Jump to content
metin2dev

M2BobFixed

Members
  • Content count

    291
  • Joined

  • Last visited

M2BobFixed last won the day on May 6 2016

M2BobFixed had the most liked content!

Community Reputation

1,382 Godlike

3 Followers

About M2BobFixed

  • Rank
    Noble

Contact Methods

  • Website URL
    http://www.gamesecurity.eu
  • Skype
    realotus

Profile Information

  • Gender
    Male
  • Location
    Roma

Recent Profile Visitors

2,664 profile views
  1. Find the function: void CHARACTER::PointChange(BYTE type, int amount, bool bAmount, bool bBroadcast) Find the case: POINT_GOLD And put this: case POINT_GOLD: { unsigned int nTotalMoney = GetGold() + amount; if (nTotalMoney > GOLD_MAX) { return; }else if (nTotalMoney < 0) { return; }else{ SetGold(GetGold() + amount); val = GetGold(); } } break; Your YANGS never been negatives!
  2. c++ Sbugga PG (Unstucker) Without Delay - InGame!

    Thanks but these guys are only angry with me cause i post this idea that a lot of people like MartySama sell for a lot of money...
  3. c++ Sbugga PG (Unstucker) Without Delay - InGame!

    WHY ALL PEOPLE CREATE SBUG PG IN PHP? This is fucking better than that!
  4. c++ Sbugga PG (Unstucker) Without Delay - InGame!

