Hey there, so, first I have this code, so this AIOItem (a item that don't need to talk with NPCs, if you have on BAG just click and choose the option you want) do not work GMSHOP if the charecter is not a gm (if i put true in accesslevel.properties on option isGM the item works, but when the player hold shift and click on the npc or mob they can see admin menu of npc):
Here is the code of RequestBuyItem.java:
/*
* This program is free software: you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free Software
* Foundation, either version 3 of the License, or (at your option) any later
* version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* this program. If not, see <http://www.gnu.org/licenses/>.
*/
package com.l2jserver.gameserver.network.clientpackets;
import static com.l2jserver.gameserver.model.actor.L2Npc.INTERACTION_DISTANCE;
import static com.l2jserver.gameserver.model.itemcontainer.PcInventory.MAX_ADENA;
import java.util.ArrayList;
import java.util.List;
import com.l2jserver.Config;
import com.l2jserver.gameserver.TradeController;
import com.l2jserver.gameserver.datatables.ItemTable;
import com.l2jserver.gameserver.model.L2Object;
import com.l2jserver.gameserver.model.L2TradeList;
import com.l2jserver.gameserver.model.L2TradeList.L2TradeItem;
import com.l2jserver.gameserver.model.actor.L2Character;
import com.l2jserver.gameserver.model.actor.instance.L2MerchantInstance;
import com.l2jserver.gameserver.model.actor.instance.L2MerchantSummonInstance;
import com.l2jserver.gameserver.model.actor.instance.L2PcInstance;
import com.l2jserver.gameserver.model.holders.ItemHolder;
import com.l2jserver.gameserver.model.items.L2Item;
import com.l2jserver.gameserver.network.SystemMessageId;
import com.l2jserver.gameserver.network.serverpackets.ActionFailed;
import com.l2jserver.gameserver.network.serverpackets.ExBuySellList;
import com.l2jserver.gameserver.network.serverpackets.StatusUpdate;
import com.l2jserver.gameserver.network.serverpackets.SystemMessage;
import com.l2jserver.gameserver.util.Util;
/**
* RequestBuyItem client packet class.
*/
public final class RequestBuyItem extends L2GameClientPacket
{
private static final String _C__1F_REQUESTBUYITEM = "[C] 1F RequestBuyItem";
private static final int BATCH_LENGTH = 12; // length of the one item
private int _listId;
private Item[] _items = null;
@Override
protected void readImpl()
{
_listId = readD();
int count = readD();
if (count <= 0 || count > Config.MAX_ITEM_IN_PACKET || count * BATCH_LENGTH != _buf.remaining())
{
return;
}
_items = new Item[count];
for (int i = 0; i < count; i++)
{
int itemId = readD();
long cnt = readQ();
if (itemId < 1 || cnt < 1)
{
_items = null;
return;
}
_items[i] = new Item(itemId, cnt);
}
}
@Override
protected void runImpl()
{
L2PcInstance player = getClient().getActiveChar();
if (player == null)
return;
if (!getClient().getFloodProtectors().getTransaction().tryPerformAction("buy"))
{
player.sendMessage("You buying too fast.");
return;
}
if (_items == null)
{
sendPacket(ActionFailed.STATIC_PACKET);
return;
}
// Alt game - Karma punishment
if (!Config.ALT_GAME_KARMA_PLAYER_CAN_SHOP && player.getKarma() > 0)
{
sendPacket(ActionFailed.STATIC_PACKET);
return;
}
L2Object target = player.getTarget();
L2Character merchant = null;
if(!player.isUsingAIOItemMultisell())
{
if(target == null
|| (!player.isInsideRadius(target, INTERACTION_DISTANCE, true, false)) // Distance is too far)
|| (player.getInstanceId() != target.getInstanceId()))
{
sendPacket(ActionFailed.STATIC_PACKET);
return;
}
if (target instanceof L2MerchantInstance || target instanceof L2MerchantSummonInstance)
merchant = (L2Character)target;
else if (!player.isGM())
{
sendPacket(ActionFailed.STATIC_PACKET);
return;
}
}
L2TradeList list = null;
double castleTaxRate = 0;
double baseTaxRate = 0;
if (merchant != null)
{
List<L2TradeList> lists;
if (merchant instanceof L2MerchantInstance)
{
lists = TradeController.getInstance().getBuyListByNpcId(((L2MerchantInstance) merchant).getNpcId());
castleTaxRate = ((L2MerchantInstance) merchant).getMpc().getCastleTaxRate();
baseTaxRate = ((L2MerchantInstance) merchant).getMpc().getBaseTaxRate();
}
else
{
lists = TradeController.getInstance().getBuyListByNpcId(((L2MerchantSummonInstance) merchant).getNpcId());
baseTaxRate = 50;
