// Advance login & register - by Gammix - v2.1 - last updated: 4 Feb, 2017#inc

1. // Advance login & register - by Gammix - v2.1 - last updated: 4 Feb, 2017
2. #include <a_samp>
3.  
4. main()
5. {
6. SetGameModeText("Mode name here.");
7. }
8.  
9. #include <a_mysql>
10. #include <zcmd>
11. #include <sscanf2>
12. #include <easydialog>
13. #include <kickban>
14.  
15. #define COLOR_WHITE (0xFFFFFFFF)
16. #define COL_WHITE "{FFFFFF}"
17.  
18. #define COLOR_TOMATO (0xFF6347FF)
19. #define COL_TOMATO "{FF6347}"
20.  
21. #define COLOR_YELLOW (0xFFDD00FF)
22. #define COL_YELLOW "{FFDD00}"
23.  
24. #define COLOR_GREEN (0x00FF00FF)
25. #define COL_GREEN "{00FF00}"
26.  
27. #define COLOR_DEFAULT (0xA9C4E4FF)
28. #define COL_DEFAULT "{A9C4E4}"
29.  
30. #define MAX_LOGIN_ATTEMPTS 3
31. #define MAX_ACCOUNT_LOCKTIME 2 // mins
32.  
33. #define MIN_PASSWORD_LENGTH 4
34. #define MAX_PASSWORD_LENGTH 45
35.  
36. //#define SECURE_PASSWORD_ONLY // this forces the user to have atleast 1 Lowercase, 1 Highercase and 1 Number in their password
37.  
38. #define MAX_SECURITY_QUESTION_SIZE 128
39.  
40. new MySQL:conn;
41.  
42. new const SECURITY_QUESTIONS[][MAX_SECURITY_QUESTION_SIZE] =
43. {
44. "What was your childhood nickname?",
45. "What is the name of your favorite childhood friend?",
46. "In what city or town did your mother and father meet?",
47. "What is the middle name of your oldest child?",
48. "What is your favorite team?",
49. "What is your favorite movie?",
50. "What is the first name of the boy or girl that you first kissed?",
51. "What was the make and model of your first car?",
52. "What was the name of the hospital where you were born?",
53. "Who is your childhood sports hero?",
54. "In what town was your first job?",
55. "What was the name of the company where you had your first job?",
56. "What school did you attend for sixth grade?",
57. "What was the last name of your third grade teacher?"
58. };
59.  
60. enum e_USER
61. {
62. e_USER_SQLID,
63. e_USER_PASSWORD[64 + 1],
64. //e_USER_SALT[64 + 1],
65. e_USER_KILLS,
66. e_USER_DEATHS,
67. e_USER_SCORE,
68. e_USER_MONEY,
69. e_USER_ADMIN_LEVEL,
70. e_USER_VIP_LEVEL,
71. e_USER_REGISTER_TIMESTAMP,
72. e_USER_LASTLOGIN_TIMESTAMP,
73. e_USER_SECURITY_QUESTION[MAX_SECURITY_QUESTION_SIZE],
74. e_USER_SECURITY_ANSWER[64 + 1]
75. };
76. new eUser[MAX_PLAYERS][e_USER];
77. new iLoginAttempts[MAX_PLAYERS];
78. new iAnswerAttempts[MAX_PLAYERS];
79.  
80. IpToLong(const address[])
81. {
82. new parts[4];
83. sscanf(address, "p<.>a<i>[4]", parts);
84. return ((parts[0] << 24) | (parts[1] << 16) | (parts[2] << 8) | parts[3]);
85. }
86.  
87. ReturnTimelapse(start, till)
88. {
89. new ret[32];
90. new seconds = till - start;
91.  
92. const
93. MINUTE = 60,
94. HOUR = 60 * MINUTE,
95. DAY = 24 * HOUR,
96. MONTH = 30 * DAY;
97.  
98. if (seconds == 1)
99. format(ret, sizeof(ret), "a second");
100. if (seconds < (1 * MINUTE))
101. format(ret, sizeof(ret), "%i seconds", seconds);
102. else if (seconds < (2 * MINUTE))
103. format(ret, sizeof(ret), "a minute");
104. else if (seconds < (45 * MINUTE))
105. format(ret, sizeof(ret), "%i minutes", (seconds / MINUTE));
106. else if (seconds < (90 * MINUTE))
107. format(ret, sizeof(ret), "an hour");
108. else if (seconds < (24 * HOUR))
109. format(ret, sizeof(ret), "%i hours", (seconds / HOUR));
110. else if (seconds < (48 * HOUR))
111. format(ret, sizeof(ret), "a day");
112. else if (seconds < (30 * DAY))
113. format(ret, sizeof(ret), "%i days", (seconds / DAY));
114. else if (seconds < (12 * MONTH))
115. {
116. new months = floatround(seconds / DAY / 30);
117. if (months <= 1)
118. format(ret, sizeof(ret), "a month");
119. else
120. format(ret, sizeof(ret), "%i months", months);
121. }
122. else
123. {
124. new years = floatround(seconds / DAY / 365);
125. if (years <= 1)
126. format(ret, sizeof(ret), "a year");
127. else
128. format(ret, sizeof(ret), "%i years", years);
129. }
130. return ret;
131. }
132.  
133. public OnGameModeInit()
134. {
135. new MySQLOpt:options = mysql_init_options();
136. mysql_set_option(options, SERVER_PORT, 3306);
137.  
138. mysql_log(ALL);
139.  
140. conn = mysql_connect("localhost", "root", "", "sa-mp", options);
141.  
142. new string[1024];
143. string = "CREATE TABLE IF NOT EXISTS `users`(\
144. `id` INT, \
145. `name` VARCHAR(24), \
146. `ip` VARCHAR(18), \
147. `longip` INT, \
148. `password` VARCHAR(64), \
149. `salt` VARCHAR(64), \
150. `sec_question` VARCHAR("#MAX_SECURITY_QUESTION_SIZE"), \
151. `sec_answer` VARCHAR(64), ";
152. strcat(string, "`register_timestamp` INT, \
153. `lastlogin_timestamp` INT, \
154. `kills` INT, \
155. `deaths` INT, \
156. `score` INT, \
157. `money` INT, \
158. `adminlevel` INT, \
159. `viplevel` INT, \
160. PRIMARY KEY(`id`))");
161. mysql_tquery(conn, string);
162.  
