diff --git a/src/main/java/fr/xephi/authme/SendMailSSL.java b/src/main/java/fr/xephi/authme/SendMailSSL.java index 397ddac91..1c3a4f449 100644 --- a/src/main/java/fr/xephi/authme/SendMailSSL.java +++ b/src/main/java/fr/xephi/authme/SendMailSSL.java @@ -86,8 +86,7 @@ public class SendMailSSL { try { email.send(); } catch (Exception e) { - e.printStackTrace(); - ConsoleLogger.showError("Fail to send a mail to " + mail); + ConsoleLogger.showError("Fail to send a mail to " + mail + " cause " + e.getLocalizedMessage()); } if (file != null) //noinspection ResultOfMethodCallIgnored diff --git a/src/main/java/fr/xephi/authme/cache/auth/PlayerAuth.java b/src/main/java/fr/xephi/authme/cache/auth/PlayerAuth.java index 5b1273259..b21aa9d4b 100644 --- a/src/main/java/fr/xephi/authme/cache/auth/PlayerAuth.java +++ b/src/main/java/fr/xephi/authme/cache/auth/PlayerAuth.java @@ -23,9 +23,8 @@ public class PlayerAuth { /** * */ - public PlayerAuth(String serialized) - { - this.unserialize(serialized); + public PlayerAuth(String serialized) { + this.deserialize(serialized); } /** @@ -163,8 +162,10 @@ public class PlayerAuth { * @param email String * @param realName String */ - public PlayerAuth(String nickname, String hash, String salt, int groupId, String ip, long lastLogin, double x, double y, double z, String world, String email, String realName) { - this.nickname = nickname; + public PlayerAuth(String nickname, String hash, String salt, int groupId, String ip, + long lastLogin, double x, double y, double z, String world, String email, + String realName) { + this.nickname = nickname.toLowerCase(); this.hash = hash; this.ip = ip; this.lastLogin = lastLogin; @@ -203,7 +204,7 @@ public class PlayerAuth { * @param nickname String */ public void setName(String nickname) { - this.nickname = nickname; + this.nickname = nickname.toLowerCase(); } /** @@ -455,46 +456,137 @@ public class PlayerAuth { } /** - * Method to serialize playerauth + * Method to serialize PlayerAuth * * @return String */ - public String serialize() - { - StringBuilder str = new StringBuilder(); - str.append(this.nickname).append(';'); - str.append(this.realName).append(';'); - str.append(this.ip).append(';'); - str.append(this.email).append(';'); - str.append(this.hash).append(';'); - str.append(this.salt).append(';'); - str.append(this.groupId).append(';'); - str.append(this.lastLogin).append(';'); - str.append(this.world).append(';'); - str.append(this.x).append(';'); - str.append(this.y).append(';'); - str.append(this.z); - return str.toString(); + public String serialize() { + StringBuilder str = new StringBuilder(); + char d = ';'; + str.append(this.nickname).append(d); + str.append(this.realName).append(d); + str.append(this.ip).append(d); + str.append(this.email).append(d); + str.append(this.hash).append(d); + str.append(this.salt).append(d); + str.append(this.groupId).append(d); + str.append(this.lastLogin).append(d); + str.append(this.world).append(d); + str.append(this.x).append(d); + str.append(this.y).append(d); + str.append(this.z); + return str.toString(); } /** - * Method to unserialize playerauth - * + * Method to deserialize PlayerAuth */ - public void unserialize(String str) - { - String[] args = str.split(";"); - this.nickname = args[0]; - this.realName = args[1]; - this.ip = args[2]; - this.email = args[3]; - this.hash = args[4]; - this.salt = args[5]; - this.groupId = Integer.parseInt(args[6]); - this.lastLogin = Long.parseLong(args[7]); - this.world = args[8]; - this.x = Double.parseDouble(args[9]); - this.y = Double.parseDouble(args[10]); - this.z = Double.parseDouble(args[11]); + public void deserialize(String str) { + String[] args = str.split(";"); + this.nickname = args[0]; + this.realName = args[1]; + this.ip = args[2]; + this.email = args[3]; + this.hash = args[4]; + this.salt = args[5]; + this.groupId = Integer.parseInt(args[6]); + this.lastLogin = Long.parseLong(args[7]); + this.world = args[8]; + this.x = Double.parseDouble(args[9]); + this.y = Double.parseDouble(args[10]); + this.z = Double.parseDouble(args[11]); + } + + public static Builder builder() { + return new Builder(); + } + + public static final class Builder { + private String name; + private String realName = "Player"; + private String hash = ""; + private String salt = ""; + private String ip = "127.0.0.1"; + private String world = "world"; + private double x = 0.0f; + private double y = 0.0f; + private double z = 0.0f; + private long lastLogin = System.currentTimeMillis(); + private int groupId = -1; + private String email = "your@email.com"; + + public PlayerAuth build() { + return new PlayerAuth( + name, + hash, + salt, + groupId, + ip, + lastLogin, + x, y, z, world, + email, + realName + ); + } + + public Builder name(String name) { + this.name = name; + return this; + } + + public Builder realName(String realName) { + this.realName = realName; + return this; + } + + public Builder hash(String hash) { + this.hash = hash; + return this; + } + + public Builder salt(String salt) { + this.salt = salt; + return this; + } + + public Builder ip(String ip) { + this.ip = ip; + return this; + } + + public Builder locWorld(String world) { + this.world = world; + return this; + } + + public Builder locX(double x) { + this.x = x; + return this; + } + + public Builder locY(double y) { + this.y = y; + return this; + } + + public Builder locZ(double z) { + this.z = z; + return this; + } + + public Builder lastLogin(long lastLogin) { + this.lastLogin = lastLogin; + return this; + } + + public Builder groupId(int groupId) { + this.groupId = groupId; + return this; + } + + public Builder email(String email) { + this.email = email; + return this; + } } } diff --git a/src/main/java/fr/xephi/authme/datasource/MySQL.java b/src/main/java/fr/xephi/authme/datasource/MySQL.java index 455361a49..17d2cdfdf 100644 --- a/src/main/java/fr/xephi/authme/datasource/MySQL.java +++ b/src/main/java/fr/xephi/authme/datasource/MySQL.java @@ -1,6 +1,5 @@ package fr.xephi.authme.datasource; -import com.zaxxer.hikari.HikariConfig; import com.zaxxer.hikari.HikariDataSource; import com.zaxxer.hikari.pool.PoolInitializationException; import fr.xephi.authme.AuthMe; @@ -36,10 +35,9 @@ public class MySQL implements DataSource { private final String columnEmail; private final String columnID; private final String columnLogged; + private final String columnRealName; private final List columnOthers; private HikariDataSource ds; - private final String columnRealName; - private final int maxConnections; /** * Constructor for MySQL. @@ -68,7 +66,6 @@ public class MySQL implements DataSource { this.columnID = Settings.getMySQLColumnId; this.columnLogged = Settings.getMySQLColumnLogged; this.columnRealName = Settings.getMySQLColumnRealName; - this.maxConnections = Settings.getMySQLMaxConnections; // Set the connection arguments (and check if connection is ok) try { @@ -76,15 +73,15 @@ public class MySQL implements DataSource { } catch (RuntimeException e) { if (e instanceof IllegalArgumentException) { ConsoleLogger.showError("Invalid database arguments! Please check your configuration!"); - ConsoleLogger.showError("If this error persists, please report it to the developer! SHUTDOWN..."); + ConsoleLogger.showError("If this error persists, please report it to the developer!"); throw new IllegalArgumentException(e); } if (e instanceof PoolInitializationException) { ConsoleLogger.showError("Can't initialize database connection! Please check your configuration!"); - ConsoleLogger.showError("If this error persists, please report it to the developer! SHUTDOWN..."); + ConsoleLogger.showError("If this error persists, please report it to the developer!"); throw new PoolInitializationException(e); } - ConsoleLogger.showError("Can't use the Hikari Connection Pool! Please, report this error to the developer! SHUTDOWN..."); + ConsoleLogger.showError("Can't use the Hikari Connection Pool! Please, report this error to the developer!"); throw e; } @@ -94,7 +91,7 @@ public class MySQL implements DataSource { } catch (SQLException e) { this.close(); ConsoleLogger.showError("Can't initialize the MySQL database... Please check your database settings in the config.yml file! SHUTDOWN..."); - ConsoleLogger.showError("If this error persists, please report it to the developer! SHUTDOWN..."); + ConsoleLogger.showError("If this error persists, please report it to the developer!"); throw e; } } @@ -102,34 +99,29 @@ public class MySQL implements DataSource { /** * Method setConnectionArguments. * - * @throws ClassNotFoundException * @throws IllegalArgumentException + * @throws RuntimeException */ - private synchronized void setConnectionArguments() - throws IllegalArgumentException { - HikariConfig config = new HikariConfig(); - config.setPoolName("AuthMeMYSQLPool"); - config.setDriverClassName("com.mysql.jdbc.Driver"); - config.setJdbcUrl("jdbc:mysql://" + this.host + ":" + this.port + "/" + this.database); - config.setUsername(this.username); - config.setPassword(this.password); - config.addDataSourceProperty("cachePrepStmts", "false"); - config.addDataSourceProperty("autoReconnect", false); - config.setInitializationFailFast(true); // Don't start the plugin if the database is unavailable - config.setMaxLifetime(180000); // 3 Min - config.setIdleTimeout(60000); // 1 Min - config.setMinimumIdle(2); - config.setMaximumPoolSize(maxConnections); - ds = new HikariDataSource(config); + private synchronized void setConnectionArguments() throws RuntimeException { + ds = new HikariDataSource(); + ds.setPoolName("AuthMeMYSQLPool"); + ds.setDriverClassName("com.mysql.jdbc.Driver"); + ds.setJdbcUrl("jdbc:mysql://" + this.host + ":" + this.port + "/" + this.database + "?rewriteBatchedStatements=true"); + ds.setUsername(this.username); + ds.setPassword(this.password); + ds.setInitializationFailFast(true); // Don't