Jump to content
MaxCheaters Official Group on Discord
Top.MaxCheaters.com is now OPEN – Lineage 2 Top Listing

[Share]ALLOW_MULT_LOGIN

xAddytzu

By xAddytzu
in Server Shares & Files [L2J]

 Share

Recommended Posts

xAddytzu Newbie

xAddytzu

Posted
Posted

Hello, you can enter in game with two character from one account ! :D

 

TEST: NEEDED, someone can test ?:)

 

Index: /loginserver.properties
===================================================================
@@ -17,5 +17,4 @@
# default = true
AcceptNewGameServer = true
+AllowMultipleLoginOnSameAcc = True

# ----------------------------
Index: /loginserver/services/AccountsServices.java
===================================================================
@@ -237,5 +237,5 @@
			//L2EMU_EDIT- Rayan - logs if a Config.AUTO_CREATE_ACCOUNTS a warn message telling that new account was created.
			if (Config.AUTO_CREATE_ACCOUNTS)
+				_log.warn("Account created for user: " + id);
-				_log.info("Account created for user: " + id);
			else
				_log.warn(e.getMessage());
Index: /loginserver/manager/LoginManager.java
===================================================================
@@ -284,6 +284,5 @@
	 * @throws AccountWrongPasswordException if the password was wrong
	 */
+	public AuthLoginResult tryAuthLogin(String account, String password, L2LoginClient client) throws HackingException, AccountBannedException,
+			AccountWrongPasswordException
-	public AuthLoginResult tryAuthLogin(String account, String password, L2LoginClient client) throws HackingException, AccountBannedException, AccountWrongPasswordException
	{
		AuthLoginResult ret = AuthLoginResult.INVALID_PASSWORD;
@@ -291,5 +290,4 @@
		try
		{
			// check auth
			if (this.loginValid(account, password, client))
@@ -298,28 +296,24 @@
				ret = AuthLoginResult.ALREADY_ON_GS;

+				if (!Config.ALLOW_MULT_LOGIN_OF_SAME_ACC)
-				if (!this.isAccountInAnyGameServer(account))
				{
+					if (!this.isAccountInAnyGameServer(account))
-					// account isnt on any GS, verify LS itself
-					ret = AuthLoginResult.ALREADY_ON_LS;
-					// dont allow 2 simultaneous login
-					synchronized (_loginServerClients)
					{
+						// account isnt on any GS, verify LS itself
+						ret = AuthLoginResult.ALREADY_ON_LS;
-						if (!_loginServerClients.containsKey(account))
-						{
-							_loginServerClients.put(account, client);
-							ret = AuthLoginResult.AUTH_SUCCESS;
-						}
					}
-					Accounts acc = _service.getAccountById(account);
-					// keep access level in the L2LoginClient
-					client.setAccessLevel(acc.getAccessLevel());
-					// keep last server choice
-					client.setLastServerId(acc.getLastServerId());
				}
+				// dont allow 2 simultaneous login
+				synchronized (_loginServerClients)
+				{
+					if (!_loginServerClients.containsKey(account))
+					{
+						_loginServerClients.put(account, client);
+						ret = AuthLoginResult.AUTH_SUCCESS;
+					}
+				}
+				Accounts acc = _service.getAccountById(account);
+				// keep access level in the L2LoginClient
+				client.setAccessLevel(acc.getAccessLevel());
+				// keep last server choice
+				client.setLastServerId(acc.getLastServerId());
+			}
		}
		catch (NoSuchAlgorithmException e)
Index: Config.java
===================================================================
@@ -227,5 +227,4 @@
	public static boolean		AUTO_CREATE_ACCOUNTS;
	public static int			GM_MIN;
+	public static boolean		ALLOW_MULT_LOGIN_OF_SAME_ACC;

	//********************************************************************************************
@@ -239,5 +238,4 @@
			serverSettings.load(is);
			is.close();
+			ALLOW_MULT_LOGIN_OF_SAME_ACC = Boolean.parseBoolean(serverSettings.getProperty("AllowMultipleLoginOnSameAcc", "false"));
			ACCEPT_NEW_GAMESERVER = Boolean.parseBoolean(serverSettings.getProperty("AcceptNewGameServer", "false"));
			GM_MIN = Integer.parseInt(serverSettings.getProperty("GMMinLevel", "1"));

 

It's not my creation, just edit lil'bit

Lucky Dice Newbie

Lucky Dice

Posted
Posted

The Same Here And you are ok.

