protected override void HandleRequest() { using (var db = new Database()) { if (Account == null) BadLogin(); else { var cmd = db.CreateQuery(); cmd.CommandText = "SELECT fame FROM stats WHERE accId=@accId;"; cmd.Parameters.AddWithValue("@accId", Account.AccountId); if ((int)cmd.ExecuteScalar() < 5000) WriteErrorLine("Not enough fame"); else { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE stats set fame = MIN(fame - 5000, 0) WHERE accId=@accId;"; cmd.Parameters.AddWithValue("@accId", Account.AccountId); if (cmd.ExecuteNonQuery() > 0) { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET maxCharSlot = maxCharSlot + 1 WHERE id=@accId;"; cmd.Parameters.AddWithValue("@accId", Account.AccountId); if (cmd.ExecuteNonQuery() > 0) Success(); else WriteErrorLine("Internal Error"); } else WriteErrorLine("Internal Error"); } } } }
protected override void HandleRequest() { using (var db = new Database()) { var acc = db.Verify(Query["guid"], Query["password"]); byte[] status; if (acc == null) { status = Encoding.UTF8.GetBytes("<Error>Bad login</Error>"); } else { var cmd = db.CreateQuery(); object exescala; cmd.CommandText = "SELECT COUNT(name) FROM accounts WHERE name=@name;"; cmd.Parameters.AddWithValue("@name", Query["name"]); exescala = cmd.ExecuteScalar(); if (int.Parse(exescala.ToString()) > 0) status = Encoding.UTF8.GetBytes("<Error>Duplicated name</Error>"); else { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET name=@name, namechosen=TRUE WHERE id=@accId;"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); cmd.Parameters.AddWithValue("@name", Query["name"]); if (cmd.ExecuteNonQuery() != 0) status = Encoding.UTF8.GetBytes("<Success />"); else status = Encoding.UTF8.GetBytes("<Error>Internal error</Error>"); } } Context.Response.OutputStream.Write(status, 0, status.Length); } }
private bool ParseContents(Account acc, string json) { try { using (var db = new Database()) { var code = GiftCode.FromJson(json); if (code == null) return false; var cmd = db.CreateQuery(); if (code.Gifts.Count > 0) { List<int> gifts = acc.Gifts; foreach (var i in code.Gifts) gifts.Add(i); cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET gifts=@gifts WHERE uuid=@uuid AND password=SHA1(@password);"; cmd.Parameters.AddWithValue("@gifts", Utils.GetCommaSepString<int>(gifts.ToArray())); cmd.Parameters.AddWithValue("@uuid", Query["guid"]); cmd.Parameters.AddWithValue("@password", Query["password"]); cmd.ExecuteNonQuery(); } if (code.CharSlots > 0) { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET maxCharSlot=maxCharSlot + @amount WHERE uuid=@uuid AND password=SHA1(@password);"; cmd.Parameters.AddWithValue("@amount", code.CharSlots); cmd.Parameters.AddWithValue("@uuid", Query["guid"]); cmd.Parameters.AddWithValue("@password", Query["password"]); cmd.ExecuteNonQuery(); } if (code.VaultChests > 0) for (int j = 0; j < code.VaultChests; j++) db.CreateChest(acc); if (code.Gold > 0) db.UpdateCredit(acc, code.Gold); if (code.Fame > 0) db.UpdateFame(acc, code.Fame); } } catch (Exception) { return false; } return true; }
protected override void HandleRequest() { using (Database db = new Database()) { Account acc = db.GetAccount(Query["accountId"], Program.GameData); Char chr = db.LoadCharacter(acc, int.Parse(Query["charId"])); MySqlCommand cmd = db.CreateQuery(); cmd.CommandText = @"SELECT time, killer, firstBorn FROM death WHERE accId=@accId AND chrId=@charId;"; cmd.Parameters.AddWithValue("@accId", Query["accountId"]); cmd.Parameters.AddWithValue("@charId", Query["charId"]); int time; string killer; bool firstBorn; using (MySqlDataReader rdr = cmd.ExecuteReader()) { rdr.Read(); time = Database.DateTimeToUnixTimestamp(rdr.GetDateTime("time")); killer = rdr.GetString("killer"); firstBorn = rdr.GetBoolean("firstBorn"); } using (StreamWriter wtr = new StreamWriter(Context.Response.OutputStream)) wtr.Write(chr.FameStats.Serialize(Program.GameData, acc, chr, time, killer, firstBorn)); } }
public bool IsUserInLegends() { //Week using (var db = new Database()) { var cmd = db.CreateQuery(); cmd.CommandText = "SELECT * FROM death WHERE (time >= DATE_SUB(NOW(), INTERVAL 1 WEEK)) ORDER BY totalFame DESC LIMIT 10;"; using (var rdr = cmd.ExecuteReader()) while (rdr.Read()) if (rdr.GetString("accId") == AccountId) return true; } //Month using (var db = new Database()) { var cmd = db.CreateQuery(); cmd.CommandText = "SELECT * FROM death WHERE (time >= DATE_SUB(NOW(), INTERVAL 1 MONTH)) ORDER BY totalFame DESC LIMIT 10;"; using (var rdr = cmd.ExecuteReader()) while (rdr.Read()) if (rdr.GetString("accId") == AccountId) return true; } //All Time using (var db = new Database()) { var cmd = db.CreateQuery(); cmd.CommandText = "SELECT * FROM death WHERE TRUE ORDER BY totalFame DESC LIMIT 10;"; using (var rdr = cmd.ExecuteReader()) while (rdr.Read()) if (rdr.GetString("accId") == AccountId) return true; } return false; }
