diff options
| -rw-r--r-- | src/game/AccountMgr.cpp | 15 | ||||
| -rw-r--r-- | src/game/AccountMgr.h | 1 | ||||
| -rw-r--r-- | src/game/Level1.cpp | 19 | ||||
| -rw-r--r-- | src/game/Level3.cpp | 150 | ||||
| -rw-r--r-- | src/trinitycore/RASocket.cpp | 2 |
5 files changed, 83 insertions, 104 deletions
diff --git a/src/game/AccountMgr.cpp b/src/game/AccountMgr.cpp index 12da998901b..4da2462abfa 100644 --- a/src/game/AccountMgr.cpp +++ b/src/game/AccountMgr.cpp @@ -179,6 +179,21 @@ uint32 AccountMgr::GetSecurity(uint32 acc_id) return 0; } +uint32 AccountMgr::GetSecurity(uint32 acc_id, int32 realm_id) +{ + QueryResult *result = (realm_id == -1) + ? loginDatabase.PQuery("SELECT gmlevel FROM account_access WHERE id = '%u' AND RealmID = '%d'", acc_id, realm_id) + : loginDatabase.PQuery("SELECT gmlevel FROM account_access WHERE id = '%u' AND (RealmID = '%d' OR RealmID = '-1')", acc_id, realm_id); + if(result) + { + uint32 sec = (*result)[0].GetUInt32(); + delete result; + return sec; + } + + return 0; +} + bool AccountMgr::GetName(uint32 acc_id, std::string &name) { QueryResult *result = loginDatabase.PQuery("SELECT username FROM account WHERE id = '%u'", acc_id); diff --git a/src/game/AccountMgr.h b/src/game/AccountMgr.h index c14110036a0..99f2a5ab5fc 100644 --- a/src/game/AccountMgr.h +++ b/src/game/AccountMgr.h @@ -52,6 +52,7 @@ class AccountMgr uint32 GetId(std::string username); uint32 GetSecurity(uint32 acc_id); + uint32 GetSecurity(uint32 acc_id, int32 realm_id); bool GetName(uint32 acc_id, std::string &name); std::string CalculateShaPassHash(std::string& name, std::string& password); diff --git a/src/game/Level1.cpp b/src/game/Level1.cpp index 1d99b0d68e6..4163aaa40e1 100644 --- a/src/game/Level1.cpp +++ b/src/game/Level1.cpp @@ -25,6 +25,7 @@ #include "World.h" #include "ObjectMgr.h" #include "Player.h" +#include "AccountMgr.h" #include "Opcodes.h" #include "Chat.h" #include "Log.h" @@ -483,12 +484,10 @@ bool ChatHandler::HandleGMTicketAssignToCommand(const char* args) return false; std::string targm = targetgm; - if(!normalizePlayerName(targm)) - return true; + return false; Player *cplr = m_session->GetPlayer(); - std::string gmname; GM_Ticket *ticket = objmgr.GetGMTicket(ticketGuid); if(!ticket || ticket->closed != 0) @@ -496,24 +495,24 @@ bool ChatHandler::HandleGMTicketAssignToCommand(const char* args) SendSysMessage(LANG_COMMAND_TICKETNOTEXIST); return true; } + uint64 tarGUID = objmgr.GetPlayerGUIDByName(targm.c_str()); uint64 accid = objmgr.GetPlayerAccountIdByGUID(tarGUID); - QueryResult *result = loginDatabase.PQuery("SELECT 'gmlevel', 'RealmID' FROM account_access WHERE id = '%u'", accid); + uint32 gmlevel = accmgr.GetSecurity(accid, realmID); - Field * fields = result->Fetch(); - uint32 gmlevel = fields[0].GetUInt32(); - uint32 SecurityRealmID = fields[1].GetUInt32(); - - if(!tarGUID|| !result || gmlevel < SEC_MODERATOR || (SecurityRealmID != realmID && SecurityRealmID != -1)) + if(!tarGUID || gmlevel == SEC_PLAYER) { SendSysMessage(LANG_COMMAND_TICKETASSIGNERROR_A); return true; } + if(ticket->assignedToGM == tarGUID) { PSendSysMessage(LANG_COMMAND_TICKETASSIGNERROR_B, ticket->guid); return true; } + + std::string gmname; objmgr.GetPlayerNameByGUID(tarGUID, gmname); if(ticket->assignedToGM != 0 && ticket->assignedToGM != cplr->GetGUID()) { @@ -1790,7 +1789,7 @@ bool ChatHandler::HandleModifyScaleCommand(const char* args) return false; float Scale = (float)atof((char*)args); - if (Scale > 10.0f || Scale <= 0.1f) + if (Scale > 10.0f || Scale < 0.1f) { SendSysMessage(LANG_BAD_VALUE); SetSentErrorMessage(true); diff --git a/src/game/Level3.cpp b/src/game/Level3.cpp index 624fc1d14ea..540bd0d8586 100644 --- a/src/game/Level3.cpp +++ b/src/game/Level3.cpp @@ -1412,68 +1412,22 @@ bool ChatHandler::HandleAccountSetGmLevelCommand(const char *args) char* arg1 = strtok((char*)args, " "); char* arg2 = strtok(NULL, " "); char* arg3 = strtok(NULL, " "); + bool isAccountNameGiven = true; - if (getSelectedPlayer() && arg1 && !arg3) + if (arg1 && !arg3) { - targetAccountId = getSelectedPlayer()->GetSession()->GetAccountId(); - accmgr.GetName(targetAccountId, targetAccountName); - Player* targetPlayer = getSelectedPlayer(); - gm = atoi(arg1); - uint32 gmRealmID = arg2 ? atoi(arg2) : realmID; - - // Check for invalid specified GM level. - if (gm < SEC_PLAYER || gm > SEC_ADMINISTRATOR) - { - SendSysMessage(LANG_BAD_VALUE); - SetSentErrorMessage(true); - return false; - } - - // Check if targets GM level and specified GM level is not higher than current gm level - targetSecurity = targetPlayer->GetSession()->GetSecurity(); - if (targetSecurity >= m_session->GetSecurity() || - gm >= m_session->GetSecurity() || - (gmRealmID != realmID && m_session->GetSecurity() < SEC_CONSOLE)) - { - SendSysMessage(LANG_YOURS_SECURITY_IS_LOW); - SetSentErrorMessage(true); - return false; - } - - // Check if provided realmID is not current realmID, or isn't -1 - if (gmRealmID != realmID && gmRealmID != -1) - { - SendSysMessage(LANG_INVALID_REALMID); - SetSentErrorMessage(true); + if (!getSelectedPlayer()) return false; - } + isAccountNameGiven = false; + } - // Decide which string to show - if (m_session->GetPlayer() != targetPlayer) - PSendSysMessage(LANG_YOU_CHANGE_SECURITY, targetAccountName.c_str(), gm); - else - PSendSysMessage(LANG_YOURS_SECURITY_CHANGED, m_session->GetPlayer()->GetName(), gm); + // Check for second parameter + if (!isAccountNameGiven && !arg2) + return false; - // If gmRealmID is -1, delete all values for the account id, else, insert values for the specific realmID - if (gmRealmID == -1) - { - loginDatabase.PExecute("DELETE FROM account_access WHERE id = '%u'", targetAccountId); - loginDatabase.PExecute("INSERT INTO account_access VALUES ('%u', '%d', -1)", targetAccountId, gm); - } - else - { - loginDatabase.PExecute("DELETE FROM account_access WHERE id = '%u' AND RealmID = '%d'", targetAccountId, realmID); - loginDatabase.PExecute("INSERT INTO account_access VALUES ('%u','%d','%d')", targetAccountId, gm, realmID); - } - return true; - } - else + // Check for account + if (isAccountNameGiven) { - // Check for second parameter - if (!arg2) - return false; - - // Check for account targetAccountName = arg1; if (!AccountMgr::normalizeString(targetAccountName)) { @@ -1481,53 +1435,63 @@ bool ChatHandler::HandleAccountSetGmLevelCommand(const char *args) SetSentErrorMessage(true); return false; } + } - // Check for invalid specified GM level. - gm = atoi(arg2); - if (gm < SEC_PLAYER || gm > SEC_ADMINISTRATOR) - { - SendSysMessage(LANG_BAD_VALUE); - SetSentErrorMessage(true); - return false; - } - - uint32 gmRealmID = arg3 ? atoi(arg3) : realmID; - // Check if provided realmID is not current realmID, or isn't -1 - if (gmRealmID != realmID && gmRealmID != -1) - { - SendSysMessage(LANG_INVALID_REALMID); - SetSentErrorMessage(true); - return false; - } + // Check for invalid specified GM level. + gm = (isAccountNameGiven) ? atoi(arg2) : atoi(arg1); + if (gm < SEC_PLAYER) + { + SendSysMessage(LANG_BAD_VALUE); + SetSentErrorMessage(true); + return false; + } - targetAccountId = accmgr.GetId(arg1); - /// m_session==NULL only for