Protect our database.

This commit is contained in:
GJ 2012-07-09 11:12:46 -04:00
parent f0b2cc1bab
commit 3c2d658b37
5 changed files with 57 additions and 39 deletions

View File

@ -18,6 +18,7 @@ import com.gmail.nossr50.datatypes.McMMOPlayer;
import com.gmail.nossr50.datatypes.SpoutHud; import com.gmail.nossr50.datatypes.SpoutHud;
import com.gmail.nossr50.locale.LocaleLoader; import com.gmail.nossr50.locale.LocaleLoader;
import com.gmail.nossr50.spout.SpoutStuff; import com.gmail.nossr50.spout.SpoutStuff;
import com.gmail.nossr50.util.Database;
import com.gmail.nossr50.util.Users; import com.gmail.nossr50.util.Users;
public class McremoveCommand implements CommandExecutor { public class McremoveCommand implements CommandExecutor {
@ -54,31 +55,32 @@ public class McremoveCommand implements CommandExecutor {
/* MySQL */ /* MySQL */
if (Config.getInstance().getUseMySQL()) { if (Config.getInstance().getUseMySQL()) {
Database database = mcMMO.getPlayerDatabase();
int userId = 0; int userId = 0;
userId = mcMMO.database.getInt("SELECT id FROM " + tablePrefix + "users WHERE user = '" + playerName + "'"); userId = database.getInt("SELECT id FROM " + tablePrefix + "users WHERE user = '" + playerName + "'");
if (userId > 0) { if (userId > 0) {
mcMMO.database.write("DELETE FROM " database.write("DELETE FROM "
+ databaseName + "." + databaseName + "."
+ tablePrefix + "users WHERE " + tablePrefix + "users WHERE "
+ tablePrefix + "users.id=" + userId); + tablePrefix + "users.id=" + userId);
mcMMO.database.write("DELETE FROM " database.write("DELETE FROM "
+ databaseName + "." + databaseName + "."
+ tablePrefix + "cooldowns WHERE " + tablePrefix + "cooldowns WHERE "
+ tablePrefix + "cooldowns.user_id=" + userId); + tablePrefix + "cooldowns.user_id=" + userId);
mcMMO.database.write("DELETE FROM " database.write("DELETE FROM "
+ databaseName + "." + databaseName + "."
+ tablePrefix + "huds WHERE " + tablePrefix + "huds WHERE "
+ tablePrefix + "huds.user_id=" + userId); + tablePrefix + "huds.user_id=" + userId);
mcMMO.database.write("DELETE FROM " database.write("DELETE FROM "
+ databaseName + "." + databaseName + "."
+ tablePrefix + "skills WHERE " + tablePrefix + "skills WHERE "
+ tablePrefix + "skills.user_id=" + userId); + tablePrefix + "skills.user_id=" + userId);
mcMMO.database.write("DELETE FROM " database.write("DELETE FROM "
+ databaseName + "." + databaseName + "."
+ tablePrefix + "experience WHERE " + tablePrefix + "experience WHERE "
+ tablePrefix + "experience.user_id=" + userId); + tablePrefix + "experience.user_id=" + userId);

