duckietm/Arcturus-Morningstar-Extended
1
0
Fork 0
mirror of https://github.com/duckietm/Arcturus-Morningstar-Extended.git synced 2026-06-19 15:06:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'duckie/main' into merge-duckie-main-2026-05-06

Browse Source 
# Conflicts:
#	Database Updates/016_custom_prefixes_setup.sql
#	Database Updates/custom_nick_icons_setup.sql
#	Database Updates/remember_login_tokens.sql
#	Database Updates/wired_message_length_512.sql
#	Emulator/src/main/java/com/eu/habbo/habbohotel/GameEnvironment.java
#	Emulator/src/main/java/com/eu/habbo/messages/outgoing/rooms/users/RoomUserDataComposer.java
#	Emulator/src/main/java/com/eu/habbo/messages/outgoing/users/UserProfileComposer.java
#	Emulator/src/main/java/com/eu/habbo/networking/gameserver/WebSocketChannelInitializer.java
#	Emulator/src/main/java/com/eu/habbo/networking/gameserver/auth/AuthHttpHandler.java
This commit is contained in:
Lorenzune
2026-05-06 04:23:14 +02:00
parent 59ce829fe0 fdf0e5d806
commit 26326bcc0e
34 changed files with 2399 additions and 323 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Database Updates/000_all_database_updates.sql
+6 -35
View File
@@ -1,37 +1,3 @@
-- =============================================================================
-- Consolidated Database Updates - All-in-One
-- =============================================================================
-- This file combines ALL individual update scripts from SQL/Database Updates/
-- into a single idempotent migration. Every statement is safe to re-run:
-- - ALTER TABLE ADD COLUMN IF NOT EXISTS (MariaDB 10.0+)
-- - ALTER TABLE CHANGE/MODIFY COLUMN IF EXISTS
-- - CREATE TABLE IF NOT EXISTS
-- - INSERT IGNORE / ON DUPLICATE KEY UPDATE for settings
-- - TRUNCATE + re-insert for reference data (breeding)
--
-- Run order: This file FIRST, then 001_optimize_gameserver.sql
--
-- Source files (in applied order):
-- 1. UpdateDatabase_Allow_diagonale.sql
-- 2. UpdateDatabase_BOT.sql
-- 3. UpdateDatabase_Banners.sql
-- 4. UpdateDatabase_DanceCMD.sql
-- 5. UpdateDatabase_Happiness.sql
-- 6. UpdateDatabase_Websocket.sql
-- 7. UpdateDatabase_unignorable.sql
-- 8. Default_Camera.sql
-- 9. 07012026_UpdateDatabase_to_4-0-1.sql
-- 10. 09012026_UpdateDatabase_to_4-0-2.sql
-- 11. 12012026_Battle Banzai.sql (same as #10, deduplicated)
-- 12. 12012026_Breeding Fixes.sql
-- 13. 12012026_ChatBubbles.sql
-- 14. 16032026_updateall_command.sql
-- 15. 17032026_allow_underpass.sql
-- 16. 19032026_hotel_timezone.sql
-- 17. 21022026_user_prefixes.sql
-- 18. 06042026_builders_club_catalog_offers.sql
-- =============================================================================
SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;
SET @OLD_SQL_MODE = @@SQL_MODE;
@@ -512,8 +478,13 @@ ALTER TABLE `users_settings`
ADD COLUMN IF NOT EXISTS `builders_club_bonus_furni` INT(11) NOT NULL DEFAULT 0 AFTER `hc_gifts_claimed`;
INSERT INTO `permission_definitions` (`permission_key`, `max_value`, `comment`)
VALUES ( 'acc_staff_chat', 1, 'Grants access to the in-game Staff Chat group buddy: receives broadcasts from other staff and can broadcast to anyone holding this permission.' )
ON DUPLICATE KEY UPDATE `max_value` = VALUES(`max_value`), `comment` = VALUES(`comment`);
-- =============================================================================
-- Done
-- Done.
-- =============================================================================
SET FOREIGN_KEY_CHECKS = 1;
SET SQL_MODE = @OLD_SQL_MODE;
Database Updates/013_UI_Client_News.sql
+43
View File
File diff suppressed because one or more lines are too long
Database Updates/014_Make_Custom_Badge.sql
+28
View File
@@ -0,0 +1,28 @@
-- Make sure that the emulator has write access to the badge_path folder !!!!!
CREATE TABLE IF NOT EXISTS `users_custom_badge_settings` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`badge_path` varchar(255) NOT NULL DEFAULT '/var/www/gamedata/c_images/album1584',
`badge_url` varchar(255) NOT NULL DEFAULT '/gamedata/c_images/album1584',
`price_badge` int(11) NOT NULL DEFAULT 0,
`currency_type` int(11) NOT NULL DEFAULT -1,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci ROW_FORMAT=DYNAMIC;
INSERT INTO `users_custom_badge_settings` (`id`, `badge_path`, `badge_url`, `price_badge`, `currency_type`)
SELECT 1, '/var/www/gamedata/c_images/album1584', '/gamedata/c_images/album1584', 50, 5
WHERE NOT EXISTS (SELECT 1 FROM `users_custom_badge_settings` WHERE `id` = 1);
CREATE TABLE IF NOT EXISTS `user_custom_badge` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`badge_id` varchar(64) NOT NULL,
`badge_name` varchar(64) NOT NULL DEFAULT '',
`badge_description` varchar(255) NOT NULL DEFAULT '',
`date_created` int(11) NOT NULL DEFAULT 0,
`date_edit` int(11) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`),
UNIQUE KEY `badge_id` (`badge_id`),
KEY `user_id` (`user_id`),
CONSTRAINT `fk_user_custom_badge_user` FOREIGN KEY (`user_id`) REFERENCES `users` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci ROW_FORMAT=DYNAMIC;
Database Updates/015_add_users_background_card_id.sql
+1
View File
@@ -0,0 +1 @@
ALTER TABLE `users` ADD COLUMN IF NOT EXISTS `background_card_id` INT(11) NOT NULL DEFAULT 0 AFTER `background_overlay_id`;
Emulator/sqlupdates/custom_prefixes_setup.sql → Database Updates/016_custom_prefixes_setup.sql
+39
View File
@@ -315,3 +315,42 @@ INSERT IGNORE INTO `custom_prefix_blacklist` (`word`) VALUES
--
-- Command texts / permission inserts are intentionally omitted
-- for compatibility with both legacy and normalized permission schemas.
INSERT IGNORE INTO `emulator_texts` (`key`, `value`) VALUES
-- GivePrefix command
('commands.keys.cmd_give_prefix', 'giveprefix'),
('commands.error.cmd_give_prefix.usage', 'Usage: :giveprefix <username> <text> <color> [icon] [effect]'),
('commands.error.cmd_give_prefix.invalid_color', 'Invalid color format. Use hex format (#FF0000).'),
('commands.error.cmd_give_prefix.too_long', 'Prefix text is too long (max 15 characters).'),
('commands.error.cmd_give_prefix.user_not_found', 'User not found or not online.'),
('commands.succes.cmd_give_prefix', 'Prefix {%prefix%} successfully given to %user%!'),
-- ListPrefixes command
('commands.keys.cmd_list_prefixes', 'listprefixes'),
('commands.error.cmd_list_prefixes.usage', 'Usage: :listprefixes <username>'),
('commands.error.cmd_list_prefixes.user_not_found', 'User not found or not online.'),
('commands.succes.cmd_list_prefixes.header', 'Prefixes of %user%:'),
('commands.succes.cmd_list_prefixes.empty', '%user% has no prefixes.'),
-- RemovePrefix command
('commands.keys.cmd_remove_prefix', 'removeprefix'),
('commands.error.cmd_remove_prefix.usage', 'Usage: :removeprefix <username> <id|all>'),
('commands.error.cmd_remove_prefix.user_not_found', 'User not found or not online.'),
('commands.error.cmd_remove_prefix.invalid_id', 'Invalid prefix ID. Must be a number or "all".'),
('commands.error.cmd_remove_prefix.not_found', 'Prefix not found for this user.'),
('commands.succes.cmd_remove_prefix', 'Prefix #%id% removed from %user%.'),
('commands.succes.cmd_remove_prefix.all', 'All prefixes removed from %user%.'),
-- PrefixBlacklist command
('commands.keys.cmd_prefix_blacklist', 'prefixblacklist'),
('commands.error.cmd_prefix_blacklist.usage', 'Usage: :prefixblacklist <add|remove|list> [word]'),
('commands.error.cmd_prefix_blacklist.empty_word', 'Word cannot be empty.'),
('commands.succes.cmd_prefix_blacklist.header', 'Blacklisted prefix words:'),
('commands.succes.cmd_prefix_blacklist.empty', 'No blacklisted words.'),
('commands.succes.cmd_prefix_blacklist.added', 'Word "%word%" added to prefix blacklist.'),
('commands.succes.cmd_prefix_blacklist.removed', 'Word "%word%" removed from prefix blacklist.');
INSERT IGNORE INTO permission_definitions
(permission_key, max_value, rank_1, rank_2, rank_3, rank_4, rank_5, rank_6, rank_7)
VALUES
('cmd_give_prefix', '1', '0', '0', '0', '0', '0', '0', '1'),
('cmd_list_prefixes', '1', '0', '0', '0', '0', '0', '0', '1'),
('cmd_remove_prefix', '1', '0', '0', '0', '0', '0', '0', '1'),
('cmd_prefix_blacklist', '1', '0', '0', '0', '0', '0', '0', '1');
Database Updates/017_Profile_Backgrounds.sql
+244
View File
@@ -0,0 +1,244 @@
CREATE TABLE IF NOT EXISTS `infostand_backgrounds` (
`id` int(11) NOT NULL,
`category` enum('background','stand','overlay','card') NOT NULL,
`min_rank` int(11) NOT NULL DEFAULT 0,
`is_hc_only` tinyint(1) NOT NULL DEFAULT 0,
`is_ambassador_only` tinyint(1) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`,`category`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
INSERT INTO `infostand_backgrounds` (`id`, `category`, `min_rank`, `is_hc_only`, `is_ambassador_only`) VALUES
(0, 'background', 0, 0, 0),
(1, 'background', 0, 0, 0),
(2, 'background', 0, 0, 0),
(3, 'background', 0, 0, 0),
(4, 'background', 0, 0, 0),
(5, 'background', 0, 0, 0),
(6, 'background', 0, 0, 0),
(7, 'background', 0, 0, 0),
(8, 'background', 0, 0, 0),
(9, 'background', 0, 0, 0),
(10, 'background', 0, 0, 0),
(11, 'background', 0, 0, 0),
(12, 'background', 0, 0, 0),
(13, 'background', 0, 0, 0),
(14, 'background', 0, 0, 0),
(15, 'background', 0, 0, 0),
(16, 'background', 0, 0, 0),
(17, 'background', 0, 0, 0),
(18, 'background', 0, 0, 0),
(19, 'background', 0, 0, 0),
(20, 'background', 0, 0, 0),
(21, 'background', 0, 0, 0),
(22, 'background', 0, 0, 0),
(23, 'background', 0, 0, 0),
(24, 'background', 0, 0, 0),
(25, 'background', 0, 0, 0),
(26, 'background', 0, 0, 0),
(27, 'background', 0, 0, 0),
(28, 'background', 0, 0, 0),
(29, 'background', 0, 0, 0),
(30, 'background', 0, 0, 0),
(31, 'background', 0, 0, 0),
(32, 'background', 0, 0, 0),
(33, 'background', 0, 0, 0),
(34, 'background', 0, 0, 0),
(35, 'background', 0, 0, 0),
(36, 'background', 0, 0, 0),
(37, 'background', 0, 0, 0),
(38, 'background', 0, 0, 0),
(39, 'background', 0, 0, 0),
(40, 'background', 0, 0, 0),
(41, 'background', 0, 0, 0),
(42, 'background', 0, 1, 0),
(43, 'background', 0, 1, 0),
(44, 'background', 0, 1, 0),
(45, 'background', 0, 1, 0),
(46, 'background', 0, 1, 0),
(47, 'background', 0, 1, 0),
(48, 'background', 0, 1, 0),
(49, 'background', 0, 1, 0),
(50, 'background', 0, 1, 0),
(51, 'background', 0, 1, 0),
(52, 'background', 0, 1, 0),
(53, 'background', 0, 1, 0),
(54, 'background', 0, 1, 0),
(55, 'background', 0, 1, 0),
(56, 'background', 0, 1, 0),
(57, 'background', 0, 1, 0),
(58, 'background', 0, 1, 0),
(59, 'background', 0, 1, 0),
(60, 'background', 0, 1, 0),
(61, 'background', 0, 1, 0),
(62, 'background', 0, 1, 0),
(63, 'background', 0, 1, 0),
(64, 'background', 0, 1, 0),
(65, 'background', 0, 1, 0),
(66, 'background', 0, 1, 0),
(67, 'background', 0, 1, 0),
(68, 'background', 0, 1, 0),
(69, 'background', 0, 1, 0),
(70, 'background', 0, 1, 0),
(71, 'background', 0, 1, 0),
(72, 'background', 0, 1, 0),
(73, 'background', 0, 1, 0),
(74, 'background', 0, 1, 0),
(75, 'background', 0, 1, 0),
(76, 'background', 0, 1, 0),
(77, 'background', 0, 1, 0),
(78, 'background', 0, 1, 0),
(79, 'background', 0, 1, 0),
(80, 'background', 0, 1, 0),
(81, 'background', 0, 1, 0),
(82, 'background', 0, 1, 0),
(83, 'background', 0, 1, 0),
(84, 'background', 0, 1, 0),
(85, 'background', 0, 1, 0),
(86, 'background', 0, 1, 0),
(87, 'background', 0, 1, 0),
(88, 'background', 0, 1, 0),
(89, 'background', 0, 1, 0),
(90, 'background', 0, 1, 0),
(91, 'background', 0, 1, 0),
(92, 'background', 0, 1, 0),
(93, 'background', 0, 1, 0),
(94, 'background', 0, 1, 0),
(95, 'background', 0, 1, 0),
(96, 'background', 0, 1, 0),
(97, 'background', 0, 1, 0),
