void AccountMgr::AddAccount(Field* field)
{
Account * acct = new Account;
Sha1Hash hash;
string Username = field[1].GetString();
string Password = field[2].GetString();
//string EncryptedPassword = field[3].GetString();
string GMFlags = field[3].GetString();
acct->AccountId = field[0].GetUInt32();
acct->AccountFlags = field[4].GetUInt8();
acct->Banned = field[5].GetUInt32();
if ( (uint32)UNIXTIME > acct->Banned && acct->Banned != 0 && acct->Banned != 1) //1 = perm ban?
{
//Accounts should be unbanned once the date is past their set expiry date.
acct->Banned = 0;
//me go boom :(
//printf("Account %s's ban has expired.\n",acct->UsernamePtr->c_str());
sLogonSQL->Execute("UPDATE accounts SET banned = 0 WHERE acct=%u",acct->AccountId);
}
acct->SetGMFlags(GMFlags.c_str());
acct->Locale[0] = 'e';
acct->Locale[1] = 'n';
acct->Locale[2] = 'U';
acct->Locale[3] = 'S';
if(strcmp(field[6].GetString(), "enUS"))
{
// non-standard language forced
memcpy(acct->Locale, field[6].GetString(), 4);
acct->forcedLocale = true;
}
else
acct->forcedLocale = false;
acct->Muted = field[7].GetUInt32();
if ( (uint32)UNIXTIME > acct->Muted && acct->Muted != 0 && acct->Muted != 1) //1 = perm ban?
{
//Accounts should be unbanned once the date is past their set expiry date.
acct->Muted= 0;
DEBUG_LOG("AccountMgr","Account %s's mute has expired.", Username.c_str());
sLogonSQL->Execute("UPDATE accounts SET muted = 0 WHERE acct=%u",acct->AccountId);
}
// Convert username/password to uppercase. this is needed ;)
HEARTHSTONE_TOUPPER(Username);
HEARTHSTONE_TOUPPER(Password);
if( m_encryptedPasswords )
{
// prefer encrypted passwords over nonencrypted
BigNumber bn;
bn.SetHexStr( Password.c_str() );
if( bn.GetNumBytes() != 20 )
{
// Someone probably has non-encrypted passwords in a server that's set to encrypted pws.
hash.UpdateData((Username + ":" + Password));
hash.Finalize();
memcpy(acct->SrpHash, hash.GetDigest(), 20);
// Make sure this doesn't happen again.
BigNumber cnSave;
cnSave.SetBinary( acct->SrpHash, 20);
string hash = cnSave.AsHexStr();
DEBUG_LOG("AccountMgr", "Found account %s [%u] with invalid password format. Converting to encrypted password.", Username.c_str(), acct->AccountId);
sLogonSQL->Execute("UPDATE accounts SET password = SHA1(CONCAT(UPPER(login), ':', UPPER(password))) WHERE acct = %u", acct->AccountId);
}
else
{
if ( Password.size() == 40 )
{
if( bn.GetNumBytes() < 20 )
{
memcpy(acct->SrpHash, bn.AsByteArray(), bn.GetNumBytes());
for (int n=bn.GetNumBytes(); n<=19; n++)
acct->SrpHash[n] = (uint8)0;
reverse_array(acct->SrpHash, 20);
}
else
{
memcpy(acct->SrpHash, bn.AsByteArray(), 20);
reverse_array(acct->SrpHash, 20);
}
}
}
}
else
{
// Prehash the I value.
