Сообщений: 40
Тем: 10
Зарегистрирован: Jun 2012
Репутация:
10
Тупит логин серв. Сборка л2п.
В конфигах стоит - после ввода 5 раз не правильно акк то айпи блокируется.
Но после не правильного ввода акк логин серв пропускает,показывает правила,дохожу до выбора серва и потом выкидывает назад.После чего появляется ошибка:
Цитата:1340515517942 WARNING 12 l2p.database.mysql Could not execute update 'UPDATE accounts SET lastServer=? WHERE login=?': java.sql.SQLException: No value specified for parameter 2
1340515767504 WARNING 12 l2p.database.mysql Could not execute update 'UPDATE accounts SET lastServer=? WHERE login=?': java.sql.SQLException: No value specified for parameter 2
1340515774645 WARNING 12 l2p.database.mysql Could not execute update 'UPDATE accounts SET lastServer=? WHERE login=?': java.sql.SQLException: No value specified for parameter 2
1340515779776 WARNING 12 l2p.database.mysql Could not execute update 'UPDATE accounts SET lastServer=? WHERE login=?': java.sql.SQLException: No value specified for parameter 2
1340515785046 WARNING 12 l2p.database.mysql Could not execute update 'UPDATE accounts SET lastServer=? WHERE login=?': java.sql.SQLException: No value specified for parameter 2
1340515790918 WARNING 12 l2p.database.mysql Could not execute update 'UPDATE accounts SET lastServer=? WHERE login=?': java.sql.SQLException: No value specified for parameter 2
1340515795756 WARNING 12 l2p.database.mysql Could not execute update 'UPDATE accounts SET lastServer=? WHERE login=?': java.sql.SQLException: No value specified for parameter 2
После этого конечно айпи не блокируется.
вот что в это время пишет лог мускула:
120624 8:29:22 145 Query SELECT expiretime FROM banned_ips WHERE ip='мой айпи'
145 Query SELECT password,pay_stat,access_level,bonus,bonus_expire,banExpires,lastServer,AllowIPs,lock_expire,lastactive FROM accounts WHERE login='мой логин'
Буду благодарен за любой совет.
Сообщений: 1,912
Тем: 56
Зарегистрирован: Jan 2009
Репутация:
12,921
LDD Написал:Тупит логин серв. Сборка л2п.
В конфигах стоит - после ввода 5 раз не правильно акк то айпи блокируется.
Но после не правильного ввода акк логин серв пропускает,показывает правила,дохожу до выбора серва и потом выкидывает назад.После чего появляется ошибка:
После этого конечно айпи не блокируется.
вот что в это время пишет лог мускула:
120624 8:29:22 145 Query SELECT expiretime FROM banned_ips WHERE ip='мой айпи'
145 Query SELECT password,pay_stat,access_level,bonus,bonus_expire,banExpires,lastServer,AllowIPs,lock_expire,lastactive FROM accounts WHERE login='мой логин'
Буду благодарен за любой совет.
ошибка в запросе(нужен) сорс
Сообщений: 40
Тем: 10
Зарегистрирован: Jun 2012
Репутация:
10
Нашёл немного другую версию л2п логин серва.Тут совсем беда, на строку в конфиге LoginTryBeforeBan=5 вообще реакции 0.Просто хоть 20 раз ввожу не правильный пас,и ошибку не выдает.
исходы логин серва.
Сообщений: 40
Тем: 10
Зарегистрирован: Jun 2012
Репутация:
10
Помогите с логин контроллером плиз.