+ ALLOW_MULT_LOGIN_OF_SAME_ACC = Boolean.parseBoolean(serverSettings.getProperty("AllowMultipleLoginOnSameAcc", "false"));

ACCEPT_NEW_GAMESERVER = Boolean.parseBoolean(serverSettings.getProperty("AcceptNewGameServer", "false"));

GM_MIN = Integer.parseInt(serverSettings.getProperty("GMMinLevel", "1"));

Lucky Dice Newbie

Lucky Dice

Posted
Posted

ehm...and whats the point of this?whats the good in play with 2 char from the same account?besides of the decreased login security

You Can Sell One Char and you can play with Other ;D
xAddytzu Newbie

xAddytzu

Posted
  • Author
Posted

ehm...and whats the point of this?whats the good in play with 2 char from the same account?besides of the decreased login security

What do you mean login security ? :)

 

You Can Sell One Char and you can play with Other ;D

Yes you're right!

 

btw, someone test it ?

 

Intrepid Newbie

Intrepid

Posted
Posted

What do you mean login security ? :)

Yes you're right!

 

btw, someone test it ?

 

 

by login security i mean lets say an example

 

someone try to access with your acc and you are online he get kicked if he found out the acc this way not and voila your acc is hacked and before you even notice it your char is done

Lucky Dice Newbie

Lucky Dice

Posted
Posted

no is not working,,, i tested now...:| and for me dont work :)

Use This 

Index: /loginserver.properties
===================================================================
@@ -17,5 +17,4 @@
# default = true
AcceptNewGameServer = true
+AllowMultipleLoginOnSameAcc = True

# ----------------------------
Index: /loginserver/services/AccountsServices.java
===================================================================
@@ -237,5 +237,5 @@
			//L2EMU_EDIT- Rayan - logs if a Config.AUTO_CREATE_ACCOUNTS a warn message telling that new account was created.
			if (Config.AUTO_CREATE_ACCOUNTS)
+				_log.warn("Account created for user: " + id);
-				_log.info("Account created for user: " + id);
			else
				_log.warn(e.getMessage());
Index: /loginserver/manager/LoginManager.java
===================================================================
@@ -284,6 +284,5 @@
	 * @throws AccountWrongPasswordException if the password was wrong
	 */
+	public AuthLoginResult tryAuthLogin(String account, String password, L2LoginClient client) throws HackingException, AccountBannedException,
+			AccountWrongPasswordException
-	public AuthLoginResult tryAuthLogin(String account, String password, L2LoginClient client) throws HackingException, AccountBannedException, AccountWrongPasswordException
	{
		AuthLoginResult ret = AuthLoginResult.INVALID_PASSWORD;
@@ -291,5 +290,4 @@
		try
		{
			// check auth
			if (this.loginValid(account, password, client))
@@ -298,28 +296,24 @@
				ret = AuthLoginResult.ALREADY_ON_GS;

+				if (!Config.ALLOW_MULT_LOGIN_OF_SAME_ACC)
-				if (!this.isAccountInAnyGameServer(account))
				{
+					if (!this.isAccountInAnyGameServer(account))
-					// account isnt on any GS, verify LS itself
-					ret = AuthLoginResult.ALREADY_ON_LS;
-					// dont allow 2 simultaneous login
-					synchronized (_loginServerClients)
					{
+						// account isnt on any GS, verify LS itself
+						ret = AuthLoginResult.ALREADY_ON_LS;
-						if (!_loginServerClients.containsKey(account))
-						{
-							_loginServerClients.put(account, client);
-							ret = AuthLoginResult.AUTH_SUCCESS;
-						}
					}
-					Accounts acc = _service.getAccountById(account);
-					// keep access level in the L2LoginClient
-					client.setAccessLevel(acc.getAccessLevel());
-					// keep last server choice
-					client.setLastServerId(acc.getLastServerId());
				}
+				// dont allow 2 simultaneous login
+				synchronized (_loginServerClients)
+				{
+					if (!_loginServerClients.containsKey(account))
+					{
+						_loginServerClients.put(account, client);
+						ret = AuthLoginResult.AUTH_SUCCESS;
+					}
+				}
+				Accounts acc = _service.getAccountById(account);
+				// keep access level in the L2LoginClient
+				client.setAccessLevel(acc.getAccessLevel());
+				// keep last server choice
+				client.setLastServerId(acc.getLastServerId());
+			}
		}
		catch (NoSuchAlgorithmException e)
Index: Config.java
===================================================================
@@ -227,5 +227,4 @@
	public static boolean		AUTO_CREATE_ACCOUNTS;
	public static int			GM_MIN;
+	public static boolean		ALLOW_MULT_LOGIN_OF_SAME_ACC;

