protected override void HandleRequest()
{
using (var db = new Database())
{
if (Account == null) BadLogin();
else
{
var cmd = db.CreateQuery();
cmd.CommandText = "SELECT fame FROM stats WHERE accId=@accId;";
cmd.Parameters.AddWithValue("@accId", Account.AccountId);
if ((int)cmd.ExecuteScalar() < 5000) WriteErrorLine("Not enough fame");
else
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE stats set fame = MIN(fame - 5000, 0) WHERE accId=@accId;";
cmd.Parameters.AddWithValue("@accId", Account.AccountId);
if (cmd.ExecuteNonQuery() > 0)
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET maxCharSlot = maxCharSlot + 1 WHERE id=@accId;";
cmd.Parameters.AddWithValue("@accId", Account.AccountId);
if (cmd.ExecuteNonQuery() > 0) Success();
else WriteErrorLine("Internal Error");
}
else WriteErrorLine("Internal Error");
}
}
}
}
protected override void HandleRequest()
{
using (var db = new Database())
{
var acc = db.Verify(Query["guid"], Query["password"]);
byte[] status;
if (acc == null)
{
status = Encoding.UTF8.GetBytes("<Error>Bad login</Error>");
}
else
{
var cmd = db.CreateQuery();
object exescala;
cmd.CommandText = "SELECT COUNT(name) FROM accounts WHERE name=@name;";
cmd.Parameters.AddWithValue("@name", Query["name"]);
exescala = cmd.ExecuteScalar();
if (int.Parse(exescala.ToString()) > 0)
status = Encoding.UTF8.GetBytes("<Error>Duplicated name</Error>");
else
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET name=@name, namechosen=TRUE WHERE id=@accId;";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
cmd.Parameters.AddWithValue("@name", Query["name"]);
if (cmd.ExecuteNonQuery() != 0)
status = Encoding.UTF8.GetBytes("<Success />");
else
status = Encoding.UTF8.GetBytes("<Error>Internal error</Error>");
}
}
Context.Response.OutputStream.Write(status, 0, status.Length);
}
}
private bool ParseContents(Account acc, string json)
{
try
{
using (var db = new Database())
{
var code = GiftCode.FromJson(json);
if (code == null) return false;
var cmd = db.CreateQuery();
if (code.Gifts.Count > 0)
{
List<int> gifts = acc.Gifts;
foreach (var i in code.Gifts)
gifts.Add(i);
cmd = db.CreateQuery();
cmd.CommandText =
"UPDATE accounts SET gifts=@gifts WHERE uuid=@uuid AND password=SHA1(@password);";
cmd.Parameters.AddWithValue("@gifts", Utils.GetCommaSepString<int>(gifts.ToArray()));
cmd.Parameters.AddWithValue("@uuid", Query["guid"]);
cmd.Parameters.AddWithValue("@password", Query["password"]);
cmd.ExecuteNonQuery();
}
if (code.CharSlots > 0)
{
cmd = db.CreateQuery();
cmd.CommandText =
"UPDATE accounts SET maxCharSlot=maxCharSlot + @amount WHERE uuid=@uuid AND password=SHA1(@password);";
cmd.Parameters.AddWithValue("@amount", code.CharSlots);
cmd.Parameters.AddWithValue("@uuid", Query["guid"]);
cmd.Parameters.AddWithValue("@password", Query["password"]);
cmd.ExecuteNonQuery();
}
if (code.VaultChests > 0)
for (int j = 0; j < code.VaultChests; j++)
db.CreateChest(acc);
if (code.Gold > 0)
db.UpdateCredit(acc, code.Gold);
if (code.Fame > 0)
db.UpdateFame(acc, code.Fame);
}
}
catch (Exception)
{
return false;
}
return true;
}
protected override void HandleRequest()
{
using (Database db = new Database())
{
Account acc = db.GetAccount(Query["accountId"], Program.GameData);
Char chr = db.LoadCharacter(acc, int.Parse(Query["charId"]));
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText = @"SELECT time, killer, firstBorn FROM death WHERE accId=@accId AND chrId=@charId;";
cmd.Parameters.AddWithValue("@accId", Query["accountId"]);
cmd.Parameters.AddWithValue("@charId", Query["charId"]);
int time;
string killer;
bool firstBorn;
using (MySqlDataReader rdr = cmd.ExecuteReader())
{
rdr.Read();
time = Database.DateTimeToUnixTimestamp(rdr.GetDateTime("time"));
killer = rdr.GetString("killer");
firstBorn = rdr.GetBoolean("firstBorn");
}
using (StreamWriter wtr = new StreamWriter(Context.Response.OutputStream))
wtr.Write(chr.FameStats.Serialize(Program.GameData, acc, chr, time, killer, firstBorn));
}
}
public bool IsUserInLegends()
{
//Week
using (var db = new Database())
{
var cmd = db.CreateQuery();
cmd.CommandText = "SELECT * FROM death WHERE (time >= DATE_SUB(NOW(), INTERVAL 1 WEEK)) ORDER BY totalFame DESC LIMIT 10;";
using (var rdr = cmd.ExecuteReader())
while (rdr.Read())
if (rdr.GetString("accId") == AccountId) return true;
}
//Month
using (var db = new Database())
{
var cmd = db.CreateQuery();
cmd.CommandText = "SELECT * FROM death WHERE (time >= DATE_SUB(NOW(), INTERVAL 1 MONTH)) ORDER BY totalFame DESC LIMIT 10;";
using (var rdr = cmd.ExecuteReader())
while (rdr.Read())
if (rdr.GetString("accId") == AccountId) return true;
}
//All Time
using (var db = new Database())
{
var cmd = db.CreateQuery();
cmd.CommandText = "SELECT * FROM death WHERE TRUE ORDER BY totalFame DESC LIMIT 10;";
using (var rdr = cmd.ExecuteReader())
while (rdr.Read())
if (rdr.GetString("accId") == AccountId) return true;
}
return false;
}
protected override void HandleRequest()
{
using (Database db = new Database())
{
string authKey = Database.GenerateRandomString(128);
var cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET authToken=@authToken WHERE uuid=@email;";
cmd.Parameters.AddWithValue("@authToken", authKey);
cmd.Parameters.AddWithValue("@email", Query["guid"]);
if (cmd.ExecuteNonQuery() == 1)
{
MailMessage message = new MailMessage();
message.To.Add(Query["guid"]);
message.Subject = "Forgot Password";
message.From = new MailAddress(Program.Settings.GetValue<string>("serverEmail", ""), "Forgot Passowrd");
message.Body = emailBody.
