diff --git a/Assets/Scripts/AccountMenu/AccountChangePassword.cs b/Assets/Scripts/AccountMenu/AccountChangePassword.cs index ea94f69..2f9cdbc 100644 --- a/Assets/Scripts/AccountMenu/AccountChangePassword.cs +++ b/Assets/Scripts/AccountMenu/AccountChangePassword.cs @@ -35,11 +35,11 @@ public class AccountChangePassword : MonoBehaviour return; } WWWForm dataForm = new(); - dataForm.AddField("inputPassword", changePasswordCurrentPasswordInput.text); - dataForm.AddField("inputNewPassword", changePasswordNewPasswordInput.text); - dataForm.AddField("session", PlayerPrefs.GetString("gameSession")); - dataForm.AddField("userName", PlayerPrefs.GetString("userName")); - using UnityWebRequest request = UnityWebRequest.Post("https://berrydash.lncvrt.xyz/database/changeAccountPassword.php", dataForm); + dataForm.AddField("inputPassword", SensitiveInfo.Encrypt(changePasswordCurrentPasswordInput.text)); + dataForm.AddField("inputNewPassword", SensitiveInfo.Encrypt(changePasswordNewPasswordInput.text)); + dataForm.AddField("session", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession"))); + dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName"))); + using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "changeAccountPassword.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); request.SetRequestHeader("ClientPlatform", Application.platform.ToString()); diff --git a/Assets/Scripts/AccountMenu/AccountChangeUsername.cs b/Assets/Scripts/AccountMenu/AccountChangeUsername.cs index 242e5e4..cb469cd 100644 --- a/Assets/Scripts/AccountMenu/AccountChangeUsername.cs +++ b/Assets/Scripts/AccountMenu/AccountChangeUsername.cs @@ -27,11 +27,11 @@ public class AccountChangeUsername : MonoBehaviour async void ChangeUsername() { WWWForm dataForm = new(); - dataForm.AddField("inputUserName", changeUsernameCurrentUsernameInput.text); - dataForm.AddField("inputNewUserName", changeUsernameNewUsernameInput.text); - dataForm.AddField("session", PlayerPrefs.GetString("gameSession")); - dataForm.AddField("userName", PlayerPrefs.GetString("userName")); - using UnityWebRequest request = UnityWebRequest.Post("https://berrydash.lncvrt.xyz/database/changeAccountUsername.php", dataForm); + dataForm.AddField("inputUserName", SensitiveInfo.Encrypt(changeUsernameCurrentUsernameInput.text)); + dataForm.AddField("inputNewUserName", SensitiveInfo.Encrypt(changeUsernameNewUsernameInput.text)); + dataForm.AddField("session", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession"))); + dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName"))); + using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "changeAccountUsername.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); request.SetRequestHeader("ClientPlatform", Application.platform.ToString()); diff --git a/Assets/Scripts/AccountMenu/AccountLoggedIn.cs b/Assets/Scripts/AccountMenu/AccountLoggedIn.cs index 162ab9b..2565554 100644 --- a/Assets/Scripts/AccountMenu/AccountLoggedIn.cs +++ b/Assets/Scripts/AccountMenu/AccountLoggedIn.cs @@ -38,12 +38,12 @@ public class AccountLoggedIn : MonoBehaviour loggedInLoadButton.interactable = false; loggedInSaveButton.interactable = false; WWWForm dataForm = new(); - dataForm.AddField("userName", PlayerPrefs.GetString("userName", "")); - dataForm.AddField("gameSession", PlayerPrefs.GetString("gameSession", "")); - dataForm.AddField("highScore", PlayerPrefs.GetString("HighScoreV2", "0")); - dataForm.AddField("icon", PlayerPrefs.GetInt("icon", 1).ToString()); - dataForm.AddField("overlay", PlayerPrefs.GetInt("overlay", 0).ToString()); - using UnityWebRequest request = UnityWebRequest.Post("https://berrydash.lncvrt.xyz/database/saveAccount.php", dataForm); + dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName", ""))); + dataForm.AddField("gameSession", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession", ""))); + dataForm.AddField("highScore", SensitiveInfo.Encrypt(PlayerPrefs.GetString("HighScoreV2", "0"))); + dataForm.AddField("icon", SensitiveInfo.Encrypt(PlayerPrefs.GetInt("icon", 1).ToString())); + dataForm.AddField("overlay", SensitiveInfo.Encrypt(PlayerPrefs.GetInt("overlay", 0).ToString())); + using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "saveAccount.