hash.UpdateData((Username + ":" + Password));
hash.Finalize();
memcpy(acct->SrpHash, hash.GetDigest(), 20);
}
AccountDatabase[Username] = acct;
}
void LogonCommServerSocket::HandleDatabaseModify(WorldPacket& recvData)
{
uint32 method;
recvData >> method;
if( !IsServerAllowedMod(GetRemoteAddress().s_addr) )
{
Log.Error("LogonCommServerSocket","Database modify request %u denied for %s.\n", method, GetIP());
return;
}
switch(method)
{
case 1: // set account ban
{
string account;
uint32 duration;
string reason;
recvData >> account >> duration >> reason;
// remember we expect this in uppercase
HEARTHSTONE_TOUPPER(account);
Account * pAccount = sAccountMgr.GetAccount(account);
if( pAccount == NULL )
return;
pAccount->Banned = duration;
// update it in the sql (duh)
sLogonSQL->Execute("UPDATE accounts SET banned = %u, banReason = \"%s\" WHERE login = \"%s\"", duration, sLogonSQL->EscapeString(reason).c_str(),
sLogonSQL->EscapeString(account).c_str());
}break;
case 2: // set gm
{
string account;
string gm;
recvData >> account >> gm;
// remember we expect this in uppercase
HEARTHSTONE_TOUPPER(account);
Account * pAccount = sAccountMgr.GetAccount(account);
if( pAccount == NULL )
return;
pAccount->SetGMFlags( account.c_str() );
// update it in the sql (duh)
sLogonSQL->Execute("UPDATE accounts SET gm = \"%s\" WHERE login = \"%s\"", sLogonSQL->EscapeString(gm).c_str(), sLogonSQL->EscapeString(account).c_str());
}break;
case 3: // set mute
{
string account;
uint32 duration;
recvData >> account >> duration;
// remember we expect this in uppercase
HEARTHSTONE_TOUPPER(account);
Account * pAccount = sAccountMgr.GetAccount(account);
if( pAccount == NULL )
return;
pAccount->Muted = duration;
// update it in the sql (duh)
sLogonSQL->Execute("UPDATE accounts SET muted = %u WHERE login = \"%s\"", duration, sLogonSQL->EscapeString(account).c_str());
}break;
case 4: // ip ban add
{
string ip;
string reason;
uint32 duration;
recvData >> ip >> duration >> reason;
if( sIPBanner.Add( ip.c_str(), duration ) )
sLogonSQL->Execute("INSERT INTO ipbans (ip, expire, banreason) VALUES(\"%s\", %u, \"%s\")", sLogonSQL->EscapeString(ip).c_str(), duration, sLogonSQL->EscapeString(reason).c_str() );
}break;
case 5: // ip ban reomve
{
string ip;
recvData >> ip;
if( sIPBanner.Remove( ip.c_str() ) )
sLogonSQL->Execute("DELETE FROM ipbans WHERE ip = \"%s\"", sLogonSQL->EscapeString(ip).c_str());
}break;
}
}
void AccountMgr::ReloadAccounts(bool silent)
{
setBusy.Acquire();
if(!silent) sLog.outString("[AccountMgr] Reloading Accounts...");
// Load *all* accounts.
QueryResult * result = sLogonSQL->Query("SELECT acct, login, password, gm, flags, banned, forceLanguage, muted FROM accounts");
Field * field;
string AccountName;
set<string> account_list;
Account * acct;
if(result)
{
do
{
field = result->Fetch();
AccountName = field[1].GetString();
// transform to uppercase
HEARTHSTONE_TOUPPER(AccountName);
//Use private __GetAccount, for locks
acct = __GetAccount(AccountName);
if(acct == 0)
{
// New account.
AddAccount(field);
}
else
{
// Update the account with possible changed details.
UpdateAccount(acct, field);
}
// add to our "known" list
account_list.insert(AccountName);
} while(result->NextRow());
delete result;
}
// check for any purged/deleted accounts
#ifdef WIN32
HM_NAMESPACE::hash_map<string, Account*>::iterator itr = AccountDatabase.begin();
HM_NAMESPACE::hash_map<string, Account*>::iterator it2;
#else
std::map<string, Account*>::iterator itr = AccountDatabase.begin();
std::map<string, Account*>::iterator it2;
#endif
for(; itr != AccountDatabase.end();)
{
it2 = itr;
++itr;
if(account_list.find(it2->first) == account_list.end())
{
delete it2->second;
AccountDatabase.erase(it2);
}
else
{
it2->second->UsernamePtr = (std::string*)&it2->first;
}
}
if(!silent) sLog.outString("[AccountMgr] Found %u accounts.", AccountDatabase.size());
setBusy.Release();
IPBanner::getSingleton().Reload();
}