Replace("{RPLINK}", String.Format("{0}/{1}{2}", Program.Settings.GetValue<string>("serverDomain", "localhost"), "account/resetPassword?authToken=", authKey)).
Replace("{SUPPORTLINK}", String.Format("{0}", Program.Settings.GetValue<string>("supportLink", "localhost"))).
Replace("{SERVERDOMAIN}", Program.Settings.GetValue<string>("serverDomain", "localhost"));
Program.SendEmail(message, true);
}
else
using (StreamWriter wtr = new StreamWriter(Context.Response.OutputStream))
wtr.Write("<Error>Error.accountNotFound</Error>");
}
}
protected override void HandleRequest()
{
StreamWriter wtr = new StreamWriter(Context.Response.OutputStream);
if (Query.AllKeys.Length > 0)
{
using (Database db = new Database())
{
Account acc = db.Verify(Query["guid"], Query["password"], Program.GameData);
if (CheckAccount(acc, db, false))
{
foreach (ItemCostItem item in Prices)
{
if (item.Type == Query["skinType"] && item.Puchasable == 1)
{
if (!acc.OwnedSkins.Contains(int.Parse(Query["skinType"])))
{
acc.OwnedSkins.Add(int.Parse(Query["skinType"]));
db.UpdateCredit(acc, -item.Price);
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText =
"UPDATE accounts SET ownedSkins=@ownedSkins WHERE uuid=@uuid AND password=SHA1(@password)";
cmd.Parameters.AddWithValue("@ownedSkins",
Utils.GetCommaSepString(acc.OwnedSkins.ToArray()));
cmd.Parameters.AddWithValue("@uuid", Query["guid"]);
cmd.Parameters.AddWithValue("@password", Query["password"]);
if (cmd.ExecuteNonQuery() == 0)
wtr.WriteLine("<Error>Unable to purchase</Error>");
}
}
}
}
}
}
}
public string GetGuildName(int accId)
{
try
{
using (Database db1 = new Database())
{
var cmd = db1.CreateQuery();
cmd.CommandText = "SELECT * FROM guilds";
var rdr = cmd.ExecuteReader();
while (rdr.Read())
{
string members = rdr.GetString("members");
if (members.ToString().Contains("," + accId.ToString() + ","))
{
return(rdr.GetString("name"));
}
else
{
return("");
}
}
return("");
}
}
catch
{
Console.WriteLine("Error retrieving guild name: check Player.cs");
return("");
}
}
protected override void HandleRequest()
{
using (Database db = new Database())
{
try
{
Account acc = db.Verify(Query["guid"], Query["password"], Program.GameData);
string classType = Program.GameData.ObjectTypeToId[ushort.Parse(Query["classType"])];
if (CheckAccount(acc, db))
{
int price = Program.GameData.ObjectDescs[ushort.Parse(Query["classType"])].UnlockCost;
if (acc.Credits < price) return;
db.UpdateCredit(acc, -price);
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText =
"UPDATE unlockedclasses SET available='unrestricted' WHERE accId=@accId AND class=@class;";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
cmd.Parameters.AddWithValue("@class", classType);
cmd.ExecuteNonQuery();
}
}
catch (Exception e)
{
using (StreamWriter wtr = new StreamWriter(Context.Response.OutputStream))
{
wtr.WriteLine("<Error>Invalid classType");
wtr.Flush();
wtr.WriteLine(e);
}
}
}
}
public PetItem GetPet(int petId, Account acc)
{
using (Database db = new Database())
{
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText = "SELECT * FROM pets WHERE petId=@petId AND accId=@accId";
cmd.Parameters.AddWithValue("@petId", petId);
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
using (MySqlDataReader rdr = cmd.ExecuteReader())
{
while (rdr.Read())
{
return(new PetItem
{
Abilities = GetPetAbilities(rdr),
Rarity = rdr.GetInt32("rarity"),
MaxAbilityPower = rdr.GetInt32("maxLevel"),
InstanceId = petId,
SkinName = rdr.GetString("skinName"),
Skin = rdr.GetInt32("skin"),
Type = rdr.GetInt32("objType")
});
}
}
}
return(null);
}
public override void HandleRequest(HttpListenerContext context)
{
NameValueCollection query;
using (var rdr = new StreamReader(context.Request.InputStream))
query = HttpUtility.ParseQueryString(rdr.ReadToEnd());
using (var db = new Database(Program.Settings.GetValue("conn")))
{
Account acc = db.Verify(query["guid"], query["password"]);
byte[] status;
if (acc == null)
{
status = Encoding.UTF8.GetBytes("<Error>Account credentials not valid</Error>");
}
else
{
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText = "SELECT beginnerPackageTimeLeft FROM accounts WHERE uuid=@uuid";
cmd.Parameters.AddWithValue("@uuid", query["guid"]);
object result = cmd.ExecuteScalar();
status = Encoding.UTF8.GetBytes("<BeginnerPackageTimeLeft>" + result + "</BeginnerPackageTimeLeft>");
}
