aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/game/AccountMgr.cpp3
-rw-r--r--src/game/Language.h1
-rw-r--r--src/game/Level1.cpp9
-rw-r--r--src/game/Level2.cpp6
-rw-r--r--src/game/Level3.cpp51
-rw-r--r--src/game/WorldSocket.cpp55
-rw-r--r--src/trinitycore/CliRunnable.cpp9
-rw-r--r--src/trinitycore/RASocket.cpp4
-rw-r--r--src/trinityrealm/AuthSocket.cpp7
9 files changed, 111 insertions, 34 deletions
diff --git a/src/game/AccountMgr.cpp b/src/game/AccountMgr.cpp
index ed9f85d0eab..12da998901b 100644
--- a/src/game/AccountMgr.cpp
+++ b/src/game/AccountMgr.cpp
@@ -95,6 +95,7 @@ AccountOpResult AccountMgr::DeleteAccount(uint32 accid)
bool res =
loginDatabase.PExecute("DELETE FROM account WHERE id='%d'", accid) &&
+ loginDatabase.PExecute("DELETE FROM account_access WHERE id ='%d'", accid) &&
loginDatabase.PExecute("DELETE FROM realmcharacters WHERE acctid='%d'", accid);
loginDatabase.CommitTransaction();
@@ -167,7 +168,7 @@ uint32 AccountMgr::GetId(std::string username)
uint32 AccountMgr::GetSecurity(uint32 acc_id)
{
- QueryResult *result = loginDatabase.PQuery("SELECT gmlevel FROM account WHERE id = '%u'", acc_id);
+ QueryResult *result = loginDatabase.PQuery("SELECT gmlevel FROM account_access WHERE id = '%u'", acc_id);
if(result)
{
uint32 sec = (*result)[0].GetUInt32();
diff --git a/src/game/Language.h b/src/game/Language.h
index 488b7a71c3b..565534a3021 100644
--- a/src/game/Language.h
+++ b/src/game/Language.h
@@ -963,6 +963,7 @@ enum TrinityStrings
// Use for custom patches 11000-11999
LANG_AUTO_BROADCAST = 11000,
+ LANG_INVALID_REALMID = 11001,
// NOT RESERVED IDS 12000-1999999999
// `db_script_string` table index 2000000000-2000009999 (MIN_DB_SCRIPT_STRING_ID-MAX_DB_SCRIPT_STRING_ID)
diff --git a/src/game/Level1.cpp b/src/game/Level1.cpp
index 51424a48421..d08980d7cb7 100644
--- a/src/game/Level1.cpp
+++ b/src/game/Level1.cpp
@@ -498,8 +498,13 @@ bool ChatHandler::HandleGMTicketAssignToCommand(const char* args)
}
uint64 tarGUID = objmgr.GetPlayerGUIDByName(targm.c_str());
uint64 accid = objmgr.GetPlayerAccountIdByGUID(tarGUID);
- QueryResult *result = loginDatabase.PQuery("SELECT gmlevel FROM account WHERE id = '%u'", accid);
- if(!tarGUID|| !result || result->Fetch()->GetUInt32() < SEC_MODERATOR)
+ QueryResult *result = loginDatabase.PQuery("SELECT gmlevel RealmID FROM account_access WHERE id = '%u'", accid);
+
+ Field * fields = result->Fetch();
+ uint32 gmlevel = fields[0].GetUInt32();
+ uint32 SecurityRealmID = fields[1].GetUInt32();
+
+ if(!tarGUID|| !result || gmlevel < SEC_MODERATOR || (SecurityRealmID != realmID && SecurityRealmID != -1))
{
SendSysMessage(LANG_COMMAND_TICKETASSIGNERROR_A);
return true;
diff --git a/src/game/Level2.cpp b/src/game/Level2.cpp
index 49ebc05e1d5..dc9d84bf4c8 100644
--- a/src/game/Level2.cpp
+++ b/src/game/Level2.cpp
@@ -2189,7 +2189,11 @@ bool ChatHandler::HandlePInfoCommand(const char* args)
uint32 security = 0;
std::string last_login = GetTrinityString(LANG_ERROR);
- QueryResult* result = loginDatabase.PQuery("SELECT username,gmlevel,email,last_ip,last_login FROM account WHERE id = '%u'",accId);
+ QueryResult* result = loginDatabase.PQuery("SELECT a.username,aa.gmlevel,a.email,a.last_ip,a.last_login "
+ "FROM account a "
+ "LEFT JOIN account_access aa "
+ "ON (a.id = aa.id) "
+ "WHERE a.id = '%u'",accId);
if(result)
{
Field* fields = result->Fetch();
diff --git a/src/game/Level3.cpp b/src/game/Level3.cpp
index e29c21c0bb2..624fc1d14ea 100644
--- a/src/game/Level3.cpp
+++ b/src/game/Level3.cpp
@@ -1411,13 +1411,15 @@ bool ChatHandler::HandleAccountSetGmLevelCommand(const char *args)
uint32 gm = 0;
char* arg1 = strtok((char*)args, " ");
char* arg2 = strtok(NULL, " ");
+ char* arg3 = strtok(NULL, " ");
- if (getSelectedPlayer() && arg1 && !arg2)
+ if (getSelectedPlayer() && arg1 && !arg3)
{
targetAccountId = getSelectedPlayer()->GetSession()->GetAccountId();
accmgr.GetName(targetAccountId, targetAccountName);
Player* targetPlayer = getSelectedPlayer();
gm = atoi(arg1);
+ uint32 gmRealmID = arg2 ? atoi(arg2) : realmID;
// Check for invalid specified GM level.