start the plugin if the database is unavailable + ds.setMaxLifetime(180000); // 3 Min + ds.setIdleTimeout(60000); // 1 Min + ds.setMinimumIdle(2); + ds.setMaximumPoolSize((Runtime.getRuntime().availableProcessors() * 2) + 1); ConsoleLogger.info("Connection arguments loaded, Hikari ConnectionPool ready!"); } /** * Method reloadArguments. * - * @throws ClassNotFoundException * @throws IllegalArgumentException + * @throws RuntimeException */ - private synchronized void reloadArguments() - throws ClassNotFoundException, IllegalArgumentException { + private synchronized void reloadArguments() throws RuntimeException { if (ds != null) { ds.close(); } @@ -152,64 +144,102 @@ public class MySQL implements DataSource { * @throws SQLException */ private synchronized void setupConnection() throws SQLException { - Connection con = null; - Statement st = null; - ResultSet rs = null; - try { - if ((con = getConnection()) == null) - return; - st = con.createStatement(); - st.executeUpdate("CREATE TABLE IF NOT EXISTS " + tableName + " (" + columnID + " INTEGER AUTO_INCREMENT," + columnName + " VARCHAR(255) NOT NULL UNIQUE," + columnPassword + " VARCHAR(255) NOT NULL," + columnIp + " VARCHAR(40) NOT NULL DEFAULT '127.0.0.1'," + columnLastLogin + " BIGINT NOT NULL DEFAULT '" + System.currentTimeMillis() + "'," + lastlocX + " DOUBLE NOT NULL DEFAULT '0.0'," + lastlocY + " DOUBLE NOT NULL DEFAULT '0.0'," + lastlocZ + " DOUBLE NOT NULL DEFAULT '0.0'," + lastlocWorld + " VARCHAR(255) NOT NULL DEFAULT '" + Settings.defaultWorld + "'," + columnEmail + " VARCHAR(255) DEFAULT 'your@email.com'," + columnLogged + " SMALLINT NOT NULL DEFAULT '0'," + "CONSTRAINT table_const_prim PRIMARY KEY (" + columnID + "));"); - rs = con.getMetaData().getColumns(null, null, tableName, columnPassword); + try (Connection con = getConnection()) { + Statement st = con.createStatement(); + DatabaseMetaData md = con.getMetaData(); + // Create table if not exists. + String sql = "CREATE TABLE IF NOT EXISTS " + tableName + " (" + + columnID + " INTEGER AUTO_INCREMENT," + + columnName + " VARCHAR(255) NOT NULL UNIQUE," + + columnRealName + " VARCHAR(255) NOT NULL," + + columnPassword + " VARCHAR(255) NOT NULL," + + columnIp + " VARCHAR(40) NOT NULL DEFAULT '127.0.0.1'," + + columnLastLogin + " BIGINT NOT NULL DEFAULT '" + System.currentTimeMillis() + "'," + + lastlocX + " DOUBLE NOT NULL DEFAULT '0.0'," + + lastlocY + " DOUBLE NOT NULL DEFAULT '0.0'," + + lastlocZ + " DOUBLE NOT NULL DEFAULT '0.0'," + + lastlocWorld + " VARCHAR(255) NOT NULL DEFAULT '" + Settings.defaultWorld + "'," + + columnEmail + " VARCHAR(255) DEFAULT 'your@email.com'," + + columnLogged + " SMALLINT NOT NULL DEFAULT '0'," + + "CONSTRAINT table_const_prim PRIMARY KEY (" + columnID + ")" + + ");"; + st.executeUpdate(sql); + + ResultSet rs = md.getColumns(null, null, tableName, columnName); if (!rs.next()) { - st.executeUpdate("ALTER TABLE " + tableName + " ADD COLUMN " + columnPassword + " VARCHAR(255) NOT NULL;"); + st.executeUpdate("ALTER TABLE " + tableName + + " ADD COLUMN " + columnName + " VARCHAR(255) NOT NULL UNIQUE AFTER " + columnID + ";"); } rs.close(); - rs = con.getMetaData().getColumns(null, null, tableName, columnIp); + + rs = md.getColumns(null, null, tableName, columnRealName); if (!rs.next()) { - st.executeUpdate("ALTER TABLE " + tableName + " ADD COLUMN " + columnIp + " VARCHAR(40) NOT NULL;"); + st.executeUpdate("ALTER TABLE " + tableName + + " ADD COLUMN " + columnRealName + " VARCHAR(255) NOT NULL AFTER " + columnName + ";"); } rs.close(); - rs = con.getMetaData().getColumns(null, null, tableName, columnLastLogin); + + rs = md.getColumns(null, null, tableName, columnPassword); if (!rs.next()) { - st.executeUpdate("ALTER TABLE " + tableName + " ADD COLUMN " + columnLastLogin + " BIGINT;"); + st.executeUpdate("ALTER TABLE " + tableName + + " ADD COLUMN " + columnPassword + " VARCHAR(255) NOT NULL;"); } rs.close(); - rs = con.getMetaData().getColumns(null, null, tableName, lastlocX); + + rs = md.getColumns(null, null, tableName, columnIp); if (!rs.next()) { - st.executeUpdate("ALTER TABLE " + tableName + " ADD COLUMN " + lastlocX + " DOUBLE NOT NULL DEFAULT '0.0' AFTER " + columnLastLogin + " , ADD " + lastlocY + " DOUBLE NOT NULL DEFAULT '0.0' AFTER " + lastlocX + " , ADD " + lastlocZ + " DOUBLE NOT NULL DEFAULT '0.0' AFTER " + lastlocY + ";"); + st.executeUpdate("ALTER TABLE " + tableName + + " ADD COLUMN " + columnIp + " VARCHAR(40) NOT NULL;"); } rs.close(); - rs = con.getMetaData().getColumns(null, null, tableName, lastlocWorld); + + rs = md.getColumns(null, null, tableName, columnLastLogin); if (!rs.next()) { - st.executeUpdate("ALTER TABLE " + tableName + " ADD COLUMN " + lastlocWorld + " VARCHAR(255) NOT NULL DEFAULT 'world' AFTER " + lastlocZ + ";"); + st.executeUpdate("ALTER TABLE " + tableName + + " ADD COLUMN " + columnLastLogin + " BIGINT;"); } rs.close(); - rs = con.getMetaData().getColumns(null, null, tableName, columnEmail); + + rs = md.getColumns(null, null, tableName, lastlocX); if (!rs.next()) { - st.executeUpdate("ALTER TABLE " + tableName + " ADD COLUMN " + columnEmail + " VARCHAR(255) DEFAULT 'your@email.com' AFTER " + lastlocWorld + ";"); + st.executeUpdate("ALTER TABLE " + tableName + " ADD COLUMN " + + lastlocX + " DOUBLE NOT NULL DEFAULT '0.0' AFTER " + columnLastLogin + " , ADD " + + lastlocY + " DOUBLE NOT NULL DEFAULT '0.0' AFTER " + lastlocX + " , ADD " + + lastlocZ + " DOUBLE NOT NULL DEFAULT '0.0' AFTER " + lastlocY); } rs.close(); - rs = con.getMetaData().getColumns(null, null, tableName, columnLogged); - if (!rs.next()) { - st.executeUpdate("ALTER TABLE " + tableName + " ADD COLUMN " + columnLogged + " SMALLINT NOT NULL DEFAULT '0' AFTER " + columnEmail + ";"); - } - rs.close(); - rs = con.getMetaData().getColumns(null, null, tableName, lastlocX); + + rs = md.getColumns(null, null, tableName, lastlocX); if (rs.next()) { - st.executeUpdate("ALTER TABLE " + tableName + " MODIFY " + lastlocX + " DOUBLE NOT NULL DEFAULT '0.0', MODIFY " + lastlocY + " DOUBLE NOT NULL DEFAULT '0.0', MODIFY " + lastlocZ + " DOUBLE NOT NULL DEFAULT '0.0';"); + st.executeUpdate("ALTER TABLE " + tableName + " MODIFY " + + lastlocX + " DOUBLE NOT NULL DEFAULT '0.0', MODIFY " + + lastlocY + " DOUBLE NOT NULL DEFAULT '0.0', MODIFY " + + lastlocZ + " DOUBLE NOT NULL DEFAULT '0.0';"); } rs.close(); - rs = con.getMetaData().getColumns(null, null, tableName, columnRealName); + + rs = md.getColumns(null, null, tableName, lastlocWorld); if (!rs.next()) { - st.executeUpdate("ALTER TABLE " + tableName + " ADD COLUMN " + columnRealName + " VARCHAR(255) NOT NULL DEFAULT 'Player' AFTER " + columnLogged + ";"); + st.executeUpdate("ALTER TABLE " + tableName + " ADD COLUMN " + + lastlocWorld + " VARCHAR(255) NOT NULL DEFAULT 'world' AFTER " + lastlocZ); } - if (Settings.isMySQLWebsite) - st.execute("SET GLOBAL query_cache_size = 0; SET GLOBAL query_cache_type = 0;"); - } finally { - close(rs); - close(st); - close(con); + rs.close(); + + rs = md.getColumns(null, null, tableName, columnEmail); + if (!rs.next()) { + st.executeUpdate("ALTER TABLE " + tableName + " ADD COLUMN " + + columnEmail + " VARCHAR(255) DEFAULT 'your@email.com' AFTER " + lastlocWorld); + } + rs.close(); + + rs = md.getColumns(null, null, tableName, columnLogged); + if (!rs.next()) { + st.executeUpdate("ALTER TABLE " + tableName + " ADD COLUMN " + + columnLogged + " SMALLINT NOT NULL DEFAULT '0' AFTER " + columnEmail); + } + rs.close(); + + st.close(); } ConsoleLogger.info("MySQL Setup finished"); } @@ -223,24 +253,16 @@ public class MySQL implements DataSource { */ @Override public synchronized boolean isAuthAvailable(String user) { - Connection con = null; - PreparedStatement pst = null; - ResultSet rs = null; - try { - if ((con = getConnection()) == null) - return true; - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE LOWER(" + columnName + ")=LOWER(?);"); - pst.setString(1, user); - rs = pst.executeQuery(); + try (Connection con = getConnection()) { + String sql = "SELECT " + columnName + " FROM " + tableName + " WHERE " + columnName + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); + pst.setString(1, user.toLowerCase()); + ResultSet rs = pst.executeQuery(); return rs.next(); } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return false; - } finally { - close(rs); - close(pst); - close(con); } + return false; } /** @@ -252,53 +274,47 @@ public class MySQL implements DataSource { */ @Override public synchronized PlayerAuth getAuth(String user) { - Connection con = null; - PreparedStatement pst = null; - ResultSet rs = null; - PlayerAuth pAuth = null; - int id; - try { - if ((con = getConnection()) == null) + PlayerAuth pAuth; + try (Connection con = getConnection()) { + String sql = "SELECT * FROM " + tableName + " WHERE " + columnName + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); + pst.setString(1, user.toLowerCase()); + ResultSet rs = pst.executeQuery(); + if (!rs.next()) { return null; - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE LOWER(" + columnName + ")=LOWER(?);"); - pst.setString(1, user); - rs = pst.executeQuery(); - if (rs.next()) { - id = rs.getInt(columnID); - if (rs.getString(columnIp).isEmpty() && rs.getString(columnIp) != null) { - pAuth = new PlayerAuth(rs.getString(columnName).toLowerCase(), rs.getString(columnPassword), "192.168.0.1", rs.getLong(columnLastLogin), rs.getDouble(lastlocX), rs.getDouble(lastlocY), rs.getDouble(lastlocZ), rs.getString(lastlocWorld), rs.getString(columnEmail), rs.getString(columnRealName)); - } else { - if (!columnSalt.isEmpty()) { - if (!columnGroup.isEmpty()) - pAuth = new