context.Response.OutputStream.Write(status, 0, status.Length);
}
}
protected override void HandleRequest()
{
using (Database db = new Database())
{
Account acc = db.Verify(Query["guid"], Query["password"], Program.GameData);
if (CheckAccount(acc, db))
{
if (acc.VerifiedEmail || !Program.Settings.GetValue<bool>("verifyEmail")) return;
string authKey = Database.GenerateRandomString(128);
var cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET uuid=@newGuid, authToken=@newAuthToken WHERE uuid=@oldGuid;";
cmd.Parameters.AddWithValue("@newGuid", Query["newGuid"]);
cmd.Parameters.AddWithValue("@newAuthToken", authKey);
cmd.Parameters.AddWithValue("@oldGuid", Query["guid"]);
cmd.Parameters.AddWithValue("@password", Query["password"]);
cmd.ExecuteNonQuery();
MailMessage message = new MailMessage();
message.To.Add(Query["newGuid"]);
message.IsBodyHtml = true;
message.Subject = "Please verify your account.";
message.From = new MailAddress(Program.Settings.GetValue<string>("serverEmail", ""));
message.Body = "<center>Please verify your email via this <a href=\"" + Program.Settings.GetValue<string>("serverDomain", "localhost") + "/account/validateEmail?authToken=" + authKey + "\" target=\"_blank\">link</a>.</center>";
Program.SendEmail(message, true);
}
}
}
private List<globalNews_struct> GetGlobalNews(Database db)
{
List<globalNews_struct> ret = new List<globalNews_struct>();
var cmd = db.CreateQuery();
cmd.CommandText = "SELECT * FROM globalNews WHERE endTime >= now();";
using (var rdr = cmd.ExecuteReader())
{
while (rdr.Read())
{
ret.Add(new globalNews_struct
{
slot = rdr.GetInt32("slot"),
linkType = rdr.GetInt32("linkType"),
title = rdr.GetString("title"),
image = rdr.GetString("image"),
priority = rdr.GetInt32("priority"),
linkDetail = rdr.GetString("linkDetail"),
platform = rdr.GetString("platform"),
startTime = long.Parse(Database.DateTimeToUnixTimestamp(rdr.GetDateTime("startTime")).ToString() + "000"),
endTime = long.Parse(Database.DateTimeToUnixTimestamp(rdr.GetDateTime("endTime")).ToString() + "000")
});
}
}
return ret;
}
public void HandleRequest(HttpListenerContext context)
{
NameValueCollection query;
using (StreamReader rdr = new StreamReader(context.Request.InputStream))
query = HttpUtility.ParseQueryString(rdr.ReadToEnd());
using (var db = new Database())
{
var acc = db.Verify(query["guid"], query["password"]);
byte[] status;
if (acc == null)
{
status = Encoding.UTF8.GetBytes("<Error>Bad login</Error>");
}
else
{
var cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET password=SHA1(@password) WHERE id=@accId;";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
cmd.Parameters.AddWithValue("@password", query["newPassword"]);
if (cmd.ExecuteNonQuery() > 0)
status = Encoding.UTF8.GetBytes("<Success />");
else
status = Encoding.UTF8.GetBytes("<Error>Internal error</Error>");
}
context.Response.OutputStream.Write(status, 0, status.Length);
}
}
protected override void HandleRequest()
{
using (var db = new Database())
{
if (!IsUsername(Query["newGUID"])) WriteErrorLine("Invalid Username");
else
{
if (db.HasUuid(Query["guid"]) && db.Verify(Query["guid"], "") != null)
{
if (db.HasUuid(Query["newGUID"])) WriteErrorLine("Username is already taken");
else
{
var cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET uuid=@newUuid, name=@newUuid, password=SHA1(@password), guest=FALSE WHERE uuid=@uuid, name=@name;";
cmd.Parameters.AddWithValue("@uuid", Query["guid"]);
cmd.Parameters.AddWithValue("@newUuid", Query["newGUID"]);
cmd.Parameters.AddWithValue("@password", Query["newPassword"]);
if (cmd.ExecuteNonQuery() > 0) Success();
else WriteErrorLine("Internal Error");
}
}
else
{
if (db.Register(Query["newGUID"], Query["newPassword"], false) != null) Success();
else WriteErrorLine("Internal Error");
}
}
}
}
protected override void HandleRequest()
{
using (Database db = new Database())
{
string jsonCode = String.Empty;
string status = "Invalid code.";
var cmd = db.CreateQuery();
cmd.CommandText = "SELECT * FROM giftCodes WHERE code=@code";
cmd.Parameters.AddWithValue("@code", Query["code"]);
using (var rdr = cmd.ExecuteReader())
while (rdr.Read())
jsonCode = rdr.GetString("content");
var list = ParseContents(jsonCode);
if (list.Count > 0)
{
status = String.Empty;
foreach (var i in list)
status += (i + "</br>");
}
byte[] res = new byte[0];
if (status.IsNullOrWhiteSpace() || status == "Invalid code.")
