Exploits that let you know if a player or GM is on

Originally posted by [b]Daegaladh[/b]
[url="http://www.eathena.ws/board/index.php?autocom=bugtracker&showbug=4863"]http://www.eathena.w...er&showbug=4863[/url]

There exploits allows a normal player to know if another player is on without that player realized.
Some of my users was using one of theres exploits to know when the GMs are on or not and bother them.

There are 3 of them:

[size=3][b]Exploit 1:[/b][/size]
-You're in a party and you're not the leader
-Use /invite to the character you want to know if is on or not
-If is OFF you'll receive "player is offline or do not exist", if is ON you'll receive "You need to be a party leader to use this command."

[b]How to fix:[/b]

party.c
[codebox]int party_invite(struct map_session_data *sd,struct map_session_data *tsd)
{
struct party_data *p;
int i,flag=0;

nullpo_ret(sd);
if( ( p = party_search(sd->status.party_id) ) == NULL )
return 0;
+ //Only leader can invite.
+ ARR_FIND(0, MAX_PARTY, i, p->data[i].sd == sd);
+ if (i == MAX_PARTY || !p->party.member[i].leader)
+ { //TODO: Find the correct reply packet.
+ clif_displaymessage(sd->fd, msg_txt(282));
+ return 0;
+ }
if( tsd == NULL) { //TODO: Find the correct reply packet.
clif_displaymessage(sd->fd, msg_txt(3));
return 0;
}

...

//Likewise, as long as gm_can_party is off, players can't invite GMs.
clif_displaymessage(sd->fd, msg_txt(81));
return 0;
}

- //Only leader can invite.
- ARR_FIND(0, MAX_PARTY, i, p->data[i].sd == sd);
- if (i == MAX_PARTY || !p->party.member[i].leader)
- { //TODO: Find the correct reply packet.
- clif_displaymessage(sd->fd, msg_txt(282));
- return 0;
- }

if(!battle_config.invite_request_check) {
if (tsd->guild_invite>0 || tsd->trade_partner || tsd->adopt_invite) {
clif_party_inviteack(sd,tsd->statu[/codebox]


[size=3][b]Exploit 2:[/b][/size]
-You're the leader of a party and your party is full
-Use /invite to the character you want to know if is on or not
-If is OFF you'll receive "player is offline or do not exist", if is ON you'll receive "Your party is full."

[b]How to fix:[/b]

party.c
[codebox]int party_invite(struct map_session_data *sd,struct map_session_data *tsd)
{
struct party_data *p;
int i,flag=0;

nullpo_ret(sd);
if( ( p = party_search(sd->status.party_id) ) == NULL )
return 0;
+ for(i=0;i<MAX_PARTY;i++){
+ if(p->party.member[i].account_id == 0) //Room for a new member.
+ flag = 1;
+ /* By default Aegis BLOCKS more than one char from the same account on a party.
+ * But eA does support it... so this check is left commented.
+ if(p->party.member[i].account_id==tsd->status.account_id)
+ {
+ clif_party_inviteack(sd,tsd->status.name,4);
+ return 0;
+ }
+ */
+ }
+ if (!flag) { //Full party.
+ clif_party_inviteack(sd,tsd->status.name,3);
+ return 0;
+ }
if( tsd == NULL) { //TODO: Find the correct reply packet.
clif_displaymessage(sd->fd, msg_txt(3));
return 0;
}

...

if( tsd->status.party_id > 0 || tsd->party_invite > 0 )
{// already associated with a party
clif_party_inviteack(sd,tsd->status.name,0);
return 0;
}
- for(i=0;i<MAX_PARTY;i++){
- if(p->party.member[i].account_id == 0) //Room for a new member.
- flag = 1;
- /* By default Aegis BLOCKS more than one char from the same account on a party.
- * But eA does support it... so this check is left commented.
- if(p->party.member[i].account_id==tsd->status.account_id)
- {
- clif_party_inviteack(sd,tsd->status.name,4);
- return 0;
- }
- */
- }
- if (!flag) { //Full party.
- clif_party_inviteack(sd,tsd->status.name,3);
- return 0;
- }

tsd->party_invite=sd->status.party_id;
tsd->party_invite_account=sd->status.account_id;[/codebox]


[size=3][b]Exploit 3:[/b][/size]
-You need to have your friend list full
-Turn on the chat 1:1 to non-friends
-Whisper the player you want to know is on or off when you're sure he's off
-Let the window 1:1 of that player opened
-Right click on the window and add to friend list
-If player is ON you'll receive "you're friend list is full", if is OFF you'll receive "player is offline or do not exist"

[b]How to fix:[/b]

clif.c
[codebox]void clif_parse_FriendsListAdd(int fd, struct map_session_data *sd)
{
struct map_session_data *f_sd;
int i, f_fd;

f_sd = map_nick2sd((char*)RFIFOP(fd,2));

+ // Friend already exists
+ for (i = 0; i < MAX_FRIENDS && sd->status.friends[i].char_id != 0; i++) {
+ if (sd->status.friends[i].char_id == f_sd->status.char_id) {
+ clif_displaymessage(fd, "Ese amigo ya está registrado.");
+ return;
+ }
+ }
+
+ if (i == MAX_FRIENDS) {
+ //No space, list full.
+ clif_friendslist_reqack(sd, f_sd, 2);
+ return;
+ }

// Friend doesn't exist (no player with this name)
if (f_sd == NULL) {

...

// @noask [LuzZza]
if(f_sd->state.noask) {
clif_noask_sub(sd, f_sd, 5);
return;
}

- // Friend already exists
- for (i = 0; i < MAX_FRIENDS && sd->status.friends[i].char_id != 0; i++) {
- if (sd->status.friends[i].char_id == f_sd->status.char_id) {
- clif_displaymessage(fd, "Friend already exists.");
- return;
- }
- }
-
- if (i == MAX_FRIENDS) {
- //No space, list full.
- clif_friendslist_reqack(sd, f_sd, 2);
- return;
- }

f_fd = f_sd->fd;
WFIFOHEAD(f_fd,packet_len(0x207));[/codebox]