Fixed exchangeable exploit & item duplication exploit

This commit is contained in:
Beny 2019-05-15 23:39:39 +01:00
parent 566de33b6e
commit cfc6546671
14 changed files with 73 additions and 55 deletions

View File

@ -660,7 +660,7 @@ public class ItemManager
public HabboItem handleOpenRecycleBox(Habbo habbo, HabboItem box) public HabboItem handleOpenRecycleBox(Habbo habbo, HabboItem box)
{ {
Emulator.getThreading().run(new QueryDeleteHabboItem(box)); Emulator.getThreading().run(new QueryDeleteHabboItem(box.getId()));
HabboItem item = null; HabboItem item = null;
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection(); PreparedStatement statement = connection.prepareStatement("SELECT * FROM items_presents WHERE item_id = ? LIMIT 1")) try (Connection connection = Emulator.getDatabase().getDataSource().getConnection(); PreparedStatement statement = connection.prepareStatement("SELECT * FROM items_presents WHERE item_id = ? LIMIT 1"))
{ {

View File

@ -56,7 +56,7 @@ public class InteractionFXBox extends InteractionDefault
@Override @Override
public void run() public void run()
{ {
new QueryDeleteHabboItem(item).run(); new QueryDeleteHabboItem(item.getId()).run();
room.sendComposer(new RemoveFloorItemComposer(item).compose()); room.sendComposer(new RemoveFloorItemComposer(item).compose());
} }
}, 500); }, 500);

View File

@ -169,7 +169,7 @@ public class InteractionPetBreedingNest extends HabboItem
public void breed(Habbo habbo, String name, int petOneId, int petTwoId) public void breed(Habbo habbo, String name, int petOneId, int petTwoId)
{ {
Emulator.getThreading().run(new QueryDeleteHabboItem(this)); Emulator.getThreading().run(new QueryDeleteHabboItem(this.getId()));
this.setExtradata("2"); this.setExtradata("2");
habbo.getHabboInfo().getCurrentRoom().updateItem(this); habbo.getHabboInfo().getCurrentRoom().updateItem(this);

View File

@ -51,7 +51,7 @@ public class RecycleEvent extends MessageHandler
{ {
this.client.getHabbo().getInventory().getItemsComponent().removeHabboItem(item); this.client.getHabbo().getInventory().getItemsComponent().removeHabboItem(item);
this.client.sendResponse(new RemoveHabboItemComposer(item.getId())); this.client.sendResponse(new RemoveHabboItemComposer(item.getId()));
Emulator.getThreading().run(new QueryDeleteHabboItem(item)); Emulator.getThreading().run(new QueryDeleteHabboItem(item.getId()));
} }
} }
else else

View File

@ -94,7 +94,7 @@ public class CraftingCraftSecretEvent extends MessageHandler
{ {
this.client.getHabbo().getInventory().getItemsComponent().removeHabboItem(item); this.client.getHabbo().getInventory().getItemsComponent().removeHabboItem(item);
this.client.sendResponse(new RemoveHabboItemComposer(item.getId())); this.client.sendResponse(new RemoveHabboItemComposer(item.getId()));
Emulator.getThreading().run(new QueryDeleteHabboItem(item)); Emulator.getThreading().run(new QueryDeleteHabboItem(item.getId()));
} }
this.client.sendResponse(new InventoryRefreshComposer()); this.client.sendResponse(new InventoryRefreshComposer());

View File

@ -29,7 +29,7 @@ public class PostItDeleteEvent extends MessageHandler
item.setRoomId(0); item.setRoomId(0);
room.removeHabboItem(item); room.removeHabboItem(item);
room.sendComposer(new RemoveWallItemComposer(item).compose()); room.sendComposer(new RemoveWallItemComposer(item).compose());
Emulator.getThreading().run(new QueryDeleteHabboItem(item)); Emulator.getThreading().run(new QueryDeleteHabboItem(item.getId()));
} }
} }
} }

