Skip to content
Permalink
master
Switch branches/tags

rAthena-Scripts/released/Systems/security_sys.txt

Go to file
 
 
Cannot retrieve contributors at this time
327 lines (301 sloc) 9.67 KB
Raw Blame
//===== rAthena Script =======================================
//= Security System - SQL
//===== By ===================================================
//= llchrisll
//===== Version ==============================================
//= 1.0 - Initial Version
//= 1.1 - Fixed SQL Bug (SQL Injection) - Thanks to ToastofDoom
//= 2.0 - Shortened a bit and made it more dynamically
// - Removed OnWhisperGlobal
// - Renamed variables (always temp character variables ....)
// - Added prevention to use "ALT+M" shortcuts and dying via
// Attacks like Mob or PvP Maps after Login until the security password has been put
//= 2.1 - Script Optimization
// - Removed Server Mode Selection - only SQL now
//===== Tested With =========================================
//= rAthena SQL 07/16-2017 Revision
//===== Description ==========================================
//= Security System - Simple
//===== Comments =============================================
//= None....
//============================================================
prontera.gat,150,180,4 script Security Manager 109,{
if (getgmlevel() >= 80) {
mes .n$;
mes "Which Menu?";
if(select("- Player Menu:- GM Menu") - 1) goto M_GM;
next;
}
mes .n$;
mes "Hello, "+strcharinfo(0)+".";
mes "What do you wanna do?";
next;
if(select("- Add/Change my Password:- Nothing") - 1) close;
if($security_pass == 0) {
set #security_pass, 0;
mes .n$;
mes "The System isn't enabled.";
close;
} else if($security_pass == 1 && #security_pass == 0) {
mes .n$;
mes "Hello, "+strcharinfo(0)+"";
mes "So you want to set your Password?";
next;
if(select("- Yes, please:- Naa, not now.") - 1) {
mes .n$;
mes "Okay, please come back as soon as possible.";
close;
}
mes .n$;
// In case the database has not been cleaned before the script has been removed, extra check....
query_sql "SELECT `pass` FROM `security_sys` WHERE `account_id` = '"+getcharid(3)+"'",.@sec_pass$;
if(.@sec_pass$ != "") {
mes "It seems like that the database hasn't been cleared before removing the script.";
mes "I will use your password from before, which is "+.@sec_pass$+".";
set #security_pass,1;
close;
}
mes "Okay, type the password you want.";
input .@sec_pass$;
next;
mes .n$;
mes "The Password is:";
mes .@sec_pass$;
mes "Is that correct?";
if(select("- Yes, it is:- No,repeat please") - 1) close;
next;
set #security_pass, 1;
callfunc "SS_PW",2,3,.@sec_pass$;
mes .n$;
mes "Thank you for your time.";
mes "Your Password and IP got saved.";
mes "Remember it carefully.";
close;
} else if($security_pass == 1 && #security_pass == 1) {
mes .n$;
mes "So you want to change your Password?";
if(select("- Yes:- No") - 1) close;
next;
mes .n$;
mes "Please insert the new Password.";
mes "^FF2200 Note: Type \"Cancel\" into the box to cancel your attempt.^000000";
next;
input .@ch_pass$;
mes .n$;
if(.@ch_pass$ == "Cancel") close;
if( callfunc("SS_PW",1,1,.@ch_pass$) == 1) {
mes "I'm sorry, but the new Password matches the previous one.";
close;
}
mes "The new password is:";
mes .@ch_pass$;
mes "Is that correct?";
if(select("- Yes, it is correct:- No, I don't want to change it.") - 1) close;
next;
mes .n$;
mes "Thank you for your time.";
callfunc("SS_PW",2,1,.@ch_pass$);
close;
}
M_GM:
next;
if($sec_table_created == 1) {
mes .n$;
mes "Hello, "+strcharinfo(0)+"!";
mes "What do you want to do?";
next;
switch(select("- Disable/Enable the System:- Delete Table:- Nothing") ) {
case 1:
mes .n$;
mes "The Security System is " + ( ($security_pass) ? "^00BB22Enabled^000000." : "^FF2200Disabled^000000.");
mes "Do you want to "+ ( ($security_pass == 0)?"enable":"disable")+" it?";
if(select("- Yes, please:- No, thanks") - 1) close;
next;
mes .n$;
mes "The Security System is "+ ( ($security_pass == 0)?"enabled":"disabled")+" now.";
announce "The Security Systen has been "+ ( ($security_pass == 0)?"enabled":"disabled")+".",bc_yellow|bc_all;
set $security_pass,!$security_pass;
close;
case 2:
mes .n$;
mes "Do you really want to delete the whole table?";
if(select("- Yes, I want!!:- No, I misclicked ya") - 1) close;
next;
mes .n$;
mes "Okay, it's a 'One-Way Ticket'!!!!";
query_sql "DROP TABLE `security_sys`";
set $sec_table_created,0;
set $security_pass,0;
close;
case 3:
mes .n$;
mes "Goodbye, see ya next time.";
close;
}
} else {
mes .n$;
mes "There isn't a table in your database yet.";
mes "Want to create it?";
if(select("- Yes, I want to create one:- No, don't wanna") - 1) close;
next;
mes .n$;
mes "The Table is created now.";
query_sql "CREATE TABLE IF NOT EXISTS `security_sys` ( `last_ip` VARCHAR( 100 ) , `account_id` INT( 11 ) , `pass` VARCHAR( 32 ))";
set $sec_table_created, 1;
set $security_pass, 1;
