void InstanceSaveManager::_DelHelper(DatabaseType &db, const char *fields, const char *table, const char *queryTail, ...)
{
Tokens fieldTokens = StrSplit(fields, ", ");
ASSERT(fieldTokens.size() != 0);
va_list ap;
char szQueryTail [MAX_QUERY_LEN];
va_start(ap, queryTail);
vsnprintf(szQueryTail, MAX_QUERY_LEN, queryTail, ap);
va_end(ap);
QueryResult_AutoPtr result = db.PQuery("SELECT %s FROM %s %s", fields, table, szQueryTail);
if (result)
{
do
{
Field *fields = result->Fetch();
std::ostringstream ss;
for (size_t i = 0; i < fieldTokens.size(); i++)
{
std::string fieldValue = fields[i].GetCppString();
db.EscapeString(fieldValue);
ss << (i != 0 ? " AND " : "") << fieldTokens[i] << " = '" << fieldValue << "'";
}
db.DirectPExecute("DELETE FROM %s WHERE %s", table, ss.str().c_str());
} while (result->NextRow());
}
}
bool AccountMgr::CheckPassword(uint32 accid, std::string passwd)
{
normalizeString(passwd);
LoginDatabase.EscapeString(passwd);
QueryResult_AutoPtr result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE id='%d' AND sha_pass_hash=Sha1(CONCAT(UPPER(username), ':', UPPER('%s')))", accid, passwd.c_str());
if (result)
return true;
return false;
}
uint32 AccountMgr::GetId(std::string username)
{
LoginDatabase.EscapeString(username);
QueryResult_AutoPtr result = LoginDatabase.PQuery("SELECT id FROM account WHERE username = '******'", username.c_str());
if (!result)
return 0;
else
{
uint32 id = (*result)[0].GetUInt32();
return id;
}
}
AccountOpResult AccountMgr::ChangeUsername(uint32 accid, std::string new_uname, std::string new_passwd)
{
QueryResult_AutoPtr result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE id='%d'", accid);
if (!result)
return AOR_NAME_NOT_EXIST; // account doesn't exist
if (utf8length(new_uname) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG;
if (utf8length(new_passwd) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normalizeString(new_uname);
normalizeString(new_passwd);
LoginDatabase.EscapeString(new_uname);
LoginDatabase.EscapeString(new_passwd);
if (!LoginDatabase.PExecute("UPDATE account SET username='******', sha_pass_hash=Sha1(CONCAT('%s', ':', '%s')) WHERE id='%d'", new_uname.c_str(), new_uname.c_str(), new_passwd.c_str(), accid))
return AOR_DB_INTERNAL_ERROR; // unexpected error
return AOR_OK;
}
AccountOpResult AccountMgr::ChangePassword(uint32 accid, std::string new_passwd)
{
QueryResult_AutoPtr result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE id='%d'", accid);
if (!result)
return AOR_NAME_NOT_EXIST; // account doesn't exist
if (utf8length(new_passwd) > MAX_ACCOUNT_STR)
return AOR_PASS_TOO_LONG;
normalizeString(new_passwd);
LoginDatabase.EscapeString(new_passwd);
// also reset s and v to force update at next realmd login
if (!LoginDatabase.PExecute("UPDATE account SET v='0', s='0', sha_pass_hash=Sha1("_CONCAT3_("username", "':'", "'%s'")") WHERE id='%d'", new_passwd.c_str(), accid))
return AOR_DB_INTERNAL_ERROR; // unexpected error
return AOR_OK;
}
AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password)
{
if (utf8length(username) > MAX_ACCOUNT_STR)
return AOR_NAME_TOO_LONG; // username's too long
normalizeString(username);
normalizeString(password);
LoginDatabase.EscapeString(username);
LoginDatabase.EscapeString(password);
QueryResult_AutoPtr result = LoginDatabase.PQuery("SELECT 1 FROM account WHERE username = '******'", username.c_str());
if (result)
return AOR_NAME_ALREDY_EXIST; // username does already exist
if (!LoginDatabase.PExecute("INSERT INTO account(username, sha_pass_hash, joindate) VALUES('%s', Sha1(CONCAT('%s', ':', '%s')), NOW())", username.c_str(), username.c_str(), password.c_str()))
return AOR_DB_INTERNAL_ERROR; // unexpected error
LoginDatabase.Execute("INSERT INTO realmcharacters (realmid, acctid, numchars) SELECT realmlist.id, account.id, 0 FROM realmlist, account LEFT JOIN realmcharacters ON acctid=account.id WHERE acctid IS NULL");
return AOR_OK; // everything's fine
}