View File

@ -45,7 +45,7 @@ public class RedeemClothingEvent extends MessageHandler
this.client.getHabbo().getHabboInfo().getCurrentRoom().updateTile(tile); this.client.getHabbo().getHabboInfo().getCurrentRoom().updateTile(tile);
this.client.getHabbo().getHabboInfo().getCurrentRoom().sendComposer(new UpdateStackHeightComposer(tile.x, tile.y, tile.relativeHeight()).compose()); this.client.getHabbo().getHabboInfo().getCurrentRoom().sendComposer(new UpdateStackHeightComposer(tile.x, tile.y, tile.relativeHeight()).compose());
this.client.getHabbo().getHabboInfo().getCurrentRoom().sendComposer(new RemoveFloorItemComposer(item, true).compose()); this.client.getHabbo().getHabboInfo().getCurrentRoom().sendComposer(new RemoveFloorItemComposer(item, true).compose());
Emulator.getThreading().run(new QueryDeleteHabboItem(item)); Emulator.getThreading().run(new QueryDeleteHabboItem(item.getId()));
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection(); PreparedStatement statement = connection.prepareStatement("INSERT INTO users_clothing (user_id, clothing_id) VALUES (?, ?)")) try (Connection connection = Emulator.getDatabase().getDataSource().getConnection(); PreparedStatement statement = connection.prepareStatement("INSERT INTO users_clothing (user_id, clothing_id) VALUES (?, ?)"))
{ {