close;
}
OnInit:
set .n$,"[Security Manager]";
if(query_sql("SHOW TABLES LIKE 'security_sys'",.@tbl) != 0)
set $sec_table_created,1;
end;
}
- script SS_PW_Login -1,{
end;
OnPCLoginEvent:
set .@n$,"[Security Manager]";
// Server Name
set .@serv_name$,"<Server Name>";
// Mail Address
set .@serv_mail$,"<Server Mail Address>";
// ========== System is offline =======
if($security_pass == 0) {
// Either Password has not been set or the system was temporarly down
if(#security_pass == 0 || #security_pass == 3) end;
// Password is set but system offline
else if(#security_pass == 1) {
announce "The Security System is momentally offline.",bc_red|bc_self;
set #security_pass,3;
// System Offline but Jail active
} else if(#security_pass == 2)
set #security_pass,0;
// ============= System is online =============
} else if($security_pass == 1) {
// No Password set yet
if(#security_pass == 0) {
mes .@n$;
mes "Your Security Password hasn't been set yet.";
mes "Please come to me and set it.";
close;
// Jail.....
} else if(#security_pass == 2) {
sc_start 112,999999,1; //Berserk State, not able to talk/using commands
pcblockmove getcharid(3),1; // Preventing from moving
mes .@n$;
mes "Please type the 'correct' Password now or your account will be blocked";
mes "and you have to write an e-mail to \""+.@serv_mail$+"\" with the content of the right Password.";
next;
mes .@n$;
mes "Start please:";
next;
input .@pass$;
if( callfunc("SS_PW",1,1,.@pass$) == 1 ) {
set #security_pass,1;
sc_end 112;
pcblockmove getcharid(3),0;
percentheal 100,100;
atcommand "@unjail "+strcharinfo(0);
goto PW_PASS;
}
mes .@n$;
mes "The Password you typed is wrong.";
mes "Your Account will be blocked now.";
close2;
atcommand "@block "+strcharinfo(0);
end;
// System was temporarly offline
} else if(#security_pass == 3) {
announce "The Security System is back online.",bc_red|bc_self;
set #security_pass,1;
// Password was set
} else if(#security_pass == 1) { // Check if Password was set
if( callfunc("SS_PW",1,2) == 1) goto PW_PASS; // IP Check
sc_start 112,999999,1; //Berserk State, not able to talk/using commands
pcblockmove getcharid(3),1; // Preventing from moving
atcommand "@battleignore"; // Preventing the player from dying from attacks
set @lock,1;
mes .@n$;
mes "Please insert the Password for your own Security.";
next;
input .@pass$;
if( callfunc("SS_PW",1,1,.@pass$) == 1) goto PW_PASS; // Inserted Password Check
mes .@n$;
mes "The Password you typed is wrong.";
mes "You got one more chance to login.";
next;
input .@pass$;
if( callfunc("SS_PW",1,1,.@pass$) == 1) goto PW_PASS;
mes .@n$;
mes "You typed the Password wrong twice.";
mes "You will be warped to the Jail now.";
mes "After Login in, you have to write the password again and if you are write it";
mes "again wrong your account will be blocked.";
close2;
atcommand "@jail "+strcharinfo(0);
set #security_pass,2;
sc_end 112;
pcblockmove getcharid(3),0;
atcommand "@battleignore";
set @lock,0;
sleep2 1500;
atcommand "@kick "+strcharinfo(0);
}
}
end;
// Password Input Passed
PW_PASS:
mes .@n$;
mes "You have successfully logged in. Have Fun on "+.@serv_name$+".";
// Checking if the player has a different IP then before and update it accordingly.
if(@ip_n) {
callfunc("SS_PW",2,2,@ip_new$);
set @ip_n,0;
set @ip_new$,"";
}
if(@lock) {
sc_end 112;
pcblockmove getcharid(3),0;
atcommand "@battleignore";
percentheal 100,100;
set @lock,0;
}
end;
}
function script SS_PW {
// getarg(0) == Data Type
// - 1= Read
// - 2= Write
// getarg(1) == Read/Write Type
// - 1=PW
// - 2=IP
// - 3=New Entry
// getarg(2) == Data Value
switch(getarg(1)) {
case 1:
if(getarg(0) == 1) { // Data Type - Read
query_sql "SELECT `pass` FROM `security_sys` WHERE `account_id` = '"+getcharid(3)+"'",.@sec_pass$;
if(getarg(2) == .@sec_pass$) return 1;
else return -1;
} else if(getarg(0) == 2) // Data Type - Write
query_sql "UPDATE `security_sys` SET `pass` = '"+escape_sql(getarg(3))+"' WHERE `account_id` = '"+getcharid(3)+"'";
return;
case 2:
// checks the IP's
if(getarg(0) == 1) { // Data Type - Read
query_sql "SELECT `last_ip` FROM `login` WHERE `account_id` = '"+getcharid(3)+"'",.@last_ip$;
query_sql "SELECT `last_ip` FROM `security_sys` WHERE `account_id` = '"+getcharid(3)+"'",.@last_ip2$;
if(.@last_ip$ == .@last_ip2$) return 1;
else {
set @ip_n,1; // Got new IP > Update after Password Check passed
set @ip_new$,.@last_ip$; // IP Itself
return -1;
}
} else if(getarg(0) == 2) // Data Type - Write
query_sql "UPDATE `security_sys` SET `last_ip` = '"+getarg(3)+"' WHERE `account_id` = '"+getcharid(3)+"'";
case 3:
query_sql "SELECT `last_ip` FROM `login` WHERE `account_id` = '"+getcharid(3)+"'",.@last_ip$;
query_sql "INSERT INTO `security_sys` (`last_ip` , `account_id` , `pass`) VALUES ('"+.@last_ip$+"' , '"+getcharid(3)+"' , '"+escape_sql(getarg(2))+"')";
return;
}
}