From fb52e9ea035f6174e6925e97ed8eaf15f9867d6a Mon Sep 17 00:00:00 2001 From: Ascathor Date: Sun, 26 May 2013 01:52:28 +0200 Subject: Core/Command: Optimized .pinfo more * Moved some checks around * Added RBAC Permission for Email, last login and last ip (group 3 and 4) -- If missing RBAC permission, then it displays "Unauthorized (RBAC)" * Changed totalmail output from uint64 to uint32 * Level either puts Max level, or a list of information necessary * Only queries guild if the current xp query also detects guild membership * Incorporated recent changes into code * Commander requires higher than target to get sensitive data beside RBAC permission. --- src/server/scripts/Commands/cs_misc.cpp | 112 +++++++++++++++++++------------- 1 file changed, 67 insertions(+), 45 deletions(-) (limited to 'src/server/scripts/Commands') diff --git a/src/server/scripts/Commands/cs_misc.cpp b/src/server/scripts/Commands/cs_misc.cpp index 3051580a933..c49514cacc4 100644 --- a/src/server/scripts/Commands/cs_misc.cpp +++ b/src/server/scripts/Commands/cs_misc.cpp @@ -1587,7 +1587,12 @@ public: std::string areaName = ""; std::string zoneName = ""; - // Guild data print is only defined if part of Guild + // Guild data print variables defined so that they exist, but are not necessarily used + uint32 guildId = 0; + std::string guildName; + std::string guildRank; + std::string note; + std::string officeNote; // Mail data print is only defined if you have a mail @@ -1626,18 +1631,19 @@ public: if (!result) return false; - Field* fields = result->Fetch(); - totalPlayerTime = fields[0].GetUInt32(); - level = fields[1].GetUInt8(); - money = fields[2].GetUInt32(); - accId = fields[3].GetUInt32(); - raceid = fields[4].GetUInt8(); - classid = fields[5].GetUInt8(); - mapId = fields[6].GetUInt16(); - areaId = fields[7].GetUInt16(); - gender = fields[8].GetUInt8(); - uint32 health = fields[9].GetUInt32(); + Field* fields = result->Fetch(); + totalPlayerTime = fields[0].GetUInt32(); + level = fields[1].GetUInt8(); + money = fields[2].GetUInt32(); + accId = fields[3].GetUInt32(); + raceid = fields[4].GetUInt8(); + classid = fields[5].GetUInt8(); + mapId = fields[6].GetUInt16(); + areaId = fields[7].GetUInt16(); + gender = fields[8].GetUInt8(); + uint32 health = fields[9].GetUInt32(); uint32 playerFlags = fields[10].GetUInt32(); + if (!health || playerFlags & PLAYER_FLAGS_GHOST) alive = "No"; else @@ -1655,13 +1661,13 @@ public: Field* fields = result->Fetch(); userName = fields[0].GetString(); security = fields[1].GetUInt8(); - eMail = fields[2].GetString(); - // Only fetch these fields if commander has sufficient rights AND is online (prevent cheating) - /// @TODO: Add RBAC for "Can query ip and login data" - if (!handler->GetSession() || handler->GetSession()->GetSecurity() >= AccountTypes(security)) + // Only fetch these fields if commander has sufficient rights) + if (handler->HasPermission(RBAC_PERM_COMMANDS_PINFO_CHECK_PERSONAL_DATA) && // RBAC Perm. 48, Role 39 + (!handler->GetSession() || handler->GetSession()->GetSecurity() >= security)) { - lastIp = fields[3].GetString(); + eMail = fields[2].GetString(); + lastIp = fields[3].GetString(); lastLogin = fields[4].GetString(); uint32 ip = inet_addr(lastIp.c_str()); @@ -1678,6 +1684,12 @@ public: lastIp.append(")"); } } + else + { + eMail = "Unauthorized"; + lastIp = "Unauthorized"; + lastLogin = "Unauthorized"; + } muteTime = fields[5].GetUInt64(); muteReason = fields[6].GetString(); muteBy = fields[7].GetString(); @@ -1728,7 +1740,25 @@ public: if (result4) { Field* fields = result4->Fetch(); - xp = fields[0].GetUInt32(); + xp = fields[0].GetUInt32(); // Used for "current xp" output and "%u XP Left" calculation + uint32 gguid = fields[1].GetUInt32(); // We check if