View File

@ -12,6 +12,9 @@ import com.eu.habbo.messages.outgoing.users.UserCurrencyComposer;
import com.eu.habbo.plugin.Event; import com.eu.habbo.plugin.Event;
import com.eu.habbo.plugin.events.furniture.FurnitureRedeemedEvent; import com.eu.habbo.plugin.events.furniture.FurnitureRedeemedEvent;
import com.eu.habbo.threading.runnables.QueryDeleteHabboItem; import com.eu.habbo.threading.runnables.QueryDeleteHabboItem;
import gnu.trove.set.hash.THashSet;
import java.util.ArrayList;
public class RedeemItemEvent extends MessageHandler public class RedeemItemEvent extends MessageHandler
{ {
@ -29,6 +32,7 @@ public class RedeemItemEvent extends MessageHandler
if(item != null && this.client.getHabbo().getHabboInfo().getId() == item.getUserId()) if(item != null && this.client.getHabbo().getHabboInfo().getId() == item.getUserId())
{ {
boolean furnitureRedeemEventRegistered = Emulator.getPluginManager().isRegistered(FurnitureRedeemedEvent.class, true); boolean furnitureRedeemEventRegistered = Emulator.getPluginManager().isRegistered(FurnitureRedeemedEvent.class, true);
FurnitureRedeemedEvent furniRedeemEvent = new FurnitureRedeemedEvent(item, this.client.getHabbo(), 0, FurnitureRedeemedEvent.CREDITS);
if(item.getBaseItem().getName().startsWith("CF_") || item.getBaseItem().getName().startsWith("CFC_") || item.getBaseItem().getName().startsWith("DF_") || item.getBaseItem().getName().startsWith("PF_")) if(item.getBaseItem().getName().startsWith("CF_") || item.getBaseItem().getName().startsWith("CFC_") || item.getBaseItem().getName().startsWith("DF_") || item.getBaseItem().getName().startsWith("PF_"))
{ {
@ -45,19 +49,9 @@ public class RedeemItemEvent extends MessageHandler
return; return;
} }
if(furnitureRedeemEventRegistered) furniRedeemEvent = new FurnitureRedeemedEvent(item, this.client.getHabbo(), credits, FurnitureRedeemedEvent.CREDITS);
{ }
Event furniRedeemEvent = new FurnitureRedeemedEvent(item, this.client.getHabbo(), credits, FurnitureRedeemedEvent.CREDITS); else if (item.getBaseItem().getName().startsWith("PF_"))
Emulator.getPluginManager().fireEvent(furniRedeemEvent);
if(furniRedeemEvent.isCancelled())
return;
}
this.client.getHabbo().getHabboInfo().addCredits(credits);
this.client.sendResponse(new UserCreditsComposer(this.client.getHabbo()));
} else if (item.getBaseItem().getName().startsWith("PF_"))
{ {
int pixels; int pixels;
@ -71,17 +65,7 @@ public class RedeemItemEvent extends MessageHandler
return; return;
} }
if(furnitureRedeemEventRegistered) furniRedeemEvent = new FurnitureRedeemedEvent(item, this.client.getHabbo(), pixels, FurnitureRedeemedEvent.PIXELS);
{
Event furniRedeemEvent = new FurnitureRedeemedEvent(item, this.client.getHabbo(), pixels, FurnitureRedeemedEvent.PIXELS);
Emulator.getPluginManager().fireEvent(furniRedeemEvent);
if(furniRedeemEvent.isCancelled())
return;
}
this.client.getHabbo().getHabboInfo().addPixels(pixels);
this.client.sendResponse(new UserCurrencyComposer(this.client.getHabbo()));
} }
else if (item.getBaseItem().getName().startsWith("DF_")) else if (item.getBaseItem().getName().startsWith("DF_"))
{ {
@ -108,37 +92,66 @@ public class RedeemItemEvent extends MessageHandler
return; return;
} }
if(furnitureRedeemEventRegistered) furniRedeemEvent = new FurnitureRedeemedEvent(item, this.client.getHabbo(), points, pointsType);
{
Event furniRedeemEvent = new FurnitureRedeemedEvent(item, this.client.getHabbo(), points, FurnitureRedeemedEvent.DIAMONDS);
Emulator.getPluginManager().fireEvent(furniRedeemEvent);
if(furniRedeemEvent.isCancelled())
return;
}
this.client.getHabbo().givePoints(pointsType, points);
} }
else if (item.getBaseItem().getName().startsWith("CF_diamond_")) else if (item.getBaseItem().getName().startsWith("CF_diamond_"))
{ {
int points;
try try
{ {
this.client.getHabbo().givePoints(Integer.valueOf(item.getBaseItem().getName().split("_")[2])); points = Integer.valueOf(item.getBaseItem().getName().split("_")[2]);
} }
catch (Exception e) catch (Exception e)
{ {
Emulator.getLogging().logErrorLine("Failed to parse redeemable diamonds furniture: " + item.getBaseItem().getName() + ". Must be in format of CF_diamond_<amount>"); Emulator.getLogging().logErrorLine("Failed to parse redeemable diamonds furniture: " + item.getBaseItem().getName() + ". Must be in format of CF_diamond_<amount>");
return; return;
} }
furniRedeemEvent = new FurnitureRedeemedEvent(item, this.client.getHabbo(), points, FurnitureRedeemedEvent.DIAMONDS);
} }
if(furnitureRedeemEventRegistered)
{
Emulator.getPluginManager().fireEvent(furniRedeemEvent);
if(furniRedeemEvent.isCancelled())
return;
}
if(furniRedeemEvent.amount < 1)
return;
if(room.getHabboItem(item.getId()) == null) // plugins may cause a lag between which time the item can be removed from the room
return;
room.removeHabboItem(item); room.removeHabboItem(item);
room.sendComposer(new RemoveFloorItemComposer(item).compose()); room.sendComposer(new RemoveFloorItemComposer(item).compose());
RoomTile t = room.getLayout().getTile(item.getX(), item.getY()); RoomTile t = room.getLayout().getTile(item.getX(), item.getY());
t.setStackHeight(room.getStackHeight(item.getX(), item.getY(), false)); t.setStackHeight(room.getStackHeight(item.getX(), item.getY(), false));
room.updateTile(t); room.updateTile(t);
room.sendComposer(new UpdateStackHeightComposer(item.getX(), item.getY(), t.relativeHeight()).compose()); room.sendComposer(new UpdateStackHeightComposer(item.getX(), item.getY(), t.relativeHeight()).compose());
Emulator.getThreading().run(new QueryDeleteHabboItem(item)); Emulator.getThreading().run(new QueryDeleteHabboItem(item.getId()));
switch(furniRedeemEvent.currencyID) {
case FurnitureRedeemedEvent.CREDITS:
this.client.getHabbo().getHabboInfo().addCredits(furniRedeemEvent.amount);
this.client.sendResponse(new UserCreditsComposer(this.client.getHabbo()));
break;
case FurnitureRedeemedEvent.DIAMONDS:
this.client.getHabbo().givePoints(furniRedeemEvent.amount);
break;
case FurnitureRedeemedEvent.PIXELS:
this.client.getHabbo().getHabboInfo().addPixels(furniRedeemEvent.amount);
this.client.sendResponse(new UserCurrencyComposer(this.client.getHabbo()));
break;
default:
this.client.getHabbo().givePoints(furniRedeemEvent.currencyID, furniRedeemEvent.amount);
break;
}
} }
} }
} }

View File

@ -97,7 +97,7 @@ public class ToggleFloorItemEvent extends MessageHandler
//Do not move to onClick(). Wired could trigger it. //Do not move to onClick(). Wired could trigger it.
if(item instanceof InteractionMonsterPlantSeed) if(item instanceof InteractionMonsterPlantSeed)
{ {
Emulator.getThreading().run(new QueryDeleteHabboItem(item)); Emulator.getThreading().run(new QueryDeleteHabboItem(item.getId()));
int rarity = 0; int rarity = 0;
if (item.getExtradata().isEmpty()) rarity = InteractionMonsterPlantSeed.randomRarityLevel(); if (item.getExtradata().isEmpty()) rarity = InteractionMonsterPlantSeed.randomRarityLevel();
else else

View File

@ -70,7 +70,7 @@ public class PetPackageNameEvent extends MessageHandler
pet.needsUpdate = true; pet.needsUpdate = true;
pet.getRoomUnit().setLocation(room.getLayout().getTile(item.getX(), item.getY())); pet.getRoomUnit().setLocation(room.getLayout().getTile(item.getX(), item.getY()));
pet.getRoomUnit().setZ(item.getZ()); pet.getRoomUnit().setZ(item.getZ());
Emulator.getThreading().run(new QueryDeleteHabboItem(item)); Emulator.getThreading().run(new QueryDeleteHabboItem(item.getId()));
room.removeHabboItem(item); room.removeHabboItem(item);
room.sendComposer(new RemoveFloorItemComposer(item).compose()); room.sendComposer(new RemoveFloorItemComposer(item).compose());
RoomTile tile = room.getLayout().getTile(item.getX(), item.getY()); RoomTile tile = room.getLayout().getTile(item.getX(), item.getY());

View File

@ -103,7 +103,7 @@ public class PetUseItemEvent extends MessageHandler
Emulator.getThreading().run(pet); Emulator.getThreading().run(pet);
this.client.getHabbo().getHabboInfo().getCurrentRoom().sendComposer(new RoomPetHorseFigureComposer((HorsePet) pet).compose()); this.client.getHabbo().getHabboInfo().getCurrentRoom().sendComposer(new RoomPetHorseFigureComposer((HorsePet) pet).compose());
this.client.getHabbo().getHabboInfo().getCurrentRoom().sendComposer(new RemoveFloorItemComposer(item).compose()); this.client.getHabbo().getHabboInfo().getCurrentRoom().sendComposer(new RemoveFloorItemComposer(item).compose());
Emulator.getThreading().run(new QueryDeleteHabboItem(item)); Emulator.getThreading().run(new QueryDeleteHabboItem(item.getId()));
} }
} }
else if (pet instanceof MonsterplantPet) else if (pet instanceof MonsterplantPet)
@ -124,7 +124,7 @@ public class PetUseItemEvent extends MessageHandler
this.client.getHabbo().getHabboInfo().getCurrentRoom().updateTiles(room.getLayout().getTilesAt(room.getLayout().getTile(item.getX(), item.getY()), item.getBaseItem().getWidth(), item.getBaseItem().getLength(), item.getRotation())); this.client.getHabbo().getHabboInfo().getCurrentRoom().updateTiles(room.getLayout().getTilesAt(room.getLayout().getTile(item.getX(), item.getY()), item.getBaseItem().getWidth(), item.getBaseItem().getLength(), item.getRotation()));
AchievementManager.progressAchievement(this.client.getHabbo(), Emulator.getGameEnvironment().getAchievementManager().getAchievement("MonsterPlantHealer")); AchievementManager.progressAchievement(this.client.getHabbo(), Emulator.getGameEnvironment().getAchievementManager().getAchievement("MonsterPlantHealer"));
pet.getRoomUnit().removeStatus(RoomUnitStatus.GESTURE); pet.getRoomUnit().removeStatus(RoomUnitStatus.GESTURE);
Emulator.getThreading().run(new QueryDeleteHabboItem(item)); Emulator.getThreading().run(new QueryDeleteHabboItem(item.getId()));
} }
} }
else if (item.getBaseItem().getName().equalsIgnoreCase("mnstr_fert")) else if (item.getBaseItem().getName().equalsIgnoreCase("mnstr_fert"))
@ -143,7 +143,7 @@ public class PetUseItemEvent extends MessageHandler
this.client.getHabbo().getHabboInfo().getCurrentRoom().updateTiles(room.getLayout().getTilesAt(room.getLayout().getTile(item.getX(), item.getY()), item.getBaseItem().getWidth(), item.getBaseItem().getLength(), item.getRotation())); this.client.getHabbo().getHabboInfo().getCurrentRoom().updateTiles(room.getLayout().getTilesAt(room.getLayout().getTile(item.getX(), item.getY()), item.getBaseItem().getWidth(), item.getBaseItem().getLength(), item.getRotation()));
pet.getRoomUnit().removeStatus(RoomUnitStatus.GESTURE); pet.getRoomUnit().removeStatus(RoomUnitStatus.GESTURE);
pet.cycle(); pet.cycle();
Emulator.getThreading().run(new QueryDeleteHabboItem(item)); Emulator.getThreading().run(new QueryDeleteHabboItem(item.getId()));
} }
} }
else if (item.getBaseItem().getName().startsWith("mnstr_rebreed")) else if (item.getBaseItem().getName().startsWith("mnstr_rebreed"))
@ -167,7 +167,7 @@ public class PetUseItemEvent extends MessageHandler
this.client.getHabbo().getHabboInfo().getCurrentRoom().sendComposer(new PetStatusUpdateComposer(pet).compose()); this.client.getHabbo().getHabboInfo().getCurrentRoom().sendComposer(new PetStatusUpdateComposer(pet).compose());
this.client.getHabbo().getHabboInfo().getCurrentRoom().updateTiles(room.getLayout().getTilesAt(room.getLayout().getTile(item.getX(), item.getY()), item.getBaseItem().getWidth(), item.getBaseItem().getLength(), item.getRotation())); this.client.getHabbo().getHabboInfo().getCurrentRoom().updateTiles(room.getLayout().getTilesAt(room.getLayout().getTile(item.getX(), item.getY()), item.getBaseItem().getWidth(), item.getBaseItem().getLength(), item.getRotation()));
pet.getRoomUnit().removeStatus(RoomUnitStatus.GESTURE); pet.getRoomUnit().removeStatus(RoomUnitStatus.GESTURE);
Emulator.getThreading().run(new QueryDeleteHabboItem(item)); Emulator.getThreading().run(new QueryDeleteHabboItem(item.getId()));
} }
} }
} }

