Minilogin to public server? (i'll settle for the minilogin source code)
Anyone know if it's possible to swap minilogin to a public system that compares userid/pass instead of just looking at the IP address?
I've searched all through these forums and all i can find is posts to the extent of "change minilogin to public in the SQL variables table" which doesnt do didly :P at least not for what i'm trying to do... I don't want to use the eqemulator.net public login server... i'd like to have my own login server where i can have free reign to create usernames and passwords for the player's accounts. problem is it doesnt seem like there is a way to do this using the loginserver.ini file or the server xml file... and i cant find source code for the minilogin.exe anywhere if someone has source code for the newest release (6.2 i think?) i could just modify it myself :) |
source code for minilogin was never released to the public and never will be most likely.
|
oh super...
so uh... i mean i get the whole security risk to all the EQEMU servers out there if the code was released... but then why not release 2 builds of it? one that uses IP address and 1 that uses the userid/password fields to authenticate? The minilogin system doesnt seem like it's all that complicated... it accesses the mysql db, runs: SELECT * FROM `account` WHERE `minilogin_ip` = 'currentip'; or somethin similar to get the account info... if no result is returned it spits out the invalid account opcode to the client and resumes the process of sitting there being happy till the next client comes along... wouldnt be all that hard to change it to selecting the row based on userid instead of minilogin_ip and comparing the password with the one returned... or if we really wanted to be efficient... just select with both the userid and password... then u dont even have to change the rest of the code. :) if the dev team is too busy to do it... then lemme know how to get in touch with em and i'll do it :D |
actually after watching the minilogin and world.exe windows while logging in...
it seems minilogin doesnt actually check anything at all... you can connect to it from any computer with any username and any password and it allows you in... world.exe actually checks your ip address against the database and gets your account information from that... which is fine really... what we need to do now is change minilogin to check the user/pass and then modify the IP address in the database accordingly... this way a player has to actually have an account to play on the server, but the server will still compare by IP address to ensure that only 1 account per IP can be used (which i think is the way most server admins would prefer it... but I may be wrong) If any of the dev's come through here and see this... any chance of a PM or something so I can help out? |
This topic has been beaten to death, and the only results you might get are terse "no" responses. Due to the securities issue, I am confident Minilogin.exe is as it is, forever. Might be one of the only things holding back SOE from swinging through here with a wrecking ball, is the devs refusal to release that source.
|
Nonono :P I'm not asking to release the source to the public...
I'm asking to join the dev team and fix it myself to release an updated binary to the public :) IMO PEQ admins should have the ability to choose whether to base accounts on IP or login info... what happens when you have a family of former EQ-ers who want to play on a PEQ server? You have to politely, yet regretfully, inform them that the server only supports authentication by IP address, not by username/password... wouldnt be that hard to add a variable to the database to switch world.exe from checking IP to username/password, then world.exe and minilogin.exe can both read the variable and act accordingly. |
minilogin checks IP, public login checks user / pass.
Thats the way it is, thats the way it will always be. There are reasons for this, many of them, all already covered in threads just like this one. |
when you say public login... you are referring to the login hosted on eqemulator.net right?
im suggesting the editing and release of a new minilogin so that users can host their own login server and not have to rely on eqemulator's login server for their connections as it stands say i host a server on my home network... i can DMZ, set port forwarders etc etc etc till im blue in the face, but the eqemu server will still read incoming connections as 192.168.0.1 from the router... there is no way around it (trust me i tried :P) and i know there's gotta be a ton of people out there who have taken the time to learn eqemu, php, mysql, perl, and all the other stuff only to get the server running and *sigh* when they realize they cant play with 10 of their buddies at the same time because their router prevents it. i just feel it would be worth the couple days of coding to release a minilogin/world.exe that checked accounts off username/password i mean yeah i know the client software encrypts them before sending to the server... but it's not like we would be allowing people to edit the minilogin source to see the encryption used :) |
Allowing anyone to host a login server is a bad idea for many reasons and will not happen.
|
You CAN host a public server with the minilogin, I have been doing it and will always be doing it. Actually it is quite easy and gives you more control over who gets on your server and who does not. You start with DMZing or opening ports for the computer you want to run the server and then get the IPs of all the friends you want to join you, if they do not have static IPs then get them to use NOIP, And then put those IPs in the minilogin ip colum of your database, then they can connect... No problems doing it that way for me anyway. If you DMZ the computer just make sure to have good antivirus and a firewall running. The only problem with it is if two friends are coming from one IP they have to learn to share an account , so instead of eight characters they can each make 4.....unless one person is much bigger then the other then he can make 7 and the other person 1, lol well you get the picture.
