AutoIndent
This commit is contained in:
parent
077ab4c714
commit
8cd093edb5
3 changed files with 375 additions and 433 deletions
|
@ -1,37 +1,34 @@
|
||||||
<?php
|
<?php
|
||||||
class CWwwLog
|
class CWwwLog
|
||||||
{
|
{
|
||||||
//function CWwwLog() {}
|
//function CWwwLog() {}
|
||||||
|
|
||||||
/*
|
/**
|
||||||
* Return the log directory. Create it if it does not exist, or return false if creation failed.
|
* Return the log directory. Create it if it does not exist, or return false if creation failed.
|
||||||
|
* Examples:
|
||||||
|
* __FILE__ = r:\code\ryzom\www\login\config.php
|
||||||
|
* $_SERVER['PATH_TRANSLATED'] = 'r:/code/ryzom/www/login//r2_login.php'
|
||||||
|
* $_SERVER['SCRIPT_FILENAME'] = 'r:/code/ryzom/www/login//r2_login.php'
|
||||||
*/
|
*/
|
||||||
function getSafeLogDir()
|
public function getSafeLogDir()
|
||||||
{
|
{
|
||||||
// Examples:
|
|
||||||
// __FILE__ = r:\code\ryzom\www\login\config.php
|
|
||||||
// $_SERVER['PATH_TRANSLATED'] = 'r:/code/ryzom/www/login//r2_login.php'
|
|
||||||
// $_SERVER['SCRIPT_FILENAME'] = 'r:/code/ryzom/www/login//r2_login.php'
|
|
||||||
global $LogRelativePath;
|
global $LogRelativePath;
|
||||||
$pathInfo = pathinfo(__FILE__);
|
$pathInfo = pathinfo(__FILE__);
|
||||||
$logPath = $pathInfo['dirname'].'/'.$LogRelativePath;
|
$logPath = $pathInfo['dirname'] . '/' . $LogRelativePath;
|
||||||
if (!is_dir($logPath))
|
if (!is_dir($logPath)) {
|
||||||
{
|
|
||||||
$res = mkdir($LogPath, 0700);
|
$res = mkdir($LogPath, 0700);
|
||||||
return $res ? $logPath : false;
|
return $res ? $logPath : false;
|
||||||
}
|
}
|
||||||
return $logPath;
|
return $logPath;
|
||||||
}
|
}
|
||||||
|
|
||||||
function logStr($str)
|
public function logStr($str)
|
||||||
{
|
{
|
||||||
$logPath = $this->getSafeLogDir();
|
$logPath = $this->getSafeLogDir();
|
||||||
if ($logPath !== false)
|
if ($logPath !== false) {
|
||||||
{
|
$fp = fopen($logPath . '/r2_login_' . date('Y-m-d') . '.log', 'a');
|
||||||
$fp = fopen($logPath.'/r2_login_'.date('Y-m-d').'.log', 'a');
|
fwrite($fp, date('Y-m-d H:i:s') . ' (' . $_SERVER['REMOTE_ADDR'] . ':' . $_SERVER['REQUEST_URI'] . "): $str\n");
|
||||||
fwrite($fp, date('Y-m-d H:i:s').' ('.$_SERVER['REMOTE_ADDR'].':'.$_SERVER['REQUEST_URI']."): $str\n");
|
|
||||||
fclose($fp);
|
fclose($fp);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
?>
|
|
||||||
|
|
|
@ -1,30 +1,28 @@
|
||||||
<?php
|
<?php
|
||||||
class LoginCb extends CLoginServiceWeb
|
class LoginCb extends CLoginServiceWeb
|
||||||
{
|
{
|
||||||
// receive the login result sent back by the LS
|
// receive the login result sent back by the LS
|
||||||
function loginResult($userId, $cookie, $resultCode, $errorString)
|
public function loginResult($userId, $cookie, $resultCode, $errorString)
|
||||||
{
|
{
|
||||||
global $RingWebHost, $RingWebHostPHP;
|
global $RingWebHost, $RingWebHostPHP;
|
||||||
global $domainId;
|
global $domainId;
|
||||||
|
|
||||||
if ($resultCode == 0 && $cookie != "")
|
if ($resultCode == 0 && $cookie != "") {
|
||||||
{
|
|
||||||
// gather the domain information (server version, patch urls and backup patch url
|
// gather the domain information (server version, patch urls and backup patch url
|
||||||
global $DBHost, $DBUserName, $DBPassword, $DBName, $AutoInsertInRing;
|
global $DBHost, $DBUserName, $DBPassword, $DBName, $AutoInsertInRing;
|
||||||
|
|
||||||
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
|
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die(errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
|
||||||
mysqli_select_db ($link, $DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
|
mysqli_select_db($link, $DBName) or die(errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
