package marauroa.server.game.db;

import java.io.IOException;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Random;
import marauroa.common.Configuration;
import marauroa.common.Log4J;
import marauroa.common.Logger;
import marauroa.common.crypto.Hash;
import marauroa.common.crypto.Sha512Crypt;
import marauroa.common.i18n.I18N;
import marauroa.common.net.message.MessageS2CLoginNACK;
import marauroa.server.db.DBTransaction;
import marauroa.server.db.StringChecker;
import marauroa.server.db.TransactionPool;
import marauroa.server.game.container.SecuredLoginInfo;

/* loaded from: input_file:marauroa/server/game/db/AccountDAO.class */
public class AccountDAO {
    private static final Logger logger = Log4J.getLogger(AccountDAO.class);

    @Deprecated
    public void addPlayer(DBTransaction dBTransaction, String str, byte[] bArr, String str2) throws SQLException {
        addPlayer(dBTransaction, str, bArr, str2, new Timestamp(new Date().getTime()));
    }

    public void addPlayer(DBTransaction dBTransaction, String str, byte[] bArr, String str2, Timestamp timestamp) throws SQLException {
        try {
            if (!StringChecker.validString(str) || !StringChecker.validString(str2)) {
                throw new SQLException("Invalid string username=(" + str + ") email=(" + str2 + ")");
            }
            HashMap hashMap = new HashMap();
            hashMap.put("username", str);
            try {
                hashMap.put("status", Configuration.getConfiguration().get("account_creation_status", "active"));
                if (Configuration.getConfiguration().get("password_hash", "sha512").equals("md5")) {
                    hashMap.put("password", Hash.toHexString(bArr));
                } else {
                    hashMap.put("password", Sha512Crypt.Sha512_crypt(Configuration.getConfiguration().get("password_pepper", "") + Hash.toHexString(bArr), null, 0));
                }
                hashMap.put("timedate", timestamp);
                logger.debug("addPlayer is using query: insert into account(username, password, status, timedate) values('[username]','[password]', '[status]', '[timedate]')");
                dBTransaction.execute("insert into account(username, password, status, timedate) values('[username]','[password]', '[status]', '[timedate]')", hashMap);
                if (!str2.trim().equals("")) {
                    changeEmail(dBTransaction, str, str2);
                }
            } catch (IOException e) {
                throw new SQLException(e);
            }
        } catch (SQLException e2) {
            logger.error("Can't add player \"" + str + "\" to database", e2);
            throw e2;
        }
    }

    public String generatePlayer(String str) {
        int length = str.length();
        Random random = new Random();
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < length; i++) {
            char charAt = str.charAt(i);
            if (charAt == '#') {
                sb.append(random.nextInt(10));
            } else if (charAt == '@') {
                sb.append((char) (random.nextInt(26) + 97));
            } else {
                sb.append(charAt);
            }
        }
        return sb.toString();
    }

    public void changeEmail(DBTransaction dBTransaction, String str, String str2) throws SQLException {
        try {
            if (!StringChecker.validString(str) || !StringChecker.validString(str2)) {
                throw new SQLException("Invalid string username=(" + str + ") email=(" + str2 + ")");
            }
            String hexString = Hash.toHexString(Hash.random(16));
            int databasePlayerId = getDatabasePlayerId(dBTransaction, str);
            HashMap hashMap = new HashMap();
            hashMap.put("player_id", Integer.valueOf(databasePlayerId));
            hashMap.put("token", hexString);
            hashMap.put("email", str2);
            logger.debug("changeEmail is using query: insert into email(player_id, email, token) values ([player_id], '[email]', '[token]')");
            if (dBTransaction.execute("insert into email(player_id, email, token) values ([player_id], '[email]', '[token]')", hashMap) == 1 && Configuration.getConfiguration().has("email_command")) {
                new ProcessBuilder(Configuration.getConfiguration().get("email_command"), Integer.toString(databasePlayerId), str, hexString, str2).start();
            }
        } catch (IOException e) {
            logger.error("Can't change email for player \"" + str + "\"", e);
            throw new SQLException(e);
        } catch (SQLException e2) {
            logger.error("Can't change email for player \"" + str + "\"", e2);
            throw e2;
        }
    }

    public void changePassword(DBTransaction dBTransaction, String str, String str2) throws SQLException {
        try {
            if (!StringChecker.validString(str)) {
                throw new SQLException("Invalid string username=(" + str + ")");
            }
            HashMap hashMap = new HashMap();
            hashMap.put("username", str);
            try {
                if (Configuration.getConfiguration().get("password_hash", "sha512").equals("md5")) {
                    hashMap.put("password", Hash.toHexString(Hash.hash(str2)));
                } else {
                    hashMap.put("password", Sha512Crypt.Sha512_crypt(Configuration.getConfiguration().get("password_pepper", "") + Hash.toHexString(Hash.hash(str2)), null, 0));
                }
                logger.debug("changePassword is using query: update account set password='[password]' where username='[username]'");
                dBTransaction.execute("update account set password='[password]' where username='[username]'", hashMap);
            } catch (IOException e) {
                throw new SQLException(e);
            }
        } catch (SQLException e2) {
            logger.error("Can't update password for player \"" + str + "\"", e2);
            throw e2;
        }
    }

