void AccountMgr::AddAccount(Field* field) { Account * acct = new Account; Sha1Hash hash; string Username = field[1].GetString(); string Password = field[2].GetString(); //string EncryptedPassword = field[3].GetString(); string GMFlags = field[3].GetString(); acct->AccountId = field[0].GetUInt32(); acct->AccountFlags = field[4].GetUInt8(); acct->Banned = field[5].GetUInt32(); if ( (uint32)UNIXTIME > acct->Banned && acct->Banned != 0 && acct->Banned != 1) //1 = perm ban? { //Accounts should be unbanned once the date is past their set expiry date. acct->Banned = 0; //me go boom :( //printf("Account %s's ban has expired.\n",acct->UsernamePtr->c_str()); sLogonSQL->Execute("UPDATE accounts SET banned = 0 WHERE acct=%u",acct->AccountId); } acct->SetGMFlags(GMFlags.c_str()); acct->Locale[0] = 'e'; acct->Locale[1] = 'n'; acct->Locale[2] = 'U'; acct->Locale[3] = 'S'; if(strcmp(field[6].GetString(), "enUS")) { // non-standard language forced memcpy(acct->Locale, field[6].GetString(), 4); acct->forcedLocale = true; } else acct->forcedLocale = false; acct->Muted = field[7].GetUInt32(); if ( (uint32)UNIXTIME > acct->Muted && acct->Muted != 0 && acct->Muted != 1) //1 = perm ban? { //Accounts should be unbanned once the date is past their set expiry date. acct->Muted= 0; DEBUG_LOG("AccountMgr","Account %s's mute has expired.", Username.c_str()); sLogonSQL->Execute("UPDATE accounts SET muted = 0 WHERE acct=%u",acct->AccountId); } // Convert username/password to uppercase. this is needed ;) HEARTHSTONE_TOUPPER(Username); HEARTHSTONE_TOUPPER(Password); if( m_encryptedPasswords ) { // prefer encrypted passwords over nonencrypted BigNumber bn; bn.SetHexStr( Password.c_str() ); if( bn.GetNumBytes() != 20 ) { // Someone probably has non-encrypted passwords in a server that's set to encrypted pws. hash.UpdateData((Username + ":" + Password)); hash.Finalize(); memcpy(acct->SrpHash, hash.GetDigest(), 20); // Make sure this doesn't happen again. BigNumber cnSave; cnSave.SetBinary( acct->SrpHash, 20); string hash = cnSave.AsHexStr(); DEBUG_LOG("AccountMgr", "Found account %s [%u] with invalid password format. Converting to encrypted password.", Username.c_str(), acct->AccountId); sLogonSQL->Execute("UPDATE accounts SET password = SHA1(CONCAT(UPPER(login), ':', UPPER(password))) WHERE acct = %u", acct->AccountId); } else { if ( Password.size() == 40 ) { if( bn.GetNumBytes() < 20 ) { memcpy(acct->SrpHash, bn.AsByteArray(), bn.GetNumBytes()); for (int n=bn.GetNumBytes(); n<=19; n++) acct->SrpHash[n] = (uint8)0; reverse_array(acct->SrpHash, 20); } else { memcpy(acct->SrpHash, bn.AsByteArray(), 20); reverse_array(acct->SrpHash, 20); } } } } else { // Prehash the I value. hash.UpdateData((Username + ":" + Password)); hash.Finalize(); memcpy(acct->SrpHash, hash.GetDigest(), 20); } AccountDatabase[Username] = acct; }