Код: package l2p.loginserver;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.RSAKeyGenParameterSpec;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Collection;
import java.util.Map;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javolution.util.FastMap;
import javolution.util.FastSet;
import javolution.util.FastCollection.Record;
import l2p.Base64;
import l2p.Config;
import l2p.database.DatabaseUtils;
import l2p.database.FiltredPreparedStatement;
import l2p.database.L2DatabaseFactory;
import l2p.database.ThreadConnection;
import l2p.database.mysql;
import l2p.gameserver.templates.StatsSet;
import l2p.loginserver.crypt.Crypt;
import l2p.loginserver.crypt.ScrambledKeyPair;
import l2p.loginserver.gameservercon.AttGS;
import l2p.loginserver.gameservercon.GameServerInfo;
import l2p.loginserver.serverpackets.LoginFail.LoginFailReason;
import l2p.util.GArray;
import l2p.util.Log;
import l2p.util.NetList;
import l2p.util.Rnd;
import l2p.loginserver.IpManager;
public class LoginController
{
protected static Logger _log = Logger.getLogger(LoginController.class.getName());
private static LoginController _instance;
/** Time before kicking the client if he didnt logged yet */
private final static int LOGIN_TIMEOUT = 60 * 1000;
/** Clients that are on the LS but arent assocated with a account yet*/
protected final FastSet<L2LoginClient> _clients = new FastSet<L2LoginClient>();
/** Authed Clients on LoginServer*/
protected final FastMap<String, L2LoginClient> _loginServerClients = new FastMap<String, L2LoginClient>().setShared(true);
private Map<InetAddress, BanInfo> _bannedIps = new FastMap<InetAddress, BanInfo>().setShared(true);
private Map<InetAddress, FailedLoginAttempt> _hackProtection;
protected ScrambledKeyPair[] _keyPairs;
protected byte[][] _blowfishKeys;
public static Crypt DEFAULT_CRYPT;
public static Crypt[] LEGACY_CRYPT;
public static enum State
{
VALID,
WRONG,
NOT_PAID,
BANNED,
IN_USE,
IP_ACCESS_DENIED
}
public class Status
{
public float bonus = 1;
public int bonus_expire = 0;
//public boolean proxy = false;
public State state;
public void setBonus(float value)
{
bonus = value;
}
public void setBonusExpire(int value)
{
bonus_expire = value;
}
//public void setProxy(boolean value)
//{
// proxy = value;
//}
public Status setState(State value)
{
state = value;
return this;
}
}
public static void load() throws GeneralSecurityException
{
if(_instance == null)
_instance = new LoginController();
else
throw new IllegalStateException("LoginController can only be loaded a single time.");
}
public static LoginController getInstance()
{
return _instance;
}
private LoginController() throws GeneralSecurityException
{
_log.info("Loading LoginController...");
try
{
DEFAULT_CRYPT = (Crypt) Class.forName("l2p.loginserver.crypt." + Config.DEFAULT_PASSWORD_ENCODING).getMethod("getInstance", new Class[0]).invoke(null, new Object[0]);
GArray<Crypt> legacy = new GArray<Crypt>();
for(String method : Config.LEGACY_PASSWORD_ENCODING.split(";"))
if(!method.equalsIgnoreCase(Config.DEFAULT_PASSWORD_ENCODING))
legacy.add((Crypt) Class.forName("l2p.loginserver.crypt." + method).getMethod("getInstance", new Class[0]).invoke(null, new Object[0]));
LEGACY_CRYPT = legacy.toArray(new Crypt[legacy.size()]);
}
catch(ClassNotFoundException e)
{
_log.info("Unable to load password crypt, method not found, check config!");
e.printStackTrace();
}
catch(Exception e)
{
_log.info("Unable to load password crypt!");
e.printStackTrace();
}
_log.info("Loaded " + DEFAULT_CRYPT.getClass().getSimpleName() + " as default crypt.");
_hackProtection = new FastMap<InetAddress, FailedLoginAttempt>().setShared(true);
_keyPairs = new ScrambledKeyPair[Config.LOGIN_RSA_KEYPAIRS];
KeyPairGenerator keygen;
keygen = KeyPairGenerator.getInstance("RSA");
RSAKeyGenParameterSpec spec = new RSAKeyGenParameterSpec(1024, RSAKeyGenParameterSpec.F4);
keygen.initialize(spec);
//generate the initial set of keys
for(int i = 0; i < _keyPairs.length; i++)
_keyPairs[i] = new ScrambledKeyPair(keygen.generateKeyPair());
_log.info("Cached " + _keyPairs.length + " KeyPairs for RSA communication");
testCipher((RSAPrivateKey) _keyPairs[0]._pair.getPrivate());
// Store keys for blowfish communication
generateBlowFishKeys();
}
private Lock getLock(String user)
{
Lock ret = null;
ThreadConnection con = null;
FiltredPreparedStatement statement = null;
ResultSet rset = null;
try
{
con = L2DatabaseFactory.getInstance().getConnection();
statement = con.prepareStatement("SELECT `type`,`string` FROM `lock` WHERE `login` = ?");
statement.setString(1, user);
rset = statement.executeQuery();
while(rset.next())
{
if(ret == null)
ret = new Lock();
String type = rset.getString("type");
if(type.equalsIgnoreCase("HWID"))
ret.addHWID(rset.getString("string"));
else if(type.equalsIgnoreCase("IP"))
ret.addIP(rset.getString("string"));
}
}
catch(SQLException e)
{
e.printStackTrace();
}
finally
{
DatabaseUtils.closeDatabaseCSR(con, statement, rset);
}
return ret;
}
/**
* This is mostly to force the initialization of the Crypto Implementation, avoiding it being done on runtime when its first needed.<BR>
* In short it avoids the worst-case execution time on runtime by doing it on loading.
* @param key Any private RSA Key just for testing purposes.