View File

@ -11,6 +11,7 @@ import org.bukkit.command.CommandSender;
import com.gmail.nossr50.mcMMO; import com.gmail.nossr50.mcMMO;
import com.gmail.nossr50.config.Config; import com.gmail.nossr50.config.Config;
import com.gmail.nossr50.locale.LocaleLoader; import com.gmail.nossr50.locale.LocaleLoader;
import com.gmail.nossr50.util.Database;
import com.gmail.nossr50.util.Leaderboard; import com.gmail.nossr50.util.Leaderboard;
import com.gmail.nossr50.util.Misc; import com.gmail.nossr50.util.Misc;
import com.gmail.nossr50.util.Skills; import com.gmail.nossr50.util.Skills;
@ -134,7 +135,9 @@ public class MctopCommand implements CommandExecutor {
private void sqlDisplay(int page, String query, CommandSender sender) { private void sqlDisplay(int page, String query, CommandSender sender) {
String tablePrefix = Config.getInstance().getMySQLTablePrefix(); String tablePrefix = Config.getInstance().getMySQLTablePrefix();
HashMap<Integer, ArrayList<String>> userslist = mcMMO.database.read("SELECT " + query + ", user_id FROM " + tablePrefix + "skills WHERE " + query + " > 0 ORDER BY " + query + " DESC "); Database database = mcMMO.getPlayerDatabase();
HashMap<Integer, ArrayList<String>> userslist = database.read("SELECT " + query + ", user_id FROM " + tablePrefix + "skills WHERE " + query + " > 0 ORDER BY " + query + " DESC ");
if (query.equals("taming+mining+woodcutting+repair+unarmed+herbalism+excavation+archery+swords+axes+acrobatics+fishing")) { if (query.equals("taming+mining+woodcutting+repair+unarmed+herbalism+excavation+archery+swords+axes+acrobatics+fishing")) {
sender.sendMessage(LocaleLoader.getString("Commands.PowerLevel.Leaderboard")); sender.sendMessage(LocaleLoader.getString("Commands.PowerLevel.Leaderboard"));
@ -144,11 +147,11 @@ public class MctopCommand implements CommandExecutor {
} }
for (int i = (page * 10) - 9; i <= (page * 10); i++) { for (int i = (page * 10) - 9; i <= (page * 10); i++) {
if (i > userslist.size() || mcMMO.database.read("SELECT user FROM " + tablePrefix + "users WHERE id = '" + Integer.valueOf(userslist.get(i).get(1)) + "'") == null) { if (i > userslist.size() || database.read("SELECT user FROM " + tablePrefix + "users WHERE id = '" + Integer.valueOf(userslist.get(i).get(1)) + "'") == null) {
break; break;
} }
HashMap<Integer, ArrayList<String>> username = mcMMO.database.read("SELECT user FROM " + tablePrefix + "users WHERE id = '" + Integer.valueOf(userslist.get(i).get(1)) + "'"); HashMap<Integer, ArrayList<String>> username = database.read("SELECT user FROM " + tablePrefix + "users WHERE id = '" + Integer.valueOf(userslist.get(i).get(1)) + "'");
sender.sendMessage(String.valueOf(i) + ". " + ChatColor.GREEN + userslist.get(i).get(0) + " - " + ChatColor.WHITE + username.get(1).get(0)); sender.sendMessage(String.valueOf(i) + ". " + ChatColor.GREEN + userslist.get(i).get(0) + " - " + ChatColor.WHITE + username.get(1).get(0));
} }
} }