}
if (!player.isGM())
{
if (lists == null)
{
Util.handleIllegalPlayerAction(player, "Warning!! Character " + player.getName() + " of account " + player.getAccountName() + " sent a false BuyList list_id " + _listId, Config.DEFAULT_PUNISH);
return;
}
for (L2TradeList tradeList : lists)
{
if (tradeList.getListId() == _listId)
list = tradeList;
}
}
else
list = TradeController.getInstance().getBuyList(_listId);
}
else
list = TradeController.getInstance().getBuyList(_listId);
if (list == null)
{
Util.handleIllegalPlayerAction(player, "Warning!! Character " + player.getName() + " of account " + player.getAccountName() + " sent a false BuyList list_id " + _listId, Config.DEFAULT_PUNISH);
return;
}
_listId = list.getListId();
long subTotal = 0;
// Check for buylist validity and calculates summary values
long slots = 0;
long weight = 0;
for (Item i : _items)
{
L2TradeItem tradeItem = list.getItemById(i.getItemId());
if (tradeItem == null)
{
Util.handleIllegalPlayerAction(player, "Warning!! Character " + player.getName() + " of account " + player.getAccountName() + " sent a false BuyList list_id " + _listId + " and item_id " + i.getItemId(), Config.DEFAULT_PUNISH);
return;
}
L2Item template = ItemTable.getInstance().getTemplate(i.getItemId());
if (template == null)
continue;
if (!template.isStackable() && i.getCount() > 1)
{
Util.handleIllegalPlayerAction(player, "Warning!! Character " + player.getName() + " of account " + player.getAccountName() + " tried to purchase invalid quantity of items at the same time.", Config.DEFAULT_PUNISH);
sendPacket(SystemMessage.getSystemMessage(SystemMessageId.YOU_HAVE_EXCEEDED_QUANTITY_THAT_CAN_BE_INPUTTED));
return;
}
long price = list.getPriceForItemId(i.getItemId());
if (price < 0)
{
_log.warning("ERROR, no price found .. wrong buylist ??");
sendPacket(ActionFailed.STATIC_PACKET);
return;
}
if (price == 0 && !player.isGM() && Config.ONLY_GM_ITEMS_FREE)
{
player.sendMessage("Ohh Cheat dont work? You have a problem now!");
Util.handleIllegalPlayerAction(player, "Warning!! Character " + player.getName() + " of account " + player.getAccountName() + " tried buy item for 0 adena.", Config.DEFAULT_PUNISH);
return;
}
if (tradeItem.hasLimitedStock())
{
// trying to buy more then available
if (i.getCount() > tradeItem.getCurrentCount())
return;
}
if ((MAX_ADENA / i.getCount()) < price)
{
Util.handleIllegalPlayerAction(player, "Warning!! Character " + player.getName() + " of account " + player.getAccountName() + " tried to purchase over " + MAX_ADENA + " adena worth of goods.", Config.DEFAULT_PUNISH);
return;
}
// first calculate price per item with tax, then multiply by count
price = (long) (price * (1 + castleTaxRate + baseTaxRate));
subTotal += i.getCount() * price;
if (subTotal > MAX_ADENA)
{
Util.handleIllegalPlayerAction(player, "Warning!! Character " + player.getName() + " of account " + player.getAccountName() + " tried to purchase over " + MAX_ADENA + " adena worth of goods.", Config.DEFAULT_PUNISH);
return;
}
weight += i.getCount() * template.getWeight();
if (!template.isStackable())
slots += i.getCount();
else if (player.getInventory().getItemByItemId(i.getItemId()) == null)
slots++;
}
if (!player.isGM() && (weight > Integer.MAX_VALUE || weight < 0 || !player.getInventory().validateWeight((int) weight)))
{
sendPacket(SystemMessage.getSystemMessage(SystemMessageId.WEIGHT_LIMIT_EXCEEDED));
sendPacket(ActionFailed.STATIC_PACKET);
return;
}
if (!player.isGM() && (slots > Integer.MAX_VALUE || slots < 0 || !player.getInventory().validateCapacity((int) slots)))
{
sendPacket(SystemMessage.getSystemMessage(SystemMessageId.SLOTS_FULL));
sendPacket(ActionFailed.STATIC_PACKET);
return;
}
// Charge buyer and add tax to castle treasury if not owned by npc clan
if ((subTotal < 0) || !player.reduceAdena("Buy", subTotal, player.getLastFolkNPC(), false))
{
sendPacket(SystemMessage.getSystemMessage(SystemMessageId.YOU_NOT_ENOUGH_ADENA));
sendPacket(ActionFailed.STATIC_PACKET);
return;
}
// Proceed the purchase
for (Item i : _items)
{
L2TradeItem tradeItem = list.getItemById(i.getItemId());
if (tradeItem == null)
{
Util.handleIllegalPlayerAction(player, "Warning!! Character " + player.getName() + " of account " + player.getAccountName() + " sent a false BuyList list_id " + _listId + " and item_id " + i.getItemId(), Config.DEFAULT_PUNISH);
