//===== eAthena Script =======================================
//= Security System
//===== By ===================================================
//= lllchrislll
//===== Version ==============================================
//= 1.0 - Script Made
//= 1.1 - Fixed SQL Bug (SQL Injection) - Thanks to ToastofDoom
//===== Compatible With ======================================
//= Every eAthena MySQL Version
//===== Description ==========================================
//= Security System - Simple
//===== Comments =============================================
//= Bugs possible > PM me <3
// Change the e-mail address at Line 90!!
// or add your own text, as well
// search for "Summon Ro", replace it with your server's name.
//============================================================
- script SecurityLogin -1,{
end;
OnPCLoginEvent:
if(#security_pass == 2) goto W_Jail;
if($security_pass == 0 && #security_pass == 1) {
announce "The Security System is momentally offline.",bc_red|bc_self;
set #security_pass,3;
end;
} else if($security_pass == 0 && #security_pass == 0) {
end;
} else if($security_pass == 1 && #security_pass == 3) {
announce "The Security System is back online.",bc_red|bc_self;
set #security_pass,1;
end;
} else if(#security_pass == 0) {
mes "[Security Manager]";
mes "Your Security Password hasn't been set yet.";
mes "Please come to me and set it or do it via";
mes "NPC:Password. It's like you are whispering to an other player.";
mes "After that any kind of text.";
close;
} else if(#security_pass == 1) { // Check if Password was set
query_sql "SELECT `last_ip` FROM `login` WHERE `account_id` = '"+getcharid(3)+"'",@last_ip$;
query_sql "SELECT `last_ip` FROM `security_sys` WHERE `account_id` = '"+getcharid(3)+"'",@last_ip2$;
if (@last_ip$ != @last_ip2$) { // IP Check
mes "[Security Manager]";
mes "Please insert the Password for your own Security.";
next;
input @pass$;
query_sql "SELECT `pass` FROM `security_sys` WHERE `account_id` = '"+getcharid(3)+"'",@sec_pass$;
if(@pass$ == @sec_pass$) { // Inserted Password Check
query_sql "UPDATE `security_sys` SET `last_ip` = '"+@last_ip2$+"' WHERE `account_id` = '"+getcharid(3)+"'";
dispbottom "You have successfully logged in. Have Fun with Summon Ro.";
close;
} else if(@pass$ != @sec_pass$) {
mes "[Security Manager]";
mes "The Password you typed is wrong.";
mes "You got one more chance to login.";
next;
input @pass$;
if(@pass$ == @sec_pass$) {
mes "[Security Manager]";
mes "Thank you for your time.";
dispbottom "You have successfully logged in. Have Fun with Summon Ro.";
close;
} else if (@pass$ != @sec_pass$) {
mes "[Security Manager]";
mes "You typed the Password wrong twice.";
mes "You will be warped to the Jail now.";
mes "After Login in, you have to write the password again and if you are write it";
mes "again wrong your account will be blocked.";
close2;
atcommand "@jail "+strcharinfo(0);
set #security_pass,2;
sleep2 5000;
atcommand "@kick "+strcharinfo(0);
end;
}
}
} else if (@last_ip$ == @last_ip2$) {
dispbottom "You have successfully logged in. Have Fun with Summon Ro.";
end;
}
}
W_Jail:
mes "[Security Manager]";
mes "Please insert the 'correct' Password.";
mes "or your account will be blocked and you have to write";
mes "an e-mail to [email protected] with the content of the right Password.";
next;
mes "[Security Manager]";
mes "Like this:";
mes "Subject: Security System - Account Unblock";
mes "Text: Account Name: *x*";