View File

@ -12,6 +12,7 @@ import com.gmail.nossr50.config.Config;
import com.gmail.nossr50.config.SpoutConfig; import com.gmail.nossr50.config.SpoutConfig;
import com.gmail.nossr50.party.Party; import com.gmail.nossr50.party.Party;
import com.gmail.nossr50.party.PartyManager; import com.gmail.nossr50.party.PartyManager;
import com.gmail.nossr50.util.Database;
import com.gmail.nossr50.util.Misc; import com.gmail.nossr50.util.Misc;
public class PlayerProfile { public class PlayerProfile {
@ -85,16 +86,18 @@ public class PlayerProfile {
} }
public boolean loadMySQL() { public boolean loadMySQL() {
userId = mcMMO.database.getInt("SELECT id FROM " + Config.getInstance().getMySQLTablePrefix() + "users WHERE user = '" + playerName + "'"); Database database = mcMMO.getPlayerDatabase();
userId = database.getInt("SELECT id FROM " + Config.getInstance().getMySQLTablePrefix() + "users WHERE user = '" + playerName + "'");
if (userId == 0) { if (userId == 0) {
return false; return false;
} }
else { else {
HashMap<Integer, ArrayList<String>> huds = mcMMO.database.read("SELECT hudtype FROM " + Config.getInstance().getMySQLTablePrefix() + "huds WHERE user_id = " + userId); HashMap<Integer, ArrayList<String>> huds = database.read("SELECT hudtype FROM " + Config.getInstance().getMySQLTablePrefix() + "huds WHERE user_id = " + userId);
if (huds.get(1) == null) { if (huds.get(1) == null) {
mcMMO.database.write("INSERT INTO " + Config.getInstance().getMySQLTablePrefix() + "huds (user_id) VALUES (" + userId + ")"); database.write("INSERT INTO " + Config.getInstance().getMySQLTablePrefix() + "huds (user_id) VALUES (" + userId + ")");
} }
else { else {
for (HudType type : HudType.values()) { for (HudType type : HudType.values()) {
@ -108,10 +111,10 @@ public class PlayerProfile {
* I'm still learning MySQL, this is a fix for adding a new table * I'm still learning MySQL, this is a fix for adding a new table
* its not pretty but it works * its not pretty but it works
*/ */
HashMap<Integer, ArrayList<String>> cooldowns = mcMMO.database.read("SELECT mining, woodcutting, unarmed, herbalism, excavation, swords, axes, blast_mining FROM " + Config.getInstance().getMySQLTablePrefix() + "cooldowns WHERE user_id = " + userId); HashMap<Integer, ArrayList<String>> cooldowns = database.read("SELECT mining, woodcutting, unarmed, herbalism, excavation, swords, axes, blast_mining FROM " + Config.getInstance().getMySQLTablePrefix() + "cooldowns WHERE user_id = " + userId);
if(cooldowns.get(1) == null) { if(cooldowns.get(1) == null) {
mcMMO.database.write("INSERT INTO " + Config.getInstance().getMySQLTablePrefix() + "cooldowns (user_id) VALUES (" + userId + ")"); database.write("INSERT INTO " + Config.getInstance().getMySQLTablePrefix() + "cooldowns (user_id) VALUES (" + userId + ")");
} }
else { else {
skillsDATS.put(AbilityType.SUPER_BREAKER, Integer.valueOf(cooldowns.get(1).get(0))); skillsDATS.put(AbilityType.SUPER_BREAKER, Integer.valueOf(cooldowns.get(1).get(0)));
@ -124,7 +127,7 @@ public class PlayerProfile {
skillsDATS.put(AbilityType.BLAST_MINING, Integer.valueOf(cooldowns.get(1).get(7))); skillsDATS.put(AbilityType.BLAST_MINING, Integer.valueOf(cooldowns.get(1).get(7)));
} }