{
res = Encoding.UTF8.GetBytes(
$@"<html>
<head>
<title>Check Giftcode</title>
</head>
<body style='background: #333333'>
<h1 style='color: #EEEEEE; text-align: center'>
{status}
</h1>
</body>
</html>");
}
else
{
res = Encoding.UTF8.GetBytes(
$@"<html>
<head>
<title>Check Giftcode</title>
</head>
<body style='background: #333333'>
<h1 style='color: #EEEEEE; text-align: center'>
Your Giftcode contains the following Items:
</h1>
<h3 style='color: #EEEEEE; text-align: center'>
{status}
</h3>
</body>
</html>");
}
Context.Response.OutputStream.Write(res, 0, res.Length);
}
}
public override void HandleRequest(HttpListenerContext context)
{
NameValueCollection query;
using (var rdr = new StreamReader(context.Request.InputStream))
query = HttpUtility.ParseQueryString(rdr.ReadToEnd());
using (var db = new Database(Program.Settings.GetValue("conn")))
{
Account acc = db.Verify(query["guid"], query["password"]);
int charSlots = db.MaxCharSlotPrice(query["guid"]);
byte[] status;
if (acc == null)
{
status = Encoding.UTF8.GetBytes("<Error>Account credentials not valid</Error>");
}
else
{
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText = "SELECT fame FROM stats WHERE accId=@accId;";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
if ((int) cmd.ExecuteScalar() < charSlots)
status = Encoding.UTF8.GetBytes("<Error>Not enough fame</Error>");
else
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE stats SET fame = fame - @price WHERE accId=@accId";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
cmd.Parameters.AddWithValue("@price", charSlots);
if (cmd.ExecuteNonQuery() > 0)
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET maxCharSlot = maxCharSlot + 1 WHERE id=@accId";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
if (cmd.ExecuteNonQuery() > 0)
status = Encoding.UTF8.GetBytes("<Success/>");
else
status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>");
}
else
status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>");
}
}
context.Response.OutputStream.Write(status, 0, status.Length);
}
}
public override void HandleRequest(HttpListenerContext context)
{
NameValueCollection query;
using (var rdr = new StreamReader(context.Request.InputStream))
query = HttpUtility.ParseQueryString(rdr.ReadToEnd());
using (var db = new Database(Program.Settings.GetValue("conn")))
{
Account acc = db.Verify(query["guid"], query["password"]);
byte[] status;
if (acc == null)
{
status = Encoding.UTF8.GetBytes("<Error>Account credentials not valid</Error>");
}
else
{
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText = "SELECT COUNT(name) FROM accounts WHERE name=@name;";
cmd.Parameters.AddWithValue("@name", query["name"]);
if ((int) (long) cmd.ExecuteScalar() > 0)
status = Encoding.UTF8.GetBytes("<Error>Duplicate username</Error>");
else if (query["name"].Length < 3)
{
status = Encoding.UTF8.GetBytes("<Error>Name too short, minimum 3 letters</Error>");
}
else if (query["name"].Contains(" "))
{
status = Encoding.UTF8.GetBytes("<Error>Cannot have spaces in username</Error>");
}
else
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET name=@name, namechosen=TRUE WHERE id=@accId;";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
cmd.Parameters.AddWithValue("@name", query["name"]);
if (cmd.ExecuteNonQuery() > 0)
status = Encoding.UTF8.GetBytes("<Success />");
else
status = Encoding.UTF8.GetBytes("<Error>Internal error</Error>");
}
}
context.Response.OutputStream.Write(status, 0, status.Length);
}
}
public void HandleRequest(HttpListenerContext context)
{
string status;
using (var db = new Database())
{
var query = HttpUtility.ParseQueryString(context.Request.Url.Query);
var cmd = db.CreateQuery();
cmd.CommandText = "SELECT id FROM accounts WHERE uuid=@uuid";
cmd.Parameters.AddWithValue("@uuid", query["guid"]);
object id = cmd.ExecuteScalar();
if (id != null)
{
int amount = int.Parse(query["jwt"]);
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE stats SET credits = credits + @amount WHERE accId=@accId";
cmd.Parameters.AddWithValue("@accId", (int)id);
cmd.Parameters.AddWithValue("@amount", amount);
int result = (int)cmd.ExecuteNonQuery();
if (result > 0)
status = "Your purchase was successful!";
else if (result == -1)
status = "Your purchase was successful!";
else
status = "Internal error!";
}
else
status = "Account does not exist!";