    public boolean hasPlayer(DBTransaction dBTransaction, String str) throws SQLException {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("username", str);
            logger.debug("hasPlayer is using query: select count(*) as amount from account where username = '[username]'");
            return dBTransaction.querySingleCellInt("select count(*) as amount from account where username = '[username]'", hashMap) > 0;
        } catch (SQLException e) {
            logger.error("Can't query for player \"" + str + "\"", e);
            throw e;
        }
    }

    public void setAccountStatus(DBTransaction dBTransaction, String str, String str2) throws SQLException {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("username", str);
            hashMap.put("status", str2);
            logger.debug("setAccountStatus is executing query update account set status='[status]' where username = '[username]'");
            dBTransaction.execute("update account set status='[status]' where username = '[username]'", hashMap);
        } catch (SQLException e) {
            logger.error("Can't update account status of player \"" + str + "\"", e);
            throw e;
        }
    }

    public String getAccountStatus(DBTransaction dBTransaction, String str) throws SQLException {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("username", str);
            logger.debug("getAccountStatus is executing query SELECT account.status As status, accountban.reason As reason FROM account LEFT JOIN accountban ON (account.id=accountban.player_id AND (accountban.expire > CURRENT_TIMESTAMP OR accountban.expire IS NULL)) WHERE username='[username]' order by ifnull(expire,'9999-12-31') desc limit 1 ");
            ResultSet query = dBTransaction.query("SELECT account.status As status, accountban.reason As reason FROM account LEFT JOIN accountban ON (account.id=accountban.player_id AND (accountban.expire > CURRENT_TIMESTAMP OR accountban.expire IS NULL)) WHERE username='[username]' order by ifnull(expire,'9999-12-31') desc limit 1 ", hashMap);
            String str2 = null;
            if (query.next()) {
                str2 = query.getString("status");
                if (str2.equals("active") && query.getString("reason") != null) {
                    str2 = "banned";
                }
            }
            query.close();
            return str2;
        } catch (SQLException e) {
            logger.error("Can't query player \"" + str + "\"", e);
            throw e;
        }
    }

    public String getAccountBanMessage(DBTransaction dBTransaction, String str) throws SQLException {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("username", str);
            logger.debug("getAccountStatus is executing query SELECT account.status As status, accountban.reason As reason, accountban.expire As expire FROM account LEFT JOIN accountban ON (account.id=accountban.player_id AND (accountban.expire > CURRENT_TIMESTAMP OR accountban.expire IS NULL)) WHERE username='[username]' order by COALESCE(expire,'9999-12-31') desc limit 1 ");
            ResultSet query = dBTransaction.query("SELECT account.status As status, accountban.reason As reason, accountban.expire As expire FROM account LEFT JOIN accountban ON (account.id=accountban.player_id AND (accountban.expire > CURRENT_TIMESTAMP OR accountban.expire IS NULL)) WHERE username='[username]' order by COALESCE(expire,'9999-12-31') desc limit 1 ", hashMap);
            String str2 = null;
            if (query.next()) {
                String string = query.getString("status");
                String string2 = query.getString("reason");
                String string3 = query.getString("expire");
                if (string2 != null) {
                    str2 = (string3 != null ? I18N.translate("Your account is temporarily suspended until %1$s server time.", string3) + "\r\n" : I18N.translate("Your account is banned.", new Object[0]) + "\r\n") + I18N.translate("The reason given was: %1$s", string2) + "\r\n";
                } else if ("banned".equals(string)) {
                    str2 = I18N.translate("Your account has been banned. Please contact support.", new Object[0]) + "\r\n";
                } else if ("inactive".equals(string)) {
                    str2 = I18N.translate("Your account has been flagged as inactive. Please contact support.", new Object[0]) + "\r\n";
                } else if ("merged".equals(string)) {
                    str2 = I18N.translate("Your account has been merged into another account.\nPlease login with that account or contact support.", new Object[0]) + "\r\n";
                }
                if ((string2 != null || !"active".equals(string)) && !"merged".equals(string)) {
                    try {
                        Configuration configuration = Configuration.getConfiguration();
                        if (configuration.has("server_abuseContact")) {
                            str2 = str2 + configuration.get("server_abuseContact");
                        }
                    } catch (IOException e) {
                        logger.error(e, e);
                    }
                }
            }
            query.close();
            return str2;
        } catch (SQLException e2) {
            logger.error("Can't query player \"" + str + "\"", e2);
            throw e2;
        }
    }

    public String getEmail(DBTransaction dBTransaction, String str) throws SQLException {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("username", str);
            logger.debug("getEmail is executing query select email.email from account, email where username = '[username]' AND account.id=email.player_id");
            ResultSet query = dBTransaction.query("select email.email from account, email where username = '[username]' AND account.id=email.player_id", hashMap);
            String str2 = null;
            if (query.next()) {
                str2 = query.getString("email");
            }
            query.close();
            return str2;
        } catch (SQLException e) {
            logger.error("Can't query player \"" + str + "\"", e);
            throw e;
        }
    }

    public int getDatabasePlayerId(DBTransaction dBTransaction, String str) throws SQLException {
        HashMap hashMap = new HashMap();
        hashMap.put("username", str);
        logger.debug("getDatabasePlayerId is executing query select id from account where username = '[username]'");
        ResultSet query = dBTransaction.query("select id from account where username = '[username]'", hashMap);
        int i = -1;
        if (query.next()) {
            i = query.getInt("id");
        }
        query.close();
        return i;
    }

    public boolean verify(DBTransaction dBTransaction, SecuredLoginInfo securedLoginInfo) throws SQLException {
        if (securedLoginInfo.seed != null) {
            LoginSeedDAO loginSeedDAO = (LoginSeedDAO) DAORegister.get().get(LoginSeedDAO.class);
            Boolean verifySeed = loginSeedDAO.verifySeed(dBTransaction, securedLoginInfo.username, securedLoginInfo.seed);
            if (verifySeed == null) {
                securedLoginInfo.reason = MessageS2CLoginNACK.Reasons.SEED_WRONG;
                return false;
            }
            loginSeedDAO.useSeed(dBTransaction, securedLoginInfo.seed);
            if (verifySeed.booleanValue()) {
                return true;
            }
        }
        if (securedLoginInfo.token != null && securedLoginInfo.tokenType != null && ((AccountLinkDAO) DAORegister.get().get(AccountLinkDAO.class)).verifyPermanentToken(dBTransaction, securedLoginInfo)) {
            return true;
        }
        byte[] decryptedPasswordHash = securedLoginInfo.getDecryptedPasswordHash();
        if (decryptedPasswordHash == null) {
            return false;
        }
        return verifyUsingDB(dBTransaction, securedLoginInfo.username, decryptedPasswordHash);
    }

    public boolean verifyPassword(DBTransaction dBTransaction, String str, String str2) throws SQLException {
        return verifyUsingDB(dBTransaction, str, Hash.hash(str2));
    }

    private boolean verifyUsingDB(DBTransaction dBTransaction, String str, byte[] bArr) throws SQLException {
        boolean equalsIgnoreCase;
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("username", str);
            logger.debug("verifyAccount is executing query select username, password from account where username = '[username]'");
            ResultSet query = dBTransaction.query("select username, password from account where username = '[username]'", hashMap);
            if (!query.next()) {
                query.close();
                return false;
            }
            String string = query.getString("username");
            if (!string.equalsIgnoreCase(str)) {
                logger.warn("Username \"" + str + "\" is not the same that stored username \"" + string + "\"");
                query.close();
                return false;
            }
            String string2 = query.getString("password");
            query.close();
            if (string2 == null) {
                return false;
            }
            if (string2.startsWith("$6$")) {
                String str2 = Configuration.getConfiguration().get("password_pepper", "");
                equalsIgnoreCase = Sha512Crypt.verifyPassword(str2 + Hash.toHexString(bArr), string2);
                if (!equalsIgnoreCase) {
                    equalsIgnoreCase = Sha512Crypt.verifyPassword(str2 + Hash.toHexString(bArr), string2);
                }
            } else {
                equalsIgnoreCase = Hash.toHexString(bArr).equalsIgnoreCase(string2);
                if (!equalsIgnoreCase) {
                    equalsIgnoreCase = Hash.toHexString(Hash.hash(bArr)).equalsIgnoreCase(string2);
                }
            }
            return equalsIgnoreCase;
        } catch (IOException e) {
            logger.error("Can't query for player \"" + str + "\"", e);
            return false;
        } catch (SQLException e2) {
            logger.error("Can't query for player \"" + str + "\"", e2);
            throw e2;
        }
    }

    public boolean removePlayer(DBTransaction dBTransaction, String str) throws SQLException {
        try {
            CharacterDAO characterDAO = (CharacterDAO) DAORegister.get().get(CharacterDAO.class);
            Iterator<String> it = characterDAO.getCharacters(dBTransaction, str).iterator();
            while (it.hasNext()) {
                characterDAO.removeCharacter(dBTransaction, str, it.next());
            }
            HashMap hashMap = new HashMap();
            hashMap.put("username", str);
            logger.debug("removePlayer is using query: delete from account where username='[username]'");
            dBTransaction.execute("delete from account where username='[username]'", hashMap);
            return true;
        } catch (SQLException e) {
            logger.error("Can't remove player\"" + str + "\" from database", e);
            throw e;
        }
    }

    public boolean isAccountCreationLimitReached(DBTransaction dBTransaction, String str) throws SQLException, IOException {
        Configuration configuration = Configuration.getConfiguration();
        if (("," + configuration.get("ip_whitelist", "127.0.0.1") + ",").indexOf("," + str + ",") > -1) {
            return false;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("address", str);
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.add(13, (-1) * configuration.getInt("account_creation_counting_time", 3600));
        hashMap.put("timestamp", new Timestamp(gregorianCalendar.getTimeInMillis()).toString());
        return dBTransaction.querySingleCellInt("SELECT count(DISTINCT username) FROM account, loginEvent WHERE account.id=loginEvent.player_id AND address='[address]' AND account.timedate>'[timestamp]'", hashMap) > configuration.getInt("account_creation_limit", 5);
    }

    public void addBan(DBTransaction dBTransaction, String str, String str2, Timestamp timestamp) throws SQLException {
        try {
            int databasePlayerId = getDatabasePlayerId(dBTransaction, str);
            String str3 = timestamp == null ? "null" : "'[expire]'";
            String str4 = "insert into accountban(player_id, reason, expire) values('[player_id]','[reason]', " + str3 + ")";
            HashMap hashMap = new HashMap();
            hashMap.put("player_id", Integer.valueOf(databasePlayerId));
            hashMap.put("reason", str2);
            hashMap.put("expire", timestamp);
            logger.debug("addBan is using query: " + str4);
            dBTransaction.execute(str4, hashMap);
            if ("null".equals(str3)) {
                setAccountStatus(dBTransaction, str, "banned");
            }
        } catch (SQLException e) {
            logger.error("Can't insert ban for player \"" + str + "\" with expire of " + timestamp + " into database", e);
            throw e;
        }
    }

    @Deprecated
    public void addPlayer(String str, byte[] bArr, String str2) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            addPlayer(beginWork, str, bArr, str2, new Timestamp(new Date().getTime()));
            TransactionPool.get().commit(beginWork);
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public void changeEmail(String str, String str2) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            changeEmail(beginWork, str, str2);
            TransactionPool.get().commit(beginWork);
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public void changePassword(String str, String str2) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            changePassword(beginWork, str, str2);
            TransactionPool.get().commit(beginWork);
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public boolean hasPlayer(String str) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            boolean hasPlayer = hasPlayer(beginWork, str);
            TransactionPool.get().commit(beginWork);
            return hasPlayer;
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public void setAccountStatus(String str, String str2) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            setAccountStatus(beginWork, str, str2);
            TransactionPool.get().commit(beginWork);
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public String getAccountStatus(String str) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            String accountStatus = getAccountStatus(beginWork, str);
            TransactionPool.get().commit(beginWork);
            return accountStatus;
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public String getAccountBanMessage(String str) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            String accountBanMessage = getAccountBanMessage(beginWork, str);
            TransactionPool.get().commit(beginWork);
            return accountBanMessage;
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public String getEmail(String str) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            String email = getEmail(beginWork, str);
            TransactionPool.get().commit(beginWork);
            return email;
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public int getDatabasePlayerId(String str) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            int databasePlayerId = getDatabasePlayerId(beginWork, str);
            TransactionPool.get().commit(beginWork);
            return databasePlayerId;
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public boolean verify(SecuredLoginInfo securedLoginInfo) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            boolean verify = verify(beginWork, securedLoginInfo);
            TransactionPool.get().commit(beginWork);
            return verify;
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public boolean verifyPassword(String str, String str2) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            boolean verifyPassword = verifyPassword(beginWork, str, str2);
            TransactionPool.get().commit(beginWork);
            return verifyPassword;
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public boolean removePlayer(String str) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            boolean removePlayer = removePlayer(beginWork, str);
            TransactionPool.get().commit(beginWork);
            return removePlayer;
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public boolean isAccountCreationLimitReached(String str) throws SQLException, IOException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            boolean isAccountCreationLimitReached = isAccountCreationLimitReached(beginWork, str);
            TransactionPool.get().commit(beginWork);
            return isAccountCreationLimitReached;
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }

    @Deprecated
    public void addBan(String str, String str2, Timestamp timestamp) throws SQLException {
        DBTransaction beginWork = TransactionPool.get().beginWork();
        try {
            addBan(beginWork, str, str2, timestamp);
            TransactionPool.get().commit(beginWork);
        } catch (Throwable th) {
            TransactionPool.get().commit(beginWork);
            throw th;
        }
    }
}
