using System; using System.Net; using System.Text; using System.Linq; using System.Data; using System.Threading; using System.Net.Sockets; using System.Data.SqlClient; using Filter.Networking.Instances; using Filter.Networking.Manager; using Filter.Utilities; namespace Filter.Networking.RemoteConsole { internal class RemoteClient : Client, IDisposable { public Int32 AccountID; public String CharacterName; public DateTime LastWhisper = DateTime.MinValue; public RemoteClient(Socket AcceptedSocket, IPEndPoint AcceptedEndPoint) : base(AcceptedSocket, AcceptedEndPoint) { Program.RemoteLoggedIn.Add(this); Receive(); } public override void Connected() { } public override void ConnectFailed(SocketException Exception) { } public override void Received(Byte[] Buffer) { String ReceivedText = Encoding.ASCII.GetString(Buffer); String[] ReceivedTextSplit = ReceivedText.Split('#'); if (ReceivedTextSplit[0] == "Login") { String Username = ReceivedTextSplit[1]; String Password = Hashing.TenTimesMD5(ReceivedTextSplit[2]); String Character = ReceivedTextSplit[3]; if (Username.Contains(" ")) { Send(Encoding.ASCII.GetBytes("Login#0")); } else if (Username.Length > 20) { Send(Encoding.ASCII.GetBytes("Login#1")); } else if (Password.Contains(" ")) { Send(Encoding.ASCII.GetBytes("Login#2")); } else if (Character != "V9bRgjZJB4EJygBh7pRc" && Character.Length > 16) { Send(Encoding.ASCII.GetBytes("Login#3")); } else if (Character != "V9bRgjZJB4EJygBh7pRc" && Character.Contains(" ")) { Send(Encoding.ASCII.GetBytes("Login#4")); } else { using (var Connection = new SqlConnection()) { Connection.ConnectionString = Program.ConnectionBuilder.ConnectionString; try { Connection.Open(); } catch { } if (Connection.State == ConnectionState.Open) { using (var Command = Connection.CreateCommand()) { Command.CommandText = String.Format("SELECT TOP 1 nEMID, nAuthID FROM {0}..tAccounts WHERE sUsername = '{1}' AND sUserPass = '{2}'", Program.Config.SQLAccount, Username, Password); Byte nAuthID = 0; using(var Reader = Command.ExecuteReader()) { while(Reader.Read()) { AccountID = Convert.ToInt32(Reader["nEMID"]); nAuthID = Convert.ToByte(Reader["nAuthID"]); } Reader.Close(); } if (AccountID == 0) { Send(Encoding.ASCII.GetBytes("Login#5")); } else { if (Character != "V9bRgjZJB4EJygBh7pRc") { Command.CommandText = String.Format("SELECT TOP 1 sID FROM {0}..tCharacter WHERE sID = '{1}' AND nUserNo = '{2}'", Program.Config.SQLCharacter, Character, AccountID); CharacterName = Convert.ToString(Command.ExecuteScalar()); if (CharacterName == String.Empty) { Send(Encoding.ASCII.GetBytes("Login#6")); } else { Send(Encoding.ASCII.GetBytes(String.Format("Login#7#{0}#{1}", Username, CharacterName))); } } else { Command.CommandText = String.Format("SELECT TOP 1 sMessage FROM {0}..tAuth WHERE nAuthID = '{1}' AND nLoginable = '0'", Program.Config.SQLAccount, nAuthID); String Message = Convert.ToString(Command.ExecuteScalar()); if (Message != String.Empty) { Send(Encoding.ASCII.GetBytes(String.Format("Login#6#{0}", Message))); } else { String Token = Guid.NewGuid().ToString().Replace("-", ""); Command.CommandText = String.Format("INSERT INTO {0}..tTokens (nEMID, sToken) VALUES ('{1}', '{2}')", Program.Config.SQLAccount, AccountID, Token); Int32 RowsAffected = Command.ExecuteNonQuery(); if (RowsAffected == 0) { Send(Encoding.ASCII.GetBytes("Login#7")); } else { Send(Encoding.ASCII.GetBytes(String.Format("Login#8#{0}", Token))); } } } } } } Connection.Close(); } } } else if (ReceivedTextSplit[0] == "Register") { String Username = ReceivedTextSplit[1]; String DBUsername = String.Empty; String Password = ReceivedTextSplit[2]; String HashPassword = Hashing.TenTimesMD5(Password); String Email = ReceivedTextSplit[3]; if (Username.Contains(" ")) { Send(Encoding.ASCII.GetBytes("Register#0")); } else if (Username.Length > 20) { Send(Encoding.ASCII.GetBytes("Register#1")); } else if (Password.Contains(" ")) { Send(Encoding.ASCII.GetBytes("Register#2")); } else if (Email.Length > 50) { Send(Encoding.ASCII.GetBytes("Register#3")); } else if (Email.Contains(" ")) { Send(Encoding.ASCII.GetBytes("Register#4")); } else if (!Email.Contains("@")) { Send(Encoding.ASCII.GetBytes("Register#5")); } else if (!Email.Contains(".")) { Send(Encoding.ASCII.GetBytes("Register#5")); } else { using (var Connection = new SqlConnection()) { Connection.ConnectionString = Program.ConnectionBuilder.ConnectionString; try { Connection.Open(); } catch { } if (Connection.State == ConnectionState.Open) { using (var Command = Connection.CreateCommand()) { Command.CommandText = String.Format("SELECT TOP 1 sUsername FROM {0}..tAccounts WHERE sUsername = '{1}'", Program.Config.SQLAccount, Username); DBUsername = Convert.ToString(Command.ExecuteScalar()); if (DBUsername != String.Empty) { Send(Encoding.ASCII.GetBytes("Register#6")); } else { Command.CommandText = String.Format("INSERT INTO {0}..tAccounts (sUsername, sUserPass, sUserPassSalt, sEmail, nAuthID, sIP, dDate, nAGPoints, nBonusAGPoints, sRID) VALUES ('{1}', '{2}', '-', '{3}', 3, '{4}', '{5}', 0, 0, '-')", Program.Config.SQLAccount, Username, HashPassword, Email, RemoteAddress, DateTime.Now); Int32 RowsAffected = Command.ExecuteNonQuery(); if (RowsAffected == 0) { Send(Encoding.ASCII.GetBytes("Register#7")); } else { Send(Encoding.ASCII.GetBytes(String.Format("Register#8#{0}#{1}#{2}#{3}", Username, Password, Email, HashPassword))); } } Connection.Close(); } } } } } else if (CharacterName == String.Empty) { Disconnect(); } else if (ReceivedTextSplit[0] == "Ping") { } else if (ReceivedTextSplit[0] == "Online") { String OnlineString = "Online#"; foreach (var MClient in Program.ManagerLoggedIn.Values.Where(Character => Character.CharacterName != String.Empty)) { OnlineString += String.Concat(MClient.CharacterName, "|"); } Send(Encoding.ASCII.GetBytes(OnlineString.TrimEnd('|'))); } else if (ReceivedTextSplit[0] == "Whisper") { String Receiver = ReceivedTextSplit[1]; String Message = ReceivedTextSplit[2]; ManagerClient MClient; if ((MClient = Program.ManagerLoggedIn.Values.Where(Character => Character.CharacterName.ToLower() == Receiver.ToLower()).FirstOrDefault()) != null) { Char InvalidSymbol; if (Program.Config.WhisperProtect && Injection.ContainsInvalidSymbol(Message, out InvalidSymbol)) { Send(Encoding.ASCII.GetBytes("Whisper#Bin")); } else { if (LastWhisper > DateTime.Now && LastWhisper != DateTime.MinValue) { TimeSpan WaitSpan = LastWhisper.Subtract(DateTime.Now); Send(Encoding.ASCII.GetBytes(String.Format("Whisper#Wait#{0}", WaitSpan.Seconds))); } else { Echo.SendWhisper(CharacterName, MClient, Message); Send(Encoding.ASCII.GetBytes(String.Format("Whisper#Online#{0}#{1}", Receiver, Message))); LastWhisper = DateTime.Now.AddSeconds(3); if (Program.Config.WhisperLog) { using (var Connection = new SqlConnection()) { Connection.ConnectionString = Program.ConnectionBuilder.ConnectionString; try { Connection.Open(); } catch { } if (Connection.State == ConnectionState.Open) { using (var Command = Connection.CreateCommand()) { Command.CommandText = String.Format("INSERT INTO {0}..tWhisper (sSender, sMessage) VALUES ('{1}', '{2}')", Program.Config.SQLChatLogs, CharacterName, Message); try { Command.ExecuteNonQuery(); } catch { } } } Connection.Close(); } } } } } else { Send(Encoding.ASCII.GetBytes("Whisper#Offline")); } } else if (ReceivedTextSplit[0] == "ChangePassword") { String Password = ReceivedTextSplit[1]; if (Password != "V9bRgjZJB4EJygBh7pRc") { String HashPassword = Hashing.TenTimesMD5(Password); if (Password.Contains(" ")) { Send(Encoding.ASCII.GetBytes("ChangePassword#0")); } else { using (var Connection = new SqlConnection()) { Connection.ConnectionString = Program.ConnectionBuilder.ConnectionString; try { Connection.Open(); } catch { } if (Connection.State == ConnectionState.Open) { using (var Command = Connection.CreateCommand()) { Command.CommandText = String.Format("UPDATE {0}..tAccounts SET sUserPass = '{1}' WHERE nEMID = '{2}'", Program.Config.SQLAccount, HashPassword, AccountID); Int32 RowsAffected = Command.ExecuteNonQuery(); if (RowsAffected == 0) { Send(Encoding.ASCII.GetBytes("ChangePassword#1")); } else { Send(Encoding.ASCII.GetBytes(String.Format("ChangePassword#2#{0}#{1}", Password, HashPassword))); } } } Connection.Close(); } } } else { String Username = ReceivedTextSplit[2]; String OPassword = ReceivedTextSplit[3]; String NPassword = ReceivedTextSplit[4]; String NCPassword = ReceivedTextSplit[5]; if (Username.Contains(" ")) { Send(Encoding.ASCII.GetBytes("ChangePassword#0")); } else if (Username.Length > 20) { Send(Encoding.ASCII.GetBytes("ChangePassword#1")); } else if (OPassword.Contains(" ")) { Send(Encoding.ASCII.GetBytes("ChangePassword#2")); } else if (NPassword.Contains(" ")) { Send(Encoding.ASCII.GetBytes("ChangePassword#3")); } else if (NCPassword.Contains(" ")) { Send(Encoding.ASCII.GetBytes("ChangePassword#4")); } else { String HashOPassword = Hashing.TenTimesMD5(OPassword); String HashNPassword = Hashing.TenTimesMD5(NPassword); String HashNCPassword = Hashing.TenTimesMD5(NCPassword); if (HashNPassword == HashNCPassword) { using (var Connection = new SqlConnection()) { Connection.ConnectionString = Program.ConnectionBuilder.ConnectionString; try { Connection.Open(); } catch { } if (Connection.State == ConnectionState.Open) { using (var Command = Connection.CreateCommand()) { Command.CommandText = String.Format("SELECT TOP 1 sUsername FROM {0}..tAccounts WHERE sUsername = '{1}' AND sUserPass = '{2}'", Program.Config.SQLAccount, Username, HashOPassword); Username = Convert.ToString(Command.ExecuteScalar()); if (Username == String.Empty) { Send(Encoding.ASCII.GetBytes("ChangePassword#6")); } else { Command.CommandText = String.Format("UPDATE {0}..tAccounts SET sUserPass = '{1}' WHERE sUsername = '{2}'", Program.Config.SQLAccount, HashNPassword, Username); Int32 RowsAffected = Command.ExecuteNonQuery(); if (RowsAffected == 0) { Send(Encoding.ASCII.GetBytes("ChangePassword#7")); } else { Send(Encoding.ASCII.GetBytes(String.Format("ChangePassword#8#{0}#{1}#{2}#{3}", Username, OPassword, NPassword, HashNPassword))); } } } } Connection.Close(); } } else { Send(Encoding.ASCII.GetBytes("ChangePassword#5")); } } } } else if (ReceivedTextSplit[0] == "ShowPPassword") { using (var Connection = new SqlConnection()) { Connection.ConnectionString = Program.ConnectionBuilder.ConnectionString; try { Connection.Open(); } catch { } if (Connection.State == ConnectionState.Open) { using (var Command = Connection.CreateCommand()) { Command.CommandText = String.Format("SELECT TOP 1 sUserPass FROM {0}..tAccounts WHERE nEMID = '{1}'", Program.Config.SQLAccount, AccountID); Send(Encoding.ASCII.GetBytes(String.Format("ShowMessage#Protected Password: {0}", Command.ExecuteScalar()))); } } Connection.Close(); } } else if (ReceivedTextSplit[0] == "Email") { using (var Connection = new SqlConnection()) { Connection.ConnectionString = Program.ConnectionBuilder.ConnectionString; try { Connection.Open(); } catch { } if (Connection.State == ConnectionState.Open) { using (var Command = Connection.CreateCommand()) { Command.CommandText = String.Format("SELECT TOP 1 sEmail FROM {0}..tAccounts WHERE nEMID = '{1}'", Program.Config.SQLAccount, AccountID); Send(Encoding.ASCII.GetBytes(String.Format("ShowMessage#Email: {0}", Command.ExecuteScalar()))); } } Connection.Close(); } } else if (ReceivedTextSplit[0] == "IPAddress") { using (var Connection = new SqlConnection()) { Connection.ConnectionString = Program.ConnectionBuilder.ConnectionString; try { Connection.Open(); } catch { } if (Connection.State == ConnectionState.Open) { using (var Command = Connection.CreateCommand()) { Command.CommandText = String.Format("SELECT TOP 1 sIP FROM {0}..tAccounts WHERE nEMID = '{1}'", Program.Config.SQLAccount, AccountID); Send(Encoding.ASCII.GetBytes(String.Format("ShowMessage#Registered IPAddress: {0}", Command.ExecuteScalar()))); } } Connection.Close(); } } else if (ReceivedTextSplit[0] == "CreateDateTime") { using (var Connection = new SqlConnection()) { Connection.ConnectionString = Program.ConnectionBuilder.ConnectionString; try { Connection.Open(); } catch { } if (Connection.State == ConnectionState.Open) { using (var Command = Connection.CreateCommand()) { Command.CommandText = String.Format("SELECT TOP 1 dDate FROM {0}..tAccounts WHERE nEMID = '{1}'", Program.Config.SQLAccount, AccountID); Send(Encoding.ASCII.GetBytes(String.Format("ShowMessage#Create Date & Time: {0}", Command.ExecuteScalar()))); } } Connection.Close(); } } else if (ReceivedTextSplit[0] == "MallPoints") { using (var Connection = new SqlConnection()) { Connection.ConnectionString = Program.ConnectionBuilder.ConnectionString; try { Connection.Open(); } catch { } if (Connection.State == ConnectionState.Open) { using (var Command = Connection.CreateCommand()) { Command.CommandText = String.Format("SELECT TOP 1 nAGPoints FROM {0}..tAccounts WHERE nEMID = '{1}'", Program.Config.SQLAccount, AccountID); Send(Encoding.ASCII.GetBytes(String.Format("ShowMessage#Mall Points: {0}", Command.ExecuteScalar()))); } } Connection.Close(); } } else if (ReceivedTextSplit[0] == "Characters") { using (var Connection = new SqlConnection()) { Connection.ConnectionString = Program.ConnectionBuilder.ConnectionString; try { Connection.Open(); } catch { } if (Connection.State == ConnectionState.Open) { using (var Command = Connection.CreateCommand()) { Command.CommandText = String.Format("SELECT sID, nLevel, nSlotNo FROM {0}..tCharacter WHERE nUserNo = '{1}' AND bDeleted = '0'", Program.Config.SQLCharacter, AccountID); String Message = "Characters#"; using (var Reader = Command.ExecuteReader()) { while (Reader.Read()) { Message += String.Format("{0} [Lv. {1}] [Slot {2}]|", Reader["sID"], Reader["nLevel"], Reader["nSlotNo"]); } Message = Message.TrimEnd('|'); Reader.Close(); } Send(Encoding.ASCII.GetBytes(Message)); } } Connection.Close(); } } else { Disconnect(); } } public override void Disconnected() { } } }