AccountOpResult ChangeUsername(uint32 accountId, std::string newUsername, std::string newPassword)
{
QueryResult result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE id='%d'", accountId);
if (!result)
return AOR_NAME_NOT_EXIST; // account doesn't exist
if (utf8length(newUsername) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG;
if (utf8length(newPassword) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normalizeString(newUsername);
normalizeString(newPassword);
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_USERNAME);
stmt->setString(0, newUsername);
stmt->setString(1, CalculateShaPassHash(newUsername, newPassword));
stmt->setUInt32(2, accountId);
LoginDatabase.Execute(stmt);
return AOR_OK;
}
AccountOpResult Battlenet::AccountMgr::CreateBattlenetAccount(std::string email, std::string password, bool withGameAccount, std::string* gameAccountName)
{
if (utf8length(email) > MAX_BNET_EMAIL_STR)
return AccountOpResult::AOR_NAME_TOO_LONG;
if (utf8length(password) > MAX_PASS_STR)
return AccountOpResult::AOR_PASS_TOO_LONG;
Utf8ToUpperOnlyLatin(email);
Utf8ToUpperOnlyLatin(password);
if (GetId(email))
return AccountOpResult::AOR_NAME_ALREADY_EXIST;
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_BNET_ACCOUNT);
stmt->setString(0, email);
stmt->setString(1, CalculateShaPassHash(email, password));
LoginDatabase.DirectExecute(stmt);
uint32 newAccountId = GetId(email);
ASSERT(newAccountId);
if (withGameAccount)
{
*gameAccountName = std::to_string(newAccountId) + "#1";
GameAccountMgr::instance()->CreateAccount(*gameAccountName, password, email, newAccountId, 1);
}
return AccountOpResult::AOR_OK;
}
AccountOpResult ChangeUsername(uint32 accountId, std::string newUsername, std::string newPassword)
{
// Check if accounts exists
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_ACCOUNT_BY_ID);
stmt->setUInt32(0, accountId);
PreparedQueryResult result = LoginDatabase.Query(stmt);
if (!result)
return AOR_NAME_NOT_EXIST;
if (utf8length(newUsername) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG;
if (utf8length(newPassword) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normalizeString(newUsername);
normalizeString(newPassword);
stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_USERNAME);
stmt->setString(0, newUsername);
stmt->setString(1, CalculateShaPassHash(newUsername, newPassword));
stmt->setUInt32(2, accountId);
LoginDatabase.Execute(stmt);
return AOR_OK;
}
AccountOpResult AccountMgr::ChangeUsername(uint32 accid, std::string new_uname, std::string new_passwd)
{
QueryResult* result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE id='%u'", accid);
if (!result)
return AOR_NAME_NOT_EXIST; // account doesn't exist
delete result;
if (utf8length(new_uname) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG;
if (utf8length(new_passwd) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normalizeString(new_uname);
normalizeString(new_passwd);
std::string safe_new_uname = new_uname;
LoginDatabase.escape_string(safe_new_uname);
if (!LoginDatabase.PExecute("UPDATE account SET v='0',s='0',username='******',sha_pass_hash='%s' WHERE id='%u'", safe_new_uname.c_str(),
CalculateShaPassHash(new_uname, new_passwd).c_str(), accid))
return AOR_DB_INTERNAL_ERROR; // unexpected error
return AOR_OK;
}
AccountOpResult AccountMgr::ChangeUsername(uint32 accountId,
std::string newUsername, std::string newPassword) {
QueryResult result = LoginDatabase.PQuery(
"SELECT 1 FROM account WHERE id = '%d'", accountId);
if (!result)
return AOR_NAME_NOT_EXIST; // account doesn't exist
if (utf8length(newUsername) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG;
if (utf8length(newPassword) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normalizeString(newUsername);
normalizeString(newPassword);
std::string safeNewUsername = newUsername;
LoginDatabase.EscapeString(safeNewUsername);
LoginDatabase.PExecute(
"UPDATE account SET v='0', s='0', username='******', sha_pass_hash='%s' WHERE id='%d'",
safeNewUsername.c_str(),
CalculateShaPassHash(newUsername, newPassword).c_str(), accountId);