HashMap<Integer, ArrayList<String>> stats = mcMMO.database.read("SELECT taming, mining, repair, woodcutting, unarmed, herbalism, excavation, archery, swords, axes, acrobatics, fishing FROM "+Config.getInstance().getMySQLTablePrefix()+"skills WHERE user_id = " + userId); HashMap<Integer, ArrayList<String>> stats = database.read("SELECT taming, mining, repair, woodcutting, unarmed, herbalism, excavation, archery, swords, axes, acrobatics, fishing FROM "+Config.getInstance().getMySQLTablePrefix()+"skills WHERE user_id = " + userId);
skills.put(SkillType.TAMING, Integer.valueOf(stats.get(1).get(0))); skills.put(SkillType.TAMING, Integer.valueOf(stats.get(1).get(0)));
skills.put(SkillType.MINING, Integer.valueOf(stats.get(1).get(1))); skills.put(SkillType.MINING, Integer.valueOf(stats.get(1).get(1)));
skills.put(SkillType.REPAIR, Integer.valueOf(stats.get(1).get(2))); skills.put(SkillType.REPAIR, Integer.valueOf(stats.get(1).get(2)));
@ -137,7 +140,7 @@ public class PlayerProfile {
skills.put(SkillType.AXES, Integer.valueOf(stats.get(1).get(9))); skills.put(SkillType.AXES, Integer.valueOf(stats.get(1).get(9)));
skills.put(SkillType.ACROBATICS, Integer.valueOf(stats.get(1).get(10))); skills.put(SkillType.ACROBATICS, Integer.valueOf(stats.get(1).get(10)));
skills.put(SkillType.FISHING, Integer.valueOf(stats.get(1).get(11))); skills.put(SkillType.FISHING, Integer.valueOf(stats.get(1).get(11)));
HashMap<Integer, ArrayList<String>> experience = mcMMO.database.read("SELECT taming, mining, repair, woodcutting, unarmed, herbalism, excavation, archery, swords, axes, acrobatics, fishing FROM "+Config.getInstance().getMySQLTablePrefix()+"experience WHERE user_id = " + userId); HashMap<Integer, ArrayList<String>> experience = database.read("SELECT taming, mining, repair, woodcutting, unarmed, herbalism, excavation, archery, swords, axes, acrobatics, fishing FROM "+Config.getInstance().getMySQLTablePrefix()+"experience WHERE user_id = " + userId);
skillsXp.put(SkillType.TAMING, Integer.valueOf(experience.get(1).get(0))); skillsXp.put(SkillType.TAMING, Integer.valueOf(experience.get(1).get(0)));
skillsXp.put(SkillType.MINING, Integer.valueOf(experience.get(1).get(1))); skillsXp.put(SkillType.MINING, Integer.valueOf(experience.get(1).get(1)));
skillsXp.put(SkillType.REPAIR, Integer.valueOf(experience.get(1).get(2))); skillsXp.put(SkillType.REPAIR, Integer.valueOf(experience.get(1).get(2)));
@ -156,11 +159,13 @@ public class PlayerProfile {
} }
public void addMySQLPlayer() { public void addMySQLPlayer() {
mcMMO.database.write("INSERT INTO " + Config.getInstance().getMySQLTablePrefix() + "users (user, lastlogin) VALUES ('" + playerName + "'," + System.currentTimeMillis() / 1000 + ")"); Database database = mcMMO.getPlayerDatabase();
userId = mcMMO.database.getInt("SELECT id FROM "+Config.getInstance().getMySQLTablePrefix() + "users WHERE user = '" + playerName + "'");
mcMMO.database.write("INSERT INTO " + Config.getInstance().getMySQLTablePrefix() + "cooldowns (user_id) VALUES (" + userId + ")"); database.write("INSERT INTO " + Config.getInstance().getMySQLTablePrefix() + "users (user, lastlogin) VALUES ('" + playerName + "'," + System.currentTimeMillis() / 1000 + ")");
mcMMO.database.write("INSERT INTO " + Config.getInstance().getMySQLTablePrefix() + "skills (user_id) VALUES (" + userId + ")"); userId = database.getInt("SELECT id FROM "+Config.getInstance().getMySQLTablePrefix() + "users WHERE user = '" + playerName + "'");
mcMMO.database.write("INSERT INTO " + Config.getInstance().getMySQLTablePrefix() + "experience (user_id) VALUES (" + userId + ")"); database.write("INSERT INTO " + Config.getInstance().getMySQLTablePrefix() + "cooldowns (user_id) VALUES (" + userId + ")");