* @throws GeneralSecurityException if a underlying exception was thrown by the Cipher
*/
private void testCipher(RSAPrivateKey key) throws GeneralSecurityException
{
// avoid worst-case execution, KenM
Cipher rsaCipher = Cipher.getInstance("RSA/ECB/nopadding");
rsaCipher.init(Cipher.DECRYPT_MODE, key);
}
private void generateBlowFishKeys()
{
_blowfishKeys = new byte[Config.LOGIN_BLOWFISH_KEYS][16];
for(int i = 0; i < _blowfishKeys.length; i++)
for(int j = 0; j < _blowfishKeys[i].length; j++)
_blowfishKeys[i][j] = (byte) (Rnd.get(255) + 1);
_log.info("Stored " + _blowfishKeys.length + " keys for Blowfish communication");
}
/**
* @return Returns a random key
*/
public byte[] getBlowfishKey()
{
return _blowfishKeys[Rnd.get(_blowfishKeys.length)];
}
public void addLoginClient(L2LoginClient client)
{
synchronized (_clients)
{
_clients.add(client);
}
}
public void removeLoginClient(L2LoginClient client)
{
synchronized (_clients)
{
_clients.remove(client);
}
}
public SessionKey assignSessionKeyToClient()
{
SessionKey key = new SessionKey(Rnd.nextInt(), Rnd.nextInt(), Rnd.nextInt(), Rnd.nextInt());
return key;
}
public void addAuthedLoginClient(String account, L2LoginClient client)
{
synchronized (_loginServerClients)
{
_loginServerClients.put(account, client);
}
}
public L2LoginClient removeAuthedLoginClient(String account)
{
synchronized (_loginServerClients)
{
return _loginServerClients.remove(account);
}
}
public boolean isAccountInLoginServer(String account)
{
synchronized (_loginServerClients)
{
return _loginServerClients.containsKey(account);
}
}
public L2LoginClient getAuthedClient(String account)
{
synchronized (_loginServerClients)
{
return _loginServerClients.get(account);
}
}
public Status tryAuthLogin(String account, String password, L2LoginClient client)
{
Status ret = new Status().setState(State.WRONG);
ret = loginValid(account, password, client);
if(ret.state != State.VALID)
return ret;
if(!isAccountInLoginServer(account) && !isAccountInAnyGameServer(account))
{
// dont allow 2 simultaneous login
synchronized (_loginServerClients)
{
if(!_loginServerClients.containsKey(account))
addAuthedLoginClient(account, client);
else
ret.state = State.IN_USE;
}
// was login successful?
if(ret.state == State.VALID)
// remove him from the non-authed list
removeLoginClient(client);
}
else
ret.state = State.IN_USE;
return ret;
}
/**
* Adds the address to the ban list of the login server, with the given duration.
*
* @param address The Address to be banned.
* @param expiration Timestamp in miliseconds when this ban expires
* @throws UnknownHostException if the address is invalid.
*/
public void addBanForAddress(String address, long expiration) throws UnknownHostException
{
InetAddress netAddress = InetAddress.getByName(address);
_bannedIps.put(netAddress, new BanInfo(netAddress, expiration));
}
/**
* Adds the address to the ban list of the login server, with the given duration.
*
* @param address The Address to be banned.
* @param duration is miliseconds
*/
public void addBanForAddress(InetAddress address, long duration)
{
_bannedIps.put(address, new BanInfo(address, System.currentTimeMillis() + duration));
}
public boolean isBannedAddress(InetAddress address)
{
BanInfo bi = _bannedIps.get(address);
if(bi != null)
{
if(bi.hasExpired())
{
_bannedIps.remove(address);
return false;
}
return true;
}
return false;
}
public Map<InetAddress, BanInfo> getBannedIps()
{
return _bannedIps;
}
/**
* Remove the specified address from the ban list
* @param address The address to be removed from the ban list
* @return true if the ban was removed, false if there was no ban for this ip
*/
public boolean removeBanForAddress(InetAddress address)
{
return _bannedIps.remove(address) != null;
}
/**
* Remove the specified address from the ban list
* @param address The address to be removed from the ban list
* @return true if the ban was removed, false if there was no ban for this ip or the address was invalid.
*/
public boolean removeBanForAddress(String address)
{
try
{
return this.removeBanForAddress(InetAddress.getByName(address));
}
catch(UnknownHostException e)
{
return false;
}
}
public SessionKey getKeyForAccount(String account)
{
L2LoginClient client;
synchronized (_loginServerClients)
{
client = _loginServerClients.get(account);
}
if(client != null)
return client.getSessionKey();
return null;
}
public int getOnlinePlayerCount(int serverId)
{
GameServerInfo gsi = GameServerTable.getInstance().getRegisteredGameServerById(serverId);
if(gsi != null && gsi.isAuthed())
return gsi.getCurrentPlayerCount();
return 0;
}
public boolean isAccountInAnyGameServer(String account)
{
AttGS gst;
Collection<GameServerInfo> serverList = GameServerTable.getInstance().getRegisteredGameServers().values();
for(GameServerInfo gsi : serverList)
if((gst = gsi.getGameServer()) != null && gst.isAccountInGameServer(account))
return true;
return false;
}
public GameServerInfo getAccountOnGameServer(String account)
{
AttGS gst;
Collection<GameServerInfo> serverList = GameServerTable.getInstance().getRegisteredGameServers().values();
for(GameServerInfo gsi : serverList)
if((gst = gsi.getGameServer()) != null && gst.isAccountInGameServer(account))
return gsi;
return null;
}
public int getTotalOnlinePlayerCount()
{
int total = 0;
Collection<GameServerInfo> serverList = GameServerTable.getInstance().getRegisteredGameServers().values();
for(GameServerInfo gsi : serverList)
if(gsi.isAuthed())
total += gsi.getCurrentPlayerCount();
return total;
}
public int getMaxAllowedOnlinePlayers(int id)
{
GameServerInfo gsi = GameServerTable.getInstance().getRegisteredGameServerById(id);
if(gsi != null)
return gsi.getMaxPlayers();
return 0;
}
public boolean isLoginPossible(L2LoginClient client, int serverId)
{
GameServerInfo gsi = GameServerTable.getInstance().getRegisteredGameServerById(serverId);
int access = client.getAccessLevel();
boolean loginOk = gsi != null && gsi.isAuthed() && (gsi.getCurrentPlayerCount() < gsi.getMaxPlayers() || access >= 50);
if(loginOk && client.getLastServer() != serverId)
mysql.set("UPDATE accounts SET lastServer=? WHERE login=?", serverId, client.getAccount());
return loginOk;
}
public void setAccountAccessLevel(String user, int banLevel, String comments, int banTime)
{
ThreadConnection con = null;
FiltredPreparedStatement statement = null;
try
{
con = L2DatabaseFactory.getInstance().getConnection();
String stmt = "UPDATE accounts SET access_level = ?, comments = ?, banExpires = ? WHERE login=?";
statement = con.prepareStatement(stmt);
statement.setInt(1, banLevel);
statement.setString(2, comments);
statement.setInt(3, banTime);
statement.setString(4, user);
statement.executeUpdate();
}
catch(Exception e)
{
_log.warning("Could not set accessLevel: " + e);
}
finally
{
DatabaseUtils.closeDatabaseCS(con, statement);
}
}
public boolean isGM(String user)
{
boolean ok = false;
ThreadConnection con = null;
FiltredPreparedStatement statement = null;
ResultSet rset = null;
try
{
con = L2DatabaseFactory.getInstance().getConnection();
statement = con.prepareStatement("SELECT access_level FROM accounts WHERE login=?");
statement.setString(1, user);
rset = statement.executeQuery();
if(rset.next())
{
int accessLevel = rset.getInt(1);
if(accessLevel >= 100)
ok = true;
}
}
catch(Exception e)
{
//_log.warning("could not check gm state:"+e);
ok = false;
}
finally
{
DatabaseUtils.closeDatabaseCSR(con, statement, rset);
}
return ok;
}
/**
* <p>This method returns one of the cached {@link ScrambledKeyPair ScrambledKeyPairs} for communication with Login Clients.</p>
* @return a scrambled keypair
*/
public ScrambledKeyPair getScrambledRSAKeyPair()
{
return _keyPairs[Rnd.get(_keyPairs.length)];
}
public static final String[] account_field_columns = { "pay_stat", "access_level", "bonus", "bonus_expire",
"lastServer", };
public Status loginValid(String user, String password, L2LoginClient client)// throws HackingException
{
Status ok = new Status().setState(State.WRONG);
InetAddress address = client.getConnection().getSocket().getInetAddress();
Log.add("'" + (user == null ? "null" : user) + "' " + (address == null ? "null" : address.getHostAddress()), "logins_ip");
ThreadConnection con = null;
FiltredPreparedStatement statement = null;
ResultSet rset = null;
try
{
int lastServer = 1;
boolean paid = false;
boolean banned = false;
String phash = "";
con = L2DatabaseFactory.getInstance().getConnection();
statement = con.prepareStatement("SELECT password,pay_stat,access_level,bonus,bonus_expire,banExpires,lastServer,AllowIPs,lock_expire,lastactive,activated FROM accounts WHERE login=?");
statement.setString(1, user);
rset = statement.executeQuery();