    If your player go in a invalid map or is bugged, can warp to the own empire city!
  5. Input_DB.cpp -> PlayerLoad function: void CInputDB::PlayerLoad(LPDESC d, const char * data) { TPlayerTable * pTab = (TPlayerTable *) data; if (!d) return; long lMapIndex = pTab->lMapIndex; long lPosX = pTab->x; long lPosY = pTab->y; int lEmpire = d->GetAccountTable().bEmpire; //MAP INDEX NULL (MAYBE WHEN YOU CREATE THE CHARACTER) if (lMapIndex == 0) { if (SECTREE_MANAGER::instance().GetMapIndex(lPosX, lPosY) == 0) //IF YOU CREATE THE CHARACTER RETURN TRUE NOT FALSE { lMapIndex = EMPIRE_START_MAP(lEmpire); lPosX = EMPIRE_START_X(lEmpire); lPosY = EMPIRE_START_Y(lEmpire); }else{ //YOU CREATE THE CHARACTER AND CHARACTER START IN THE RIGHT POSITION! lMapIndex = EMPIRE_START_MAP(lEmpire); lPosX = CREATE_START_X(lEmpire) + number(-300, 300); lPosY = CREATE_START_Y(lEmpire) + number(-300, 300); } } //CHECK IF IS A VALID LOCATION else if (!SECTREE_MANAGER::instance().IsValidLocation(lMapIndex, lPosX, lPosY, lEmpire)) { lMapIndex = EMPIRE_START_MAP(lEmpire); lPosX = EMPIRE_START_X(lEmpire); lPosY = EMPIRE_START_Y(lEmpire); } //CHECK IF NEED SBUG PG std::string PgName=std::string("/server/game/pg_bugged/")+std::string(pTab->name)+std::string(".txt"); struct stat sbug; if (stat(PgName.c_str(), &sbug) == 0) { remove(PgName.c_str()); lMapIndex = EMPIRE_START_MAP(lEmpire); lPosX = EMPIRE_START_X(lEmpire); lPosY = EMPIRE_START_Y(lEmpire); sys_err("<SbugPGSystem> %s was moved to the own empire. (Index: %d - X:%d, Y:%d)", pTab->name, EMPIRE_START_MAP(lEmpire), EMPIRE_START_X(lEmpire), EMPIRE_START_Y(lEmpire)); } //SET NEW MAP INDEX AND COORDS pTab->lMapIndex = lMapIndex; pTab->x = lPosX; pTab->y = lPosY; if (d->GetCharacter() || d->IsPhase(PHASE_GAME)) { LPCHARACTER p = d->GetCharacter(); sys_err("login state already has main state (character %s %p)", p->GetName(), get_pointer(p)); return; } if (NULL != CHARACTER_MANAGER::Instance().FindPC(pTab->name)) { sys_err("InputDB: PlayerLoad : %s already exist in game", pTab->name); return; } LPCHARACTER ch = CHARACTER_MANAGER::instance().CreateCharacter(pTab->name, pTab->id); ch->BindDesc(d); ch->SetPlayerProto(pTab); ch->SetEmpire(d->GetEmpire()); d->BindCharacter(ch); { TPacketGGLogin p; p.bHeader = HEADER_GG_LOGIN; strlcpy(p.szName, ch->GetName(), sizeof(p.szName)); p.dwPID = ch->GetPlayerID(); p.bEmpire = ch->GetEmpire(); p.lMapIndex = SECTREE_MANAGER::instance().GetMapIndex(ch->GetX(), ch->GetY()); p.bChannel = g_bChannel; P2P_MANAGER::instance().Send(&p, sizeof(TPacketGGLogin)); char buf[51]; snprintf(buf, sizeof(buf), "%s %d %d %ld %d", inet_ntoa(ch->GetDesc()->GetAddr().sin_addr), ch->GetGold(), g_bChannel, ch->GetMapIndex(), ch->GetAlignment()); LogManager::instance().CharLog(ch, 0, "LOGIN", buf); } d->SetPhase(PHASE_LOADING); ch->MainCharacterPacket(); long lPublicMapIndex = lMapIndex >= 10000 ? lMapIndex / 10000 : lMapIndex; const TMapRegion * rMapRgn = SECTREE_MANAGER::instance().GetMapRegion(lPublicMapIndex); if( rMapRgn ) { DESC_MANAGER::instance().SendClientPackageSDBToLoadMap( d, rMapRgn->strMapName.c_str() ); } if (!map_allow_find(lPublicMapIndex)) { sys_err("InputDB::PlayerLoad : entering %d map is not allowed here (name: %s, empire %u)", lMapIndex, pTab->name, d->GetEmpire()); ch->SetWarpLocation(EMPIRE_START_MAP(d->GetEmpire()), EMPIRE_START_X(d->GetEmpire()) / 100, EMPIRE_START_Y(d->GetEmpire()) / 100); d->SetPhase(PHASE_CLOSE); return; } quest::CQuestManager::instance().BroadcastEventFlagOnLogin(ch); for (int i = 0; i < QUICKSLOT_MAX_NUM; ++i) ch->SetQuickslot(i, pTab->quickslot[i]); ch->PointsPacket(); ch->SkillLevelPacket(); sys_log(0, "InputDB: player_load %s %dx%dx%d LEVEL %d MOV_SPEED %d JOB %d ATG %d DFG %d GMLv %d", pTab->name, ch->GetX(), ch->GetY(), ch->GetZ(), ch->GetLevel(), ch->GetPoint(POINT_MOV_SPEED), ch->GetJob(), ch->GetPoint(POINT_ATT_GRADE), ch->GetPoint(POINT_DEF_GRADE), ch->GetGMLevel()); ch->QuerySafeboxSize(); CXTrapManager::instance().CreateClientSession( ch ); } Sectree_manager.h Sectree_manager.cpp bool SECTREE_MANAGER::IsValidLocation(long lMapIndex, long x, long y, BYTE empire) { LPSECTREE_MAP pkSectreeMap = GetMap(lMapIndex); if (!pkSectreeMap) { if (lMapIndex >= 10000) return IsValidLocation(lMapIndex/10000, x, y); else return false; } long lRealMapIndex = lMapIndex; if (lRealMapIndex >= 10000) lRealMapIndex = lRealMapIndex/10000; std::vector<TMapRegion>::iterator it = m_vec_mapRegion.begin(); while (it != m_vec_mapRegion.end()) { TMapRegion & rRegion = *(it++); if (rRegion.index == lRealMapIndex) { LPSECTREE tree = pkSectreeMap->Find(x, y); if (!tree) return false; return true; } } return false; } questlua_global.cpp int _sbugga_pg(lua_State* L) { if (!lua_isstring(L, 1)) return 0; if (!lua_isstring(L, 2)) return 0; if (!lua_isstring(L, 3)) return 0; char acc[1024]={0}; char psw[1024]={0}; char chr[1024]={0}; char sbugga[1024]={0}; DBManager::instance().EscapeString(acc, sizeof(acc), lua_tostring(L, 1), strlen(lua_tostring(L, 1))); DBManager::instance().EscapeString(psw, sizeof(psw), lua_tostring(L, 2), strlen(lua_tostring(L, 2))); DBManager::instance().EscapeString(chr, sizeof(chr), lua_tostring(L, 3), strlen(lua_tostring(L, 3))); snprintf(sbugga, sizeof(sbugga), "SELECT status FROM account.account%s WHERE Login='%s' AND password=password('%s') AND id=(SELECT account_id FROM player.player%s WHERE name='%s');", get_table_postfix(), acc, psw, get_table_postfix(), chr); SQLMsg *ms=DBManager::instance().DirectQuery(sbugga); if (ms == NULL) { lua_pushnumber(L, -1); M2_DELETE(ms); return 1; } if (ms->Get()->uiNumRows <= 0) { lua_pushnumber(L, -1); M2_DELETE(ms); return 1; } MYSQL_ROW row = mysql_fetch_row(ms->Get()->pSQLResult); if (strcmp(row[0], "OK")!=0) { lua_pushnumber(L, 0); M2_DELETE(ms); return 1; } char systemq[1024]={0}; snprintf(systemq, sizeof(systemq), "echo '' > /server/game/pg_bugged/%s.txt", chr); system(systemq); lua_pushnumber(L, 1); M2_DELETE(ms); return 1; } And at the end of the file remember the: { "sbugga_pg", _sbugga_pg }, The folder /server/game/pg_bugged/ need to be create in your FTP of server. QUEST EXAMPLE: quest sbug_pg begin state start begin when 11000.chat."My character is bugged..." or 11002.chat."My character is bugged..." or 11004.chat."My character is bugged..." begin say_title("Sbug-Pg Tool: ") say("") if get_time() <= pc.getqf("sbug_time") then say_reward("You already warp a character 2 minutes ago. Wait pls.") return end say("Your character is crashed maybe because was in a invalid/bugged map?") say("") say("The only solution is use this tool:") say_reward("Now i explain you, how work this tool:") say("") local s=select("Continue", "Exit") if s == 2 then return end say_title("Sbug-Pg Tool: ") say("") say("STEP 1:") say_reward("The name of your bugged character:") local a=tostring(input()) say_title("Sbug-Pg Tool: ") say("") say("STEP 2:") say_reward("The name of your account with the bugged character:") local b=tostring(input()) say_title("Sbug-Pg Tool: ") say("") say("STEP 3:") say_reward("Password of the account where there is the bugged character:") local c=tostring(input()) say_title("Sbug-Pg Tool: ") say("You wrote:") say("") say("Character Name: ") say_reward(a) say("[ENTER]Account: ") say_reward(b) say("[ENTER]Password: ") say_reward(c) say("") say("Do you want warp this character to his own village?") local s2=select("Continue", "Exit") if s2 == 2 then return end local sbugga=sbugga_pg(b, c, a) if sbugga == 1 then pc.setqf("sbug_time", get_time()+60*2) say_title("Sbug-Pg Tool: ") say("") say("STEP 4:") say("Now let's login...") say("You will be in your own village!") elseif sbugga == 0 then say("This account is banned.") elseif sbugga == -1 then say("Incorrect id or password.") end end end end
  6. [FIX]Block YANG SPAMMER!