console - uint32 plSecurity = m_session ? m_session->GetSecurity() : SEC_CONSOLE; + // m_session == NULL only for console + targetAccountId = (isAccountNameGiven) ? accmgr.GetId(targetAccountName) : getSelectedPlayer()->GetSession()->GetAccountId(); + int32 gmRealmID = (isAccountNameGiven) ? atoi(arg3) : atoi(arg2); + uint32 plSecurity = m_session ? accmgr.GetSecurity(m_session->GetAccountId(), gmRealmID) : SEC_CONSOLE; - /// can set security level only for target with less security and to less security that we have - /// This is also reject self apply in fact - targetSecurity = accmgr.GetSecurity(targetAccountId); - if (targetSecurity >= plSecurity || gm >= plSecurity) + // can set security level only for target with less security and to less security that we have + // This is also reject self apply in fact + targetSecurity = accmgr.GetSecurity(targetAccountId, gmRealmID); + if (targetSecurity >= plSecurity || gm >= plSecurity) + { + SendSysMessage(LANG_YOURS_SECURITY_IS_LOW); + SetSentErrorMessage(true); + return false; + } + + // Check and abort if the target gm has a higher rank on one of the realms and the new realm is -1 + if (gmRealmID == -1) + { + QueryResult *result = loginDatabase.PQuery("SELECT * FROM account_access WHERE id = '%u' AND gmlevel > '%d'", targetAccountId, gm); + if (result) { + delete result; SendSysMessage(LANG_YOURS_SECURITY_IS_LOW); SetSentErrorMessage(true); return false; } + } - PSendSysMessage(LANG_YOU_CHANGE_SECURITY, targetAccountName.c_str(), gm); - // If gmRealmID is -1, delete all values for the account id, else, insert values for the specific realmID - if (gmRealmID == -1) - { - loginDatabase.PExecute("DELETE FROM account_access WHERE id = '%u'", targetAccountId); - loginDatabase.PExecute("INSERT INTO account_access VALUES ('%u', '%d', -1)", targetAccountId, gm); - } - else - { - loginDatabase.PExecute("DELETE FROM account_access WHERE id = '%u' AND RealmID = '%d'", targetAccountId, realmID); - loginDatabase.PExecute("INSERT INTO account_access VALUES ('%u','%d','%d')", targetAccountId, gm, realmID); - } - return true; + // Check if provided realmID has a negative value other than -1 + if (gmRealmID < -1) + { + SendSysMessage(LANG_INVALID_REALMID); + SetSentErrorMessage(true); + return false; } + + // If gmRealmID is -1, delete all values for the account id, else, insert values for the specific realmID + if (gmRealmID == -1) + loginDatabase.PExecute("DELETE FROM account_access WHERE id = '%u'", targetAccountId); + else + loginDatabase.PExecute("DELETE FROM account_access WHERE id = '%u' AND (RealmID = '%d' OR RealmID = '-1')", targetAccountId, realmID); + + if (gm != 0) + loginDatabase.PExecute("INSERT INTO account_access VALUES ('%u','%d','%d')", targetAccountId, gm, realmID); + PSendSysMessage(LANG_YOU_CHANGE_SECURITY, targetAccountName.c_str(), gm); + return true; } /// Set password for account diff --git a/src/trinitycore/RASocket.cpp b/src/trinitycore/RASocket.cpp index 15043bde3ef..ad8b748a687 100644 --- a/src/trinitycore/RASocket.cpp +++ b/src/trinitycore/RASocket.cpp @@ -154,7 +154,7 @@ void RASocket::OnRead() ///- Escape the Login to allow quotes in names loginDatabase.escape_string(login); - QueryResult* result = loginDatabase.PQuery("SELECT aa.gmlevel FROM account_access aa, account a WHERE a.username = '%s' AND aa.id = a.id",login.c_str()); + QueryResult* result = loginDatabase.PQuery("SELECT aa.gmlevel FROM account a LEFT JOIN account_access aa ON (a.id = aa.id) WHERE a.username = '%s'",login.c_str ()); ///- If the user is not found, deny access if(!result) |