if(rset.next())
{
client.account_fields = new StatsSet(rset, account_field_columns);
String allowedIps = rset.getString("AllowIPs");
int lock = rset.getInt("lock_expire");
int lastactive = rset.getInt("lastactive");
boolean expired = lock >= 0 && (lastactive + lock) * 1000L < System.currentTimeMillis();
if(!expired)
{
//TODO System.out.println("!expired");
Lock acclock = getLock(user);
if(acclock != null && !acclock.checkIP(client.getIpAddress()) && !acclock.checkHWID(client.getHWID()))
return new Status().setState(State.IP_ACCESS_DENIED);
}
else
//System.out.println("expired");
mysql.set("DELETE FROM `lock` WHERE login=?", user);
// legacy check
if(allowedIps != null && !allowedIps.isEmpty() && !allowedIps.equals("*"))
if(!expired)
{
NetList allowedList = new NetList();
allowedList.LoadFromString(allowedIps, ",");
if(!allowedList.isIpInNets(client.getIpAddress()))
return new Status().setState(State.IP_ACCESS_DENIED);
}
else
mysql.set("UPDATE `accounts` SET `AllowIPs`='*' WHERE login=?", user);
phash = rset.getString("password");
if(phash.equals(""))
return new Status().setState(State.WRONG);
paid = rset.getInt(2) == 1;
banned = rset.getInt(3) < 0;
long banTime = rset.getLong("banExpires");
if(rset.getInt("activated") == 1)
{
//TODO System.out.println("activated == 1");
int bonusTime = rset.getInt("bonus_expire");
ok.setBonus(bonusTime > System.currentTimeMillis() / 1000 || bonusTime < 0 ? rset.getFloat("bonus") : 1);
if(ok.bonus > 1)
ok.setBonusExpire(bonusTime);
}
else
{
//TODO System.out.println("activated != 1");
ok.setBonus(-1);
ok.setBonusExpire(-1);
}
//ok.setProxy(rset.getInt("proxy") == 1);
if(banTime == -1)
banned = true;
else if(banTime > 0)
if(banTime < System.currentTimeMillis() / 1000)
unBanAcc(user);
else
banned = true;
lastServer = Math.max(rset.getInt("lastServer"), 1);
if(Config.LOGIN_DEBUG)
_log.fine("account exists");
}
DatabaseUtils.closeDatabaseSR(statement, rset);
if(phash.equals(""))
{
if(Config.AUTO_CREATE_ACCOUNTS)
{
if(user != null && user.length() >= 2 && user.length() <= 14)
{
statement = con.prepareStatement("INSERT INTO accounts (login,password,lastactive,access_level,lastIP,comments) values(?,?,?,?,?,?)");
statement.setString(1, user);
statement.setString(2, DEFAULT_CRYPT.encrypt(password));
statement.setLong(3, System.currentTimeMillis() / 1000);
statement.setInt(4, 0);
statement.setString(5, address != null ? address.getHostAddress() : "");
statement.setString(6, "");
statement.execute();
DatabaseUtils.closeStatement(statement);
if(Config.LOGIN_DEBUG)
_log.fine("created new account for " + user);
return new Status().setState(State.VALID);
}
if(Config.LOGIN_DEBUG)
_log.fine("Invalid username creation/use attempt: " + user);
return new Status().setState(State.WRONG);
}
if(Config.LOGIN_DEBUG)
_log.fine("account missing for user " + user);
return new Status().setState(State.WRONG);
}
ok.setState(State.VALID);
// проверяем не зашифрован ли пароль одним из устаревших но поддерживаемых алгоритмов
boolean oldcrypt = false;
for(Crypt c : LEGACY_CRYPT)
if(c.compare(password, phash)) // если да то заменяем на стандартный
{
statement = con.prepareStatement("UPDATE accounts SET password=? WHERE login=?");
statement.setString(1, DEFAULT_CRYPT.encrypt(password));
statement.setString(2, user);
statement.execute();
DatabaseUtils.closeStatement(statement);
oldcrypt = true;
break;
}
// если старые алгоритмы не подошли проверяем стандартным
if(!oldcrypt && !DEFAULT_CRYPT.compare(password, phash))
return new Status().setState(State.WRONG);
if(!paid)
return new Status().setState(State.NOT_PAID);
if(banned)
return new Status().setState(State.BANNED);
if(ok.state == State.VALID)
{
statement = con.prepareStatement("UPDATE accounts SET lastactive=?, lastIP=? WHERE login=?");
statement.setLong(1, System.currentTimeMillis() / 1000);
statement.setString(2, address != null ? address.getHostAddress() : "");
statement.setString(3, user);
statement.execute();
client.setLastServer(lastServer);
}
}
catch(Exception e)
{
_log.warning("Could not check password:" + e);
e.printStackTrace();
ok.setState(State.WRONG);
}
finally
{
DatabaseUtils.closeDatabaseCSR(con, statement, rset);
}
if(ok.state != State.VALID)
{
Log.add("'" + user + "':'" + password + "' " + (address != null ? address.getHostAddress() : ""), "logins_ip_fails");
if(address != null)
{
FailedLoginAttempt failedAttempt = _hackProtection.get(address);
int failedCount;
if(failedAttempt == null)
{
_hackProtection.put(address, new FailedLoginAttempt(address, password));
failedCount = 1;
}
else
{
failedAttempt.increaseCounter(password);
failedCount = failedAttempt.getCount();
}
if(failedCount >= Config.LOGIN_TRY_BEFORE_BAN)