return AOR_OK;
}
AccountOpResult AccountMgr::ChangeUsername(uint32 accid, std::string new_uname, std::string new_passwd)
{
QueryResult *result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE id='%u'", accid);
if(!result)
return AOR_NAME_NOT_EXIST; // account doesn't exist
delete result;
if(utf8length(new_uname) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG;
if(utf8length(new_passwd) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normalizeString(new_uname);
normalizeString(new_passwd);
std::string safe_new_uname = new_uname;
LoginDatabase.escape_string(safe_new_uname);
if(!LoginDatabase.PExecute("UPDATE account SET v='0',s='0',username='******',sha_pass_hash='%s' WHERE id='%u'", safe_new_uname.c_str(),
CalculateShaPassHash(new_uname, new_passwd).c_str(), accid))
return AOR_DB_INTERNAL_ERROR; // unexpected error
if(sWorld.getConfig(CONFIG_BOOL_PLAINTEXT_PASSWORDS))
{
// FG: to keep consistency with old realm db fields also
if(!LoginDatabase.PExecute("UPDATE `account` SET `password`='%s' WHERE `id`='%d'", new_passwd.c_str(),accid))
return AOR_DB_INTERNAL_ERROR; // unexpected error
}
return AOR_OK;
}
void NormalizeUtf8::normalizeNfc(std::string& str) const {
SDL_TRACE(NormalizeUtf8, "unnormalized: '" << str << "' #bytes=" << str.size()
<< " #unicode=" << utf8length(str));
if (str.empty()) return;
FixedUtf8 fixed(str);
fixed.moveTo(str);
SDL_TRACE(NormalizeUtf8, "fixed-utf8: '" << str << "' #bytes=" << str.size() << " #unicode=" << utf8length(str));
NfcOptions::normalize(str);
SDL_TRACE(NormalizeUtf8, "nfc-normalized: '" << str << "' #bytes=" << str.size()
<< " #unicode=" << utf8length(str));
}
AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password)
{
if (utf8length(username) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG; // username's too long
normalizeString(username);
normalizeString(password);
if (GetId(username))
return AOR_NAME_ALREDY_EXIST; // username does already exist
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT);
stmt->setString(0, username);
stmt->setString(1, CalculateShaPassHash(username, password));
LoginDatabase.DirectExecute(stmt); // Enforce saving, otherwise AddGroup can fail
stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_REALM_CHARACTERS_INIT);
LoginDatabase.Execute(stmt);
// Add default rbac groups for that security level
RBACData* rbac = new RBACData(GetId(username), username, -1);
// No need to Load From DB, as it's new data
RBACGroupContainer const& groupsToAdd = _defaultSecGroups[0]; // 0: Default sec level
for (RBACGroupContainer::const_iterator it = groupsToAdd.begin(); it != groupsToAdd.end(); ++it)
rbac->AddGroup(*it, -1);
delete rbac;
return AOR_OK; // everything's fine
}
AccountOpResult AccountMgr::ChangeRegEmail(uint32 accountId, std::string newEmail)
{
std::string username;
if (!GetName(accountId, username))
{
sScriptMgr->OnFailedEmailChange(accountId);
return AOR_NAME_NOT_EXIST; // account doesn't exist
}
if (utf8length(newEmail) > MAX_EMAIL_STR)
{
sScriptMgr->OnFailedEmailChange(accountId);
return AOR_EMAIL_TOO_LONG;
}
normalizeString(username);
normalizeString(newEmail);
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_REG_EMAIL);
stmt->setString(0, newEmail);
stmt->setUInt32(1, accountId);
LoginDatabase.Execute(stmt);
sScriptMgr->OnEmailChange(accountId);
return AOR_OK;
}
AccountOpResult CreateAccount(std::string username, std::string password)
{
if (utf8length(username) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG; // username's too long
normalizeString(username);
normalizeString(password);
if (GetId(username))
return AOR_NAME_ALREDY_EXIST; // username does already exist
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT);
stmt->setString(0, username);
stmt->setString(1, CalculateShaPassHash(username, password));
stmt->setInt8(2, uint8(sWorld->getIntConfig(CONFIG_EXPANSION)));
LoginDatabase.Execute(stmt);
stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_REALM_CHARACTERS_INIT);
LoginDatabase.Execute(stmt);
return AOR_OK; // everything's fine
}
AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password)