database.write("INSERT INTO " + Config.getInstance().getMySQLTablePrefix() + "skills (user_id) VALUES (" + userId + ")");
database.write("INSERT INTO " + Config.getInstance().getMySQLTablePrefix() + "experience (user_id) VALUES (" + userId + ")");
} }
public boolean load() { public boolean load() {
@ -268,9 +273,11 @@ public class PlayerProfile {
// if we are using mysql save to database // if we are using mysql save to database
if (Config.getInstance().getUseMySQL()) { if (Config.getInstance().getUseMySQL()) {
mcMMO.database.write("UPDATE " + Config.getInstance().getMySQLTablePrefix() + "huds SET hudtype = '" + hudType.toString() + "' WHERE user_id = " + userId); Database database = mcMMO.getPlayerDatabase();
mcMMO.database.write("UPDATE " + Config.getInstance().getMySQLTablePrefix() + "users SET lastlogin = " + timestamp.intValue() + " WHERE id = " + userId);
mcMMO.database.write("UPDATE " + Config.getInstance().getMySQLTablePrefix() + "cooldowns SET " database.write("UPDATE " + Config.getInstance().getMySQLTablePrefix() + "huds SET hudtype = '" + hudType.toString() + "' WHERE user_id = " + userId);
database.write("UPDATE " + Config.getInstance().getMySQLTablePrefix() + "users SET lastlogin = " + timestamp.intValue() + " WHERE id = " + userId);
database.write("UPDATE " + Config.getInstance().getMySQLTablePrefix() + "cooldowns SET "
+ " mining = " + skillsDATS.get(AbilityType.SUPER_BREAKER) + " mining = " + skillsDATS.get(AbilityType.SUPER_BREAKER)
+ ", woodcutting = " + skillsDATS.get(AbilityType.TREE_FELLER) + ", woodcutting = " + skillsDATS.get(AbilityType.TREE_FELLER)
+ ", unarmed = " + skillsDATS.get(AbilityType.BERSERK) + ", unarmed = " + skillsDATS.get(AbilityType.BERSERK)
@ -280,7 +287,7 @@ public class PlayerProfile {
+ ", axes = " + skillsDATS.get(AbilityType.SKULL_SPLIITER) + ", axes = " + skillsDATS.get(AbilityType.SKULL_SPLIITER)
+ ", blast_mining = " + skillsDATS.get(AbilityType.BLAST_MINING) + ", blast_mining = " + skillsDATS.get(AbilityType.BLAST_MINING)
+ " WHERE user_id = " + userId); + " WHERE user_id = " + userId);
mcMMO.database.write("UPDATE " + Config.getInstance().getMySQLTablePrefix() + "skills SET " database.write("UPDATE " + Config.getInstance().getMySQLTablePrefix() + "skills SET "
+ " taming = " + skills.get(SkillType.TAMING) + " taming = " + skills.get(SkillType.TAMING)
+ ", mining = " + skills.get(SkillType.MINING) + ", mining = " + skills.get(SkillType.MINING)
+ ", repair = " + skills.get(SkillType.REPAIR) + ", repair = " + skills.get(SkillType.REPAIR)
@ -294,7 +301,7 @@ public class PlayerProfile {
+ ", acrobatics = " + skills.get(SkillType.ACROBATICS) + ", acrobatics = " + skills.get(SkillType.ACROBATICS)
+ ", fishing = " + skills.get(SkillType.FISHING) + ", fishing = " + skills.get(SkillType.FISHING)
+ " WHERE user_id = " + userId); + " WHERE user_id = " + userId);
mcMMO.database.write("UPDATE " + Config.getInstance().getMySQLTablePrefix() + "experience SET " database.write("UPDATE " + Config.getInstance().getMySQLTablePrefix() + "experience SET "
+ " taming = " + skillsXp.get(SkillType.TAMING) + " taming = " + skillsXp.get(SkillType.TAMING)
+ ", mining = " + skillsXp.get(SkillType.MINING) + ", mining = " + skillsXp.get(SkillType.MINING)
+ ", repair = " + skillsXp.get(SkillType.REPAIR) + ", repair = " + skillsXp.get(SkillType.REPAIR)

