c# - Server not picking up information from database and passing it to client -
i trying server sso logged in user (web) , pass as3 client.
if set specific sso in client (bellow) server picks user database.
currently error: error 1: have invalid sso ticket. please re-login , reload.
package { import com.archicruise.external.roommanager; import com.archicruise.server.connection; import flash.display.bitmap; import flash.display.bitmapdata; import flash.display.loaderinfo; import flash.display.sprite; import flash.events.event; import flash.system.security; import flash.system.system; public class main extends sprite { [embed(source = '../assets/client_back.png')] private static const clientbackimage:class; public static var site_url:string = "http://localhost/archicruise/"; public var roomloader:roommanager; private var connection:connection; public function main():void { if (stage) init(); else addeventlistener(event.added_to_stage, init); } private function init(e:event = null):void { removeeventlistener(event.added_to_stage, init); //add client background addchild(new clientbackimage() bitmap); //got sso ticket? var ssoticket:string = loaderinfo(this.root.loaderinfo).parameters["sso"]; if (ssoticket == "" || ssoticket == null) ssoticket = "2e44550b0d6e98cc9f26c39e53213e24"; //initialize connection security.allowdomain("*"); connection = new connection("localhost", 9339, this, ssoticket);; } } } i getting ssoticket value after user logs website , launches page swf so:
var flashvars = { sso: "<?php echo $self['sso_ticket']; ?>" }; the handler server:
using system; using system.collections.generic; using system.linq; using system.text; using particleframework.communication; using particleframework.storage; using particleframework; using mysql.data.mysqlclient; using archicruise.rooms; namespace archicruise.users { static class handler { public static list<userobject> clientobjects = new list<userobject>(); public static void login(string ssoticket, tcpclient client) { if (ssoticket == "") { client.disconnect(); return; } log.info("client " + client.index + " logging in sso: " + ssoticket); if (dbmanager.database.getstring("select count(*) users` sso_ticket '%" + ssoticket.trim() + "%'") != "0") { dbmanager.database.closeclient(); //build user object userobject userobject = newobject(ssoticket, client); foreach (userobject user in clientobjects) { if (user.username == userobject.username) { user.tcpclient.disconnect(); } } if (clientobjects.count <= client.index || clientobjects[client.index] == null) { client.userobject = userobject; clientobjects.add(userobject); } else { client.userobject = userobject; clientobjects[client.index] = userobject; } client.senddata("lo" + (char)13 + userobject.toprivate()); dbmanager.database.closeclient(); } else { dbmanager.database.closeclient(); client.senddata("er 1: have invalid sso ticket. please re-login , reload."); } } public static void toall(string data) { foreach (userobject user in clientobjects) { user.tcpclient.senddata(data); } } public static void toall(string data, boolean disconnect) { foreach (userobject user in clientobjects) { user.tcpclient.senddata(data); if (disconnect) user.tcpclient.disconnect(); } } public static void touser(string data, string uname) { foreach (userobject user in clientobjects) { if (user.username.tolower() == uname.tolower()) { user.tcpclient.senddata(data); } } } public static void touser(string data, string uname, boolean disconnect) { foreach (userobject user in clientobjects) { if (user.username.tolower() == uname.tolower()) { user.tcpclient.senddata(data); if (disconnect) { user.tcpclient.disconnect(); } } } } public static void toroom(int roomid, tcpclient client) { if (clientobjects.count >= client.index && client.userobject.roomid != roomid) { log.info("client " + client.index + " going public room " + roomid); if (dbmanager.database.getstring("select count(*) `public` `id` = '" + roomid + "';") != "0") { dbmanager.database.closeclient(); //kick plz if (client.userobject.roomid > 0) { client.userobject.toroom("ko " + client.userobject.username); } //update user object mysqldatareader mysqlread = dbmanager.database.getcommand("select * `public` `id` = '" + roomid + "' limit 1").executereader(); mysqlread.read(); client.userobject.toroom(roomid, convert.toint32(mysqlread["startpos"].tostring().split(',')[0]), convert.toint32(mysqlread["startpos"].tostring().split(',')[1])); client.senddata("ro" + mysqlread["layout"].tostring() + (char)13 + mysqlread["name"].tostring() + (char)13 + (char)12 + mysqlread["heightmap"].tostring() + (char)12 + mysqlread["warps"].tostring()); dbmanager.database.closeclient(); } else { dbmanager.database.closeclient(); client.senddata("er 1: have invalid sso ticket. please re-login , reload."); } } } public static void