// TODO Configurable ban duration (10 mins for now)
this.addBanForAddress(address, 10 * 60 * 1000);
}
}
else
{
if(address != null)
_hackProtection.remove(address);
Log.add("'" + user + "' " + (address != null ? address.getHostAddress() : ""), "logins_ip");
}
return ok;
}
public void unBanAcc(String name)
{
ThreadConnection con = null;
FiltredPreparedStatement statement = null;
try
{
con = L2DatabaseFactory.getInstance().getConnection();
statement = con.prepareStatement("UPDATE accounts SET access_level = ?, banExpires = ? WHERE login = ?");
statement.setInt(1, 0);
statement.setInt(2, 0);
statement.setString(3, name);
statement.execute();
}
catch(Exception e)
{
_log.warning("Cant unban acc " + name + ", " + e);
}
finally
{
DatabaseUtils.closeDatabaseCS(con, statement);
}
}
public boolean loginBanned(String user)
{
boolean ok = false;
ThreadConnection con = null;
FiltredPreparedStatement statement = null;
ResultSet rset = null;
try
{
con = L2DatabaseFactory.getInstance().getConnection();
statement = con.prepareStatement("SELECT access_level FROM accounts WHERE login=?");
statement.setString(1, user);
rset = statement.executeQuery();
if(rset.next())
{
int accessLevel = rset.getInt(1);
if(accessLevel < 0)
ok = true;
}
}
catch(Exception e)
{
// digest algo not found ??
// out of bounds should not be possible
_log.warning("could not check ban state:" + e);
ok = false;
}
finally
{
DatabaseUtils.closeDatabaseCSR(con, statement, rset);
}
return ok;
}
class FailedLoginAttempt
{
//private InetAddress _ipAddress;
private int _count;
private long _lastAttempTime;
private String _lastPassword;
public FailedLoginAttempt(InetAddress address, String lastPassword)
{
//_ipAddress = address;
_count = 1;
_lastAttempTime = System.currentTimeMillis();
_lastPassword = lastPassword;
}
public void increaseCounter(String password)
{
if(!_lastPassword.equals(password))
{
// check if theres a long time since last wrong try
if(System.currentTimeMillis() - _lastAttempTime < 5 * 60 * 1000)
_count++;
else
// restart the status
_count = 1;
_lastPassword = password;
_lastAttempTime = System.currentTimeMillis();
}
else
_lastAttempTime = System.currentTimeMillis();
}
public int getCount()
{
return _count;
}
}
public class BanInfo
{
private InetAddress _ipAddress;
// Expiration
private long _expiration;
public BanInfo(InetAddress ipAddress, long expiration)
{
_ipAddress = ipAddress;
_expiration = expiration;
}
public InetAddress getAddress()
{
return _ipAddress;
}
public boolean hasExpired()
{
return System.currentTimeMillis() > _expiration;
}
}
class PurgeThread extends Thread
{
@Override
public void run()
{
while(true)
{
synchronized (_clients)
{
for(Record e = _clients.head(), end = _clients.tail(); (e = e.getNext()) != end;)
{
L2LoginClient client = _clients.valueOf(e);
if(client.getConnectionStartTime() + LOGIN_TIMEOUT >= System.currentTimeMillis())
client.close(LoginFailReason.REASON_ACCESS_FAILED);
}
}
synchronized (_loginServerClients)
{
for(FastMap.Entry<String, L2LoginClient> e = _loginServerClients.head(), end = _loginServerClients.tail(); (e = e.getNext()) != end;)
{
L2LoginClient client = e.getValue();
if(client.getConnectionStartTime() + LOGIN_TIMEOUT >= System.currentTimeMillis())
client.close(LoginFailReason.REASON_ACCESS_FAILED);
}
}
try
{
Thread.sleep(2 * LOGIN_TIMEOUT);
}
catch(InterruptedException e)
{
e.printStackTrace();
}
}
}
}
public boolean ipBlocked(String ipAddress)
{
int tries = 0;
InetAddress ia;
try
{
ia = InetAddress.getByName(ipAddress);
}
catch(UnknownHostException e)
{
return false;
}
if(_hackProtection.containsKey(ia))
tries = _hackProtection.get(ia).getCount();
if(tries > Config.LOGIN_TRY_BEFORE_BAN)
{
_hackProtection.remove(ia);
_log.warning("Removed host from hacklist! IP number: " + ipAddress);
return true;
}
return false;
}
public boolean setPassword(String account, String password)
{
boolean updated = true;
ThreadConnection con = null;
FiltredPreparedStatement statement = null;
try
{
con = L2DatabaseFactory.getInstance().getConnection();
MessageDigest md = MessageDigest.getInstance("SHA");
byte[] raw = password.getBytes("UTF-8");
byte[] hash = md.digest(raw);
statement = con.prepareStatement("UPDATE accounts SET password=? WHERE login=?");
statement.setString(1, Base64.encodeBytes(hash));
statement.setString(2, account);
statement.execute();
}
catch(Exception e)
{
e.printStackTrace();
updated = false;
}
finally
{
DatabaseUtils.closeDatabaseCS(con, statement);
}
return updated;
}
}
Сообщений: 2,846
Тем: 34
Зарегистрирован: Mar 2012
Репутация:
19,998
Сообщений: 5,863
Тем: 105
Зарегистрирован: Sep 2010
Репутация:
13,014
Нужно не искать новые логины, а править текущий. У тебя логин - ? (по сути null). На что и ругается сервер.