{
if(utf8length(username) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG; // username's too long
normalizeString(username);
normalizeString(password);
if(GetId(username))
{
return AOR_NAME_ALREDY_EXIST; // username does already exist
}
if(!LoginDatabase.PExecute("INSERT INTO account(username,sha_pass_hash,joindate) VALUES('%s','%s',NOW())", username.c_str(), CalculateShaPassHash(username, password).c_str()))
return AOR_DB_INTERNAL_ERROR; // unexpected error
LoginDatabase.Execute("INSERT INTO realmcharacters (realmid, acctid, numchars) SELECT realmlist.id, account.id, 0 FROM realmlist,account LEFT JOIN realmcharacters ON acctid=account.id WHERE acctid IS NULL");
if(sWorld.getConfig(CONFIG_BOOL_PLAINTEXT_PASSWORDS))
{
// FG: to keep consistency with old realm db fields also
if(!LoginDatabase.PExecute("UPDATE account SET password='******' WHERE username='******'", password.c_str(),username.c_str()))
return AOR_DB_INTERNAL_ERROR; // unexpected error
}
return AOR_OK; // everything's fine
}
AccountOpResult AccountMgr::ChangePassword(uint32 accid, std::string new_passwd)
{
std::string username;
if(!GetName(accid, username))
return AOR_NAME_NOT_EXIST; // account doesn't exist
if (utf8length(new_passwd) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normalizeString(new_passwd);
// also reset s and v to force update at next realmd login
if(!LoginDatabase.PExecute("UPDATE account SET v='0', s='0', sha_pass_hash='%s' WHERE id='%u'",
CalculateShaPassHash(username, new_passwd).c_str(), accid))
return AOR_DB_INTERNAL_ERROR; // unexpected error
if(sWorld.getConfig(CONFIG_BOOL_PLAINTEXT_PASSWORDS))
{
// FG: to keep consistency with old realm db fields also
if(!LoginDatabase.PExecute("UPDATE `account` SET `password`='%s' WHERE `id`='%d'", new_passwd.c_str(),accid))
return AOR_DB_INTERNAL_ERROR; // unexpected error
}
return AOR_OK;
}
AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password, std::string email = "")
{
if (utf8length(username) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG; // username's too long
normalizeString(username);
normalizeString(password);
normalizeString(email);
if (GetId(username))
return AOR_NAME_ALREADY_EXIST; // username does already exist
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT);
stmt->setString(0, username);
stmt->setString(1, CalculateShaPassHash(username, password));
stmt->setString(2, email);
stmt->setString(3, email);
LoginDatabase.DirectExecute(stmt); // Enforce saving, otherwise AddGroup can fail
stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_REALM_CHARACTERS_INIT);
LoginDatabase.Execute(stmt);
return AOR_OK; // everything's fine
}
AccountOpResult AccountMgr::ChangePassword(uint32 accountId, std::string newPassword)
{
std::string username;
if (!GetName(accountId, username))
return AOR_NAME_NOT_EXIST; // account doesn't exist
if (utf8length(newPassword) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normalizeString(username);
normalizeString(newPassword);
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_PASSWORD);
stmt->setString(0, CalculateShaPassHash(username, newPassword));
stmt->setUInt32(1, accountId);
LoginDatabase.Execute(stmt);
stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_VS);
stmt->setString(0, "");
stmt->setString(1, "");
stmt->setString(2, username);
LoginDatabase.Execute(stmt);
return AOR_OK;
}
void NormalizeUtf8::normalize(std::string& str, Constraints& c) const {
normalizeNfc(str, c);
if (constraintsIndexUnicodes(c) && FixUnicode::removeControlChars)
SDL_THROW_LOG(NormalizeUtf8, ConfigException,
"remove-control-characters can't be true when using constraints (yet)");
FixUnicode::normalize(str, true);
SDL_TRACE(NormalizeUtf8, "windows-1252-replaced: '" << str << "' #bytes=" << str.size()
<< " #unicode=" << utf8length(str));
}
uint32_t ABCFile::addString(Str* s)
{
if (s->ident == ~0U) {
s->ident = stringCount++;
uint32_t len = utf8length(s);
stringBuf.emitU30(len);
stringBuf.emitUtf8(len, s);
}
return s->ident;
}
/* Returns the UTF-8 length in bytes of a string.