mes " Password: *x*";
next;
mes "[Security Manager]";
mes "Start please.";
next;
input @pass$;
query_sql "SELECT `pass` FROM `security_sys` WHERE `account_id` = '"+getcharid(3)+"'",@sec_pass$;
if(@pass$ == @sec_pass$) {
close2;
set #security_pass,1;
warp "SavePoint",0,0;
announce "You have successfully regained your Account. Have Fun with Summon Ro.",bc_red|bc_self;
end;
} else {
mes "[Security Manager]";
mes "The Password you typed is wrong.";
mes "Your Account will be blocked now.";
close2;
atcommand "@block "+strcharinfo(0);
end;
}
}
- script Password -1,{
end;
OnWhisperGlobal:
if($security_pass == 0 && #security_pass == 1) {
set #security_pass, 0;
} else if($security_pass == 0 && #security_pass == 0) {
mes "[Security Manager]";
mes "The System is disabled.";
close;
} else if($security_pass == 1 && #security_pass == 0) {
mes "[Security Manager]";
mes "Hello, "+strcharinfo(0)+"!";
mes "Please insert your Password you want to set.";
input @sec_pass$;
next;
mes "[Security Manager]";
mes "Thank you for your time.";
mes "Your Password and IP got saved.";
mes "Remember it carefully.";
set #security_pass, 1;
query_sql "SELECT `last_ip` FROM `login` WHERE `account_id` = '"+getcharid(3)+"'",@last_ip$;
query_sql "INSERT INTO `security_sys` (`last_ip` , `account_id` , `pass`) VALUES ('"+@last_ip$+"' , '"+getcharid(3)+"' , '"+escape_sql(@sec_pass$)+"')";
close;
} else if($securty_pass == 1 && #security_pass == 1) {
mes "[Security Manager]";
mes "So you want to change";
mes "your Password?";
if(select("- Yes:- No") == 2) {
close;
} else {
next;
query_sql "SELECT `pass` FROM `security_sys` WHERE `account_id` = '"+getcharid(3)+"'",@sec_pass$;
mes "[Security Manager]";
mes "Please insert the new Password.";
mes "^FF2200 Note: Type \"Cancel\" into";
mes "the box to cancel your attempt.^000000";
input @ch_pass$;
next;
mes "[Security Manager]";
if(@ch_pass$ == "Cancel") {
close;
} else if(ch_pass$ == @sec_pass$) {
mes "I'm sorry, but the new";
mes "Password matches the old";
mes "one.";
close;
}
mes "The new password is:";
mes @ch_pass$;
next;
mes "[Security Manager]";
mes "Is that correct?";
if(select("- Yes, it is correct:- No, I don't want to change it.") == 2) {
next;
mes "[Security Manager]";
mes "Okay, see you next time.";
close;
} else {
next;
mes "[Security Manager]";
mes "Thank you for your time.";
query_sql "UPDATE `security_sys` SET `pass` = '"+escape_sql(@ch_pass$)+"' WHERE `account_id` = '"+getcharid(3)+"'";
close;
}
}
}
}
help_lobby.gat,75,136,4 script Security Manager 109,{
set .@n$,"[Security Manager]";
if (getgmlevel() >= 80) {
mes .@n$;
mes "Which Menu?";
menu "- Player Menu",-,"- GM Menu",M_GM;
next;
}
mes .@n$;
mes "Hello, "+strcharinfo(0)+".";
mes "What do you wanna do?";
switch(select("- Add/Change my Password:- Nothing")) {
case 1:
next;
if($security_pass == 0 && #security_pass == 1) {
set #security_pass, 0;
mes .@n$;
mes "The System isn't enabled.";
close;
} else if($security_pass == 0 && #security_pass == 0) {
mes .@n$;
mes "The System isn't enabled.";
close;
} else if($security_pass == 1 && #security_pass == 0) {
mes .@n$;
mes "Hello, "+strcharinfo(0)+"";
mes "So you want to set your Password?";
menu "- Yes, please.",-,"- Naa, not now.",N_now;
setit:
next;
mes .@n$;
mes "Okay, type the password you want.";
input @sec_pass$;
next;
mes .@n$;
mes "The Password is:";
mes @sec_pass$;
mes "Is that correct?";
if(select("- Yes, it is:- No,repeat please") == 1) {
next;