protected override void HandleRequest() { using (Database db = new Database()) { string authKey = Database.GenerateRandomString(128); var cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET authToken=@authToken WHERE uuid=@email;"; cmd.Parameters.AddWithValue("@authToken", authKey); cmd.Parameters.AddWithValue("@email", Query["guid"]); if (cmd.ExecuteNonQuery() == 1) { MailMessage message = new MailMessage(); message.To.Add(Query["guid"]); message.Subject = "Forgot Password"; message.From = new MailAddress(Program.Settings.GetValue<string>("serverEmail", ""), "Forgot Passowrd"); message.Body = emailBody. Replace("{RPLINK}", String.Format("{0}/{1}{2}", Program.Settings.GetValue<string>("serverDomain", "localhost"), "account/resetPassword?authToken=", authKey)). Replace("{SUPPORTLINK}", String.Format("{0}", Program.Settings.GetValue<string>("supportLink", "localhost"))). Replace("{SERVERDOMAIN}", Program.Settings.GetValue<string>("serverDomain", "localhost")); Program.SendEmail(message, true); } else using (StreamWriter wtr = new StreamWriter(Context.Response.OutputStream)) wtr.Write("<Error>Error.accountNotFound</Error>"); } }
protected override void HandleRequest() { StreamWriter wtr = new StreamWriter(Context.Response.OutputStream); if (Query.AllKeys.Length > 0) { using (Database db = new Database()) { Account acc = db.Verify(Query["guid"], Query["password"], Program.GameData); if (CheckAccount(acc, db, false)) { foreach (ItemCostItem item in Prices) { if (item.Type == Query["skinType"] && item.Puchasable == 1) { if (!acc.OwnedSkins.Contains(int.Parse(Query["skinType"]))) { acc.OwnedSkins.Add(int.Parse(Query["skinType"])); db.UpdateCredit(acc, -item.Price); MySqlCommand cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET ownedSkins=@ownedSkins WHERE uuid=@uuid AND password=SHA1(@password)"; cmd.Parameters.AddWithValue("@ownedSkins", Utils.GetCommaSepString(acc.OwnedSkins.ToArray())); cmd.Parameters.AddWithValue("@uuid", Query["guid"]); cmd.Parameters.AddWithValue("@password", Query["password"]); if (cmd.ExecuteNonQuery() == 0) wtr.WriteLine("<Error>Unable to purchase</Error>"); } } } } } } }
public string GetGuildName(int accId) { try { using (Database db1 = new Database()) { var cmd = db1.CreateQuery(); cmd.CommandText = "SELECT * FROM guilds"; var rdr = cmd.ExecuteReader(); while (rdr.Read()) { string members = rdr.GetString("members"); if (members.ToString().Contains("," + accId.ToString() + ",")) { return(rdr.GetString("name")); } else { return(""); } } return(""); } } catch { Console.WriteLine("Error retrieving guild name: check Player.cs"); return(""); } }
protected override void HandleRequest() { using (Database db = new Database()) { try { Account acc = db.Verify(Query["guid"], Query["password"], Program.GameData); string classType = Program.GameData.ObjectTypeToId[ushort.Parse(Query["classType"])]; if (CheckAccount(acc, db)) { int price = Program.GameData.ObjectDescs[ushort.Parse(Query["classType"])].UnlockCost; if (acc.Credits < price) return; db.UpdateCredit(acc, -price); MySqlCommand cmd = db.CreateQuery(); cmd.CommandText = "UPDATE unlockedclasses SET available='unrestricted' WHERE accId=@accId AND class=@class;"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); cmd.Parameters.AddWithValue("@class", classType); cmd.ExecuteNonQuery(); } } catch (Exception e) { using (StreamWriter wtr = new StreamWriter(Context.Response.OutputStream)) { wtr.WriteLine("<Error>Invalid classType"); wtr.Flush(); wtr.WriteLine(e); } } } }
public PetItem GetPet(int petId, Account acc) { using (Database db = new Database()) { MySqlCommand cmd = db.CreateQuery(); cmd.CommandText = "SELECT * FROM pets WHERE petId=@petId AND accId=@accId"; cmd.Parameters.AddWithValue("@petId", petId); cmd.Parameters.AddWithValue("@accId", acc.AccountId); using (MySqlDataReader rdr = cmd.ExecuteReader()) { while (rdr.Read()) { return(new PetItem { Abilities = GetPetAbilities(rdr), Rarity = rdr.GetInt32("rarity"), MaxAbilityPower = rdr.GetInt32("maxLevel"), InstanceId = petId, SkinName = rdr.GetString("skinName"), Skin = rdr.GetInt32("skin"), Type = rdr.GetInt32("objType") }); } } } return(null); }