	//********************************************************************************************
@@ -239,5 +238,4 @@
			serverSettings.load(is);
			is.close();
+			ALLOW_MULT_LOGIN_OF_SAME_ACC = Boolean.parseBoolean(serverSettings.getProperty("AllowMultipleLoginOnSameAcc", "true"));
			ACCEPT_NEW_GAMESERVER = Boolean.parseBoolean(serverSettings.getProperty("AcceptNewGameServer", "true"));
			GM_MIN = Integer.parseInt(serverSettings.getProperty("GMMinLevel", "1"));

Stefoulis15 Newbie

Stefoulis15

Posted
Posted

Very unsecured!!!!

 

Maybe L2j did this on purpose? NcSoft too? Think a lil'. If it was good, NCSoft would probably already put it in retail.

Btw i smell deadlock with the synchronized.. use it at ur own risk! This can also cause many acc steals.. And also, what about if i try to login with already logged char?

xAddytzu Newbie

xAddytzu

Posted
  • Author
Posted

Very unsecured!!!!

 

Maybe L2j did this on purpose? NcSoft too? Think a lil'. If it was good, NCSoft would probably already put it in retail.

Btw i smell deadlock with the synchronized.. use it at ur own risk! This can also cause many acc steals.. And also, what about if i try to login with already logged char?

You will be disconnected! Of course you can not play with same character

RadioDJ Newbie

RadioDJ

Posted
Posted

I need help... i have account no auto create, but i need make accounts with website...

What change from this code?

 

<?php

defined( '_ACM_VALID' ) or die( 'Direct Access to this location is not allowed.' );

define ('DEBUG', false);								// Enable debug mode ; for set on replace false by true
define ('LOG', false);									// Enable log mode ; for set off replace true by false

//##########################################################################################
//############################### Login Server Configuration ###############################
//##########################################################################################

CONFIG::g()->ca('login_server', array(
								'hostname' => 'localhost',					// login host database DB
								'user' => 'root',							// login user
								'password' => 'password',							// login password
								'database' => 'database'						// login database name
							));

//##########################################################################################
//############################### Game Server Configuration ################################
//##########################################################################################

CONFIG::g()->add_game_server(array(
							'id' => 1,										// game id
							'hostname' => 'localhost',						// game host database DB
							'user' => 'root',								// game user
							'password' => 'password',								// game password
							'database' => 'database'							// game database name
						));

 

I search for this and i don't find help... i don't know what needed writing in Localhost...

 

Thanks for helping there!

