mangos-mirror/server
0
0
Fork 0
mirror of https://github.com/mangosfour/server.git synced 2025-12-14 16:37:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[7873] Use same name for realmd DB connection in realmd code as used in mangosd/game.

Browse source
This commit is contained in:
VladimirMangos 2009-05-22 16:08:36 +04:00
parent 0bd7177b11
commit 3beec18f4e
4 changed files with 25 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

36
src/realmd/AuthSocket.cpp
View file

@ -34,7 +34,7 @@
extern RealmList m_realmList; extern RealmList m_realmList;
extern DatabaseType dbRealmServer; extern DatabaseType loginDatabase;
#define ChunkSize 2048 #define ChunkSize 2048
@ -323,7 +323,7 @@ void AuthSocket::_SetVSFields(const std::string& rI)
const char *v_hex, *s_hex; const char *v_hex, *s_hex;
v_hex = v.AsHexStr(); v_hex = v.AsHexStr();
s_hex = s.AsHexStr(); s_hex = s.AsHexStr();
dbRealmServer.PExecute("UPDATE account SET v = '%s', s = '%s' WHERE username = '%s'",v_hex,s_hex, _safelogin.c_str() ); loginDatabase.PExecute("UPDATE account SET v = '%s', s = '%s' WHERE username = '%s'",v_hex,s_hex, _safelogin.c_str() );
OPENSSL_free((void*)v_hex); OPENSSL_free((void*)v_hex);
OPENSSL_free((void*)s_hex); OPENSSL_free((void*)s_hex);
} }
@ -379,18 +379,18 @@ bool AuthSocket::_HandleLogonChallenge()
//Escape the user login to avoid further SQL injection //Escape the user login to avoid further SQL injection
//Memory will be freed on AuthSocket object destruction //Memory will be freed on AuthSocket object destruction
_safelogin=_login; _safelogin=_login;
dbRealmServer.escape_string(_safelogin); loginDatabase.escape_string(_safelogin);
pkt << (uint8) AUTH_LOGON_CHALLENGE; pkt << (uint8) AUTH_LOGON_CHALLENGE;
pkt << (uint8) 0x00; pkt << (uint8) 0x00;
///- Verify that this IP is not in the ip_banned table ///- Verify that this IP is not in the ip_banned table
// No SQL injection possible (paste the IP address as passed by the socket) // No SQL injection possible (paste the IP address as passed by the socket)
dbRealmServer.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate"); loginDatabase.Execute("DELETE FROM ip_banned WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
std::string address = GetRemoteAddress(); std::string address = GetRemoteAddress();
dbRealmServer.escape_string(address); loginDatabase.escape_string(address);
QueryResult *result = dbRealmServer.PQuery( "SELECT * FROM ip_banned WHERE ip = '%s'",address.c_str()); QueryResult *result = loginDatabase.PQuery( "SELECT * FROM ip_banned WHERE ip = '%s'",address.c_str());
if(result) if(result)
{ {
pkt << (uint8)REALM_AUTH_ACCOUNT_BANNED; pkt << (uint8)REALM_AUTH_ACCOUNT_BANNED;
@ -402,7 +402,7 @@ bool AuthSocket::_HandleLogonChallenge()
///- Get the account details from the account table ///- Get the account details from the account table
// No SQL injection (escaped user name) // No SQL injection (escaped user name)
result = dbRealmServer.PQuery("SELECT sha_pass_hash,id,locked,last_ip,gmlevel FROM account WHERE username = '%s'",_safelogin.c_str ()); result = loginDatabase.PQuery("SELECT sha_pass_hash,id,locked,last_ip,gmlevel FROM account WHERE username = '%s'",_safelogin.c_str ());
if( result ) if( result )
{ {
///- If the IP is 'locked', check that the player comes indeed from the correct IP address ///- If the IP is 'locked', check that the player comes indeed from the correct IP address
@ -430,9 +430,9 @@ bool AuthSocket::_HandleLogonChallenge()
if (!locked) if (!locked)
{ {
//set expired bans to inactive //set expired bans to inactive
dbRealmServer.Execute("UPDATE account_banned SET active = 0 WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate"); loginDatabase.Execute("UPDATE account_banned SET active = 0 WHERE unbandate<=UNIX_TIMESTAMP() AND unbandate<>bandate");
///- If the account is banned, reject the logon attempt ///- If the account is banned, reject the logon attempt
QueryResult *banresult = dbRealmServer.PQuery("SELECT bandate,unbandate FROM account_banned WHERE id = %u AND active = 1", (*result)[1].GetUInt32()); QueryResult *banresult = loginDatabase.PQuery("SELECT bandate,unbandate FROM account_banned WHERE id = %u AND active = 1", (*result)[1].GetUInt32());
if(banresult) if(banresult)
{ {
if((*banresult)[0].GetUInt64() == (*banresult)[1].GetUInt64()) if((*banresult)[0].GetUInt64() == (*banresult)[1].GetUInt64())
@ -651,7 +651,7 @@ bool AuthSocket::_HandleLogonProof()
///- Update the sessionkey, last_ip, last login time and reset number of failed logins in the account table for this account ///- Update the sessionkey, last_ip, last login time and reset number of failed logins in the account table for this account
// No SQL injection (escaped user name) and IP address as received by socket // No SQL injection (escaped user name) and IP address as received by socket
const char* K_hex = K.AsHexStr(); const char* K_hex = K.AsHexStr();
dbRealmServer.PExecute("UPDATE account SET sessionkey = '%s', last_ip = '%s', last_login = NOW(), locale = '%u', failed_logins = 0 WHERE username = '%s'", K_hex, GetRemoteAddress().c_str(), GetLocaleByName(_localizationName), _safelogin.c_str() ); loginDatabase.PExecute("UPDATE account SET sessionkey = '%s', last_ip = '%s', last_login = NOW(), locale = '%u', failed_logins = 0 WHERE username = '%s'", K_hex, GetRemoteAddress().c_str(), GetLocaleByName(_localizationName), _safelogin.c_str() );
OPENSSL_free((void*)K_hex); OPENSSL_free((void*)K_hex);
///- Finish SRP6 and send the final result to the client ///- Finish SRP6 and send the final result to the client
@ -682,9 +682,9 @@ bool AuthSocket::_HandleLogonProof()
if(MaxWrongPassCount > 0) if(MaxWrongPassCount > 0)
{ {
//Increment number of failed logins by one and if it reaches the limit temporarily ban that account or IP //Increment number of failed logins by one and if it reaches the limit temporarily ban that account or IP
dbRealmServer.PExecute("UPDATE account SET failed_logins = failed_logins + 1 WHERE username = '%s'",_safelogin.c_str()); loginDatabase.PExecute("UPDATE account SET failed_logins = failed_logins + 1 WHERE username = '%s'",_safelogin.c_str());
if(QueryResult *loginfail = dbRealmServer.PQuery("SELECT id, failed_logins FROM account WHERE username = '%s'", _safelogin.c_str())) if(QueryResult *loginfail = loginDatabase.PQuery("SELECT id, failed_logins FROM account WHERE username = '%s'", _safelogin.c_str()))
{ {
Field* fields = loginfail->Fetch(); Field* fields = loginfail->Fetch();
uint32 failed_logins = fields[1].GetUInt32(); uint32 failed_logins = fields[1].GetUInt32();
@ -697,7 +697,7 @@ bool AuthSocket::_HandleLogonProof()
if(WrongPassBanType) if(WrongPassBanType)
{ {
uint32 acc_id = fields[0].GetUInt32(); uint32 acc_id = fields[0].GetUInt32();
