Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- addEvent( getResourceName( resource ) .. ":login", true )
- addEventHandler( getResourceName( resource ) .. ":login", root,
- function( username, password )
- if source == client then
- triedTokenAuth[ source ] = true
- if username and password and #username > 0 and #password > 0 then
- local info = exports.sql:query_assoc_single( "SELECT CONCAT(SHA1(CONCAT(username, '%s')),SHA1(CONCAT(salt, SHA1(CONCAT('%s',SHA1(CONCAT(salt, SHA1(CONCAT(username, SHA1(password)))))))))) AS token FROM wcf1_user WHERE `username` = '%s' AND password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, '" .. sha1(password) .. "'))))", getPlayerHash( source ), getPlayerHash( source ), username )
- p[ source ] = nil
- if not info then
- triggerClientEvent( source, getResourceName( resource ) .. ":loginResult", source, 1 ) -- Wrong username/password
- loginAttempts[ source ] = ( loginAttempts[ source ] or 0 ) + 1
- if loginAttempts[ source ] >= 5 then
- kickPlayer( source, true, false, false, root, "Too many login attempts.", 900 )
- end
- else
- loginAttempts[ source ] = nil
- performLogin( source, info.token, true )
- end
- end
- end
- end
- )
- function performLogin( source, token, isPasswordAuth, ip, username )
- if source and ( isPasswordAuth or not triedTokenAuth[ source ] ) then
- triedTokenAuth[ source ] = true
- if token then
- if #token == 80 then
- local info = exports.sql:query_assoc_single( "SELECT userID, username, banned, activationCode, password, AS salts, userOptions FROM wcf1_user WHERE CONCAT(username, password) = '%s' LIMIT 1", token )
- p[ source ] = nil
- if not info then
- if isPasswordAuth then
- triggerClientEvent( source, getResourceName( resource ) .. ":loginResult", source, 1 ) -- Wrong username/password
- end
- return false
- else
- if info.banned == 1 then
- triggerClientEvent( source, getResourceName( resource ) .. ":loginResult", source, 2 ) -- Banned
- return false
- elseif info.activationCode > 0 then
- triggerClientEvent( source, getResourceName( resource ) .. ":loginResult", source, 3 ) -- Requires activation
- return false
- else
- -- check if another user is logged in on that account
- for player, data in pairs( p ) do
- if data.userID == info.userID then
- triggerClientEvent( source, getResourceName( resource ) .. ":loginResult", source, 5 ) -- another player with that account found
- return false
- end
- end
- local username = info.username
- p[ source ] = { userID = info.userID, username = username, options = info.userOptions and fromJSON( info.userOptions ) or { } }
- -- check for admin rights
- aclUpdate( source, true )
- -- show characters
- local chars = exports.sql:query_assoc( "SELECT characterID, characterName, skin FROM characters WHERE userID = " .. info.userID .. " ORDER BY lastLogin DESC" )
- if isPasswordAuth then
- triggerClientEvent( source, getResourceName( resource ) .. ":characters", source, chars, true, token, getPlayerIP( source ) ~= "127.0.0.1" and getPlayerIP( source ) )
- else
- triggerClientEvent( source, getResourceName( resource ) .. ":characters", source, chars, true )
- end
- outputServerLog( "Rockstar Roleplay: Login " .. getPlayerName( source ) .. " logged in as " .. info.username .. " (IP: " .. getPlayerIP( source ) .. ", Serial: " .. getPlayerSerial( source ) .. ")" )
- exports.server:message( "%C04[" .. getID( source ) .. "]%C %B" .. info.username .. "%B logged in (Nick: %B" .. getPlayerName( source ):gsub( "_", " " ) .. "%B)." )
- exports.sql:query_free( "UPDATE wcf1_user SET lastIP = '%s', lastSerial = '%s' WHERE userID = " .. tonumber( info.userID ), getPlayerIP( source ), getPlayerSerial( source ) )
- return true
- end
- end
- end
- end
- end
- return false
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement