Jump to content
  • 0

[help] BAN list? possible


Question

11 answers to this question

Recommended Posts

  • 0
Posted

i use google chrome to. and here i can find it meby need other internet? leave country come to here and try?

 

Yeah, sure tomorrow I will fly to Netherlands only for try to connect to dragon-network. Stay there I will answer tomorrow !

  • 0
Posted

There is one part related to Java (custom //ban command), and a big part related to PHP.

 

To be simple, when you ban someone ingame, it write his name in a banlist table, with reason etc. PHP read your table "banlist", like it could read your table "heroes" if you had a "heroes" page.

 

----

 

THE FOLLOWING IS JUST A GUIDELINE. YOU HAVE TO MAKE THE IMPROVED COMMAND AND THE PHP PART OBVIOUSLY.

 

It could work with a command like

 

//ban characterName Duration ReasonofBan

 

It's an accurate command which need 3 parameters, but you can cut it to the CharacterName if you got a PHP administration panel (which mean more work for my part lol, so I prefer java).

 

The command kick and ban the guy ofc, but write a SQL command in a banlist table (table you improved/created if no exists).

 

Once you got your registered banned character, you have to code a PHP code in your website (make a page for it like your exemple...) to put in in format.

 

I invite you to search guides on this forum about "show heroes on website" and such things.

 

Dunno if I was rly clear lol, but just don't hope someone make it for you. It's rly not hard, but it asks some time if you want to do a clean thing.

 

I coded this thing myself (except the improved //ban command), so it's possible.

 

-----

 

Some more things :

 

- find the command //ban easily using the powerful "search" from eclipse. It's in admincommandhandlers, or whatever depending of your chronicle.

- search definitively a "heroe" or any guide which pick stats from database to call it on webpage. It's the easiest way to understand.

  • 0
Posted

There is one part related to Java (custom //ban command), and a big part related to PHP.

 

To be simple, when you ban someone ingame, it write his name in a banlist table, with reason etc. PHP read your table "banlist", like it could read your table "heroes" if you had a "heroes" page.

 

----

 

THE FOLLOWING IS JUST A GUIDELINE. YOU HAVE TO MAKE THE IMPROVED COMMAND AND THE PHP PART OBVIOUSLY.

 

It could work with a command like

 

//ban characterName Duration ReasonofBan

 

It's an accurate command which need 3 parameters, but you can cut it to the CharacterName if you got a PHP administration panel (which mean more work for my part lol, so I prefer java).

 

The command kick and ban the guy ofc, but write a SQL command in a banlist table (table you improved/created if no exists).

 

Once you got your registered banned character, you have to code a PHP code in your website (make a page for it like your exemple...) to put in in format.

 

I invite you to search guides on this forum about "show heroes on website" and such things.

 

Dunno if I was rly clear lol, but just don't hope someone make it for you. It's rly not hard, but it asks some time if you want to do a clean thing.

 

I coded this thing myself (except the improved //ban command), so it's possible.

 

-----

 

Some more things :

 

- find the command //ban easily using the powerful "search" from eclipse. It's in admincommandhandlers, or whatever depending of your chronicle.

- search definitively a "heroe" or any guide which pick stats from database to call it on webpage. It's the easiest way to understand.

 

Thank you for help me i will try this one! Thanks!

i use FREYA :)

 

Edit: mm lil to hard for me i will try find already shared meby a website or some one have tuts for it:D:)

if some one knows how edit or create it add me on msn laminota@hotmail.com

  • 0
Posted

As I'm insanely cute today, I will share you the mechanism of mine. Some things you must know :

 

- Do whatever you can/want with this source, I don't give any support, except the short explanation I will do right now.

- Clever people will find it usefull, lazy will find it useless. Your problem seriously lol.

- It's surely not the most optimized way to do it, and I really don't give a fock.

- It's made for IL, so try to adapt it if you need.

- In Epilogue++ you got a punishement system, no idea how far it's advanced.

- I used the veerrryyy old C3 website to make this feature (deutch words in it, I don't even know the translation, just suposed it).

 

First, a picture :

 

sanstitresxr.th.jpg

 

You can see my Navicat stuff, with a table named "site_eg". It's a table I specially created to stock all punishements features. It didn't existed at all before. When you open it you got many columns : id, reason, victim_name, etc.

 

In background, you got the formated result on my homemade/stocked website.

 

Now the source code, you can dl too at this address : http://www.4shared.com/file/NdQUBN_W/eg_online.html

 

		<?php 

			$verbindung=MYSQL_CONNECT($dbhost,$dbuser,$dbpass) or die ("mySQL database have a problem ; please come back later.");
			MYSQL_SELECT_DB($dbname) or die ("mySQL database have a problem ; please come back later.");

			$get_eg="SELECT * FROM site_eg ORDER by id DESC";
			$eg=MYSQL_QUERY($get_eg);

			//Initialisation pour une valeur de départ non null pour rentrer dans la boucle
			$row = "0";

			while ($row != null) 
			{
				$row = mysql_fetch_array($eg);

				if ($row["punishement"] == 1)		$row["punishement"]="Chatban";
				elseif ($row["punishement"] == 2)	$row["punishement"]="Jail";
				elseif ($row["punishement"] == 3)	$row["punishement"]="Delevel";
				elseif ($row["punishement"] == 4)	$row["punishement"]="Decreased enchant";
				elseif ($row["punishement"] == 5)	$row["punishement"]="Character ban";
				elseif ($row["punishement"] == 6)	$row["punishement"]="Account ban";

				if ( $row != null )
				{
					echo "<tr>";
						echo "<td>" .prettydatenews($row["postdate"]). "</td>";
						echo "<td>" .$row["victim_name"]. "</td>";
						echo "<td>".$row["punishement"]. "</td>";
						echo "<td>".$row["time"]. "</td>";
						echo "<td>".$row["reason"]. "</td>";
					echo "</tr>";
				}
			}
			echo "</table>";

			function prettydatenews($uglydate) 
			{
				//  Format de la date (DD-MM-YYYY pour les news de l'accueil).
				return date("d.m.Y", mktime(0,0,0,substr($uglydate, 5, 2),substr($uglydate, 8, 2),substr($uglydate, 0, 4)));
			}
		?>

 

Some explanations : we log to the db, with password W and login Y and we do a SQL request on it : SELECT * FROM site_eg ORDER by id DESC, which means basically : select all the damn data from my table "site_eg" and order it via their "id"

 

After it's a question of format... It creates a table, and do all the shit clean lol. For example, it renames the punishement, which is basically a system of 6 numbers per a "name". Punishement 1 = name1, punishement 2 = name2,...

 

There will have no graphics at all like mine. If you read my sources from the 4shared place, you can see clearly I used headers and footers in php where I do some calls to my .css stylesheet. As I didn't share my whole site (Maxcheaters will rip it in some months perhaps, if my server is launched a day, who know lol), you miss all graphical part, which isn't the issue in your problem, we agree :D.

 

---

 

Basically, it's all for the "read". Now you need the "write" code, aka java commandhandlers heavy modifications :D.

 

 

  • 0
Posted

this what iam looking for!!!!!

 

Very Thanksss really

 

/lock please

solved.

locked.

Guest
This topic is now closed to further replies.