void LogonCommServerSocket::HandleDatabaseModify(WorldPacket& recvData) { uint32 method; recvData >> method; if( !IsServerAllowedMod(GetRemoteAddress().s_addr) ) { Log.Error("LogonCommServerSocket","Database modify request %u denied for %s.\n", method, GetIP()); return; } switch(method) { case 1: // set account ban { string account; uint32 duration; string reason; recvData >> account >> duration >> reason; // remember we expect this in uppercase HEARTHSTONE_TOUPPER(account); Account * pAccount = sAccountMgr.GetAccount(account); if( pAccount == NULL ) return; pAccount->Banned = duration; // update it in the sql (duh) sLogonSQL->Execute("UPDATE accounts SET banned = %u, banReason = \"%s\" WHERE login = \"%s\"", duration, sLogonSQL->EscapeString(reason).c_str(), sLogonSQL->EscapeString(account).c_str()); }break; case 2: // set gm { string account; string gm; recvData >> account >> gm; // remember we expect this in uppercase HEARTHSTONE_TOUPPER(account); Account * pAccount = sAccountMgr.GetAccount(account); if( pAccount == NULL ) return; pAccount->SetGMFlags( account.c_str() ); // update it in the sql (duh) sLogonSQL->Execute("UPDATE accounts SET gm = \"%s\" WHERE login = \"%s\"", sLogonSQL->EscapeString(gm).c_str(), sLogonSQL->EscapeString(account).c_str()); }break; case 3: // set mute { string account; uint32 duration; recvData >> account >> duration; // remember we expect this in uppercase HEARTHSTONE_TOUPPER(account); Account * pAccount = sAccountMgr.GetAccount(account); if( pAccount == NULL ) return; pAccount->Muted = duration; // update it in the sql (duh) sLogonSQL->Execute("UPDATE accounts SET muted = %u WHERE login = \"%s\"", duration, sLogonSQL->EscapeString(account).c_str()); }break; case 4: // ip ban add { string ip; string reason; uint32 duration; recvData >> ip >> duration >> reason; if( sIPBanner.Add( ip.c_str(), duration ) ) sLogonSQL->Execute("INSERT INTO ipbans (ip, expire, banreason) VALUES(\"%s\", %u, \"%s\")", sLogonSQL->EscapeString(ip).c_str(), duration, sLogonSQL->EscapeString(reason).c_str() ); }break; case 5: // ip ban reomve { string ip; recvData >> ip; if( sIPBanner.Remove( ip.c_str() ) ) sLogonSQL->Execute("DELETE FROM ipbans WHERE ip = \"%s\"", sLogonSQL->EscapeString(ip).c_str()); }break; } }
void AccountMgr::ReloadAccounts(bool silent) { setBusy.Acquire(); if(!silent) sLog.outString("[AccountMgr] Reloading Accounts..."); // Load *all* accounts. QueryResult * result = sLogonSQL->Query("SELECT acct, login, password, gm, flags, banned, forceLanguage, muted FROM accounts"); Field * field; string AccountName; set<string> account_list; Account * acct; if(result) { do { field = result->Fetch(); AccountName = field[1].GetString(); // transform to uppercase HEARTHSTONE_TOUPPER(AccountName); //Use private __GetAccount, for locks acct = __GetAccount(AccountName); if(acct == 0) { // New account. AddAccount(field); } else { // Update the account with possible changed details. UpdateAccount(acct, field); } // add to our "known" list account_list.insert(AccountName); } while(result->NextRow()); delete result; } // check for any purged/deleted accounts #ifdef WIN32 HM_NAMESPACE::hash_map<string, Account*>::iterator itr = AccountDatabase.begin(); HM_NAMESPACE::hash_map<string, Account*>::iterator it2; #else std::map<string, Account*>::iterator itr = AccountDatabase.begin(); std::map<string, Account*>::iterator it2; #endif for(; itr != AccountDatabase.end();) { it2 = itr; ++itr; if(account_list.find(it2->first) == account_list.end()) { delete it2->second; AccountDatabase.erase(it2); } else { it2->second->UsernamePtr = (std::string*)&it2->first; } } if(!silent) sLog.outString("[AccountMgr] Found %u accounts.", AccountDatabase.size()); setBusy.Release(); IPBanner::getSingleton().Reload(); }