dbRealmServer.PExecute("INSERT INTO account_banned VALUES ('%u',UNIX_TIMESTAMP(),UNIX_TIMESTAMP()+'%u','MaNGOS realmd','Failed login autoban',1)", loginDatabase.PExecute("INSERT INTO account_banned VALUES ('%u',UNIX_TIMESTAMP(),UNIX_TIMESTAMP()+'%u','MaNGOS realmd','Failed login autoban',1)",
acc_id, WrongPassBanTime); acc_id, WrongPassBanTime);
sLog.outBasic("[AuthChallenge] account %s got banned for '%u' seconds because it failed to authenticate '%u' times", sLog.outBasic("[AuthChallenge] account %s got banned for '%u' seconds because it failed to authenticate '%u' times",
_login.c_str(), WrongPassBanTime, failed_logins); _login.c_str(), WrongPassBanTime, failed_logins);
@ -705,8 +705,8 @@ bool AuthSocket::_HandleLogonProof()
else else
{ {
std::string current_ip = GetRemoteAddress(); std::string current_ip = GetRemoteAddress();
dbRealmServer.escape_string(current_ip); loginDatabase.escape_string(current_ip);
dbRealmServer.PExecute("INSERT INTO ip_banned VALUES ('%s',UNIX_TIMESTAMP(),UNIX_TIMESTAMP()+'%u','MaNGOS realmd','Failed login autoban')", loginDatabase.PExecute("INSERT INTO ip_banned VALUES ('%s',UNIX_TIMESTAMP(),UNIX_TIMESTAMP()+'%u','MaNGOS realmd','Failed login autoban')",
current_ip.c_str(), WrongPassBanTime); current_ip.c_str(), WrongPassBanTime);
sLog.outBasic("[AuthChallenge] IP %s got banned for '%u' seconds because account %s failed to authenticate '%u' times", sLog.outBasic("[AuthChallenge] IP %s got banned for '%u' seconds because account %s failed to authenticate '%u' times",
current_ip.c_str(), WrongPassBanTime, _login.c_str(), failed_logins); current_ip.c_str(), WrongPassBanTime, _login.c_str(), failed_logins);
@ -752,7 +752,7 @@ bool AuthSocket::_HandleReconnectChallenge()
_login = (const char*)ch->I; _login = (const char*)ch->I;
_safelogin = _login; _safelogin = _login;
QueryResult *result = dbRealmServer.PQuery ("SELECT sessionkey FROM account WHERE username = '%s'", _safelogin.c_str ()); QueryResult *result = loginDatabase.PQuery ("SELECT sessionkey FROM account WHERE username = '%s'", _safelogin.c_str ());
// Stop if the account is not found // Stop if the account is not found
if (!result) if (!result)
@ -832,7 +832,7 @@ bool AuthSocket::_HandleRealmList()
///- Get the user id (else close the connection) ///- Get the user id (else close the connection)
// No SQL injection (escaped user name) // No SQL injection (escaped user name)
QueryResult *result = dbRealmServer.PQuery("SELECT id,sha_pass_hash FROM account WHERE username = '%s'",_safelogin.c_str()); QueryResult *result = loginDatabase.PQuery("SELECT id,sha_pass_hash FROM account WHERE username = '%s'",_safelogin.c_str());
if(!result) if(!result)
{ {
sLog.outError("[ERROR] user %s tried to login and we cannot find him in the database.",_login.c_str()); sLog.outError("[ERROR] user %s tried to login and we cannot find him in the database.",_login.c_str());
@ -857,7 +857,7 @@ bool AuthSocket::_HandleRealmList()
uint8 AmountOfCharacters; uint8 AmountOfCharacters;
// No SQL injection. id of realm is controlled by the database. // No SQL injection. id of realm is controlled by the database.
result = dbRealmServer.PQuery( "SELECT numchars FROM realmcharacters WHERE realmid = '%d' AND acctid='%u'",i->second.m_ID,id); result = loginDatabase.PQuery( "SELECT numchars FROM realmcharacters WHERE realmid = '%d' AND acctid='%u'",i->second.m_ID,id);
if( result ) if( result )
{ {
Field *fields = result->Fetch(); Field *fields = result->Fetch();