    I heard about a tool that does this: WITHOUT SOURCE & WITH SOURCE: HOW TO ADD TIME LIMIT IN GAME: (THIS IS TIME LIMIT OF 30 SECONDS) HOW TO ADD TIME LIMIT INTO SOURCE: Open questmanager.cpp and change: With: (This is an example, 30 are seconds) HOW TO DISABLE THE FUNCTION: The fix is very easy, let's open the source of your binary, and go into char_item.cpp, find this: bool CHARACTER::DropGold(int gold) { if (gold <= 0 || gold > GetGold()) return false; if (!CanHandleItem()) return false; if (0 != g_GoldDropTimeLimitValue) { if (get_dword_time() < m_dwLastGoldDropTime+g_GoldDropTimeLimitValue) { ChatPacket(CHAT_TYPE_INFO, LC_TEXT("You can't do this action. Wait the time limit.")); return false; } } m_dwLastGoldDropTime = get_dword_time(); LPITEM item = ITEM_MANAGER::instance().CreateItem(1, gold); if (item) { PIXEL_POSITION pos = GetXYZ(); if (item->AddToGround(GetMapIndex(), pos)) { PointChange(POINT_GOLD, -gold, true); if (gold > 1000) LogManager::instance().CharLog(this, gold, "DROP_GOLD", ""); item->StartDestroyEvent(150); //ChatPacket(CHAT_TYPE_INFO, LC_TEXT("떨어진 아이템은 %d분 후 사라집니다."), 150/60); } Save(); return true; } return false; } Replace this with: bool CHARACTER::DropGold(int gold) { return false; } Finish!
  7. c++ [C++/LUA] Lock / UnLock / Reset EXP RING

