-$stmt = $conn->prepare("INSERT INTO users (token, username, password, email, register_time, latest_ip) VALUES (?, ?, ?, ?, ?, ?)");
-$stmt->bind_param("ssssis", $token, $username, $hashed, $email, $time, $ip);
-$stmt->execute();
-
-$stmt->close();
-$conn->close();
-
-echo encrypt("1");
diff --git a/database/changeAccountPassword.php b/database/changeAccountPassword.php
index 5af71d0..14bac54 100644
--- a/database/changeAccountPassword.php
+++ b/database/changeAccountPassword.php
@@ -1,44 +1,24 @@
 <?php
 require __DIR__ . '/../incl/util.php';
 setPlainHeader();
-$conn = newConnection();
-
-$post = getPostData();
-$oldpassword = $post['oldpassword'] ?? '';
-$newpassword = $post['newpassword'] ?? '';
-$token = $post['token'] ?? '';
-$username = $post['username'] ?? '';
-
-if (!preg_match('/^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d!@#$%^&*()_\-+=]{8,}$/', $newpassword)) {
-    exitWithMessage(json_encode(["success" => false, "message" => "New password must be at least 8 characters with at least one letter and one number"]));
+if (
+    getClientVersion() == "1.2-beta2" ||
+    getClientVersion() == "1.2" ||
+    getClientVersion() == "1.21" ||
+    getClientVersion() == "1.3-beta1" ||
+    getClientVersion() == "1.3-beta2" ||
+    getClientVersion() == "1.3" ||
+    getClientVersion() == "1.33" ||
+    getClientVersion() == "1.4.0-beta1" ||
+    getClientVersion() == "1.4.0" ||
+    getClientVersion() == "1.4.1"
+) {
+    echo "-1";
+    exit;
+}
+if (getClientVersion() == "1.5.0" || getClientVersion() == "1.5.1" || getClientVersion() == "1.5.2") {
+    exitWithMessage("-1");
+    exit;
 }
 
-$stmt = $conn->prepare("SELECT * FROM users WHERE username = ? AND token = ?");
-$stmt->bind_param("ss", $username, $token);
-$stmt->execute();
-$result = $stmt->get_result();
-
-if ($result->num_rows > 0) {
-    $user = $result->fetch_assoc();
-    if (!password_verify($oldpassword, $user['password'])) {
-        exitWithMessage(json_encode(["success" => false, "message" => "Old password is incorrect"]));
-    }
-    if (password_verify($newpassword, $user['password'])) {
-        exitWithMessage(json_encode(["success" => false, "message" => "New password cannot be the same as the old password"]));
-    }
-    $id = $user['id'];
-} else {
-    exitWithMessage(json_encode(["success" => false, "message" => "Invalid session token or username, please refresh login"]));
-}
-
-$hashednewpassword = password_hash($newpassword, PASSWORD_DEFAULT);
-$token = bin2hex(random_bytes(256));
-
-$stmt = $conn->prepare("UPDATE users SET token = ?, password = ? WHERE id = ?");
-$stmt->bind_param("sss", $token, $hashednewpassword, $id);
-
-$stmt->execute();
-$stmt->close();
-$conn->close();
-
-echo encrypt(json_encode(["success" => true, "token" => $token]));
\ No newline at end of file
+exitWithMessage(json_encode(["success" => false, "message" => "You must use client version 26.1 or higher to register an account in game"]));
\ No newline at end of file
diff --git a/database/changeAccountUsername.php b/database/changeAccountUsername.php
index 4465eb8..14bac54 100644
--- a/database/changeAccountUsername.php
+++ b/database/changeAccountUsername.php
@@ -1,50 +1,24 @@
 <?php
 require __DIR__ . '/../incl/util.php';
 setPlainHeader();
-if (getClientVersion() == "1.3-beta1") {
-    require __DIR__ . '/backported/1.3-beta1/changeAccountUsername.php';
+if (
+    getClientVersion() == "1.2-beta2" ||
+    getClientVersion() == "1.2" ||
+    getClientVersion() == "1.21" ||
+    getClientVersion() == "1.3-beta1" ||
+    getClientVersion() == "1.3-beta2" ||
+    getClientVersion() == "1.3" ||
+    getClientVersion() == "1.33" ||
+    getClientVersion() == "1.4.0-beta1" ||
+    getClientVersion() == "1.4.0" ||
+    getClientVersion() == "1.4.1"
+) {
+    echo "-1";
     exit;
 }
-if (getClientVersion() == "1.3-beta2" || getClientVersion() == "1.3" || getClientVersion() == "1.33") {
-    require __DIR__ . '/backported/1.3-beta2/changeAccountUsername.php';
+if (getClientVersion() == "1.5.0" || getClientVersion() == "1.5.1" || getClientVersion() == "1.5.2") {
+    exitWithMessage("-1");
     exit;
 }
-$conn = newConnection();
 
-$post = getPostData();
-$oldusername = $post['oldusername'] ?? '';
-$newusername = $post['newusername'] ?? '';
-$token = $post['token'] ?? '';
-$username = $post['username'] ?? '';
-
-if (!preg_match('/^[a-zA-Z0-9]{3,16}$/', $newusername)) {
-    exitWithMessage(json_encode(["success" => false, "message" => "New username must be 3-16 characters, letters and numbers only"]));
-}
-
-$stmt = $conn->prepare("SELECT * FROM users WHERE username = ?");
-$stmt->bind_param("s", $newusername);
-$stmt->execute();
-$result = $stmt->get_result();
-
-if ($result->num_rows > 0) {
-    exitWithMessage(json_encode(["success" => false, "message" => "New username already exists"]));
-}
-
-$stmt = $conn->prepare("SELECT * FROM users WHERE username = ? AND token = ?");
-$stmt->bind_param("ss", $oldusername, $token);
-$stmt->execute();
-$result = $stmt->get_result();
-
-if ($result->num_rows === 0) {
-    exitWithMessage(json_encode(["success" => false, "message" => "Invalid old username"]));
-}
-
-$stmt = $conn->prepare("UPDATE users SET username = ? WHERE username = ? AND token = ?");
-$stmt->bind_param("sss", $newusername, $username, $token);
-$stmt->execute();
-
-if ($stmt->affected_rows === 0) {
-    exitWithMessage(json_encode(["success" => false, "message" => "Invalid session token or username, please refresh login"]));
-}
-
-echo encrypt(json_encode(["success" => true]));
\ No newline at end of file
+exitWithMessage(json_encode(["success" => false, "message" => "You must use client version 26.1 or higher to register an account in game"]));
\ No newline at end of file
diff --git a/database/registerAccount.php b/database/registerAccount.php
index ce45856..14bac54 100644
--- a/database/registerAccount.php
+++ b/database/registerAccount.php
@@ -1,62 +1,24 @@
 <?php
 require __DIR__ . '/../incl/util.php';
 setPlainHeader();
-if (getClientVersion() == "1.2-beta2" || getClientVersion() == "1.2") {
-    require __DIR__ . '/backported/1.2-beta2/registerAccount.php';
-    exit;
-}
 if (
+    getClientVersion() == "1.2-beta2" ||
+    getClientVersion() == "1.2" ||
     getClientVersion() == "1.21" ||
     getClientVersion() == "1.3-beta1" ||
     getClientVersion() == "1.3-beta2" ||
-    getClientVersion() == "1.3"
+    getClientVersion() == "1.3" ||
+    getClientVersion() == "1.33" ||
+    getClientVersion() == "1.4.0-beta1" ||
+    getClientVersion() == "1.4.0" ||
+    getClientVersion() == "1.4.1"
 ) {
-    require __DIR__ . '/backported/1.21/registerAccount.php';
+    echo "-1";
     exit;
 }
 if (getClientVersion() == "1.5.0" || getClientVersion() == "1.5.1" || getClientVersion() == "1.5.2") {
-    require __DIR__ . '/backported/1.5/registerAccount.php';
+    exitWithMessage("-1");
     exit;
 }
 
-$conn = newConnection();
-
-$post = getPostData();
-$username = $post['username'] ?? '';
-$password = $post['password'] ?? '';
-$email = $post['email'] ?? '';
-
-if (!preg_match('/^[a-zA-Z0-9]{3,16}$/', $username)) {
-    exitWithMessage(json_encode(["success" => false, "message" => "Username must be 3-16 characters, letters and numbers only"]));
-}
-
-if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
-    exitWithMessage(json_encode(["success" => false, "message" => "Email is invalid"]));
-}
-
-if (!preg_match('/^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d!@#$%^&*()_\-+=]{8,}$/', $password)) {
-    exitWithMessage(json_encode(["success" => false, "message" => "Password must be at least 8 characters with at least one letter and one number"]));
-}
-
-$stmt = $conn->prepare("SELECT id FROM users WHERE username = ? OR email = ?");
-$stmt->bind_param("ss", $username, $email);
-$stmt->execute();
-$res = $stmt->get_result();
-
-if ($res->num_rows > 0) {
-    exitWithMessage(json_encode(["success" => false, "message" => "Username or email already taken"]));
-}
-
-$hashed = password_hash($password, PASSWORD_DEFAULT);
-$token = bin2hex(random_bytes(256));
-$ip = getIPAddress();
-$time = time();
-
-$stmt = $conn->prepare("INSERT INTO users (token, username, password, email, register_time, latest_ip) VALUES (?, ?, ?, ?, ?, ?)");
-$stmt->bind_param("ssssis", $token, $username, $hashed, $email, $time, $ip);
-$stmt->execute();
-
-$stmt->close();
-$conn->close();
-
-echo encrypt(json_encode(["success" => true]));
+exitWithMessage(json_encode(["success" => false, "message" => "You must use client version 26.1 or higher to register an account in game"]));
\ No newline at end of file