(98, 'background', 0, 1, 0),
(99, 'background', 0, 1, 0),
(100, 'background', 0, 1, 0),
(101, 'background', 2, 0, 0),
(102, 'background', 0, 1, 0),
(103, 'background', 0, 1, 0),
(104, 'background', 0, 1, 0),
(105, 'background', 0, 1, 0),
(106, 'background', 0, 1, 0),
(107, 'background', 0, 1, 0),
(108, 'background', 0, 1, 0),
(109, 'background', 0, 1, 0),
(110, 'background', 0, 1, 0),
(111, 'background', 0, 1, 0),
(112, 'background', 0, 1, 0),
(113, 'background', 0, 1, 0),
(114, 'background', 0, 1, 0),
(115, 'background', 0, 1, 0),
(116, 'background', 0, 1, 0),
(117, 'background', 0, 1, 0),
(118, 'background', 0, 1, 0),
(119, 'background', 0, 1, 0),
(120, 'background', 0, 1, 0),
(121, 'background', 0, 1, 0),
(122, 'background', 0, 1, 0),
(123, 'background', 0, 1, 0),
(124, 'background', 0, 1, 0),
(125, 'background', 0, 1, 0),
(126, 'background', 0, 1, 0),
(127, 'background', 0, 1, 0),
(128, 'background', 0, 1, 0),
(129, 'background', 0, 1, 0),
(130, 'background', 0, 1, 0),
(131, 'background', 0, 1, 0),
(132, 'background', 0, 1, 0),
(133, 'background', 0, 1, 0),
(134, 'background', 0, 1, 0),
(135, 'background', 0, 1, 0),
(136, 'background', 0, 1, 0),
(137, 'background', 0, 1, 0),
(138, 'background', 0, 1, 0),
(139, 'background', 0, 1, 0),
(140, 'background', 0, 1, 0),
(141, 'background', 0, 1, 0),
(142, 'background', 0, 1, 0),
(143, 'background', 0, 1, 0),
(144, 'background', 0, 1, 0),
(145, 'background', 0, 1, 0),
(146, 'background', 0, 1, 0),
(147, 'background', 0, 1, 0),
(148, 'background', 0, 1, 0),
(149, 'background', 0, 1, 0),
(150, 'background', 0, 1, 0),
(151, 'background', 0, 1, 0),
(152, 'background', 0, 1, 0),
(153, 'background', 0, 1, 0),
(154, 'background', 0, 1, 0),
(155, 'background', 0, 1, 0),
(156, 'background', 0, 1, 0),
(157, 'background', 0, 1, 0),
(158, 'background', 0, 1, 0),
(159, 'background', 0, 1, 0),
(160, 'background', 0, 1, 0),
(161, 'background', 0, 1, 0),
(162, 'background', 0, 1, 0),
(163, 'background', 0, 1, 0),
(164, 'background', 0, 1, 0),
(165, 'background', 0, 1, 0),
(166, 'background', 0, 1, 0),
(167, 'background', 0, 1, 0),
(168, 'background', 0, 1, 0),
(169, 'background', 0, 1, 0),
(170, 'background', 0, 1, 0),
(171, 'background', 0, 1, 0),
(172, 'background', 0, 1, 0),
(173, 'background', 0, 1, 0),
(174, 'background', 0, 1, 0),
(175, 'background', 0, 1, 0),
(176, 'background', 0, 1, 0),
(177, 'background', 0, 1, 0),
(178, 'background', 0, 1, 0),
(179, 'background', 0, 1, 0),
(180, 'background', 0, 1, 0),
(181, 'background', 0, 1, 0),
(182, 'background', 0, 1, 0),
(183, 'background', 0, 1, 0),
(184, 'background', 0, 1, 0),
(185, 'background', 0, 1, 0),
(186, 'background', 0, 1, 0),
(187, 'background', 0, 1, 0),
(0, 'stand', 0, 0, 0),
(1, 'stand', 0, 0, 0),
(2, 'stand', 0, 0, 0),
(3, 'stand', 0, 0, 0),
(4, 'stand', 0, 0, 0),
(5, 'stand', 0, 0, 0),
(6, 'stand', 0, 0, 0),
(7, 'stand', 0, 0, 0),
(8, 'stand', 0, 0, 0),
(9, 'stand', 0, 0, 0),
(10, 'stand', 0, 0, 0),
(11, 'stand', 0, 0, 0),
(12, 'stand', 0, 0, 0),
(13, 'stand', 0, 0, 0),
(14, 'stand', 0, 0, 0),
(15, 'stand', 0, 0, 0),
(16, 'stand', 0, 1, 0),
(17, 'stand', 0, 1, 0),
(18, 'stand', 0, 1, 0),
(19, 'stand', 0, 1, 0),
(20, 'stand', 0, 1, 0),
(21, 'stand', 0, 1, 0),
(0, 'overlay', 0, 0, 0),
(1, 'overlay', 0, 0, 0),
(2, 'overlay', 0, 1, 0),
(3, 'overlay', 0, 1, 0),
(4, 'overlay', 0, 1, 0),
(5, 'overlay', 0, 1, 0),
(6, 'overlay', 0, 1, 0),
(7, 'overlay', 0, 1, 0),
(8, 'overlay', 0, 1, 0),
(1, 'card', 0, 0, 0),
(2, 'card', 0, 0, 0),
(3, 'card', 0, 0, 0),
(4, 'card', 0, 0, 0),
(5, 'card', 0, 0, 0),
(6, 'card', 0, 0, 0),
(7, 'card', 0, 0, 0),
(8, 'card', 0, 0, 0),
(9, 'card', 0, 0, 0),
(10, 'card', 0, 0, 0),
(11, 'card', 0, 0, 0),
(12, 'card', 0, 0, 0),
(13, 'card', 0, 0, 0),
(14, 'card', 0, 0, 0),
(15, 'card', 0, 0, 0);
Emulator/sqlupdates/custom_nick_icons_setup.sql → Database Updates/custom_nick_icons_setup.sql
View File
Emulator/sqlupdates/remember_login_tokens.sql → Database Updates/remember_login_tokens.sql
View File
Emulator/sqlupdates/wired_message_length_512.sql → Database Updates/wired_message_length_512.sql
View File
Emulator/pom.xml
+1 -1
View File
@@ -6,7 +6,7 @@
<groupId>com.eu.habbo</groupId>
<artifactId>Habbo</artifactId>
<version>4.1.7</version>
<version>4.1.13</version>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
Emulator/sqlupdates/catalog_admin_permission.sql
-17
View File
@@ -1,17 +0,0 @@
-- ============================================================
-- Catalog & Furni Admin Permission
-- Adds acc_catalogfurni permission to the permissions table
-- Required by: CatalogAdmin packet handlers (10050-10059)
-- ============================================================
-- 1. Add the column to the permissions table
ALTER TABLE `permissions`
ADD COLUMN `acc_catalogfurni` ENUM('0','1') NOT NULL DEFAULT '0'
AFTER `acc_catalog_ids`;
-- 2. Enable for Administrator (rank 7) by default
UPDATE `permissions` SET `acc_catalogfurni` = '1' WHERE `id` = 7;
-- Optional: enable for other ranks as needed
-- UPDATE `permissions` SET `acc_catalogfurni` = '1' WHERE `id` = 6; -- Super Mod
-- UPDATE `permissions` SET `acc_catalogfurni` = '1' WHERE `id` = 5; -- Moderator
Emulator/src/main/java/com/eu/habbo/core/RoomUserPetComposer.java
+1
View File
@@ -28,6 +28,7 @@ public class RoomUserPetComposer extends MessageComposer {
this.response.appendInt(0);
this.response.appendInt(0);
this.response.appendInt(0);
this.response.appendInt(0);
this.response.appendString(this.petType + " " + this.race + " " + this.color + " 2 2 -1 0 3 -1 0");
this.response.appendInt(this.habbo.getRoomUnit().getId());
this.response.appendInt(this.habbo.getRoomUnit().getX());
Emulator/src/main/java/com/eu/habbo/habbohotel/GameEnvironment.java
+14
View File
@@ -23,6 +23,8 @@ import com.eu.habbo.habbohotel.rooms.RoomChatBubbleManager;
import com.eu.habbo.habbohotel.rooms.RoomManager;
import com.eu.habbo.habbohotel.translations.GoogleTranslateManager;
import com.eu.habbo.habbohotel.users.HabboManager;
import com.eu.habbo.habbohotel.users.custombadge.CustomBadgeManager;
import com.eu.habbo.habbohotel.users.infostand.InfostandBackgroundManager;
import com.eu.habbo.habbohotel.users.subscriptions.SubscriptionManager;
import com.eu.habbo.habbohotel.users.subscriptions.SubscriptionScheduler;
import org.slf4j.Logger;
@@ -60,6 +62,8 @@ public class GameEnvironment {
private CalendarManager calendarManager;
private RoomChatBubbleManager roomChatBubbleManager;
private GoogleTranslateManager googleTranslateManager;
private CustomBadgeManager customBadgeManager;
private InfostandBackgroundManager infostandBackgroundManager;
public void load() throws Exception {
LOGGER.info("GameEnvironment -> Loading...");
@@ -87,6 +91,8 @@ public class GameEnvironment {
this.calendarManager = new CalendarManager();
this.roomChatBubbleManager = new RoomChatBubbleManager();
this.googleTranslateManager = new GoogleTranslateManager();
this.customBadgeManager = new CustomBadgeManager();
this.infostandBackgroundManager = new InfostandBackgroundManager();
this.roomManager.loadPublicRooms();
this.navigatorManager.loadNavigator();
@@ -229,4 +235,12 @@ public class GameEnvironment {
public GoogleTranslateManager getGoogleTranslateManager() {
return this.googleTranslateManager;
}
public CustomBadgeManager getCustomBadgeManager() {
return this.customBadgeManager;
}
public InfostandBackgroundManager getInfostandBackgroundManager() {
return this.infostandBackgroundManager;
}
}
Emulator/src/main/java/com/eu/habbo/habbohotel/gameclients/SessionResumeManager.java
+59 -37
View File
@@ -1,23 +1,16 @@
package com.eu.habbo.habbohotel.gameclients;
import com.eu.habbo.Emulator;
import com.eu.habbo.habbohotel.rooms.Room;
import com.eu.habbo.habbohotel.rooms.RoomUnit;
import com.eu.habbo.habbohotel.users.Habbo;
import com.eu.habbo.messages.outgoing.rooms.users.RoomUserEffectComposer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ScheduledFuture;
/**
* Manages a grace period for disconnected users. Instead of immediately
* disposing a Habbo when their WebSocket drops, the Habbo is held in
* a "ghost" state for a configurable number of seconds. If the same
* user reconnects (via SSO ticket) within the grace window, their
* existing Habbo object is resumed on the new connection — keeping
* them in their room, preserving inventory state, etc.
*
* Config key: session.reconnect.grace.seconds (default: 30)
*/
public class SessionResumeManager {
private static final Logger LOGGER = LoggerFactory.getLogger(SessionResumeManager.class);
@@ -37,12 +30,10 @@ public class SessionResumeManager {
return Emulator.getConfig().getInt("session.reconnect.grace.seconds", 30);
}
/**
* Park a disconnected Habbo in ghost mode. Their room presence is
* preserved, but the old GameClient channel is closed.
*
* @return true if the habbo was parked (grace period > 0), false if immediate dispose should happen
*/
public int getPausedEffectId() {
return Emulator.getConfig().getInt("session.reconnect.effect.id", 170);
}
public boolean parkHabbo(Habbo habbo, String ssoTicket) {
int graceSeconds = getGracePeriodSeconds();
if (graceSeconds <= 0) {
@@ -51,7 +42,6 @@ public class SessionResumeManager {
int userId = habbo.getHabboInfo().getId();
// Cancel any existing ghost session for this user
GhostSession existing = ghostSessions.remove(userId);
if (existing != null && existing.disposeFuture != null) {
existing.disposeFuture.cancel(false);
@@ -60,12 +50,18 @@ public class SessionResumeManager {
LOGGER.info("[SessionResume] Parking {} (id={}) for {}s grace period",
habbo.getHabboInfo().getUsername(), userId, graceSeconds);
// Restore the SSO ticket so the client can reconnect with the same ticket
if (ssoTicket != null && !ssoTicket.isEmpty()) {
restoreSsoTicket(userId, ssoTicket);
}
// Schedule the final disconnect after the grace period
int previousEffectId = 0;
int previousEffectEnd = 0;
RoomUnit unit = habbo.getRoomUnit();
if (unit != null) {
previousEffectId = unit.getEffectId();
previousEffectEnd = unit.getEffectEndTimestamp();
}
ScheduledFuture<?> future = Emulator.getThreading().run(() -> {
GhostSession ghost = ghostSessions.remove(userId);
if (ghost != null) {
@@ -75,22 +71,19 @@ public class SessionResumeManager {
}
}, graceSeconds * 1000);
ghostSessions.put(userId, new GhostSession(habbo, ssoTicket, future));
ghostSessions.put(userId, new GhostSession(habbo, ssoTicket, future, previousEffectId, previousEffectEnd));
applyPausedEffect(habbo);
return true;
}
/**
* Try to resume a ghost session for the given user ID.
*
* @return the parked Habbo if found within grace period, null otherwise
*/
public Habbo resumeSession(int userId) {
GhostSession ghost = ghostSessions.remove(userId);
if (ghost == null) {
return null;
}
// Cancel the scheduled dispose
if (ghost.disposeFuture != null) {
ghost.disposeFuture.cancel(false);
}
@@ -98,19 +91,15 @@ public class SessionResumeManager {
LOGGER.info("[SessionResume] Resuming session for {} (id={})",
ghost.habbo.getHabboInfo().getUsername(), userId);
restorePausedEffect(ghost);
return ghost.habbo;
}
/**
* Check if a user has a ghost session (is in grace period).
*/
public boolean hasGhostSession(int userId) {
return ghostSessions.containsKey(userId);
}
/**
* Immediately expire all ghost sessions (e.g. on emulator shutdown).
*/
public void disposeAll() {
for (GhostSession ghost : ghostSessions.values()) {
if (ghost.disposeFuture != null) {
@@ -121,9 +110,6 @@ public class SessionResumeManager {
ghostSessions.clear();
}
/**
* Perform the actual full disconnect that normally happens in Habbo.disconnect().