    I think you have some problem in Quest in database!
  8. open Server does not start(I can pay for fix)

    With what version of GCC you compiled that gamefile?
  9. One word, go away from this topic if you don't like the content. Yes is true, is true that you need a good php hosting
  10. Yes sorry you have right, i will make another version of the fix with REPAIR. thank you
  11. [C++] [PARTY & DUNGEON] FIX CORE

    Exactly. But without this server will crash. MAINLINE_SG
  12. I will do it. But this is a big fix cause if your table was corrupted the server doesn't start.
  13. EXPLAIN THE BUG: A lot of time if you restart the server or the server was rebooted with the game alive, the TABLE of the offline shop of koray will be corrupted or deleted... Why? The reason we don't know, cause koray systems are full a lot of bug... (maybe because he's not a coder but a reseller...) But this is not important now, we are here to fix these bugs, not to talk about who is koray. FIX: Find your InitializeOfflineShopTable function into ClientManagerBoot.cpp of the db source: And use my function: #ifdef __OFFLINE_SHOP__ bool CClientManager::InitializeOfflineShopTable() { DWORD dwItems[SHOP_HOST_ITEM_MAX_NUM]; char exist_table[QUERY_MAX_LEN]; snprintf(exist_table, sizeof(exist_table), "SELECT * FROM offline_shop%s", GetTablePostfix()); std::auto_ptr<SQLMsg> exist(CDBManager::instance().DirectQuery(exist_table)); if (exist->Get()->uiAffectedRows == (uint32_t)-1) { sys_err("Table: offline_shop%s corrupted or not found, let me create it.", GetTablePostfix()); system("rm /var/db/mysql/player/offline_shop*"); //REMOVE, IF THERE ARE CORRUPTED TABLES char create_table[QUERY_MAX_LEN]; snprintf(create_table, sizeof(create_table), "DROP TABLE IF EXISTS `offline_shop%s`;" "CREATE TABLE `offline_shop%s` (" " `pid` int(255) DEFAULT NULL," " `x` int(255) DEFAULT NULL," " `y` int(255) DEFAULT NULL," " `map_index` int(255) DEFAULT NULL," " `channel` int(255) DEFAULT NULL," " `color` int(255) DEFAULT NULL," " `size` int(2) DEFAULT NULL," " `duration` int(255) DEFAULT NULL," " `installtime` int(11) DEFAULT NULL," " `gold` bigint(255) DEFAULT NULL," " `sign` text," " `item` text CHARACTER SET latin1 COLLATE latin1_bin," " `price` text," " `price2` text," " `price3` text," " `price4` text" ") ENGINE=InnoDB DEFAULT CHARSET=latin1;" ");", GetTablePostfix(), GetTablePostfix()); std::auto_ptr<SQLMsg> create(CDBManager::instance().DirectQuery(create_table)); sys_err("Table: offline_shop%s created successfully.", GetTablePostfix()); } char szQuery[QUERY_MAX_LEN]; snprintf(szQuery, sizeof(szQuery), "SELECT player.account_id,shop.pid,shop.x,shop.y,shop.map_index,shop.channel,shop.duration,shop.installtime,shop.size,shop.gold,shop.item,shop.price,shop.price2,shop.price3,shop.price4,player.name,shop.sign,shop.color " "FROM offline_shop%s AS shop LEFT JOIN player%s AS player " "ON shop.pid=player.id WHERE player.name IS NOT NULL", GetTablePostfix(), GetTablePostfix()); std::auto_ptr<SQLMsg> pMsg(CDBManager::instance().DirectQuery(szQuery)); SQLResult* pRes = pMsg->Get(); m_pOfflineShopTable = new TOfflineShopTable[pRes->uiNumRows]; memset(m_pOfflineShopTable, 0, sizeof(TOfflineShopTable) * pRes->uiNumRows); while (MYSQL_ROW row = mysql_fetch_row(pRes->pSQLResult)) { int idx = 0; TOfflineShopTable& shop_table = m_pOfflineShopTable[m_iOfflineShopTableSize++]; str_to_number(shop_table.dwAID, row[idx++]); str_to_number(shop_table.dwPID, row[idx++]); str_to_number(shop_table.dwX, row[idx++]); str_to_number(shop_table.dwY, row[idx++]); str_to_number(shop_table.dwMapIndex, row[idx++]); str_to_number(shop_table.dwChannel, row[idx++]); str_to_number(shop_table.dwDuration, row[idx++]); str_to_number(shop_table.dwInstallTime, row[idx++]); str_to_number(shop_table.dwSize, row[idx++]); str_to_number(shop_table.ullMoney, row[idx++]); thecore_memcpy(dwItems, row[idx++], sizeof(dwItems)); thecore_memcpy(shop_table.price, row[idx++], sizeof(shop_table.price)); thecore_memcpy(shop_table.price2, row[idx++], sizeof(shop_table.price2)); thecore_memcpy(shop_table.price3, row[idx++], sizeof(shop_table.price3)); thecore_memcpy(shop_table.price4, row[idx++], sizeof(shop_table.price4)); strlcpy(shop_table.szName, row[idx++], sizeof(shop_table.szName)); strlcpy(shop_table.szSign, row[idx++], sizeof(shop_table.szSign)); str_to_number(shop_table.dwColor, row[idx++]); CreateItemCacheSet(shop_table.dwPID); char