Keitenai Posted July 31, 2017 Posted July 31, 2017 File Name: WhoisCommand.txt File Submitter: keitenai File Submitted: 31 July 2017 File Category: Utility Script Content Author: keitenai Information: Admins or GMs mostly find it hard to track a player when certain player has many accounts created with many characters on each accounts. I too had this problem so I made this script to simplify tracing a player with a simple @ whois command. How does it work? By typing the complete player's name after the command ( @ whois name of player ) will trigger sql searching for accounts which is linked to the player's IP address. Tracking is limited to last IP used by the player so this script is not capable of completely identifying all accounts of the player if a player use a different IP on a different account. Features: NO src editing needed! Able to track account IDs, Character Names, and current online character on an account. Script LINK: https://github.com/keitenai/keitenai/blob/master/WhoisCommand.txt Give me hugs and kisses if you find this useful 1 1 Quote
Emistry Posted July 31, 2017 Posted July 31, 2017 (edited) You can actually replace this whole part here... https://github.com/keitenai/keitenai/blob/master/WhoisCommand.txt#L30-L60 with this for (.@i = 0; .@i < .@atcmd_numparameters; .@i++) .@name$ = .@name$ + (.@i > 0 ? " ":"") + .@atcmd_parameters$[.@i]; or this .@name$ = implode(.@atcmd_parameters$, " "); (may get errors or warnings if the array size is less than 1 or 0) Edited July 31, 2017 by Emistry 1 Quote
Keitenai Posted July 31, 2017 Author Posted July 31, 2017 Cool!! i didn't know there is such function! haha thanks @emistry Git updated Quote
Emistry Posted July 31, 2017 Posted July 31, 2017 when you use query_sql() ... always use escape_sql() for all the string variables that you passed in. otherwise your scripts are vulnerable to SQL injection. query_sql("SELECT `account_id` FROM `char` WHERE `name` = '"+.@name$+"'",.@acc_ID$) change to query_sql("SELECT `account_id` FROM `char` WHERE `name` = '"+escape_sql(.@name$)+"'",.@acc_ID$) etc.. Quote
Keitenai Posted July 31, 2017 Author Posted July 31, 2017 I was totally unaware of that. Thanks a bunch! now i know why i get script errors when there's a special character on a player's name like ' . Git Updated! Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.