|
Quote:
What's NOIP ( Like dyndns.org)? , I bet we can come up with a script that detects who is where, and will translate/change IP entry in the database. |
It sounds like dyndns is like NOIP which can be checked out at NOIP LINK . I have never had used either of them myself but its a way to get a static IP if you have a dynamic one. You can still let people in with dynamic IPs but its a pain having to keep changing them. I am not sure if you can come up with some kind of script as it is you have to reboot your server whenever you add a new IP or change an existing one before the change takes effect.
|
I'm still not sure what the fuss is all about. Put up a public server, lock it, and add user accounts who wish to play on your server using a specific status level. If you are capable of writing a new minilogin server completely, you are capable of editing the minimum status allowed into a locked server.
I too was boggled by the fact I *had* to use eqemulator.net as a login server publicly (outside my LAN), but have since learned why and accept that. I guess I just don't need to be hidden or that private. |
Sakrateri;
Is your EqEmu server Linux or Windows? |
Here's the solution to this problem temporarily.
Dowload the zip file with peq_updater.php and eqhost.txt file, install them on a webserver. Modify the variables in the php file to your MySQL server information. Read the info in the header of the php document to learn how this works. I will not be providing support for this utility, but feel free to post bugs and whatnot here for as long as the moderators wish to allow it. You should already have PHP/MySQL installed if you are using the PEQ Editor on your system. Download Zip File Download RAR File edit: added rar file for people who prefer it. |
Windows XP
|
Thanks Aerewen, very nice - I'll be testing it and tell you how it went. My big interest was to have something fairly secure, and is why I asked what OS Sakrateri was running under. It's a lot easier to do something secure under Linux.
BtW Sakrateri, I tested and you don't have to reboot server ; I logged one of my accounts, then switched to another Via Database by changing IP's and it worked fine. |
Quote:
|
I put it all in, but all I get is a blank page for peq_updater.php.
|
version of php, mysql, and apache please :)
and ill check the code for compatibility |
haha nvm found the problem... i forgot to put an = sign in the servername line
u should be gtg now i tested it again and it works fine. :P just make sure to update the server information in both the peq_updater.php and eqhost.txt files and place them in the same directory. edit: the rar and zip's have been re-uploaded with the new version |
PHP = 5.0.4
MySQL = 5.0.24a Apache = 2.0.54 EDIT: I just saw your last post - thanks |
Damn! very, very cool - my hat's off to you!
Here's some extra pointers for anyone else who wants to try this; make a separate directory for this php and rename it "index.php" that's because inside the php, it refers to "index.php" all the time. or you have to rename all the references to index.php to what the file name currently is (peq_updater.php). If you want more security, you can make a new MySql account for this php and only give priv to the account table of your database. Really works great! If you can get this running, you need look no more, if this is what you want. Thanks! :) |
all i can say is :D
it's a simple script too :p just kinda dawned on me the one morning (pun intended lol)... i was like hey wait a sec... php can detect ip addresses... and after the hamster got back on the wheel... tadaa script was born :p Feel free to re-host the zips on the eqemu site and wiki them if you like... theres really nothing that will need updating on this... for a loooooong time :) |
There always has to be someone with a problem lol , well here is mine
This is what I get when I hit the Login/create account key Code:
Warning: mysql_connect(): Can't connect to MySQL server on 'localhost' (10061) in e:\program files\easyphp1-8\www\updater\index.php on line 119 |
Quote:
Did you edit the peq_updater.php file and change the login settings to yours? |
yes I did, I believe it is trying to use the MYSQL database that was installed with apache automatically when I installed easyphp, Any easy way for me to direct apache to my MYSQL that I use for eqemu? I Put For: DB_ADDY = "localhost"; . Mabey I should put the actual IP and a port number?
|
Ok, I put the address and port number and now Im getting this
Code:
Warning: mysql_connect(): Host 'gameserver.launchmodem.com' is not allowed to connect to this MySQL server in e:\program files\easyphp1-8\www\updater\index.php on line 119think im getting somewhere, lol not sure where |
Here's all my files tested and working -
Note: blackwater.dynip.com is the dynamic dns I used for resolving my ip address. Also, I have a dedicated MySql server on another machine in my LAN, so I specify the IP where needed. eqhost.txt on client; Code:
LoginServer]Code:
<?xml version="1.0">Code:
[LoginServer]Code:
*/Code:
3306/udp 5999/udp 9000/udp 7000:7010/udp 3306/tcp 5999/tcp 7000:7010/tcpIt looks like your MySql Server is not permiting your PhP setup to access it, maybe your webserver is somewhere else and you need to add the host in the Mysql user list? |
Ok Aerewen , I just gotta say you are AWSOME, its working and now I can enjoy a little bit more of that flavor known as freedom :) This is just way to cool !! I think this may be even better then the real login as now it checks your Account name, Password AND IP !! Damnit man did I say your AWSOME? well thank you so much for this ....its rocks !!
P.S And thanks for your Help Angel , Your Awsome too ! |
Somethng funny here. When a person first makes an account it wants to put the first number of the IP in the revoked column and then nothing in the IP column but when they do it a second time it puts the entire IP in the IP column correctly but the number that was put in the revoked column is still there.... I dont even know what the revoked column is for lol...
|
I'm attempting to get this to work on my systems now (and I'll try not to ask for support, hehe), but here's a functionality question that I'll toss out while I work...
With this script, can I 2-box on Minilogin (obviously, 2 accts with the same IP)? Because currently, no matter how clever I think I am, Minilogin doesn't seem to give a rats ass about account name at all - only IP - which I believe is the base issue most have with Minilogin. Everyone touts that it only uses account name and IP - but if that were true, I could have 12 accounts with the same IP, and see my chars. I do see Minilogin handing off the right Acct # from IP (blah) to World.exe, but when I get inside, all I see is 1 guys toons. Any idea if this script will help us lonely boxers? |
Quote:
|
Yes, I am boxing off the same machine. What happens currently (not using this script) is if you have 2 accts with the same IP, I think the Db search stops at the first match of IP it finds (doesn't consider the account name at all, I am sure). Even without 2 boxing. Set up 2+ accts with the same IP in your database, log one in, see the toons. Then, log out - and log in the second acct from the same machine. You'll see the first guys toons again.
So even before trying to 'box', I am having an issue with same-IP. Which I am hoping this tool might help with - but I am thinking, if it doesn't change the first accts IP, it won't solve my problem. (btw, I don't seem to have this problem with Public, but I don't have access to that atm ~cry~) |
I would only use it with friends for now, as I can already see a few issues. For example, Maybe it could be fixed to where one IP can only have three accounts made in a session. You could end up with your accounts getting spammed with accountnames.
Also, you should make a "blank" account with a specific password, in case someone just presses the "enter" key- I already did this, and made a blank account with a blank PW. If it has a password, they will get an error. |
Quote:
This php sort of "knows" what belongs to who. |
no you will not be able to 2-box with this script... the eqemu server bases account id on IP address so if you change the ip address even after logged in you will either a) change accounts, b) crash the server, or c) crash the zone you are in
i should mention that this script was written based on the modified ax_peq database i'm using, i dont know offhand if the account table has a different number of columns than the default peq databases... but that could cause login problems for some servers. |
oh on a side note you definitely cannot 2-box with this script...
when a player logs in their account it automatically changes all other account rows with their ip address to use the ip of 0.0.0.0 this was done to prevent crashes on the server side from having multiple accounts active using the same IP but this also provides for a nifty little feature... your GM's can have one login/password for their GM account and another login/password for their regular account. then they can use this tool to swap between accounts to go play as a normal player with 0 access flags to GM commands since it will erase their IP from whichever account they did not log in from. Also for long term use, players can actually create more than just one account worth of characters on the server. So we arent limiting them to selecting just some of the classes. they can make an account, fill it up with toons, and come back to make a new account, then fill that one up as well :p |
I realize you said no support so I am just throwing this out for the general public, Mabey someone else has experienced this and knows a fix. When someone first creates an account it sets the password as 0 in the database instead of what they wanted, If I manually put a password in and tell them what it is then it is fine after that .. Any ideas? and that is a 0 not an O that its making.
|
Nice Work!!
Just wanted to say thanks for the script, it is cleaver. I am running EQemu from behind a 2 firewalls using nat / port forwarding and it all works fine. Just what the doctor ordered lol!
|
| All times are GMT -4. The time now is 02:36 PM. |
Powered by vBulletin®, Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.