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); request.SetRequestHeader("ClientPlatform", Application.platform.ToString()); @@ -78,9 +78,9 @@ public class AccountLoggedIn : MonoBehaviour loggedInLoadButton.interactable = false; loggedInSaveButton.interactable = false; WWWForm dataForm = new(); - dataForm.AddField("userName", PlayerPrefs.GetString("userName", "")); - dataForm.AddField("gameSession", PlayerPrefs.GetString("gameSession", "")); - using UnityWebRequest request = UnityWebRequest.Post("https://berrydash.lncvrt.xyz/database/loadAccount.php", dataForm); + dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName", ""))); + dataForm.AddField("gameSession", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession", ""))); + using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "loadAccount.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); request.SetRequestHeader("ClientPlatform", Application.platform.ToString()); diff --git a/Assets/Scripts/AccountMenu/AccountLogin.cs b/Assets/Scripts/AccountMenu/AccountLogin.cs index 2a94763..7aaeac9 100644 --- a/Assets/Scripts/AccountMenu/AccountLogin.cs +++ b/Assets/Scripts/AccountMenu/AccountLogin.cs @@ -28,11 +28,11 @@ public class AccountLogin : MonoBehaviour async void SubmitLogin() { WWWForm dataForm = new(); - dataForm.AddField("username", loginUsernameInput.text); - dataForm.AddField("password", loginPasswordInput.text); - dataForm.AddField("currentHighScore", PlayerPrefs.GetString("HighScoreV2", "0")); - dataForm.AddField("loginType", "0"); - using UnityWebRequest request = UnityWebRequest.Post("https://berrydash.lncvrt.xyz/database/loginAccount.php", dataForm); + dataForm.AddField("username", SensitiveInfo.Encrypt(loginUsernameInput.text)); + dataForm.AddField("password", SensitiveInfo.Encrypt(loginPasswordInput.text)); + dataForm.AddField("currentHighScore", SensitiveInfo.Encrypt(PlayerPrefs.GetString("HighScoreV2", "0"))); + dataForm.AddField("loginType", SensitiveInfo.Encrypt("0")); + using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "loginAccount.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); request.SetRequestHeader("ClientPlatform", Application.platform.ToString()); diff --git a/Assets/Scripts/AccountMenu/AccountRefreshLogin.cs b/Assets/Scripts/AccountMenu/AccountRefreshLogin.cs index 1e69ecb..58d54cb 100644 --- a/Assets/Scripts/AccountMenu/AccountRefreshLogin.cs +++ b/Assets/Scripts/AccountMenu/AccountRefreshLogin.cs @@ -26,10 +26,10 @@ public class AccountRefreshLogin : MonoBehaviour async void RefreshLogin() { WWWForm dataForm = new(); - dataForm.AddField("username", refreshLoginUsernameInput.text); - dataForm.AddField("password", refreshLoginPasswordInput.text); - dataForm.AddField("loginType", "1"); - using UnityWebRequest request = UnityWebRequest.Post("https://berrydash.lncvrt.xyz/database/loginAccount.php", dataForm); + dataForm.AddField("username", SensitiveInfo.Encrypt(refreshLoginUsernameInput.text)); + dataForm.AddField("password", SensitiveInfo.Encrypt(refreshLoginPasswordInput.text)); + dataForm.AddField("loginType", SensitiveInfo.Encrypt("1")); + using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "loginAccount.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); request.SetRequestHeader("ClientPlatform", Application.platform.ToString()); diff --git a/Assets/Scripts/AccountMenu/AccountRegister.cs b/Assets/Scripts/AccountMenu/AccountRegister.cs index de96345..240bd45 100644 --- a/Assets/Scripts/AccountMenu/AccountRegister.cs +++ b/Assets/Scripts/AccountMenu/AccountRegister.cs @@ -50,10 +50,10 @@ public class AccountRegister : MonoBehaviour return; } WWWForm dataForm = new(); - dataForm.AddField("username", registerUsernameInput.text); - dataForm.AddField("email", registerEmailInput.text); - dataForm.AddField("password", registerPasswordInput.text); - using UnityWebRequest request = UnityWebRequest.Post("https://berrydash.lncvrt.xyz/database/registerAccount.php", dataForm); + dataForm.AddField("username", SensitiveInfo.Encrypt(registerUsernameInput.text)); + dataForm.AddField("email", SensitiveInfo.Encrypt(registerEmailInput.text)); + dataForm.AddField("password", SensitiveInfo.Encrypt(registerPasswordInput.text)); + using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "registerAccount.