View File

@ -92,7 +92,7 @@ public class mcMMO extends JavaPlugin {
private HashMap<Integer, String> tntTracker = new HashMap<Integer, String>(); private HashMap<Integer, String> tntTracker = new HashMap<Integer, String>();
public static File versionFile; public static File versionFile;
public static Database database; private static Database database;
public static mcMMO p; public static mcMMO p;
public static ChunkletManager placeStore; public static ChunkletManager placeStore;
@ -500,5 +500,9 @@ public class mcMMO extends JavaPlugin {
public static String getModDirectory() { public static String getModDirectory() {
return modDirectory; return modDirectory;
} }
public static Database getPlayerDatabase() {
return database;
}
} }

View File

@ -5,6 +5,7 @@ import java.io.FileReader;
import com.gmail.nossr50.mcMMO; import com.gmail.nossr50.mcMMO;
import com.gmail.nossr50.config.Config; import com.gmail.nossr50.config.Config;
import com.gmail.nossr50.util.Database;
import com.gmail.nossr50.util.Misc; import com.gmail.nossr50.util.Misc;
public class SQLConversionTask implements Runnable { public class SQLConversionTask implements Runnable {
@ -17,6 +18,7 @@ public class SQLConversionTask implements Runnable {
@Override @Override
public void run() { public void run() {
Database database = mcMMO.getPlayerDatabase();
String location = mcMMO.getUsersFile(); String location = mcMMO.getUsersFile();
try { try {
@ -164,7 +166,7 @@ public class SQLConversionTask implements Runnable {
} }
//Check to see if the user is in the DB //Check to see if the user is in the DB
id = mcMMO.database.getInt("SELECT id FROM " id = database.getInt("SELECT id FROM "
+ tablePrefix + tablePrefix
+ "users WHERE user = '" + playerName + "'"); + "users WHERE user = '" + playerName + "'");
@ -172,11 +174,11 @@ public class SQLConversionTask implements Runnable {
theCount++; theCount++;
//Update the skill values //Update the skill values
mcMMO.database.write("UPDATE " database.write("UPDATE "
+ tablePrefix + tablePrefix
+ "users SET lastlogin = " + 0 + "users SET lastlogin = " + 0
+ " WHERE id = " + id); + " WHERE id = " + id);
mcMMO.database.write("UPDATE " database.write("UPDATE "
+ tablePrefix + tablePrefix
+ "skills SET " + "skills SET "
+ " taming = taming+" + Misc.getInt(taming) + " taming = taming+" + Misc.getInt(taming)
@ -192,7 +194,7 @@ public class SQLConversionTask implements Runnable {
+ ", acrobatics = acrobatics+" + Misc.getInt(acrobatics) + ", acrobatics = acrobatics+" + Misc.getInt(acrobatics)
+ ", fishing = fishing+" + Misc.getInt(fishing) + ", fishing = fishing+" + Misc.getInt(fishing)
+ " WHERE user_id = " + id); + " WHERE user_id = " + id);
mcMMO.database.write("UPDATE " database.write("UPDATE "
+ tablePrefix + tablePrefix
+ "experience SET " + "experience SET "
+ " taming = " + Misc.getInt(tamingXP) + " taming = " + Misc.getInt(tamingXP)
@ -213,32 +215,32 @@ public class SQLConversionTask implements Runnable {
theCount++; theCount++;
//Create the user in the DB //Create the user in the DB
mcMMO.database.write("INSERT INTO " database.write("INSERT INTO "
+ tablePrefix + tablePrefix
+ "users (user, lastlogin) VALUES ('" + "users (user, lastlogin) VALUES ('"
+ playerName + "'," + playerName + "',"
+ System.currentTimeMillis() / 1000 + ")"); + System.currentTimeMillis() / 1000 + ")");
id = mcMMO.database.getInt("SELECT id FROM " id = database.getInt("SELECT id FROM "
+ tablePrefix + tablePrefix
+ "users WHERE user = '" + "users WHERE user = '"
+ playerName + "'"); + playerName + "'");
mcMMO.database.write("INSERT INTO " database.write("INSERT INTO "
+ tablePrefix + tablePrefix
+ "skills (user_id) VALUES (" + id + ")"); + "skills (user_id) VALUES (" + id + ")");
mcMMO.database.write("INSERT INTO " database.write("INSERT INTO "
+ tablePrefix + tablePrefix
+ "experience (user_id) VALUES (" + id + "experience (user_id) VALUES (" + id
+ ")"); + ")");
//Update the skill values //Update the skill values
mcMMO.database.write("UPDATE " database.write("UPDATE "
+ tablePrefix + tablePrefix
+ "users SET lastlogin = " + 0 + "users SET lastlogin = " + 0
+ " WHERE id = " + id); + " WHERE id = " + id);
mcMMO.database.write("UPDATE " database.write("UPDATE "
+ tablePrefix + tablePrefix
+ "users SET party = '" + party + "users SET party = '" + party
+ "' WHERE id = " + id); + "' WHERE id = " + id);
mcMMO.database.write("UPDATE " database.write("UPDATE "
+ tablePrefix + tablePrefix
+ "skills SET " + "skills SET "
+ " taming = taming+" + Misc.getInt(taming) + " taming = taming+" + Misc.getInt(taming)
@ -254,7 +256,7 @@ public class SQLConversionTask implements Runnable {
+ ", acrobatics = acrobatics+" + Misc.getInt(acrobatics) + ", acrobatics = acrobatics+" + Misc.getInt(acrobatics)
+ ", fishing = fishing+" + Misc.getInt(fishing) + ", fishing = fishing+" + Misc.getInt(fishing)
+ " WHERE user_id = " + id); + " WHERE user_id = " + id);
mcMMO.database.write("UPDATE " database.write("UPDATE "
+ tablePrefix + tablePrefix
+ "experience SET " + "experience SET "
+ " taming = " + Misc.getInt(tamingXP) + " taming = " + Misc.getInt(tamingXP)