Сообщений: 1,912
Тем: 56
Зарегистрирован: Jan 2009
Репутация:
12,921
посмотрел
Цитата: mysql.set("UPDATE accounts SET lastServer=? WHERE login=?", serverId, client.getAccount());
вроде норм
mysql.java нужен
Сообщений: 40
Тем: 10
Зарегистрирован: Jun 2012
Репутация:
10
06-26-2012, 08:19 PM
(Сообщение последний раз редактировалось: 06-26-2012, 08:20 PM LDD.)
Zubastic Написал:Нужно не искать новые логины, а править текущий. У тебя логин - ? (по сути null). На что и ругается сервер.
Логин серв нормально видет мой логин.Логин латинскими буквами, я пробовал и другие логины,дело не в этом.
есть логи мускула,там видно что логин серв видет сам логин :
120624 8:29:22 145 Query SELECT expiretime FROM banned_ips WHERE ip='128.5.1.3'
145 Query SELECT password,pay_stat,access_level,bonus,bonus_expire, banExpires,lastServer,AllowIPs,lock_expire,lastact ive FROM accounts WHERE login='123456'
Добавлено через 1 минуту
VISTALL Написал:посмотрел
вроде норм
mysql.java нужен
Код: package l2p.database;
import java.sql.ResultSet;
import java.sql.ResultSetMetaData;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.concurrent.ConcurrentHashMap;
import java.util.logging.Logger;
import l2p.util.GArray;
public abstract class mysql
{
private static Logger _log = Logger.getLogger(mysql.class.getName());
/**
* Выполняет простой sql запросов, где ненужен контроль параметров<BR>
* ВНИМАНИЕ: В данном методе передаваемые параметры не проходят проверку на предмет SQL-инъекции!
* @param query Строка SQL запроса
* @return false в случае ошибки выполнения запроса либо true в случае успеха
*/
public static boolean setEx(L2DatabaseFactory db, String query, Object... vars)
{
ThreadConnection con = null;
FiltredStatement statement = null;
FiltredPreparedStatement pstatement = null;
try
{
if(db == null)
db = L2DatabaseFactory.getInstance();
con = db.getConnection();
if(vars.length == 0)
{
statement = con.createStatement();
statement.executeUpdate(query);
}
else
{
pstatement = con.prepareStatement(query);
pstatement.setVars(vars);
pstatement.executeUpdate();
}
}
catch(Exception e)
{
_log.warning("Could not execute update '" + query + "': " + e);
e.printStackTrace();
return false;
}
finally
{
DatabaseUtils.closeDatabaseCS(con, vars.length == 0 ? statement : pstatement);
}
return true;
}
public static boolean set(String query, Object... vars)
{
return setEx(null, query, vars);
}
public static boolean set(String query)
{
return setEx(null, query);
}
public static Object get(String query)
{
Object ret = null;
ThreadConnection con = null;
FiltredStatement statement = null;
ResultSet rset = null;
try
{
con = L2DatabaseFactory.getInstance().getConnection();
statement = con.createStatement();
rset = statement.executeQuery(query + " LIMIT 1");
ResultSetMetaData md = rset.getMetaData();
if(rset.next())
if(md.getColumnCount() > 1)
{
ConcurrentHashMap<String, Object> tmp = new ConcurrentHashMap<String, Object>();
for(int i = md.getColumnCount(); i > 0; i--)
tmp.put(md.getColumnName(i), rset.getObject(i));
ret = tmp;
}
else
ret = rset.getObject(1);
}
catch(Exception e)
{
_log.warning("Could not execute query '" + query + "': " + e);
e.printStackTrace();
}
finally
{
DatabaseUtils.closeDatabaseCSR(con, statement, rset);
}
return ret;
}
public static GArray<HashMap<String, Object>> getAll(String query)
{
GArray<HashMap<String, Object>> ret = new GArray<HashMap<String, Object>>();
ThreadConnection con = null;
FiltredStatement statement = null;
ResultSet rset = null;
try
{
con = L2DatabaseFactory.getInstance().getConnection();
statement = con.createStatement();
rset = statement.executeQuery(query);
ResultSetMetaData md = rset.getMetaData();
while(rset.next())
{