8
src/realmd/Main.cpp
View file

@ -54,7 +54,7 @@ void HookSignals();
bool stopEvent = false; ///< Setting it to true stops the server bool stopEvent = false; ///< Setting it to true stops the server
RealmList m_realmList; ///< Holds the list of realms for this server RealmList m_realmList; ///< Holds the list of realms for this server
DatabaseType dbRealmServer; ///< Accessor to the realm server database DatabaseType loginDatabase; ///< Accessor to the realm server database
/// Print out the usage string for this program on the console. /// Print out the usage string for this program on the console.
void usage(const char *prog) void usage(const char *prog)
@ -262,7 +262,7 @@ extern int main(int argc, char **argv)
{ {
loopCounter = 0; loopCounter = 0;
sLog.outDetail("Ping MySQL to keep connection alive"); sLog.outDetail("Ping MySQL to keep connection alive");
delete dbRealmServer.Query("SELECT 1 FROM realmlist LIMIT 1"); delete loginDatabase.Query("SELECT 1 FROM realmlist LIMIT 1");
} }
#ifdef WIN32 #ifdef WIN32
if (m_ServiceStatus == 0) stopEvent = true; if (m_ServiceStatus == 0) stopEvent = true;
@ -271,7 +271,7 @@ extern int main(int argc, char **argv)
} }
///- Wait for the delay thread to exit ///- Wait for the delay thread to exit
dbRealmServer.HaltDelayThread(); loginDatabase.HaltDelayThread();
///- Remove signal handling before leaving ///- Remove signal handling before leaving
UnhookSignals(); UnhookSignals();
@ -310,7 +310,7 @@ bool StartDB(std::string &dbstring)
} }
sLog.outString("Database: %s", dbstring.c_str() ); sLog.outString("Database: %s", dbstring.c_str() );
if(!dbRealmServer.Initialize(dbstring.c_str())) if(!loginDatabase.Initialize(dbstring.c_str()))
{ {
sLog.outError("Cannot connect to database"); sLog.outError("Cannot connect to database");
return false; return false;

4
src/realmd/RealmList.cpp
View file

@ -27,7 +27,7 @@
INSTANTIATE_SINGLETON_1( RealmList ); INSTANTIATE_SINGLETON_1( RealmList );
extern DatabaseType dbRealmServer; extern DatabaseType loginDatabase;
RealmList::RealmList( ) : m_UpdateInterval(0), m_NextUpdateTime(time(NULL)) RealmList::RealmList( ) : m_UpdateInterval(0), m_NextUpdateTime(time(NULL))
{ {
@ -79,7 +79,7 @@ void RealmList::UpdateRealms(bool init)
{ {
sLog.outDetail("Updating Realm List..."); sLog.outDetail("Updating Realm List...");
QueryResult *result = dbRealmServer.Query( "SELECT id, name, address, port, icon, color, timezone, allowedSecurityLevel, population FROM realmlist WHERE color <> 3 ORDER BY name" ); QueryResult *result = loginDatabase.Query( "SELECT id, name, address, port, icon, color, timezone, allowedSecurityLevel, population FROM realmlist WHERE color <> 3 ORDER BY name" );
///- Circle through results and add them to the realm map ///- Circle through results and add them to the realm map
if(result) if(result)

2
src/shared/revision_nr.h
View file

@ -1,4 +1,4 @@
#ifndef __REVISION_NR_H__ #ifndef __REVISION_NR_H__
#define __REVISION_NR_H__ #define __REVISION_NR_H__
#define REVISION_NR "7872" #define REVISION_NR "7873"
#endif // __REVISION_NR_H__ #endif // __REVISION_NR_H__