Keitenai Posted July 31, 2017 Share Posted July 31, 2017 File Name: WhoisCommand.txt File Submitter: keitenai File Submitted: 31 July 2017 File Category: Utility Script Content Author: keitenai Information: Admins or GMs mostly find it hard to track a player when certain player has many accounts created with many characters on each accounts. I too had this problem so I made this script to simplify tracing a player with a simple @ whois command. How does it work? By typing the complete player's name after the command ( @ whois name of player ) will trigger sql searching for accounts which is linked to the player's IP address. Tracking is limited to last IP used by the player so this script is not capable of completely identifying all accounts of the player if a player use a different IP on a different account. Features: NO src editing needed! Able to track account IDs, Character Names, and current online character on an account. Script LINK: https://github.com/keitenai/keitenai/blob/master/WhoisCommand.txt Give me hugs and kisses if you find this useful 1 Quote Link to comment Share on other sites More sharing options...
Emistry Posted July 31, 2017 Share Posted July 31, 2017 (edited) You can actually replace this whole part here... https://github.com/keitenai/keitenai/blob/master/WhoisCommand.txt#L30-L60 with this for ([email protected] = 0; [email protected] < [email protected]_numparameters; [email protected]++) [email protected]$ = [email protected]$ + ([email protected] > 0 ? " ":"") + [email protected]_parameters$[[email protected]]; or this [email protected]$ = implode([email protected]_parameters$, " "); (may get errors or warnings if the array size is less than 1 or 0) Edited July 31, 2017 by Emistry 1 Quote Link to comment Share on other sites More sharing options...
Keitenai Posted July 31, 2017 Author Share Posted July 31, 2017 Cool!! i didn't know there is such function! haha thanks @emistry Git updated Quote Link to comment Share on other sites More sharing options...
Emistry Posted July 31, 2017 Share Posted July 31, 2017 when you use query_sql() ... always use escape_sql() for all the string variables that you passed in. otherwise your scripts are vulnerable to SQL injection. query_sql("SELECT `account_id` FROM `char` WHERE `name` = '"[email protected]$+"'",[email protected]_ID$) change to query_sql("SELECT `account_id` FROM `char` WHERE `name` = '"+escape_sql([email protected]$)+"'",[email protected]_ID$) etc.. Quote Link to comment Share on other sites More sharing options...
Keitenai Posted July 31, 2017 Author Share Posted July 31, 2017 I was totally unaware of that. Thanks a bunch! now i know why i get script errors when there's a special character on a player's name like ' . Git Updated! Quote Link to comment Share on other sites More sharing options...
syndrome93 Posted March 8, 2020 Share Posted March 8, 2020 @Keitenai awesome. thx for the script ! Quote Link to comment Share on other sites More sharing options...
Gidz Cross Posted March 19, 2020 Share Posted March 19, 2020 I love this script. Thank you so much! Quote Link to comment Share on other sites More sharing options...