*/
private void performFullDisconnect(Habbo habbo) {
try {
habbo.getHabboInfo().setOnline(false);
@@ -132,7 +118,6 @@ public class SessionResumeManager {
LOGGER.error("[SessionResume] Error during deferred disconnect", e);
}
// Clear the SSO ticket now that the grace period is truly over
clearSsoTicket(habbo.getHabboInfo().getId());
}
@@ -148,6 +133,38 @@ public class SessionResumeManager {
}
}
private void applyPausedEffect(Habbo habbo) {
int effectId = getPausedEffectId();
if (effectId <= 0) return;
try {
RoomUnit unit = habbo.getRoomUnit();
Room room = habbo.getHabboInfo() == null ? null : habbo.getHabboInfo().getCurrentRoom();
if (unit == null || room == null) return;
int endTimestamp = Emulator.getIntUnixTimestamp() + getGracePeriodSeconds() + 10;
unit.setEffectId(effectId, endTimestamp);
room.sendComposer(new RoomUserEffectComposer(unit).compose());
} catch (Exception e) {
LOGGER.error("[SessionResume] Failed to apply paused effect", e);
}
}
private void restorePausedEffect(GhostSession ghost) {
try {
Habbo habbo = ghost.habbo;
RoomUnit unit = habbo.getRoomUnit();
Room room = habbo.getHabboInfo() == null ? null : habbo.getHabboInfo().getCurrentRoom();
if (unit == null || room == null) return;
int pausedEffectId = getPausedEffectId();
if (unit.getEffectId() == pausedEffectId) {
unit.setEffectId(ghost.previousEffectId, ghost.previousEffectEnd);
room.sendComposer(new RoomUserEffectComposer(unit).compose());
}
} catch (Exception e) {
LOGGER.error("[SessionResume] Failed to restore previous effect", e);
}
}
private void clearSsoTicket(int userId) {
try (var connection = Emulator.getDatabase().getDataSource().getConnection();
var statement = connection.prepareStatement("UPDATE users SET auth_ticket = ? WHERE id = ? LIMIT 1")) {
@@ -163,11 +180,16 @@ public class SessionResumeManager {
final Habbo habbo;
final String ssoTicket;
final ScheduledFuture<?> disposeFuture;
final int previousEffectId;
final int previousEffectEnd;
GhostSession(Habbo habbo, String ssoTicket, ScheduledFuture<?> disposeFuture) {
GhostSession(Habbo habbo, String ssoTicket, ScheduledFuture<?> disposeFuture,
int previousEffectId, int previousEffectEnd) {
this.habbo = habbo;
this.ssoTicket = ssoTicket;
this.disposeFuture = disposeFuture;
this.previousEffectId = previousEffectId;
this.previousEffectEnd = previousEffectEnd;
}
}
}
Emulator/src/main/java/com/eu/habbo/habbohotel/messenger/Messenger.java
+4
View File
@@ -219,6 +219,10 @@ public class Messenger {
} catch (SQLException e) {
LOGGER.error("Caught SQL exception", e);
}
if (habbo.hasPermission(StaffChatBuddy.PERMISSION_KEY)) {
this.friends.putIfAbsent(StaffChatBuddy.BUDDY_ID, new StaffChatBuddy(habbo.getHabboInfo().getId()));
}
}
public MessengerBuddy loadFriend(Habbo habbo, int userId) {
Emulator/src/main/java/com/eu/habbo/habbohotel/messenger/StaffChatBuddy.java
+57
View File
@@ -0,0 +1,57 @@
package com.eu.habbo.habbohotel.messenger;
import com.eu.habbo.Emulator;
import com.eu.habbo.habbohotel.commands.CommandHandler;
import com.eu.habbo.habbohotel.users.Habbo;
import com.eu.habbo.habbohotel.users.HabboGender;
import com.eu.habbo.messages.ServerMessage;
import com.eu.habbo.messages.outgoing.friends.FriendChatMessageComposer;
public class StaffChatBuddy extends MessengerBuddy {
public static final int BUDDY_ID = -1;
public static final String PERMISSION_KEY = "acc_staff_chat";
public static final String DISPLAY_NAME = "Staff Chat";
public static final String DEFAULT_LOOK = "ADM";
public StaffChatBuddy(int userOne) {
super(BUDDY_ID, DISPLAY_NAME, DEFAULT_LOOK, (short) 0, userOne);
this.setOnline(true);
}
@Override
public void onMessageReceived(Habbo from, String message) {
if (from == null || message == null || message.isEmpty()) return;
// Re-check permission so a staff member who was demoted mid-session
// can no longer broadcast to the staff channel.
if (!from.hasPermission(PERMISSION_KEY)) return;
if (message.charAt(0) == ':') {
CommandHandler.handleCommand(from.getClient(), message);
return;
}
Message chatMessage = new Message(from.getHabboInfo().getId(), BUDDY_ID, message);
Emulator.getGameServer().getGameClientManager().sendBroadcastResponse(
new FriendChatMessageComposer(chatMessage, BUDDY_ID, from.getHabboInfo().getId()).compose(),
PERMISSION_KEY,
from.getClient());
}
@Override
public void serialize(ServerMessage message) {
message.appendInt(this.getId());
message.appendString(this.getUsername());
message.appendInt(this.getGender().equals(HabboGender.M) ? 0 : 1);
message.appendBoolean(true); // online
message.appendBoolean(false); // not in room
message.appendString(this.getLook());
message.appendInt(0); // category
message.appendString(""); // motto
message.appendString(""); // last seen
message.appendString(""); // realname
message.appendBoolean(true); // offline messaging supported
message.appendBoolean(false);
message.appendBoolean(false);
message.appendShort(0); // relation
}
}
Emulator/src/main/java/com/eu/habbo/habbohotel/rooms/RoomItemManager.java
+5 -9
View File
@@ -15,25 +15,19 @@ import com.eu.habbo.habbohotel.items.interactions.games.tag.InteractionTagField;
import com.eu.habbo.habbohotel.items.interactions.games.tag.InteractionTagPole;
import com.eu.habbo.habbohotel.items.interactions.pets.*;
import com.eu.habbo.habbohotel.items.interactions.wired.effects.WiredEffectSendSignal;
import com.eu.habbo.habbohotel.items.interactions.wired.extra.WiredBlob;
import com.eu.habbo.habbohotel.items.interactions.wired.extra.WiredExtraFurniVariable;
import com.eu.habbo.habbohotel.items.interactions.wired.extra.WiredExtraRoomVariable;
import com.eu.habbo.habbohotel.items.interactions.wired.extra.WiredExtraUserVariable;
import com.eu.habbo.habbohotel.items.interactions.wired.extra.WiredExtraVariableEcho;
import com.eu.habbo.habbohotel.items.interactions.wired.extra.WiredExtraVariableReference;
import com.eu.habbo.habbohotel.items.interactions.wired.extra.WiredExtraVariableTextConnector;
import com.eu.habbo.habbohotel.items.interactions.wired.extra.WiredExtraContextVariable;
import com.eu.habbo.habbohotel.wired.core.WiredContextVariableSupport;
import com.eu.habbo.habbohotel.items.interactions.wired.extra.*;
import com.eu.habbo.habbohotel.items.interactions.wired.triggers.WiredTriggerReceiveSignal;
import com.eu.habbo.habbohotel.permissions.Permission;
import com.eu.habbo.habbohotel.users.Habbo;
import com.eu.habbo.habbohotel.users.HabboInfo;
import com.eu.habbo.habbohotel.users.HabboItem;
import com.eu.habbo.habbohotel.users.HabboManager;
import com.eu.habbo.habbohotel.wired.core.WiredContextVariableSupport;
import com.eu.habbo.habbohotel.wired.core.WiredManager;
import com.eu.habbo.habbohotel.wired.core.WiredMovementPhysics;
import com.eu.habbo.habbohotel.wired.tick.WiredTickable;
import com.eu.habbo.messages.outgoing.inventory.AddHabboItemComposer;
import com.eu.habbo.messages.outgoing.inventory.InventoryRefreshComposer;
import com.eu.habbo.messages.outgoing.rooms.items.*;
import com.eu.habbo.plugin.Event;
import com.eu.habbo.plugin.events.furniture.*;
@@ -1114,6 +1108,7 @@ public class RoomItemManager {
if (habbo != null && !inventoryItems.isEmpty()) {
habbo.getInventory().getItemsComponent().addItems(inventoryItems);
habbo.getClient().sendResponse(new AddHabboItemComposer(inventoryItems));
habbo.getClient().sendResponse(new InventoryRefreshComposer());
}
for (HabboItem i : items) {
@@ -1182,6 +1177,7 @@ public class RoomItemManager {
if (user != null && !inventoryItems.isEmpty()) {
user.getInventory().getItemsComponent().addItems(inventoryItems);
user.getClient().sendResponse(new AddHabboItemComposer(inventoryItems));
user.getClient().sendResponse(new InventoryRefreshComposer());
}
}
}
Emulator/src/main/java/com/eu/habbo/habbohotel/users/HabboInfo.java
+12 -1
View File
@@ -45,6 +45,7 @@ public class HabboInfo implements Runnable {
private int InfostandBg;
private int InfostandStand;
private int InfostandOverlay;
private int InfostandCardBg;
private int loadingRoom;
private Room currentRoom;
private String roomEntryMethod = "door";
@@ -91,6 +92,7 @@ public class HabboInfo implements Runnable {
this.InfostandBg = set.getInt("background_id");
this.InfostandStand = set.getInt("background_stand_id");
this.InfostandOverlay = set.getInt("background_overlay_id");
this.InfostandCardBg = set.getInt("background_card_id");
this.currentRoom = null;
} catch (SQLException e) {
LOGGER.error("Caught SQL exception", e);
@@ -290,6 +292,14 @@ public class HabboInfo implements Runnable {
public void setInfostandOverlay(int infostandOverlay) {
InfostandOverlay = infostandOverlay;
}
public int getInfostandCardBg() {
return InfostandCardBg;
}
public void setInfostandCardBg(int infostandCardBg) {
InfostandCardBg = infostandCardBg;
}
public Rank getRank() {
return this.rank;
}
@@ -577,7 +587,7 @@ public class HabboInfo implements Runnable {
try {
SqlQueries.update(
"UPDATE users SET motto = ?, online = ?, look = ?, gender = ?, credits = ?, last_login = ?, last_online = ?, home_room = ?, ip_current = ?, `rank` = ?, machine_id = ?, username = ?, background_id = ?, background_stand_id = ?, background_overlay_id = ? WHERE id = ?",
"UPDATE users SET motto = ?, online = ?, look = ?, gender = ?, credits = ?, last_login = ?, last_online = ?, home_room = ?, ip_current = ?, `rank` = ?, machine_id = ?, username = ?, background_id = ?, background_stand_id = ?, background_overlay_id = ?, background_card_id = ? WHERE id = ?",
this.motto,
this.online ? "1" : "0",
this.look,
@@ -593,6 +603,7 @@ public class HabboInfo implements Runnable {
this.InfostandBg,
this.InfostandStand,
this.InfostandOverlay,
this.InfostandCardBg,
this.id);
} catch (SqlQueries.DataAccessException e) {
LOGGER.error("Caught SQL exception", e);
Emulator/src/main/java/com/eu/habbo/habbohotel/users/custombadge/CustomBadge.java
+75
View File
@@ -0,0 +1,75 @@
package com.eu.habbo.habbohotel.users.custombadge;
import java.sql.ResultSet;
import java.sql.SQLException;
public class CustomBadge {
private final int id;
private final int userId;
private final String badgeId;
private String badgeName;
private String badgeDescription;
private final int dateCreated;
private int dateEdit;
public CustomBadge(ResultSet set) throws SQLException {
this.id = set.getInt("id");
this.userId = set.getInt("user_id");
this.badgeId = set.getString("badge_id");
this.badgeName = set.getString("badge_name");
this.badgeDescription = set.getString("badge_description");
this.dateCreated = set.getInt("date_created");
this.dateEdit = set.getInt("date_edit");
}
public CustomBadge(int id, int userId, String badgeId, String badgeName, String badgeDescription, int dateCreated, int dateEdit) {
this.id = id;
this.userId = userId;
this.badgeId = badgeId;
this.badgeName = badgeName;
this.badgeDescription = badgeDescription;
this.dateCreated = dateCreated;
this.dateEdit = dateEdit;
}
public int getId() {
return this.id;
}
public int getUserId() {
return this.userId;
}
public String getBadgeId() {
return this.badgeId;
}
public String getBadgeName() {
return this.badgeName;
}
public String getBadgeDescription() {
return this.badgeDescription;
}
public int getDateCreated() {
return this.dateCreated;
}
public int getDateEdit() {
return this.dateEdit;
}
public void setBadgeName(String badgeName) {
this.badgeName = badgeName;
}
public void setBadgeDescription(String badgeDescription) {
this.badgeDescription = badgeDescription;
}
public void setDateEdit(int dateEdit) {
this.dateEdit = dateEdit;
}
}
Emulator/src/main/java/com/eu/habbo/habbohotel/users/custombadge/CustomBadgeException.java
+15
View File
@@ -0,0 +1,15 @@
package com.eu.habbo.habbohotel.users.custombadge;
public class CustomBadgeException extends Exception {
private final String code;
public CustomBadgeException(String code, String message) {
super(message);
this.code = code;
}
public String getCode() {
return this.code;
}
}
Emulator/src/main/java/com/eu/habbo/habbohotel/users/custombadge/CustomBadgeManager.java
+588
View File
@@ -0,0 +1,588 @@
package com.eu.habbo.habbohotel.users.custombadge;
import com.eu.habbo.Emulator;
import com.eu.habbo.habbohotel.users.Habbo;
import com.eu.habbo.habbohotel.users.HabboBadge;
import com.eu.habbo.habbohotel.users.inventory.BadgesComponent;
import com.eu.habbo.messages.outgoing.inventory.InventoryBadgesComposer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.imageio.ImageIO;
import javax.imageio.ImageReader;
import javax.imageio.stream.ImageInputStream;
import java.awt.image.BufferedImage;
import java.awt.image.IndexColorModel;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.SecureRandom;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.regex.Pattern;
public class CustomBadgeManager {
private static final Logger LOGGER = LoggerFactory.getLogger(CustomBadgeManager.class);
public static final int MAX_PER_USER = 5;
public static final int BADGE_WIDTH = 40;
public static final int BADGE_HEIGHT = 40;
public static final int MAX_BADGE_SIZE_BYTES = 40960;
private static final int RANDOM_SUFFIX_LENGTH = 5;
private static final char[] RANDOM_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789".toCharArray();
private static final Pattern BADGE_ID_PATTERN = Pattern.compile("^CUST[A-Z0-9]{" + RANDOM_SUFFIX_LENGTH + "}-\\d+$");
private static final byte[] PNG_MAGIC = { (byte) 0x89, 0x50, 0x4E, 0x47, 0x0D, 0x0A, 0x1A, 0x0A };
private static final int RATE_LIMIT_OPS = 5;
private static final long RATE_LIMIT_WINDOW_MS = 60_000L;
private final SecureRandom random = new SecureRandom();
private final Map<Integer, long[]> rateBuckets = new ConcurrentHashMap<>();
private final Map<String, BadgeText> textCache = new ConcurrentHashMap<>();
private final java.util.concurrent.atomic.AtomicLong textCacheVersion = new java.util.concurrent.atomic.AtomicLong();
private volatile CustomBadgeSettings settings;
public CustomBadgeManager() {
this.reload();
}
public static final class BadgeText {
public final String name;
public final String description;
public BadgeText(String name, String description) {
this.name = name == null ? "" : name;
this.description = description == null ? "" : description;
}
}
public Map<String, BadgeText> getTextCache() {
return java.util.Collections.unmodifiableMap(this.textCache);
}
public long getTextCacheVersion() {
return this.textCacheVersion.get();
}
private void loadTextCache() {
Map<String, BadgeText> next = new java.util.HashMap<>();
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement statement = connection.prepareStatement(
"SELECT `badge_id`, `badge_name`, `badge_description` FROM `user_custom_badge`")) {
try (ResultSet resultSet = statement.executeQuery()) {
while (resultSet.next()) {
next.put(resultSet.getString("badge_id"),
new BadgeText(
resultSet.getString("badge_name"),
resultSet.getString("badge_description")));
}
}
} catch (SQLException e) {
LOGGER.error("CustomBadgeManager -> Failed to load badge text cache.", e);
return;
}
this.textCache.clear();
this.textCache.putAll(next);
this.textCacheVersion.incrementAndGet();
LOGGER.info("CustomBadgeManager -> loaded {} custom badge texts into memory.", next.size());
}
public void reload() {
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement statement = connection.prepareStatement(
"SELECT `badge_path`, `badge_url`, `price_badge`, `currency_type` FROM `users_custom_badge_settings` ORDER BY `id` ASC LIMIT 1")) {
try (ResultSet resultSet = statement.executeQuery()) {
if (resultSet.next()) {
this.settings = new CustomBadgeSettings(
resultSet.getString("badge_path"),
resultSet.getString("badge_url"),
resultSet.getInt("price_badge"),
resultSet.getInt("currency_type"));
} else {
this.settings = new CustomBadgeSettings(
"/var/www/gamedata/c_images/album1584",
"/gamedata/c_images/album1584",
0, -1);
LOGGER.warn("CustomBadgeManager -> No row found in users_custom_badge_settings, falling back to defaults.");
}
}
} catch (SQLException e) {
LOGGER.error("CustomBadgeManager -> Failed to load settings.", e);
}
loadTextCache();
}
public CustomBadgeSettings getSettings() {
return this.settings;
}
public List<CustomBadge> listForUser(int userId) {
List<CustomBadge> result = new ArrayList<>();
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement statement = connection.prepareStatement(
"SELECT * FROM `user_custom_badge` WHERE `user_id` = ? ORDER BY `date_created` ASC")) {
statement.setInt(1, userId);
try (ResultSet resultSet = statement.executeQuery()) {
while (resultSet.next()) {
result.add(new CustomBadge(resultSet));
}
}
} catch (SQLException e) {
LOGGER.error("CustomBadgeManager -> Failed to list badges for user " + userId, e);
}
return result;
}
public CustomBadge getByBadgeId(String badgeId) {
if (badgeId == null || badgeId.isEmpty()) return null;
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement statement = connection.prepareStatement(
"SELECT * FROM `user_custom_badge` WHERE `badge_id` = ? LIMIT 1")) {
statement.setString(1, badgeId);
try (ResultSet resultSet = statement.executeQuery()) {
if (resultSet.next()) {
return new CustomBadge(resultSet);
}
}
} catch (SQLException e) {
LOGGER.error("CustomBadgeManager -> Failed to load badge " + badgeId, e);
}
return null;
}
public int countForUser(int userId) {
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement statement = connection.prepareStatement(
"SELECT COUNT(*) FROM `user_custom_badge` WHERE `user_id` = ?")) {
statement.setInt(1, userId);
try (ResultSet resultSet = statement.executeQuery()) {
if (resultSet.next()) {
return resultSet.getInt(1);
}
}
} catch (SQLException e) {
LOGGER.error("CustomBadgeManager -> Failed to count badges for user " + userId, e);
}
return 0;
}
public CustomBadge create(int userId, String name, String description, byte[] pngBytes) throws CustomBadgeException {
enforceRateLimit(userId);
if (this.countForUser(userId) >= MAX_PER_USER) {
throw new CustomBadgeException("limit_reached", "Maximum of " + MAX_PER_USER + " custom badges reached.");
}
BufferedImage image = validatePng(pngBytes);
chargeForCreate(userId);
String badgeId = generateBadgeId();
int now = (int) (System.currentTimeMillis() / 1000L);
try {
writeBadgeFile(badgeId, image);
} catch (CustomBadgeException e) {
refundForCreate(userId);
throw e;
}
String safeName = sanitize(name, 64);
String safeDesc = sanitize(description, 255);
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement statement = connection.prepareStatement(
"INSERT INTO `user_custom_badge` (`user_id`, `badge_id`, `badge_name`, `badge_description`, `date_created`, `date_edit`) VALUES (?, ?, ?, ?, ?, ?)",
Statement.RETURN_GENERATED_KEYS)) {
statement.setInt(1, userId);
statement.setString(2, badgeId);
statement.setString(3, safeName);
statement.setString(4, safeDesc);
statement.setInt(5, now);
statement.setInt(6, now);
statement.executeUpdate();
int generatedId = 0;
try (ResultSet keys = statement.getGeneratedKeys()) {
if (keys.next()) generatedId = keys.getInt(1);
}
this.textCache.put(badgeId, new BadgeText(safeName, safeDesc));
this.textCacheVersion.incrementAndGet();
issueBadgeToInventory(userId, badgeId);
return new CustomBadge(generatedId, userId, badgeId, safeName, safeDesc, now, now);
} catch (SQLException e) {
deleteBadgeFileQuietly(badgeId);
refundForCreate(userId);
LOGGER.error("CustomBadgeManager -> Failed to insert badge for user " + userId, e);
throw new CustomBadgeException("db_error", "Could not save the badge.");
}
}
public CustomBadge update(int userId, String oldBadgeId, String name, String description, byte[] pngBytes) throws CustomBadgeException {
enforceRateLimit(userId);
CustomBadge existing = getByBadgeId(oldBadgeId);
if (existing == null || existing.getUserId() != userId) {
throw new CustomBadgeException("not_found", "Badge not found.");
}
BufferedImage image = validatePng(pngBytes);
String newBadgeId = generateBadgeId();
int now = (int) (System.currentTimeMillis() / 1000L);
writeBadgeFile(newBadgeId, image);
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement statement = connection.prepareStatement(
"UPDATE `user_custom_badge` SET `badge_id` = ?, `badge_name` = ?, `badge_description` = ?, `date_edit` = ? WHERE `id` = ?")) {
statement.setString(1, newBadgeId);
statement.setString(2, sanitize(name, 64));
statement.setString(3, sanitize(description, 255));
statement.setInt(4, now);
statement.setInt(5, existing.getId());
statement.executeUpdate();
} catch (SQLException e) {
deleteBadgeFileQuietly(newBadgeId);
LOGGER.error("CustomBadgeManager -> Failed to update badge " + oldBadgeId, e);
throw new CustomBadgeException("db_error", "Could not update the badge.");
}
String safeName = sanitize(name, 64);
String safeDesc = sanitize(description, 255);
this.textCache.remove(oldBadgeId);
this.textCache.put(newBadgeId, new BadgeText(safeName, safeDesc));
this.textCacheVersion.incrementAndGet();
renameBadgeInInventory(userId, oldBadgeId, newBadgeId);
deleteBadgeFileQuietly(oldBadgeId);
return new CustomBadge(existing.getId(), userId, newBadgeId, safeName, safeDesc, existing.getDateCreated(), now);
}
public void delete(int userId, String badgeId) throws CustomBadgeException {
enforceRateLimit(userId);
CustomBadge existing = getByBadgeId(badgeId);
if (existing == null || existing.getUserId() != userId) {
throw new CustomBadgeException("not_found", "Badge not found.");
}
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement statement = connection.prepareStatement(
"DELETE FROM `user_custom_badge` WHERE `id` = ?")) {
statement.setInt(1, existing.getId());
statement.executeUpdate();
} catch (SQLException e) {
LOGGER.error("CustomBadgeManager -> Failed to delete badge " + badgeId, e);
throw new CustomBadgeException("db_error", "Could not delete the badge.");
}
this.textCache.remove(badgeId);
this.textCacheVersion.incrementAndGet();
revokeBadgeFromInventory(userId, badgeId);
deleteBadgeFileQuietly(badgeId);
}
public boolean isCustomBadgeId(String badgeId) {
return badgeId != null && BADGE_ID_PATTERN.matcher(badgeId).matches();
}
public String generateBadgeId() {
long timestamp = System.currentTimeMillis() / 1000L;
for (int attempt = 0; attempt < 8; attempt++) {
StringBuilder suffix = new StringBuilder(RANDOM_SUFFIX_LENGTH);
for (int i = 0; i < RANDOM_SUFFIX_LENGTH; i++) {
suffix.append(RANDOM_ALPHABET[this.random.nextInt(RANDOM_ALPHABET.length)]);
}
String candidate = "CUST" + suffix + "-" + timestamp;
if (getByBadgeId(candidate) == null) return candidate;
timestamp++;
}
throw new IllegalStateException("Could not allocate a unique custom badge id after 8 attempts.");
}
public String publicUrlFor(String badgeId) {
CustomBadgeSettings current = this.settings;
if (current == null) return "";
String base = current.getBadgeUrl();
if (base == null || base.isEmpty()) return "";
if (base.endsWith("/")) return base + badgeId + ".gif";
return base + "/" + badgeId + ".gif";
}
private void chargeForCreate(int userId) throws CustomBadgeException {
CustomBadgeSettings current = this.settings;
if (current == null) return;
int price = current.getPriceBadge();
if (price <= 0) return;
Habbo habbo = Emulator.getGameServer().getGameClientManager().getHabbo(userId);
if (habbo == null) {
throw new CustomBadgeException("must_be_online",
"You must be online in the hotel to create a paid badge.");
}
int currencyType = current.getCurrencyType();
if (currencyType == -1) {
if (habbo.getHabboInfo().getCredits() < price) {
throw new CustomBadgeException("insufficient_funds",
"You don't have enough credits (need " + price + ").");
}
habbo.giveCredits(-price);
} else {
if (habbo.getHabboInfo().getCurrencyAmount(currencyType) < price) {
throw new CustomBadgeException("insufficient_funds",
"You don't have enough of that currency (need " + price + ").");
}
habbo.givePoints(currencyType, -price);
}
}
private void issueBadgeToInventory(int userId, String badgeId) {
Habbo online = Emulator.getGameServer().getGameClientManager().getHabbo(userId);
if (online != null) {
BadgesComponent.createBadge(badgeId, online);
if (online.getClient() != null) {
online.getClient().sendResponse(new InventoryBadgesComposer(online));
}
return;
}
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement statement = connection.prepareStatement(
"INSERT INTO `users_badges` (`user_id`, `slot_id`, `badge_code`) VALUES (?, 0, ?)")) {
statement.setInt(1, userId);
statement.setString(2, badgeId);
statement.executeUpdate();
} catch (SQLException e) {
LOGGER.error("CustomBadgeManager -> Failed to issue offline badge " + badgeId + " to user " + userId, e);
}
}
private void renameBadgeInInventory(int userId, String oldBadgeId, String newBadgeId) {
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement statement = connection.prepareStatement(
"UPDATE `users_badges` SET `badge_code` = ? WHERE `user_id` = ? AND `badge_code` = ?")) {
statement.setString(1, newBadgeId);
statement.setInt(2, userId);
statement.setString(3, oldBadgeId);
statement.executeUpdate();
} catch (SQLException e) {
LOGGER.error("CustomBadgeManager -> Failed to rename badge in users_badges " + oldBadgeId + " -> " + newBadgeId, e);