if (gm < SEC_PLAYER || gm > SEC_ADMINISTRATOR)
@@ -1429,20 +1431,40 @@ bool ChatHandler::HandleAccountSetGmLevelCommand(const char *args)
// Check if targets GM level and specified GM level is not higher than current gm level
targetSecurity = targetPlayer->GetSession()->GetSecurity();
- if (targetSecurity >= m_session->GetSecurity() || gm >= m_session->GetSecurity())
+ if (targetSecurity >= m_session->GetSecurity() ||
+ gm >= m_session->GetSecurity() ||
+ (gmRealmID != realmID && m_session->GetSecurity() < SEC_CONSOLE))
{
SendSysMessage(LANG_YOURS_SECURITY_IS_LOW);
SetSentErrorMessage(true);
return false;
}
+ // Check if provided realmID is not current realmID, or isn't -1
+ if (gmRealmID != realmID && gmRealmID != -1)
+ {
+ SendSysMessage(LANG_INVALID_REALMID);
+ SetSentErrorMessage(true);
+ return false;
+ }
+
// Decide which string to show
if (m_session->GetPlayer() != targetPlayer)
PSendSysMessage(LANG_YOU_CHANGE_SECURITY, targetAccountName.c_str(), gm);
else
PSendSysMessage(LANG_YOURS_SECURITY_CHANGED, m_session->GetPlayer()->GetName(), gm);
- loginDatabase.PExecute("UPDATE account SET gmlevel = '%d' WHERE id = '%u'", gm, targetAccountId);
+ // If gmRealmID is -1, delete all values for the account id, else, insert values for the specific realmID
+ if (gmRealmID == -1)
+ {
+ loginDatabase.PExecute("DELETE FROM account_access WHERE id = '%u'", targetAccountId);
+ loginDatabase.PExecute("INSERT INTO account_access VALUES ('%u', '%d', -1)", targetAccountId, gm);
+ }
+ else
+ {
+ loginDatabase.PExecute("DELETE FROM account_access WHERE id = '%u' AND RealmID = '%d'", targetAccountId, realmID);
+ loginDatabase.PExecute("INSERT INTO account_access VALUES ('%u','%d','%d')", targetAccountId, gm, realmID);
+ }
return true;
}
else
@@ -1469,6 +1491,15 @@ bool ChatHandler::HandleAccountSetGmLevelCommand(const char *args)
return false;
}
+ uint32 gmRealmID = arg3 ? atoi(arg3) : realmID;
+ // Check if provided realmID is not current realmID, or isn't -1
+ if (gmRealmID != realmID && gmRealmID != -1)
+ {
+ SendSysMessage(LANG_INVALID_REALMID);
+ SetSentErrorMessage(true);
+ return false;
+ }
+
targetAccountId = accmgr.GetId(arg1);
/// m_session==NULL only for console
uint32 plSecurity = m_session ? m_session->GetSecurity() : SEC_CONSOLE;
@@ -1484,7 +1515,17 @@ bool ChatHandler::HandleAccountSetGmLevelCommand(const char *args)
}
PSendSysMessage(LANG_YOU_CHANGE_SECURITY, targetAccountName.c_str(), gm);
- loginDatabase.PExecute("UPDATE account SET gmlevel = '%d' WHERE id = '%u'", gm, targetAccountId);
+ // If gmRealmID is -1, delete all values for the account id, else, insert values for the specific realmID
+ if (gmRealmID == -1)
+ {
+ loginDatabase.PExecute("DELETE FROM account_access WHERE id = '%u'", targetAccountId);