163. mysql_tquery(conn, "CREATE TABLE IF NOT EXISTS `temp_blocked_users` (\
164. `ip` VARCHAR(18), \
165. `lock_timestamp` INT, \
166. `user_id` INT)");
167.  
168. //EnableVehicleFriendlyFire();
169. DisableInteriorEnterExits();
170. UsePlayerPedAnims();
171. return 1;
172. }
173.  
174. public OnGameModeExit()
175. {
176. mysql_close(conn);
177. return 1;
178. }
179.  
180. public OnPlayerConnect(playerid)
181. {
182. new name[MAX_PLAYER_NAME];
183. GetPlayerName(playerid, name, MAX_PLAYER_NAME);
184.  
185. new string[150];
186. mysql_format(conn, string, sizeof(string), "SELECT * FROM `users` WHERE `name` = '%e' LIMIT 1", name);
187. mysql_tquery(conn, string, "OnPlayerJoin", "i", playerid);
188. return 1;
189. }
190.  
191. public OnPlayerDisconnect(playerid, reason)
192. {
193. if(GetPVarInt(playerid, "LoggedIn") == 1)
194. {
195. new string[1024],
196. name[MAX_PLAYER_NAME];
197.  
198. GetPlayerName(playerid, name, MAX_PLAYER_NAME);
199.  
200. mysql_format(conn, string, sizeof(string), "UPDATE `users` SET `name` = '%s', `password` = '%e', `salt` = '%e', `sec_question` = '%e', `sec_answer` = '%e', `kills` = %i, `deaths` = %i, `score` = %i, `money` = %i, `adminlevel` = %i, `viplevel` = %i WHERE `id` = %i",
201. name, eUser[playerid][e_USER_PASSWORD], eUser[playerid][e_USER_SALT], eUser[playerid][e_USER_SECURITY_QUESTION], eUser[playerid][e_USER_SECURITY_ANSWER], eUser[playerid][e_USER_KILLS], eUser[playerid][e_USER_DEATHS], GetPlayerScore(playerid), GetPlayerMoney(playerid), eUser[playerid][e_USER_ADMIN_LEVEL], eUser[playerid][e_USER_VIP_LEVEL], eUser[playerid][e_USER_SQLID]);
202. mysql_tquery(conn, string);
203. }
204. return 1;
205. }
206.  
207. public OnPlayerRequestClass(playerid, classid)
208. {
209. if (!GetPVarInt(playerid, "LoggedIn"))
210. {
211. SetPlayerCameraPos(playerid, -144.2838, 1244.2357, 35.6595);
212. SetPlayerCameraLookAt(playerid, -144.2255, 1243.2335, 35.3393, CAMERA_MOVE);
213. }
214. else
215. {
216. SetPlayerPos(playerid, -314.7314, 1052.8170, 20.3403);
217. SetPlayerFacingAngle(playerid, 357.8575);
218. SetPlayerCameraPos(playerid, -312.2127, 1055.5232, 20.5785);
219. SetPlayerCameraLookAt(playerid, -313.0236, 1054.9427, 20.5334, CAMERA_MOVE);
220. }
221. return 1;
222. }
223.  
224. public OnPlayerRequestSpawn(playerid)
225. {
226. if (!GetPVarInt(playerid, "LoggedIn"))
227. {
228. GameTextForPlayer(playerid, "~n~~n~~n~~n~~r~Login/Register first before spawning!", 3000, 3);
229. return 0;
230. }
231. return 1;
232. }
233.  
234. public OnPlayerSpawn(playerid)
235. {
236. SetPlayerPos(playerid, -314.7314, 1052.8170, 20.3403);
237. SetPlayerFacingAngle(playerid, 357.8575);
238. return 1;
239. }
240.  
241. forward OnPlayerJoin(playerid);
242. public OnPlayerJoin(playerid)
243. {
244. for (new i; i < 100; i++)
245. {
246. SendClientMessage(playerid, COLOR_WHITE, "");
247. }
248. SendClientMessage(playerid, COLOR_YELLOW, "You have connected to \"SA-MP 0.3.7 Server\"");
249. PlayerPlaySound(playerid, 1054, 0.0, 0.0, 0.0);
250.  
251. if (cache_num_rows() == 0)
252. {
253. eUser[playerid][e_USER_SQLID] = -1;
254. eUser[playerid][e_USER_PASSWORD][0] = EOS;
255. eUser[playerid][e_USER_SALT][0] = EOS;
256. eUser[playerid][e_USER_KILLS] = 0;
257. eUser[playerid][e_USER_DEATHS] = 0;
258. eUser[playerid][e_USER_SCORE] = 0;
259. eUser[playerid][e_USER_MONEY] = 0;
260. eUser[playerid][e_USER_ADMIN_LEVEL] = 0;
261. eUser[playerid][e_USER_VIP_LEVEL] = 0;
262. eUser[playerid][e_USER_REGISTER_TIMESTAMP] = 0;
263. eUser[playerid][e_USER_LASTLOGIN_TIMESTAMP] = 0;
264. eUser[playerid][e_USER_SECURITY_QUESTION][0] = EOS;
265. eUser[playerid][e_USER_SECURITY_ANSWER][0] = EOS;
266.  
267. Dialog_Show(playerid, REGISTER, DIALOG_STYLE_PASSWORD, "Account Registeration... [Step: 1/3]", COL_WHITE "Welcome to our server. We will take you through "COL_GREEN"3 simple steps "COL_WHITE"to register your account with a backup option in case you forgot your password!\nPlease enter a password, "COL_TOMATO"case sensitivity"COL_WHITE" is on.", "Continue", "Options");
268. SendClientMessage(playerid, COLOR_WHITE, "[Step: 1/3] Enter your new account's password.");
269. }
270. else
271. {
272. iLoginAttempts[playerid] = 0;
273. iAnswerAttempts[playerid] = 0;
274.  