|
||||||
$query = "SELECT * FROM domain WHERE domain_id=$domainId";
|
$query = "SELECT * FROM domain WHERE domain_id=$domainId";
|
||||||
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
$result = mysqli_query($link, $query) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
||||||
|
|
||||||
if( mysqli_num_rows($result) != 1)
|
if (mysqli_num_rows($result) != 1) {
|
||||||
{
|
|
||||||
die(errorMsgBlock(3001, $domainId));
|
die(errorMsgBlock(3001, $domainId));
|
||||||
}
|
}
|
||||||
$row = mysqli_fetch_array($result);
|
$row = mysqli_fetch_array($result);
|
||||||
|
|
||||||
// set the cookie
|
// set the cookie
|
||||||
setcookie ( "ryzomId" , $cookie, 0, "/");
|
setcookie("ryzomId", $cookie, 0, "/");
|
||||||
$_COOKIE["ryzomId"] = $cookie; // make it available immediately
|
$_COOKIE["ryzomId"] = $cookie; // make it available immediately
|
||||||
|
|
||||||
// Auto-join an available mainland shard
|
// Auto-join an available mainland shard
|
||||||
|
@ -32,23 +30,17 @@
|
||||||
$FSHostLuaMode = false;
|
$FSHostLuaMode = false;
|
||||||
$res = joinMainland($userId, $domainId, $row["domain_name"]);
|
$res = joinMainland($userId, $domainId, $row["domain_name"]);
|
||||||
|
|
||||||
if ($res)
|
if ($res) {
|
||||||
{
|
echo "1#" . $cookie . "#" . $FSHostResultStr . "#http://" . $RingWebHost . "/ring/web_start.php#http://" . $RingWebHostPHP . "/ring/\n";
|
||||||
echo "1#".$cookie."#".$FSHostResultStr."#http://".$RingWebHost."/ring/web_start.php#http://".$RingWebHostPHP."/ring/\n";
|
|
||||||
// return the ring domain information
|
// return the ring domain information
|
||||||
echo $row["patch_version"]."#".$row["backup_patch_url"]."#".$row["patch_urls"];
|
echo $row["patch_version"] . "#" . $row["backup_patch_url"] . "#" . $row["patch_urls"];
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
global $JoinSessionResultCode, $JoinSessionResultMsg;
|
global $JoinSessionResultCode, $JoinSessionResultMsg;
|
||||||
echo errorMsgBlock(BASE_TRANSLATED_RSM_ERROR_NUM + $JoinSessionResultCode, $JoinSessionResultCode, $JoinSessionResultMsg, $userId);
|
echo errorMsgBlock(BASE_TRANSLATED_RSM_ERROR_NUM + $JoinSessionResultCode, $JoinSessionResultCode, $JoinSessionResultMsg, $userId);
|
||||||
}
|
}
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
// empty cookie, this mean the user id can't be validated by the LS
|
// empty cookie, this mean the user id can't be validated by the LS
|
||||||
echo errorMsgBlock(BASE_TRANSLATED_LS_ERROR_NUM + $resultCode, $resultCode, $errorString, $userId);
|
echo errorMsgBlock(BASE_TRANSLATED_LS_ERROR_NUM + $resultCode, $resultCode, $errorString, $userId);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
?>
|
|
||||||
|
|
|
@ -1,84 +1,37 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
error_reporting(E_ERROR | E_PARSE);
|
error_reporting(E_ERROR | E_PARSE);
|
||||||
set_error_handler('err_callback');
|
set_error_handler('err_callback');
|
||||||
|
|
||||||
// For error handling, buffer all output
|
// For error handling, buffer all output
|
||||||
ob_start('ob_callback_r2login');
|
ob_start('ob_callback_r2login');
|
||||||
|
|
||||||
include_once('config.php');
|
include_once 'config.php';
|
||||||
include_once('login_translations.php');
|
include_once 'login_translations.php';
|
||||||
include_once('../tools/nel_message.php');
|
include_once '../tools/nel_message.php';
|
||||||
include_once('../tools/domain_info.php');
|
include_once '../tools/domain_info.php';
|
||||||
include_once('login_service_itf.php');
|
include_once 'login_service_itf.php';
|
||||||
include_once('../ring/join_shard.php');
|
include_once '../ring/join_shard.php';
|
||||||
include_once('./class/CWwwLog.php');
|
include_once './class/CWwwLog.php';