public override void HandleRequest(HttpListenerContext context) { NameValueCollection query; using (var rdr = new StreamReader(context.Request.InputStream)) query = HttpUtility.ParseQueryString(rdr.ReadToEnd()); using (var db = new Database(Program.Settings.GetValue("conn"))) { Account acc = db.Verify(query["guid"], query["password"]); byte[] status; if (acc == null) { status = Encoding.UTF8.GetBytes("<Error>Account credentials not valid</Error>"); } else { MySqlCommand cmd = db.CreateQuery(); cmd.CommandText = "SELECT beginnerPackageTimeLeft FROM accounts WHERE uuid=@uuid"; cmd.Parameters.AddWithValue("@uuid", query["guid"]); object result = cmd.ExecuteScalar(); status = Encoding.UTF8.GetBytes("<BeginnerPackageTimeLeft>" + result + "</BeginnerPackageTimeLeft>"); } context.Response.OutputStream.Write(status, 0, status.Length); } }
protected override void HandleRequest() { using (Database db = new Database()) { Account acc = db.Verify(Query["guid"], Query["password"], Program.GameData); if (CheckAccount(acc, db)) { if (acc.VerifiedEmail || !Program.Settings.GetValue<bool>("verifyEmail")) return; string authKey = Database.GenerateRandomString(128); var cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET uuid=@newGuid, authToken=@newAuthToken WHERE uuid=@oldGuid;"; cmd.Parameters.AddWithValue("@newGuid", Query["newGuid"]); cmd.Parameters.AddWithValue("@newAuthToken", authKey); cmd.Parameters.AddWithValue("@oldGuid", Query["guid"]); cmd.Parameters.AddWithValue("@password", Query["password"]); cmd.ExecuteNonQuery(); MailMessage message = new MailMessage(); message.To.Add(Query["newGuid"]); message.IsBodyHtml = true; message.Subject = "Please verify your account."; message.From = new MailAddress(Program.Settings.GetValue<string>("serverEmail", "")); message.Body = "<center>Please verify your email via this <a href=\"" + Program.Settings.GetValue<string>("serverDomain", "localhost") + "/account/validateEmail?authToken=" + authKey + "\" target=\"_blank\">link</a>.</center>"; Program.SendEmail(message, true); } } }
private List<globalNews_struct> GetGlobalNews(Database db) { List<globalNews_struct> ret = new List<globalNews_struct>(); var cmd = db.CreateQuery(); cmd.CommandText = "SELECT * FROM globalNews WHERE endTime >= now();"; using (var rdr = cmd.ExecuteReader()) { while (rdr.Read()) { ret.Add(new globalNews_struct { slot = rdr.GetInt32("slot"), linkType = rdr.GetInt32("linkType"), title = rdr.GetString("title"), image = rdr.GetString("image"), priority = rdr.GetInt32("priority"), linkDetail = rdr.GetString("linkDetail"), platform = rdr.GetString("platform"), startTime = long.Parse(Database.DateTimeToUnixTimestamp(rdr.GetDateTime("startTime")).ToString() + "000"), endTime = long.Parse(Database.DateTimeToUnixTimestamp(rdr.GetDateTime("endTime")).ToString() + "000") }); } } return ret; }
public void HandleRequest(HttpListenerContext context) { NameValueCollection query; using (StreamReader rdr = new StreamReader(context.Request.InputStream)) query = HttpUtility.ParseQueryString(rdr.ReadToEnd()); using (var db = new Database()) { var acc = db.Verify(query["guid"], query["password"]); byte[] status; if (acc == null) { status = Encoding.UTF8.GetBytes("<Error>Bad login</Error>"); } else { var cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET password=SHA1(@password) WHERE id=@accId;"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); cmd.Parameters.AddWithValue("@password", query["newPassword"]); if (cmd.ExecuteNonQuery() > 0) status = Encoding.UTF8.GetBytes("<Success />"); else status = Encoding.UTF8.GetBytes("<Error>Internal error</Error>"); } context.Response.OutputStream.Write(status, 0, status.Length); } }
protected override void HandleRequest() { using (var db = new Database()) { if (!IsUsername(Query["newGUID"])) WriteErrorLine("Invalid Username"); else { if (db.HasUuid(Query["guid"]) && db.Verify(Query["guid"], "") != null) { if (db.HasUuid(Query["newGUID"])) WriteErrorLine("Username is already taken"); else { var cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET uuid=@newUuid, name=@newUuid, password=SHA1(@password), guest=FALSE WHERE uuid=@uuid, name=@name;"; cmd.Parameters.AddWithValue("@uuid", Query["guid"]); cmd.Parameters.AddWithValue("@newUuid", Query["newGUID"]); cmd.Parameters.AddWithValue("@password", Query["newPassword"]); if (cmd.ExecuteNonQuery() > 0) Success(); else WriteErrorLine("Internal Error"); } } else { if (db.Register(Query["newGUID"], Query["newPassword"], false) != null) Success(); else WriteErrorLine("Internal Error"); } } } }
