ISL.Server.Account.Account getAccountBySQL(int accountID) { string sql=String.Format("SELECT * FROM {0} WHERE id = {1};", ACCOUNTS_TBL_NAME, accountID); DataTable table=mDb.ExecuteQuery(sql); if(table.Rows.Count==0) return null; // Create an Account instance // and initialize it with information about the user. ISL.Server.Account.Account account=new ISL.Server.Account.Account(accountID); account.setName(table.Rows[0]["username"].ToString()); account.setPassword(table.Rows[0]["password"].ToString()); account.setEmail(table.Rows[0]["email"].ToString()); account.setRegistrationDate(ToDateTime(table.Rows[0]["registration"].ToString())); account.setLastLogin(ToDateTime(table.Rows[0]["lastlogin"].ToString())); int level=Convert.ToInt32(table.Rows[0]["level"]); // Check if the user is permanently banned, or temporarily banned. if(level==(int)AccessLevel.AL_BANNED||DateTime.Now<=ToDateTime(table.Rows[0]["banned"].ToString())) { account.setLevel((int)AccessLevel.AL_BANNED); // It is, so skip character loading. return account; } account.setLevel(level); // Correct on-the-fly the old 0 slot characters // NOTE: Will be deprecated and removed at some point. //fixCharactersSlot(id); // Load the characters associated with the account. sql=String.Format("SELECT id FROM {0} WHERE user_id = '{1}';", CHARACTERS_TBL_NAME, accountID); DataTable charInfo=mDb.ExecuteQuery(sql); if(charInfo.Rows.Count>0) { int size=charInfo.Rows.Count; Dictionary<uint, Character> characters=new Dictionary<uint, Character>(); Logger.Write(LogLevel.Debug, "Account {0} has {1} character(s) in database.", accountID, size); // Two steps: it seems like multiple requests cannot be alive // at the same time. List<uint> characterIDs=new List<uint>(); for(int k = 0;k < size;++k) { characterIDs.Add(Convert.ToUInt32(charInfo.Rows[k]["id"])); } for(int k = 0;k < size;++k) { Character ptr=getCharacter((int)characterIDs[k], account); if(ptr!=null) { characters[ptr.getCharacterSlot()]=ptr; } else { Logger.Write(LogLevel.Error, "Failed to get character {0} for account {1}.", characterIDs[k], accountID); } } account.setCharacters(characters); } return account; }
void handleRegisterMessage(AccountClient client, MessageIn msg) { int clientVersion=msg.readInt32(); string username=msg.readString(); string password=msg.readString(); string email=msg.readString(); string captcha=msg.readString(); MessageOut reply=new MessageOut(Protocol.APMSG_REGISTER_RESPONSE); if(client.status!=AccountClientStatus.CLIENT_LOGIN) { reply.writeInt8((int)ErrorMessage.ERRMSG_FAILURE); } else if(!mRegistrationAllowed) { reply.writeInt8((int)ErrorMessage.ERRMSG_FAILURE); } else if(clientVersion<ManaServ.PROTOCOL_VERSION) { reply.writeInt8((int)Register.REGISTER_INVALID_VERSION); } else if(Program.stringFilter.findDoubleQuotes(username) ||Program.stringFilter.findDoubleQuotes(email) ||username.Length<mMinNameLength ||username.Length>mMaxNameLength ||!Program.stringFilter.isEmailValid(email) ||!Program.stringFilter.filterContent(username)) { reply.writeInt8((int)ErrorMessage.ERRMSG_INVALID_ARGUMENT); } else if(Program.storage.doesUserNameExist(username)) { reply.writeInt8((int)Register.REGISTER_EXISTS_USERNAME); } else if(Program.storage.doesEmailAddressExist(SHA256.HashString(email))) { reply.writeInt8((int)Register.REGISTER_EXISTS_EMAIL); } else if(!checkCaptcha(client, captcha)) { reply.writeInt8((int)Register.REGISTER_CAPTCHA_WRONG); } else { ISL.Server.Account.Account acc=new ISL.Server.Account.Account(); acc.setName(username); acc.setPassword(SHA256.HashString(password)); // We hash email server-side for additional privacy // we ask for it again when we need it and verify it // through comparing it with the hash. acc.setEmail(SHA256.HashString(email)); acc.setLevel((int)AccessLevel.AL_PLAYER); // Set the date and time of the account registration, and the last login DateTime regdate=DateTime.Now; acc.setRegistrationDate(regdate); acc.setLastLogin(regdate); Program.storage.addAccount(acc); reply.writeInt8((int)ErrorMessage.ERRMSG_OK); addServerInfo(reply); // Associate account with connection client.setAccount(acc); client.status=AccountClientStatus.CLIENT_CONNECTED; } client.send(reply); }