|
||||||
include_once('./class/LoginCb.php');
|
include_once './class/LoginCb.php';
|
||||||
|
|
||||||
|
if (!isset($_GET['cmd'])) {
|
||||||
|
die(errorMsgBlock(3002));
|
||||||
|
}
|
||||||
|
|
||||||
function get_salt($password)
|
// check for 'clear password' tag
|
||||||
{
|
if (!isset($_GET['cp'])) {
|
||||||
if ($password[0] == '$')
|
|
||||||
{
|
|
||||||
$salt = substr($password, 0, 19);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
$salt = substr($password, 0, 2);
|
|
||||||
}
|
|
||||||
return $salt;
|
|
||||||
}
|
|
||||||
|
|
||||||
// see errorMsg
|
|
||||||
function errorMsgBlock($errNum=GENERIC_ERROR_NUM) // $mixedArgs
|
|
||||||
{
|
|
||||||
$args = func_get_args();
|
|
||||||
return '0:'.call_user_func_array('errorMsg', $args);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Callback called on end of output buffering
|
|
||||||
function ob_callback_r2login($buffer)
|
|
||||||
{
|
|
||||||
// Log only in case of error or malformed result string
|
|
||||||
$blockHd = substr($buffer, 0, 2);
|
|
||||||
if ($blockHd != '1:')
|
|
||||||
{
|
|
||||||
$logFile = new CWwwLog();
|
|
||||||
$logFile->logStr(str_replace("\n",'\n',$buffer));
|
|
||||||
}
|
|
||||||
return $buffer; // sent to output
|
|
||||||
}
|
|
||||||
|
|
||||||
// Callback called on error
|
|
||||||
function err_callback($errno, $errmsg, $filename, $linenum, $vars)
|
|
||||||
{
|
|
||||||
$logFile = new CWwwLog();
|
|
||||||
$logFile->logStr("PHP ERROR/$errno $errmsg ($filename:$linenum)");
|
|
||||||
$logFile->logStr("PHP CALLSTACK/" . print_r(debug_backtrace(), TRUE));
|
|
||||||
// Never die after an error
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!isset($_GET['cmd']))
|
|
||||||
{
|
|
||||||
die (errorMsgBlock(3002));
|
|
||||||
}
|
|
||||||
|
|
||||||
// check for 'clear password' tag
|
|
||||||
if (!isset($_GET['cp']))
|
|
||||||
{
|
|
||||||
$cp = 0;
|
$cp = 0;
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
$cp = $_GET['cp'];
|
$cp = $_GET['cp'];
|
||||||
}
|
}
|
||||||
|
|
||||||
$submittedLang = isset($_GET['lg']) ? $_GET['lg'] : 'unknown';
|
$submittedLang = isset($_GET['lg']) ? $_GET['lg'] : 'unknown';
|
||||||
if (isset($_GET['dbg']) && ($_GET['dbg'] == 1))
|
if (isset($_GET['dbg']) && ($_GET['dbg'] == 1)) {
|
||||||
$DisplayDbg = true;
|
$DisplayDbg = true;
|
||||||
|
}
|
||||||
|
|
||||||
switch($_GET['cmd'])
|
switch ($_GET['cmd']) {
|
||||||
{
|
|
||||||
case 'ask':
|
case 'ask':
|
||||||
// client ask for a login salt
|
// client ask for a login salt
|
||||||
askSalt($_GET['login'], $submittedLang);
|
askSalt($_GET['login'], $submittedLang);
|
||||||
|
@ -86,31 +39,26 @@
|
||||||
case 'login':
|
case 'login':
|
||||||
$domainId = -1;
|
$domainId = -1;
|
||||||
// client sent is login info
|
// client sent is login info
|
||||||
if (!checkUserValidity($_GET['login'], $_GET['password'], $_GET['clientApplication'], $cp, $id, $reason, $priv, $extended, $domainId, $submittedLang))
|
if (!checkUserValidity($_GET['login'], $_GET['password'], $_GET['clientApplication'], $cp, $id, $reason, $priv, $extended, $domainId, $submittedLang)) {
|
||||||
{
|
echo '0:' . $reason;
|
||||||
echo '0:'.$reason;
|
} else {
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
|
|
||||||
// retreive the domain info
|
// retreive the domain info
|
||||||
$domainInfo = getDomainInfo($domainId);
|
$domainInfo = getDomainInfo($domainId);
|
||||||
|
|
||||||
// if we need to create missing ring info
|
// if we need to create missing ring info
|
||||||
if ($AutoCreateRingInfo)
|
if ($AutoCreateRingInfo) {
|
||||||
{
|
|
||||||
// check if the ring user exist, and create it if not
|
// check if the ring user exist, and create it if not
|
||||||