PlayerAuth(rs.getString(columnName).toLowerCase(), rs.getString(columnPassword), rs.getString(columnSalt), rs.getInt(columnGroup), rs.getString(columnIp), rs.getLong(columnLastLogin), rs.getDouble(lastlocX), rs.getDouble(lastlocY), rs.getDouble(lastlocZ), rs.getString(lastlocWorld), rs.getString(columnEmail), rs.getString(columnRealName)); - else - pAuth = new PlayerAuth(rs.getString(columnName).toLowerCase(), rs.getString(columnPassword), rs.getString(columnSalt), rs.getString(columnIp), rs.getLong(columnLastLogin), rs.getDouble(lastlocX), rs.getDouble(lastlocY), rs.getDouble(lastlocZ), rs.getString(lastlocWorld), rs.getString(columnEmail), rs.getString(columnRealName)); - } else { - pAuth = new PlayerAuth(rs.getString(columnName).toLowerCase(), rs.getString(columnPassword), rs.getString(columnIp), rs.getLong(columnLastLogin), rs.getDouble(lastlocX), rs.getDouble(lastlocY), rs.getDouble(lastlocZ), rs.getString(lastlocWorld), rs.getString(columnEmail), rs.getString(columnRealName)); - } + } + String salt = !columnSalt.isEmpty() ? rs.getString(columnSalt) : ""; + int group = !salt.isEmpty() && !columnGroup.isEmpty() ? rs.getInt(columnGroup) : -1; + int id = rs.getInt(columnID); + pAuth = PlayerAuth.builder() + .name(rs.getString(columnName)) + .realName(rs.getString(columnRealName)) + .hash(rs.getString(columnPassword)) + .lastLogin(rs.getLong(columnLastLogin)) + .ip(rs.getString(columnIp)) + .locWorld(rs.getString(lastlocWorld)) + .locX(rs.getDouble(lastlocX)) + .locY(rs.getDouble(lastlocY)) + .locZ(rs.getDouble(lastlocZ)) + .email(rs.getString(columnEmail)) + .salt(salt) + .groupId(group) + .build(); + rs.close(); + pst.close(); + if (Settings.getPasswordHash == HashAlgorithm.XENFORO) { + pst = con.prepareStatement("SELECT data FROM xf_user_authenticate WHERE " + columnID + "=?;"); + pst.setInt(1, id); + rs = pst.executeQuery(); + if (rs.next()) { + Blob blob = rs.getBlob("data"); + byte[] bytes = blob.getBytes(1, (int) blob.length()); + pAuth.setHash(new String(bytes)); } - if (Settings.getPasswordHash == HashAlgorithm.XENFORO) { - rs.close(); - pst.close(); - pst = con.prepareStatement("SELECT * FROM xf_user_authenticate WHERE " + columnID + "=?;"); - pst.setInt(1, id); - rs = pst.executeQuery(); - if (rs.next()) { - Blob blob = rs.getBlob("data"); - byte[] bytes = blob.getBytes(1, (int) blob.length()); - pAuth.setHash(new String(bytes)); - } - } - } else { - return null; } } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); return null; - } finally { - close(rs); - close(pst); - close(con); } return pAuth; } @@ -308,36 +324,36 @@ public class MySQL implements DataSource { * * @param auth PlayerAuth * - * @return boolean * @see fr.xephi.authme.datasource.DataSource#saveAuth(PlayerAuth) + * @return boolean + * + * @see fr.xephi.authme.datasource.DataSource#saveAuth(PlayerAuth) */ @Override public synchronized boolean saveAuth(PlayerAuth auth) { - Connection con = null; - PreparedStatement pst = null; - ResultSet rs = null; - try { - if ((con = getConnection()) == null) - return false; - if ((columnSalt == null || columnSalt.isEmpty()) || (auth.getSalt() == null || auth.getSalt().isEmpty())) { - pst = con.prepareStatement("INSERT INTO " + tableName + "(" + columnName + "," + columnPassword + "," + columnIp + "," + columnLastLogin + "," + columnRealName + ") VALUES (?,?,?,?,?);"); - pst.setString(1, auth.getNickname()); - pst.setString(2, auth.getHash()); - pst.setString(3, auth.getIp()); - pst.setLong(4, auth.getLastLogin()); - pst.setString(5, auth.getRealName()); - pst.executeUpdate(); - pst.close(); - } else { - pst = con.prepareStatement("INSERT INTO " + tableName + "(" + columnName + "," + columnPassword + "," + columnIp + "," + columnLastLogin + "," + columnSalt + "," + columnRealName + ") VALUES (?,?,?,?,?,?);"); - pst.setString(1, auth.getNickname()); - pst.setString(2, auth.getHash()); - pst.setString(3, auth.getIp()); - pst.setLong(4, auth.getLastLogin()); - pst.setString(5, auth.getSalt()); - pst.setString(6, auth.getRealName()); - pst.executeUpdate(); - pst.close(); + try (Connection con = getConnection()) { + PreparedStatement pst; + PreparedStatement pst2; + ResultSet rs; + String sql; + + boolean useSalt = !columnSalt.isEmpty() || !auth.getSalt().isEmpty(); + sql = "INSERT INTO " + tableName + "(" + + columnName + "," + columnPassword + "," + columnIp + "," + + columnLastLogin + "," + columnRealName + + (useSalt ? "," + columnSalt : "") + + ") VALUES (?,?,?,?,?" + (useSalt ? ",?" : "") + ");"; + pst = con.prepareStatement(sql); + pst.setString(1, auth.getNickname()); + pst.setString(2, auth.getHash()); + pst.setString(3, auth.getIp()); + pst.setLong(4, auth.getLastLogin()); + pst.setString(5, auth.getRealName()); + if (useSalt) { + pst.setString(6, auth.getSalt()); } + pst.executeUpdate(); + pst.close(); + if (!columnOthers.isEmpty()) { for (String column : columnOthers) { pst = con.prepareStatement("UPDATE " + tableName + " SET " + column + "=? WHERE " + columnName + "=?;"); @@ -347,174 +363,168 @@ public class MySQL implements DataSource { pst.close(); } } + if (Settings.getPasswordHash == HashAlgorithm.PHPBB) { - PreparedStatement pst2 = con.prepareStatement("SELECT * FROM " + tableName + " WHERE " + columnName + "=?;"); - pst2.setString(1, auth.getNickname()); - rs = pst2.executeQuery(); - if (rs.next()) { - int id = rs.getInt(columnID); - // Insert player in phpbb_user_group - pst = con.prepareStatement("INSERT INTO " + Settings.getPhpbbPrefix + "user_group (group_id, user_id, group_leader, user_pending) VALUES (?,?,?,?);"); - pst.setInt(1, Settings.getPhpbbGroup); - pst.setInt(2, id); - pst.setInt(3, 0); - pst.setInt(4, 0); - pst.executeUpdate(); - pst.close(); - // Update username_clean in phpbb_users - pst = con.prepareStatement("UPDATE " + tableName + " SET " + tableName + ".username_clean=? WHERE " + columnName + "=?;"); - pst.setString(1, auth.getNickname().toLowerCase()); - pst.setString(2, auth.getNickname()); - pst.executeUpdate(); - pst.close(); - // Update player group in phpbb_users - pst = con.prepareStatement("UPDATE " + tableName + " SET " + tableName + ".group_id=? WHERE " + columnName + "=?;"); - pst.setInt(1, Settings.getPhpbbGroup); - pst.setString(2, auth.getNickname()); - pst.executeUpdate(); - pst.close(); - // Get current time without ms - long time = System.currentTimeMillis() / 1000; - // Update user_regdate - pst = con.prepareStatement("UPDATE " + tableName + " SET " + tableName + ".user_regdate=? WHERE " + columnName + "=?;"); - pst.setLong(1, time); - pst.setString(2, auth.getNickname()); - pst.executeUpdate(); - pst.close(); - // Update user_lastvisit - pst = con.prepareStatement("UPDATE " + tableName + " SET " + tableName + ".user_lastvisit=? WHERE " + columnName + "=?;"); - pst.setLong(1, time); - pst.setString(2, auth.getNickname()); - pst.executeUpdate(); - pst.close(); - // Increment num_users - pst = con.prepareStatement("UPDATE " + Settings.getPhpbbPrefix + "config SET config_value = config_value + 1 WHERE config_name = 'num_users';"); - pst.executeUpdate(); - pst.close(); - } - rs.close(); - pst2.close(); - } - if (Settings.getPasswordHash == HashAlgorithm.WORDPRESS) { - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE " + columnName + "=?;"); + sql = "SELECT " + columnID + " FROM " + tableName + " WHERE " + columnName + "=?;"; + pst = con.prepareStatement(sql); pst.setString(1, auth.getNickname()); rs = pst.executeQuery(); if (rs.next()) { int id = rs.getInt(columnID); - // First Name - pst = con.prepareStatement("INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "first_name"); - pst.setString(3, ""); - pst.executeUpdate(); - pst.close(); - // Last Name - pst = con.prepareStatement("INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "last_name"); - pst.setString(3, ""); - pst.executeUpdate(); - pst.close(); - // Nick Name - pst = con.prepareStatement("INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "nickname"); - pst.setString(3, auth.getNickname()); - pst.executeUpdate(); - pst.close(); - // Description - pst = con.prepareStatement("INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "description"); - pst.setString(3, ""); - pst.executeUpdate(); - pst.close(); - // Rich_Editing - pst = con.prepareStatement("INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "rich_editing"); - pst.setString(3, "true"); - pst.executeUpdate(); - pst.close(); - // Comments_Shortcuts - pst = con.prepareStatement("INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "comment_shortcuts"); - pst.setString(3, "false"); - pst.executeUpdate(); - pst.close(); - // admin_color - pst = con.prepareStatement("INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "admin_color"); - pst.setString(3, "fresh"); - pst.executeUpdate(); - pst.close(); - // use_ssl - pst = con.prepareStatement("INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "use_ssl"); - pst.setString(3, "0"); - pst.executeUpdate(); - pst.close(); - // show_admin_bar_front - pst = con.prepareStatement("INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "show_admin_bar_front"); - pst.setString(3, "true"); - pst.executeUpdate(); - pst.close(); - // wp_capabilities - pst = con.prepareStatement("INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "wp_capabilities"); - pst.setString(3, "a:1:{s:10:\"subscriber\";b:1;}"); - pst.executeUpdate(); - pst.close(); - // wp_user_level - pst = con.prepareStatement("INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "wp_user_level"); - pst.setString(3, "0"); - pst.executeUpdate(); - pst.close(); - // default_password_nag - pst = con.prepareStatement("INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "default_password_nag"); - pst.setString(3, ""); - pst.executeUpdate(); - pst.close(); + // Insert player in phpbb_user_group + sql = "INSERT INTO " + Settings.getPhpbbPrefix + + "user_group (group_id, user_id, group_leader, user_pending) VALUES (?,?,?,?);"; + pst2 = con.prepareStatement(sql); + pst2.setInt(1, Settings.getPhpbbGroup); + pst2.setInt(2, id); + pst2.setInt(3, 0); + pst2.setInt(4, 0); + pst2.executeUpdate(); + pst2.close(); + // Update username_clean in phpbb_users + sql = "UPDATE " + tableName + " SET " + tableName + + ".username_clean=? WHERE " + columnName + "=?;"; + pst2 = con.prepareStatement(sql); + pst2.setString(1, auth.getNickname()); + pst2.setString(2, auth.getNickname()); + pst2.executeUpdate(); + pst2.close(); + // Update player group in phpbb_users + sql = "UPDATE " + tableName + " SET " + tableName + + ".group_id=? WHERE " + columnName + "=?;"; + pst2 = con.prepareStatement(sql); + pst2.setInt(1, Settings.getPhpbbGroup); + pst2.setString(2, auth.getNickname()); + pst2.executeUpdate(); + pst2.close(); + // Get current time without ms + long time = System.currentTimeMillis() / 1000; + // Update user_regdate + sql = "UPDATE " + tableName + " SET " + tableName + + ".user_regdate=? WHERE " + columnName + "=?;"; + pst2 = con.prepareStatement(sql); + pst2.setLong(1, time); + pst2.setString(2, auth.getNickname()); + pst2.executeUpdate(); + pst2.close(); + // Update user_lastvisit + sql = "UPDATE " + tableName + " SET " + tableName + + ".user_lastvisit=? WHERE " + columnName + "=?;"; + pst2 = con.prepareStatement(sql); + pst2.setLong(1, time); + pst2.setString(2, auth.getNickname()); + pst2.executeUpdate(); + pst2.close(); + // Increment num_users + sql = "UPDATE " + Settings.getPhpbbPrefix + + "config SET config_value = config_value + 1 WHERE config_name = 'num_users';"; + pst2 = con.prepareStatement(sql); + pst2.executeUpdate(); + pst2.close(); } rs.close(); - } - if (Settings.getPasswordHash == HashAlgorithm.XENFORO) { - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE " + columnName + "=?;"); + pst.close(); + } else if (Settings.getPasswordHash == HashAlgorithm.WORDPRESS) { + pst = con.prepareStatement("SELECT " + columnID + " FROM " + tableName + " WHERE " + columnName + "=?;"); + pst.setString(1, auth.getNickname()); + rs = pst.executeQuery(); + if (rs.next()) { + int id = rs.getInt(columnID); + sql = "INSERT INTO " + Settings.getWordPressPrefix + "usermeta (user_id, meta_key, meta_value) VALUES (?,?,?);"; + pst2 = con.prepareStatement(sql); + // First Name + pst2.setInt(1, id); + pst2.setString(2, "first_name"); + pst2.setString(3, ""); + pst2.addBatch(); + // Last Name + pst2.setInt(1, id); + pst2.setString(2, "last_name"); + pst2.setString(3, ""); + pst2.addBatch(); + // Nick Name + pst2.setInt(1, id); + pst2.setString(2, "nickname"); + pst2.setString(3, auth.getNickname()); + pst2.addBatch(); + // Description + pst2.setInt(1, id); + pst2.setString(2, "description"); + pst2.setString(3, ""); + pst2.addBatch(); + // Rich_Editing + pst2.setInt(1, id); + pst2.setString(2, "rich_editing"); + pst2.setString(3, "true"); + pst2.addBatch(); + // Comments_Shortcuts + pst2.setInt(1, id); + pst2.setString(2, "comment_shortcuts"); + pst2.setString(3, "false"); + pst2.addBatch(); + // admin_color + pst2.setInt(1, id); + pst2.setString(2, "admin_color"); + pst2.setString(3, "fresh"); + pst2.addBatch(); + // use_ssl + pst2.setInt(1, id); + pst2.setString(2, "use_ssl"); + pst2.setString(3, "0"); + pst2.addBatch(); + // show_admin_bar_front + pst2.setInt(1, id); + pst2.setString(2, "show_admin_bar_front"); + pst2.setString(3, "true"); + pst2.addBatch(); + // wp_capabilities + pst2.setInt(1, id); + pst2.setString(2, "wp_capabilities"); + pst2.setString(3, "a:1:{s:10:\"subscriber\";b:1;}"); + pst2.addBatch(); + // wp_user_level + pst2.setInt(1, id); + pst2.setString(2, "wp_user_level"); + pst2.setString(3, "0"); + pst2.addBatch(); + // default_password_nag + pst2.setInt(1, id); + pst2.setString(2, "default_password_nag"); + pst2.setString(3, ""); + pst2.addBatch(); + + // Execute queries + pst2.executeBatch(); + pst2.clearBatch(); + pst2.close(); + } + rs.close(); + pst.close(); + } else if (Settings.getPasswordHash == HashAlgorithm.XENFORO) { + pst = con.prepareStatement("SELECT " + columnID + " FROM " + tableName + " WHERE " + columnName + "=?;"); pst.setString(1, auth.getNickname()); rs = pst.executeQuery(); if (rs.next()) { int id = rs.getInt(columnID); // Insert password in the correct table - pst = con.prepareStatement("INSERT INTO xf_user_authenticate (user_id, scheme_class, data) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "XenForo_Authentication_Core12"); + pst2 = con.prepareStatement("INSERT INTO xf_user_authenticate (user_id, scheme_class, data) VALUES (?,?,?);"); + pst2.setInt(1, id); + pst2.setString(2, "XenForo_Authentication_Core12"); byte[] bytes = auth.getHash().getBytes(); Blob blob = con.createBlob(); blob.setBytes(1, bytes); - pst.setBlob(3, blob); - pst.executeUpdate(); + pst2.setBlob(3, blob); + pst2.executeUpdate(); + pst2.close(); } rs.close(); + pst.close(); } + return true; } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return false; - } finally { - close(rs); - close(pst); - close(con); } - return true; + return false; } /** @@ -522,51 +532,52 @@ public class MySQL implements DataSource { * * @param auth PlayerAuth * - * @return boolean * @see fr.xephi.authme.datasource.DataSource#updatePassword(PlayerAuth) + * @return boolean + * + * @see fr.xephi.authme.datasource.DataSource#updatePassword(PlayerAuth) */ @Override public synchronized boolean updatePassword(PlayerAuth auth) { - Connection con = null; - PreparedStatement pst = null; - ResultSet rs = null; - try { - if ((con = getConnection()) == null) - return false; - pst = con.prepareStatement("UPDATE " + tableName + " SET " + columnPassword + "=? WHERE LOWER(" + columnName + ")=?;"); + try (Connection con = getConnection()) { + String sql = "UPDATE " + tableName + " SET " + columnPassword + "=? WHERE " + columnName + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setString(1, auth.getHash()); pst.setString(2, auth.getNickname()); pst.executeUpdate(); pst.close(); if (Settings.getPasswordHash == HashAlgorithm.XENFORO) { - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE LOWER(" + columnName + ")=?;"); + sql = "SELECT " + columnID + " FROM " + tableName + " WHERE " + columnName + "=?;"; + pst = con.prepareStatement(sql); pst.setString(1, auth.getNickname()); - rs = pst.executeQuery(); + ResultSet rs = pst.executeQuery(); if (rs.next()) { int id = rs.getInt(columnID); // Insert password in the correct table - pst = con.prepareStatement("UPDATE xf_user_authenticate SET data=? WHERE " + columnID + "=?;"); + sql = "UPDATE xf_user_authenticate SET data=? WHERE " + columnID + "=?;"; + PreparedStatement pst2 = con.prepareStatement(sql); byte[] bytes = auth.getHash().getBytes(); Blob blob = con.createBlob(); blob.setBytes(1, bytes); - pst.setBlob(1, blob); - pst.setInt(2, id); - pst.executeUpdate(); - pst = con.prepareStatement("UPDATE xf_user_authenticate SET scheme_class=? WHERE " + columnID + "=?;"); - pst.setString(1, "XenForo_Authentication_Core12"); - pst.setInt(2, id); - pst.executeUpdate(); + pst2.setBlob(1, blob); + pst2.setInt(2, id); + pst2.executeUpdate(); + pst2.close(); + // ... + sql = "UPDATE xf_user_authenticate SET scheme_class=? WHERE " + columnID + "=?;"; + pst2 = con.prepareStatement(sql); + pst2.setString(1, "XenForo_Authentication_Core12"); + pst2.setInt(2, id); + pst2.executeUpdate(); + pst2.close(); } rs.close(); + pst.close(); } + return true; } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return false; - } finally { - close(rs); - close(pst); - close(con); } - return true; + return false; } /** @@ -574,29 +585,27 @@ public class MySQL implements DataSource { * * @param auth PlayerAuth * - * @return boolean * @see fr.xephi.authme.datasource.DataSource#updateSession(PlayerAuth) + * @return boolean + * + * @see fr.xephi.authme.datasource.DataSource#updateSession(PlayerAuth) */ @Override public synchronized boolean updateSession(PlayerAuth auth) { - Connection con = null; - PreparedStatement pst = null; - try { - if ((con = getConnection()) == null) - return false; - pst = con.prepareStatement("UPDATE " + tableName + " SET " + columnIp + "=?, " + columnLastLogin + "=?, " + columnRealName + "=? WHERE LOWER(" + columnName + ")=?;"); + try (Connection con = getConnection()) { + String sql = "UPDATE " + tableName + " SET " + + columnIp + "=?, " + columnLastLogin + "=?, " + columnRealName + "=? WHERE " + columnName + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setString(1, auth.getIp()); pst.setLong(2, auth.getLastLogin()); pst.setString(3, auth.getRealName()); pst.setString(4, auth.getNickname()); pst.executeUpdate(); + pst.close(); + return true; } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return false; - } finally { - close(pst); - close(con); } - return true; + return false; } /** @@ -604,25 +613,22 @@ public class MySQL implements DataSource { * * @param until long * - * @return int * @see fr.xephi.authme.datasource.DataSource#purgeDatabase(long) + * @return int + * + * @see fr.xephi.authme.datasource.DataSource#purgeDatabase(long) */ @Override public synchronized int purgeDatabase(long until) { - Connection con = null; - PreparedStatement pst = null; - try { - if ((con = getConnection()) == null) - return 0; - pst = con.prepareStatement("DELETE FROM " + tableName + " WHERE " + columnLastLogin + " * @see fr.xephi.authme.datasource.DataSource#autoPurgeDatabase(long) + * @return List + * + * @see fr.xephi.authme.datasource.DataSource#autoPurgeDatabase(long) */ @Override public synchronized List autoPurgeDatabase(long until) { - Connection con = null; - PreparedStatement pst = null; - ResultSet rs = null; List list = new ArrayList<>(); - try { - if ((con = getConnection()) == null) - return list; - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE " + columnLastLogin + "(); - } finally { - close(rs); - close(pst); - close(con); } + return list; } /** @@ -667,43 +664,39 @@ public class