From c64333d0f57c50a2519b5c631d44243ff41ca815 Mon Sep 17 00:00:00 2001
From: Michael VanOverbeek <michaelshiftos@gmail.com>
Date: Tue, 7 Mar 2017 18:43:07 +0000
Subject: [PATCH] User hacking fundamentals.

It's intentionally insecure.
---
 ShiftOS.Server/Core.cs | 86 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 86 insertions(+)

diff --git a/ShiftOS.Server/Core.cs b/ShiftOS.Server/Core.cs
index 42a9127..4ec421d 100644
--- a/ShiftOS.Server/Core.cs
+++ b/ShiftOS.Server/Core.cs
@@ -125,5 +125,91 @@ namespace ShiftOS.Server
             }
 
         }
+
+        [MudRequest("getusers", typeof(string))]
+        public static void GetAllUsers(string guid, string contents)
+        {
+            List<string> accs = new List<string>();
+            if(contents == "dead")
+            {
+                foreach(var sve in Directory.GetFiles("deadsaves"))
+                {
+                    if (sve.EndsWith(".save"))
+                    {
+                        var save = JsonConvert.DeserializeObject<Save>(File.ReadAllText(sve));
+                        accs.Add($"{save.Username}@{save.SystemName}");
+                    }
+
+                }
+            }
+            server.DispatchTo(new Guid(guid), new NetObject("h4xx0r", new ServerMessage
+            {
+                Name = "allusers",
+                GUID = "server",
+                Contents = JsonConvert.SerializeObject(accs)
+            }));
+        }
+
+        [MudRequest("mud_save_allow_dead", typeof(Save))]
+        public static void SaveDead(string guid, Save sve)
+        {
+            if(File.Exists("saves/" + sve.Username + ".save"))
+            {
+                WriteEncFile("saves/" + sve.Username + ".save", JsonConvert.SerializeObject(sve));
+            }
+            else if(File.Exists("deadsaves/" + sve.Username + ".save"))
+            {
+                File.WriteAllText("deadsaves/" + sve.Username + ".save", JsonConvert.SerializeObject(sve));
+            }
+        }
+
+        [MudRequest("get_user_data", typeof(Dictionary<string, string>))]
+        public static void GetUserData(string guid, Dictionary<string, string> contents)
+        {
+            string usr = contents["user"];
+            string sys = contents["sysname"];
+
+            foreach(var sve in Directory.GetFiles("deadsaves"))
+            {
+                if (sve.EndsWith(".save"))
+                {
+                    var saveFile = JsonConvert.DeserializeObject<Save>(File.ReadAllText(sve));
+                    if(saveFile.Username == usr && saveFile.SystemName == sys)
+                    {
+                        server.DispatchTo(new Guid(guid), new NetObject("1337", new ServerMessage
+                        {
+                            Name = "user_data",
+                            GUID = "server",
+                            Contents = JsonConvert.SerializeObject(saveFile)
+                        }));
+                    }
+                    return;
+                }
+            }
+            foreach (var sve in Directory.GetFiles("saves"))
+            {
+                if (sve.EndsWith(".save"))
+                {
+                    var saveFile = JsonConvert.DeserializeObject<Save>(ReadEncFile(sve));
+                    if (saveFile.Username == usr && saveFile.SystemName == sys)
+                    {
+                        server.DispatchTo(new Guid(guid), new NetObject("1337", new ServerMessage
+                        {
+                            Name = "user_data",
+                            GUID = "server",
+                            Contents = JsonConvert.SerializeObject(saveFile)
+                        }));
+                    }
+                    return;
+                }
+            }
+
+            server.DispatchTo(new Guid(guid), new NetObject("n07_50_1337", new ServerMessage
+            {
+                Name = "user_data_not_found",
+                GUID = "server"
+            }));
+
+        }
     }
 }