}
var res = Encoding.UTF8.GetBytes(
@"<html>
<head>
<title>Purchase!</title>
</head>
<body style='background: #333333'>
<h1 style='color: #EEEEEE; text-align: center'>
" + status + @"
</h1>
</body>
</html>");
context.Response.OutputStream.Write(res, 0, res.Length);
}
public void HandleRequest(HttpListenerContext context)
{
NameValueCollection query;
using (StreamReader rdr = new StreamReader(context.Request.InputStream))
query = HttpUtility.ParseQueryString(rdr.ReadToEnd());
using (var db = new Database())
{
var acc = db.Verify(query["guid"], query["password"]);
byte[] status;
if (acc == null)
{
status = Encoding.UTF8.GetBytes("<Error>Bad login</Error>");
}
else
{
var cmd = db.CreateQuery();
cmd.CommandText = "SELECT credits FROM stats WHERE accId=@accId;";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
if ((int)cmd.ExecuteScalar() < 100)
status = Encoding.UTF8.GetBytes("<Error>Not enough credits</Error>");
else
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE stats SET credits = credits - 100 WHERE accId=@accId";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
if ((int)cmd.ExecuteNonQuery() > 0)
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET maxCharSlot = maxCharSlot + 1 WHERE id=@accId";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
if ((int)cmd.ExecuteNonQuery() > 0)
status = Encoding.UTF8.GetBytes("<Success/>");
else
status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>");
}
else
status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>");
}
}
context.Response.OutputStream.Write(status, 0, status.Length);
}
}
public void HandleRequest(HttpListenerContext context)
{
string status;
using (var db = new Database())
{
NameValueCollection query = HttpUtility.ParseQueryString(context.Request.Url.Query);
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText = "SELECT id FROM accounts WHERE uuid=@uuid";
cmd.Parameters.AddWithValue("@uuid", query["guid"]);
object id = cmd.ExecuteScalar();
if (id != null)
{
try
{
//int amount = int.Parse(query["jwt"]);
//cmd = db.CreateQuery();
//cmd.CommandText = "UPDATE stats SET credits = credits + @amount WHERE accId=@accId";
//cmd.Parameters.AddWithValue("@accId", (int)id);
//cmd.Parameters.AddWithValue("@amount", amount);
//int result = cmd.ExecuteNonQuery();
//if (result > 0)
// status = "Ya done...";
//else
// status = "Internal error :(";
status = "Yeah... We kind of fixed this...";
}
catch
{
status = "Yeah... We kind of fixed this...";
}
}
else
{
status = "Yeah... We kind of fixed this...";
}
db.Dispose();
}
byte[] res = Encoding.UTF8.GetBytes(
@"<html>
<head>
<title>Nope</title>
<script>window.close();</script>
</head>
<body style='background: #333333'>
<h1 style='color: #EEEEEE; text-align: center'>
" + status + @"
</h1>
</body>
</html>");
context.Response.OutputStream.Write(res, 0, res.Length);
}
protected override void HandleRequest()
{
string result = "";
using (Database dbx = new Database())
{
Account acc = dbx.Verify(Query["guid"], Query["password"], Program.GameData);
if (String.IsNullOrEmpty(Query["guid"]) ||
String.IsNullOrEmpty(Query["password"]) ||
String.IsNullOrEmpty(Query["type"]) ||
acc == null)
{
Context.Response.StatusCode = 400;
result = "<Error>Invalid GUID/password combination</Error>";
}
else
{
string[][] ranks = dbx.GetArenaLeaderboards(Query["type"], acc);
result += "<ArenaRecords>";
foreach (string[] i in ranks)
{
MySqlCommand cmd = dbx.CreateQuery();
cmd.CommandText = "select skin, tex1, tex2, items, charType, petId from characters where charid = @charid";
cmd.Parameters.AddWithValue("@charid", i[2]);
string skin, tex1, tex2, inventory, cclass, petid;
skin = tex1 = tex2 = inventory = cclass = petid = null;
using (MySqlDataReader drdr = cmd.ExecuteReader())
{
while (drdr.Read())
{
skin = drdr.GetString("skin");
tex1 = drdr.GetString("tex1");
tex2 = drdr.GetString("tex2");
inventory = drdr.GetString("items");
cclass = drdr.GetString("charType");
petid = drdr.GetString("petId");
}
}
var _pet = dbx.GetPet(int.Parse(petid), acc);
result += $"<Record><WaveNumber>{i[0]}</WaveNumber><Time>{i[4]}</Time><PlayData><CharacterData>";
if (acc.Guild.Name != null) result += $@"<GuildName>{acc.Guild.Name}</GuildName><GuildRank>{acc.Guild.Rank}</GuildRank>";