}
Habbo online = Emulator.getGameServer().getGameClientManager().getHabbo(userId);
if (online == null) return;
HabboBadge existing = online.getInventory().getBadgesComponent().getBadge(oldBadgeId);
if (existing != null) existing.setCode(newBadgeId);
if (online.getClient() != null) {
online.getClient().sendResponse(new InventoryBadgesComposer(online));
}
}
private void revokeBadgeFromInventory(int userId, String badgeId) {
BadgesComponent.deleteBadge(userId, badgeId);
Habbo online = Emulator.getGameServer().getGameClientManager().getHabbo(userId);
if (online == null) return;
online.getInventory().getBadgesComponent().removeBadge(badgeId);
if (online.getClient() != null) {
online.getClient().sendResponse(new InventoryBadgesComposer(online));
}
}
private BufferedImage validatePng(byte[] data) throws CustomBadgeException {
if (data == null || data.length == 0) {
throw new CustomBadgeException("empty", "Badge image is empty.");
}
if (data.length > MAX_BADGE_SIZE_BYTES) {
throw new CustomBadgeException("too_large", "Badge image exceeds " + MAX_BADGE_SIZE_BYTES + " bytes.");
}
if (data.length < PNG_MAGIC.length) {
throw new CustomBadgeException("invalid_image", "Badge image must be a PNG.");
}
for (int i = 0; i < PNG_MAGIC.length; i++) {
if (data[i] != PNG_MAGIC[i]) {
throw new CustomBadgeException("invalid_image", "Badge image must be a PNG.");
}
}
try (ImageInputStream peek = ImageIO.createImageInputStream(new ByteArrayInputStream(data))) {
if (peek == null) throw new IOException("no input stream");
Iterator<ImageReader> readers = ImageIO.getImageReaders(peek);
if (!readers.hasNext()) {
throw new CustomBadgeException("invalid_image", "Badge image format not recognised.");
}
ImageReader reader = readers.next();
try {
reader.setInput(peek, true, true);
int w = reader.getWidth(0);
int h = reader.getHeight(0);
if (w != BADGE_WIDTH || h != BADGE_HEIGHT) {
throw new CustomBadgeException("wrong_dimensions",
"Badge image must be " + BADGE_WIDTH + "x" + BADGE_HEIGHT + " pixels.");
}
} finally {
reader.dispose();
}
} catch (IOException e) {
throw new CustomBadgeException("invalid_image", "Badge image header could not be read.");
}
BufferedImage image;
try {
image = ImageIO.read(new ByteArrayInputStream(data));
} catch (IOException e) {
throw new CustomBadgeException("invalid_image", "Badge image could not be decoded.");
}
if (image == null
|| image.getWidth() != BADGE_WIDTH
|| image.getHeight() != BADGE_HEIGHT) {
throw new CustomBadgeException("invalid_image", "Badge image could not be decoded.");
}
return image;
}
private void enforceRateLimit(int userId) throws CustomBadgeException {
long now = System.currentTimeMillis();
long[] bucket = this.rateBuckets.computeIfAbsent(userId, id -> new long[RATE_LIMIT_OPS]);
synchronized (bucket) {
long oldest = Long.MAX_VALUE;
int oldestIdx = 0;
for (int i = 0; i < bucket.length; i++) {
if (bucket[i] < oldest) { oldest = bucket[i]; oldestIdx = i; }
}
if (oldest > now - RATE_LIMIT_WINDOW_MS) {
throw new CustomBadgeException("rate_limited",
"Too many badge operations. Try again in a moment.");
}
bucket[oldestIdx] = now;
}
}
private void refundForCreate(int userId) {
CustomBadgeSettings current = this.settings;
if (current == null) return;
int price = current.getPriceBadge();
if (price <= 0) return;
Habbo habbo = Emulator.getGameServer().getGameClientManager().getHabbo(userId);
if (habbo == null) {
LOGGER.warn("CustomBadgeManager -> Could not refund {} (price {}): user offline", userId, price);
return;
}
int currencyType = current.getCurrencyType();
if (currencyType == -1) habbo.giveCredits(price);
else habbo.givePoints(currencyType, price);
}
private void writeBadgeFile(String badgeId, BufferedImage source) throws CustomBadgeException {
CustomBadgeSettings current = this.settings;
if (current == null || current.getBadgePath() == null || current.getBadgePath().isEmpty()) {
throw new CustomBadgeException("not_configured", "Custom badge storage path is not configured.");
}
try {
Path dir = Paths.get(current.getBadgePath()).toAbsolutePath();
Files.createDirectories(dir);
Path target = dir.resolve(badgeId + ".gif");
BufferedImage indexed = toIndexedGifImage(source);
if (!ImageIO.write(indexed, "gif", target.toFile())) {
throw new IOException("No GIF ImageWriter available.");
}
LOGGER.info("CustomBadgeManager -> wrote badge {} ({} bytes) to {}",
badgeId, Files.size(target), target);
} catch (IOException e) {
LOGGER.error("CustomBadgeManager -> Failed to write badge " + badgeId
+ " to " + current.getBadgePath(), e);
throw new CustomBadgeException("write_failed", "Could not save the badge file.");
}
}
private static BufferedImage toIndexedGifImage(BufferedImage source) {
int w = source.getWidth();
int h = source.getHeight();
int[] pixels = source.getRGB(0, 0, w, h, null, 0, w);
Map<Integer, Integer> indexByColor = new LinkedHashMap<>();
indexByColor.put(0, 0);
for (int p : pixels) {
int alpha = (p >>> 24) & 0xff;
int key = (alpha < 128) ? 0 : (p | 0xFF000000);
if (key == 0) continue;
if (indexByColor.size() >= 256) break;
indexByColor.computeIfAbsent(key, k -> indexByColor.size());
}
int n = indexByColor.size();
byte[] r = new byte[n];
byte[] g = new byte[n];
byte[] b = new byte[n];
int i = 0;
for (Integer color : indexByColor.keySet()) {
r[i] = (byte) ((color >>> 16) & 0xff);
g[i] = (byte) ((color >>> 8) & 0xff);
b[i] = (byte) (color & 0xff);
i++;
}
IndexColorModel colorModel = new IndexColorModel(8, n, r, g, b, 0);
BufferedImage out = new BufferedImage(w, h, BufferedImage.TYPE_BYTE_INDEXED, colorModel);
for (int y = 0; y < h; y++) {
for (int x = 0; x < w; x++) {
int p = pixels[y * w + x];
int alpha = (p >>> 24) & 0xff;
int key = (alpha < 128) ? 0 : (p | 0xFF000000);
Integer idx = indexByColor.get(key);
out.getRaster().setSample(x, y, 0, idx == null ? 0 : idx);
}
}
return out;
}
private void deleteBadgeFileQuietly(String badgeId) {
CustomBadgeSettings current = this.settings;
if (current == null || current.getBadgePath() == null) return;
File file = new File(current.getBadgePath(), badgeId + ".gif");
if (file.exists() && !file.delete()) {
LOGGER.warn("CustomBadgeManager -> Could not delete stale badge file: {}", file.getAbsolutePath());
}
}
private static String sanitize(String value, int maxLength) {
if (value == null) return "";
StringBuilder out = new StringBuilder(Math.min(value.length(), maxLength));
for (int i = 0; i < value.length() && out.length() < maxLength; i++) {
char c = value.charAt(i);
if (c < 0x20 || c == 0x7F) continue;
out.append(c);
}
return out.toString().trim();
}
}
Emulator/src/main/java/com/eu/habbo/habbohotel/users/custombadge/CustomBadgeSettings.java
+32
View File
@@ -0,0 +1,32 @@
package com.eu.habbo.habbohotel.users.custombadge;
public class CustomBadgeSettings {
private final String badgePath;
private final String badgeUrl;
private final int priceBadge;
private final int currencyType;
public CustomBadgeSettings(String badgePath, String badgeUrl, int priceBadge, int currencyType) {
this.badgePath = badgePath;
this.badgeUrl = badgeUrl;
this.priceBadge = priceBadge;
this.currencyType = currencyType;
}
public String getBadgePath() {
return this.badgePath;
}
public String getBadgeUrl() {
return this.badgeUrl;
}
public int getPriceBadge() {
return this.priceBadge;
}
public int getCurrencyType() {
return this.currencyType;
}
}
Emulator/src/main/java/com/eu/habbo/habbohotel/users/infostand/InfostandBackgroundManager.java
+136
View File
@@ -0,0 +1,136 @@
package com.eu.habbo.habbohotel.users.infostand;
import com.eu.habbo.Emulator;
import com.eu.habbo.habbohotel.permissions.Permission;
import com.eu.habbo.habbohotel.users.Habbo;
import com.eu.habbo.habbohotel.users.HabboInfo;
import com.eu.habbo.habbohotel.users.HabboStats;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Collections;
import java.util.EnumMap;
import java.util.HashMap;
import java.util.Map;
public class InfostandBackgroundManager {
private static final Logger LOGGER = LoggerFactory.getLogger(InfostandBackgroundManager.class);
public enum Category {
BACKGROUND("background"),
STAND("stand"),
OVERLAY("overlay"),
CARD("card");
public final String dbValue;
Category(String dbValue) {
this.dbValue = dbValue;
}
public static Category fromDbValue(String value) {
for (Category category : values()) {
if (category.dbValue.equalsIgnoreCase(value)) return category;
}
return null;
}
}
private final Map<Category, Map<Integer, Entry>> entries = new EnumMap<>(Category.class);
private boolean enforce = false;
public InfostandBackgroundManager() {
for (Category category : Category.values()) {
this.entries.put(category, Collections.emptyMap());
}
this.reload();
}
public void reload() {
Map<Category, Map<Integer, Entry>> next = new EnumMap<>(Category.class);
for (Category category : Category.values()) {
next.put(category, new HashMap<>());
}
int loaded = 0;
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement statement = connection.prepareStatement("SELECT id, category, min_rank, is_hc_only, is_ambassador_only FROM infostand_backgrounds");
ResultSet set = statement.executeQuery()) {
while (set.next()) {
Category category = Category.fromDbValue(set.getString("category"));
if (category == null) continue;
int id = set.getInt("id");
int minRank = set.getInt("min_rank");
boolean isHcOnly = set.getBoolean("is_hc_only");
boolean isAmbassadorOnly = set.getBoolean("is_ambassador_only");
next.get(category).put(id, new Entry(minRank, isHcOnly, isAmbassadorOnly));
loaded++;
}
} catch (SQLException e) {
this.enforce = false;
for (Category category : Category.values()) {
this.entries.put(category, Collections.emptyMap());
}
LOGGER.error("InfostandBackgroundManager -> Failed to load infostand_backgrounds, server-side validation disabled.", e);
return;
}
for (Category category : Category.values()) {
this.entries.put(category, next.get(category));
}
this.enforce = loaded > 0;
if (this.enforce) {
LOGGER.info("InfostandBackgroundManager -> Loaded {} backgrounds, {} stands, {} overlays, {} cards from infostand_backgrounds.",
this.entries.get(Category.BACKGROUND).size(),
this.entries.get(Category.STAND).size(),
this.entries.get(Category.OVERLAY).size(),
this.entries.get(Category.CARD).size());
} else {
LOGGER.info("InfostandBackgroundManager -> infostand_backgrounds is empty, server-side validation disabled (only range clamp will apply).");
}
}
public boolean canUse(Habbo habbo, Category category, int id) {
if (id == 0) return true;
if (!this.enforce) return true;
if (habbo == null) return false;
Map<Integer, Entry> categoryEntries = this.entries.get(category);
if (categoryEntries == null) return false;
Entry entry = categoryEntries.get(id);
if (entry == null) return false;
HabboInfo info = habbo.getHabboInfo();
int rankId = (info != null && info.getRank() != null) ? info.getRank().getId() : 0;
HabboStats stats = habbo.getHabboStats();
boolean hasClub = stats != null && stats.hasActiveClub();
if (entry.isHcOnly && !hasClub) return false;
if (entry.isAmbassadorOnly && !habbo.hasPermission(Permission.ACC_AMBASSADOR)) return false;
if (rankId < entry.minRank) return false;
return true;
}
public static final class Entry {
public final int minRank;
public final boolean isHcOnly;
public final boolean isAmbassadorOnly;
public Entry(int minRank, boolean isHcOnly, boolean isAmbassadorOnly) {
this.minRank = minRank;
this.isHcOnly = isHcOnly;
this.isAmbassadorOnly = isAmbassadorOnly;
}
}
}
Emulator/src/main/java/com/eu/habbo/messages/incoming/users/ActivateEffectEvent.java
+18 -2
View File
@@ -1,14 +1,30 @@
package com.eu.habbo.messages.incoming.users;
import com.eu.habbo.Emulator;
import com.eu.habbo.habbohotel.rooms.Room;
import com.eu.habbo.habbohotel.users.Habbo;
import com.eu.habbo.messages.incoming.MessageHandler;
public class ActivateEffectEvent extends MessageHandler {
@Override
public void handle() throws Exception {
int effectId = this.packet.readInt();
Habbo habbo = this.client.getHabbo();
if (habbo == null) return;
if (this.client.getHabbo().getInventory().getEffectsComponent().ownsEffect(effectId)) {
this.client.getHabbo().getInventory().getEffectsComponent().activateEffect(effectId);
if (habbo.getInventory().getEffectsComponent().ownsEffect(effectId)) {
habbo.getInventory().getEffectsComponent().activateEffect(effectId);
return;
}
int rankId = habbo.getHabboInfo().getRank().getId();
if (Emulator.getGameEnvironment().getPermissionsManager().isEffectBlocked(effectId, rankId)) {
return;
}