  • Posts

    • Update: Advanced Rate Limiting Rate limiting is now applied to: Login attempts Account registration Password recovery Email confirmation resends WhatsApp verification Checkout access The system maintains independent counters by IP address and user identity, helping prevent traditional brute-force attacks as well as distributed credential-stuffing attempts using multiple proxies. Brute-Force and Credential-Stuffing Protection Protection is not limited to the visitor's IP address. The system also tracks attempts associated with the account, username, or email address, reducing the effectiveness of attacks performed through rotating IP addresses, proxies, or VPN services. Global HTTP Security Headers Security headers are applied across the entire website: X-Frame-Options X-Content-Type-Options Referrer-Policy HTTP Strict Transport Security These headers help protect the website against clickjacking, MIME-type confusion, insecure referrer exposure, and HTTP downgrade attempts. Secure Error Handling Internal exceptions are recorded in protected security logs while visitors receive sanitized error messages. This prevents the accidental exposure of: Internal file paths Database information SQL errors Server configuration Application stack traces Private Storage Exposure Monitoring The system automatically checks whether the private storage directory is publicly accessible in production. If exposure is detected, a security warning is recorded for the administrator without interrupting the website. This directory may contain licensing information, rate-limit records, and security logs and must never be publicly accessible. OAuth Request Protection Google and Facebook authentication flows use cryptographically random state values stored in the user's session. Returned state values are validated using constant-time comparison, helping prevent OAuth request forgery and unauthorized account-linking attacks. Telegram Authentication Validation Telegram login information is protected through: HMAC signature validation Constant-time hash comparison Authentication timestamp verification Expired-login rejection Secure Verification Tokens Email, password recovery, and WhatsApp verification systems include: Cryptographically secure random tokens Hashed WhatsApp verification codes Automatic expiration Limited verification attempts Resend cooldowns One-time token invalidation Account Activation Protection When email or WhatsApp verification is required, the game account remains restricted until all required verification steps are completed. Unverified users cannot bypass the confirmation process through standard or social login. Secure Upload Processing Administrative image uploads include: Real MIME-type inspection Image-content validation File-size limits Extension allowlists Server-generated random filenames Rejection of invalid or disguised files Original user-provided filenames are never used as the final stored filename. Path Traversal Protection Theme and template identifiers are restricted to validated slugs and must exist in the internal list of allowed themes. This prevents directory traversal and unauthorized local-file access through manipulated template names. Atomic Ticket Transfer Protection Ticket transfers use transactional and durable delivery processing. The balance is conditionally debited, the delivery is recorded before communication with the game database, and failed deliveries remain pending for safe reprocessing. This helps prevent: Free-item delivery Inconsistent balances Duplicate delivery Partial transaction failures Lost transfer records Concurrent Balance Protection Administrative balance adjustments use database transactions and row-level locking. This prevents simultaneous balance operations from overwriting each other or creating inconsistent account balances. Secure Redirect Handling Redirect values are sanitized against header injection, and external redirects are restricted to HTTPS destinations. Password Security Improvements The website uses modern password hashing for player-panel accounts and bcrypt with a configurable cost for supported game-server account systems. Compatibility is included for game-server implementations requiring the $2a$ bcrypt prefix. Duplicate Payment Prevention Built-in protections include: Idempotency control Transaction reference validation Payment status verification Unique external payment references Database transactions and rollback Durable payment history Completed-order verification These protections prevent: Double credits Repeated processing Duplicate payment callbacks Incomplete financial operations Signed Payment Callback Protection Payment callbacks are protected through: HMAC-SHA256 authentication Constant-time signature comparison Signed callback timestamps Callback freshness validation Shared callback secrets This helps prevent forged payment notifications, callback manipulation, and replay attacks. SQL Injection Protection The database layer uses: PDO Prepared statements Parameter binding Controlled internal allowlists for dynamic identifiers User-controlled values are not directly concatenated into SQL queries. XSS Protection Output and form data are protected through: HTML escaping Attribute escaping Input filtering HttpOnly session cookies MIME-sniffing protection Frame embedding restrictions These measures reduce the risk of Cross-Site Scripting, malicious HTML injection, session theft, and clickjacking. CSRF Protection Sensitive forms and administrative operations use session-based CSRF tokens. Requests without a valid token are rejected, helping prevent unauthorized actions performed through malicious external websites. Secure Session Protection The session system includes: HttpOnly cookies Secure cookie support SameSite restrictions Session ID regeneration Authentication state validation Session timeout controls These protections reduce the risks of session fixation, session theft, and unauthorized account reuse. reCAPTCHA Protection Google reCAPTCHA may be enabled on sensitive public forms to reduce: Automated account registrations Spam submissions Bot login attempts Automated password recovery abuse Confirmation Resend Limits Email and WhatsApp confirmation resends are protected through: Cooldown periods Rate limiting Expiring verification codes Attempt counters This prevents verification-message flooding and excessive external API usage. Licensing and Anti-Cloning Protection The website includes centralized licensing controls with: License-key validation Domain binding Signed license responses Cached license validation Temporary offline grace period Circuit-breaker protection Unauthorized-domain rejection These measures help prevent unauthorized installation, cloning, and redistribution of the system.
    • Tool that allows you to download the Lineage 2 game client directly from the official publisher CDNs. It fetches the CDN's file list and downloads every patch file, decompresses it (LZMA / Zip) and writes the finished client to disk — and can resume or repair an existing installation instead of starting over. It runs several client downloads at once through a batch queue, so you can prepare multiple regions or versions in a single session.   Supported: NCSoft CDNs (TW / KR / JP / NA) and  4game CDNs(RU / EU)   Download: https://drive.google.com/file/d/11SDcNASqO2GKOBT79LFu7mqvSRSJZvBS
    • https://l2avokado.com/ Hello everyone,   After some time of development, we've decided to open L2Avokado to the public in its current development stage. We're looking for players who enjoy Interlude and would like to help shape the project before its official release.   This isn't a "launch" announcement. Instead, we're inviting the community to log in, explore the server, test the systems we've built, and provide honest feedback. Whether it's bug reports, balance suggestions, progression ideas, or quality-of-life improvements, we'd love to hear them.   Our goal has always been to create an Interlude server that feels familiar while offering a fresh progression experience. We've intentionally avoided custom weapons, armor, and client modifications. Instead, we've focused on redesigning progression through reworked hunting grounds, quests, crafting, and gameplay systems while remaining compatible with a clean Interlude client.   At this stage, the core progression path has been implemented, including the main hunting grounds, quests, custom systems, and events. However, as the project is still under active development, there will inevitably be bugs, balance issues, and areas that require further polishing.   This is exactly why we'd like your help.   We're looking for players who are willing to: Test gameplay and progression. Report bugs and exploits. Suggest balance improvements. Share ideas for new features or quality-of-life changes. Help us build a server that the community genuinely enjoys playing.   The Client and System downloads are already available on our website, so you can jump straight into the game. We're also working on a dedicated launcher that will simplify installation and future updates.   If you're interested in helping develop a unique Interlude project and want your feedback to genuinely influence the direction of the server, we'd love to have you with us.   We look forward to seeing you in-game and hearing your thoughts on Discord. https://l2avokado.com/
  • Topics

×
×
  • Create New...

Important Information

This community uses essential cookies to function properly. Non-essential cookies and third-party services are used only with your consent. Read our Privacy Policy and We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..