275. cache_get_value_name_int(0, "id", eUser[playerid][e_USER_SQLID]);
276. cache_get_value_name(0, "password", eUser[playerid][e_USER_PASSWORD], 64);
277. cache_get_value_name(0, "salt", eUser[playerid][e_USER_SALT], 64);
278. eUser[playerid][e_USER_SALT][64] = EOS;
279. cache_get_value_name_int(0, "kills", eUser[playerid][e_USER_KILLS]);
280. cache_get_value_name_int(0, "deaths", eUser[playerid][e_USER_DEATHS]);
281. cache_get_value_name_int(0, "score", eUser[playerid][e_USER_SCORE]);
282. cache_get_value_name_int(0, "money", eUser[playerid][e_USER_MONEY]);
283. cache_get_value_name_int(0, "adminlevel", eUser[playerid][e_USER_ADMIN_LEVEL]);
284. cache_get_value_name_int(0, "viplevel", eUser[playerid][e_USER_VIP_LEVEL]);
285. cache_get_value_name_int(0, "register_timestamp", eUser[playerid][e_USER_REGISTER_TIMESTAMP]);
286. cache_get_value_name_int(0, "lastlogin_timestamp", eUser[playerid][e_USER_LASTLOGIN_TIMESTAMP]);
287. cache_get_value_name(0, "sec_question", eUser[playerid][e_USER_SECURITY_QUESTION], MAX_SECURITY_QUESTION_SIZE);
288. cache_get_value_name(0, "sec_answer", eUser[playerid][e_USER_SECURITY_ANSWER], MAX_PASSWORD_LENGTH * 2);
289. cache_unset_active();
290.  
291. new string[512];
292. mysql_format(conn, string, sizeof(string), "SELECT `lock_timestamp` FROM `temp_blocked_users` WHERE `user_id` = %i LIMIT 1", eUser[playerid][e_USER_SQLID]);
293. new Cache:lock_result = mysql_query(conn, string);
294. if (cache_num_rows() == 1)
295. {
296. new lock_timestamp;
297. cache_get_value_index_int(0, 0, lock_timestamp);
298. if ((gettime() - lock_timestamp) < 0)
299. {
300. SendClientMessage(playerid, COLOR_TOMATO, "Sorry! The account is temporarily locked on your IP. due to "#MAX_LOGIN_ATTEMPTS"/"#MAX_LOGIN_ATTEMPTS" failed login attempts.");
301. format(string, sizeof(string), "You'll be able to try again in %s.", ReturnTimelapse(gettime(), lock_timestamp));
302. SendClientMessage(playerid, COLOR_TOMATO, string);
303. cache_delete(lock_result);
304. return Kick(playerid);
305. }
306. else
307. {
308. new ip[18];
309. GetPlayerIp(playerid, ip, 18);
310. mysql_format(conn, string, sizeof(string), "DELETE FROM `temp_blocked_users` WHERE `user_id` = %i AND `ip` = '%s'", eUser[playerid][e_USER_SQLID], ip);
311. mysql_tquery(conn, string);
312. }
313. }
314. cache_delete(lock_result);
315.  
316. Dialog_Show(playerid, LOGIN, DIALOG_STYLE_PASSWORD, "Account Login...", COL_WHITE "Insert your secret password to access this account. If you failed in "COL_YELLOW""#MAX_LOGIN_ATTEMPTS" "COL_WHITE"attempts, account will be locked for "COL_YELLOW""#MAX_ACCOUNT_LOCKTIME" "COL_WHITE"minutes.", "Continue", "Options");
317. }
318. return 1;
319. }
320.  
321. Dialog:LOGIN(playerid, response, listitem, inputtext[])
322. {
323. if (!response)
324. {
325. Dialog_Show(playerid, OPTIONS, DIALOG_STYLE_LIST, "Account Options...", "Forgot password\nForgot username\nExit to desktop", "Select", "Back");
326. return 1;
327. }
328.  
329. new string[256];
330.  
331. //new hash[64];
332. //SHA256_PassHash(inputtext, eUser[playerid][e_USER_SALT], hash, sizeof(hash));
333. if (strcmp(hash, eUser[playerid][e_USER_PASSWORD]))
334. {
335. if (++iLoginAttempts[playerid] == MAX_LOGIN_ATTEMPTS)
336. {
337. new lock_timestamp = gettime() + (MAX_ACCOUNT_LOCKTIME * 60);
338. new ip[18];
339. GetPlayerIp(playerid, ip, 18);
340. mysql_format(conn, string, sizeof(string), "INSERT INTO `temp_blocked_users` VALUES('%s', %i, %i)", ip, lock_timestamp, eUser[playerid][e_USER_SQLID]);
341. mysql_tquery(conn, string);
342.  
343. SendClientMessage(playerid, COLOR_TOMATO, "Sorry! The account has been temporarily locked on your IP. due to "#MAX_LOGIN_ATTEMPTS"/"#MAX_LOGIN_ATTEMPTS" failed login attempts.");
344. format(string, sizeof(string), "If you forgot your password/username, click on 'Options' in login window next time (you may retry in %s).", ReturnTimelapse(gettime(), lock_timestamp));
345. SendClientMessage(playerid, COLOR_TOMATO, string);
346. return Kick(playerid);
347. }
348.  
349. Dialog_Show(playerid, LOGIN, DIALOG_STYLE_INPUT, "Account Login...", COL_WHITE "Insert your secret password to access this account. If you failed in "COL_YELLOW""#MAX_LOGIN_ATTEMPTS" "COL_WHITE"attempts, account will be locked for "COL_YELLOW""#MAX_ACCOUNT_LOCKTIME" "COL_WHITE"minutes.", "Continue", "Options");
350. format(string, sizeof(string), "Incorrect password! Your login tries left: %i/"#MAX_LOGIN_ATTEMPTS" attempts.", iLoginAttempts[playerid]);
351. SendClientMessage(playerid, COLOR_TOMATO, string);
352. return 1;
353. }
354.  