Room room = habbo.getHabboInfo().getCurrentRoom();
if (room == null || habbo.getHabboInfo().getRiding() != null) return;
room.giveEffect(habbo, effectId, -1);
}
}
Emulator/src/main/java/com/eu/habbo/messages/incoming/users/ChangeInfostandBgEvent.java
+64 -11
View File
@@ -1,24 +1,77 @@
package com.eu.habbo.messages.incoming.users;
import com.eu.habbo.Emulator;
import com.eu.habbo.habbohotel.users.Habbo;
import com.eu.habbo.habbohotel.users.HabboInfo;
import com.eu.habbo.habbohotel.users.HabboStats;
import com.eu.habbo.habbohotel.users.infostand.InfostandBackgroundManager;
import com.eu.habbo.habbohotel.users.infostand.InfostandBackgroundManager.Category;
import com.eu.habbo.messages.incoming.MessageHandler;
import com.eu.habbo.messages.outgoing.rooms.users.RoomUserDataComposer;
public class ChangeInfostandBgEvent extends MessageHandler {
private static final String COOLDOWN_KEY = "infostand_bg_cooldown";
private static final long COOLDOWN_MS = 500L;
private static final int MIN_ID = 0;
private static final int MAX_ID = 9999;
@Override
public void handle() throws Exception {
int backgroundImage = this.packet.readInt();
int backgroundStand = this.packet.readInt();
int backgroundOverlay = this.packet.readInt();
Habbo habbo = this.client.getHabbo();
if (habbo == null) return;
this.client.getHabbo().getHabboInfo().setInfostandBg(backgroundImage);
this.client.getHabbo().getHabboInfo().setInfostandStand(backgroundStand);
this.client.getHabbo().getHabboInfo().setInfostandOverlay(backgroundOverlay);
this.client.getHabbo().getHabboInfo().run();
HabboInfo info = habbo.getHabboInfo();
if (info == null) return;
if (this.client.getHabbo().getHabboInfo().getCurrentRoom() != null) {
this.client.getHabbo().getHabboInfo().getCurrentRoom().sendComposer(new RoomUserDataComposer(this.client.getHabbo()).compose());
} else {
this.client.sendResponse(new RoomUserDataComposer(this.client.getHabbo()));
HabboStats stats = habbo.getHabboStats();
if (stats != null) {
long now = System.currentTimeMillis();
Object last = stats.cache.get(COOLDOWN_KEY);
if (last instanceof Long && (now - (Long) last) < COOLDOWN_MS) {
return;
}
stats.cache.put(COOLDOWN_KEY, now);
}
int requestedBg = sanitize(this.packet.readInt());
int requestedStand = sanitize(this.packet.readInt());
int requestedOverlay = sanitize(this.packet.readInt());
int requestedCard = this.packet.bytesAvailable() >= 4 ? sanitize(this.packet.readInt()) : 0;
InfostandBackgroundManager manager = Emulator.getGameEnvironment() != null ? Emulator.getGameEnvironment().getInfostandBackgroundManager() : null;
int backgroundImage = resolve(manager, habbo, Category.BACKGROUND, requestedBg, info.getInfostandBg());
int backgroundStand = resolve(manager, habbo, Category.STAND, requestedStand, info.getInfostandStand());
int backgroundOverlay = resolve(manager, habbo, Category.OVERLAY, requestedOverlay, info.getInfostandOverlay());
int backgroundCard = resolve(manager, habbo, Category.CARD, requestedCard, info.getInfostandCardBg());
if (info.getInfostandBg() == backgroundImage
&& info.getInfostandStand() == backgroundStand
&& info.getInfostandOverlay() == backgroundOverlay
&& info.getInfostandCardBg() == backgroundCard) {
return;
}
info.setInfostandBg(backgroundImage);
info.setInfostandStand(backgroundStand);
info.setInfostandOverlay(backgroundOverlay);
info.setInfostandCardBg(backgroundCard);
info.run();
if (info.getCurrentRoom() != null) {
info.getCurrentRoom().sendComposer(new RoomUserDataComposer(habbo).compose());
} else {
this.client.sendResponse(new RoomUserDataComposer(habbo));
}
}
private static int sanitize(int value) {
if (value < MIN_ID || value > MAX_ID) return 0;
return value;
}
private static int resolve(InfostandBackgroundManager manager, Habbo habbo, Category category, int requested, int current) {
if (manager == null) return requested;
return manager.canUse(habbo, category, requested) ? requested : current;
}
}
Emulator/src/main/java/com/eu/habbo/messages/outgoing/rooms/pets/RoomPetComposer.java
+1
View File
@@ -36,6 +36,7 @@ public class RoomPetComposer extends MessageComposer implements TIntObjectProced
this.response.appendInt(0);
this.response.appendInt(0);
this.response.appendInt(0);
this.response.appendInt(0);
if (pet instanceof IPetLook) {
this.response.appendString(((IPetLook) pet).getLook());
} else {
Emulator/src/main/java/com/eu/habbo/messages/outgoing/rooms/users/RoomUserDataComposer.java
+1
View File
@@ -24,6 +24,7 @@ public class RoomUserDataComposer extends MessageComposer {
this.response.appendInt(this.habbo.getHabboInfo().getInfostandBg());
this.response.appendInt(this.habbo.getHabboInfo().getInfostandStand());
this.response.appendInt(this.habbo.getHabboInfo().getInfostandOverlay());
this.response.appendInt(this.habbo.getHabboInfo().getInfostandCardBg());
UserCustomizationData customizationData = UserCustomizationData.fromHabbo(this.habbo);
this.response.appendString(customizationData.nickIcon);
this.response.appendString(customizationData.prefixText);
Emulator/src/main/java/com/eu/habbo/messages/outgoing/rooms/users/RoomUsersComposer.java
+4
View File
@@ -44,6 +44,7 @@ public class RoomUsersComposer extends MessageComposer {
this.response.appendInt(this.habbo.getHabboInfo().getInfostandBg());
this.response.appendInt(this.habbo.getHabboInfo().getInfostandStand());
this.response.appendInt(this.habbo.getHabboInfo().getInfostandOverlay());
this.response.appendInt(this.habbo.getHabboInfo().getInfostandCardBg());
this.response.appendString(this.habbo.getHabboInfo().getLook());
this.response.appendInt(this.habbo.getRoomUnit().getId()); //Room Unit ID
this.response.appendInt(this.habbo.getRoomUnit().getX());
@@ -87,6 +88,7 @@ public class RoomUsersComposer extends MessageComposer {
this.response.appendInt(habbo.getHabboInfo().getInfostandBg());
this.response.appendInt(habbo.getHabboInfo().getInfostandStand());
this.response.appendInt(habbo.getHabboInfo().getInfostandOverlay());
this.response.appendInt(habbo.getHabboInfo().getInfostandCardBg());
this.response.appendString(habbo.getHabboInfo().getLook());
this.response.appendInt(habbo.getRoomUnit().getId()); //Room Unit ID
this.response.appendInt(habbo.getRoomUnit().getX());
@@ -128,6 +130,7 @@ public class RoomUsersComposer extends MessageComposer {
this.response.appendInt(0);
this.response.appendInt(0);
this.response.appendInt(0);
this.response.appendInt(0);
this.response.appendString(this.bot.getFigure());
this.response.appendInt(this.bot.getRoomUnit().getId());
this.response.appendInt(this.bot.getRoomUnit().getX());
@@ -160,6 +163,7 @@ public class RoomUsersComposer extends MessageComposer {
this.response.appendInt(0);
this.response.appendInt(0);
this.response.appendInt(0);
this.response.appendInt(0);
this.response.appendString(bot.getFigure());
this.response.appendInt(bot.getRoomUnit().getId());
this.response.appendInt(bot.getRoomUnit().getX());
Emulator/src/main/java/com/eu/habbo/messages/outgoing/users/UserProfileComposer.java
+1
View File
@@ -116,6 +116,7 @@ public class UserProfileComposer extends MessageComposer {
this.response.appendInt(this.habboInfo.getInfostandBg());
this.response.appendInt(this.habboInfo.getInfostandStand());
this.response.appendInt(this.habboInfo.getInfostandOverlay());
this.response.appendInt(this.habboInfo.getInfostandCardBg());
UserCustomizationData customizationData = (this.habbo != null) ? UserCustomizationData.fromHabbo(this.habbo) : UserCustomizationData.fromUserId(this.habboInfo.getId());
this.response.appendString(customizationData.nickIcon);
this.response.appendString(customizationData.prefixText);
Emulator/src/main/java/com/eu/habbo/networking/gameserver/WebSocketChannelInitializer.java
+2
View File
@@ -5,6 +5,7 @@ import com.eu.habbo.messages.PacketManager;
import com.eu.habbo.networking.gameserver.auth.AuthHttpHandler;
import com.eu.habbo.networking.gameserver.auth.NitroSecureApiHandler;
import com.eu.habbo.networking.gameserver.auth.NitroSecureAssetHandler;
import com.eu.habbo.networking.gameserver.badges.BadgeHttpHandler;
import com.eu.habbo.networking.gameserver.codec.WebSocketCodec;
import com.eu.habbo.networking.gameserver.crypto.WsHandshakeHandler;
import com.eu.habbo.networking.gameserver.decoders.*;
@@ -57,6 +58,7 @@ public class WebSocketChannelInitializer extends ChannelInitializer<SocketChanne
ch.pipeline().addLast("nitroSecureAssetHandler", new NitroSecureAssetHandler());
ch.pipeline().addLast("nitroSecureApiHandler", new NitroSecureApiHandler());
ch.pipeline().addLast("authHttpHandler", new AuthHttpHandler());
ch.pipeline().addLast("badgeHttpHandler", new BadgeHttpHandler());
ch.pipeline().addLast("wsProtocolHandler", new WebSocketServerProtocolHandler(this.wsConfig));
ch.pipeline().addLast("wsCodec", new WebSocketCodec());
Emulator/src/main/java/com/eu/habbo/networking/gameserver/auth/AccessTokenService.java
+140
View File
@@ -0,0 +1,140 @@
package com.eu.habbo.networking.gameserver.auth;
import com.eu.habbo.Emulator;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.util.Base64;
public final class AccessTokenService {
private static final Logger LOGGER = LoggerFactory.getLogger(AccessTokenService.class);
private static final SecureRandom RNG = new SecureRandom();
private static final Base64.Encoder URL_ENC = Base64.getUrlEncoder().withoutPadding();
private static final Base64.Decoder URL_DEC = Base64.getUrlDecoder();
private static volatile String cachedSecret = null;
private AccessTokenService() {}
public static final class Issued {
public final String token;
public final long expiresAt;
Issued(String token, long expiresAt) {
this.token = token;
this.expiresAt = expiresAt;
}
}
public static long ttlSeconds() {
return Math.max(60L, Emulator.getConfig().getInt("login.access.jwt.ttl.seconds", 86400));
}
public static Issued issue(int userId) {
long now = Emulator.getIntUnixTimestamp();
long exp = now + ttlSeconds();
JsonObject header = new JsonObject();
header.addProperty("alg", "HS256");
header.addProperty("typ", "JWT");
JsonObject payload = new JsonObject();
payload.addProperty("sub", userId);
payload.addProperty("iat", now);
payload.addProperty("exp", exp);
payload.addProperty("typ", "access");
String h = URL_ENC.encodeToString(header.toString().getBytes(StandardCharsets.UTF_8));
String p = URL_ENC.encodeToString(payload.toString().getBytes(StandardCharsets.UTF_8));
String signingInput = h + "." + p;
String sig = URL_ENC.encodeToString(hmacSha256(secret().getBytes(StandardCharsets.UTF_8),
signingInput.getBytes(StandardCharsets.UTF_8)));
return new Issued(signingInput + "." + sig, exp);
}
public static int verify(String token) {
if (token == null || token.isEmpty()) return 0;
String[] parts = token.split("\\.");
if (parts.length != 3) return 0;
try {
String signingInput = parts[0] + "." + parts[1];
byte[] expected = hmacSha256(secret().getBytes(StandardCharsets.UTF_8),
signingInput.getBytes(StandardCharsets.UTF_8));
byte[] provided = URL_DEC.decode(parts[2]);
if (!constantTimeEquals(expected, provided)) return 0;
byte[] payloadBytes = URL_DEC.decode(parts[1]);
JsonObject payload = JsonParser.parseString(new String(payloadBytes, StandardCharsets.UTF_8)).getAsJsonObject();
if (!payload.has("typ") || !"access".equals(payload.get("typ").getAsString())) return 0;
long exp = payload.get("exp").getAsLong();
if (exp <= Emulator.getIntUnixTimestamp()) return 0;
return payload.get("sub").getAsInt();
} catch (Exception e) {
return 0;
}
}
private static String secret() {
String s = cachedSecret;
if (s != null && !s.isEmpty()) return s;
synchronized (AccessTokenService.class) {
if (cachedSecret != null && !cachedSecret.isEmpty()) return cachedSecret;
String configured = Emulator.getConfig().getValue("login.access.jwt.secret", "");
if (configured != null && !configured.isEmpty()) {
cachedSecret = configured;
return configured;
}
byte[] buf = new byte[48];
RNG.nextBytes(buf);
String generated = Base64.getEncoder().withoutPadding().encodeToString(buf);
try (Connection conn = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement stmt = conn.prepareStatement(
"INSERT INTO emulator_settings (`key`, `value`) VALUES ('login.access.jwt.secret', ?) "
+ "ON DUPLICATE KEY UPDATE `value` = VALUES(`value`)")) {
stmt.setString(1, generated);
stmt.executeUpdate();
} catch (SQLException e) {
LOGGER.error("Could not persist generated login.access.jwt.secret; using in-memory only", e);
}
Emulator.getConfig().update("login.access.jwt.secret", generated);
cachedSecret = generated;
