function initLoginScreenForPlayer(player) -- show blur screen or w/e f

1. function initLoginScreenForPlayer(player)
2. -- show blur screen or w/e
3. fadeCamera(player,true,2.0,0,0,0)
4. showChat(source,false)
5. triggerClientEvent(player,"USGaccounts.showLogin",player)
6. end
7.  
8. addEvent("checkForBan",true)
9. addEventHandler("checkForBan",root,
10. function()
11. local serialBan = exports.USGbans:getSerialBan(getPlayerSerial(client))
12. if (serialBan) then
13. setElementData(client,"occupation","Banned")
14. triggerClientEvent(client,"returnPlayerIsBanned",source,serialBan)
15. elseif not ( isPlayerLoggedIn(source) ) then
16. initLoginScreenForPlayer(source)
17. end
18. end)
19.  
20. local LATEST_VERSION = 0
21.  
22. addEvent("onPlayerAttemptLogin",true)
23. addEventHandler("onPlayerAttemptLogin",root,
24. function (username, password)
25. if(username and password) then
26. local username = username:lower()
27. local player = getPlayerFromAccount(username)
28. if(player) then
29. triggerClientEvent(source,"showStatusNotice",source,
30. "This account is in use by "..getPlayerName(player),
31. 255,0,0)
32. return false
33. end
34. local accountBan = exports.USGbans:getAccountBan(username)
35. if(accountBan) then
36. triggerClientEvent(source,"showStatusNotice",source,
37. "This account is banned until "..exports.USG:getDateTimeString(accountBan.endtimestamp).."\nReason: "..accountBan.reason,
38. 255,0,0)
39. return false
40. end
41. local q = query(attemptLoginCallback,{source,username, password},"SELECT password,playtime,version FROM accounts WHERE username=?",username)
42. if(not q) then
43. triggerClientEvent(source,"showStatusNotice",source,"Database offline, can't login! Try again later.",255,0,0)
44. end
45. end
46. end
47. )
48.  
49. function attemptLoginCallback(result, player, username, password)
50. outputServerLog("USGaccounts - attemptLoginCallback")
51. if(not result or not result[1]) then
52. outputServerLog("USGaccounts - no result")
53. triggerClientEvent(player,"showStatusNotice",player,username.." doesn't exist! register it to use the username.",255,0,0)
54. return false
55. end
56.  
57. local account = result[1]
58. outputServerLog("USGaccounts - calculating hash with version "..account.version)
59. local verified = verifyPassword(username, password, account.password, account.version)
60. outputServerLog("USGaccounts - comparing")
61.  
62. if(verified or account.version == 2) then -- log in
63. if(false and account.version ~= LATEST_VERSION) then
64. local newPass = hash(username, password, LATEST_VERSION)
65. exports.MySQL:execute("UPDATE accounts SET password=?,version=? WHERE username=?",newPass,LATEST_VERSION,username)
66. end
67. if(account.version == 2) then
68. local newPass = hash(username,password,0)
69. exports.MySQL:execute("UPDATE accounts SET password=?,version=? WHERE username=?",newPass,0,username)
70. end
71. outputServerLog("USGaccounts - checking for mods")
72. if ( not exports.USGanticheat:doesPlayerHaveIllegalMods(source) ) then
73. outputServerLog("USGaccounts - no mods, logging in")
74. loginPlayer(username, player, account.playtime)
75. else
76. outputServerLog("USGaccounts - has mods, sending info to client")
77. triggerClientEvent(player, "USGaccounts.onShowModInfo",player,exports.USGanticheat:getPlayerAntiModInfo(player))
78. end
79. else
80. outputServerLog("USGaccounts - pass incorrect")
81. triggerClientEvent(player,"showStatusNotice",player,"Password is incorrect! please try again!",255,0,0)
82. return false
83. end
84. end
85.  
86. function loginPlayer(username, player, playtime)
87. if(not username) then return false end
88. setElementData(player,"account",username)
89. setElementData(player,"loginTick",getRealTime().timestamp)
90. if(playtime) then
91. setElementData(player,"playTime", playtime)
92. end
93. triggerClientEvent(player,"USGaccounts.closeLogin",player)
94. fadeCamera(player,false,1)
95. triggerEvent("onServerPlayerLogin",player)
96. triggerClientEvent("onServerPlayerLogin",player)
97. exports.mysql:execute("INSERT INTO logins ( loginaccount,loginserial,loginnick,logindate,loginip ) VALUES (?,?,?,NOW(),?)",
98. username, getPlayerSerial(player), getPlayerName(player), getPlayerIP(player))
99. end
100.  
101. addEvent("USGaccounts.onRegister",true)
102. addEvent("onPlayerAttemptRegister",true)
103. addEventHandler("onPlayerAttemptRegister", root,
104. function (username,password,email)
105. if(username and password and email) then
106. local username = username:lower()
107. if(#username > 64) then
108. triggerClientEvent(source,"showStatusNotice",source,"Your username is too long ( "..#username.."/64 ).")