moveuser(tcpclient client, int _x, int _y) { client.userobject.x = _x; client.userobject.y = _y; client.userobject.toroom("mv " + client.userobject.username + " " + _x + " " + _y); } public static void sendnavigationlist(tcpclient client, int pub) { string nlist = "nv" + (char)13; mysqldatareader mysqlread = dbmanager.database.getcommand("select * `public` `show` = 'yes' , `public` = '" + pub + "'").executereader(); while (mysqlread.read()) { nlist += mysqlread["id"].tostring() + (char)14 + mysqlread["name"].tostring() + (char)13; } dbmanager.database.closeclient(); client.senddata(nlist); } public static void senduserlist(tcpclient client) { string userlist = "ue" + (char)13; client.userobject.toroom("ul" + (char)13 + client.userobject.tostring()); foreach (userobject user in clientobjects) { if (user.roomid == client.userobject.roomid && user.tcpclient != null) { if (user.username != client.userobject.username && !userlist.contains(user.username + "@")) { userlist += user.tostring(); } } } client.senddata(userlist); //send room object client.senddata("rb" + (char)13 + roomobjects.buildobjects(client.userobject.roomid)); } public static userobject newobject(string ssoticket, tcpclient tclient) { mysqldatareader mysqlread = dbmanager.database.getcommand("select * `users` `sso_ticket` = '" + ssoticket + "' limit 1").executereader(); mysqlread.read(); return new userobject(mysqlread["name"].tostring(), convert.toint32(mysqlread["rank"]), convert.toint32(mysqlread["credits"]), tclient); } } } requested dbmanager class
using system; using system.collections.generic; using system.linq; using system.text; using system.threading; namespace particleframework.storage { static class dbmanager { public static database database; public static boolean initialize(string type, string user, string pass, string host, string dbname) { switch (type) { case "sql": database = new mysql(); break; default: log.error("invalid database type! (" + type + ")"); break; } if (database != null) { return database.connect(user, pass, dbname, host); } else { return false; } } } } mysql class
using system; using system.collections.generic; using system.linq; using system.text; using mysql.data.mysqlclient; namespace particleframework.storage { class mysql : database { private mysqlconnection connection; public boolean connect(string username, string password, string database, string host) { try { connection = new mysqlconnection(buildconnectionstring(username, password, database, host)); console.writeline("database connected. running test query..."); getstring("show tables `" + database + "`"); log.info("test query succeeded. database initialized."); closeclient(); return true; } catch (exception e) { log.error("mysql connect: " + e.message); return false; } } public string getstring(string query) { try { string resultstr = getcommand(query).executescalar().tostring(); closeclient(); return resultstr; } catch (exception e) { log.error("mysql getstring: " + e.message); return ""; } } public mysqlcommand getcommand(string query) { try { if (connection.state != system.data.connectionstate.closed) { connection.close(); } mysqlcommand command = newcommand(); command.commandtext = query; connection.open(); return command; } catch (exception e) { log.error("mysql getcommand: " + e.message); return null; } } public void nocommand(string query) { try { if (connection.state != system.data.connectionstate.closed) { connection.close(); } mysqlcommand command = newcommand(); command.commandtext = query; connection.open(); command.executenonquery(); connection.close(); } catch (exception e) { log.error("mysql nocommand: " + e.message); } } public void closeclient() { try { if (connection.state == system.data.connectionstate.open) { connection.close(); } } catch (exception e) { log.error("mysql closeclient: " + e.message); } } public mysqlcommand newcommand() { try { return connection.createcommand(); } catch (exception e) { log.error("mysql newcommand: " + e.message); return null; } } public string buildconnectionstring(string username, string password, string database, string host) { return "database=" + database + ";data source=" + host + ";user id=" + username + ";password=" + password; } } } database class
using system; using system.collections.generic; using system.linq; using system.text; using mysql.data.mysqlclient; namespace particleframework.storage { interface database { boolean connect(string username, string password, string database, string host); mysqlcommand newcommand(); mysqlcommand getcommand(string query); string buildconnectionstring(string username, string password, string database, string host); string getstring(string query); void nocommand(string query); void closeclient(); } } log info after sso string change
>[1/1/0001 00:00:00] 127.0.0.1connected. full 127.0.0.1:56765 >[1/1/0001 00:00:00] got lo null client 0 >[1/1/0001 00:00:00] client 0 logging in sso: null >[error]packet handler: mysql.data.mysqlclient.mysqlexception (0x80004005): invalid attempt access field before calling read() > @ mysql.data.mysqlclient.resultset.get_item(int32 index) > @ mysql.data.mysqlclient.mysqldatareader.getfieldvalue(int32 index, boolean checknull) > @ mysql.data.mysqlclient.mysqldatareader.getvalue(int32 i) > @ mysql.data.mysqlclient.mysqldatareader.get_item(int32 i) > @ mysql.data.mysqlclient.mysqldatareader.get_item(string name) > @ archicruise.users.handler.newobject(string ssoticket, tcpclient tclient) in c:\users\daniel\desktop\ac\particle server\particle server\archicruise\users\handler.cs:line 188 > @ archicruise.users.handler.login(string ssoticket, tcpclient client) in c:\users\daniel\desktop\ac\particle server\particle server\archicruise\users\handler.cs:line 31 > @ archicruise.archicruisepackets.handle(string packet, tcpclient client) in c:\users\daniel\desktop\ac\particle server\particle server\archicruise\archicruisepackets.cs:line 23 >[1/1/0001 00:00:00] client0 disconnected , removed. tcpclient class
using system; using system.collections.generic; using system.linq; using system.text; using system.net; using system.net.sockets; namespace particleframework.communication { class tcpclient { #region required variables public socket socket; public int index; private byte[] databuffer = new byte[0x400]; private asynccallback receivecallback; private asynccallback sendcallback; #endregion #region archicruise vars public archicruise.users.userobject userobject; public string ip; #endregion public tcpclient(socket sock, int num) { index = num; socket = sock; ip = socket.remoteendpoint.tostring().split(new char[] { ':' })[0]; receivecallback = new asynccallback(this.receiveddata); sendcallback = new asynccallback(this.sentdata); this.waitfordata(); } public void disconnect() { if (socket.connected) { socket.close(); if (userobject != null) userobject.remove(); particle.server.removeclient(this); log.info("client" + this.index + " disconnected , removed."); console.writeline("client" + this.index + " disconnected."); } } private void receiveddata(iasyncresult iar) { try { int count = 0; try { count = socket.endreceive(iar); } catch { disconnect(); } stringbuilder builder = new stringbuilder(); builder.append(system.text.encoding.default.getstring(this.databuffer, 0, count)); string str = system.text.encoding.default.getstring(this.databuffer, 0, count); if (str.contains("<policy-file-requet/>")) { log.info("sending policy file client" + this.index); rawsend("<?xml version\"1.0\"?><cross-domain-policy><allow-access-from-domain=\"*\" to-ports=\"*\" /><cross-domain-policy>" + convert.tochar(0)); } else if (!(str.tostring() == "")) { string packet = str.substring(0, str.length - 1); //packet = archicruise.security.encryption.decrypt(packet); log.info("got " + str + " client " + this.index); particle.packetclass.handle(packet, this); } else { disconnect(); } } catch (exception exception) { log.info("data recieve error: " + exception.tostring() + " " + exception.source); disconnect(); } { this.waitfordata(); } } private void waitfordata() { try { socket.beginreceive(this.databuffer, 0, this.databuffer.length, socketflags.none, this.receivecallback, socket); } catch { disconnect(); } } public void senddata(string data) { data += (char)1; rawsend(data); } internal void rawsend(string data) { try { data += "\0"; byte[] bytes = system.text.encoding.default.getbytes(data); socket.beginsend(bytes, 0, bytes.length, socketflags.none, new asynccallback(this.sentdata), null); log.info("sent " + data + " client " + this.index); } catch { disconnect(); } } private void sentdata(iasyncresult iar) { try { socket.endsend(iar); } catch { disconnect(); } } } }
i suggest use mysql orm. code error prone , highly fragile sql injection attacks.
however, error log can see not checking if sql query executed , has values in it. can if check follows:
public static userobject newobject(string ssoticket, tcpclient tclient) { string sqlquery = "select * `users` `sso_ticket` = '" + ssoticket + "' limit 1"; mysqldatareader mysqlread = dbmanager.database.getcommand( sqlquery ).executereader(); if (mysqlread.read()) // read query , check if got data { return new userobject(mysqlread["name"].tostring(), convert.toint32(mysqlread["rank"]), convert.toint32(mysqlread["credits"]), tclient); } else { log.error("sqlquery failed : " + sqlquery ); return null; //you should check returned value if null or not prevent further problems. } } with code can check if query wrong. suggest debug step step , see if variables have right values in them. check debugging in visual studio microsoft more information on debugging.
Comments
Post a Comment