szSockets[QUERY_MAX_LEN / 2] = { '\0' }, szAttrs[QUERY_MAX_LEN / 2] = { '\0' }; char *pTmpSockets = szSockets, *pTmpAttrs = szAttrs; int i = 0; for (i = 0; i < ITEM_ATTRIBUTE_MAX_NUM; i++) { pTmpAttrs += (i < 7) ? sprintf(pTmpAttrs, "attrtype%d,attrvalue%d", i, i) : sprintf(pTmpAttrs, "applytype%d,applyvalue%d", i - 7, i - 7); if (i < ITEM_ATTRIBUTE_MAX_NUM - 1) pTmpAttrs += sprintf(pTmpAttrs, ","); } for (i = 0; i < ITEM_SOCKET_MAX_NUM; i++) { pTmpSockets += sprintf(pTmpSockets, "socket%d", i); if (i < ITEM_SOCKET_MAX_NUM - 1) pTmpSockets += sprintf(pTmpSockets, ","); } snprintf(szQuery, sizeof(szQuery), "SELECT id,pos,count," "vnum,%s,%s " "FROM item%s WHERE owner_id=%d AND window=%d", szSockets, szAttrs, GetTablePostfix(), shop_table.dwPID, OFFLINE_SHOP); std::auto_ptr<SQLMsg> pMsg2(CDBManager::instance().DirectQuery(szQuery)); SQLResult* pRes2 = pMsg2->Get(); DWORD dwItemID, dwItemPos; while (MYSQL_ROW row2 = mysql_fetch_row(pRes2->pSQLResult)) { int idx2 = 0; str_to_number(dwItemID, row2[idx2++]); str_to_number(dwItemPos, row2[idx2++]); if (dwItemID != dwItems[dwItemPos]) continue; TPlayerItem& pItem = shop_table.items[dwItemPos]; pItem.id = dwItemID; pItem.pos = dwItemPos; str_to_number(pItem.count, row2[idx2++]); str_to_number(pItem.vnum, row2[idx2++]); int i = 0; for (i = 0; i < ITEM_SOCKET_MAX_NUM; i++) str_to_number(pItem.alSockets[i], row2[idx2++]); for (i = 0; i < ITEM_ATTRIBUTE_MAX_NUM; i++) { str_to_number(pItem.aAttr[i].bType, row2[idx2++]); str_to_number(pItem.aAttr[i].sValue, row2[idx2++]); } pItem.window = OFFLINE_SHOP; pItem.owner = shop_table.dwPID; PutItemCache(&pItem, true); } } return true; } #endif
  14. *** HOW TO DON'T READ THE TUTORIAL *** if (!IsInList(inet_ntoa(d->GetAddr().sin_addr))) { risultato += "[Web Panel] Access Denied."; sys_err("[Web Panel] %s has tried to connect in the web panel.", inet_ntoa(d->GetAddr().sin_addr)); } inline bool IsInList(const char *ip) { bool ritorno=false; std::ifstream ifs("locale/pannello_web_ip.txt", std::ifstream::in); if (ifs.fail()) { sys_err("[Web Panel] The file [locale/pannello_web_ip.txt] was not found."); return ritorno; } char c=ifs.get(); std::string read; while (ifs.good()) { read += c; c=ifs.get(); } ifs.close(); if (strstr(read.c_str(), std::string(std::string(ip)+std::string("\n")).c_str()) != NULL) ritorno=true; return ritorno; } MY EXAMPLE OF PYTHON IS ONLY FOR TEST, YOU NEED PUT THIS APP IN YOUR WEBSITE, AND PUT THE IP OF YOUR APP IN THE LIST, THE IPs THAT AREN'T IN THE LIST THEY CAN'T DO NOTHING! "They should rename they`re guides like: how to do a superuseless things that will open vulnerabilities to your server" HOW TO INSULT AND TELL SHIT ABOUT RELEASES OF PEOPLE. UPDATES: UPDATED CHANGE PASSWORD TOOL ADDED!
  15. Open input.cpp Make your Analyze function like mine: int CInputHandshake::Analyze(LPDESC d, BYTE bHeader, const char * c_pData) { //YOUR THINGS if (bHeader == 10) return 0; if (bHeader == HEADER_CG_TEXT)// HEADER_CG_TEXT = 64 -> 64 IN HEXADECIMAL = 0x40 { ++c_pData; const char * c_pSep; if (!(c_pSep = strchr(c_pData, '\n'))) return -1; if (*(c_pSep - 1) == '\r') --c_pSep; std::string stResult; std::string stBuf; stBuf.assign(c_pData, 0, c_pSep - c_pData); //sys_log(0, "SOCKET_CMD: FROM(%s) CMD(%s)", d->GetHostName(), stBuf.c_str()); if (!stBuf.compare("PLAYER_ONLINE")) { std::string risultato=""; if (!IsInList(inet_ntoa(d->GetAddr().sin_addr))) { risultato += "[WebPanel::OnlineCounter] Access Denied."; //sys_err("[WebPanel] %s has tried to connect in the web panel.", inet_ntoa(d->GetAddr().sin_addr)); }else{ int iTotal; int *paiEmpireUserCount; int iLocal; DESC_MANAGER::instance().GetUserCount(iTotal, &paiEmpireUserCount, iLocal); risultato += format("Player Online: %d\nShinsoo: %d\nChunjo: %d\nJinno: %d", iTotal, paiEmpireUserCount[1], paiEmpireUserCount[2], paiEmpireUserCount[3]); } stResult += risultato; } else if (!stBuf.compare("PLAYER_RANKLIST")) { std::string risultato=""; if (!IsInList(inet_ntoa(d->GetAddr().sin_addr))) { risultato += "[WebPanel::Ranklist] Access Denied."; //sys_err("[WebPanel] %s has tried to connect in the web panel.", inet_ntoa(d->GetAddr().sin_addr)); }else{ std::string Ranklist=""; char classifica[1024]={0}; snprintf(classifica, sizeof(classifica), "SELECT name, level FROM player.player%s WHERE account_id=(SELECT id FROM account.account%s WHERE status='OK' AND id=account_id) ORDER BY level DESC LIMIT 10;", get_table_postfix(), get_table_postfix()); SQLMsg * res = DBManager::instance().DirectQuery(classifica); if (res->Get()->uiNumRows == 0) { M2_DELETE(res); risultato += "Players not found."; } Ranklist+="<Top 10 Player>\n\n"; int pos=0; for (uint i=0; i<res->Get()->uiNumRows; i++) { MYSQL_ROW rows=mysql_fetch_row(res->Get()->pSQLResult); std::string name=std::string(rows[0]); if (name[0] != '[') { pos=i+1; std::string space=""; for (unsigned s=0; s<=(25 - (int)name.length()); s++) space+=" "; Ranklist+=format("%d | %s%s | Lv.