*/
jsize FNI_GetStringUTFLength(JNIEnv *env, jstring string) {
jclass strcls = (*env)->FindClass(env, "java/lang/String");
jmethodID mid = (*env)->GetMethodID(env, strcls, "toCharArray", "()[C");
jcharArray ca = (jcharArray) (*env)->CallObjectMethod(env, string, mid);
jsize len = (*env)->GetArrayLength(env, ca);
jchar *buf = (*env)->GetCharArrayElements(env, ca, NULL);
jsize result = utf8length(buf, len);
(*env)->ReleaseCharArrayElements(env, ca, buf, 0);
(*env)->DeleteLocalRef(env, strcls);
(*env)->DeleteLocalRef(env, ca);
return result;
}
AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password, std::string email /*= ""*/, uint32 bnetAccountId /*= 0*/, uint8 bnetIndex /*= 0*/)
{
if (utf8length(username) > MAX_ACCOUNT_STR)
return AccountOpResult::AOR_NAME_TOO_LONG; // username's too long
if (utf8length(password) > MAX_PASS_STR)
return AccountOpResult::AOR_PASS_TOO_LONG; // password's too long
Utf8ToUpperOnlyLatin(username);
Utf8ToUpperOnlyLatin(password);
Utf8ToUpperOnlyLatin(email);
if (GetId(username))
return AccountOpResult::AOR_NAME_ALREADY_EXIST; // username does already exist
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT);
stmt->setString(0, username);
stmt->setString(1, CalculateShaPassHash(username, password));
stmt->setString(2, email);
stmt->setString(3, email);
if (bnetAccountId && bnetIndex)
{
stmt->setUInt32(4, bnetAccountId);
stmt->setUInt8(5, bnetIndex);
}
else
{
stmt->setNull(4);
stmt->setNull(5);
}
LoginDatabase.DirectExecute(stmt); // Enforce saving, otherwise AddGroup can fail
stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_REALM_CHARACTERS_INIT);
LoginDatabase.Execute(stmt);
return AccountOpResult::AOR_OK; // everything's fine
}
AccountOpResult AccountMgr::ChangeUsername(uint32 accid, std::string new_uname, std::string new_passwd)
{
QueryResult_AutoPtr result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE id='%d'", accid);
if (!result)
return AOR_NAME_NOT_EXIST; // account doesn't exist
if (utf8length(new_uname) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG;
if (utf8length(new_passwd) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normalizeString(new_uname);
normalizeString(new_passwd);
LoginDatabase.EscapeString(new_uname);
LoginDatabase.EscapeString(new_passwd);
if (!LoginDatabase.PExecute("UPDATE account SET username='******', sha_pass_hash=Sha1(CONCAT('%s', ':', '%s')) WHERE id='%d'", new_uname.c_str(), new_uname.c_str(), new_passwd.c_str(), accid))
return AOR_DB_INTERNAL_ERROR; // unexpected error
return AOR_OK;
}
AccountOpResult CreateAccount(std::string username, std::string password)
{
if (utf8length(username) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG; // username's too long
normalizeString(username);
normalizeString(password);
if (GetId(username))
return AOR_NAME_ALREDY_EXIST; // username does already exist
LoginDatabase.PExecute("INSERT INTO account(username, sha_pass_hash, joindate) VALUES('%s', '%s', NOW())", username.c_str(), CalculateShaPassHash(username, password).c_str());
LoginDatabase.Execute("INSERT INTO realmcharacters (realmid, acctid, numchars) SELECT realmlist.id, account.id, 0 FROM realmlist, account LEFT JOIN realmcharacters ON acctid=account.id WHERE acctid IS NULL");
return AOR_OK; // everything's fine
}
AccountOpResult AccountMgr::ChangePassword(uint32 accountId, std::string newPassword)
{
std::string username;
if (!GetName(accountId, username))
return AOR_NAME_NOT_EXIST; // account doesn't exist
if (utf8length(newPassword) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normalizeString(username);
normalizeString(newPassword);
// also reset s and v to force update at next realmd login
LoginDatabase.PExecute("UPDATE account SET v = '0', s = '0', sha_pass_hash = '%s' WHERE id = '%d'", CalculateShaPassHash(username, newPassword).c_str(), accountId);
return AOR_OK;
}
AccountOpResult Battlenet::AccountMgr::ChangePassword(uint32 accountId, std::string newPassword)
{
std::string username;
if (!GetName(accountId, username))
return AccountOpResult::AOR_NAME_NOT_EXIST; // account doesn't exist
Utf8ToUpperOnlyLatin(username);
Utf8ToUpperOnlyLatin(newPassword);
if (utf8length(newPassword) > MAX_PASS_STR)
return AccountOpResult::AOR_PASS_TOO_LONG;
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_BNET_PASSWORD);
stmt->setString(0, CalculateShaPassHash(username, newPassword));
stmt->setUInt32(1, accountId);
LoginDatabase.Execute(stmt);
return AccountOpResult::AOR_OK;
}
AccountOpResult AccountMgr::ChangePassword(uint32 accid, std::string new_passwd)
{
QueryResult *result = loginDatabase.PQuery("SELECT 1 FROM account WHERE id='%d'", accid);
if(!result)
return AOR_NAME_NOT_EXIST; // account doesn't exist
delete result;
if (utf8length(new_passwd) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normilizeString(new_passwd);
loginDatabase.escape_string(new_passwd);
if(!loginDatabase.PExecute("UPDATE account SET sha_pass_hash=SHA1(CONCAT(username,':','%s')) WHERE id='%d'", new_passwd.c_str(), accid))
return AOR_DB_INTERNAL_ERROR; // unexpected error
return AOR_OK;
}
/* Returns a pointer to an array of UTF-8 characters of the string, or
* NULL if the operation fails. The returned array is valid until it is
* released by ReleaseStringUTFChars().
*
* If isCopy is not NULL, then *isCopy is set to JNI_TRUE if a copy is made;
* or it is set to JNI_FALSE if no copy is made.
*/
const char* FNI_GetStringUTFChars(JNIEnv *env, jstring string,
jboolean *isCopy) {
jclass strcls = (*env)->FindClass(env, "java/lang/String");
jmethodID mid = (*env)->GetMethodID(env, strcls, "toCharArray", "()[C");
jcharArray ca = (jcharArray) (*env)->CallObjectMethod(env, string, mid);
jchar * buf = (*env)->GetCharArrayElements(env, ca, NULL);
jsize len = (*env)->GetArrayLength(env, ca);
jsize newlen = utf8length(buf, len);
/* safe to use malloc -- no pointers to gc objects inside char[] */
char * result = malloc(sizeof(char)*(newlen+1));
toUTF8(buf, len, result);
result[newlen]='\0';
(*env)->ReleaseCharArrayElements(env, ca, buf, 0);
if (isCopy!=NULL) *isCopy=JNI_TRUE;
(*env)->DeleteLocalRef(env, strcls);
(*env)->DeleteLocalRef(env, ca);
return result;
}
AccountOpResult AccountMgr::ChangePassword(uint32 accid, std::string new_passwd)
{
QueryResult_AutoPtr result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE id='%d'", accid);
if (!result)
return AOR_NAME_NOT_EXIST; // account doesn't exist
if (utf8length(new_passwd) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normalizeString(new_passwd);
LoginDatabase.EscapeString(new_passwd);
// also reset s and v to force update at next realmd login
if (!LoginDatabase.PExecute("UPDATE account SET v='0', s='0', sha_pass_hash=Sha1("_CONCAT3_("username", "':'", "'%s'")") WHERE id='%d'", new_passwd.c_str(), accid))
return AOR_DB_INTERNAL_ERROR; // unexpected error
return AOR_OK;
}
AccountOpResult AccountMgr::ChangePassword(uint32 accid, std::string new_passwd)
{
std::string username;
if (!GetName(accid, username))
{ return AOR_NAME_NOT_EXIST; } // account doesn't exist
if (utf8length(new_passwd) > MAX_ACCOUNT_STR)
{ return AOR_PASS_TOO_LONG; }
normalizeString(new_passwd);
// also reset s and v to force update at next realmd login
if (!LoginDatabase.PExecute("UPDATE account SET v='0', s='0', sha_pass_hash='%s' WHERE id='%u'",
CalculateShaPassHash(username, new_passwd).c_str(), accid))
{ return AOR_DB_INTERNAL_ERROR; } // unexpected error
return AOR_OK;
}
AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password, uint32 expansion) const
{
if (utf8length(username) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG; // username's too long
normalizeString(username);
normalizeString(password);
if (GetId(username))
{
return AOR_NAME_ALREADY_EXIST; // username does already exist
}
if (!LoginDatabase.PExecute("INSERT INTO account(username,sha_pass_hash,joindate,expansion) VALUES('%s','%s',NOW(),'%u')", username.c_str(), CalculateShaPassHash(username, password).c_str(), expansion))
return AOR_DB_INTERNAL_ERROR; // unexpected error
LoginDatabase.Execute("INSERT INTO realmcharacters (realmid, acctid, numchars) SELECT realmlist.id, account.id, 0 FROM realmlist,account LEFT JOIN realmcharacters ON acctid=account.id WHERE acctid IS NULL");
return AOR_OK; // everything's fine
}
AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password)
{
if (utf8length(username) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG; // username's too long
normalizeString(username);
normalizeString(password);
LoginDatabase.EscapeString(username);
LoginDatabase.EscapeString(password);
QueryResult_AutoPtr result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE username = '******'", username.c_str());
if (result)
return AOR_NAME_ALREDY_EXIST; // username does already exist
if (!LoginDatabase.PExecute("INSERT INTO account(username, sha_pass_hash, joindate) VALUES('%s', Sha1(CONCAT('%s', ':', '%s')), NOW())", username.c_str(), username.c_str(), password.c_str()))
return AOR_DB_INTERNAL_ERROR; // unexpected error
LoginDatabase.Execute("INSERT INTO realmcharacters (realmid, acctid, numchars) SELECT realmlist.id, account.id, 0 FROM realmlist, account LEFT JOIN realmcharacters ON acctid=account.id WHERE acctid IS NULL");
return AOR_OK; // everything's fine
}
AccountOpResult AccountMgr::ChangePassword(uint32 accountId, std::string newPassword)
{
std::string username;
if (!GetName(accountId, username))
{
sScriptMgr->OnFailedPasswordChange(accountId);
return AccountOpResult::AOR_NAME_NOT_EXIST; // account doesn't exist
}
if (utf8length(newPassword) > MAX_ACCOUNT_STR)
{
sScriptMgr->OnFailedPasswordChange(accountId);
return AccountOpResult::AOR_PASS_TOO_LONG;
}
Utf8ToUpperOnlyLatin(username);
Utf8ToUpperOnlyLatin(newPassword);
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_PASSWORD);
stmt->setString(0, CalculateShaPassHash(username, newPassword));
stmt->setUInt32(1, accountId);
LoginDatabase.Execute(stmt);
stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_VS);
stmt->setString(0, "");
stmt->setString(1, "");
stmt->setString(2, username);
LoginDatabase.Execute(stmt);
sScriptMgr->OnPasswordChange(accountId);
return AccountOpResult::AOR_OK;
}
AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password)
{
if(utf8length(username) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG; // username's too long
normilizeString(username);
normilizeString(password);
loginDatabase.escape_string(username);
loginDatabase.escape_string(password);
QueryResult *result = loginDatabase.PQuery("SELECT 1 FROM account WHERE username = '******'", username.c_str());
if(result)
{
delete result;
return AOR_NAME_ALREDY_EXIST; // username does already exist
}
if(!loginDatabase.PExecute("INSERT INTO account(username,sha_pass_hash,joindate) VALUES('%s',SHA1(CONCAT('%s',':','%s')),NOW())", username.c_str(), username.c_str(), password.c_str()))
return AOR_DB_INTERNAL_ERROR; // unexpected error
loginDatabase.Execute("INSERT INTO realmcharacters (realmid, acctid, numchars) SELECT realmlist.id, account.id, 0 FROM account, realmlist WHERE account.id NOT IN (SELECT acctid FROM realmcharacters)");
return AOR_OK; // everything's fine
}