+ loginDatabase.PExecute("INSERT INTO account_access VALUES ('%u', '%d', -1)", targetAccountId, gm);
+ }
+ else
+ {
+ loginDatabase.PExecute("DELETE FROM account_access WHERE id = '%u' AND RealmID = '%d'", targetAccountId, realmID);
+ loginDatabase.PExecute("INSERT INTO account_access VALUES ('%u','%d','%d')", targetAccountId, gm, realmID);
+ }
return true;
}
}
@@ -6915,7 +6956,7 @@ bool ChatHandler::HandleInstanceSaveDataCommand(const char * /*args*/)
bool ChatHandler::HandleGMListFullCommand(const char* /*args*/)
{
///- Get the accounts with GM Level >0
- QueryResult *result = loginDatabase.Query( "SELECT username,gmlevel FROM account WHERE gmlevel > 0" );
+ QueryResult *result = loginDatabase.Query("SELECT a.username,aa.gmlevel FROM account a, account_access aa WHERE a.id=aa.id AND aa.gmlevel > 0");
if(result)
{
SendSysMessage(LANG_GMLIST);
diff --git a/src/game/WorldSocket.cpp b/src/game/WorldSocket.cpp
index 0f25f92ab66..34efa1066fb 100644
--- a/src/game/WorldSocket.cpp
+++ b/src/game/WorldSocket.cpp
@@ -741,15 +741,14 @@ int WorldSocket::HandleAuthSession (WorldPacket& recvPacket)
QueryResult *result =
loginDatabase.PQuery ("SELECT "
"id, " //0
- "gmlevel, " //1
- "sessionkey, " //2
- "last_ip, " //3
- "locked, " //4
- "v, " //5
- "s, " //6
- "expansion, " //7
- "mutetime, " //8
- "locale " //9
+ "sessionkey, " //1
+ "last_ip, " //2
+ "locked, " //3
+ "v, " //4
+ "s, " //5
+ "expansion, " //6
+ "mutetime, " //7
+ "locale " //8
"FROM account "
"WHERE username = '%s'",
safe_account.c_str ());
@@ -768,17 +767,17 @@ int WorldSocket::HandleAuthSession (WorldPacket& recvPacket)
Field* fields = result->Fetch ();
- uint8 expansion = fields[7].GetUInt8();
+ uint8 expansion = fields[6].GetUInt8();
uint32 world_expansion = sWorld.getConfig(CONFIG_EXPANSION);
if(expansion > world_expansion)
expansion = world_expansion;
- //expansion = ((sWorld.getConfig(CONFIG_EXPANSION) > fields[7].GetUInt8()) ? fields[7].GetUInt8() : sWorld.getConfig(CONFIG_EXPANSION));
+ //expansion = ((sWorld.getConfig(CONFIG_EXPANSION) > fields[6].GetUInt8()) ? fields[6].GetUInt8() : sWorld.getConfig(CONFIG_EXPANSION));
N.SetHexStr ("894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7");
g.SetDword (7);
- v.SetHexStr(fields[5].GetString());
- s.SetHexStr (fields[6].GetString ());
+ v.SetHexStr(fields[4].GetString());
+ s.SetHexStr (fields[5].GetString ());
const char* sStr = s.AsHexStr (); //Must be freed by OPENSSL_free()
const char* vStr = v.AsHexStr (); //Must be freed by OPENSSL_free()
@@ -791,9 +790,9 @@ int WorldSocket::HandleAuthSession (WorldPacket& recvPacket)
OPENSSL_free ((void*) vStr);
///- Re-check ip locking (same check as in realmd).