continue;
}
if (tradeItem.hasLimitedStock())
{
if (tradeItem.decreaseCount(i.getCount()))
player.getInventory().addItem("Buy", i.getItemId(), i.getCount(), player, merchant);
}
else
player.getInventory().addItem("Buy", i.getItemId(), i.getCount(), player, merchant);
}
// add to castle treasury
if(!player.isUsingAIOItemMultisell())
{
// add to castle treasury
if (merchant instanceof L2MerchantInstance)
((L2MerchantInstance) merchant).getCastle().addToTreasury((long) (subTotal * castleTaxRate));
}
StatusUpdate su = new StatusUpdate(player);
player.sendPacket(su);
player.sendPacket(new ExBuySellList(player, castleTaxRate + baseTaxRate, true));
}
private static class Item
{
private final int _itemId;
private final long _count;
public Item(int id, long num)
{
_itemId = id;
_count = num;
}
public int getItemId()
{
return _itemId;
}
public long getCount()
{
return _count;
}
}
@Override
public String getType()
{
return _C__1F_REQUESTBUYITEM;
}
}
Hello if anyone is looking for interlude server with free bot, no P2W and uniques features I can recommend freshly opened https://l2romans.com/features/, great server for chilling and having fun with friends casually.
Everyone is welcomed
So excited to announce 3x Telegram Premium (6 months)
Join our official TG and participate to win!
Asocks.com - trusted proxy service providing mobile and residential proxies with a single price of $3 per 1GB
A huge locations pool and high speed will help complete all tasks
Well, sorry not sorry for resurrecting old topic, but I believe it's ultimately stupid to implement license checks like Vilmis did 🙂
private static String url = "jdbc:mysql://185.80.128.233/" + getData("Zm9ydW1fZGI=");
private static String username = getData("bXJjb3B5cmlnaHQ=");
private static String password = getData("Y29weXJpZ2h0XzEyMw==");
con = GlobalDB.getInstance().getConnection();
PreparedStatement statement;
statement = con.prepareStatement("SELECT field_6 from core_pfields_content WHERE member_id = ?");
statement.setInt(1, Config.FORUM_USER_ID);
ResultSet rset = statement.executeQuery();
This awesome way of coding things leaves us with base64-encoded credentials and DB exposed and accessible globally 😉 Btw he checks his licensing data from some plugin generated table his forum uses.
Vilmis took action and ensured that mrcopyright user would have only needed accesses and rights for this operation. But he forgot to ensure that his INFORMATION_SCHEMA database would not be exposed and readable...
That leads us to fully readable server variables like version used (10.1.26-MariaDB-0+deb9u1 - pretty ancient DB and OS, I'd assume). From here you can go south and do some kinky stuff, if you want and have knowledge for that. But who cares, right?
Ooh, table core_pfields_content field_6 is IP address which is checked by FORUM_USER_ID. Yep, you can query all IP addresses there (124 of them right now) and also do whatever you want with them! 🙂
The most fun part? Files source has been shared what, more than 2 years ago?
Vilmis still uses very same credentials and never changed it after sources exposure - who cares. Although, "sources" may be way too strong word here.
If anyone still use paid Orion versions, I'd suggest packing your shit and leaving immediately, or at least fix this incompetent fool caused problems. It's obvious Vilmis don't care or maybe doesn't even know from the first place how to solve this problem (hint hint - tiny PHP Rest API microservice which would do absolutely the same but without exposing sensitive data?). By doing that, he exposes his infrastructure and YOUR data, and he does that for more than 2 years now 🙂 Developer of century!
Question
colt
Hey there, so, first I have this code, so this AIOItem (a item that don't need to talk with NPCs, if you have on BAG just click and choose the option you want) do not work GMSHOP if the charecter is not a gm (if i put true in accesslevel.properties on option isGM the item works, but when the player hold shift and click on the npc or mob they can see admin menu of npc):
Here is the code of RequestBuyItem.java:
What is the problem guys? this tool is a troll!
Thank you
Link to comment
Share on other sites
22 answers to this question
Recommended Posts