LOGGER.info("[auth/access] generated new access token signing secret (persisted to emulator_settings)");
return generated;
}
}
private static byte[] hmacSha256(byte[] key, byte[] data) {
try {
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(key, "HmacSHA256"));
return mac.doFinal(data);
} catch (Exception e) {
throw new IllegalStateException("HmacSHA256 unavailable", e);
}
}
private static boolean constantTimeEquals(byte[] a, byte[] b) {
if (a == null || b == null || a.length != b.length) return false;
int r = 0;
for (int i = 0; i < a.length; i++) r |= a[i] ^ b[i];
return r == 0;
}
}
Emulator/src/main/java/com/eu/habbo/networking/gameserver/auth/AuthHttpHandler.java
+229 -2
View File
@@ -33,9 +33,11 @@ public class AuthHttpHandler extends ChannelInboundHandlerAdapter {
private static final String CHECK_EMAIL_PATH = "/api/auth/check-email";
private static final String CHECK_USERNAME_PATH = "/api/auth/check-username";
private static final String ROOM_TEMPLATES_PATH = "/api/auth/room-templates";
private static final String NEWS_PATH = "/api/auth/news";
private static final String REMEMBER_PATH = "/api/auth/remember";
private static final String REFRESH_PATH = "/api/auth/refresh";
private static final String SERVER_KEY_PATH = "/api/auth/server-key";
private static final String SSO_TOKEN_PATH = "/api/auth/sso-token";
private static final String HEALTH_PATH = "/api/health";
private static final Pattern USERNAME_RE = Pattern.compile("^[A-Za-z0-9._-]{3,32}$");
@@ -57,9 +59,11 @@ public class AuthHttpHandler extends ChannelInboundHandlerAdapter {
&& !path.equals(FORGOT_PATH) && !path.equals(LOGOUT_PATH)
&& !path.equals(CHECK_EMAIL_PATH) && !path.equals(CHECK_USERNAME_PATH)
&& !path.equals(ROOM_TEMPLATES_PATH)
&& !path.equals(NEWS_PATH)
&& !path.equals(REMEMBER_PATH)
&& !path.equals(REFRESH_PATH)
&& !path.equals(SERVER_KEY_PATH)
&& !path.equals(SSO_TOKEN_PATH)
&& !path.equals(HEALTH_PATH)) {
super.channelRead(ctx, msg);
return;
@@ -98,6 +102,22 @@ public class AuthHttpHandler extends ChannelInboundHandlerAdapter {
return;
}
if (path.equals(NEWS_PATH)) {
if (req.method() != HttpMethod.GET && req.method() != HttpMethod.HEAD) {
sendJson(ctx, req, HttpResponseStatus.METHOD_NOT_ALLOWED, errorPayload("Use GET."));
return;
}
String ip = resolveClientIp(ctx, req);
if (!AuthRateLimiter.tryProbe(ip)) {
long secs = AuthRateLimiter.secondsUntilProbeReset(ip);
sendJson(ctx, req, HttpResponseStatus.TOO_MANY_REQUESTS,
errorPayload("Too many requests. Try again in " + secs + "s."));
return;
}
handleNews(ctx, req);
return;
}
if (path.equals(SERVER_KEY_PATH)) {
if (req.method() != HttpMethod.GET && req.method() != HttpMethod.HEAD) {
sendJson(ctx, req, HttpResponseStatus.METHOD_NOT_ALLOWED, errorPayload("Use GET."));
@@ -156,6 +176,10 @@ public class AuthHttpHandler extends ChannelInboundHandlerAdapter {
handleRefresh(ctx, req, body, ip);
return;
}
if (path.equals(SSO_TOKEN_PATH)) {
handleSsoToken(ctx, req, body, ip);
return;
}
String turnstileToken = readString(body, "turnstileToken");
if (!TurnstileVerifier.verify(turnstileToken, ip)) {
@@ -325,6 +349,9 @@ public class AuthHttpHandler extends ChannelInboundHandlerAdapter {
ok.addProperty("rememberToken", rot.jwt);
ok.addProperty("expiresAt", rot.expiresAt);
ok.addProperty("rememberExpiresAt", rot.expiresAt);
AccessTokenService.Issued access = AccessTokenService.issue(rot.userId);
ok.addProperty("accessToken", access.token);
ok.addProperty("accessTokenExpiresAt", access.expiresAt);
sendJson(ctx, req, HttpResponseStatus.OK, ok);
} catch (Exception e) {
LOGGER.error("Remember login failed", e);
@@ -332,6 +359,42 @@ public class AuthHttpHandler extends ChannelInboundHandlerAdapter {
}
}
private void handleSsoToken(ChannelHandlerContext ctx, FullHttpRequest req, JsonObject body, String ip) {
String ssoTicket = readString(body, "ssoTicket").trim();
if (ssoTicket.isEmpty() || ssoTicket.length() > 128) {
AuthRateLimiter.recordFailure(ip);
sendJson(ctx, req, HttpResponseStatus.BAD_REQUEST, errorPayload("Missing or invalid ssoTicket."));
return;
}
try (Connection conn = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement lookup = conn.prepareStatement(
"SELECT id, username FROM users WHERE auth_ticket = ? LIMIT 1")) {
lookup.setString(1, ssoTicket);
try (ResultSet rs = lookup.executeQuery()) {
if (!rs.next()) {
AuthRateLimiter.recordFailure(ip);
sendJson(ctx, req, HttpResponseStatus.UNAUTHORIZED, errorPayload("SSO ticket not recognised."));
return;
}
int userId = rs.getInt("id");
String username = rs.getString("username");
AuthRateLimiter.recordSuccess(ip);
AccessTokenService.Issued access = AccessTokenService.issue(userId);
JsonObject ok = new JsonObject();
ok.addProperty("username", username);
ok.addProperty("accessToken", access.token);
ok.addProperty("accessTokenExpiresAt", access.expiresAt);
sendJson(ctx, req, HttpResponseStatus.OK, ok);
}
} catch (Exception e) {
LOGGER.error("[auth/sso-token] lookup failed", e);
sendJson(ctx, req, HttpResponseStatus.INTERNAL_SERVER_ERROR, errorPayload("Server error."));
}
}
private void handleRefresh(ChannelHandlerContext ctx, FullHttpRequest req, JsonObject body, String ip) {
String jwt = readString(body, "rememberToken").trim();
if (jwt.isEmpty()) {
@@ -349,6 +412,9 @@ public class AuthHttpHandler extends ChannelInboundHandlerAdapter {
ok.addProperty("rememberToken", rot.jwt);
ok.addProperty("expiresAt", rot.expiresAt);
ok.addProperty("rememberExpiresAt", rot.expiresAt);
AccessTokenService.Issued access = AccessTokenService.issue(rot.userId);
ok.addProperty("accessToken", access.token);
ok.addProperty("accessTokenExpiresAt", access.expiresAt);
sendJson(ctx, req, HttpResponseStatus.OK, ok);
} catch (Exception e) {
LOGGER.error("Refresh failed", e);
@@ -366,8 +432,18 @@ public class AuthHttpHandler extends ChannelInboundHandlerAdapter {
return;
}
try (Connection conn = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement stmt = conn.prepareStatement(
try (Connection conn = Emulator.getDatabase().getDataSource().getConnection()) {
if (ip != null && !ip.isEmpty()) {
BanInfo ipBan = lookupIpBan(conn, ip);
if (ipBan != null) {
LOGGER.info("[auth/login] ip ban hit ip={} type={} expires={}",
ip, ipBan.type, ipBan.expiresAt);
sendJson(ctx, req, HttpResponseStatus.FORBIDDEN, bannedPayload(ipBan));
return;
}
}
try (PreparedStatement stmt = conn.prepareStatement(
"SELECT id, username, password FROM users WHERE username = ? LIMIT 1")) {
stmt.setString(1, username);
try (ResultSet rs = stmt.executeQuery()) {
@@ -394,6 +470,15 @@ public class AuthHttpHandler extends ChannelInboundHandlerAdapter {
return;
}
BanInfo accountBan = lookupAccountBan(conn, userId);
if (accountBan != null) {
LOGGER.info("[auth/login] account ban hit userId={} type={} expires={}",
userId, accountBan.type, accountBan.expiresAt);
AuthRateLimiter.recordSuccess(ip);
sendJson(ctx, req, HttpResponseStatus.FORBIDDEN, bannedPayload(accountBan));
return;
}
String ssoTicket = mintSsoTicket();
try (PreparedStatement upd = conn.prepareStatement(
@@ -421,8 +506,12 @@ public class AuthHttpHandler extends ChannelInboundHandlerAdapter {
ok.addProperty("ssoTicket", ssoTicket);
ok.addProperty("username", rs.getString("username"));
if (rememberToken != null) ok.addProperty("rememberToken", rememberToken);
AccessTokenService.Issued access = AccessTokenService.issue(userId);
ok.addProperty("accessToken", access.token);
ok.addProperty("accessTokenExpiresAt", access.expiresAt);
sendJson(ctx, req, HttpResponseStatus.OK, ok);
}
}
} catch (Exception e) {
LOGGER.error("Login query failed for username=" + username, e);
sendJson(ctx, req, HttpResponseStatus.INTERNAL_SERVER_ERROR, errorPayload("Server error."));
@@ -664,6 +753,76 @@ public class AuthHttpHandler extends ChannelInboundHandlerAdapter {
sendJson(ctx, req, HttpResponseStatus.OK, res);
}
private static final long NEWS_CACHE_TTL_MS = 30_000L;
private static final int NEWS_IMAGE_MAX_BYTES = 512 * 1024;
private static volatile NewsCacheEntry NEWS_CACHE = null;
private static final class NewsCacheEntry {
final byte[] jsonBytes;
final long expiresAt;
NewsCacheEntry(byte[] j, long e) { jsonBytes = j; expiresAt = e; }
}
private void handleNews(ChannelHandlerContext ctx, FullHttpRequest req) {
long now = System.currentTimeMillis();
NewsCacheEntry cached = NEWS_CACHE;
if (cached == null || cached.expiresAt < now) {
JsonArray items = new JsonArray();
int limit = Math.max(1, Math.min(20, Emulator.getConfig().getInt("login.news.limit", 5)));
try (Connection conn = Emulator.getDatabase().getDataSource().getConnection();
PreparedStatement stmt = conn.prepareStatement(
"SELECT id, title, body, image, link_text, link_url " +
"FROM ui_news WHERE enabled = 1 " +
"ORDER BY sort_order ASC, id DESC LIMIT ?")) {
stmt.setInt(1, limit);
try (ResultSet rs = stmt.executeQuery()) {
while (rs.next()) {
int id = rs.getInt("id");
JsonObject n = new JsonObject();
n.addProperty("id", id);
n.addProperty("title", rs.getString("title"));
n.addProperty("body", rs.getString("body"));
String image = rs.getString("image");
if (image != null && image.length() > NEWS_IMAGE_MAX_BYTES) {
LOGGER.warn("ui_news id={} image is {} bytes (>{}KB cap), omitting in response",
id, image.length(), NEWS_IMAGE_MAX_BYTES / 1024);
image = null;
}
n.addProperty("image", image); // gson encodes null as JSON null
n.addProperty("linkText", rs.getString("link_text"));
n.addProperty("linkUrl", rs.getString("link_url"));
items.add(n);
}
}
} catch (Exception e) {
LOGGER.error("ui_news list failed", e);
sendJson(ctx, req, HttpResponseStatus.INTERNAL_SERVER_ERROR, errorPayload("Server error."));
return;
}
JsonObject res = new JsonObject();
res.add("news", items);
byte[] bytes = res.toString().getBytes(StandardCharsets.UTF_8);
cached = new NewsCacheEntry(bytes, now + NEWS_CACHE_TTL_MS);
NEWS_CACHE = cached;
}
FullHttpResponse response = new DefaultFullHttpResponse(
HttpVersion.HTTP_1_1, HttpResponseStatus.OK,
Unpooled.wrappedBuffer(cached.jsonBytes));
response.headers().set(HttpHeaderNames.CONTENT_TYPE, "application/json; charset=utf-8");
response.headers().setInt(HttpHeaderNames.CONTENT_LENGTH, cached.jsonBytes.length);
response.headers().set(HttpHeaderNames.CACHE_CONTROL, "public, max-age=30");
applyCors(req, response);
boolean keepAlive = isKeepAlive(req);
if (keepAlive) response.headers().set(HttpHeaderNames.CONNECTION, HttpHeaderValues.KEEP_ALIVE);
var future = ctx.writeAndFlush(response);
if (!keepAlive) future.addListener(ChannelFutureListener.CLOSE);
}
private void handleServerKey(ChannelHandlerContext ctx, FullHttpRequest req) {
try {
JsonObject ok = new JsonObject();
@@ -806,6 +965,74 @@ public class AuthHttpHandler extends ChannelInboundHandlerAdapter {
sendJson(ctx, req, HttpResponseStatus.OK, ok);
}
private static final long PERMANENT_BAN_THRESHOLD_SECONDS = 30L * 365L * 24L * 60L * 60L;
private static final class BanInfo {
final String type;
final String reason;
final int expiresAt;
BanInfo(String type, String reason, int expiresAt) {
this.type = type == null ? "account" : type;
this.reason = reason == null ? "" : reason;
this.expiresAt = expiresAt;
}
boolean isPermanent() {
return (long) expiresAt - Emulator.getIntUnixTimestamp() > PERMANENT_BAN_THRESHOLD_SECONDS;
}
}
private static BanInfo lookupAccountBan(Connection conn, int userId) throws SQLException {
try (PreparedStatement stmt = conn.prepareStatement(
"SELECT ban_expire, ban_reason, type FROM bans " +
"WHERE user_id = ? AND ban_expire >= ? AND (type = 'account' OR type = 'super') " +
"ORDER BY ban_expire DESC LIMIT 1")) {
stmt.setInt(1, userId);
stmt.setInt(2, Emulator.getIntUnixTimestamp());
try (ResultSet rs = stmt.executeQuery()) {
if (rs.next()) {
return new BanInfo(rs.getString("type"), rs.getString("ban_reason"), rs.getInt("ban_expire"));
}
}
}
return null;
}
private static BanInfo lookupIpBan(Connection conn, String ip) throws SQLException {
try (PreparedStatement stmt = conn.prepareStatement(
"SELECT ban_expire, ban_reason, type FROM bans " +
"WHERE ip = ? AND ban_expire >= ? AND (type = 'ip' OR type = 'super') " +
"ORDER BY ban_expire DESC LIMIT 1")) {
stmt.setString(1, ip);
stmt.setInt(2, Emulator.getIntUnixTimestamp());
try (ResultSet rs = stmt.executeQuery()) {
if (rs.next()) {
return new BanInfo(rs.getString("type"), rs.getString("ban_reason"), rs.getInt("ban_expire"));
}
}
}
return null;
}
private static JsonObject bannedPayload(BanInfo ban) {
boolean permanent = ban.isPermanent();
String message = permanent
? "Your account has been permanently banned."