protected override void HandleRequest() { using (Database db = new Database()) { string jsonCode = String.Empty; string status = "Invalid code."; var cmd = db.CreateQuery(); cmd.CommandText = "SELECT * FROM giftCodes WHERE code=@code"; cmd.Parameters.AddWithValue("@code", Query["code"]); using (var rdr = cmd.ExecuteReader()) while (rdr.Read()) jsonCode = rdr.GetString("content"); var list = ParseContents(jsonCode); if (list.Count > 0) { status = String.Empty; foreach (var i in list) status += (i + "</br>"); } byte[] res = new byte[0]; if (status.IsNullOrWhiteSpace() || status == "Invalid code.") { res = Encoding.UTF8.GetBytes( $@"<html> <head> <title>Check Giftcode</title> </head> <body style='background: #333333'> <h1 style='color: #EEEEEE; text-align: center'> {status} </h1> </body> </html>"); } else { res = Encoding.UTF8.GetBytes( $@"<html> <head> <title>Check Giftcode</title> </head> <body style='background: #333333'> <h1 style='color: #EEEEEE; text-align: center'> Your Giftcode contains the following Items: </h1> <h3 style='color: #EEEEEE; text-align: center'> {status} </h3> </body> </html>"); } Context.Response.OutputStream.Write(res, 0, res.Length); } }
public override void HandleRequest(HttpListenerContext context) { NameValueCollection query; using (var rdr = new StreamReader(context.Request.InputStream)) query = HttpUtility.ParseQueryString(rdr.ReadToEnd()); using (var db = new Database(Program.Settings.GetValue("conn"))) { Account acc = db.Verify(query["guid"], query["password"]); int charSlots = db.MaxCharSlotPrice(query["guid"]); byte[] status; if (acc == null) { status = Encoding.UTF8.GetBytes("<Error>Account credentials not valid</Error>"); } else { MySqlCommand cmd = db.CreateQuery(); cmd.CommandText = "SELECT fame FROM stats WHERE accId=@accId;"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); if ((int) cmd.ExecuteScalar() < charSlots) status = Encoding.UTF8.GetBytes("<Error>Not enough fame</Error>"); else { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE stats SET fame = fame - @price WHERE accId=@accId"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); cmd.Parameters.AddWithValue("@price", charSlots); if (cmd.ExecuteNonQuery() > 0) { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET maxCharSlot = maxCharSlot + 1 WHERE id=@accId"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); if (cmd.ExecuteNonQuery() > 0) status = Encoding.UTF8.GetBytes("<Success/>"); else status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>"); } else status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>"); } } context.Response.OutputStream.Write(status, 0, status.Length); } }
public override void HandleRequest(HttpListenerContext context) { NameValueCollection query; using (var rdr = new StreamReader(context.Request.InputStream)) query = HttpUtility.ParseQueryString(rdr.ReadToEnd()); using (var db = new Database(Program.Settings.GetValue("conn"))) { Account acc = db.Verify(query["guid"], query["password"]); byte[] status; if (acc == null) { status = Encoding.UTF8.GetBytes("<Error>Account credentials not valid</Error>"); } else { MySqlCommand cmd = db.CreateQuery(); cmd.CommandText = "SELECT COUNT(name) FROM accounts WHERE name=@name;"; cmd.Parameters.AddWithValue("@name", query["name"]); if ((int) (long) cmd.ExecuteScalar() > 0) status = Encoding.UTF8.GetBytes("<Error>Duplicate username</Error>"); else if (query["name"].Length < 3) { status = Encoding.UTF8.GetBytes("<Error>Name too short, minimum 3 letters</Error>"); } else if (query["name"].Contains(" ")) { status = Encoding.UTF8.GetBytes("<Error>Cannot have spaces in username</Error>"); } else { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET name=@name, namechosen=TRUE WHERE id=@accId;"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); cmd.Parameters.AddWithValue("@name", query["name"]); if (cmd.ExecuteNonQuery() > 0) status = Encoding.UTF8.GetBytes("<Success />"); else status = Encoding.UTF8.GetBytes("<Error>Internal error</Error>"); } } context.Response.OutputStream.Write(status, 0, status.Length); } }
public void HandleRequest(HttpListenerContext context) { string status; using (var db = new Database()) { var query = HttpUtility.ParseQueryString(context.Request.Url.Query); var cmd = db.CreateQuery(); cmd.CommandText = "SELECT id FROM accounts WHERE uuid=@uuid"; cmd.Parameters.AddWithValue("@uuid", query["guid"]); object id = cmd.ExecuteScalar(); if (id != null) { int amount = int.Parse(query["jwt"]); cmd = db.CreateQuery(); cmd.CommandText = "UPDATE stats SET credits = credits + @amount WHERE accId=@accId"; cmd.Parameters.AddWithValue("@accId", (int)id); cmd.Parameters.AddWithValue("@amount", amount); int result = (int)cmd.ExecuteNonQuery(); if (result > 0) status = "Your purchase was successful!"; else if (result == -1) status = "Your purchase was successful!"; else status = "Internal error!"; } else status = "Account does not exist!"; } var res = Encoding.UTF8.GetBytes( @"<html> <head> <title>Purchase!</title> </head> <body style='background: #333333'> <h1 style='color: #EEEEEE; text-align: center'> " + status + @" </h1> </body> </html>"); context.Response.OutputStream.Write(res, 0, res.Length); }
public void HandleRequest(HttpListenerContext context) { NameValueCollection query; using (StreamReader rdr = new StreamReader(context.Request.InputStream)) query = HttpUtility.ParseQueryString(rdr.ReadToEnd()); using (var db = new Database()) { var acc = db.Verify(query["guid"], query["password"]); byte[] status; if (acc == null) { status = Encoding.UTF8.GetBytes("<Error>Bad login</Error>"); } else { var cmd = db.CreateQuery(); cmd.CommandText = "SELECT credits FROM stats WHERE accId=@accId;"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); if ((int)cmd.ExecuteScalar() < 100) status = Encoding.UTF8.GetBytes("<Error>Not enough credits</Error>"); else { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE stats SET credits = credits - 100 WHERE accId=@accId"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); if ((int)cmd.ExecuteNonQuery() > 0) { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET maxCharSlot = maxCharSlot + 1 WHERE id=@accId"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); if ((int)cmd.ExecuteNonQuery() > 0) status = Encoding.UTF8.GetBytes("<Success/>"); else status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>"); } else status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>"); } } context.Response.OutputStream.Write(status, 0, status.Length); } }
public void HandleRequest(HttpListenerContext context) { string status; using (var db = new Database()) { NameValueCollection query = HttpUtility.ParseQueryString(context.Request.Url.Query); MySqlCommand cmd = db.CreateQuery(); cmd.CommandText = "SELECT id FROM accounts WHERE uuid=@uuid"; cmd.Parameters.AddWithValue("@uuid", query["guid"]); object id = cmd.ExecuteScalar(); if (id != null) { try { //int amount = int.Parse(query["jwt"]); //cmd = db.CreateQuery(); //cmd.CommandText = "UPDATE stats SET credits = credits + @amount WHERE accId=@accId"; //cmd.Parameters.AddWithValue("@accId", (int)id); //cmd.Parameters.AddWithValue("@amount", amount); //int result = cmd.ExecuteNonQuery(); //if (result > 0) // status = "Ya done..."; //else // status = "Internal error :("; status = "Yeah... We kind of fixed this..."; } catch { status = "Yeah... We kind of fixed this..."; } } else { status = "Yeah... We kind of fixed this..."; } db.Dispose(); } byte[] res = Encoding.UTF8.GetBytes( @"<html> <head> <title>Nope</title> <script>window.close();</script> </head> <body style='background: #333333'> <h1 style='color: #EEEEEE; text-align: center'> " + status + @" </h1> </body> </html>"); context.Response.OutputStream.Write(res, 0, res.Length); }
protected override void HandleRequest() { string result = ""; using (Database dbx = new Database()) { Account acc = dbx.Verify(Query["guid"], Query["password"], Program.GameData); if (String.IsNullOrEmpty(Query["guid"]) || String.IsNullOrEmpty(Query["password"]) || String.IsNullOrEmpty(Query["type"]) || acc == null) { Context.Response.StatusCode = 400; result = "<Error>Invalid GUID/password combination</Error>"; } else { string[][] ranks = dbx.GetArenaLeaderboards(Query["type"], acc); result += "<ArenaRecords>"; foreach (string[] i in ranks) { MySqlCommand cmd = dbx.CreateQuery(); cmd.CommandText = "select skin, tex1, tex2, items, charType, petId from characters where charid = @charid"; cmd.Parameters.AddWithValue("@charid", i[2]); string skin, tex1, tex2, inventory, cclass, petid; skin = tex1 = tex2 = inventory = cclass = petid = null; using (MySqlDataReader drdr = cmd.ExecuteReader()) { while (drdr.Read()) { skin = drdr.GetString("skin"); tex1 = drdr.GetString("tex1"); tex2 = drdr.GetString("tex2"); inventory = drdr.GetString("items"); cclass = drdr.GetString("charType"); petid = drdr.GetString("petId"); } } var _pet = dbx.GetPet(int.Parse(petid), acc); result += $"<Record><WaveNumber>{i[0]}</WaveNumber><Time>{i[4]}</Time><PlayData><CharacterData>"; if (acc.Guild.Name != null) result += $@"<GuildName>{acc.Guild.Name}</GuildName><GuildRank>{acc.Guild.Rank}</GuildRank>"; result += $"<Id>{i[2]}</Id><Texture>{skin}</Texture><Tex1>{tex1}</Tex1><Tex2>{tex2}</Tex2><Inventory>{inventory}</Inventory><Name>{acc.Name}</Name><Class>{cclass}</Class></CharacterData>"; result += "<Pet name=\"" + _pet.SkinName + "\" type=\"" + _pet.Type + "\" instanceId=\"" + _pet.InstanceId + "\" rarity=\"" + _pet.Rarity + "\" maxAbilityPower=\"" + _pet.MaxAbilityPower + "\" skin=\"" + _pet.Skin + "\" family=\"" + "Farm" + "\"><Abilities>"; for (int e = 0; e < 3; e++) result += "<Ability type=\"" + _pet.Abilities[e].Type + "\" power=\"" + _pet.Abilities[e].Power + "\" points=\"" + _pet.Abilities[e].Points + "\"/>"; result += "</Abilities></Pet></PlayData></Record>"; } result += "</ArenaRecords>"; } } byte[] buf = Encoding.UTF8.GetBytes(result); Context.Response.ContentType = "text/*"; Context.Response.OutputStream.Write(buf, 0, buf.Length); }
protected override void HandleRequest() { string status; using (var db = new Database()) { var cmd = db.CreateQuery(); cmd.CommandText = "SELECT id FROM accounts WHERE uuid=@uuid"; cmd.Parameters.AddWithValue("@uuid", Query["guid"]); object id = cmd.ExecuteScalar(); if (id != null) { int amount = int.Parse(Query["jwt"]); cmd = db.CreateQuery(); cmd.CommandText = "UPDATE stats SET credits = credits + @amount WHERE accId=@accId"; cmd.Parameters.AddWithValue("@accId", (int)id); cmd.Parameters.AddWithValue("@amount", amount); int result = (int)cmd.ExecuteNonQuery(); if (result > 0) status = "Ya done..."; else status = "Internal error :("; } else status = "Account not exists :("; } var res = Encoding.UTF8.GetBytes( @"<html> <head> <title>Ya...</title> </head> <body style='background: #333333'> <h1 style='color: #EEEEEE; text-align: center'> " + status + @" </h1> </body> </html>"); Context.Response.OutputStream.Write(res, 0, res.Length); }
protected override void HandleRequest() { using (Database db = new Database()) { Account acc = db.Verify(Query["guid"], Query["password"], Program.GameData); byte[] status = new byte[0]; if (CheckAccount(acc, db)) { if (!acc.NameChosen) { if (Regex.IsMatch(Query["name"], @"^[a-zA-Z]+$")) { MySqlCommand cmd = db.CreateQuery(); object exescala; cmd.CommandText = "SELECT COUNT(name) FROM accounts WHERE name=@name;"; cmd.Parameters.AddWithValue("@name", Query["name"]); exescala = cmd.ExecuteScalar(); if (int.Parse(exescala.ToString()) > 0) status = Encoding.UTF8.GetBytes("<Error>Duplicated name</Error>"); else { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET name=@name, namechosen=TRUE WHERE id=@accId;"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); cmd.Parameters.AddWithValue("@name", Query["name"]); if (cmd.ExecuteNonQuery() != 0) status = Encoding.UTF8.GetBytes("<Success />"); else status = Encoding.UTF8.GetBytes("<Error>Internal error</Error>"); } } else status = Encoding.UTF8.GetBytes("<Error>Invalid name</Error>"); } else status = Encoding.UTF8.GetBytes("<Error>You have already a name</Error>"); } Context.Response.OutputStream.Write(status, 0, status.Length); } }
public override void HandleRequest(HttpListenerContext context) { NameValueCollection query; using (var rdr = new StreamReader(context.Request.InputStream)) query = HttpUtility.ParseQueryString(rdr.ReadToEnd()); using (var db = new Database(Program.Settings.GetValue("conn"))) { byte[] status; if (!IsUsername(query["newGUID"])) status = Encoding.UTF8.GetBytes("<Error>Invalid username</Error>"); else { if (db.HasUuid(query["guid"]) && db.Verify(query["guid"], "") != null) { if (db.HasUuid(query["newGUID"])) status = Encoding.UTF8.GetBytes("<Error>Duplicate username</Error>"); else if (db.HasEmail(query["email"])) status = Encoding.UTF8.GetBytes("<Error>Duplicate email</Error>"); else { MySqlCommand cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET uuid=@newUuid, password=SHA1(@password), email=@email, guest=FALSE WHERE uuid=@uuid;"; cmd.Parameters.AddWithValue("@uuid", query["guid"]); cmd.Parameters.AddWithValue("@newUuid", query["newGUID"]); cmd.Parameters.AddWithValue("@password", query["newPassword"]); cmd.Parameters.AddWithValue("@email", query["email"]); if (cmd.ExecuteNonQuery() > 0) status = Encoding.UTF8.GetBytes("<Success />"); else status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>"); } } else { if (db.HasUuid(query["newGUID"])) { status = Encoding.UTF8.GetBytes("<Error>Duplicate username</Error>"); } else if (db.HasEmail(query["email"])) { status = Encoding.UTF8.GetBytes("<Error>Duplicate email</Error>"); } else { if (db.Register(query["newGUID"], query["newPassword"], query["email"], false) != null) status = Encoding.UTF8.GetBytes("<Success />"); else status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>"); } } } context.Response.OutputStream.Write(status, 0, status.Length); } }