have a guild for the person, so we might not require to query it at all + + if (gguid != 0) + { + // Guild Data - an own query, because it may not happen. + PreparedStatement* stmt3 = CharacterDatabase.GetPreparedStatement(CHAR_SEL_GUILD_MEMBER_EXTENDED); + stmt3->setUInt32(0, lowguid); + PreparedQueryResult result5 = CharacterDatabase.Query(stmt3); + if (result5) + { + Field* fields = result5->Fetch(); + guildId = fields[0].GetUInt32(); + guildName = fields[1].GetString(); + guildRank = fields[2].GetString(); + note = fields[3].GetString(); + officeNote = fields[4].GetString(); + } + } } // Initiate output @@ -1760,7 +1790,10 @@ public: handler->PSendSysMessage(LANG_PINFO_ACC_IP, lastIp.c_str(), locked ? "Yes" : "No"); // Output X. LANG_PINFO_CHR_LEVEL - handler->PSendSysMessage(LANG_PINFO_CHR_LEVEL, level, xp, xptotal, (xptotal - xp)); + if (level != sWorld->getIntConfig(CONFIG_MAX_PLAYER_LEVEL)) + handler->PSendSysMessage(LANG_PINFO_CHR_LEVEL_LOW, level, xp, xptotal, (xptotal - xp)); + else + handler->PSendSysMessage(LANG_PINFO_CHR_LEVEL_HIGH, level); // Output XI. LANG_PINFO_CHR_RACE raceStr = GetRaceName(raceid, locale); @@ -1795,27 +1828,15 @@ public: if (target) handler->PSendSysMessage(LANG_PINFO_CHR_MAP, map->name[locale], (!zoneName.empty() ? zoneName.c_str() : ""), (!areaName.empty() ? areaName.c_str() : "")); - // Guild Data - an own query, because it may not happen. - PreparedStatement* stmt3 = CharacterDatabase.GetPreparedStatement(CHAR_SEL_GUILD_MEMBER_EXTENDED); - stmt3->setUInt32(0, lowguid); - PreparedQueryResult result5 = CharacterDatabase.Query(stmt3); - if (result5) - { - Field* fields = result5->Fetch(); - uint32 guildId = fields[0].GetUInt32(); - std::string guildName = fields[1].GetString(); - std::string guildRank = fields[2].GetString(); - std::string note = fields[3].GetString(); - std::string officeNote = fields[4].GetString(); - - // Output XVII. - XX. - handler->PSendSysMessage(LANG_PINFO_CHR_GUILD, guildName.c_str(), guildId); - handler->PSendSysMessage(LANG_PINFO_CHR_GUILD_RANK, guildRank.c_str()); - // Only output XIX and XX if they are not empty - if (!note.empty()) - handler->PSendSysMessage(LANG_PINFO_CHR_GUILD_NOTE, note.c_str()); - if (!officeNote.empty()) - handler->PSendSysMessage(LANG_PINFO_CHR_GUILD_ONOTE, officeNote.c_str()); + // Output XVII. - XX. if they are not empty + if (!guildName.empty()) + { + handler->PSendSysMessage(LANG_PINFO_CHR_GUILD, guildName.c_str(), guildId); + handler->PSendSysMessage(LANG_PINFO_CHR_GUILD_RANK, guildRank.c_str()); + if (!note.empty()) + handler->PSendSysMessage(LANG_PINFO_CHR_GUILD_NOTE, note.c_str()); + if (!officeNote.empty()) + handler->PSendSysMessage(LANG_PINFO_CHR_GUILD_ONOTE, officeNote.c_str()); } // Output XXI. LANG_PINFO_CHR_PLAYEDTIME @@ -1823,23 +1844,24 @@ public: // Mail Data - an own query, because it may or may not be useful. // SQL: "SELECT SUM(CASE WHEN (checked & 1) THEN 1 ELSE 0 END) AS 'readmail', COUNT(*) AS 'totalmail' FROM mail WHERE `receiver` = ?" - stmt3 = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PINFO_MAILS); - stmt3->setUInt32(0, lowguid); - PreparedQueryResult result6 = CharacterDatabase.Query(stmt3); + PreparedStatement* stmt4 = CharacterDatabase.GetPreparedStatement(CHAR_SEL_PINFO_MAILS); + stmt4->setUInt32(0, lowguid); + PreparedQueryResult result6 = CharacterDatabase.Query(stmt4); if (result6) { // Define the variables, so the compiler knows they exist uint32 rmailint = 0; // Fetch the fields - readmail is a SUM(x) and given out as char! Thus... + // ... while totalmail is a COUNT(x), which is given out as INt64, which we just convert on fetch... Field* fields = result6->Fetch(); std::string readmail = fields[0].GetString(); - uint64 totalmail = fields[1].GetUInt64(); + uint32 totalmail = uint32(fields[1].GetUInt64()); // ... we have to convert it from Char to int. We can use totalmail as it is rmailint = atol(readmail.c_str()); - // Output XXII. LANG_INFO_CHR_MAILS if at least one mails is given + // Output XXII. LANG_INFO_CHR_MAILS if at least one mail is given if (totalmail >= 1) handler->PSendSysMessage(LANG_PINFO_CHR_MAILS, rmailint, totalmail); } -- cgit v1.2.3 From f6c1a9a8c4c403996b5b40e565e807c807e47aaa Mon Sep 17 00:00:00 2001 From: Vincent-Michael Date: Mon, 3 Jun 2013 18:04:42 +0200 Subject: Core: Fix warning --- sql/updates/world/2013_05_26_00_world_trinity_string.sql | 9 --------- sql/updates/world/2013_06_03_00_world_trinity_string.sql | 9 +++++++++ src/server/scripts/Commands/cs_misc.cpp | 2 +- 3 files changed, 10 insertions(+), 10 deletions(-) delete mode 100644 sql/updates/world/2013_05_26_00_world_trinity_string.sql create mode 100644 sql/updates/world/2013_06_03_00_world_trinity_string.sql (limited to 'src/server/scripts/Commands') diff --git a/sql/updates/world/2013_05_26_00_world_trinity_string.sql b/sql/updates/world/2013_05_26_00_world_trinity_string.sql deleted file mode 100644 index 80ad953b3b7..00000000000 --- a/sql/updates/world/2013_05_26_00_world_trinity_string.sql +++ /dev/null @@ -1,9 +0,0 @@ -DELETE FROM `trinity_string` WHERE `entry`=854 LIMIT 1; -INSERT INTO `trinity_string` (`entry`, `content_default`, content_loc1, content_loc2, content_loc3, content_loc4, content_loc5, content_loc6, content_loc7, content_loc8) VALUES -(854, '└ Mails: %d Read/%u Total', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL); - -DELETE FROM `trinity_string` WHERE `entry`=871 LIMIT 1; -INSERT INTO `trinity_string` (`entry`, `content_default`, content_loc1, content_loc2, content_loc3, content_loc4, content_loc5, content_loc6, content_loc7, content_loc8) VALUES -(871, '│ Level: %u', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL); - -UPDATE `trinity_string` SET `content_default`='│ Level: %u (%u/%u XP (%u XP left))' WHERE `entry`=843 LIMIT 1; diff --git a/sql/updates/world/2013_06_03_00_world_trinity_string.sql b/sql/updates/world/2013_06_03_00_world_trinity_string.sql new file mode 100644 index 00000000000..80ad953b3b7 --- /dev/null +++ b/sql/updates/world/2013_06_03_00_world_trinity_string.sql @@ -0,0 +1,9 @@ +DELETE FROM `trinity_string` WHERE `entry`=854 LIMIT 1; +INSERT INTO `trinity_string` (`entry`, `content_default`, content_loc1, content_loc2, content_loc3, content_loc4, content_loc5, content_loc6, content_loc7, content_loc8) VALUES +(854, '└ Mails: %d Read/%u Total', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL); + +DELETE FROM `trinity_string` WHERE `entry`=871 LIMIT 1; +INSERT INTO `trinity_string` (`entry`, `content_default`, content_loc1, content_loc2, content_loc3, content_loc4, content_loc5, content_loc6, content_loc7, content_loc8) VALUES +(871, '│ Level: %u', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL); + +UPDATE `trinity_string` SET `content_default`='│ Level: %u (%u/%u XP (%u XP left))' WHERE `entry`=843 LIMIT 1; diff --git a/src/server/scripts/Commands/cs_misc.cpp b/src/server/scripts/Commands/cs_misc.cpp index c49514cacc4..e6a7b096a34 100644 --- a/src/server/scripts/Commands/cs_misc.cpp +++ b/src/server/scripts/Commands/cs_misc.cpp @@ -1664,7 +1664,7 @@ public: // Only fetch these fields if commander has sufficient rights) if (handler->HasPermission(RBAC_PERM_COMMANDS_PINFO_CHECK_PERSONAL_DATA) && // RBAC Perm. 48, Role 39 - (!handler->GetSession() || handler->GetSession()->GetSecurity() >= security)) + (!handler->GetSession() || handler->GetSession()->GetSecurity() >= AccountTypes(security))) { eMail = fields[2].GetString(); lastIp = fields[3].GetString(); -- cgit v1.2.3