set #security_pass, 1;
query_sql "SELECT `last_ip` FROM `login` WHERE `account_id` = '"+getcharid(3)+"'",@last_ip$;
query_sql "INSERT INTO `security_sys` (`last_ip` , `account_id` , `pass`) VALUES ('"+@last_ip$+"' , '"+getcharid(3)+"' , '"+escape_sql(@sec_pass$)+"')";
mes .@n$;
mes "Thank you for your time.";
mes "Your Password and IP got saved.";
mes "Remember it carefully.";
close;
} else {
goto setit;
}
N_now:
next;
mes .@n$;
mes "Okay, please come back as soon as possible.";
close;
} else if($security_pass == 1 && #security_pass == 1) {
mes .@n$;
mes "So you want to change";
mes "your Password?";
if(select("- Yes:- No") == 2) {
close;
} else {
next;
query_sql "SELECT `pass` FROM `security_sys` WHERE `account_id` = '"+getcharid(3)+"'",@sec_pass$;
mes .@n$;
mes "Please insert the new Password.";
mes "^FF2200 Note: Type \"Cancel\" into";
mes "the box to cancel your attempt.^000000";
input @ch_pass$;
next;
mes .@n$;
if(@ch_pass$ == "Cancel") {
close;
} else if(@ch_pass$ == @sec_pass$) {
mes "I'm sorry, but the new";
mes "Password matches the old";
mes "one.";
close;
}
mes "The new password is:";
mes @ch_pass$;
next;
mes .@n$;
mes "Is that correct?";
if(select("- Yes, it is correct:- No, I don't want to change it.") == 2) {
next;
mes .@n$;
mes "Okay, see you next time.";
close;
} else {
next;
mes .@n$;
mes "Thank you for your time.";
query_sql "UPDATE `security_sys` SET `pass` = '"+escape_sql(@ch_pass$)+"' WHERE `account_id` = '"+getcharid(3)+"'";
close;
}
}
}
default:
close;
}
M_GM:
next;
if($sec_table_created == 1) {
mes .@n$;
mes "Hello, "+strcharinfo(0)+"!";
mes "What do you want to do?";
menu "- Disable/Enable the System",-,"- Delete Table",delete,"- Nothing",exit;
next;
mes .@n$;
mes "The Security System is " + ( ($security_pass) ? "^00BB22Enabled^000000." : "^FF2200Disabled^000000.");
if($security_pass == 0) {
mes "Wanna enable it?";
if(select("- Yes,please:- No,Thanks") == 2) {
next;
mes .@n$;
mes "The Security System is still disabled.";
close;
} else {
next;
mes .@n$;
mes "The Security System is enabled now.";
announce "The Security Systen has been enabled.",bc_yellow|bc_all;
set $security_pass, 1;
close;
}
} else if($security_pass == 1) {
mes .@n$;
mes "The Security System is enabled at the moment.";
mes "Wanna disable it?";
if(select("- Yes,please:- No,Thanks") == 2) {
next;
mes .@n$;
mes "The Security System is still enabled.";
close;
} else {
next;
mes .@n$;
mes "The Security system is disabled now.";
announce "The Security Systen has been disabled.",bc_yellow|bc_all;
set $security_pass, 0;
close;
}
}
delete:
next;
mes .@n$;
mes "Do you really want to delete the whole table?";
switch(select("- Yes, I want!!:- Noooo, I misclicked ya o_O")) {
case 1:
next;
mes .@n$;
mes "Okay, it's a 'One-Way Ticket'!!!!";
query_sql "DROP TABLE `security_sys`";
set $sec_table_created,0;
set $security_pass,0;
close;
case 2:
next;
mes .@n$;
mes "Okay, No Problem.";
close;
}
exit:
next;
mes .@n$;
mes "Goodbye, see ya next time.";
close;
} else {
mes .@n$;
mes "There isn't a table in your database yet.";
mes "Want to create?";
menu "- Yes, I want to create one",-,"- No, don't wanna",N_stop;
next;
mes .@n$;
mes "The Table is created now.";
query_sql "CREATE TABLE IF NOT EXISTS `security_sys` ( `last_ip` VARCHAR( 100 ) , `account_id` INT( 11 ) , `pass` VARCHAR( 32 ))";
set $sec_table_created, 1;
set $security_pass, 1;
close;
N_stop:
next;
mes .@n$;
mes "The table wasn't created.";
close;
}
}