protected override void HandleRequest() { using (var db = new Database()) { var acc = db.Verify(Query["guid"], Query["password"]); byte[] status; if (acc == null) { status = Encoding.UTF8.GetBytes("<Error>Bad login</Error>"); } else { var cmd = db.CreateQuery(); cmd.CommandText = "SELECT fame FROM stats WHERE accId=@accId;"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); if ((int)cmd.ExecuteScalar() < 0) status = Encoding.UTF8.GetBytes("<Error>Not enough fame</Error>"); else { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE stats SET fame = fame - 0 WHERE accId=@accId"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); if ((int)cmd.ExecuteNonQuery() > 0) { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET maxCharSlot = maxCharSlot + 1 WHERE id=@accId"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); if ((int)cmd.ExecuteNonQuery() > 0) status = Encoding.UTF8.GetBytes("<Success/>"); else status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>"); } else status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>"); } } Context.Response.OutputStream.Write(status, 0, status.Length); } }
protected override void HandleRequest() { using (Database db = new Database()) { string code = Query["code"]; Account acc = Query["data"] != null ? AccountDataHelper.GetAccountGiftCodeData(HttpUtility.UrlDecode(Query["data"], Encoding.UTF8)).GetGiftCode(out code).GetAccount(Program.GameData) : db.Verify(Query["guid"], Query["password"], Program.GameData); if (CheckAccount(acc, db, false)) { string contents = String.Empty; var cmd = db.CreateQuery(); cmd.CommandText = "SELECT * FROM giftCodes WHERE code=@code"; cmd.Parameters.AddWithValue("@code", code); using (var rdr = cmd.ExecuteReader()) { if (!rdr.HasRows) { Context.Response.Redirect("../InvalidGiftCode.html"); return; } while(rdr.Read()) contents = rdr.GetString("content"); } if (ParseContents(acc, contents)) { Context.Response.Redirect("../GiftCodeSuccess.html"); cmd = db.CreateQuery(); cmd.CommandText = "DELETE FROM giftCodes WHERE code=@code"; cmd.Parameters.AddWithValue("@code", code); cmd.ExecuteNonQuery(); } else Context.Response.Redirect("../InvalidGiftCode.html"); } } }
public void HandleRequest(HttpListenerContext context) { NameValueCollection query; using (var rdr = new StreamReader(context.Request.InputStream)) query = HttpUtility.ParseQueryString(rdr.ReadToEnd()); using (var db = new Database()) { Account acc = db.Verify(query["guid"], query["password"]); byte[] status; if (acc == null) { status = Encoding.UTF8.GetBytes("<Error>Bad login</Error>"); } else { MySqlCommand cmd = db.CreateQuery(); object exescala; cmd.CommandText = "SELECT COUNT(name) FROM accounts WHERE name=@name;"; cmd.Parameters.AddWithValue("@name", query["name"]); exescala = cmd.ExecuteScalar(); if (int.Parse(exescala.ToString()) > 0) status = Encoding.UTF8.GetBytes("<Error>Duplicated name</Error>"); else { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET name=@name, namechosen=TRUE WHERE id=@accId;"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); cmd.Parameters.AddWithValue("@name", query["name"]); if (cmd.ExecuteNonQuery() != 0) status = Encoding.UTF8.GetBytes("<Success />"); else status = Encoding.UTF8.GetBytes("<Error>Internal error</Error>"); } } context.Response.OutputStream.Write(status, 0, status.Length); db.Dispose(); } }
