diff --git a/code/modules/economy/ATM.dm b/code/modules/economy/ATM.dm index aac37d104a8..cc71897a033 100644 --- a/code/modules/economy/ATM.dm +++ b/code/modules/economy/ATM.dm @@ -213,6 +213,7 @@ log transactions /obj/machinery/atm/Topic(var/href, var/href_list) if(href_list["choice"]) + if (!usr.Adjacent(src)) return switch(href_list["choice"]) if("transfer") if(authenticated_account) @@ -249,58 +250,44 @@ log transactions authenticated_account.security_level = new_sec_level if("attempt_auth") - // check if they have low security enabled - scan_user(usr) + //scan_user(usr) // ATMs shouldn't be able to scan people for a card - Bedshaped - if(!ticks_left_locked_down && held_card) - var/tried_account_num = text2num(href_list["account_num"]) - if(!tried_account_num) - tried_account_num = held_card.associated_account_number - var/tried_pin = text2num(href_list["account_pin"]) + if (ticks_left_locked_down) return + if (!held_card && !href_list["account_num"]) return + var/tried_account_num = text2num(href_list["account_num"]) + if (!tried_account_num && held_card) + tried_account_num = held_card.associated_account_number + var/tried_pin = text2num(href_list["account_pin"]) + var/datum/money_account/potential_account = get_account(tried_account_num) + if (!potential_account) + usr << " \icon[src] Account number not found." + number_incorrect_tries++ + handle_lockdown() + return + switch (potential_account.security_level+1) //checks the security level of an account number to see what checks to do + if (1) // Security level zero + authenticated_account = attempt_account_access(tried_account_num, tried_pin, potential_account.security_level) + // It should be impossible to fail at this point + if (2) // Security level one + authenticated_account = attempt_account_access(text2num(href_list["account_num"]), tried_pin, potential_account.security_level) + if (3) // Security level two + if (held_card) + if (text2num(href_list["account_num"]) != held_card.associated_account_number) + else authenticated_account = attempt_account_access(tried_account_num, tried_pin, potential_account.security_level) + else usr << "Account card not found." + if (!authenticated_account) + number_incorrect_tries++ + usr << " \icon[src] Incorrect pin/account combination entered, [(max_pin_attempts+1) - number_incorrect_tries] attempts remaining." + handle_lockdown(tried_account_num) + else + bank_log_access(authenticated_account, machine_id) + number_incorrect_tries = 0 + playsound(src, 'sound/machines/twobeep.ogg', 50, 1) + ticks_left_timeout = 120 + view_screen = NO_SCREEN + usr << " \icon[src] Access granted. Welcome user '[authenticated_account.owner_name].'" + previous_account_number = tried_account_num - authenticated_account = attempt_account_access(tried_account_num, tried_pin, held_card && held_card.associated_account_number == tried_account_num ? 2 : 1) - if(!authenticated_account) - number_incorrect_tries++ - if(previous_account_number == tried_account_num) - if(number_incorrect_tries > max_pin_attempts) - //lock down the atm - ticks_left_locked_down = 30 - playsound(src, 'sound/machines/buzz-two.ogg', 50, 1) - - //create an entry in the account transaction log - var/datum/money_account/failed_account = get_account(tried_account_num) - if(failed_account) - var/datum/transaction/T = new() - T.target_name = failed_account.owner_name - T.purpose = "Unauthorised login attempt" - T.source_terminal = machine_id - T.date = current_date_string - T.time = worldtime2text() - failed_account.transaction_log.Add(T) - else - usr << "\red \icon[src] Incorrect pin/account combination entered, [max_pin_attempts - number_incorrect_tries] attempts remaining." - previous_account_number = tried_account_num - playsound(src, 'sound/machines/buzz-sigh.ogg', 50, 1) - else - usr << "\red \icon[src] incorrect pin/account combination entered." - number_incorrect_tries = 0 - else - playsound(src, 'sound/machines/twobeep.ogg', 50, 1) - ticks_left_timeout = 120 - view_screen = NO_SCREEN - - //create a transaction log entry - var/datum/transaction/T = new() - T.target_name = authenticated_account.owner_name - T.purpose = "Remote terminal access" - T.source_terminal = machine_id - T.date = current_date_string - T.time = worldtime2text() - authenticated_account.transaction_log.Add(T) - - usr << "\blue \icon[src] Access granted. Welcome user '[authenticated_account.owner_name].'" - - previous_account_number = tried_account_num if("e_withdrawal") var/amount = max(text2num(href_list["funds_amount"]),0) amount = round(amount, 0.01) @@ -372,6 +359,8 @@ log transactions R.overlays += stampoverlay R.stamps += "