//LMA: mail system. bool CCharServer::pak7e5 ( CCharClient* thisclient, CPacket* P ) { if(!thisclient->isLoggedIn) return false; BYTE action = GETBYTE((*P),0); switch(action) { case 0x01: { //Ok I got mails, send them to me please. //Note: previous mails are saved clientside in the ".db" file near client (sqllite format). MYSQL_RES *result; MYSQL_ROW row; result = DB->QStore( "SELECT mailfromname, message, dhsent FROM mail_list WHERE sendtocharid=%u", thisclient->charid); if(result==NULL) return false; DWORD nb_mails=mysql_num_rows( result ); if (nb_mails==0) { DB->QFree( ); return true; } BEGINPACKET( pak, 0x7e5 ); ADDBYTE ( pak, 0x02 ); while(row = mysql_fetch_row( result )) { ADDDWORD (pak,atoi(row[2])); ADDSTRING (pak,row[0]); ADDBYTE (pak,0x00); ADDSTRING (pak,row[1]); ADDBYTE (pak,0x00); } DB->QFree( ); //let's delete them now. if(!DB->QExecute( "DELETE FROM mail_list WHERE sendtocharid=%u", thisclient->charid)) { Log(MSG_WARNING,"Can't delete previous mails from %s",thisclient->charname); //sending the packet anyway. thisclient->SendPacket( &pak ); return true; } thisclient->SendPacket( &pak ); } break; case 0x02: { //Send a new mail to someone. string mailto = (char*) &P->Buffer[1]; if(mailto.size()==0) { Log(MSG_WARNING,"Error, %s tried to send a mail to an empty player name.",thisclient->charname); return true; } string message = (char*) &P->Buffer[1+mailto.size()+1]; if(message.size()==0) { Log(MSG_WARNING,"Error, %s tried to send an empty mail to %s.",thisclient->charname,mailto.c_str()); return true; } //escaping string escaped_to; if(!EscapeMySQL(mailto.c_str(),escaped_to,-1,true)) { Log(MSG_WARNING,"Error, %s tried to send a mail to %s and there was a problem escaping this name, result was %s",thisclient->charname,mailto.c_str(),escaped_to.c_str()); return true; } string escaped_message; EscapeMySQL(message.c_str(),escaped_message,-1,false); //Checking if the player actually exists... MYSQL_RES *result; MYSQL_ROW row; result = DB->QStore( "SELECT id FROM characters WHERE char_name='%s'", escaped_to.c_str() ); if(result==NULL) return false; if (mysql_num_rows( result ) == 0) { DB->QFree( ); Log(MSG_WARNING,"Error, %s tried to send a mail to %s (%s) and this player doesn't exist?",thisclient->charname,escaped_to.c_str(),escaped_message.c_str()); return true; } row = mysql_fetch_row( result ); DWORD other_charid=atoi(row[0]); DB->QFree( ); if(!DB->QExecute("INSERT INTO mail_list (mailfromname, mailfromcharid, sendtoname, sendtocharid, message, dhsent) VALUES('%s',%u,'%s',%u,'%s',%u)",thisclient->charname,thisclient->charid,escaped_to.c_str(),other_charid,escaped_message.c_str(),GetServerTime( ))) { Log(MSG_WARNING,"Error, %s tried to send a mail to %s (%s) and it failed to be saved in database.",thisclient->charname,escaped_to.c_str(),escaped_message.c_str()); return false; } //Mail sent and saved. BEGINPACKET( pak, 0x7e5 ); ADDBYTE ( pak, 0x03 ); thisclient->SendPacket( &pak ); } break; case 0x03: { //Have I got mail waiting, how many? MYSQL_RES *result; result = DB->QStore( "SELECT id FROM mail_list WHERE sendtocharid=%u", thisclient->charid); if(result==NULL) return false; DWORD nb_mails=mysql_num_rows( result ); DB->QFree( ); BEGINPACKET( pak, 0x7e5 ); ADDBYTE ( pak, 0x01 ); ADDWORD ( pak, nb_mails ); thisclient->SendPacket( &pak ); } break; default: { Log( MSG_WARNING,"Unknown 0x07e5 mail action %i",action); } break; } return true; }