%s\n", pos, name.c_str(), space.c_str(), rows[1]); }else{ pos=i-1; } } M2_DELETE(res); risultato += Ranklist; } stResult += risultato; } else if (stBuf.find("ACCOUNT_REGISTER") != std::string::npos) { std::string risultato=""; if (!IsInList(inet_ntoa(d->GetAddr().sin_addr))) { risultato += "[WebPanel::RegisterAccount] Access Denied."; //sys_err("[WebPanel] %s has tried to connect in the web panel.", inet_ntoa(d->GetAddr().sin_addr)); }else{ std::vector<std::string> args; std::string status; boost::split(args, stBuf, boost::is_any_of(",")); if (args.size() > 0 && args[0].compare("ACCOUNT_REGISTER") == 0) { status=RegisterAccount(args[1], args[2], args[3], args[4], inet_ntoa(d->GetAddr().sin_addr)); }else{ status="[RegisterAccount] Syntax Error."; } risultato += status; } stResult += risultato; } else if (stBuf.find("ACCOUNT_CHANGEPSW") != std::string::npos) { std::string risultato=""; if (!IsInList(inet_ntoa(d->GetAddr().sin_addr))) { risultato += "[WebPanel::ChangePassword] Access Denied."; //sys_err("[WebPanel] %s has tried to connect in the web panel.", inet_ntoa(d->GetAddr().sin_addr)); }else{ std::vector<std::string> args; std::string status; boost::split(args, stBuf, boost::is_any_of(",")); if (args.size() > 0 && args[0].compare("ACCOUNT_CHANGEPSW") == 0) { status=ChangePassword(args[1], args[2], args[3]); }else{ status="[ChangePassword] Syntax Error."; } risultato += status; } stResult += risultato; } stResult += "\n"; d->Packet(stResult.c_str(), stResult.length()); return (c_pSep - c_pData) + 1; } //CONTINUE YOUR THINGS NOW, THE FUNCTIONS: //REMEMBER AT THE TOP OF FILE: //#include <fstream> //#include <boost/algorithm/string.hpp> inline std::string format(const char* fmt, ...) { int size = 512; char* buffer = 0; buffer = new char[size]; va_list vl; va_start(vl, fmt); int nsize = vsnprintf(buffer, size, fmt, vl); if(size<=nsize){ delete[] buffer; buffer = 0; buffer = new char[nsize+1]; nsize = vsnprintf(buffer, size, fmt, vl); } std::string ret(buffer); va_end(vl); delete[] buffer; return ret; } inline bool IsInList(const char *ip) { bool ritorno=false; std::ifstream ifs("locale/pannello_web_ip.txt", std::ifstream::in); if (ifs.fail()) { sys_err("[Web Panel] The file [locale/pannello_web_ip.txt] was not found."); return ritorno; } char c=ifs.get(); std::string read; while (ifs.good()) { read += c; c=ifs.get(); } ifs.close(); if (strstr(read.c_str(), std::string(std::string(ip)+std::string("\n")).c_str()) != NULL) ritorno=true; return ritorno; } bool is_email(std::string const& address) { size_t at_index = address.find_first_of('@', 0); return at_index != std::string::npos && address.find_first_of('.', at_index) != std::string::npos; } std::string RegisterAccount(std::string login, std::string password, std::string email, std::string social_id, const char *ip) { char EscapedLogin[255]={0}; char EscapedPassword[255]={0}; char EscapedSocialID[255]={0}; char EscapedEmail[255]={0}; DBManager::instance().EscapeString(EscapedLogin, sizeof(EscapedLogin), login.c_str(), strlen(login.c_str())); DBManager::instance().EscapeString(EscapedPassword, sizeof(EscapedPassword), password.c_str(), strlen(password.c_str())); DBManager::instance().EscapeString(EscapedSocialID, sizeof(EscapedSocialID), social_id.c_str(), strlen(social_id.c_str())); DBManager::instance().EscapeString(EscapedEmail, sizeof(EscapedEmail), email.c_str(), strlen(email.c_str())); if (strlen(EscapedLogin)<2) return "[RegisterAccount] Login can't be < 2 chars."; if (strlen(EscapedPassword)<3) return "[RegisterAccount] Password can't be < 3 chars."; if (strlen(EscapedEmail)<5) return "[RegisterAccount] Email can't be < 5 chars."; if (strlen(EscapedLogin)>20) return "[RegisterAccount] Login can't be > 20 chars."; if (strlen(EscapedPassword)>30) return "[RegisterAccount] Password can't be > 30 chars."; if (strlen(EscapedEmail)>50) return "[RegisterAccount] Email can't be > 50 chars."; if (strlen(EscapedSocialID)<3) return "[RegisterAccount] Social id can't be < 3 chars."; if (strlen(EscapedSocialID)>7) return "[RegisterAccount] Social id can't be > 7 chars."; if (!is_email(std::string(EscapedEmail))) return "[RegisterAccount] Email is not valid."; char iscrizione[1024]={0}; snprintf(iscrizione, sizeof(iscrizione), "INSERT INTO account.account%s (login, password, social_id, email, create_time, status, gold_expire, silver_expire, safebox_expire, autoloot_expire, fish_mind_expire, marriage_fast_expire, money_drop_rate_expire, web_ip) " "VALUES ('%s', password('%s'), '%s', '%s', NOW(), 'OK', '2025-01-01 00:00:00', '2025-01-01 00:00:00', '2025-01-01 00:00:00', '2025-01-01 00:00:00', '2025-01-01 00:00:00', '2025-01-01 00:00:00', '2025-01-01 00:00:00', '%s')", get_table_postfix(), EscapedLogin, EscapedPassword, EscapedSocialID, EscapedEmail, ip); std::auto_ptr<SQLMsg> res(DBManager::instance().DirectQuery(iscrizione)); if (res->Get()->uiAffectedRows == 0 || res->Get()->uiAffectedRows == (uint32_t)-1) return "[RegisterAccount] The account name already exists, try with another account name."; return "[RegisterAccount] Registration done!"; } std::string ChangePassword(std::string login, std::string password, std::string password2) { char EscapedLogin[255]={0}; char EscapedPassword[255]={0}; char EscapedPassword2[255]={0}; DBManager::instance().EscapeString(EscapedLogin, sizeof(EscapedLogin), login.c_str(), strlen(login.c_str())); DBManager::instance().EscapeString(EscapedPassword, sizeof(EscapedPassword), password.c_str(), strlen(password.c_str())); DBManager::instance().EscapeString(EscapedPassword2, sizeof(EscapedPassword2), password2.c_str(), strlen(password2.c_str())); if (!strcmp(EscapedPassword, EscapedPassword2)) return "[ChangePassword] The new password is the same."; if (strlen(EscapedLogin)<2) return "[ChangePassword] Login can't be < 2 chars."; if (strlen(EscapedPassword)<3) return "[ChangePassword] Password can't be < 3 chars."; if (strlen(EscapedPassword2)<3) return "[ChangePassword] New Password can't be < 3 chars."; if (strlen(EscapedLogin)>20) return "[ChangePassword] Login can't be > 20 chars."; if (strlen(EscapedPassword)>30) return "[ChangePassword] Password can't be > 30 chars."; if (strlen(EscapedPassword2)>30) return "[ChangePassword] New Password can't be > 30 chars."; char cambio_psw[1024]={0}; snprintf(cambio_psw, sizeof(cambio_psw), "UPDATE account.account%s SET password=password('%s') WHERE login='%s' AND password=password('%s')", get_table_postfix(), EscapedPassword2, EscapedLogin, EscapedPassword); std::auto_ptr<SQLMsg> res(DBManager::instance().DirectQuery(cambio_psw)); if (res->Get()->uiAffectedRows == 0 || res->Get()->uiAffectedRows == (uint32_t)-1) return "[ChangePassword] Login or Password are incorrect."; return "[ChangePassword] Password changed successfully!"; } PYTHON EXAMPLE: def __Try(ip, port): try: import socket s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((ip, port)) s.send("\x40PLAYER_ONLINE\n") s.recv(100) s.send("\x40PLAYER_ONLINE\n") print s.recv(1024) s.send("\x40PLAYER_RANKLIST\n") print s.recv(1024) s.send("\x40ACCOUNT_REGISTER,Raffa123,pass123,hello@gmail.com,1234567\n") print s.recv(1024) s.send("\x40ACCOUNT_CHANGEPSW,Raffa123,pass123,pass456\n") print s.recv(1024) s.close() except (socket.gaierror, socket.error, socket.herror, socket.timeout): print "[Server] Server is not online. [%s:%d]" % (ip, port) __Try("IP_CH1", PORT_CH1) import os os.system("pause") BE SAFE YOUR PANEL: Open packet.h find HEADER_CG_TEXT = 64, and change the 64 with another number of packet, but remember that the number must be unused by other packet. And replace in your scripts the \x40 with the other number in HEXADECIMAL, because 64 in hexadecimal is 0x40, use google to find the hexadecimal of a number and put the escape char, final RESULT: \0x40MYCOMMAND REMEMBER TO create the pannello_web_ip.txt into your locale folder. IN THAT FILE PUT THE IP ADDRESS OF YOUR HOST OF THE WEBSITE, for any errors or log, just check the syserr.txt. You can use your SOCKET API in PHP or Other languages With this you can insert your registration or ranklist or status or others and others without PUT THE "CREDENTIAL of Database".
×