result += $"<Id>{i[2]}</Id><Texture>{skin}</Texture><Tex1>{tex1}</Tex1><Tex2>{tex2}</Tex2><Inventory>{inventory}</Inventory><Name>{acc.Name}</Name><Class>{cclass}</Class></CharacterData>";
result += "<Pet name=\"" + _pet.SkinName + "\" type=\"" + _pet.Type + "\" instanceId=\"" + _pet.InstanceId + "\" rarity=\"" + _pet.Rarity + "\" maxAbilityPower=\"" + _pet.MaxAbilityPower + "\" skin=\"" + _pet.Skin + "\" family=\"" + "Farm" + "\"><Abilities>";
for (int e = 0; e < 3; e++)
result += "<Ability type=\"" + _pet.Abilities[e].Type + "\" power=\"" + _pet.Abilities[e].Power + "\" points=\"" + _pet.Abilities[e].Points + "\"/>";
result += "</Abilities></Pet></PlayData></Record>";
}
result += "</ArenaRecords>";
}
}
byte[] buf = Encoding.UTF8.GetBytes(result);
Context.Response.ContentType = "text/*";
Context.Response.OutputStream.Write(buf, 0, buf.Length);
}
protected override void HandleRequest()
{
string status;
using (var db = new Database())
{
var cmd = db.CreateQuery();
cmd.CommandText = "SELECT id FROM accounts WHERE uuid=@uuid";
cmd.Parameters.AddWithValue("@uuid", Query["guid"]);
object id = cmd.ExecuteScalar();
if (id != null)
{
int amount = int.Parse(Query["jwt"]);
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE stats SET credits = credits + @amount WHERE accId=@accId";
cmd.Parameters.AddWithValue("@accId", (int)id);
cmd.Parameters.AddWithValue("@amount", amount);
int result = (int)cmd.ExecuteNonQuery();
if (result > 0)
status = "Ya done...";
else
status = "Internal error :(";
}
else
status = "Account not exists :(";
}
var res = Encoding.UTF8.GetBytes(
@"<html>
<head>
<title>Ya...</title>
</head>
<body style='background: #333333'>
<h1 style='color: #EEEEEE; text-align: center'>
" + status + @"
</h1>
</body>
</html>");
Context.Response.OutputStream.Write(res, 0, res.Length);
}
protected override void HandleRequest()
{
using (Database db = new Database())
{
Account acc = db.Verify(Query["guid"], Query["password"], Program.GameData);
byte[] status = new byte[0];
if (CheckAccount(acc, db))
{
if (!acc.NameChosen)
{
if (Regex.IsMatch(Query["name"], @"^[a-zA-Z]+$"))
{
MySqlCommand cmd = db.CreateQuery();
object exescala;
cmd.CommandText = "SELECT COUNT(name) FROM accounts WHERE name=@name;";
cmd.Parameters.AddWithValue("@name", Query["name"]);
exescala = cmd.ExecuteScalar();
if (int.Parse(exescala.ToString()) > 0)
status = Encoding.UTF8.GetBytes("<Error>Duplicated name</Error>");
else
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET name=@name, namechosen=TRUE WHERE id=@accId;";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
cmd.Parameters.AddWithValue("@name", Query["name"]);
if (cmd.ExecuteNonQuery() != 0)
status = Encoding.UTF8.GetBytes("<Success />");
else
status = Encoding.UTF8.GetBytes("<Error>Internal error</Error>");
}
}
else
status = Encoding.UTF8.GetBytes("<Error>Invalid name</Error>");
}
else
status = Encoding.UTF8.GetBytes("<Error>You have already a name</Error>");
}
Context.Response.OutputStream.Write(status, 0, status.Length);
}
}
public override void HandleRequest(HttpListenerContext context)
{
NameValueCollection query;
using (var rdr = new StreamReader(context.Request.InputStream))
query = HttpUtility.ParseQueryString(rdr.ReadToEnd());
using (var db = new Database(Program.Settings.GetValue("conn")))
{
byte[] status;
if (!IsUsername(query["newGUID"]))
status = Encoding.UTF8.GetBytes("<Error>Invalid username</Error>");
else
{
if (db.HasUuid(query["guid"]) &&
db.Verify(query["guid"], "") != null)
{
if (db.HasUuid(query["newGUID"]))
status = Encoding.UTF8.GetBytes("<Error>Duplicate username</Error>");
else if (db.HasEmail(query["email"]))
status = Encoding.UTF8.GetBytes("<Error>Duplicate email</Error>");
else
{
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText =
"UPDATE accounts SET uuid=@newUuid, password=SHA1(@password), email=@email, guest=FALSE WHERE uuid=@uuid;";
cmd.Parameters.AddWithValue("@uuid", query["guid"]);
cmd.Parameters.AddWithValue("@newUuid", query["newGUID"]);
cmd.Parameters.AddWithValue("@password", query["newPassword"]);
cmd.Parameters.AddWithValue("@email", query["email"]);
if (cmd.ExecuteNonQuery() > 0)
status = Encoding.UTF8.GetBytes("<Success />");
else
status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>");
}
}
else
{
if (db.HasUuid(query["newGUID"])) {
status = Encoding.UTF8.GetBytes("<Error>Duplicate username</Error>");
} else if (db.HasEmail(query["email"])) {
