/** * Add a chat message to history. */ static void history_add(struct plugin_handle* plugin, struct plugin_user* from, const char* message, int flags) { struct chat_history_data* data = (struct chat_history_data*) plugin->ptr; char* history_line = strdup(sql_escape_string(message)); char* history_nick = strdup(sql_escape_string(from->nick)); sql_execute(data, null_callback, NULL, "INSERT INTO chat_history (from_nick, message) VALUES('%s', '%s');DELETE FROM chat_history WHERE time <= (SELECT time FROM chat_history ORDER BY time DESC LIMIT %d,1);", history_nick, history_line, data->history_max); hub_free(history_line); hub_free(history_nick); }
static void log_user_logout(struct plugin_handle* plugin, struct plugin_user* user, const char* reason) { struct log_data* ldata = (struct log_data*) plugin->ptr; const char* addr = ip_convert_to_string(&user->addr); char* nick = strdup(sql_escape_string(user->nick)); char* uagent = strdup(sql_escape_string(user->user_agent)); int rc = sql_execute(ldata, null_callback, NULL, "INSERT INTO userlog VALUES('%s', '%s', '%s', '', '%s', '%s (%s)', DATETIME('NOW', 'localtime', '%d hours'));", nick, user->cid, addr, uagent, "Logout", reason, ldata->srvtdiff); if (rc < 0) fprintf(stderr, "[SQLITE LOG] Unable to log: Logout %s/%s %s \"%s\" (%s) \"%s\"\n", sid_to_string(user->sid), user->cid, addr, user->nick, reason, user->user_agent); hub_free(nick); hub_free(uagent); }
static plugin_st get_user(struct plugin_handle* plugin, const char* nickname, struct auth_info* data) { struct sql_data* sql = (struct sql_data*) plugin->ptr; struct data_record result; char query[1024]; char* errMsg; int rc; snprintf(query, sizeof(query), "SELECT * FROM users WHERE nickname='%s';", sql_escape_string(nickname)); memset(data, 0, sizeof(struct auth_info)); result.data = data; result.found = 0; #ifdef DEBUG_SQL printf("SQL: %s\n", query); #endif rc = sqlite3_exec(sql->db, query , get_user_callback, &result, &errMsg); if (rc != SQLITE_OK) { #ifdef DEBUG_SQL fprintf(stderr, "SQL: ERROR: %s\n", errMsg); #endif sqlite3_free(errMsg); return st_default; } if (result.found) return st_allow; return st_default; }
static const char * passdb_sql_escape(const char *str, const struct auth_request *auth_request) { struct passdb_module *_module = auth_request->passdb->passdb; struct sql_passdb_module *module = (struct sql_passdb_module *)_module; return sql_escape_string(module->conn->db, str); }
static plugin_st register_user(struct plugin_handle* plugin, struct auth_info* user) { struct sql_data* sql = (struct sql_data*) plugin->ptr; char* nick = strdup(sql_escape_string(user->nickname)); char* pass = strdup(sql_escape_string(user->password)); const char* cred = auth_cred_to_string(user->credentials); int rc = sql_execute(sql, null_callback, NULL, "INSERT INTO users (nickname, password, credentials) VALUES('%s', '%s', '%s');", nick, pass, cred); free(nick); free(pass); if (rc <= 0) { fprintf(stderr, "Unable to add user \"%s\"\n", user->nickname); return st_deny; } return st_allow; }
static void log_change_nick(struct plugin_handle* plugin, struct plugin_user* user, const char* new_nick) { struct log_data* ldata = (struct log_data*) plugin->ptr; const char* addr = ip_convert_to_string(&user->addr); char* nick = strdup(sql_escape_string(user->nick)); int rc = sql_execute(ldata, null_callback, NULL, "INSERT INTO userlog VALUES('', '%s', '%s', '', '', '%s (%s -> %s)', DATETIME('NOW', 'localtime', '%d hours'));", user->cid, addr, "NickChange", nick, new_nick, ldata->srvtdiff); if (rc < 0) fprintf(stderr, "[SQLITE LOG] Unable to log: NickChange %s/%s %s \"%s\" -> \"%s\"\n", sid_to_string(user->sid), user->cid, addr, user->nick, new_nick); hub_free(nick); }
static int command_releaseadd(struct plugin_handle* plugin, struct plugin_user* user, struct plugin_command* cmd) { struct extras_data* extrasdata = (struct extras_data*) plugin->ptr; struct cbuffer* buf = cbuf_create(128); struct plugin_command_arg_data* arg1 = (struct plugin_command_arg_data*) list_get_first(cmd->args); struct plugin_command_arg_data* arg2 = (struct plugin_command_arg_data*) list_get_next(cmd->args); char* tth = strdup(sql_escape_string(arg1->data.string)); char* title = strdup(sql_escape_string(arg2->data.string)); int rc = sql_execute(extrasdata, null_callback, NULL, "INSERT INTO releases (id, title, tth) VALUES(NULL, '%s', '%s');", title, tth); if (rc > 0) cbuf_append_format(buf, "*** %s: Added \"%s\" to releases.", cmd->prefix, title); else cbuf_append_format(buf, "*** %s: Unable to add \"%s\" to releases.", cmd->prefix, title); plugin->hub.send_message(plugin, user, cbuf_get(buf)); cbuf_destroy(buf); hub_free(tth); hub_free(title); return 0; }
