/**
* License
* THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS
* CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE").
* THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW.
* ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR
* COPYRIGHT LAW IS PROHIBITED.
*
* BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND
* AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE
* MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED
* HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS.
*
*/
package l1j.server.server;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.*;
import java.util.logging.Level;
import java.util.logging.Logger;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
import l1j.server.Config;
import l1j.server.L1DatabaseFactory;
import l1j.server.server.utils.SQLUtil;
public class Logins {
private static Logger _log = Logger.getLogger(Logins.class.getName());
public static boolean loginValid(String account, String password, String ip, String host) throws IOException {
boolean flag1 = false;
_log.info("Connect from : " + account);
Connection con = null;
PreparedStatement pstm = null;
ResultSet rs = null;
try {
byte abyte1[];
byte abyte2[];
MessageDigest messagedigest = MessageDigest.getInstance("SHA");
byte abyte0[] = password.getBytes("UTF-8");
abyte1 = messagedigest.digest(abyte0);
abyte2 = null;
con = L1DatabaseFactory.getInstance().getConnection();
pstm = con.prepareStatement("SELECT password FROM accounts WHERE login=? LIMIT 1");
pstm.setString(1, account);
rs = pstm.executeQuery();
if (rs.next()) {
abyte2 = new BASE64Decoder().decodeBuffer(rs.getString(1));
_log.fine("account exists");
}
SQLUtil.close(rs);
SQLUtil.close(pstm);
SQLUtil.close(con);
if (abyte2 == null) {
if (Config.AUTO_CREATE_ACCOUNTS) {
con = L1DatabaseFactory.getInstance().getConnection();
pstm = con.prepareStatement("INSERT INTO accounts SET login=?,password=?,lastactive=?,access_level=?,ip=?,host=?");
pstm.setString(1, account);
pstm.setString(2, new BASE64Encoder().encode(abyte1));
pstm.setLong(3, 0L);
pstm.setInt(4, 0);
pstm.setString(5, ip);
pstm.setString(6, host);
pstm.execute();
_log.info("created new account for " + account);
return true;
} else {
_log.warning("account missing for user " + account);
return false;
}
}
try {
flag1 = true;
int i = 0;
do {
if (i >= abyte2.length) {
break;
}
if (abyte1[i] != abyte2[i]) {
flag1 = false;
break;
}
i++;
} while (true);
} catch (Exception e) {
_log.warning("could not check password:" + e);
flag1 = false;
}
} catch (SQLException e) {
_log.log(Level.SEVERE, e.getLocalizedMessage(), e);
} catch (NoSuchAlgorithmException e) {
_log.log(Level.SEVERE, e.getLocalizedMessage(), e);
} catch (UnsupportedEncodingException e) {
_log.log(Level.SEVERE, e.getLocalizedMessage(), e);
} finally {
SQLUtil.close(rs);
SQLUtil.close(pstm);
SQLUtil.close(con);
}
return flag1;
}
}