355. new name[MAX_PLAYER_NAME],
356. ip[18];
357. GetPlayerName(playerid, name, MAX_PLAYER_NAME);
358. GetPlayerIp(playerid, ip, 18);
359. mysql_format(conn, string, sizeof(string), "UPDATE `users` SET `lastlogin_timestamp` = %i, `ip` = '%s', `longip` = %i WHERE `id` = %i", gettime(), ip, IpToLong(ip), eUser[playerid][e_USER_SQLID]);
360. mysql_tquery(conn, string);
361.  
362. format(string, sizeof(string), "Successfully logged in! Welcome back to our server %s, we hope you enjoy your stay. [Last login: %s ago]", name, ReturnTimelapse(eUser[playerid][e_USER_LASTLOGIN_TIMESTAMP], gettime()));
363. SendClientMessage(playerid, COLOR_GREEN, string);
364. PlayerPlaySound(playerid, 1057, 0.0, 0.0, 0.0);
365. SetPVarInt(playerid, "LoggedIn", 1);
366. OnPlayerRequestClass(playerid, 0);
367. return 1;
368. }
369.  
370. Dialog:REGISTER(playerid, response, listitem, inputtext[])
371. {
372. if (!response)
373. {
374. Dialog_Show(playerid, OPTIONS, DIALOG_STYLE_LIST, "Account Options...", "Forgot password\nForgot username\nExit to desktop", "Select", "Back");
375. return 1;
376. }
377.  
378. if (!(MIN_PASSWORD_LENGTH <= strlen(inputtext) <= MAX_PASSWORD_LENGTH))
379. {
380. Dialog_Show(playerid, REGISTER, DIALOG_STYLE_PASSWORD, "Account Registeration... [Step: 1/3]", COL_WHITE "Welcome to our server. We will take you through "COL_GREEN"3 simple steps "COL_WHITE"to register your account with a backup option in case you forgot your password!\nPlease enter a password, "COL_TOMATO"case sensitivity"COL_WHITE" is on.", "Continue", "Options");
381. SendClientMessage(playerid, COLOR_TOMATO, "Invalid password length, must be between "#MIN_PASSWORD_LENGTH" - "#MAX_PASSWORD_LENGTH" characters.");
382. return 1;
383. }
384.  
385. #if defined SECURE_PASSWORD_ONLY
386. new bool:contain_number,
387. bool:contain_highercase,
388. bool:contain_lowercase;
389. for (new i, j = strlen(inputtext); i < j; i++)
390. {
391. switch (inputtext[i])
392. {
393. case '0'..'9':
394. contain_number = true;
395. case 'A'..'Z':
396. contain_highercase = true;
397. case 'a'..'z':
398. contain_lowercase = true;
399. }
400.  
401. if (contain_number && contain_highercase && contain_lowercase)
402. break;
403. }
404.  
405. if (!contain_number || !contain_highercase || !contain_lowercase)
406. {
407. Dialog_Show(playerid, REGISTER, DIALOG_STYLE_INPUT, "Account Registeration... [Step: 1/3]", COL_WHITE "Welcome to our server. We will take you through "COL_GREEN"3 simple steps "COL_WHITE"to register your account with a backup option in case you forgot your password!\nPlease enter a password, "COL_TOMATO"case sensitivity"COL_WHITE" is on.", "Continue", "Options");
408. SendClientMessage(playerid, COLOR_TOMATO, "Password must contain atleast a Highercase, a Lowercase and a Number.");
409. return 1;
410. }
411. #endif
412.  
413. for (new i; i < 64; i++)
414. {
415. eUser[playerid][e_USER_SALT][i] = (random('z' - 'A') + 'A');
416. }
417. //eUser[playerid][e_USER_SALT][64] = EOS;
418. //SHA256_PassHash(inputtext, eUser[playerid][e_USER_SALT], eUser[playerid][e_USER_PASSWORD], 64);
419.  
420. new list[2 + (sizeof(SECURITY_QUESTIONS) * MAX_SECURITY_QUESTION_SIZE)];
421. for (new i; i < sizeof(SECURITY_QUESTIONS); i++)
422. {
423. strcat(list, SECURITY_QUESTIONS[i]);
424. strcat(list, "\n");
425. }
426. Dialog_Show(playerid, SEC_QUESTION, DIALOG_STYLE_LIST, "Account Registeration... [Step: 2/3]", list, "Continue", "Back");
427. SendClientMessage(playerid, COLOR_WHITE, "[Step: 2/3] Select a security question. This will help you retrieve your password in case you forget it any time soon!");
428. PlayerPlaySound(playerid, 1054, 0.0, 0.0, 0.0);
429. return 1;
430. }
431.  
432. Dialog:SEC_QUESTION(playerid, response, listitem, inputtext[])
433. {
434. if (!response)
435. {
436. Dialog_Show(playerid, REGISTER, DIALOG_STYLE_PASSWORD, "Account Registeration... [Step: 1/3]", COL_WHITE "Welcome to our server. We will take you through "COL_GREEN"3 simple steps "COL_WHITE"to register your account with a backup option in case you forgot your password!\nPlease enter a password, "COL_TOMATO"case sensitivity"COL_WHITE" is on.", "Continue", "Options");
437. SendClientMessage(playerid, COLOR_WHITE, "[Step: 1/3] Enter your new account's password.");
438. return 1;
439. }
440.  
441. format(eUser[playerid][e_USER_SECURITY_QUESTION], MAX_SECURITY_QUESTION_SIZE, SECURITY_QUESTIONS[listitem]);
442.  
443. new string[256];
444. format(string, sizeof(string), COL_TOMATO "%s\n"COL_WHITE"Insert your answer below in the box. (don't worry about CAPS, answers are NOT case sensitive).", SECURITY_QUESTIONS[listitem]);
445. Dialog_Show(playerid, SEC_ANSWER, DIALOG_STYLE_INPUT, "Account Registeration... [Step: 3/3]", string, "Confirm", "Back");
446. SendClientMessage(playerid, COLOR_WHITE, "[Step: 3/3] Write the answer to your secuirty question and you'll be done :)");
447. PlayerPlaySound(playerid, 1054, 0.0, 0.0, 0.0);
448. return 1;
449. }
450.  
451. Dialog:SEC_ANSWER(playerid, response, listitem, inputtext[])
452. {
453. if (!response)
454. {
455. new list[2 + (sizeof(SECURITY_QUESTIONS) * MAX_SECURITY_QUESTION_SIZE)];
456. for (new i; i < sizeof(SECURITY_QUESTIONS); i++)
457. {
458. strcat(list, SECURITY_QUESTIONS[i]);
459. strcat(list, "\n");
460. }
461. Dialog_Show(playerid, SEC_QUESTION, DIALOG_STYLE_LIST, "Account Registeration... [Step: 2/3]", list, "Continue", "Back");
462. SendClientMessage(playerid, COLOR_WHITE, "[Step: 2/3] Select a security question. This will help you retrieve your password in case you forget it any time soon!");
463. return 1;
464. }
465.  
466. new string[512];
467.  
468. if (strlen(inputtext) < MIN_PASSWORD_LENGTH || inputtext[0] == ' ')
469. {
470. format(string, sizeof(string), COL_TOMATO "%s\n"COL_WHITE"Insert your answer below in the box. (don't worry about CAPS, answers are NOT case sensitive).", SECURITY_QUESTIONS[listitem]);
471. Dialog_Show(playerid, SEC_ANSWER, DIALOG_STYLE_INPUT, "Account Registeration... [Step: 3/3]", string, "Confirm", "Back");
472. SendClientMessage(playerid, COLOR_TOMATO, "Security answer cannot be an less than "#MIN_PASSWORD_LENGTH" characters.");
473. return 1;
474. }
475.  
476. for (new i, j = strlen(inputtext); i < j; i++)
477. {
478. inputtext[i] = tolower(inputtext[i]);
479. }
480. //SHA256_PassHash(inputtext, eUser[playerid][e_USER_SALT], eUser[playerid][e_USER_SECURITY_ANSWER], 64);
481.  
482. new name[MAX_PLAYER_NAME],
483. ip[18];
484. GetPlayerName(playerid, name, MAX_PLAYER_NAME);
485. GetPlayerIp(playerid, ip, 18);
486. mysql_format(conn, string, sizeof(string), "INSERT INTO `users`(`name`, `ip`, `longip`, `password`, `salt`, `sec_question`, `sec_answer`, `register_timestamp`, `lastlogin_timestamp`) VALUES('%s', '%s', %i, '%e', '%e', '%e', '%e', %i, %i)", name, ip, IpToLong(ip), eUser[playerid][e_USER_PASSWORD], eUser[playerid][e_USER_SALT], eUser[playerid][e_USER_SECURITY_QUESTION], eUser[playerid][e_USER_SECURITY_ANSWER], gettime(), gettime());
487. mysql_tquery(conn, string, "OnPlayerRegister", "i", playerid);
488.  
489. format(string, sizeof(string), "Successfully registered! Welcome to our server %s, we hope you enjoy your stay. [IP: %s]", name, ip);
490. SendClientMessage(playerid, COLOR_GREEN, string);
491. PlayerPlaySound(playerid, 1057, 0.0, 0.0, 0.0);
492. SetPVarInt(playerid, "LoggedIn", 1);
493. OnPlayerRequestClass(playerid, 0);
494. return 1;
495. }
496.  
497. forward OnPlayerRegister(playerid);
498. public OnPlayerRegister(playerid)
499. {
500. eUser[playerid][e_USER_SQLID] = cache_insert_id();
501. cache_unset_active();
502. }
503.  
504. Dialog:OPTIONS(playerid, response, listitem, inputtext[])
505. {
506. if (!response)
507. {
508. if (eUser[playerid][e_USER_SQLID] != -1)
509. Dialog_Show(playerid, LOGIN, DIALOG_STYLE_PASSWORD, "Account Login...", COL_WHITE "Insert your secret password to access this account. If you failed in "COL_YELLOW""#MAX_LOGIN_ATTEMPTS" "COL_WHITE"attempts, account will be locked for "COL_YELLOW""#MAX_ACCOUNT_LOCKTIME" "COL_WHITE"minutes.", "Continue", "Options");
510. else
511. Dialog_Show(playerid, REGISTER, DIALOG_STYLE_PASSWORD, "Account Registeration... [Step: 1/3]", COL_WHITE "Welcome to our server. We will take you through "COL_GREEN"3 simple steps "COL_WHITE"to register your account with a backup option in case you forgot your password!\nPlease enter a password, "COL_TOMATO"case sensitivity"COL_WHITE" is on.", "Continue", "Options");
512. return 1;
513. }
514.  
515. switch (listitem)
516. {
517. case 0:
518. {
519. if (eUser[playerid][e_USER_SQLID] == -1)
520. {
521. SendClientMessage(playerid, COLOR_TOMATO, "This account isn't registered, try 'Forgot Username' or change your name and connect.");
522. Dialog_Show(playerid, OPTIONS, DIALOG_STYLE_LIST, "Account Options...", "Forgot password\nForgot username\nExit to desktop", "Select", "Back");
523. return 1;
524. }
525.  
526. new string[64 + MAX_SECURITY_QUESTION_SIZE];
527. format(string, sizeof(string), COL_WHITE "Answer your security question to reset password.\n\n"COL_TOMATO"%s", eUser[playerid][e_USER_SECURITY_QUESTION]);
528. Dialog_Show(playerid, FORGOT_PASSWORD, DIALOG_STYLE_INPUT, "Forgot Password:", string, "Next", "Cancel");
529. }
530. case 1:
531. {
532. const MASK = (-1 << (32 - 36));
533. new string[256],
534. ip[18];
535. GetPlayerIp(playerid, ip, 18);
536. mysql_format(conn, string, sizeof(string), "SELECT `name`, `lastlogin_timestamp` FROM `users` WHERE ((`longip` & %i) = %i) LIMIT 1", MASK, (IpToLong(ip) & MASK));
537. mysql_tquery(conn, string, "OnUsernamesLoad", "i", playerid);
538. }
539.  
540. case 2:
541. {
542. return Kick(playerid);
543. }
544. }
545. return 1;
546. }
547.  
548. forward OnUsernamesLoad(playerid);
549. public OnUsernamesLoad(playerid)
550. {
551. if (cache_num_rows() == 0)
552. {
553. SendClientMessage(playerid, COLOR_TOMATO, "There are no accounts realted to this ip, this seems to be your first join!");
554. Dialog_Show(playerid, OPTIONS, DIALOG_STYLE_LIST, "Account Options...", "Forgot password\nForgot username\nExit to desktop", "Select", "Back");
555. return;
556. }
557.  
558. new list[25 * (MAX_PLAYER_NAME + 32)],
559. name[MAX_PLAYER_NAME],
560. lastlogin_timestamp;
561.  
562. for (new i, j = ((cache_num_rows() > 10) ? (10) : (cache_num_rows())); i < j; i++)
563. {
564. cache_get_value_index(i, 0, name, MAX_PLAYER_NAME);
565. cache_get_value_index_int(i, 1, lastlogin_timestamp);
566. format(list, sizeof(list), "%s"COL_TOMATO"%s "COL_WHITE"|| Last login: %s ago\n", list, name, ReturnTimelapse(lastlogin_timestamp, gettime()));
567. }
568. cache_unset_active();
569.  
570. Dialog_Show(playerid, FORGOT_USERNAME, DIALOG_STYLE_LIST, "Your username history...", list, "Ok", "");
571. PlayerPlaySound(playerid, 1054, 0.0, 0.0, 0.0);
572. }
573.  
574. Dialog:FORGOT_PASSWORD(playerid, response, listitem, inputtext[])
575. {
576. if (!response)
577. {
578. Dialog_Show(playerid, OPTIONS, DIALOG_STYLE_LIST, "Account Options...", "Forgot password\nForgot username\nExit to desktop", "Select", "Back");
579. return 1;
580. }
581.  
582. new string[256],
583. hash[64];
584. SHA256_PassHash(inputtext, eUser[playerid][e_USER_SALT], hash, sizeof(hash));
585. if (strcmp(hash, eUser[playerid][e_USER_SECURITY_ANSWER]))
586. {
587. if (++iAnswerAttempts[playerid] == MAX_LOGIN_ATTEMPTS)
588. {
589. new lock_timestamp = gettime() + (MAX_ACCOUNT_LOCKTIME * 60);
590. new ip[18];
591. GetPlayerIp(playerid, ip, 18);
592. mysql_format(conn, string, sizeof(string), "INSERT INTO `temp_blocked_users` VALUES('%s', %i, %i)", ip, lock_timestamp, eUser[playerid][e_USER_SQLID]);
593. mysql_tquery(conn, string);
594.  
595. SendClientMessage(playerid, COLOR_TOMATO, "Sorry! The account has been temporarily locked on your IP. due to "#MAX_LOGIN_ATTEMPTS"/"#MAX_LOGIN_ATTEMPTS" failed login attempts.");
596. format(string, sizeof(string), "If you forgot your password/username, click on 'Options' in login window next time (you may retry in %s).", ReturnTimelapse(gettime(), lock_timestamp));
597. SendClientMessage(playerid, COLOR_TOMATO, string);
598. return Kick(playerid);
599. }
600.  
601. format(string, sizeof(string), COL_WHITE "Answer your security question to reset password.\n\n"COL_TOMATO"%s", eUser[playerid][e_USER_SECURITY_QUESTION]);
602. Dialog_Show(playerid, FORGOT_PASSWORD, DIALOG_STYLE_INPUT, "Forgot Password:", string, "Next", "Cancel");
603. format(string, sizeof(string), "Incorrect answer! Your tries left: %i/"#MAX_LOGIN_ATTEMPTS" attempts.", iAnswerAttempts[playerid]);
604. SendClientMessage(playerid, COLOR_TOMATO, string);
605. return 1;
606. }
607.  
608. Dialog_Show(playerid, RESET_PASSWORD, DIALOG_STYLE_PASSWORD, "Reset Password:", COL_WHITE "Insert a new password for your account. Also in case you want to change security question for later, use /ucp.", "Confirm", "");
609. SendClientMessage(playerid, COLOR_GREEN, "Successfully answered your security question! You shall now reset your password.");
610. PlayerPlaySound(playerid, 1057, 0.0, 0.0, 0.0);
611. return 1;
612. }
613.  
614. Dialog:RESET_PASSWORD(playerid, response, listitem, inputtext[])
615. {
616. if (!response)
617. {
618. Dialog_Show(playerid, RESET_PASSWORD, DIALOG_STYLE_PASSWORD, "Reset Password:", COL_WHITE "Insert a new password for your account. Also in case you want to change security question for later, use /ucp.", "Confirm", "");
619. return 1;
620. }
621.  
622. new string[256];
623.  
624. if (!(MIN_PASSWORD_LENGTH <= strlen(inputtext) <= MAX_PASSWORD_LENGTH))
625. {
626. Dialog_Show(playerid, RESET_PASSWORD, DIALOG_STYLE_PASSWORD, "Reset Password:", COL_WHITE "Insert a new password for your account. Also in case you want to change security question for later, use /ucp.", "Confirm", "");
627. SendClientMessage(playerid, COLOR_TOMATO, "Invalid password length, must be between "#MIN_PASSWORD_LENGTH" - "#MAX_PASSWORD_LENGTH" characters.");
628. return 1;
629. }
630.  
631. #if defined SECURE_PASSWORD_ONLY
632. new bool:contain_number,
633. bool:contain_highercase,
634. bool:contain_lowercase;
635. for (new i, j = strlen(inputtext); i < j; i++)
636. {
637. switch (inputtext[i])
638. {
639. case '0'..'9':
640. contain_number = true;
641. case 'A'..'Z':
642. contain_highercase = true;
643. case 'a'..'z':
644. contain_lowercase = true;
645. }
646.  
647. if (contain_number && contain_highercase && contain_lowercase)
648. break;
649. }
650.  
651. if (!contain_number || !contain_highercase || !contain_lowercase)
652. {
653. Dialog_Show(playerid, RESET_PASSWORD, DIALOG_STYLE_PASSWORD, "Reset Password:", COL_WHITE "Insert a new password for your account. Also in case you want to change security question for later, use /ucp.", "Confirm", "");
654. SendClientMessage(playerid, COLOR_TOMATO, "Password must contain atleast a Highercase, a Lowercase and a Number.");
655. return 1;
656. }
657. #endif
658.  
659. SHA256_PassHash(inputtext, eUser[playerid][e_USER_SALT], eUser[playerid][e_USER_PASSWORD], 64);
660.  
661. new name[MAX_PLAYER_NAME],
662. ip[18];
663. GetPlayerName(playerid, name, MAX_PLAYER_NAME);
664. GetPlayerIp(playerid, ip, 18);
665. mysql_format(conn, string, sizeof(string), "UPDATE `users` SET `password` = '%e', `ip` = '%s', `longip` = %i, `lastlogin_timestamp` = %i WHERE `id` = %i", eUser[playerid][e_USER_PASSWORD], ip, IpToLong(ip), gettime(), eUser[playerid][e_USER_SQLID]);
666. mysql_tquery(conn, string);
667.  
668. format(string, sizeof(string), "Successfully logged in with new password! Welcome back to our server %s, we hope you enjoy your stay. [Last login: %s ago]", name, ReturnTimelapse(eUser[playerid][e_USER_LASTLOGIN_TIMESTAMP], gettime()));
669. SendClientMessage(playerid, COLOR_GREEN, string);
670. PlayerPlaySound(playerid, 1057, 0.0, 0.0, 0.0);
671. SetPVarInt(playerid, "LoggedIn", 1);
672. OnPlayerRequestClass(playerid, 0);
673. return 1;
674. }
675.  
676. Dialog:FORGOT_USERNAME(playerid, response, listitem, inputtext[])
677. {
678. Dialog_Show(playerid, OPTIONS, DIALOG_STYLE_LIST, "Account Options...", "Forgot password\nForgot username\nExit to desktop", "Select", "Back");
679. return 1;
680. }
681.  
682. CMD:changepass(playerid, params[])
683. {
684. if (eUser[playerid][e_USER_SQLID] != 1)
685. {
686. SendClientMessage(playerid, COLOR_TOMATO, "Only registered users can use this command.");
687. return 1;
688. }
689.  
690. Dialog_Show(playerid, CHANGE_PASSWORD, DIALOG_STYLE_PASSWORD, "Change account password...", COL_WHITE "Insert a new password for your account, Passwords are "COL_YELLOW"case sensitive"COL_WHITE".", "Confirm", "Cancel");
691. SendClientMessage(playerid, COLOR_WHITE, "Enter your new password.");
692. PlayerPlaySound(playerid, 1054, 0.0, 0.0, 0.0);
693. return 1;
694. }
695.  
696. Dialog:CHANGE_PASSWORD(playerid, response, listitem, inputtext[])
697. {
698. if (!response)
699. return 1;
700.  
701. if (!(MIN_PASSWORD_LENGTH <= strlen(inputtext) <= MAX_PASSWORD_LENGTH))
702. {
703. Dialog_Show(playerid, CHANGE_PASSWORD, DIALOG_STYLE_PASSWORD, "Change account password...", COL_WHITE "Insert a new password for your account, Passwords are "COL_YELLOW"case sensitive"COL_WHITE".", "Confirm", "Cancel");
704. SendClientMessage(playerid, COLOR_TOMATO, "Invalid password length, must be between "#MIN_PASSWORD_LENGTH" - "#MAX_PASSWORD_LENGTH" characters.");
705. return 1;
706. }
707.  
708. #if defined SECURE_PASSWORD_ONLY
709. new bool:contain_number,
710. bool:contain_highercase,
711. bool:contain_lowercase;
712. for (new i, j = strlen(inputtext); i < j; i++)
713. {
714. switch (inputtext[i])
715. {
716. case '0'..'9':
717. contain_number = true;
718. case 'A'..'Z':
719. contain_highercase = true;
720. case 'a'..'z':
721. contain_lowercase = true;
722. }
723.  
724. if (contain_number && contain_highercase && contain_lowercase)
725. break;
726. }
727.  
728. if (!contain_number || !contain_highercase || !contain_lowercase)
729. {
730. Dialog_Show(playerid, CHANGE_PASSWORD, DIALOG_STYLE_INPUT, "Change account password...", COL_WHITE "Insert a new password for your account, Passwords are "COL_YELLOW"case sensitive"COL_WHITE".", "Confirm", "Cancel");
731. SendClientMessage(playerid, COLOR_TOMATO, "Password must contain atleast a Highercase, a Lowercase and a Number.");
732. return 1;
733. }
734. #endif
735.  
736. SHA256_PassHash(inputtext, eUser[playerid][e_USER_SALT], eUser[playerid][e_USER_PASSWORD], 64);
737.  
738. new string[256];
739. for (new i, j = strlen(inputtext); i < j; i++)
740. {
741. inputtext[i] = '*';
742. }
743. format(string, sizeof(string), "Successfully changed your password. [P: %s]", inputtext);
744. SendClientMessage(playerid, COLOR_GREEN, string);
745. PlayerPlaySound(playerid, 1057, 0.0, 0.0, 0.0);
746. return 1;
747. }
748.  
749. CMD:changeques(playerid, params[])
750. {
751. if (eUser[playerid][e_USER_SQLID] != 1)
752. {
753. SendClientMessage(playerid, COLOR_TOMATO, "Only registered users can use this command.");
754. return 1;
755. }
756.  
757. new list[2 + (sizeof(SECURITY_QUESTIONS) * MAX_SECURITY_QUESTION_SIZE)];
758. for (new i; i < sizeof(SECURITY_QUESTIONS); i++)
759. {
760. strcat(list, SECURITY_QUESTIONS[i]);
761. strcat(list, "\n");
762. }
763. Dialog_Show(playerid, CHANGE_SEC_QUESTION, DIALOG_STYLE_LIST, "Change account security question... [Step: 1/2]", list, "Continue", "Cancel");
764. SendClientMessage(playerid, COLOR_WHITE, "[Step: 1/2] Select a security question. This will help you retrieve your password in case you forget it any time soon!");
765. PlayerPlaySound(playerid, 1054, 0.0, 0.0, 0.0);
766. return 1;
767. }
768.  
769. Dialog:CHANGE_SEC_QUESTION(playerid, response, listitem, inputext[])
770. {
771. if (!response)
772. return 1;
773.  