int authenticator::checkCreds(std::string username, std::string password) { if(username.size() == 0 && password.size() == 0) return 255; std::string checkStmt = "SELECT * FROM users WHERE username = '******';"); //std::cout << checkStmt << std::endl; sql::Statement *checkStmtM = con->createStatement(); sql::ResultSet *result; sql::ResultSetMetaData *meta; result = checkStmtM->executeQuery(checkStmt); meta = result->getMetaData(); if(result->next()) { std::stringstream logmsgs; if(result->getString("password") != md5(password)) { if(result->getInt("status") == 1) logmsgs << "User '"; else if(result->getInt("status") == 2) logmsgs << "Admin '"; logmsgs << "User '" << username << "' (" << result->getString("realname") << ") tried logging in using a wrong password."; log->addLog(LOGAUTH, logmsgs.str().data()); checkStmtM->close(); return 2; } switch(result->getInt("status")) { case 0: logmsgs << "User '" << username << "' (" << result->getString("realname") << ") tried logging in (existing but disabled)."; log->addLog(LOGAUTH, logmsgs.str().data()); checkStmtM->close(); return 3; case 1: logmsgs << "User '" << username << "' (" << result->getString("realname") << ") logged in."; log->addLog(LOGAUTH, logmsgs.str().data()); checkStmtM->close(); return 0; case 2: logmsgs << "Admin '" << username << "' (" << result->getString("realname") << ") logged in."; log->addLog(LOGAUTH, logmsgs.str().data()); checkStmtM->close(); return 0; } } else { log->addLog(LOGAUTH, "User '%s' tried logging in but doesn't exists.", username.c_str()); checkStmtM->close(); return 1; } }
static int command_newsadd(struct plugin_handle* plugin, struct plugin_user* user, struct plugin_command* cmd) { struct extras_data* extrasdata = (struct extras_data*) plugin->ptr; struct cbuffer* buf = cbuf_create(128); struct plugin_command_arg_data* arg1 = (struct plugin_command_arg_data*) list_get_first(cmd->args); const char* news_text = sql_escape_string(arg1->data.string); int rc = sql_execute(extrasdata, null_callback, NULL, "INSERT INTO news (id, text) VALUES(NULL, '%s');", news_text); if (rc > 0) cbuf_append_format(buf, "*** %s: News updated.", cmd->prefix); else cbuf_append_format(buf, "*** %s: Unable to update news.", cmd->prefix); plugin->hub.send_message(plugin, user, cbuf_get(buf)); cbuf_destroy(buf); return 0; }
static int command_patternexadd(struct plugin_handle* plugin, struct plugin_user* user, struct plugin_command* cmd) { struct patterns_data* pdata = (struct patterns_data*) plugin->ptr; struct cbuffer* buf = cbuf_create(128); struct plugin_command_arg_data* arg1 = (struct plugin_command_arg_data*) list_get_first(cmd->args); struct plugin_command_arg_data* arg2 = (struct plugin_command_arg_data*) list_get_next(cmd->args); struct plugin_command_arg_data* arg3 = (struct plugin_command_arg_data*) list_get_next(cmd->args); struct plugin_command_arg_data* arg4 = (struct plugin_command_arg_data*) list_get_next(cmd->args); int pattern_id = arg1->data.integer; enum auth_credentials mincred = arg2->data.credentials; enum auth_credentials maxcred = arg3->data.credentials; char* str = arg4->data.string; int rc = sql_execute(pdata, null_callback, NULL, "PRAGMA foreign_keys=ON; INSERT INTO pattern_exceptions VALUES(NULL, '%s', %d, '%s', '%s');", sql_escape_string(str), pattern_id, auth_cred_to_string(mincred), auth_cred_to_string(maxcred)); if (rc > 0) cbuf_append_format(buf, "*** %s: Added pattern exception \"%s\" to pattern ID %d.", cmd->prefix, str, pattern_id); else cbuf_append_format(buf, "*** %s: Unable to add pattern exception \"%s\" to pattern ID %d.", cmd->prefix, str, pattern_id); plugin->hub.send_message(plugin, user, cbuf_get(buf)); cbuf_destroy(buf); return 0; }
static int command_patternadd(struct plugin_handle* plugin, struct plugin_user* user, struct plugin_command* cmd) { struct patterns_data* pdata = (struct patterns_data*) plugin->ptr; struct cbuffer* buf = cbuf_create(128); struct plugin_command_arg_data* arg1 = (struct plugin_command_arg_data*) list_get_first(cmd->args); struct plugin_command_arg_data* arg2 = (struct plugin_command_arg_data*) list_get_next(cmd->args); struct plugin_command_arg_data* arg3 = (struct plugin_command_arg_data*) list_get_next(cmd->args); struct plugin_command_arg_data* arg4 = (struct plugin_command_arg_data*) list_get_next(cmd->args); char* t = arg1->data.string; enum pattern_types type; if (!pattern_string_to_type(t, &type)) { cbuf_append_format(buf, "*** %s: Wrong pattern type \"%s\". Available types are: MC, PM, NI, UA.", cmd->prefix, t); } else { enum auth_credentials mincred = arg2->data.credentials; enum auth_credentials maxcred = arg3->data.credentials; char* str = arg4->data.string; int rc = sql_execute(pdata, null_callback, NULL, "INSERT INTO patterns VALUES(NULL, '%s', %d, '%s', '%s');", sql_escape_string(str), type, auth_cred_to_string(mincred), auth_cred_to_string(maxcred)); if (rc > 0) cbuf_append_format(buf, "*** %s: Added pattern \"%s\" to %s group.", cmd->prefix, str, pattern_type_to_string(type)); else cbuf_append_format(buf, "*** %s: Unable to add pattern \"%s\".", cmd->prefix, str); } plugin->hub.send_message(plugin, user, cbuf_get(buf)); cbuf_destroy(buf); return 0; }