mirror of
https://github.com/TrinityCore/TrinityCore.git
synced 2026-01-19 00:48:56 +01:00
Merge remote-tracking branch 'tc/3.3.5' into 4.3.4
Note: additional hand-picked ports from 6.x to fix build Conflicts: sql/updates/world/2016_02_22_00_world.sql sql/updates/world/2016_02_22_01_world.sql sql/updates/world/2016_02_22_02_world.sql sql/updates/world/2016_03_07_00_world.sql src/server/authserver/Realms/RealmList.cpp src/server/authserver/Realms/RealmList.h src/server/authserver/Server/AuthSession.cpp src/server/game/Accounts/AccountMgr.cpp src/server/game/AuctionHouse/AuctionHouseMgr.cpp src/server/game/Chat/Chat.cpp src/server/game/Conditions/ConditionMgr.cpp src/server/game/Conditions/ConditionMgr.h src/server/game/Entities/Player/Player.cpp src/server/game/Handlers/CharacterHandler.cpp src/server/game/Handlers/MiscHandler.cpp src/server/game/Scripting/ScriptLoader.cpp src/server/game/Scripting/ScriptLoader.h src/server/game/Server/WorldSession.cpp src/server/game/Server/WorldSocket.cpp src/server/game/World/World.cpp src/server/game/World/World.h src/server/scripts/CMakeLists.txt src/server/scripts/Commands/cs_gm.cpp src/server/scripts/Commands/cs_misc.cpp src/server/scripts/Commands/cs_rbac.cpp src/server/scripts/Commands/cs_ticket.cpp src/server/scripts/Commands/cs_wp.cpp src/server/scripts/EasternKingdoms/CMakeLists.txt src/server/scripts/EasternKingdoms/zone_burning_steppes.cpp src/server/scripts/EasternKingdoms/zone_stormwind_city.cpp src/server/scripts/Kalimdor/CMakeLists.txt src/server/scripts/Kalimdor/zone_dustwallow_marsh.cpp src/server/scripts/Kalimdor/zone_orgrimmar.cpp src/server/scripts/OutdoorPvP/CMakeLists.txt src/server/scripts/Spells/spell_dk.cpp src/server/scripts/Spells/spell_hunter.cpp src/server/shared/CMakeLists.txt src/server/worldserver/CMakeLists.txt src/server/worldserver/Main.cpp src/tools/mmaps_generator/CMakeLists.txt
This commit is contained in:
ariel-
@@ -571,6 +571,8 @@ bool AuthSession::HandleLogonProof()
|
||||
TC_LOG_DEBUG("server.authserver", "'%s:%d' User '%s' successfully authenticated", GetRemoteIpAddress().to_string().c_str(), GetRemotePort(), _accountInfo.Login.c_str());
|
||||
|
||||
// Update the sessionkey, last_ip, last login time and reset number of failed logins in the account table for this account
|
||||
// No SQL injection (escaped user name) and IP address as received by socket
|
||||
|
||||
PreparedStatement *stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LOGONPROOF);
|
||||
stmt->setString(0, K.AsHexStr());
|
||||
stmt->setString(1, GetRemoteIpAddress().to_string().c_str());
|
||||
@@ -842,22 +844,19 @@ void AuthSession::RealmListCallback(PreparedQueryResult result)
|
||||
} while (result->NextRow());
|
||||
}
|
||||
|
||||
// Update realm list if need
|
||||
sRealmList->UpdateIfNeed();
|
||||
|
||||
// Circle through realms in the RealmList and construct the return packet (including # of user characters in each realm)
|
||||
ByteBuffer pkt;
|
||||
|
||||
size_t RealmListSize = 0;
|
||||
for (RealmList::RealmMap::const_iterator i = sRealmList->begin(); i != sRealmList->end(); ++i)
|
||||
for (RealmList::RealmMap::value_type const& i : sRealmList->GetRealms())
|
||||
{
|
||||
const Realm &realm = i->second;
|
||||
const Realm &realm = i.second;
|
||||
// don't work with realms which not compatible with the client
|
||||
bool okBuild = ((_expversion & POST_BC_EXP_FLAG) && realm.gamebuild == _build) || ((_expversion & PRE_BC_EXP_FLAG) && !AuthHelper::IsPreBCAcceptedClientBuild(realm.gamebuild));
|
||||
bool okBuild = ((_expversion & POST_BC_EXP_FLAG) && realm.Build == _build) || ((_expversion & PRE_BC_EXP_FLAG) && !AuthHelper::IsPreBCAcceptedClientBuild(realm.Build));
|
||||
|
||||
// No SQL injection. id of realm is controlled by the database.