774. SetPVarInt(playerid, "Question", listitem);
775.  
776. new string[256];
777. format(string, sizeof(string), COL_YELLOW "%s\n"COL_WHITE"Insert your answer below in the box. (don't worry about CAPS, answers are NOT case sensitive).", SECURITY_QUESTIONS[listitem]);
778. Dialog_Show(playerid, CHANGE_SEC_ANSWER, DIALOG_STYLE_INPUT, "Change account security question... [Step: 2/2]", string, "Confirm", "Back");
779. SendClientMessage(playerid, COLOR_WHITE, "[Step: 2/2] Write the answer to your secuirty question.");
780. PlayerPlaySound(playerid, 1054, 0.0, 0.0, 0.0);
781. return 1;
782. }
783.  
784. Dialog:CHANGE_SEC_ANSWER(playerid, response, listitem, inputtext[])
785. {
786. if (!response)
787. {
788. new list[2 + (sizeof(SECURITY_QUESTIONS) * MAX_SECURITY_QUESTION_SIZE)];
789. for (new i; i < sizeof(SECURITY_QUESTIONS); i++)
790. {
791. strcat(list, SECURITY_QUESTIONS[i]);
792. strcat(list, "\n");
793. }
794. Dialog_Show(playerid, CHANGE_SEC_QUESTION, DIALOG_STYLE_LIST, "Change account security question... [Step: 1/2]", list, "Continue", "Cancel");
795. SendClientMessage(playerid, COLOR_WHITE, "[Step: 1/2] Select a security question. This will help you retrieve your password in case you forget it any time soon!");
796. return 1;
797. }
798.  
799. new string[512];
800.  
801. if (strlen(inputtext) < MIN_PASSWORD_LENGTH || inputtext[0] == ' ')
802. {
803. format(string, sizeof(string), COL_YELLOW "%s\n"COL_WHITE"Insert your answer below in the box. (don't worry about CAPS, answers are NOT case sensitive).", SECURITY_QUESTIONS[listitem]);
804. Dialog_Show(playerid, CHANGE_SEC_ANSWER, DIALOG_STYLE_INPUT, "Change account security question... [Step: 2/2]", string, "Confirm", "Back");
805. SendClientMessage(playerid, COLOR_TOMATO, "Security answer cannot be an less than "#MIN_PASSWORD_LENGTH" characters.");
806. return 1;
807. }
808.  
809. format(eUser[playerid][e_USER_SECURITY_QUESTION], MAX_SECURITY_QUESTION_SIZE, SECURITY_QUESTIONS[GetPVarInt(playerid, "Question")]);
810. DeletePVar(playerid, "Question");
811.  
812. for (new i, j = strlen(inputtext); i < j; i++)
813. {
814. inputtext[i] = tolower(inputtext[i]);
815. }
816. SHA256_PassHash(inputtext, eUser[playerid][e_USER_SALT], eUser[playerid][e_USER_SECURITY_ANSWER], 64);
817. format(string, sizeof(string), "Successfully changed your security answer and question [Q: %s].", eUser[playerid][e_USER_SECURITY_QUESTION]);
818. SendClientMessage(playerid, COLOR_GREEN, string);
819. PlayerPlaySound(playerid, 1057, 0.0, 0.0, 0.0);
820. return 1;
821. }
822.  
823. CMD:stats(playerid, params[])
824. {
825. new targetid;
826. if (sscanf(params, "u", targetid))
827. {
828. targetid = playerid;
829. SendClientMessage(playerid, COLOR_DEFAULT, "Tip: You can also view other players stats by /stats [player]");
830. }
831.  
832. if (!IsPlayerConnected(targetid))
833. return SendClientMessage(playerid, COLOR_TOMATO, "The player is no more connected.");
834.  
835. new name[MAX_PLAYER_NAME];
836. GetPlayerName(targetid, name, MAX_PLAYER_NAME);
837.  
838. new string[150];
839. SendClientMessage(playerid, COLOR_GREEN, "_______________________________________________");
840. SendClientMessage(playerid, COLOR_GREEN, "");
841. format(string, sizeof(string), "%s[%i]'s stats: (AccountId: %i)", name, targetid, eUser[targetid][e_USER_SQLID]);
842. SendClientMessage(playerid, COLOR_GREEN, string);
843.  
844. new Float:ratio = ((eUser[targetid][e_USER_DEATHS] < 0) ? (0.0) : (floatdiv(eUser[targetid][e_USER_KILLS], eUser[targetid][e_USER_DEATHS])));
845.  
846. static levelname[6][25];
847. if (!levelname[0][0])
848. {
849. levelname[0] = "Player";
850. levelname[1] = "Operator";
851. levelname[2] = "Moderator";
852. levelname[3] = "Administrator";
853. levelname[4] = "Manager";
854. levelname[5] = "Owner/RCON";
855. }
856.  
857. format(string, sizeof (string), "Score: %i || Money: $%i || Kills: %i || Deaths: %i || Ratio: %0.2f || Admin Level: %i - %s || Vip Level: %i",
858. GetPlayerScore(targetid), GetPlayerMoney(targetid), eUser[targetid][e_USER_KILLS], eUser[targetid][e_USER_DEATHS], ratio, eUser[targetid][e_USER_ADMIN_LEVEL], levelname[((eUser[targetid][e_USER_ADMIN_LEVEL] > 5) ? (5) : (eUser[targetid][e_USER_ADMIN_LEVEL]))], eUser[targetid][e_USER_VIP_LEVEL]);
859. SendClientMessage(playerid, COLOR_GREEN, string);
860.  
861. format(string, sizeof (string), "Registeration On: %s || Last Seen: %s",
862. ReturnTimelapse(eUser[playerid][e_USER_REGISTER_TIMESTAMP], gettime()), ReturnTimelapse(eUser[playerid][e_USER_LASTLOGIN_TIMESTAMP], gettime()));
863. SendClientMessage(playerid, COLOR_GREEN, string);
864.  
865. SendClientMessage(playerid, COLOR_GREEN, "");
866. SendClientMessage(playerid, COLOR_GREEN, "_______________________________________________");
867. return 1;
868. }