status = Encoding.UTF8.GetBytes("<Error>Duplicate email</Error>");
} else {
if (db.Register(query["newGUID"], query["newPassword"], query["email"], false) != null)
status = Encoding.UTF8.GetBytes("<Success />");
else
status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>");
}
}
}
context.Response.OutputStream.Write(status, 0, status.Length);
}
}
protected override void HandleRequest()
{
using (var db = new Database())
{
var acc = db.Verify(Query["guid"], Query["password"]);
byte[] status;
if (acc == null)
{
status = Encoding.UTF8.GetBytes("<Error>Bad login</Error>");
}
else
{
var cmd = db.CreateQuery();
cmd.CommandText = "SELECT fame FROM stats WHERE accId=@accId;";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
if ((int)cmd.ExecuteScalar() < 0)
status = Encoding.UTF8.GetBytes("<Error>Not enough fame</Error>");
else
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE stats SET fame = fame - 0 WHERE accId=@accId";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
if ((int)cmd.ExecuteNonQuery() > 0)
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET maxCharSlot = maxCharSlot + 1 WHERE id=@accId";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
if ((int)cmd.ExecuteNonQuery() > 0)
status = Encoding.UTF8.GetBytes("<Success/>");
else
status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>");
}
else
status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>");
}
}
Context.Response.OutputStream.Write(status, 0, status.Length);
}
}
protected override void HandleRequest()
{
using (Database db = new Database())
{
string code = Query["code"];
Account acc = Query["data"] != null ? AccountDataHelper.GetAccountGiftCodeData(HttpUtility.UrlDecode(Query["data"], Encoding.UTF8)).GetGiftCode(out code).GetAccount(Program.GameData) : db.Verify(Query["guid"], Query["password"], Program.GameData);
if (CheckAccount(acc, db, false))
{
string contents = String.Empty;
var cmd = db.CreateQuery();
cmd.CommandText = "SELECT * FROM giftCodes WHERE code=@code";
cmd.Parameters.AddWithValue("@code", code);
using (var rdr = cmd.ExecuteReader())
{
if (!rdr.HasRows)
{
Context.Response.Redirect("../InvalidGiftCode.html");
return;
}
while(rdr.Read())
contents = rdr.GetString("content");
}
if (ParseContents(acc, contents))
{
Context.Response.Redirect("../GiftCodeSuccess.html");
cmd = db.CreateQuery();
cmd.CommandText = "DELETE FROM giftCodes WHERE code=@code";
cmd.Parameters.AddWithValue("@code", code);
cmd.ExecuteNonQuery();
}
else
Context.Response.Redirect("../InvalidGiftCode.html");
}
}
}
public void HandleRequest(HttpListenerContext context)
{
NameValueCollection query;
using (var rdr = new StreamReader(context.Request.InputStream))
query = HttpUtility.ParseQueryString(rdr.ReadToEnd());
using (var db = new Database())
{
Account acc = db.Verify(query["guid"], query["password"]);
byte[] status;
if (acc == null)
{
status = Encoding.UTF8.GetBytes("<Error>Bad login</Error>");
}
else
{
MySqlCommand cmd = db.CreateQuery();
object exescala;
cmd.CommandText = "SELECT COUNT(name) FROM accounts WHERE name=@name;";
cmd.Parameters.AddWithValue("@name", query["name"]);
exescala = cmd.ExecuteScalar();
if (int.Parse(exescala.ToString()) > 0)
status = Encoding.UTF8.GetBytes("<Error>Duplicated name</Error>");
else
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET name=@name, namechosen=TRUE WHERE id=@accId;";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
cmd.Parameters.AddWithValue("@name", query["name"]);
if (cmd.ExecuteNonQuery() != 0)
status = Encoding.UTF8.GetBytes("<Success />");
else
status = Encoding.UTF8.GetBytes("<Error>Internal error</Error>");
}
}
context.Response.OutputStream.Write(status, 0, status.Length);
db.Dispose();
}
}
public override void HandleRequest(HttpListenerContext context)
{
string status;
using (var db = new Database(Program.Settings.GetValue("conn")))
{
NameValueCollection query = HttpUtility.ParseQueryString(context.Request.Url.Query);
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText = "SELECT id FROM accounts WHERE uuid=@uuid";
cmd.Parameters.AddWithValue("@uuid", query["guid"]);
object id = cmd.ExecuteScalar();
/*if (id != null)
{
int amount = int.Parse(query["jwt"]);
if (amount > 0)
{
cmd.CommandText = "UPDATE stats SET totalCredits = totalCredits + @amount WHERE accId=@accId;";
cmd.Parameters.AddWithValue("@accId", (int) id);