public override void HandleRequest(HttpListenerContext context) { string status; using (var db = new Database(Program.Settings.GetValue("conn"))) { NameValueCollection query = HttpUtility.ParseQueryString(context.Request.Url.Query); MySqlCommand cmd = db.CreateQuery(); cmd.CommandText = "SELECT id FROM accounts WHERE uuid=@uuid"; cmd.Parameters.AddWithValue("@uuid", query["guid"]); object id = cmd.ExecuteScalar(); /*if (id != null) { int amount = int.Parse(query["jwt"]); if (amount > 0) { cmd.CommandText = "UPDATE stats SET totalCredits = totalCredits + @amount WHERE accId=@accId;"; cmd.Parameters.AddWithValue("@accId", (int) id); cmd.Parameters.AddWithValue("@amount", amount); cmd.ExecuteNonQuery(); } cmd = db.CreateQuery(); cmd.CommandText = "UPDATE stats SET credits = credits + @amount WHERE accId=@accId"; cmd.Parameters.AddWithValue("@accId", (int) id); cmd.Parameters.AddWithValue("@amount", amount); int result = cmd.ExecuteNonQuery(); if (result > 0) status = "Ya done..."; else status = "Internal error :("; } else status = "Account not exists :(";*/ status = "Feature has been disabled"; } byte[] res = Encoding.UTF8.GetBytes( @"<html> <head> <title>Ya...</title> </head> <body style='background: #333333'> <h1 style='color: #EEEEEE; text-align: center'> " + status + @" </h1> </body> </html>"); context.Response.OutputStream.Write(res, 0, res.Length); }
protected override void HandleRequest() { using (var db = new Database()) { if (Account == null) BadLogin(); else { var cmd = db.CreateQuery(); cmd.CommandText = "SELECT COUNT(name) FROM accounts WHERE name=@name;"; cmd.Parameters.AddWithValue("@name", Query["name"]); if ((int)cmd.ExecuteScalar() > 0) WriteErrorLine("Duplicated name"); else { cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET name=@name, namechosen=1 WHERE id=@accId"; cmd.Parameters.AddWithValue("@accId", Account.AccountId); cmd.Parameters.AddWithValue("@name", Query["name"]); if (cmd.ExecuteNonQuery() != 0) Success(); else WriteErrorLine("Internal Error"); } } } }
public bool isTopAll(Account acc) { using (Database dbx = new Database()) { var cmd = dbx.CreateQuery(); cmd.CommandText = "SELECT accId FROM death WHERE TRUE ORDER BY totalFame DESC LIMIT 10"; var rdr = cmd.ExecuteReader(); while (rdr.Read()) { if (rdr.GetInt32("accId") == acc.AccountId) { return(true); } } return(false); } }
public bool isTopMonth(Account acc) { using (Database dbx = new Database()) { var cmd = dbx.CreateQuery(); cmd.CommandText = "SELECT accId FROM death WHERE (time >= DATE_SUB(NOW(), INTERVAL 1 MONTH)) ORDER BY totalFame DESC LIMIT 10"; var rdr = cmd.ExecuteReader(); while (rdr.Read()) { if (rdr.GetInt32("accId") == acc.AccountId) { return(true); } } return(false); } }
public string GetGuildNameByID(int guildId) { try { using (Database dbz = new Database()) { var cmd = dbz.CreateQuery(); cmd.CommandText = "SELECT name FROM guilds WHERE id=@id"; cmd.Parameters.AddWithValue("@id", guildId); object scalar = cmd.ExecuteScalar(); return(scalar.ToString()); } } catch { return(""); } }
public override void HandleRequest(HttpListenerContext context) { NameValueCollection query; using (var rdr = new StreamReader(context.Request.InputStream)) query = HttpUtility.ParseQueryString(rdr.ReadToEnd()); using (var db = new Database(Program.Settings.GetValue("conn"))) { Account acc = db.Verify(query["guid"], query["password"]); byte[] status; if (acc == null) status = Encoding.UTF8.GetBytes("<Error>Account credentials not valid</Error>"); else { MySqlCommand cmd = db.CreateQuery(); cmd.CommandText = @"DELETE FROM characters WHERE accId = @accId AND charId = @charId;"; cmd.Parameters.AddWithValue("@accId", acc.AccountId); cmd.Parameters.AddWithValue("@charId", query["charId"]); if (cmd.ExecuteNonQuery() > 0) status = Encoding.UTF8.GetBytes("<Success />"); else status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>"); } context.Response.OutputStream.Write(status, 0, status.Length); } }
public void HandleRequest(HttpListenerContext context) { NameValueCollection query; using (StreamReader rdr = new StreamReader(context.Request.InputStream)) query = HttpUtility.ParseQueryString(rdr.ReadToEnd()); using (var db = new Database()) { var acc = db.GetAccount(int.Parse(query["accountId"])); var chr = db.LoadCharacter(acc, int.Parse(query["charId"])); var cmd = db.CreateQuery(); cmd.CommandText = @"SELECT time, killer, firstBorn FROM death WHERE accId=@accId AND chrId=@charId;"; cmd.Parameters.AddWithValue("@accId", query["accountId"]); cmd.Parameters.AddWithValue("@charId", query["charId"]); int time; string killer; bool firstBorn; using (var rdr = cmd.ExecuteReader()) { rdr.Read(); time = Database.DateTimeToUnixTimestamp(rdr.GetDateTime("time")); killer = rdr.GetString("killer"); firstBorn = rdr.GetBoolean("firstBorn"); } using (StreamWriter wtr = new StreamWriter(context.Response.OutputStream)) wtr.Write(chr.FameStats.Serialize(acc, chr, time, killer, firstBorn)); } }