//TODO: Don't disconnect people, instead return an error code.
static void HandleSignInPacket(Client c, string name, string pass)
{
if (name.Length == 0 || name.Length > 16 || pass.Length != 40)
{
c.Disconnect();
return;
}
//Don't let them join if they were banned.
GetBanList();
if (BanList.Contains(name.ToLower(), StringComparer.OrdinalIgnoreCase))
{
c.Disconnect();
return;
}
MySqlCommand q = new MySqlCommand(string.Empty, SQL);
q.CommandText = "SELECT Count(*) FROM users WHERE Username=@Username AND Password=@Password;";
q.Parameters.AddWithValue("@Username", name);
q.Parameters.AddWithValue("@Password", pass);
MySqlDataReader r = q.ExecuteReader();
bool success = r.Read() && (r.GetInt16("Count(*)") != 0);
r.Close();
byte[] data = Packer.Serialize((byte)ServerPacket.SignIn, success);
c.Send(data);
if (success)
{
//If this user is already logged in from somewhere else then disconnect them.
Client existing = ClientFromUsername(name);
if (existing != null)
{
existing.Disconnect();
}
c.Value.UserID = RunningID++;
c.Value.Username = name;
c.Value.Authenticated = true;
SendLoginBarrage(c);
}
}