// Packet when user login (chck user and pass and active) bool CLoginServer::pakUserLogin( CLoginClient* thisclient, CPacket* P ) { if ( thisclient->isLoggedIn ) return false; MYSQL_ROW row; string temp_string; string temp_password; temp_string.reserve(17); temp_password.reserve(33); temp_string.assign( (const char*)&P->Buffer, 32, (P->Size-6-32)>16?16:P->Size-6-32 ); temp_password.assign((const char*)&P->Buffer, 0, 32 ); EscapeMySQL(temp_password.c_str(),thisclient->password,-1,true); //client sends already in MD5 form (or should...) if (!thisclient->hasGameGuard && Config.checkGameGuard ) { Log(MSG_HACK, "Warning, user [ %s ] tried logging in without gameguard", temp_string.c_str()); BEGINPACKET( pak, 0x708 ); ADDBYTE( pak, 10 ); ADDDWORD( pak, 0); thisclient->SendPacket( &pak ); return false; } BEGINPACKET( pak, 0x708 ); if(!EscapeMySQL(temp_string.c_str(),thisclient->username,16,true)) { return false; } MYSQL_RES *result = DB->QStore( "SELECT id,password,accesslevel,online,active FROM accounts WHERE username='******'", thisclient->username.c_str() ); if(result == NULL) return false; if( mysql_num_rows( result ) == 1 ) { row = mysql_fetch_row(result); int res = 0; #ifdef _WIN32 res = _stricmp( row[1], thisclient->password.c_str() ); #else res = strcasecmp( row[1], thisclient->password.c_str() ); #endif if ( res == 0 ) { //Account is Active if(atoi(row[4])==1) { // Activation Fix By Rifke Log( MSG_INFO, "Success login '%s' : Account verfified.", thisclient->username.c_str() ); // characters is already logged if(atoi(row[3])==1) { Log(MSG_WARNING, "Account %s try re-login", thisclient->username.c_str() ); ADDBYTE( pak, 4 ); ADDDWORD( pak, 0 ); thisclient->SendPacket( &pak ); //relogin crash fixed by zrose. BEGINPACKET( pak2, 0x502 ); ADDBYTE ( pak2, 1 ); ADDDWORD ( pak2, atoi(row[0]) ); cryptPacket( (char*)&pak2, NULL ); DB->QFree( ); for(UINT i=0;i<ServerList.size();i++) send( ServerList.at(i)->sock , (char*)&pak2, pak2.Size, 0 ); DB->QExecute( "update accounts set online=0 WHERE username='******'", thisclient->username.c_str()); return false; } thisclient->accesslevel = atoi(row[2]); //LMA: banned handled after this check. if( thisclient->accesslevel >0 && thisclient->accesslevel < Config.MinimumAccessLevel ) { //The server are under inspection ADDBYTE( pak, 0 ); ADDDWORD( pak, 0 ); thisclient->SendPacket( &pak ); DB->QFree( ); return true; } if ( thisclient->accesslevel > 0 ) { thisclient->userid = atoi(row[0]); thisclient->isLoggedIn = true; DB->QFree( ); //new code. ADDBYTE( pak, 0x80 ); if(thisclient->accesslevel==300) { //GM level 1 ADDWORD( pak, 256 ); } else if(thisclient->accesslevel==400) { //GM level 2 ADDWORD( pak, 512 ); } else if(thisclient->accesslevel==500) { //admin. ADDWORD( pak, 768 ); } else { //standard user. ADDWORD( pak, 100 ); } ADDWORD( pak, 0x0000); result = DB->QStore( "SELECT id,name FROM channels WHERE type=1" ); if(result==NULL) return false; while( row = mysql_fetch_row(result) ) { ADDBYTE( pak, 30 + atoi(row[0])); ADDSTRING( pak, row[1] ); ADDBYTE( pak, 0 ); ADDBYTE(pak, atoi( row[0] ) ); ADDBYTE( pak, 0 ); ADDWORD( pak, 0 ); } DB->QFree( ); }else{ //BANNED ADDBYTE( pak, 5 ); ADDDWORD( pak, 0 ); DB->QFree( ); } }else{ // Not activated Log( MSG_INFO, "Account %s not verified ", thisclient->username.c_str() ); ADDBYTE( pak, 9 ); ADDDWORD( pak, 0 ); DB->QFree( ); } }else{ //BAD PASSWORD ADDBYTE( pak, 3 ); ADDDWORD( pak, 0 ); DB->QFree( ); } } else { //BAD USERNAME ADDBYTE( pak, 2 ); ADDDWORD( pak, 0 ); DB->QFree( ); } /* 1 - general error | 4 - your account is already logged 6 - topup account | 7 - cannot connect to server please try again 8 - server exceeded | 9 - account have not been verified 10 - login failed | 11 - ip capacity is full */ thisclient->SendPacket ( &pak ); return true; }