: "Your account is temporarily banned.";
JsonObject details = new JsonObject();
details.addProperty("type", ban.type);
details.addProperty("reason", ban.reason);
details.addProperty("permanent", permanent);
if (!permanent) details.addProperty("expiresAt", ban.expiresAt);
JsonObject obj = new JsonObject();
obj.addProperty("error", message);
obj.add("ban", details);
return obj;
}
private static boolean checkPassword(String plain, String stored) {
String compatible = stored.startsWith("$2y$") ? "$2a$" + stored.substring(4) : stored;
try {
Emulator/src/main/java/com/eu/habbo/networking/gameserver/badges/BadgeHttpHandler.java
+371
View File
@@ -0,0 +1,371 @@
package com.eu.habbo.networking.gameserver.badges;
import com.eu.habbo.Emulator;
import com.eu.habbo.habbohotel.users.custombadge.CustomBadge;
import com.eu.habbo.habbohotel.users.custombadge.CustomBadgeException;
import com.eu.habbo.habbohotel.users.custombadge.CustomBadgeManager;
import com.eu.habbo.networking.gameserver.GameServerAttributes;
import com.eu.habbo.networking.gameserver.auth.AccessTokenService;
import com.eu.habbo.networking.gameserver.auth.AuthRateLimiter;
import com.google.gson.JsonArray;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import io.netty.buffer.Unpooled;
import io.netty.channel.ChannelFutureListener;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInboundHandlerAdapter;
import io.netty.handler.codec.http.*;
import io.netty.util.ReferenceCountUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.net.InetSocketAddress;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.List;
public class BadgeHttpHandler extends ChannelInboundHandlerAdapter {
private static final Logger LOGGER = LoggerFactory.getLogger(BadgeHttpHandler.class);
private static final String BASE_PATH = "/api/badges/custom";
private static final int MAX_BODY_BYTES = 128 * 1024;
private static volatile JsonObject cachedTextsResponse = null;
private static volatile long cachedTextsVersion = -1L;
@Override
public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception {
if (!(msg instanceof FullHttpRequest req)) {
super.channelRead(ctx, msg);
return;
}
String path = new QueryStringDecoder(req.uri()).path();
if (!path.equals(BASE_PATH) && !path.startsWith(BASE_PATH + "/")) {
super.channelRead(ctx, msg);
return;
}
try {
handle(ctx, req, path);
} finally {
ReferenceCountUtil.release(req);
}
}
private void handle(ChannelHandlerContext ctx, FullHttpRequest req, String path) {
if (req.method() == HttpMethod.OPTIONS) {
sendCors(ctx, req);
return;
}
if (path.equals(BASE_PATH + "/texts")) {
if (req.method() == HttpMethod.GET || req.method() == HttpMethod.HEAD) {
String ip = resolveClientIp(ctx, req);
if (!AuthRateLimiter.tryProbe(ip)) {
long secs = AuthRateLimiter.secondsUntilProbeReset(ip);
sendJson(ctx, req, HttpResponseStatus.TOO_MANY_REQUESTS,
error("Too many requests. Try again in " + secs + "s."));
return;
}
handleTexts(ctx, req);
return;
}
sendJson(ctx, req, HttpResponseStatus.METHOD_NOT_ALLOWED, error("Use GET."));
return;
}
int userId = authenticate(req);
if (userId == 0) {
sendJson(ctx, req, HttpResponseStatus.UNAUTHORIZED, error("Authentication required."));
return;
}
if (req.content().readableBytes() > MAX_BODY_BYTES) {
sendJson(ctx, req, HttpResponseStatus.REQUEST_ENTITY_TOO_LARGE, error("Payload too large."));
return;
}
String trailing = path.length() > BASE_PATH.length() ? path.substring(BASE_PATH.length() + 1) : "";
try {
if (trailing.isEmpty()) {
if (req.method() == HttpMethod.GET || req.method() == HttpMethod.HEAD) {
handleList(ctx, req, userId);
return;
}
if (req.method() == HttpMethod.POST) {
handleCreate(ctx, req, userId);
return;
}
sendJson(ctx, req, HttpResponseStatus.METHOD_NOT_ALLOWED, error("Use GET or POST."));
return;
}
String badgeId = trailing;
CustomBadgeManager manager = Emulator.getGameEnvironment().getCustomBadgeManager();
if (!manager.isCustomBadgeId(badgeId)) {
sendJson(ctx, req, HttpResponseStatus.BAD_REQUEST, error("Invalid badge id."));
return;
}
if (req.method() == HttpMethod.PUT || req.method() == HttpMethod.POST) {
handleUpdate(ctx, req, userId, badgeId);
return;
}
if (req.method() == HttpMethod.DELETE) {
handleDelete(ctx, req, userId, badgeId);
return;
}
sendJson(ctx, req, HttpResponseStatus.METHOD_NOT_ALLOWED, error("Use PUT or DELETE."));
} catch (Exception e) {
LOGGER.error("[badges/custom] unexpected error path=" + path, e);
sendJson(ctx, req, HttpResponseStatus.INTERNAL_SERVER_ERROR, error("Server error."));
}
}
private void handleTexts(ChannelHandlerContext ctx, FullHttpRequest req) {
CustomBadgeManager manager = Emulator.getGameEnvironment().getCustomBadgeManager();
long version = manager.getTextCacheVersion();
JsonObject ok = cachedTextsResponse;
if (ok == null || cachedTextsVersion != version) {
java.util.Map<String, CustomBadgeManager.BadgeText> cache = manager.getTextCache();
JsonObject texts = new JsonObject();
for (java.util.Map.Entry<String, CustomBadgeManager.BadgeText> entry : cache.entrySet()) {
String badgeId = entry.getKey();
CustomBadgeManager.BadgeText value = entry.getValue();
texts.addProperty("badge_name_" + badgeId, value.name);
texts.addProperty("badge_desc_" + badgeId, value.description);
}
JsonObject built = new JsonObject();
built.add("texts", texts);
built.addProperty("count", cache.size());
built.addProperty("version", version);
cachedTextsResponse = built;
cachedTextsVersion = version;
ok = built;
}
sendJsonCached(ctx, req, HttpResponseStatus.OK, ok);
}
private void handleList(ChannelHandlerContext ctx, FullHttpRequest req, int userId) {
CustomBadgeManager manager = Emulator.getGameEnvironment().getCustomBadgeManager();
List<CustomBadge> badges = manager.listForUser(userId);
JsonArray arr = new JsonArray();
for (CustomBadge b : badges) arr.add(toJson(b, manager));
JsonObject ok = new JsonObject();
ok.add("badges", arr);
ok.addProperty("max", CustomBadgeManager.MAX_PER_USER);
ok.addProperty("badgeWidth", CustomBadgeManager.BADGE_WIDTH);
ok.addProperty("badgeHeight", CustomBadgeManager.BADGE_HEIGHT);
ok.addProperty("maxBadgeSizeBytes", CustomBadgeManager.MAX_BADGE_SIZE_BYTES);
if (manager.getSettings() != null) {
ok.addProperty("priceBadge", manager.getSettings().getPriceBadge());
ok.addProperty("currencyType", manager.getSettings().getCurrencyType());
}
sendJson(ctx, req, HttpResponseStatus.OK, ok);
}
private void handleCreate(ChannelHandlerContext ctx, FullHttpRequest req, int userId) {
JsonObject body = readJsonBody(req);
if (body == null) {
sendJson(ctx, req, HttpResponseStatus.BAD_REQUEST, error("Invalid JSON body."));
return;
}
byte[] png = decodeImage(body);
if (png == null) {
sendJson(ctx, req, HttpResponseStatus.BAD_REQUEST, error("Missing or invalid image."));
return;
}
String name = optString(body, "name");
String description = optString(body, "description");
CustomBadgeManager manager = Emulator.getGameEnvironment().getCustomBadgeManager();
try {
CustomBadge created = manager.create(userId, name, description, png);
sendJson(ctx, req, HttpResponseStatus.CREATED, toJson(created, manager));
} catch (CustomBadgeException e) {
sendJson(ctx, req, statusFor(e), error(e.getMessage(), e.getCode()));
}
}
private void handleUpdate(ChannelHandlerContext ctx, FullHttpRequest req, int userId, String badgeId) {
JsonObject body = readJsonBody(req);
if (body == null) {
sendJson(ctx, req, HttpResponseStatus.BAD_REQUEST, error("Invalid JSON body."));
return;
}
byte[] png = decodeImage(body);
if (png == null) {
sendJson(ctx, req, HttpResponseStatus.BAD_REQUEST, error("Missing or invalid image."));
return;
}
String name = optString(body, "name");
String description = optString(body, "description");
CustomBadgeManager manager = Emulator.getGameEnvironment().getCustomBadgeManager();
try {
CustomBadge updated = manager.update(userId, badgeId, name, description, png);
sendJson(ctx, req, HttpResponseStatus.OK, toJson(updated, manager));
} catch (CustomBadgeException e) {
sendJson(ctx, req, statusFor(e), error(e.getMessage(), e.getCode()));
}
}
private void handleDelete(ChannelHandlerContext ctx, FullHttpRequest req, int userId, String badgeId) {
CustomBadgeManager manager = Emulator.getGameEnvironment().getCustomBadgeManager();
try {
manager.delete(userId, badgeId);
JsonObject ok = new JsonObject();
ok.addProperty("deleted", badgeId);
sendJson(ctx, req, HttpResponseStatus.OK, ok);
} catch (CustomBadgeException e) {
sendJson(ctx, req, statusFor(e), error(e.getMessage(), e.getCode()));
}
}
private static byte[] decodeImage(JsonObject body) {
if (!body.has("image")) return null;
try {
String raw = body.get("image").getAsString();
if (raw == null || raw.isEmpty()) return null;
int comma = raw.indexOf(',');
String b64 = raw.startsWith("data:") && comma >= 0 ? raw.substring(comma + 1) : raw;
return Base64.getDecoder().decode(b64.replaceAll("\\s+", ""));
} catch (Exception e) {
return null;
}
}
private static JsonObject readJsonBody(FullHttpRequest req) {
try {
String text = req.content().toString(StandardCharsets.UTF_8);
if (text.isEmpty()) return new JsonObject();
return JsonParser.parseString(text).getAsJsonObject();
} catch (Exception e) {
return null;
}
}
private static String optString(JsonObject body, String key) {
if (body == null || !body.has(key) || body.get(key).isJsonNull()) return "";
try { return body.get(key).getAsString(); }
catch (Exception e) { return ""; }
}
private static int authenticate(FullHttpRequest req) {
String header = req.headers().get(HttpHeaderNames.AUTHORIZATION);
if (header == null || header.isEmpty()) return 0;
String token;
if (header.startsWith("Bearer ")) token = header.substring(7).trim();
else token = header.trim();
return AccessTokenService.verify(token);
}
private static HttpResponseStatus statusFor(CustomBadgeException e) {
return switch (e.getCode()) {
case "not_found" -> HttpResponseStatus.NOT_FOUND;
case "insufficient_funds" -> HttpResponseStatus.PAYMENT_REQUIRED;
case "must_be_online" -> HttpResponseStatus.CONFLICT;
case "rate_limited" -> HttpResponseStatus.TOO_MANY_REQUESTS;
case "limit_reached", "wrong_dimensions", "too_large", "empty", "invalid_image", "not_configured" ->
HttpResponseStatus.BAD_REQUEST;
default -> HttpResponseStatus.INTERNAL_SERVER_ERROR;
};
}
private static JsonObject toJson(CustomBadge badge, CustomBadgeManager manager) {
JsonObject obj = new JsonObject();
obj.addProperty("badgeId", badge.getBadgeId());
obj.addProperty("badgeCode", badge.getBadgeId());
obj.addProperty("name", badge.getBadgeName());
obj.addProperty("description", badge.getBadgeDescription());
obj.addProperty("dateCreated", badge.getDateCreated());
obj.addProperty("dateEdit", badge.getDateEdit());
obj.addProperty("url", manager.publicUrlFor(badge.getBadgeId()));
return obj;
}
private static JsonObject error(String message) {
return error(message, null);
}
private static JsonObject error(String message, String code) {
JsonObject obj = new JsonObject();
obj.addProperty("error", message);
if (code != null) obj.addProperty("code", code);
return obj;
}
private static void sendJsonCached(ChannelHandlerContext ctx, FullHttpRequest req,
HttpResponseStatus status, JsonObject body) {
byte[] bytes = body.toString().getBytes(StandardCharsets.UTF_8);
FullHttpResponse response = new DefaultFullHttpResponse(
HttpVersion.HTTP_1_1, status, Unpooled.wrappedBuffer(bytes));
response.headers().set(HttpHeaderNames.CONTENT_TYPE, "application/json; charset=utf-8");
response.headers().setInt(HttpHeaderNames.CONTENT_LENGTH, bytes.length);
response.headers().set(HttpHeaderNames.CACHE_CONTROL, "public, max-age=30");
applyCors(req, response);
boolean keepAlive = isKeepAlive(req);
if (keepAlive) response.headers().set(HttpHeaderNames.CONNECTION, HttpHeaderValues.KEEP_ALIVE);
var future = ctx.writeAndFlush(response);
if (!keepAlive) future.addListener(ChannelFutureListener.CLOSE);
}
private static void sendJson(ChannelHandlerContext ctx, FullHttpRequest req,
HttpResponseStatus status, JsonObject body) {
byte[] bytes = body.toString().getBytes(StandardCharsets.UTF_8);
FullHttpResponse response = new DefaultFullHttpResponse(
HttpVersion.HTTP_1_1, status, Unpooled.wrappedBuffer(bytes));
response.headers().set(HttpHeaderNames.CONTENT_TYPE, "application/json; charset=utf-8");
response.headers().setInt(HttpHeaderNames.CONTENT_LENGTH, bytes.length);
applyCors(req, response);
boolean keepAlive = isKeepAlive(req);
if (keepAlive) response.headers().set(HttpHeaderNames.CONNECTION, HttpHeaderValues.KEEP_ALIVE);
var future = ctx.writeAndFlush(response);
if (!keepAlive) future.addListener(ChannelFutureListener.CLOSE);
}
private static void sendCors(ChannelHandlerContext ctx, FullHttpRequest req) {
FullHttpResponse response = new DefaultFullHttpResponse(
HttpVersion.HTTP_1_1, HttpResponseStatus.NO_CONTENT);
applyCors(req, response);
ctx.writeAndFlush(response).addListener(ChannelFutureListener.CLOSE);
}
private static void applyCors(FullHttpRequest req, FullHttpResponse response) {
String origin = req.headers().get(HttpHeaderNames.ORIGIN);
if (origin != null && !origin.isEmpty()) {
response.headers().set("Access-Control-Allow-Origin", origin);
response.headers().set("Vary", "Origin");
response.headers().set("Access-Control-Allow-Credentials", "true");
}
response.headers().set("Access-Control-Allow-Methods", "GET, HEAD, POST, PUT, DELETE, OPTIONS");
response.headers().set("Access-Control-Allow-Headers", "Content-Type, Authorization, X-Requested-With");
}
private static boolean isKeepAlive(FullHttpRequest req) {
String connection = req.headers().get(HttpHeaderNames.CONNECTION);
if (connection != null && connection.equalsIgnoreCase("close")) return false;
if (connection != null && connection.equalsIgnoreCase("keep-alive")) return true;
return req.protocolVersion().isKeepAliveDefault();
}
@SuppressWarnings("unused")
private static String resolveClientIp(ChannelHandlerContext ctx, FullHttpRequest req) {
if (ctx.channel().attr(GameServerAttributes.WS_IP).get() != null) {
return ctx.channel().attr(GameServerAttributes.WS_IP).get();
}
if (ctx.channel().remoteAddress() instanceof InetSocketAddress addr) {
return addr.getAddress().getHostAddress();
}
return "";
}
}
Latest_Compiled_Version/Habbo-4.1.2-jar-with-dependencies.jar
BIN
View File
Binary file not shown.