MySQL implements DataSource { * * @param user String * - * @return boolean * @see fr.xephi.authme.datasource.DataSource#removeAuth(String) + * @return boolean + * + * @see fr.xephi.authme.datasource.DataSource#removeAuth(String) */ @Override public synchronized boolean removeAuth(String user) { - Connection con = null; - PreparedStatement pst = null; - try { - if ((con = getConnection()) == null) - return false; + user = user.toLowerCase(); + try (Connection con = getConnection()) { + String sql; + PreparedStatement pst; if (Settings.getPasswordHash == HashAlgorithm.XENFORO) { - int id; - ResultSet rs; - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE LOWER(" + columnName + ")=?;"); + sql = "SELECT " + columnID + " FROM " + tableName + " WHERE " + columnName + "=?;"; + pst = con.prepareStatement(sql); pst.setString(1, user); - rs = pst.executeQuery(); + ResultSet rs = pst.executeQuery(); if (rs.next()) { - id = rs.getInt(columnID); - // Remove data - PreparedStatement pst2 = con.prepareStatement("DELETE FROM xf_user_authenticate WHERE " + columnID + "=?;"); - pst2.setInt(1, id); - pst2.executeUpdate(); - pst2.close(); + int id = rs.getInt(columnID); + sql = "DELETE FROM xf_user_authenticate WHERE " + columnID + "=" + id; + Statement st = con.createStatement(); + st.executeUpdate(sql); + st.close(); } - } - if (pst != null && !pst.isClosed()) + rs.close(); pst.close(); - pst = con.prepareStatement("DELETE FROM " + tableName + " WHERE LOWER(" + columnName + ")=?;"); + } + pst = con.prepareStatement("DELETE FROM " + tableName + " WHERE " + columnName + "=?;"); pst.setString(1, user); pst.executeUpdate(); + return true; } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return false; - } finally { - close(pst); - close(con); } - return true; + return false; } /** @@ -711,30 +704,29 @@ public class MySQL implements DataSource { * * @param auth PlayerAuth * - * @return boolean * @see fr.xephi.authme.datasource.DataSource#updateQuitLoc(PlayerAuth) + * @return boolean + * + * @see fr.xephi.authme.datasource.DataSource#updateQuitLoc(PlayerAuth) */ @Override public synchronized boolean updateQuitLoc(PlayerAuth auth) { - Connection con = null; - PreparedStatement pst = null; - try { - if ((con = getConnection()) == null) - return false; - pst = con.prepareStatement("UPDATE " + tableName + " SET " + lastlocX + " =?, " + lastlocY + "=?, " + lastlocZ + "=?, " + lastlocWorld + "=? WHERE LOWER(" + columnName + ")=?;"); + try (Connection con = getConnection()) { + String sql = "UPDATE " + tableName + + " SET " + lastlocX + " =?, " + lastlocY + "=?, " + lastlocZ + "=?, " + lastlocWorld + "=?" + + " WHERE " + columnName + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setDouble(1, auth.getQuitLocX()); pst.setDouble(2, auth.getQuitLocY()); pst.setDouble(3, auth.getQuitLocZ()); pst.setString(4, auth.getWorld()); pst.setString(5, auth.getNickname()); pst.executeUpdate(); + pst.close(); + return true; } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return false; - } finally { - close(pst); - close(con); } - return true; + return false; } /** @@ -742,32 +734,27 @@ public class MySQL implements DataSource { * * @param ip String * - * @return int * @see fr.xephi.authme.datasource.DataSource#getIps(String) + * @return int + * + * @see fr.xephi.authme.datasource.DataSource#getIps(String) */ @Override public synchronized int getIps(String ip) { - Connection con = null; - PreparedStatement pst = null; - ResultSet rs = null; int countIp = 0; - try { - if ((con = getConnection()) == null) - return 0; - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE " + columnIp + "=?;"); + try (Connection con = getConnection()) { + String sql = "SELECT COUNT(*) FROM " + tableName + " WHERE " + columnIp + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setString(1, ip); - rs = pst.executeQuery(); + ResultSet rs = pst.executeQuery(); while (rs.next()) { - countIp++; + countIp = rs.getInt(1); } - return countIp; + rs.close(); + pst.close(); } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return 0; - } finally { - close(rs); - close(pst); - close(con); } + return countIp; } /** @@ -775,28 +762,25 @@ public class MySQL implements DataSource { * * @param auth PlayerAuth * - * @return boolean * @see fr.xephi.authme.datasource.DataSource#updateEmail(PlayerAuth) + * @return boolean + * + * @see fr.xephi.authme.datasource.DataSource#updateEmail(PlayerAuth) */ @Override public synchronized boolean updateEmail(PlayerAuth auth) { - Connection con = null; - PreparedStatement pst = null; - try { - if ((con = getConnection()) == null) - return false; - pst = con.prepareStatement("UPDATE " + tableName + " SET " + columnEmail + " =? WHERE LOWER(" + columnName + ")=?;"); + try (Connection con = getConnection()) { + String sql = "UPDATE " + tableName + " SET " + columnEmail + " =? WHERE " + columnName + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setString(1, auth.getEmail()); pst.setString(2, auth.getNickname()); pst.executeUpdate(); + pst.close(); + return true; } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); ConsoleLogger.writeStackTrace(ex); - return false; - } finally { - close(pst); - close(con); } - return true; + return false; } /** @@ -804,30 +788,27 @@ public class MySQL implements DataSource { * * @param auth PlayerAuth * - * @return boolean * @see fr.xephi.authme.datasource.DataSource#updateSalt(PlayerAuth) + * @return boolean + * + * @see fr.xephi.authme.datasource.DataSource#updateSalt(PlayerAuth) */ @Override public synchronized boolean updateSalt(PlayerAuth auth) { if (columnSalt.isEmpty()) { return false; } - Connection con = null; - PreparedStatement pst = null; - try { - if ((con = getConnection()) == null) - return false; - pst = con.prepareStatement("UPDATE " + tableName + " SET " + columnSalt + " =? WHERE LOWER(" + columnName + ")=?;"); + try (Connection con = getConnection()) { + String sql = "UPDATE " + tableName + " SET " + columnSalt + " =? WHERE " + columnName + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setString(1, auth.getSalt()); pst.setString(2, auth.getNickname()); pst.executeUpdate(); + pst.close(); + return true; } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return false; - } finally { - close(pst); - close(con); } - return true; + return false; } /** @@ -841,12 +822,8 @@ public class MySQL implements DataSource { reloadArguments(); } catch (Exception e) { ConsoleLogger.showError(e.getMessage()); - ConsoleLogger.showError("Can't reconnect to MySQL database... Please check your MySQL informations ! SHUTDOWN..."); - if (Settings.isStopEnabled) { - AuthMe.getInstance().getServer().shutdown(); - } - if (!Settings.isStopEnabled) - AuthMe.getInstance().getServer().getPluginManager().disablePlugin(AuthMe.getInstance()); + ConsoleLogger.showError("Can't reconnect to MySQL database... Please check your MySQL configuration!"); + AuthMe.getInstance().stopOrUnload(); } } @@ -857,23 +834,8 @@ public class MySQL implements DataSource { */ @Override public synchronized void close() { - if (ds != null && !ds.isClosed()) + if (ds != null && !ds.isClosed()) { ds.close(); - } - - /** - * Method close. - * - * @param o AutoCloseable - */ - private void close(AutoCloseable o) { - if (o != null) { - try { - o.close(); - } catch (Exception ex) { - ConsoleLogger.showError(ex.getMessage()); - ConsoleLogger.writeStackTrace(ex); - } } } @@ -882,32 +844,27 @@ public class MySQL implements DataSource { * * @param auth PlayerAuth * - * @return List * @see fr.xephi.authme.datasource.DataSource#getAllAuthsByName(PlayerAuth) + * @return List + * + * @see fr.xephi.authme.datasource.DataSource#getAllAuthsByName(PlayerAuth) */ @Override public synchronized List getAllAuthsByName(PlayerAuth auth) { - Connection con = null; - PreparedStatement pst = null; - ResultSet rs = null; - List countIp = new ArrayList<>(); - try { - if ((con = getConnection()) == null) - return countIp; - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE " + columnIp + "=?;"); + List result = new ArrayList<>(); + try (Connection con = getConnection()) { + String sql = "SELECT " + columnName + " FROM " + tableName + " WHERE " + columnIp + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setString(1, auth.getIp()); - rs = pst.executeQuery(); + ResultSet rs = pst.executeQuery(); while (rs.next()) { - countIp.add(rs.getString(columnName)); + result.add(rs.getString(columnName)); } - return countIp; + rs.close(); + pst.close(); } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return new ArrayList<>(); - } finally { - close(rs); - close(pst); - close(con); } + return result; } /** @@ -915,32 +872,27 @@ public class MySQL implements DataSource { * * @param ip String * - * @return List * @see fr.xephi.authme.datasource.DataSource#getAllAuthsByIp(String) + * @return List + * + * @see fr.xephi.authme.datasource.DataSource#getAllAuthsByIp(String) */ @Override public synchronized List getAllAuthsByIp(String ip) { - Connection con = null; - PreparedStatement pst = null; - ResultSet rs = null; - List countIp = new ArrayList<>(); - try { - if ((con = getConnection()) == null) - return countIp; - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE " + columnIp + "=?;"); + List result = new ArrayList<>(); + try (Connection con = getConnection()) { + String sql = "SELECT " + columnName + " FROM " + tableName + " WHERE " + columnIp + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setString(1, ip); - rs = pst.executeQuery(); + ResultSet rs = pst.executeQuery(); while (rs.next()) { - countIp.add(rs.getString(columnName)); + result.add(rs.getString(columnName)); } - return countIp; + rs.close(); + pst.close(); } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return new ArrayList<>(); - } finally { - close(rs); - close(pst); - close(con); } + return result; } /** @@ -948,27 +900,25 @@ public class MySQL implements DataSource { * * @param email String * - * @return List * @throws SQLException * @see fr.xephi.authme.datasource.DataSource#getAllAuthsByEmail(String) + * @return List + * + * @throws SQLException + * @see fr.xephi.authme.datasource.DataSource#getAllAuthsByEmail(String) */ @Override public synchronized List getAllAuthsByEmail(String email) throws SQLException { - final Connection con = getConnection(); - PreparedStatement pst = null; - ResultSet rs = null; List countEmail = new ArrayList<>(); - - try { - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE " + columnEmail + "=?;"); + try (Connection con = getConnection()) { + String sql = "SELECT " + columnName + " FROM " + tableName + " WHERE " + columnEmail + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setString(1, email); - rs = pst.executeQuery(); + ResultSet rs = pst.executeQuery(); while (rs.next()) { countEmail.add(rs.getString(columnName)); } + rs.close(); + pst.close(); return countEmail; - } finally { - close(rs); - close(pst); - close(con); } } @@ -977,25 +927,19 @@ public class MySQL implements DataSource { * * @param banned List * - * @see fr.xephi.authme.datasource.DataSource#purgeBanned(List) + * @see fr.xephi.authme.datasource.DataSource#purgeBanned(List) */ @Override public synchronized void purgeBanned(List banned) { - Connection con = null; - PreparedStatement pst = null; - try { - if ((con = getConnection()) == null) - return; + try (Connection con = getConnection()) { + PreparedStatement pst = con.prepareStatement("DELETE FROM " + tableName + " WHERE " + columnName + "=?;"); for (String name : banned) { - pst = con.prepareStatement("DELETE FROM " + tableName + " WHERE LOWER(" + columnName + ")=?;"); pst.setString(1, name); pst.executeUpdate(); } + pst.close(); } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - } finally { - close(pst); - close(con); } } @@ -1018,26 +962,17 @@ public class MySQL implements DataSource { */ @Override public boolean isLogged(String user) { - Connection con = null; - PreparedStatement pst = null; - ResultSet rs = null; - try { - if ((con = getConnection()) == null) - return false; - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE LOWER(" + columnName + ")=?;"); + boolean isLogged = false; + try (Connection con = getConnection()) { + String sql = "SELECT " + columnLogged + " FROM " + tableName + " WHERE " + columnName + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setString(1, user); - rs = pst.executeQuery(); - if (rs.next()) - return (rs.getInt(columnLogged) == 1); + ResultSet rs = pst.executeQuery(); + isLogged = rs.next() && (rs.getInt(columnLogged) == 1); } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return false; - } finally { - close(rs); - close(pst); - close(con); } - return false; + return isLogged; } /** @@ -1049,20 +984,15 @@ public class MySQL implements DataSource { */ @Override public void setLogged(String user) { - Connection con = null; - PreparedStatement pst = null; - try { - if ((con = getConnection()) == null) - return; - pst = con.prepareStatement("UPDATE " + tableName + " SET " + columnLogged + "=? WHERE LOWER(" + columnName + ")=?;"); + try (Connection con = getConnection()) { + String sql = "UPDATE " + tableName + " SET " + columnLogged + "=? WHERE " + columnName + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setInt(1, 1); - pst.setString(2, user); + pst.setString(2, user.toLowerCase()); pst.executeUpdate(); + pst.close(); } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - } finally { - close(pst); - close(con); } } @@ -1075,22 +1005,16 @@ public class MySQL implements DataSource { */ @Override public void setUnlogged(String user) { - Connection con = null; - PreparedStatement pst = null; - if (user != null) - try { - if ((con = getConnection()) == null) - return; - pst = con.prepareStatement("UPDATE " + tableName + " SET " + columnLogged + "=? WHERE LOWER(" + columnName + ")=?;"); - pst.setInt(1, 0); - pst.setString(2, user); - pst.executeUpdate(); - } catch (Exception ex) { - ConsoleLogger.showError(ex.getMessage()); - } finally { - close(pst); - close(con); - } + try (Connection con = getConnection()) { + String sql = "UPDATE " + tableName + " SET " + columnLogged + "=? WHERE " + columnName + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); + pst.setInt(1, 0); + pst.setString(2, user.toLowerCase()); + pst.executeUpdate(); + pst.close(); + } catch (Exception ex) { + ConsoleLogger.showError(ex.getMessage()); + } } /** @@ -1100,48 +1024,38 @@ public class MySQL implements DataSource { */ @Override public void purgeLogged() { - Connection con = null; - PreparedStatement pst = null; - try { - if ((con = getConnection()) == null) - return; - pst = con.prepareStatement("UPDATE " + tableName + " SET " + columnLogged + "=? WHERE " + columnLogged + "=?;"); + try (Connection con = getConnection()) { + String sql = "UPDATE " + tableName + " SET " + columnLogged + "=? WHERE " + columnLogged + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setInt(1, 0); pst.setInt(2, 1); pst.executeUpdate(); + pst.close(); } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - } finally { - close(pst); - close(con); } } /** * Method getAccountsRegistered. * - * @return int * @see fr.xephi.authme.datasource.DataSource#getAccountsRegistered() + * @return int + * + * @see fr.xephi.authme.datasource.DataSource#getAccountsRegistered() */ @Override public int getAccountsRegistered() { int result = 0; - Connection con = null; - PreparedStatement pst = null; - ResultSet rs; - try { - if ((con = getConnection()) == null) - return result; - pst = con.prepareStatement("SELECT COUNT(*) FROM " + tableName + ";"); - rs = pst.executeQuery(); - if (rs != null && rs.next()) { + try (Connection con = getConnection()) { + PreparedStatement pst = con.prepareStatement("SELECT COUNT(*) FROM " + tableName + ";"); + ResultSet rs = pst.executeQuery(); + if (rs.next()) { result = rs.getInt(1); } + rs.close(); + pst.close(); } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return result; - } finally { - close(pst); - close(con); } return result; } @@ -1156,75 +1070,67 @@ public class MySQL implements DataSource { */ @Override public void updateName(String oldOne, String newOne) { - Connection con = null; - PreparedStatement pst = null; - try { - if ((con = getConnection()) == null) - return; - pst = con.prepareStatement("UPDATE " + tableName + " SET " + columnName + "=? WHERE LOWER(" + columnName + ")=?;"); + try (Connection con = getConnection()) { + String sql = "UPDATE " + tableName + " SET " + columnName + "=? WHERE " + columnName + "=?;"; + PreparedStatement pst = con.prepareStatement(sql); pst.setString(1, newOne); pst.setString(2, oldOne); pst.executeUpdate(); } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - } finally { - close(pst); - close(con); } } /** * Method getAllAuths. * - * @return List * @see fr.xephi.authme.datasource.DataSource#getAllAuths() + * @return List + * + * @see fr.xephi.authme.datasource.DataSource#getAllAuths() */ @Override public List getAllAuths() { List auths = new ArrayList<>(); - Connection con = null; - PreparedStatement pst = null; - ResultSet rs = null; - try { - if ((con = getConnection()) == null) - return auths; - pst = con.prepareStatement("SELECT * FROM " + tableName + ";"); - rs = pst.executeQuery(); + try (Connection con = getConnection()) { + Statement st = con.createStatement(); + ResultSet rs = st.executeQuery("SELECT * FROM " + tableName); + PreparedStatement pst = con.prepareStatement("SELECT data FROM xf_user_authenticate WHERE " + columnID + "=?;"); while (rs.next()) { - PlayerAuth pAuth; - int id = rs.getInt(columnID); - if (rs.getString(columnIp).isEmpty() && rs.getString(columnIp) != null) { - pAuth = new PlayerAuth(rs.getString(columnName), rs.getString(columnPassword), "192.168.0.1", rs.getLong(columnLastLogin), rs.getDouble(lastlocX), rs.getDouble(lastlocY), rs.getDouble(lastlocZ), rs.getString(lastlocWorld), rs.getString(columnEmail), rs.getString(columnRealName)); - } else { - if (!columnSalt.isEmpty()) { - if (!columnGroup.isEmpty()) - pAuth = new PlayerAuth(rs.getString(columnName), rs.getString(columnPassword), rs.getString(columnSalt), rs.getInt(columnGroup), rs.getString(columnIp), rs.getLong(columnLastLogin), rs.getDouble(lastlocX), rs.getDouble(lastlocY), rs.getDouble(lastlocZ), rs.getString(lastlocWorld), rs.getString(columnEmail), rs.getString(columnRealName)); - else - pAuth = new PlayerAuth(rs.getString(columnName), rs.getString(columnPassword), rs.getString(columnSalt), rs.getString(columnIp), rs.getLong(columnLastLogin), rs.getDouble(lastlocX), rs.getDouble(lastlocY), rs.getDouble(lastlocZ), rs.getString(lastlocWorld), rs.getString(columnEmail), rs.getString(columnRealName)); - } else { - pAuth = new PlayerAuth(rs.getString(columnName), rs.getString(columnPassword), rs.getString(columnIp), rs.getLong(columnLastLogin), rs.getDouble(lastlocX), rs.getDouble(lastlocY), rs.getDouble(lastlocZ), rs.getString(lastlocWorld), rs.getString(columnEmail), rs.getString(columnRealName)); - } - } + String salt = !columnSalt.isEmpty() ? rs.getString(columnSalt) : ""; + int group = !salt.isEmpty() && !columnGroup.isEmpty() ? rs.getInt(columnGroup) : -1; + PlayerAuth pAuth = PlayerAuth.builder() + .name(rs.getString(columnName)) + .realName(rs.getString(columnRealName)) + .hash(rs.getString(columnPassword)) + .lastLogin(rs.getLong(columnLastLogin)) + .ip(rs.getString(columnIp)) + .locWorld(rs.getString(lastlocWorld)) + .locX(rs.getDouble(lastlocX)) + .locY(rs.getDouble(lastlocY)) + .locZ(rs.getDouble(lastlocZ)) + .email(rs.getString(columnEmail)) + .salt(salt) + .groupId(group) + .build(); + if (Settings.getPasswordHash == HashAlgorithm.XENFORO) { - ResultSet rsid; - pst = con.prepareStatement("SELECT * FROM xf_user_authenticate WHERE " + columnID + "=?;"); + int id = rs.getInt(columnID); pst.setInt(1, id); - rsid = pst.executeQuery(); - if (rsid.next()) { - Blob blob = rsid.getBlob("data"); + ResultSet rs2 = pst.executeQuery(); + if (rs2.next()) { + Blob blob = rs2.getBlob("data"); byte[] bytes = blob.getBytes(1, (int) blob.length()); pAuth.setHash(new String(bytes)); } - rsid.close(); + rs2.close(); } auths.add(pAuth); } + pst.close(); + rs.close(); + st.close(); } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return auths; - } finally { - close(pst); - close(con); - close(rs); } return auths; } @@ -1232,55 +1138,50 @@ public class MySQL implements DataSource { /** * Method getLoggedPlayers. * - * @return List * @see fr.xephi.authme.datasource.DataSource#getLoggedPlayers() + * @return List + * + * @see fr.xephi.authme.datasource.DataSource#getLoggedPlayers() */ @Override public List getLoggedPlayers() { List auths = new ArrayList<>(); - Connection con = null; - PreparedStatement pst = null; - ResultSet rs = null; - try { - if ((con = getConnection()) == null) - return auths; - pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE " + columnLogged + "=1;"); - rs = pst.executeQuery(); + try (Connection con = getConnection()) { + Statement st = con.createStatement(); + ResultSet rs = st.executeQuery("SELECT * FROM " + tableName + " WHERE " + columnLogged + "=1;"); + PreparedStatement pst = con.prepareStatement("SELECT data FROM xf_user_authenticate WHERE " + columnID + "=?;"); while (rs.next()) { - PlayerAuth pAuth; - int id = rs.getInt(columnID); - if (rs.getString(columnIp).isEmpty() && rs.getString(columnIp) != null) { - pAuth = new PlayerAuth(rs.getString(columnName), rs.getString(columnPassword), "192.168.0.1", rs.getLong(columnLastLogin), rs.getDouble(lastlocX), rs.getDouble(lastlocY), rs.getDouble(lastlocZ), rs.getString(lastlocWorld), rs.getString(columnEmail), rs.getString(columnRealName)); - } else { - if (!columnSalt.isEmpty()) { - if (!columnGroup.isEmpty()) - pAuth = new PlayerAuth(rs.getString(columnName), rs.getString(columnPassword), rs.getString(columnSalt), rs.getInt(columnGroup), rs.getString(columnIp), rs.getLong(columnLastLogin), rs.getDouble(lastlocX), rs.getDouble(lastlocY), rs.getDouble(lastlocZ), rs.getString(lastlocWorld), rs.getString(columnEmail), rs.getString(columnRealName)); - else - pAuth = new PlayerAuth(rs.getString(columnName), rs.getString(columnPassword), rs.getString(columnSalt), rs.getString(columnIp), rs.getLong(columnLastLogin), rs.getDouble(lastlocX), rs.getDouble(lastlocY), rs.getDouble(lastlocZ), rs.getString(lastlocWorld), rs.getString(columnEmail), rs.getString(columnRealName)); - } else { - pAuth = new PlayerAuth(rs.getString(columnName), rs.getString(columnPassword), rs.getString(columnIp), rs.getLong(columnLastLogin), rs.getDouble(lastlocX), rs.getDouble(lastlocY), rs.getDouble(lastlocZ), rs.getString(lastlocWorld), rs.getString(columnEmail), rs.getString(columnRealName)); - } - } + String salt = !columnSalt.isEmpty() ? rs.getString(columnSalt) : ""; + int group = !salt.isEmpty() && !columnGroup.isEmpty() ? rs.getInt(columnGroup) : -1; + PlayerAuth pAuth = PlayerAuth.builder() + .name(rs.getString(columnName)) + .realName(rs.getString(columnRealName)) + .hash(rs.getString(columnPassword)) + .lastLogin(rs.getLong(columnLastLogin)) + .ip(rs.getString(columnIp)) + .locWorld(rs.getString(lastlocWorld)) + .locX(rs.getDouble(lastlocX)) + .locY(rs.getDouble(lastlocY)) + .locZ(rs.getDouble(lastlocZ)) + .email(rs.getString(columnEmail)) + .salt(salt) + .groupId(group) + .build(); + if (Settings.getPasswordHash == HashAlgorithm.XENFORO) { - ResultSet rsid; - pst = con.prepareStatement("SELECT * FROM xf_user_authenticate WHERE " + columnID + "=?;"); + int id = rs.getInt(columnID); pst.setInt(1, id); - rsid = pst.executeQuery(); - if (rsid.next()) { - Blob blob = rsid.getBlob("data"); + ResultSet rs2 = pst.executeQuery(); + if (rs2.next()) { + Blob blob = rs2.getBlob("data"); byte[] bytes = blob.getBytes(1, (int) blob.length()); pAuth.setHash(new String(bytes)); } - rsid.close(); + rs2.close(); } auths.add(pAuth); } } catch (Exception ex) { ConsoleLogger.showError(ex.getMessage()); - return auths; - } finally { - close(pst); - close(rs); - close(con); } return auths; } diff --git a/src/main/java/fr/xephi/authme/output/ConsoleFilter.java b/src/main/java/fr/xephi/authme/output/ConsoleFilter.java index be1c6bec7..975cc4cc3 100644 --- a/src/main/java/fr/xephi/authme/output/ConsoleFilter.java +++ b/src/main/java/fr/xephi/authme/output/ConsoleFilter.java @@ -4,7 +4,7 @@ import java.util.logging.Filter; import java.util.logging.LogRecord; /** - * Console filter Class + * Console filter to replace sensitive AuthMe commands with a generic message. * * @author Xephi59 */ @@ -12,20 +12,15 @@ public class ConsoleFilter implements Filter { @Override public boolean isLoggable(LogRecord record) { - try { - if (record == null || record.getMessage() == null) - return true; - String logM = record.getMessage().toLowerCase(); - if (!logM.contains("issued server command:")) - return true; - if (!logM.contains("/login ") && !logM.contains("/l ") && !logM.contains("/reg ") && !logM.contains("/changepassword ") && !logM.contains("/unregister ") && !logM.contains("/authme register ") && !logM.contains("/authme changepassword ") && !logM.contains("/authme reg ") && !logM.contains("/authme cp ") && !logM.contains("/register ")) - return true; - String playerName = record.getMessage().split(" ")[0]; - record.setMessage(playerName + " issued an AuthMe command!"); - return true; - } catch (NullPointerException npe) { + if (record == null || record.getMessage() == null) { return true; } + + if (LogFilterHelper.isSensitiveAuthMeCommand(record.getMessage())) { + String playerName = record.getMessage().split(" ")[0]; + record.setMessage(playerName + " issued an AuthMe command"); + } + return true; } } diff --git a/src/main/java/fr/xephi/authme/output/Log4JFilter.java b/src/main/java/fr/xephi/authme/output/Log4JFilter.java index 2f2a70034..9b2bea4c3 100644 --- a/src/main/java/fr/xephi/authme/output/Log4JFilter.java +++ b/src/main/java/fr/xephi/authme/output/Log4JFilter.java @@ -1,6 +1,5 @@ package fr.xephi.authme.output; -import fr.xephi.authme.util.StringUtils; import org.apache.logging.log4j.Level; import org.apache.logging.log4j.Marker; import org.apache.logging.log4j.core.Filter; @@ -15,13 +14,6 @@ import org.apache.logging.log4j.message.Message; */ public class Log4JFilter implements Filter { - /** - * List of commands (lower-case) to skip. - */ - private static final String[] COMMANDS_TO_SKIP = {"/login ", "/l ", "/reg ", "/changepassword ", - "/unregister ", "/authme register ", "/authme changepassword ", "/authme reg ", "/authme cp ", - "/register "}; - /** * Constructor. */ @@ -32,9 +24,9 @@ public class Log4JFilter implements Filter { * Validates a Message instance and returns the {@link Result} value * depending on whether the message contains sensitive AuthMe data. * - * @param message the Message object to verify + * @param message The Message object to verify * - * @return the Result value + * @return The Result value */ private static Result validateMessage(Message message) { if (message == null) { @@ -47,21 +39,14 @@ public class Log4JFilter implements Filter { * Validates a message and returns the {@link Result} value depending * on whether the message contains sensitive AuthMe data. * - * @param message the message to verify + * @param message The message to verify * - * @return the Result value + * @return The Result value */ private static Result validateMessage(String message) { - if (message == null) { - return Result.NEUTRAL; - } - - String lowerMessage = message.toLowerCase(); - if (lowerMessage.contains("issued server command:") - && StringUtils.containsAny(lowerMessage, COMMANDS_TO_SKIP)) { - return Result.DENY; - } - return Result.NEUTRAL; + return LogFilterHelper.isSensitiveAuthMeCommand(message) + ? Result.DENY + : Result.NEUTRAL; } @Override diff --git a/src/main/java/fr/xephi/authme/output/LogFilterHelper.java b/src/main/java/fr/xephi/authme/output/LogFilterHelper.java new file mode 100644 index 000000000..605283ac2 --- /dev/null +++ b/src/main/java/fr/xephi/authme/output/LogFilterHelper.java @@ -0,0 +1,34 @@ +package fr.xephi.authme.output; + +import fr.xephi.authme.util.StringUtils; + +/** + * Service class for the log filters. + */ +public final class LogFilterHelper { + + private static final String ISSUED_COMMAND_TEXT = "issued server command:"; + + private static final String[] COMMANDS_TO_SKIP = {"/login ", "/l ", "/reg ", "/changepassword ", + "/unregister ", "/authme register ", "/authme changepassword ", "/authme reg ", "/authme cp ", + "/register "}; + + private LogFilterHelper() { + // Util class + } + + /** + * Validate a message and return whether the message contains a sensitive AuthMe command. + * + * @param message The message to verify + * + * @return True if it is a sensitive AuthMe command, false otherwise + */ + public static boolean isSensitiveAuthMeCommand(String message) { + if (message == null) { + return false; + } + String lowerMessage = message.toLowerCase(); + return lowerMessage.contains(ISSUED_COMMAND_TEXT) && StringUtils.containsAny(lowerMessage, COMMANDS_TO_SKIP); + } +} diff --git a/src/main/java/fr/xephi/authme/settings/Settings.java b/src/main/java/fr/xephi/authme/settings/Settings.java index 7a2096808..df9e0b0a8 100644 --- a/src/main/java/fr/xephi/authme/settings/Settings.java +++ b/src/main/java/fr/xephi/authme/settings/Settings.java @@ -17,7 +17,7 @@ import java.util.regex.Pattern; /** */ -public final class Settings extends YamlConfiguration { +public final class Settings { public static final File PLUGIN_FOLDER = Wrapper.getInstance().getDataFolder(); public