109. return false
110. end
111. local q = singleQuery(attemptRegisterExistsCallback,{source,username,password,email},"SELECT username,email FROM accounts WHERE username=? OR email=? LIMIT 1",username, email)
112. if(not q) then
113. exports.USGmsg:msg(source,"Database offline, can't register! Try again later.", 255,0,0)
114. return false
115. end
116. end
117. end
118. )
119.  
120. function attemptRegisterExistsCallback(result,player,username,password,email)
121. outputServerLog("USGaccounts - attemptRegisterExistsCallback")
122. if(result) then
123. if(result.username == username and result.email == email) then
124. triggerClientEvent(player,"showStatusNotice",player,"Username and email are already registered! Try to recover your password.",255,0,0)
125. elseif(result.username == username) then
126. triggerClientEvent(player,"showStatusNotice",player,username.." is already registered! Please choose another username!",255,0,0)
127. elseif(result.email == email) then
128. triggerClientEvent(player,"showStatusNotice",player,email.." is already registered! Please choose another email!",255,0,0)
129. end
130. return false
131. end
132. local pass = hash(username,password)
133. if (exports.mysql:execute("INSERT INTO accounts (username,password,email,registerserial,registerdate,registerIP) VALUES (?,?,?,?,NOW(),?)",
134. username:lower(),pass,email,getPlayerSerial(player),getPlayerIP(player))) then
135. exports.mysql:execute("INSERT INTO accountsdata (username, staffnotes) VALUES(?,?)",username,"") -- make the data row for this player
136. exports.mysql:execute("INSERT INTO accountstats (username) VALUES(?)",username) -- make the stat row for this player
137. triggerClientEvent(player,"showStatusNotice",player,"Your account "..username.." was successfully registered!",0,255,0)
138. triggerClientEvent(player,"closeTab",player,"register")
139. exports.system:log("Account - Register",getPlayerName(player).." has registered account "..username,player)
140. loginPlayer(username, player)
141. else
142. triggerClientEvent(player,"showStatusNotice",player,"An error occured while trying to register "..username..", please contact a administrator.")
143. exports.system:logError("USGaccounts","An error occured while trying to register "..username.." for "..getPlayerName(player).."!")
144. end
145. end
146.  
147. addEvent("USGaccounts.requestPassword", true)
148. addEventHandler("USGaccounts.requestPassword", root,
149. function (username, email)
150. if(username and email) then
151. username = username:lower()
152. singleQuery(requestPasswordCallback, {username, email, client}, "SELECt * FROM accounts WHERE username=? AND email=?",username,email)
153. end
154. end
155. )
156.  
157. function requestPasswordCallback(result, username, email, player)
158. if(result) then
159. local newPassword = generatePassword()
160. if(exports.MySQL:execute("UPDATE accounts SET password=? WHERE username=?", hash(username,newPassword), username)) then
161. callRemote("usgmta.net/password.php",function () end,username,email,newPassword)
162. triggerClientEvent(player,"showStatusNotice",player,"Check your email for your new password ( wait a few minutes and make sure to check the spam folder ).",0,255,0)
163. else
164. triggerClientEvent(player,"showStatusNotice",player,"Something went wrong trying to change your password, try again later.",255,0,0)
165. end
166. else
167. triggerClientEvent(player,"showStatusNotice",player,"No account found with this username and email!",255,0,0)
168. end
169. end
170.  
171. function verifyPassword(username, password, dbPassword, version)
172. if (username and password) then --make sure both are supplied
173. if(version == 0) then
174. return hash(username,password,version) == dbPassword
175. elseif(version == 1) then
176. return bcrypt_verify(username.."+"..password, dbPassword)
177. end
178. else
179. return false --unable to hash, due to the username + password being required!
180. end
181. end
182.  
183. function hash(username,password,version)
184. if (username and password) then --make sure both are supplied
185. if(not version) then version = LATEST_VERSION end
186. if(version == 0) then
187. local salt = tostring(#username + #password)
188. return sha512(username.."-"..password.."-"..salt)
189. elseif(version == 1) then
190. local salt = bcrypt_salt(50000)
191. return bcrypt_digest(username.."+"..password, salt)
192. end
193. else
194. return false --unable to hash, due to the username + password being required!
195. end
196. end
197.  
198. function checkForOldHash(username, password, inputPassword)
199. return false
200. --[[local passwordV2 = exports.security:stringEncryption(inputPassword, "SHA512")
201. local passwordV3 = hash(username, inputPassword)
202. if (password == passwordV2) then --Account is using the old hash
203. outputDebugString("Account "..username.." has V2 hash, updating to V3 hash...",0,0,255,0)
204. exports.mysql:execute("UPDATE accounts SET password=? WHERE username=?",passwordV3,username)
205. return true
206. else
207. --outputDebugString("Account not found / account already has new hash!",0,0,255,0)
208. return false --Account not found / Already has new hash.
209. end--]]
210. end
211.  
212. local chars = {"a",'b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5','6','7','8','9'}
213. function generatePassword()
214. local pass = ""
215. for i=1, 16 do
216. pass = pass..(chars[math.random(#chars)])
217. end
218. return pass
219. end