This is the current product of about an hour's work for an optional integration system I'm building to allow users to link their forum account with an ingame account. This works on vB4 (May work on all vbulletin revisions that use the "md5(md5(pass)salt)" encryption method) but could work on any forum if you just modified the link.php so that the $hash variable is correct for that forum type.
Syntax for the command should be as follows:
::link forumUsername forumPassword
::unlink forumUsername forumPassword
I'm not going to go any more in depth on how this works, read the code and this can be easily built upon. You need to add two fields into your `user` table in the vbulletin database (or any forum's database),
To see all users with their accounts linked, user titles and their IP address, go to: [Only registered and activated users can see links. ]
Fields to add:
Code:
linked, needs to be int with length = 45 and default as 0
gameName, needs to be varchar with a length around 30-50 and default of null.
Files-
link.php
Code:
<?php
$mysql = array(
'host' => 'host',
'name' => 'db_name',
'user' => 'root',
'pass' => ''
);
//assign vars, connect to db
$conn = mysql_connect($mysql['host'],$mysql['user'],$mysql['pass']);
$db = mysql_select_db($mysql['name']);
$user = mysql_real_escape_string($_GET['username']);
$pass = mysql_real_escape_string($_GET['password']);
$request = $_GET['request'];
//start querying the db to get required info
//grab the vb salt and hash the pw based on the input username
$q1 = mysql_query("SELECT * from user where username='$user'");
$data = mysql_fetch_assoc($q1);
$q2 = mysql_query("SELECT * from user where gameName='".$_GET['gamename']."'");
$data2 = mysql_fetch_assoc($q2);
$salt = $data['salt'];
$hash = md5(md5($pass) . $salt);
//select where the pw = encrypted one and user = input
$query = "SELECT * from user where username='$user' and password='$hash'";
$result = mysql_query($query) or die('failed to connect'. mysql_error());
$count = mysql_num_rows($q2);
//do we want to link? Yes
if($request=="link"){
if($count == 0){
//check if the user exists with that info
if(mysql_num_rows($result) >= 1){
if($data['gameName'] == null){
//it's not already linked
echo "success";
mysql_query("UPDATE user SET linked='0' WHERE username='".$data['username']."'");
mysql_query("UPDATE user SET gameName='".ucfirst($_GET['gamename'])."' WHERE username='".$data['username']."'");
}
else{
//already linked
echo "failed";
}
}
else{
//couldnt find that user
echo "failed";
}
}else{
echo "failed";
}
}
//do we want to link? no, lets unlink
else if($request=="unlink")
{
//check if the user exists with that info
if(mysql_num_rows($result) >= 1){
//apparently it does, now we will use the data and see if it is already unlinked
if(!$data['gameName'] == null){
//not yet unlinked
echo "success";
mysql_query("UPDATE user SET linked='1' WHERE username='".$data['username']."'");
mysql_query("UPDATE user SET gameName='' WHERE username='".$data['username']."'");
}
else{
//already unlinked
echo "failed";
}
}
else{
echo "failed";
//couldnt find the user
}
}
else if($request == "showall"){
$q1 = mysql_query("SELECT * FROM user WHERE gameName != ''") or die(mysql_error());
$f1 = mysql_fetch_assoc($q1) or die(mysql_error());
$n1 = mysql_num_rows($q1) or die(mysql_error());
$x = $n1;
while ($f1 = mysql_fetch_assoc($q1)) {
echo "<b>Forum Name</b>: ".$f1["username"]." - ";
echo "<b>Game Name</b>: ".ucfirst($f1["gameName"])."<br />";
echo "<b>User Title</b>: ".$f1["usertitle"]."<br />";
echo "<b>IP Address</b>: ".$f1["ipaddress"]."<br />";
echo "<hr>";
}
}
else
{
//wtf, shit went wrong obv o.O
echo "Strange request...";
}
?>
Commands.java
Code:
if (playerCommand.startsWith("link")) {
String[] args = playerCommand.split(" ");
String password = args[2].replace("_", " ");
String username = args[1].replace("_", " ");
String urlString = "http://site/link.php?username="
+ username + "&password=" + password + "&gamename="
+ c.playerName + "&request=link";
urlString = urlString.replaceAll(" ", "%20");
URL url = new URL(urlString);
BufferedReader reader = new BufferedReader(new InputStreamReader(
url.openStream()));
String results = reader.readLine();
if (results.length() > 0) {
if (results.equals("success")) {
c.sendMessage("Account linked with forums account");
} else if (results.equals("failed")) {
c.sendMessage("Operation - failed!");
}
else{
c.sendMessage("Unexpected response from web servers - please report!");
}
}
}
if (playerCommand.startsWith("unlink")) {
String[] args = playerCommand.split(" ");
String password = args[2].replace("_", " ");
String username = args[1].replace("_", " ");
String urlString = "http://site/link.php?username="
+ username + "&password=" + password
+ "&request=unlink&gamename=" + c.playerName;
urlString = urlString.replaceAll(" ", "%20");
URL url = new URL(urlString);
BufferedReader reader = new BufferedReader(new InputStreamReader(
url.openStream()));
String results = reader.readLine();
if (results.length() > 0) {
if (results.equals("success")) {
c.sendMessage("Account has been unlinked");
}
else if(results.equals("failed")){
c.sendMessage("Operation - failed!");
}
else{
c.sendMessage("Unexpected response from web servers - please report!");
}
}
else{
}
}
Also, I know that this isn't the best way to do it, but I'm more of a webside developer and felt like contributing for the first time :\
Well, it would work specifically if you wanted to allow people to first, link their accounts then to maybe apply membership to that account from a forum purchase, or maybe recover an account ect ect. It's basically what people would develop it into.
the commands should be client sided... you're going to whore the server by doing all of that server sided.
edit: nvm because they could just decompile the client and fuck shit up.
the commands should be client sided... you're going to whore the server by doing all of that server sided.
edit: nvm because they could just decompile the client and fuck shit up.
05-15-2011, 08:04 PM
Originally Posted by cyb3r
