• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

Possible Block Account ID 1

S

SaadPro

Member
Joined
Dec 25, 2022
Messages
37
Reaction score
18
Location
Egypt
Any way to block 1/1 account access on website?

That way they can change password, delete, create new characters (NOTE: Latest version of myaac, I'm using otx
Post automatically merged:

And keep account manager works {Myaac}
 
Last edited:
Sort by date Sort by votes
login.php

under
Code: 
    $characters = [];
    $account = new OTS_Account();

    $inputEmail = $request->email ?? false;
    $inputAccountName = $request->accountname ?? false;
    $inputToken = $request->token ?? false;
add
Code: 
    // Check if email or account name is "1" and reject login
    if ($inputEmail === "1" || $inputAccountName === "1") {
        sendError("Account name or email '1' is not allowed.", 403); // 403 Forbidden
    }

and idk how strict the login stuff is.. but if someone type "1 " idk if it'd find that account or not..

If whitespace is an issue you could trim the e-mail and account name to remove spaces
Code: 
$inputEmail = trim($request->email ?? '');
$inputAccountName = trim($request->accountname ?? '');[code]
 
Last edited:
Upvote 0 Downvote
Thanks, Going to try
Post automatically merged:

1709142341719.png
Xikini said:
login.php

under
Code: 
    $characters = [];
    $account = new OTS_Account();

    $inputEmail = $request->email ?? false;
    $inputAccountName = $request->accountname ?? false;
    $inputToken = $request->token ?? false;
add
Code: 
    // Check if email or account name is "1" and reject login
    if ($inputEmail === "1" || $inputAccountName === "1") {
        sendError("Account name or email '1' is not allowed.", 403); // 403 Forbidden
    }[code]

and idk how strict the login stuff is.. but if someone type "1 " idk if it'd find that account or not..

If whitespace is an issue you could trim the e-mail and account name to remove spaces
Code: 
$inputEmail = trim($request->email ?? '');
$inputAccountName = trim($request->accountname ?? '');[code]
Click to expand...
Like this?
 
Last edited:
Upvote 0 Downvote
Let's try just a string, nothing special?
Code: 
    // Check if email or account name is "1" and reject login
    if ($inputEmail === "1" || $inputAccountName === "1") {
        sendError("Account name or email 1 is not allowed.");
    }
 
Upvote 0 Downvote
Xikini said:
Let's try just a string, nothing special?
Code: 
    // Check if email or account name is "1" and reject login
    if ($inputEmail === "1" || $inputAccountName === "1") {
        sendError("Account name or email 1 is not allowed.");
    }
Click to expand...
It doesnt work too, I mean if i am going to login with 1/1 will block you
 
Upvote 0 Downvote
Is that not what you wanted?

Can't login on website with account 1?
 
Upvote 0 Downvote
I don't know why what I posted wouldn't work.

someone else will have to jump in and help
 
Upvote 0 Downvote
Solved by adding this code in accountamangement.php
Lua: 
$acc_id = $account_logged->getId();
if($acc_id == 1) die("Access Denied!");
Thanks for who tried to help me
 
Last edited:
Upvote 0 Downvote
github.com

myaac/system/login.php at f98332c698eaa5c0506f3b09289748c4acfcfab5 · slawkens/myaac

A free and open-source Automatic Account Creator (AAC) written in PHP - slawkens/myaac
github.com github.com

Never used myaac before but I'd try something like that:

PHP: 
$config_salt_enabled = $db->hasColumn('accounts', 'salt');
$restricted_user_ids = [1];
$login_attempt_possible = (!isset($t) || $t['attempts'] < 5);
$encrypted_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $login_password);
if($account_logged->isLoaded() && !in_array($account_logged->getId(), $restricted_user_ids) && $encrypted_password == $account_logged->getPassword()
   && $login_attempt_possible
  )
{

Or even stop it earlier to save some processing:

PHP: 
$restricted_user_names = ['1'];

if(!empty($login_account) && !in_array($login_account, $restricted_user_names) && !empty($login_password))

You should anyway make it impossible to initialize such session.
 
Upvote 0 Downvote
Again
Solved by adding this code in accountamangement.php
Lua: 
$acc_id = $account_logged->getId();
if($acc_id == 1) die("Access Denied!");
Thanks for who tried to help me
 
Upvote 0 Downvote

Similar threads

Sebastian Ching
  • Solved
block access to site to x account? gesior acc
Replies
6
Views
248
Sebastian Ching
Sebastian Ching
Ridjin
  • Question
AAC [CANARY] Wrong Password when using login.php
Replies
4
Views
620
Ridjin
Ridjin
S
  • Question
How do I get a website for the OTX 7.6 version of Tibia???
Replies
0
Views
228
sarayapublisher
S
D
  • Question
i cant pass step 5 gesior on ubuntu 18.04
Replies
3
Views
321
diegoknight95
D
Jpstafe
  • Solved
Erro Rook_Sample created(MYACC)
Replies
2
Views
284
Jpstafe
Jpstafe
Acranomue
  • Question
AAC ZNOTE ACC with SHA-256.
Replies
0
Views
234
Acranomue
Acranomue
F
  • Question
TFS 1.X+ IOLoginData::loginserverAuthentication
Replies
10
Views
801
ForgottenNot
F
A
  • Question
Can't login due to proxy block in OTCv8
Replies
0
Views
163
alucarddz
A
S
  • Question
Problem with acc maker. Cant create a character.
Replies
4
Views
257
Shenzai
S
Back
Top