|
||||
uint32 flag = realm.flag;
|
||||
RealmBuildInfo const* buildInfo = AuthHelper::GetBuildInfo(realm.gamebuild);
|
||||
uint32 flag = realm.Flags;
|
||||
RealmBuildInfo const* buildInfo = AuthHelper::GetBuildInfo(realm.Build);
|
||||
if (!okBuild)
|
||||
{
|
||||
if (!buildInfo)
|
||||
@@ -869,7 +868,7 @@ void AuthSession::RealmListCallback(PreparedQueryResult result)
|
||||
if (!buildInfo)
|
||||
flag &= ~REALM_FLAG_SPECIFYBUILD;
|
||||
|
||||
std::string name = i->first;
|
||||
std::string name = realm.Name;
|
||||
if (_expversion & PRE_BC_EXP_FLAG && flag & REALM_FLAG_SPECIFYBUILD)
|
||||
{
|
||||
std::ostringstream ss;
|
||||
@@ -877,19 +876,19 @@ void AuthSession::RealmListCallback(PreparedQueryResult result)
|
||||
name = ss.str();
|
||||
}
|
||||
|
||||
uint8 lock = (realm.allowedSecurityLevel > _accountInfo.SecurityLevel) ? 1 : 0;
|
||||
uint8 lock = (realm.AllowedSecurityLevel > _accountInfo.SecurityLevel) ? 1 : 0;
|
||||
|
||||
pkt << uint8(realm.icon); // realm type
|
||||
pkt << uint8(realm.Type); // realm type
|
||||
if (_expversion & POST_BC_EXP_FLAG) // only 2.x and 3.x clients
|
||||
pkt << uint8(lock); // if 1, then realm locked
|
||||
pkt << uint8(flag); // RealmFlags
|
||||
pkt << name;
|
||||
pkt << boost::lexical_cast<std::string>(realm.GetAddressForClient(GetRemoteIpAddress()));
|
||||
pkt << float(realm.populationLevel);
|
||||
pkt << uint8(characterCounts[realm.m_ID]);
|
||||
pkt << uint8(realm.timezone); // realm category
|
||||
pkt << float(realm.PopulationLevel);
|
||||
pkt << uint8(characterCounts[realm.Id.Realm]);
|
||||
pkt << uint8(realm.Timezone); // realm category
|
||||
if (_expversion & POST_BC_EXP_FLAG) // 2.x and 3.x clients
|
||||
pkt << uint8(realm.m_ID);
|
||||
pkt << uint8(realm.Id.Realm);
|
||||
else
|
||||
pkt << uint8(0x0); // 1.12.1 and 1.12.2 clients
|
||||
|
||||
@@ -953,6 +952,7 @@ void AuthSession::SetVSFields(const std::string& rI)
|
||||
x.SetBinary(sha.GetDigest(), sha.GetLength());
|
||||
v = g.ModExp(x, N);
|
||||
|
||||
// No SQL injection (username escaped)
|
||||
PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_VS);
|
||||
stmt->setString(0, v.AsHexStr());
|
||||
stmt->setString(1, s.AsHexStr());
|
||||
|
||||
Reference in New Issue
Block a user