HashMap<String, Object> tmp = new HashMap<String, Object>();
for(int i = md.getColumnCount(); i > 0; i--)
tmp.put(md.getColumnName(i), rset.getObject(i));
ret.add(tmp);
}
}
catch(Exception e)
{
_log.warning("Could not execute query '" + query + "': " + e);
e.printStackTrace();
}
finally
{
DatabaseUtils.closeDatabaseCSR(con, statement, rset);
}
return ret;
}
public static GArray<Object> get_array(L2DatabaseFactory db, String query)
{
GArray<Object> ret = new GArray<Object>();
ThreadConnection con = null;
FiltredPreparedStatement statement = null;
ResultSet rset = null;
try
{
if(db == null)
db = L2DatabaseFactory.getInstance();
con = db.getConnection();
statement = con.prepareStatement(query);
rset = statement.executeQuery();
ResultSetMetaData md = rset.getMetaData();
while(rset.next())
if(md.getColumnCount() > 1)
{
ConcurrentHashMap<String, Object> tmp = new ConcurrentHashMap<String, Object>();
for(int i = 0; i < md.getColumnCount(); i++)
tmp.put(md.getColumnName(i + 1), rset.getObject(i + 1));
ret.add(tmp);
}
else
ret.add(rset.getObject(1));
}
catch(Exception e)
{
_log.warning("Could not execute query '" + query + "': " + e);
e.printStackTrace();
}
finally
{
DatabaseUtils.closeDatabaseCSR(con, statement, rset);
}
return ret;
}
public static GArray<Object> get_array(String query)
{
return get_array(null, query);
}
public static int simple_get_int(String ret_field, String table, String where)
{
String query = "SELECT " + ret_field + " FROM `" + table + "` WHERE " + where + " LIMIT 1;";
int res = 0;
ThreadConnection con = null;
FiltredPreparedStatement statement = null;
ResultSet rset = null;
try
{
con = L2DatabaseFactory.getInstance().getConnection();
statement = con.prepareStatement(query);
rset = statement.executeQuery();
if(rset.next())
res = rset.getInt(1);
}
catch(Exception e)
{
_log.warning("mSGI: Error in query '" + query + "':" + e);
e.printStackTrace();
}
finally
{
DatabaseUtils.closeDatabaseCSR(con, statement, rset);
}
return res;
}
public static Integer[][] simple_get_int_array(L2DatabaseFactory db, String[] ret_fields, String table, String where)
{
long start = System.currentTimeMillis();
String fields = null;
for(String field : ret_fields)
if(fields != null)
{
fields += ",";
fields += "`" + field + "`";
}
else
fields = "`" + field + "`";
String query = "SELECT " + fields + " FROM `" + table + "` WHERE " + where;
ThreadConnection con = null;
FiltredPreparedStatement statement = null;
ResultSet rset = null;
Integer res[][] = null;
try
{
if(db == null)
db = L2DatabaseFactory.getInstance();
con = db.getConnection();
statement = con.prepareStatement(query);
rset = statement.executeQuery();
ArrayList<Integer[]> al = new ArrayList<Integer[]>();
int row = 0;
while(rset.next())
{
Integer[] tmp = new Integer[ret_fields.length];
for(int i = 0; i < ret_fields.length; i++)
tmp[i] = rset.getInt(i + 1);
al.add(row, tmp);
row++;
}
res = al.toArray(new Integer[row][ret_fields.length]);
}
catch(Exception e)
{
_log.warning("mSGIA: Error in query '" + query + "':" + e);
e.printStackTrace();
}
finally
{
DatabaseUtils.closeDatabaseCSR(con, statement, rset);
}
_log.fine("Get all rows in query '" + query + "' in " + (System.currentTimeMillis() - start) + "ms");
return res;
}
public static Integer[][] simple_get_int_array(String[] ret_fields, String table, String where)
{
return simple_get_int_array(null, ret_fields, table, where);
}
}
Сообщений: 5,863
Тем: 105
Зарегистрирован: Sep 2010
Репутация:
13,014
Под новым логином я имел ввиду:
Цитата:Нашёл немного другую версию л2п логин серва.
Сообщений: 1,912
Тем: 56
Зарегистрирован: Jan 2009
Репутация:
12,921
чето невкурил - там ищо сорс нужен.
Банально проверте таблицу аккаунтс , на все поля
|