View File

@ -53,7 +53,7 @@ public class OpenGift implements Runnable
this.habbo.getClient().sendResponse(new InventoryRefreshComposer()); this.habbo.getClient().sendResponse(new InventoryRefreshComposer());
Emulator.getThreading().run(new QueryDeleteHabboItem(this.item)); Emulator.getThreading().run(new QueryDeleteHabboItem(this.item.getId()));
Emulator.getThreading().run(new RemoveFloorItemTask(this.room, this.item), this.item.getBaseItem().getName().contains("present_wrap") ? 5000 : 0); Emulator.getThreading().run(new RemoveFloorItemTask(this.room, this.item), this.item.getBaseItem().getName().contains("present_wrap") ? 5000 : 0);
if (inside != null) if (inside != null)

View File

@ -56,7 +56,7 @@ public class PetEatAction implements Runnable
{ {
if (this.food != null && Integer.valueOf(this.food.getExtradata()) == this.food.getBaseItem().getStateCount()) if (this.food != null && Integer.valueOf(this.food.getExtradata()) == this.food.getBaseItem().getStateCount())
{ {
Emulator.getThreading().run(new QueryDeleteHabboItem(this.food), 500); Emulator.getThreading().run(new QueryDeleteHabboItem(this.food.getId()), 500);
if (this.pet.getRoom() != null) if (this.pet.getRoom() != null)
{ {
this.pet.getRoom().removeHabboItem(this.food); this.pet.getRoom().removeHabboItem(this.food);

View File

@ -9,11 +9,16 @@ import java.sql.SQLException;
public class QueryDeleteHabboItem implements Runnable public class QueryDeleteHabboItem implements Runnable
{ {
private final HabboItem item; private final int itemId;
public QueryDeleteHabboItem(int itemId)
{
this.itemId = itemId;
}
public QueryDeleteHabboItem(HabboItem item) public QueryDeleteHabboItem(HabboItem item)
{ {
this.item = item; this.itemId = item.getId();
} }
@Override @Override
@ -21,7 +26,7 @@ public class QueryDeleteHabboItem implements Runnable
{ {
try (Connection connection = Emulator.getDatabase().getDataSource().getConnection(); PreparedStatement statement = connection.prepareStatement("DELETE FROM items WHERE id = ?")) try (Connection connection = Emulator.getDatabase().getDataSource().getConnection(); PreparedStatement statement = connection.prepareStatement("DELETE FROM items WHERE id = ?"))
{ {
statement.setInt(1, this.item.getId()); statement.setInt(1, this.itemId);
statement.execute(); statement.execute();
} }
catch (SQLException e) catch (SQLException e)