From c1b7522840aad66363e9c2fa8ae3284ea21b1272 Mon Sep 17 00:00:00 2001 From: Max-Wilhelm Bruker Date: Tue, 17 Nov 2009 18:56:49 +0100 Subject: [PATCH] blah --- common/protocol_items.cpp | 24 ++++++++++++------------ common/protocol_items.dat | 6 +++--- common/protocol_items.h | 18 +++++++++--------- common/server_protocolhandler.cpp | 16 ++++++++++++++++ servatrice/src/serversocketinterface.cpp | 22 ++++++++++++++++++++-- 5 files changed, 60 insertions(+), 26 deletions(-) diff --git a/common/protocol_items.cpp b/common/protocol_items.cpp index 4cdb352c..954e534b 100644 --- a/common/protocol_items.cpp +++ b/common/protocol_items.cpp @@ -21,17 +21,17 @@ Command_DeckList::Command_DeckList() : Command("deck_list") { } -Command_DeckNewDir::Command_DeckNewDir(const QString &_path, const QString &_name) - : Command("deck_new_dir"), path(_path), name(_name) +Command_DeckNewDir::Command_DeckNewDir(const QString &_path, const QString &_dirName) + : Command("deck_new_dir"), path(_path), dirName(_dirName) { setParameter("path", path); - setParameter("name", name); + setParameter("dir_name", dirName); } void Command_DeckNewDir::extractParameters() { Command::extractParameters(); path = parameters["path"]; - name = parameters["name"]; + dirName = parameters["dir_name"]; } Command_DeckDelDir::Command_DeckDelDir(const QString &_path) : Command("deck_del_dir"), path(_path) @@ -43,25 +43,25 @@ void Command_DeckDelDir::extractParameters() Command::extractParameters(); path = parameters["path"]; } -Command_DeckDel::Command_DeckDel(int _id) - : Command("deck_del"), id(_id) +Command_DeckDel::Command_DeckDel(int _deckId) + : Command("deck_del"), deckId(_deckId) { - setParameter("id", id); + setParameter("deck_id", deckId); } void Command_DeckDel::extractParameters() { Command::extractParameters(); - id = parameters["id"].toInt(); + deckId = parameters["deck_id"].toInt(); } -Command_DeckDownload::Command_DeckDownload(int _id) - : Command("deck_download"), id(_id) +Command_DeckDownload::Command_DeckDownload(int _deckId) + : Command("deck_download"), deckId(_deckId) { - setParameter("id", id); + setParameter("deck_id", deckId); } void Command_DeckDownload::extractParameters() { Command::extractParameters(); - id = parameters["id"].toInt(); + deckId = parameters["deck_id"].toInt(); } Command_ListChatChannels::Command_ListChatChannels() : Command("list_chat_channels") diff --git a/common/protocol_items.dat b/common/protocol_items.dat index a05b0daf..43a62eaf 100644 --- a/common/protocol_items.dat +++ b/common/protocol_items.dat @@ -1,10 +1,10 @@ 0:ping 0:login:s,username:s,password 0:deck_list -0:deck_new_dir:s,path:s,name +0:deck_new_dir:s,path:s,dir_name 0:deck_del_dir:s,path -0:deck_del:i,id -0:deck_download:i,id +0:deck_del:i,deck_id +0:deck_download:i,deck_id 0:list_chat_channels 0:chat_join_channel:s,channel 1:chat_leave_channel diff --git a/common/protocol_items.h b/common/protocol_items.h index 5fc47dd1..ea34a7e4 100644 --- a/common/protocol_items.h +++ b/common/protocol_items.h @@ -37,11 +37,11 @@ class Command_DeckNewDir : public Command { Q_OBJECT private: QString path; - QString name; + QString dirName; public: - Command_DeckNewDir(const QString &_path = QString(), const QString &_name = QString()); + Command_DeckNewDir(const QString &_path = QString(), const QString &_dirName = QString()); QString getPath() const { return path; } - QString getName() const { return name; } + QString getDirName() const { return dirName; } static ProtocolItem *newItem() { return new Command_DeckNewDir; } int getItemId() const { return ItemId_Command_DeckNewDir; } protected: @@ -62,10 +62,10 @@ protected: class Command_DeckDel : public Command { Q_OBJECT private: - int id; + int deckId; public: - Command_DeckDel(int _id = -1); - int getId() const { return id; } + Command_DeckDel(int _deckId = -1); + int getDeckId() const { return deckId; } static ProtocolItem *newItem() { return new Command_DeckDel; } int getItemId() const { return ItemId_Command_DeckDel; } protected: @@ -74,10 +74,10 @@ protected: class Command_DeckDownload : public Command { Q_OBJECT private: - int id; + int deckId; public: - Command_DeckDownload(int _id = -1); - int getId() const { return id; } + Command_DeckDownload(int _deckId = -1); + int getDeckId() const { return deckId; } static