static final File MODULE_FOLDER = new File(PLUGIN_FOLDER, "modules"); @@ -68,7 +68,7 @@ public final class Settings extends YamlConfiguration { enableProtection, enableAntiBot, recallEmail, useWelcomeMessage, broadcastWelcomeMessage, forceRegKick, forceRegLogin, checkVeryGames, delayJoinLeaveMessages, noTeleport, applyBlindEffect, - customAttributes, generateImage, isRemoveSpeedEnabled, isMySQLWebsite; + customAttributes, generateImage, isRemoveSpeedEnabled; public static String helpHeader, getNickRegex, getUnloggedinGroup, getMySQLHost, getMySQLPort, getMySQLUsername, getMySQLPassword, getMySQLDatabase, getMySQLTablename, getMySQLColumnName, getMySQLColumnPassword, @@ -105,18 +105,13 @@ public final class Settings extends YamlConfiguration { configFile = (YamlConfiguration) plugin.getConfig(); } - /** - * Method reload. - * - * @throws Exception - */ public static void reload() throws Exception { plugin.getLogger().info("Loading Configuration File..."); boolean exist = SETTINGS_FILE.exists(); if (!exist) { plugin.saveDefaultConfig(); } - instance.load(SETTINGS_FILE); + configFile.load(SETTINGS_FILE); if (exist) { instance.mergeConfig(); } @@ -284,29 +279,17 @@ public final class Settings extends YamlConfiguration { forceRegisterCommandsAsConsole = configFile.getStringList("settings.forceRegisterCommandsAsConsole"); customAttributes = configFile.getBoolean("Hooks.customAttributes"); generateImage = configFile.getBoolean("Email.generateImage", false); - isMySQLWebsite = configFile.getBoolean("DataSource.mySQLWebsite", false); // Load the welcome message getWelcomeMessage(); } - /** - * Method setValue. - * - * @param key String - * @param value Object - */ public static void setValue(String key, Object value) { instance.set(key, value); save(); } - /** - * Method getPasswordHash. - * - * @return HashAlgorithm - */ private static HashAlgorithm getPasswordHash() { String key = "settings.security.passwordHash"; try { @@ -317,11 +300,6 @@ public final class Settings extends YamlConfiguration { } } - /** - * Method getDataSource. - * - * @return DataSourceType - */ private static DataSourceType getDataSource() { String key = "DataSource.backend"; try { @@ -368,20 +346,13 @@ public final class Settings extends YamlConfiguration { */ public static boolean save() { try { - instance.save(SETTINGS_FILE); + configFile.save(SETTINGS_FILE); return true; - } catch (Exception ex) { + } catch (IOException ex) { return false; } } - /** - * Method checkLang. - * - * @param lang String - * - * @return String - */ public static String checkLang(String lang) { if (new File(PLUGIN_FOLDER, "messages" + File.separator + "messages_" + lang + ".yml").exists()) { ConsoleLogger.info("Set Language to: " + lang); @@ -395,11 +366,6 @@ public final class Settings extends YamlConfiguration { return "en"; } - /** - * Method switchAntiBotMod. - * - * @param mode boolean - */ public static void switchAntiBotMod(boolean mode) { if (mode) { isKickNonRegisteredEnabled = true; @@ -441,13 +407,6 @@ public final class Settings extends YamlConfiguration { } } - /** - * Method isEmailCorrect. - * - * @param email String - * - * @return boolean - */ public static boolean isEmailCorrect(String email) { if (!email.contains("@")) return false; @@ -588,7 +547,7 @@ public final class Settings extends YamlConfiguration { set("VeryGames.enableIpCheck", false); changes = true; } - if (getString("settings.restrictions.allowedNicknameCharacters").equals("[a-zA-Z0-9_?]*")) { + if (configFile.getString("settings.restrictions.allowedNicknameCharacters").equals("[a-zA-Z0-9_?]*")) { set("settings.restrictions.allowedNicknameCharacters", "[a-zA-Z0-9_]*"); changes = true; } @@ -676,10 +635,6 @@ public final class Settings extends YamlConfiguration { set("DataSource.mySQLRealName", "realname"); changes = true; } - if (!contains("DataSource.mySQLQueryCache")) { - set("DataSource.mySQLWebsite", false); - changes = true; - } if (changes) { plugin.getLogger().warning("Merged new Config Options - I'm not an error, please don't report me"); @@ -687,6 +642,15 @@ public final class Settings extends YamlConfiguration { } } + private static boolean contains(String path) { + return configFile.contains(path); + } + + // public because it's used in AuthMe at one place + public void set(String path, Object value) { + configFile.set(path, value); + } + /** * Saves current configuration (plus defaults) to disk. *

@@ -695,11 +659,13 @@ public final class Settings extends YamlConfiguration { * @return True if saved successfully */ public final boolean saveDefaults() { - options().copyDefaults(true); - options().copyHeader(true); + configFile.options() + .copyDefaults(true) + .copyHeader(true); boolean success = save(); - options().copyDefaults(false); - options().copyHeader(false); + configFile.options() + .copyDefaults(false) + .copyHeader(false); return success; } } diff --git a/src/main/resources/config.yml b/src/main/resources/config.yml index 5abd17eb8..0c7607e3c 100644 --- a/src/main/resources/config.yml +++ b/src/main/resources/config.yml @@ -388,12 +388,13 @@ Protection: # Enable some servers protection ( country based login, antibot ) enableProtection: false # Countries allowed to join the server and register, see http://dev.bukkit.org/bukkit-plugins/authme-reloaded/pages/countries-codes/ for countries' codes + # PLEASE USE QUOTES! countries: - - US - - GB + - 'US' + - 'GB' # Countries blacklisted automatically ( without any needed to enable protection ) countriesBlacklist: - - A1 + - 'A1' # Do we need to enable automatic antibot system? enableAntiBot: false # Max number of player allowed to login in 5 secs before enable AntiBot system automatically diff --git a/src/test/java/fr/xephi/authme/output/ConsoleFilterTest.java b/src/test/java/fr/xephi/authme/output/ConsoleFilterTest.java new file mode 100644 index 000000000..8975068f6 --- /dev/null +++ b/src/test/java/fr/xephi/authme/output/ConsoleFilterTest.java @@ -0,0 +1,77 @@ +package fr.xephi.authme.output; + +import org.junit.Test; +import org.mockito.Mockito; + +import java.util.logging.LogRecord; + +import static org.hamcrest.Matchers.equalTo; +import static org.junit.Assert.assertThat; +import static org.mockito.Mockito.never; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +/** + * Test for {@link ConsoleFilter}. + */ +public class ConsoleFilterTest { + + private final ConsoleFilter filter = new ConsoleFilter(); + + private static final String SENSITIVE_COMMAND = "User issued server command: /login test test"; + private static final String NORMAL_COMMAND = "User issued server command: /motd 2"; + + + @Test + public void shouldReplaceSensitiveRecord() { + // given + LogRecord record = createRecord(SENSITIVE_COMMAND); + + // when + boolean result = filter.isLoggable(record); + + // then + assertThat(result, equalTo(true)); + verify(record).setMessage("User issued an AuthMe command"); + } + + @Test + public void shouldNotFilterRegularCommand() { + // given + LogRecord record = createRecord(NORMAL_COMMAND); + + // when + boolean result = filter.isLoggable(record); + + // then + assertThat(result, equalTo(true)); + verify(record, never()).setMessage("User issued an AuthMe command"); + } + + @Test + public void shouldManageRecordWithNullMessage() { + // given + LogRecord record = createRecord(null); + + // when + boolean result = filter.isLoggable(record); + + // then + assertThat(result, equalTo(true)); + verify(record, never()).setMessage("User issued an AuthMe command"); + } + + + /** + * Creates a mock of {@link LogRecord} and sets it to return the given message. + * + * @param message The message to set. + * + * @return Mock of LogRecord + */ + private static LogRecord createRecord(String message) { + LogRecord record = Mockito.mock(LogRecord.class); + when(record.getMessage()).thenReturn(message); + return record; + } +} diff --git a/src/test/java/fr/xephi/authme/permission/AdminPermissionTest.java b/src/test/java/fr/xephi/authme/permission/AdminPermissionTest.java index c3a89b723..9a8625ac0 100644 --- a/src/test/java/fr/xephi/authme/permission/AdminPermissionTest.java +++ b/src/test/java/fr/xephi/authme/permission/AdminPermissionTest.java @@ -20,7 +20,8 @@ public class AdminPermissionTest { // when/then for (AdminPermission permission : AdminPermission.values()) { if (!permission.getNode().startsWith(requiredPrefix)) { - fail("The permission '" + permission + "' does not start with the required prefix '" + requiredPrefix + "'"); + fail("The permission '" + permission + "' does not start with the required prefix '" + + requiredPrefix + "'"); } } } @@ -33,7 +34,8 @@ public class AdminPermissionTest { // when/then for (AdminPermission permission : AdminPermission.values()) { if (!permission.getNode().contains(requiredBranch)) { - fail("The permission '" + permission + "' does not contain with the required branch '" + requiredBranch + "'"); + fail("The permission '" + permission + "' does not contain with the required branch '" + + requiredBranch + "'"); } } } diff --git a/team.txt b/team.txt index e1c7e8604..98b60aa52 100644 --- a/team.txt +++ b/team.txt @@ -3,18 +3,16 @@ AuthMe-Team: Active staff: Xephi (Xephi59) - Leader, Main developer DNx5 - Developer -games647 - Developer +ljacqu - Developer TimVisee - Developer +games647 - Developer Gabriele C. (sgdc3) - Project Manager, Contributor -Staff to contact: -CryLegend - Contributor, AuthMeBridge Developer (Needs activation) +AuthMeBridge staff: +CryLegend - Main developer, We need to contact him! -External Contributors: -Gnat008 - Contributor - -Inactive staff: -Maxetto - Ticket Manager, Italian Translator, Basic Developer, Contributor (Inactive) +Retired staff: +Maxetto - Ticket Manager, IT translator darkwarriors (d4rkwarriors) - Original AuthMeReloaded Author (Inactive) Translators: