You mean on our site? We use a proboards forum not connected really to our server host, which is the other admin. So not really sure how I would even go about this. Again, my knowledge of anything relating to SQL is next to nil.
Yes, you can do using a forum, for example, it just needs to be connected to the database. There are many courses of MySQL. Which type of connection are you using with NWNX? It is SQLite?
Vicent07,
Furthermore players can have a private place on the site / forum to change the password, email and even do several other things.
my knowledge of anything relating to SQL is next to nil.
The language we used in Aurora Toolset is like, you should visit the Lexicon:
Modifié par WhiteTiger, 11 avril 2014 - 10:30 .
Excuse me, maybe you should use the Funky idea. It seems to be better in your case since you will have the support forum here and any problem can be solved more easily.
I'll post ours, written by acaos, when I get home. It uses SIMTools. Are you running NWNX? If not, you'll have to do some tweaking to make it work with the bioware event.Funky
he will return home and will help you. (;
Thanks. I needed to know if it was possible. I'm certainly not asking you to tell us how to do it. But I would like to know how often this happens. You seem to suggest later in your post that this is a very rare problem. Is that true?
Yes. We've only seen one person do it since I started running HG in 2004. That same person found a fair number of creative ways to cause trouble, far more than your run-of-the-mill server crasher. He was actually able to log in with my account, which, thanks to his unusual silence when greeted and !playerinfo, a player noted. By the end of his short but relatively infamous career, acaos had had to create a brand new NWNX plugin to prevent him from crashing us. So this is hardly the kind of thing you see frequently, and it does not appear to have become common knowledge on any of the sites that discuss NWN or general gaming ex#plo&its.
I'm happy to disclose a little more in private, if you want to pm me, but far and away the most common use of our passwording setup is the blocking of other torrented/publicly distributed keys by the first person using one to !password the account. I think that alone has probably accounted for a good two dozen GoG purchases over the last couple years. 
It's for that reason that we only check once per login. We have 12 instances, so the odds that a given playername has logged in to the same instance and unlocked it when someone tries to bypass cdkey protection are incredibly low. If you're only running one instance, it'd still only be worth checking once per login, in my opinion, though if you're paranoid you could force a recheck every 3 or 6 real hours using a timestamp check, especially if any runs players are likely to crash out of are comparitively short (and thus less likely to result in crashes during runs, if they, like our players, start runs fairly soon after logging in).
Funky
We are using NWNX and an SQL database. Though I know there's a lot of additions for NWNX that we do not use mostly as none of us have yet taken the time to understand them. And we lack someone with any real SQL knowledge.
I understand NWScript enough that I was able to implement the CDKey security code you posted some time back, but not really do much else in that regard.
That's fine. SIMTools is actually a nwscript setup for the nwnx_chat plugin event, which I think is a part of the core NWNX install, nowadays.
SIMTools is posted on the Vault. It uses the default NWNX setup for the SQL database, so as to be as user-friendly as possible. You can find a link to it here:
I'll post the code snippets that would need to be implemented to do our passwording setup, in a few hours (still at work here). It's a little more involved than the cd key boot, since it has to intercept all chat, but it works quite well. I don't have a lot of spare time these days to help with installation, but I can field questions.
Funky
Perhaps I should elaborate further.
We use NWNX for database and server hosting, that's about it.
I've included nwnx_funcs, but have not yet used it. Our OnPlayerChat is entirely custom.
So, how much of a headache am I looking at to merge this in?
Hm. In that case, possibly a pretty big one. We use a lot of nwnx stuff, including custom effect ids, and more. I'll show you the basics, and let you decide if you want to dive in (I'm giving you everything I spot, but I may miss some included functions you'd need). Here's the snippet from where it fires on client enter:
Note that our entry script, which normally passes people through our first area, is put on hold while it waits for password confirmation:
That chunk of code repeats every 5 seconds until they enter the password, at which case they pass that return and execute the rest of the code in that onenter, which, among other things, deposits them in the normal start area, if that's where they belong.
The ApplyPasswordHold function is as follows:
http://pastebin.com/bbvGh7EQ
Then, of course, there's the chat event that screens for the various channels:
That's basically just the standard SIMTools chat event, with some modifications for password support, as noted in the comment.
Next, some selected code from the chat include, including passwording functions and the !password command itself:
The SQLExecStatement is just a convenience function variant of the normal SQL injector function, SQLExecDirect:
It basically allows you to replace string quotes with ?s, to make the inputs more human-readable, with less room for annoying quote errors. Courtesy of acaos, along with this passwording code, I should mention.
Last up, the password database, both a describe and a sample select. People have criticized the use of OLD_PASSWORD, but it's basically a nonissue unless the person trying to defeat it has lower level access to the server. I sure as hell can't tell what people are entering, at any rate. I wind up setting people's passes to simple phrases like greeneggs if they forget them.
Please feel free to ask questions.
Funky
Funky,
Stop, man.
Please, this is already getting bad.
We all know it is you who is writing posts, stop putting "Funky" at the end.
White Tiger,
It is possible you do not understand the nature or history of 'signatures' but they exist, and are a feature of the forum. You would do well not to oppose others who are merely using the system as intended. Some might think it senseless bashing.
Be well. Game on.
GM_ODA
(I don't recall if I setup my auto sig here so bear with me if you get the above lines twice, it's been a while)
White Tiger,
It is possible you do not understand the nature or history of 'signatures' but they exist, and are a feature of the forum. You would do well not to oppose others who are merely using the system as intended. Some might think it senseless bashing.
Be well. Game on.
GM_ODA
(I don't recall if I setup my auto sig here so bear with me if you get the above lines twice, it's been a while)
Heh, thanks for the defense. In point of fact, though, that's not a part of my signature. I still sign my forum posts as I do any piece of communication, email or otherwise, just as I do in my professional life. I think it's useful to remember that you're putting your name (or pseudonym, as the case may be) to what you say. And, as you say, signatures, be they auto-placed or otherwise, have a long and distinguised history, in part for that very reason. I'll spare everyone a lecture on the legal signficance of a signature in other settings.
Back on point: I've often considered a passwording system to supplement the cd key one, but the chat event involvement is problematic. I tend to suspect that most people are using either a NWNX-based scriptset, or the bioware event, already, adding one more snarl to a simple posting. Still, though, I'm willing to try at some point down the road, if there's enough interest.
Funky
White Tiger,
It is possible you do not understand the nature or history of 'signatures' but they exist, and are a feature of the forum. You would do well not to oppose others who are merely using the system as intended. Some might think it senseless bashing.
Be well. Game on.
GM_ODA
(I don't recall if I setup my auto sig here so bear with me if you get the above lines twice, it's been a while)
Dear ehye_khandee,
The signature that belong to him is not "Funky".
He set up your signature with these stuffs:
Higher Ground - Action Packed Challenging Party Play Persistent World
Check out the Forums | Wiki | Server Status and follow us on Twitter and Facebook!
It's ridiculous you enter this story. Thankfully, not all people do it, they read and ignore, because they are interested in the content script you have here.
I'm a busy person to say more about it here, hope you understand it best.
I pondered for a bit whether or not one could password protect a server and then use nwnx to tie the actually input to individual account rather than the server. Never followed up on it, but it might be an idea... I'm not likely to. 
Players could use the command line in that case (right?).
In lieu of that and no CDKEYS, I think a session based system, might work ok. I.e. if you login within X minutes from a logout with the same IP address, you needn't renter a password. Part of me likes a password/no cdkey thing, but if multiple people are accessing the same account/vault/character I'd guess the result would be pure disaster. Edit: Oops, don't think that can ever happen concurrently.
Modifié par leo_x, 12 avril 2014 - 10:57 .
by leo_x
if you login within X minutes from a logout with the same IP address, you needn't renter a password.
good idea, maybe I'll use that in my server
I pondered for a bit whether or not one could password protect a server and then use nwnx to tie the actually input to individual account rather than the server. Never followed up on it, but it might be an idea... I'm not likely to.
In lieu of that and no CDKEYS, I think a session based system, might work ok. I.e. if you login within X minutes from a logout with the same IP address, you needn't renter a password.
