in function login($username, $password, $autologin = false, $viewonline = 1, $admin = 0)
in if ($login['status'] == LOGIN_SUCCESS_CREATE_PROFILE)
account is created via
user_add($login['user_row'], (isset($login['cp_data'])) ? $login['cp_data'] : false);

and after that sql query is performed to check if newly created user exists
but $login['user_row']['username'] and $username can be different