ProtocolItem *newItem() { return new Command_DeckDownload; } int getItemId() const { return ItemId_Command_DeckDownload; } protected: diff --git a/common/server_protocolhandler.cpp b/common/server_protocolhandler.cpp index c64c650e..57f4016b 100644 --- a/common/server_protocolhandler.cpp +++ b/common/server_protocolhandler.cpp @@ -37,6 +37,11 @@ void Server_ProtocolHandler::processCommand(Command *command) GameCommand *gameCommand = qobject_cast(command); if (chatCommand) { qDebug() << "received ChatCommand: channel =" << chatCommand->getChannel(); + if (authState == PasswordWrong) { + sendProtocolItem(new ProtocolResponse(gameCommand->getCmdId(), RespLoginNeeded)); + return; + } + Server_ChatChannel *channel = chatChannels.value(chatCommand->getChannel(), 0); if (!channel) { sendProtocolItem(new ProtocolResponse(gameCommand->getCmdId(), RespNameNotFound)); @@ -48,6 +53,11 @@ void Server_ProtocolHandler::processCommand(Command *command) } } else if (gameCommand) { qDebug() << "received GameCommand: game =" << gameCommand->getGameId(); + if (authState == PasswordWrong) { + sendProtocolItem(new ProtocolResponse(gameCommand->getCmdId(), RespLoginNeeded)); + return; + } + if (!games.contains(gameCommand->getGameId())) { sendProtocolItem(new ProtocolResponse(gameCommand->getCmdId(), RespNameNotFound)); return; @@ -136,6 +146,9 @@ ResponseCode Server_ProtocolHandler::cmdLogin(Command_Login *cmd) ResponseCode Server_ProtocolHandler::cmdListChatChannels(Command_ListChatChannels * /*cmd*/) { + if (authState == PasswordWrong) + return RespLoginNeeded; + Event_ListChatChannels *event = new Event_ListChatChannels; QMapIterator channelIterator(server->getChatChannels()); while (channelIterator.hasNext()) { @@ -150,6 +163,9 @@ ResponseCode Server_ProtocolHandler::cmdListChatChannels(Command_ListChatChannel ResponseCode Server_ProtocolHandler::cmdChatJoinChannel(Command_ChatJoinChannel *cmd) { + if (authState == PasswordWrong) + return RespLoginNeeded; + if (chatChannels.contains(cmd->getChannel())) return RespContextError; diff --git a/servatrice/src/serversocketinterface.cpp b/servatrice/src/serversocketinterface.cpp index 6840f3fa..79c4a4a0 100644 --- a/servatrice/src/serversocketinterface.cpp +++ b/servatrice/src/serversocketinterface.cpp @@ -116,9 +116,10 @@ int ServerSocketInterface::getDeckPathId(int basePathId, QStringList path) servatrice->checkSql(); QSqlQuery query; - query.prepare("select id from decklist_folders where id_parent = :id_parent and name = :name"); + query.prepare("select id from decklist_folders where id_parent = :id_parent and name = :name and user = :user"); query.bindValue(":id_parent", basePathId); query.bindValue(":name", path.takeFirst()); + query.bindValue(":user", playerName); if (!servatrice->execSqlQuery(query)) return -1; if (!query.next()) @@ -159,6 +160,9 @@ void ServerSocketInterface::deckListHelper(Response_DeckList::Directory *folder) } } +// CHECK AUTHENTICATION! +// Also check for every function that data belonging to other users cannot be accessed. + ResponseCode ServerSocketInterface::cmdDeckList(Command_DeckList *cmd) { Response_DeckList::Directory *root = new Response_DeckList::Directory(QString()); @@ -182,7 +186,7 @@ ResponseCode ServerSocketInterface::cmdDeckNewDir(Command_DeckNewDir *cmd) query.prepare("insert into decklist_folders (id_parent, user, name) values(:id_parent, :user, :name)"); query.bindValue(":id_parent", folderId); query.bindValue(":user", playerName); - query.bindValue(":name", cmd->getName()); + query.bindValue(":name", cmd->getDirName()); if (!servatrice->execSqlQuery(query)) return RespContextError; return RespOk; @@ -217,6 +221,20 @@ ResponseCode ServerSocketInterface::cmdDeckDelDir(Command_DeckDelDir *cmd) ResponseCode ServerSocketInterface::cmdDeckDel(Command_DeckDel *cmd) { + QSqlQuery query; + + query.prepare("select id from decklist_files where id = :id and user = :user"); + query.bindValue(":id", cmd->getDeckId()); + query.bindValue(":user", playerName); + servatrice->execSqlQuery(query); + if (!query.next()) + return RespNameNotFound; + + query.prepare("delete from decklist_files where id = :id"); + query.bindValue(":id", cmd->getDeckId()); + servatrice->execSqlQuery(query); + + return RespOk; } ResponseCode ServerSocketInterface::cmdDeckUpload(Command_DeckUpload *cmd)