Part of me likes a password/no cdkey thing, but if multiple people are accessing the same account/vault/character I'd guess the result would be pure disaster.Edit: Oops, don't think that can ever happen concurrently.
It can happen, if you use a shared vault with more than one instance, like we do. [Edit] The problems I'm referring to have only occurred since the master server went dark, because someone can now sign into the same account more than once simultaneously. [/Edit] In that scenario, linking cd key to login is absolutely critical to prevent oodles of different problems. We coordinate logins across servers with MySQL:
As for the command line idea, I don't know enough to say. Your knowledge greatly exceeds mine in that department.
Funky
Ah, I didn't even think of that scenario.
I looked into it a bit, but I don't think it's probably worth the trouble over a chat password system. It would be nice in some ways tho, one could store their password in an external launcher and never have to futz with it again.
Edit: It just occurred to me nwnx_connect could probably be expanded it to have password message... Maybe ShadoOoW/Virusman would be interested? Those without NWNCX would have to have a password method still tho.
Modifié par leo_x, 13 avril 2014 - 01:26 .
Edit: It just occurred to me nwnx_connect could probably be expanded it to have password message... Maybe ShadoOoW/Virusman would be interested? Those without NWNCX would have to have a password method still tho.
This thread already made me thought about a more hardcoded password way. I think it could be done without NWNCX,, just serverside but I havent investigated yet and neither I wont in near future - too much of the unfinished bussiness and I have now also a homam4 map to play 
.
On the subject of multiple server isntances, we do that too. All of our dungeons are on a different server. How would one go about stopping dual-logins these days?
Ideally I'd like to also alter my tracking command to list PCs on both instances, but have not figured that out yet. I really need to learn more about using SQLite.
On the subject of multiple server isntances, we do that too. All of our dungeons are on a different server. How would one go about stopping dual-logins these days?
Ideally I'd like to also alter my tracking command to list PCs on both instances, but have not figured that out yet. I really need to learn more about using SQLite.
Using the database table I posted, here's our double login function:
Here's hg_client_inc, the include it relies on:
As you can see, that's a much more robust implementation. All you really need to do is store id's on login, check them out when they leave, and check for hung servers so players aren't locked out until someone resets. More detail that that, you can get into to a degree based on your comfort level. Just use the double login function as a baseline, trimming it down to bare bones if you like.
Funky
@funky, this seems to be a replacement for the multiple CDkey system you had about a year ago, yes?
No, we use both. That database tracks all kinds of things for users, logging them going back 48 hours. CD keys are stored permanently. In fact, we still use the pwdata table for it, and SIMTools bans, simply because most of our other stuff is held in custom tables, so there's not much issue concerning table bloat and long query times.
Funky
No, we use both. That database tracks all kinds of things for users, logging them going back 48 hours. CD keys are stored permanently. In fact, we still use the pwdata table for it, and SIMTools bans, simply because most of our other stuff is held in custom tables, so there's not much issue concerning table bloat and long query times.
The pastebin for what the password table looks like is missing so I wasn't sure. It looks like you are just doing a password to cdkey mapping rather than tying the password to the player name. So if a player has several keys she needs to change/set the password on each key. Do you do this check before or after the previously mentioned cdkey check? I assume you do that other one first.
btw, thanks for sharing your wisdom and experience with this and all the other stuff. Digging out all those code snippets takes time.
meaglyn
The pastebin for what the password table looks like is missing so I wasn't sure. It looks like you are just doing a password to cdkey mapping rather than tying the password to the player name. So if a player has several keys she needs to change/set the password on each key. Do you do this check before or after the previously mentioned cdkey check? I assume you do that other one first.
Whups.
We are indeed mapping passes to cd keys, and yes, we run the cd key check onenter first, and just boot if there's a mismatch. Passwords, they have to have the opportunity to enter, so they come after.
btw, thanks for sharing your wisdom and experience with this and all the other stuff. Digging out all those code snippets takes time.
meaglyn
My pleasure. I should add that most of this stuff was acaos' code - he left his mark on most server events.
Funky
Retour en haut