Beispiel #1
0
        public static void Login(LoginClient pClient, Packet pPacket)
        {
            // Initialize DB
            DatabaseClient dbClient = Program.DatabaseManager.GetClient();

            // XX XX XX XX XX XX XX XX XX XX XX - login length
            // 00 00 00 00 00 00 00 - space
            // XX XX XX XX XX XX XX - password
            // 00 00 00 00 00 00 00 00 00 4F 72 69 67 69 6E 61 6C 00 00 00 00 00 00 00 00 00 00 00

            // Define packet lengths, as these may change with client updates
            int packetLength = 54;

            int loginBlock = 11;
            int spaceLength = 7;
            int passwordBlock = 7;

            string md5 = pPacket.ReadStringForLogin(packetLength);
            char[] md5Char = md5.ToCharArray();
            string username = "";
            string clientPassword = "";

            // TODO - Escape these before query processing

            // Read from 0 --> 11
            for (int i = 0; i <= loginBlock; i++)
            username += md5Char[i].ToString().Replace("\0", "");

            Log.WriteLine(LogLevel.Debug, "{0} tries to login.", username);

            // Read from 18 --> onwards
            for (int i = loginBlock + spaceLength; i <= loginBlock + spaceLength + passwordBlock; i++)
            clientPassword += md5Char[i].ToString().Replace("\0", "");

            Log.WriteLine(LogLevel.Debug, "{0} tries to login.", clientPassword);

            DataTable loginData = null;

            using (dbClient)
            loginData = dbClient.ReadDataTable("SELECT * FROM accounts WHERE Username= '******'");

            // Auto account creation if no username found
            if (loginData.Rows.Count == 0) {
            dbClient.ExecuteQuery("INSERT INTO accounts (username, password) VALUES ('" + username + "','" + clientPassword + "')");

            using (dbClient)
            loginData = dbClient.ReadDataTable("SELECT * FROM accounts WHERE Username= '******'");
            }

            if (loginData != null) {
            if (loginData.Rows.Count > 0) {
                foreach (DataRow row in loginData.Rows) {
                    string uIsername = (string)row["username"];
                    string password = (string)row["password"];
                    bool banned = Database.DataStore.ReadMethods.EnumToBool(row["banned"].ToString());

                    if (clientPassword == password) {
                        if (banned) {
                            SendFailedLogin(pClient, ServerError.Blocked);
                            Log.WriteLine(LogLevel.Debug, "Banned user - {0} tries to login.", username);
                        }

                        else if (ClientManager.Instance.IsLoggedIn(uIsername)) {
                            Log.WriteLine(LogLevel.Warn, "{0} is trying dual login. Disconnecting.", uIsername);
                            pClient.Disconnect();

                            break;
                        } else {
                            pClient.Username = uIsername;
                            pClient.IsAuthenticated = true;
                            pClient.Admin = 0; /*(byte)row["Admin"];*/
                            pClient.AccountID = int.Parse(row["id"].ToString());
                            WorldList(pClient, false);
                        }
                    } else
                        SendFailedLogin(pClient, ServerError.InvalidCredentials);
                }
            }
            }
        }