cmd.Parameters.AddWithValue("@amount", amount);
cmd.ExecuteNonQuery();
}
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE stats SET credits = credits + @amount WHERE accId=@accId";
cmd.Parameters.AddWithValue("@accId", (int) id);
cmd.Parameters.AddWithValue("@amount", amount);
int result = cmd.ExecuteNonQuery();
if (result > 0)
status = "Ya done...";
else
status = "Internal error :(";
}
else
status = "Account not exists :(";*/
status = "Feature has been disabled";
}
byte[] res = Encoding.UTF8.GetBytes(
@"<html>
<head>
<title>Ya...</title>
</head>
<body style='background: #333333'>
<h1 style='color: #EEEEEE; text-align: center'>
" + status + @"
</h1>
</body>
</html>");
context.Response.OutputStream.Write(res, 0, res.Length);
}
protected override void HandleRequest()
{
using (var db = new Database())
{
if (Account == null) BadLogin();
else
{
var cmd = db.CreateQuery();
cmd.CommandText = "SELECT COUNT(name) FROM accounts WHERE name=@name;";
cmd.Parameters.AddWithValue("@name", Query["name"]);
if ((int)cmd.ExecuteScalar() > 0) WriteErrorLine("Duplicated name");
else
{
cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET name=@name, namechosen=1 WHERE id=@accId";
cmd.Parameters.AddWithValue("@accId", Account.AccountId);
cmd.Parameters.AddWithValue("@name", Query["name"]);
if (cmd.ExecuteNonQuery() != 0) Success();
else WriteErrorLine("Internal Error");
}
}
}
}
public bool isTopAll(Account acc)
{
using (Database dbx = new Database())
{
var cmd = dbx.CreateQuery();
cmd.CommandText = "SELECT accId FROM death WHERE TRUE ORDER BY totalFame DESC LIMIT 10";
var rdr = cmd.ExecuteReader();
while (rdr.Read())
{
if (rdr.GetInt32("accId") == acc.AccountId)
{
return(true);
}
}
return(false);
}
}
public bool isTopMonth(Account acc)
{
using (Database dbx = new Database())
{
var cmd = dbx.CreateQuery();
cmd.CommandText = "SELECT accId FROM death WHERE (time >= DATE_SUB(NOW(), INTERVAL 1 MONTH)) ORDER BY totalFame DESC LIMIT 10";
var rdr = cmd.ExecuteReader();
while (rdr.Read())
{
if (rdr.GetInt32("accId") == acc.AccountId)
{
return(true);
}
}
return(false);
}
}
public string GetGuildNameByID(int guildId)
{
try
{
using (Database dbz = new Database())
{
var cmd = dbz.CreateQuery();
cmd.CommandText = "SELECT name FROM guilds WHERE id=@id";
cmd.Parameters.AddWithValue("@id", guildId);
object scalar = cmd.ExecuteScalar();
return(scalar.ToString());
}
}
catch
{
return("");
}
}
public override void HandleRequest(HttpListenerContext context)
{
NameValueCollection query;
using (var rdr = new StreamReader(context.Request.InputStream))
query = HttpUtility.ParseQueryString(rdr.ReadToEnd());
using (var db = new Database(Program.Settings.GetValue("conn")))
{
Account acc = db.Verify(query["guid"], query["password"]);
byte[] status;
if (acc == null)
status = Encoding.UTF8.GetBytes("<Error>Account credentials not valid</Error>");
else
{
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText = @"DELETE FROM characters WHERE accId = @accId AND charId = @charId;";
cmd.Parameters.AddWithValue("@accId", acc.AccountId);
cmd.Parameters.AddWithValue("@charId", query["charId"]);
if (cmd.ExecuteNonQuery() > 0)
status = Encoding.UTF8.GetBytes("<Success />");
else
status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>");
}
context.Response.OutputStream.Write(status, 0, status.Length);
}
}
public void HandleRequest(HttpListenerContext context)
{
NameValueCollection query;
using (StreamReader rdr = new StreamReader(context.Request.InputStream))
query = HttpUtility.ParseQueryString(rdr.ReadToEnd());
using (var db = new Database())
{
var acc = db.GetAccount(int.Parse(query["accountId"]));
var chr = db.LoadCharacter(acc, int.Parse(query["charId"]));
var cmd = db.CreateQuery();
cmd.CommandText = @"SELECT time, killer, firstBorn FROM death WHERE accId=@accId AND chrId=@charId;";
cmd.Parameters.AddWithValue("@accId", query["accountId"]);
cmd.Parameters.AddWithValue("@charId", query["charId"]);
int time;
string killer;
bool firstBorn;
using (var rdr = cmd.ExecuteReader())
{
rdr.Read();
time = Database.DateTimeToUnixTimestamp(rdr.GetDateTime("time"));
killer = rdr.GetString("killer");
firstBorn = rdr.GetBoolean("firstBorn");
}
using (StreamWriter wtr = new StreamWriter(context.Response.OutputStream))
wtr.Write(chr.FameStats.Serialize(acc, chr, time, killer, firstBorn));
}
}
