1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
// TMW2 Script
// Author:
// Jesusalva
function script UserCtrlPanel {
do
{
clear;
setnpcdialogtitle l("User Control Panel");
mes l("This menu gives you some options which affect your account.");
mes l("In some cases, your pincode will be required.");
mes "";
mes l("What do you want to access?");
next;
select
l("Rules"),
l("Game News"),
l("Account Information"),
rif(getcharid(2) > 0, l("Guild Information")),
l("Change Language"),
rif(is_admin() && $@GM_OVERRIDE, l("LoF Merge")),
l("Quit");
switch (@menu)
{
case 1: GameRules; break;
case 2: GameNews; break;
case 3:
if (!validatepin())
break;
if (!@lgc) {
query_sql("SELECT email,logincount,last_ip FROM `login` WHERE account_id="+getcharid(3)+" LIMIT 2", .@email$, .@lgc, .@ip$);
@email$=.@email$;
@lgc=.@lgc;
@ip$=.@ip$;
} else {
.@email$=@email$;
.@lgc=@lgc;
.@ip$=@ip$;
}
mes l("Char Name: @@", strcharinfo(0));
mes l("Party Name: @@", strcharinfo(1));
mes l("Guild Name: @@", strcharinfo(2));
mes l("Clan Name: @@", strcharinfo(4));
mes "";
mes l("Email: @@", .@email$[0]);
if (Sex)
mes l("Male");
else
mes l("Female");
mes l("Last IP: @@", .@ip$[0]);
mes l("Total Logins: @@", .@lgc[0]);
next;
if (@query)
break;
@query=1;
query_sql("SELECT name,last_login,last_map,partner_id FROM `char` WHERE account_id="+getcharid(3)+" LIMIT 9", .@name$, .@lastlogin$, .@map$, .@married);
for (.@i = 1; .@i <= getarraysize(.@name$); .@i++) {
mesn .@name$[.@i-1];
mes l("Last Seen: @@", FuzzyTime(.@lastlogin$[.@i-1]));
mes l("Last map: @@", .@map$[.@i-1]);
if (.@married[.@i-1])
mes l("Married with @@", gf_charname(.@married[.@i-1]));
mes "";
}
next;
break;
case 4:
.@gid=getcharid(2);
mesc (".:: "+getguildname(.@gid)+" ::."), 1;
mesc l("Guild Master: @@", getguildmaster(.@gid)), 3;
if (getguildnxp(.@gid) > 0)
mesc l("Guild Lv @@, @@/@@ EXP to level up", getguildlvl(.@gid), getguildexp(.@gid), getguildnxp(.@gid));
else
mesc l("Guild Lv @@, @@/@@ EXP to level up", getguildlvl(.@gid), getguildexp(.@gid), "???");
mes "";
mesc l("Average player level: @@", getguildavg(.@gid));
mesc l("Your position on the guild: @@", getguildrole(.@gid, getcharid(3), true));
next;
break;
case 5: asklanguage(LANG_IN_SHIP); break;
case 6:
mesn "Jesusalva";
mesq l("What do you think you are doing, anyway?!");
next;
mesc l("LoF Username:");
input .@userid$;
mesc l("LoF Password:");
input .@passid$;
next;
mesc l("Imagine I'm now blacklisting you for a hour with a #VARIABLE. Maybe 3 weekly attempts.");
mesc l("Now imagine I just did a SQL query to fetch your account password and salt.");
mesc l("For now, I'll assume your salt is... 9, why not.");
next;
.@pid$=md5(.@passid$);
.@slt$=md5("9");
.@buf$=.@pid$+.@slt$;
// TmwA Dark Magic is needed
// See src/generic/md5.cpp and src/high/md5more.cpp
// Remember to move crappy stuff like this to a blackbox
// One final move
.@passwd$=md5(.@buf$);
// For check we can use compare(.@passwd$, "<real password>")
mesc l("Now, your hash might be @@.", .@passwd$);
.@userid$="";.@passid$="";
mesc l("Of course, this is only some random md5 functions for fun.");
mesc l("Actually, this fails without tmwa dark magic.");
mesc l("User account safety is at stake, too, so I'll move this crap to a blackbox once done.");
break;
case 7: close; break;
}
} while (1);
}
- script @ucp 32767,{
end;
OnCall:
UserCtrlPanel;
closedialog;
end;
OnInit:
bindatcmd "ucp", "@ucp::OnCall", 0, 99, 0;
}
|