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • Posts

    • FunBasec
      PlayCMS is a website management system for Lineage 2 gaming

      By FunBasec · Posted

      Added the protection module to the demo.   DDoS Guard Pro v2.0 is a system protection module for PlayMMO CMS designed to reduce the load on the website during HTTP floods, bot activity, suspicious frequent requests, and attacks on individual pages or API methods. Unlike simple global limiters, DDoS Guard Pro v2.0 supports flexible rules based on routes and HTTP methods. This allows you to block the entire site in a targeted manner, rather than blocking the entire site equally. You can set up protection for specific areas of the site, such as login, registration, APIs, administration, forms, and other sensitive areas. What is the purpose of the module? DDoS Guard Pro v2.0 helps protect your site from basic L7 attacks at the HTTP request level. The module is useful when your site receives: frequent requests from a single IP address; HTTP page floods; login or registration form flooding; automatic requests from bots; URL scanning; frequent API requests; suspicious activity spikes; load on individual CMS methods or pages. The module helps to reduce the load on PHP and CMS by limiting suspicious activity before it starts to create a serious load on the site. Main features Per-route and per-method Rate Limit In the new version, protection is configured not only globally, but also according to specific rules. You can set limits separately for: GET; POST; PUT; PATCH; DELETE; ALL. This allows you to flexibly protect different parts of your website. For example: for the login page, you can set a strict limit; for registration, you can set a separate limit; for the API, you can set a limit for reading and a limit for changing data; for regular website pages, you can set a soft limit or not set a limit at all. This approach reduces the risk of accidentally blocking regular users and makes the protection more accurate. Flexible rule system The module supports setting rules in the following format: METHODS|PATTERN|LIMIT|WINDOW|BURST_LIMIT|BURST_WINDOW|BLOCK_SECONDS|IDENTITY|NAME Example of rules: POST|*login*|10|60|5|10|600|ip|login_post POST|*register*|8|60|4|10|600|ip|register_post GET|*api*|300|60|80|10|120|ip|api_get PUT,PATCH,DELETE|*api*|80|60|20|10|300|ip|api_write This allows you to specify exactly: which HTTP methods to protect; which URLs or URL patterns to consider; how many requests are allowed; over what time period; what burst limit to use;  how many seconds to block the offender;  by which ID to count the limit;  what the rule is called. Burst protection against sharp spikes  In addition to the regular request limit, the module monitors sharp spikes of activity.  This is useful when a bot makes many requests in a few seconds. In this case, the protection can be activated faster, without waiting for the overall limit per minute.  Burst protection is especially useful for: authorization pages; registration; API; search; data submission forms; administrative sections. Support for different types of requests DDoS Guard Pro v2.0 works not only with POST requests. The module can control: GET — regular pages, API requests, search; POST — forms, login, registration, data submission; PUT — updating data via API; PATCH — partial data update; DELETE — data deletion; ALL — all methods at once. This makes the module suitable not only for regular sites, but also for CMS with API, personal accounts, game panels and administrative actions. Limit storage: Redis, APCu and file fallback In the new version, the module supports several options for storing temporary data. Available modes: Redis; APCu; file fallback. The auto mode tries to use the most suitable option: Redis; APCu; file storage as a fallback. Redis or APCu are suitable for more efficient operation, while the file storage is left as a fallback option for simple hosting environments that do not have additional extensions. JSONL logging The module records protection events in JSON Lines format. Logs are saved in the following file: storage/logs/ddos_guard.jsonl This format is more convenient than a regular text log, because each event is stored as a separate JSON record. The logs can record the following information: event time; IP address; HTTP method; URL; name of the triggered rule; reason for blocking; number of requests; action status; user-agent; protection mode. The JSONL format is convenient for analysis by external tools, log agents, and monitoring systems. Prometheus metrics DDoS Guard Pro v2.0 adds an endpoint for receiving metrics in Prometheus format. Endpoint: /?ddos_guard_metrics=TOKEN The token is set in the module settings. Metrics allow you to track: the number of processed requests; the number of rule activations; the number of blocks; activity by limits; protection events; module status. This allows you to connect monitoring and configure alerts so that the administrator can see when suspicious activity starts on the site. LOG ONLY mode The module has a LOG ONLY mode. In this mode, DDoS Guard Pro does not block users, but only records events and potential triggers in the log. This mode is recommended to be used after installation, in order to first see which rules are triggered, and only then to enable the real blocking.  This helps to avoid too strict limits and random blocking of regular users.  Support for Cloudflare and proxy  The module supports working behind Cloudflare or another reverse proxy.  With proper configuration, it is possible to take into account the real IP of the user, and not the IP of the proxy server.  This is important for sites that use:  Cloudflare; nginx reverse proxy; load balancers; CDN; hosting proxy protection. Nginx-recommendations DDoS Guard Pro v2.0 contains an example nginx-config: modules/ddos_guard/nginx-ddos-guard-example.conf This allows you to use the module as an additional application layer of protection, and to move the main coarse limits to the nginx level. Recommended protection scheme: Cloudflare / nginx / firewall → DDoS Guard Pro → PlayMMO CMS This approach is more correct than trying to solve all problems only at the PHP level.
    • eMommy
      Needing DEV.

      By eMommy · Posted

    • RMTgold
      Buying & Selling POE & POE2 Divine-Mirrors

      By RMTgold · Posted

      PAYPAL& BINANCE
    • RMTgold
      Buying & Selling Wynncraft Stx

      By RMTgold · Posted

      PAYPAL& BINANCE
    • RMTgold
      Buying & Selling Torn City Cash

      By RMTgold · Posted

      PAYPAL& BINANCE

  • Topics

×
×
  • Create New...

Important Information

This community uses essential cookies to function properly. Non-essential cookies and third-party services are used only with your consent. Read our Privacy Policy and We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..