- if (fields[4].GetUInt8 () == 1) // if ip is locked
+ if (fields[3].GetUInt8 () == 1) // if ip is locked
{
- if (strcmp (fields[3].GetString (), GetRemoteAddress ().c_str ()))
+ if (strcmp (fields[2].GetString (), GetRemoteAddress ().c_str ()))
{
packet.Initialize (SMSG_AUTH_RESPONSE, 1);
packet << uint8 (AUTH_FAILED);
@@ -806,22 +805,40 @@ int WorldSocket::HandleAuthSession (WorldPacket& recvPacket)
}
id = fields[0].GetUInt32 ();
- security = fields[1].GetUInt16 ();
/*
if(security > SEC_ADMINISTRATOR) // prevent invalid security settings in DB
security = SEC_ADMINISTRATOR;
*/
- K.SetHexStr (fields[2].GetString ());
+ K.SetHexStr (fields[1].GetString ());
- time_t mutetime = time_t (fields[8].GetUInt64 ());
+ time_t mutetime = time_t (fields[7].GetUInt64 ());
- locale = LocaleConstant (fields[9].GetUInt8 ());
+ locale = LocaleConstant (fields[8].GetUInt8 ());
if (locale >= MAX_LOCALE)
locale = LOCALE_enUS;
delete result;
+ // Checks gmlevel per Realm
+ result =
+ loginDatabase.PQuery ("SELECT "
+ "RealmID, " //0
+ "gmlevel " //1
+ "FROM account_access "
+ "WHERE id = '%d'"
+ " AND (RealmID = '%d'"
+ " OR RealmID = '-1')",
+ id, realmID);
+ if(!result)
+ security = 0;
+ else
+ {
+ fields = result->Fetch ();
+ security = fields[1].GetInt32();
+ delete result;
+ }
+
// Re-check account ban (same check as in realmd)
QueryResult *banresult =
loginDatabase.PQuery ("SELECT 1 FROM account_banned WHERE id = %u AND active = 1 "
diff --git a/src/trinitycore/CliRunnable.cpp b/src/trinitycore/CliRunnable.cpp
index e325c2ca366..b35af1f1bb5 100644
--- a/src/trinitycore/CliRunnable.cpp
+++ b/src/trinitycore/CliRunnable.cpp
@@ -236,9 +236,12 @@ bool ChatHandler::HandleAccountOnlineListCommand(const char* /*args*/)
///- Get the username, last IP and GM level of each account
// No SQL injection. account is uint32.
- // 0 1 2 3
- QueryResult *resultLogin = loginDatabase.PQuery("SELECT username, last_ip, gmlevel, expansion FROM account WHERE id = '%u'",account);
-
+ QueryResult *resultLogin =
+ loginDatabase.PQuery("SELECT a.username, a.last_ip, aa.gmlevel, a.expansion "
+ "FROM account a "
+ "LEFT JOIN account_access aa "
+ "ON (a.id = aa.id) "
+ "WHERE a.id = '%u'", account);
if(resultLogin)
{
Field *fieldsLogin = resultLogin->Fetch();
diff --git a/src/trinitycore/RASocket.cpp b/src/trinitycore/RASocket.cpp
index f5d968ef102..15043bde3ef 100644
--- a/src/trinitycore/RASocket.cpp
+++ b/src/trinitycore/RASocket.cpp
@@ -145,7 +145,7 @@ void RASocket::OnRead()
{
szLogin=&buff[5];
- ///- Get the gmlevel and password from the account table
+ ///- Get the password from the account table
std::string login = szLogin;
///- Convert Account name to Upper Format
@@ -154,7 +154,7 @@ void RASocket::OnRead()
///- Escape the Login to allow quotes in names
loginDatabase.escape_string(login);
- QueryResult* result = loginDatabase.PQuery("SELECT gmlevel FROM account WHERE username = '%s'",login.c_str());
+ QueryResult* result = loginDatabase.PQuery("SELECT aa.gmlevel FROM account_access aa, account a WHERE a.username = '%s' AND aa.id = a.id",login.c_str());
///- If the user is not found, deny access
if(!result)
diff --git a/src/trinityrealm/AuthSocket.cpp b/src/trinityrealm/AuthSocket.cpp
index a19d16106f3..ee71c523816 100644
--- a/src/trinityrealm/AuthSocket.cpp
+++ b/src/trinityrealm/AuthSocket.cpp
@@ -410,7 +410,12 @@ bool AuthSocket::_HandleLogonChallenge()
///- Get the account details from the account table
// No SQL injection (escaped user name)
- result = loginDatabase.PQuery("SELECT sha_pass_hash,id,locked,last_ip,gmlevel,v,s FROM account WHERE username = '%s'",_safelogin.c_str ());
+ result =
+ loginDatabase.PQuery("SELECT a.sha_pass_hash,a.id,a.locked,a.last_ip,aa.gmlevel,a.v,a.s "
+ "FROM account a "
+ "LEFT JOIN account_access aa "
+ "ON (a.id = aa.id) "
+ "WHERE a.username = '%s'",_safelogin.c_str ());
if (result)
{
///- If the IP is 'locked', check that the player comes indeed from the correct IP address