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); request.SetRequestHeader("ClientPlatform", Application.platform.ToString()); diff --git a/Assets/Scripts/LatestVersionText.cs b/Assets/Scripts/LatestVersionText.cs index 5fe476f..2c31eae 100644 --- a/Assets/Scripts/LatestVersionText.cs +++ b/Assets/Scripts/LatestVersionText.cs @@ -43,7 +43,7 @@ public class LatestVersionText : MonoBehaviour async void GetLatestVersion() { - using UnityWebRequest request = UnityWebRequest.Get("https://berrydash.lncvrt.xyz/database/getLatestVersion.php"); + using UnityWebRequest request = UnityWebRequest.Get(SensitiveInfo.SERVER_DATABASE_PREFIX + "getLatestVersion.php"); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); request.SetRequestHeader("ClientPlatform", Application.platform.ToString()); diff --git a/Assets/Scripts/LeaderboardsMenu.cs b/Assets/Scripts/LeaderboardsMenu.cs index 8aefbc1..af6f5f5 100644 --- a/Assets/Scripts/LeaderboardsMenu.cs +++ b/Assets/Scripts/LeaderboardsMenu.cs @@ -45,8 +45,8 @@ public class LeaderboardsMenu : MonoBehaviour } UpdateStatus(true, "Loading..."); WWWForm dataForm = new(); - dataForm.AddField("showAmount", showAmount); - using UnityWebRequest request = UnityWebRequest.Post("https://berrydash.lncvrt.xyz/database/getTopPlayers.php", dataForm); + dataForm.AddField("showAmount", SensitiveInfo.Encrypt(showAmount.ToString())); + using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "getTopPlayers.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); await request.SendWebRequest(); diff --git a/Assets/Scripts/LoadingMenu.cs b/Assets/Scripts/LoadingMenu.cs index b361705..0f3fd1c 100644 --- a/Assets/Scripts/LoadingMenu.cs +++ b/Assets/Scripts/LoadingMenu.cs @@ -68,7 +68,7 @@ public class LoadingMenu : MonoBehaviour string response; if (Application.platform != RuntimePlatform.WebGLPlayer) { - using UnityWebRequest request = UnityWebRequest.Get("https://berrydash.lncvrt.xyz/database/canLoadClient.php"); + using UnityWebRequest request = UnityWebRequest.Get(SensitiveInfo.SERVER_DATABASE_PREFIX + "canLoadClient.php"); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); request.SetRequestHeader("ClientPlatform", Application.platform.ToString()); diff --git a/Assets/Scripts/SensitiveInfo.cs b/Assets/Scripts/SensitiveInfo.cs new file mode 100644 index 0000000..2565154 --- /dev/null +++ b/Assets/Scripts/SensitiveInfo.cs @@ -0,0 +1,49 @@ +using System; +using System.IO; +using System.Security.Cryptography; +using System.Text; + +public class SensitiveInfo +{ + public static readonly string SERVER_DATABASE_PREFIX = "https://berrydash.lncvrt.xyz/database/"; + private static readonly string SERVER_TRANSFER_KEY = ""; + + public static string Encrypt(string plainText) + { + using Aes aes = Aes.Create(); + aes.Key = Encoding.UTF8.GetBytes(SERVER_TRANSFER_KEY); + aes.Mode = CipherMode.CBC; + aes.Padding = PaddingMode.PKCS7; + aes.GenerateIV(); + + using MemoryStream ms = new(); + ms.Write(aes.IV, 0, aes.IV.Length); + + using (var cryptoStream = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write)) + using (var writer = new StreamWriter(cryptoStream)) + { + writer.Write(plainText); + } + + return Convert.ToBase64String(ms.ToArray()); + } + + public static string Decrypt(string dataB64) + { + var data = Convert.FromBase64String(dataB64); + using Aes aes = Aes.Create(); + aes.Key = Encoding.UTF8.GetBytes(SERVER_TRANSFER_KEY); + aes.Mode = CipherMode.CBC; + aes.Padding = PaddingMode.PKCS7; + + byte[] iv = new byte[16]; + Array.Copy(data, 0, iv, 0, iv.Length); + aes.IV = iv; + + using MemoryStream ms = new(data, iv.Length, data.Length - iv.Length); + using var cryptoStream = new CryptoStream(ms, aes.CreateDecryptor(), CryptoStreamMode.Read); + using StreamReader reader = new(cryptoStream); + + return reader.ReadToEnd(); + } +} \ No newline at end of file diff --git a/Assets/Scripts/SensitiveInfo.cs.meta b/Assets/Scripts/SensitiveInfo.cs.meta new file mode 100644 index 0000000..d7a05b5 --- /dev/null +++ b/Assets/Scripts/SensitiveInfo.cs.meta @@ -0,0 +1,2 @@ +fileFormatVersion: 2 +guid: 66855f68482f8c39fbb9de8e070e7f4c \ No newline at end of file