Ejemplo n.º 1
0
 public void banMacs() {
   Connection con = DatabaseConnection.getConnection();
   try {
     loadMacsIfNescessary();
     List<String> filtered = new LinkedList<String>();
     PreparedStatement ps = con.prepareStatement("SELECT filter FROM macfilters");
     ResultSet rs = ps.executeQuery();
     while (rs.next()) {
       filtered.add(rs.getString("filter"));
     }
     rs.close();
     ps.close();
     ps = con.prepareStatement("INSERT INTO macbans (mac) VALUES (?)");
     for (String mac : macs) {
       boolean matched = false;
       for (String filter : filtered) {
         if (mac.matches(filter)) {
           matched = true;
           break;
         }
       }
       if (!matched) {
         ps.setString(1, mac);
         try {
           ps.executeUpdate();
         } catch (SQLException e) {
           // can fail because of UNIQUE key, we dont care
         }
       }
     }
     ps.close();
   } catch (SQLException e) {
   }
 }
Ejemplo n.º 2
0
 public int login(String login, String pwd, boolean ipMacBanned) {
   loginattempt++;
   if (loginattempt > 6) {
     getSession().close(true);
   }
   int loginok = 5;
   Connection con = DatabaseConnection.getConnection();
   try {
     PreparedStatement ps =
         con.prepareStatement(
             "SELECT id, password, salt, banned, gm, pin, greason, tempban FROM accounts WHERE name = ?");
     ps.setString(1, login);
     ResultSet rs = ps.executeQuery();
     if (rs.next()) {
       int banned = rs.getInt("banned");
       this.accId = rs.getInt("id");
       setAccID(rs.getInt("id"));
       this.gmlevel = rs.getInt("gm");
       pin = rs.getString("pin");
       String passhash = rs.getString("password");
       String salt = rs.getString("salt");
       greason = rs.getByte("greason");
       tempban = getTempBanCalendar(rs);
       ps.close();
       if (banned > 0) {
         loginok = 3;
       } else {
         if (banned == -1) { // unban
           int i;
           try {
             loadMacsIfNescessary();
             // StringBuilder sql = new StringBuilder("DELETE FROM macbans WHERE mac IN (");
             for (i = 0; i < macs.size(); i++) {
               // sql.append("?");
               if (i != macs.size() - 1) {
                 // sql.append(", ");
               }
             }
             // sql.append(")");
             // ps = con.prepareStatement(sql.toString());
             i = 0;
             for (String mac : macs) {
               ps.setString(++i, mac);
             }
             ps.executeUpdate();
             ps.close();
             ps = con.prepareStatement("DELETE FROM ipbans WHERE ip LIKE CONCAT(?, '%')");
             ps.setString(1, getSession().getRemoteAddress().toString().split(":")[0]);
             ps.executeUpdate();
             ps.close();
             ps =
                 con.prepareStatement(
                     "UPDATE accounts SET banned = 0, norankupdate = 0 WHERE id = ?");
             ps.setInt(1, accId);
             ps.executeUpdate();
             ps.close();
           } catch (SQLException e) {
             e.printStackTrace();
           }
         }
         if (banned == 1) {
           loginok = 3;
         }
         if (getLoginState() > LOGIN_NOTLOGGEDIN) { // already loggedin
           loggedIn = false;
           loginok = 7;
         } else if (pwd.equals(passhash)
             || checkHash(passhash, "SHA-1", pwd)
             || checkHash(passhash, "SHA-512", pwd + salt)) {
           loginok = 0;
         } else {
           loggedIn = false;
           loginok = 4;
         }
       }
     }
     rs.close();
     ps.close();
   } catch (Exception e) {
     e.printStackTrace();
   }
   if (loginok == 0) {
     loginattempt = 0;
   }
   return loginok;
 }