$ringDb = mysqli_connect($DBHost, $RingDBUserName, $RingDBPassword) or die(errorMsgBlock(3004, 'Ring', $DBHost, $RingDBUserName));
|
$ringDb = mysqli_connect($DBHost, $RingDBUserName, $RingDBPassword) or die(errorMsgBlock(3004, 'Ring', $DBHost, $RingDBUserName));
|
||||||
mysqli_select_db ($ringDb, $domainInfo['ring_db_name']) or die(errorMsgBlock(3005, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName));
|
mysqli_select_db($ringDb, $domainInfo['ring_db_name']) or die(errorMsgBlock(3005, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName));
|
||||||
$query = "SELECT user_id FROM ring_users where user_id = '".$id."'";
|
$query = "SELECT user_id FROM ring_users where user_id = '" . $id . "'";
|
||||||
$result = mysqli_query ($ringDb, $query) or die(errorMsgBlock(3006, $query, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName, mysqli_error($ringDb)));
|
$result = mysqli_query($ringDb, $query) or die(errorMsgBlock(3006, $query, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName, mysqli_error($ringDb)));
|
||||||
|
|
||||||
if (mysqli_num_rows($result) == 0)
|
if (mysqli_num_rows($result) == 0) {
|
||||||
{
|
|
||||||
// no ring user record, build one
|
// no ring user record, build one
|
||||||
$login = mysqli_real_escape_string($ringDb, $_GET['login']);
|
$login = mysqli_real_escape_string($ringDb, $_GET['login']);
|
||||||
$query = "INSERT INTO ring_users SET user_id = '$id', user_name = '$login', user_type='ut_pioneer'";
|
$query = "INSERT INTO ring_users SET user_id = '$id', user_name = '$login', user_type='ut_pioneer'";
|
||||||
$result = mysqli_query ($ringDb, $query) or die(errorMsgBlock(3006, $query, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName, mysqli_error($ringDb)));
|
$result = mysqli_query($ringDb, $query) or die(errorMsgBlock(3006, $query, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName, mysqli_error($ringDb)));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -128,42 +76,79 @@
|
||||||
$login->login($id, $_SERVER["REMOTE_ADDR"], $domainId);
|
$login->login($id, $_SERVER["REMOTE_ADDR"], $domainId);
|
||||||
|
|
||||||
// wait for the return message
|
// wait for the return message
|
||||||
if (!$login->waitCallback())
|
if (!$login->waitCallback()) {
|
||||||
{
|
|
||||||
die(errorMsgBlock(3003));
|
die(errorMsgBlock(3003));
|
||||||
}
|
}
|
||||||
|
|
||||||
//the rest of the process is done in the callback function
|
//the rest of the process is done in the callback function
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// no more to do (other global statement are old garbage)
|
// no more to do (other global statement are old garbage)
|
||||||
die();
|
die();
|
||||||
|
|
||||||
// ----------------------------------------------------------------------------------------
|
// ----------------------------------------------------------------------------------------
|
||||||
// Functions
|
// Functions
|
||||||
// ----------------------------------------------------------------------------------------
|
// ----------------------------------------------------------------------------------------
|
||||||
|
|
||||||
// $reason contains the reason why the check failed or success
|
function get_salt($password)
|
||||||
// return true if the check is ok
|
{
|
||||||
function checkUserValidity ($login, $password, $clientApplication, $cp, &$id, &$reason, &$priv, &$extended, &$domainId, $lang)
|
if ($password[0] == '$') {
|
||||||
{
|
$salt = substr($password, 0, 19);
|
||||||
|
} else {
|
||||||
|
$salt = substr($password, 0, 2);
|
||||||
|
}
|
||||||
|
return $salt;
|
||||||
|
}
|
||||||
|
|
||||||
|
// see errorMsg
|
||||||
|
function errorMsgBlock($errNum = GENERIC_ERROR_NUM) // $mixedArgs
|
||||||
|
|
||||||
|
{
|
||||||
|
$args = func_get_args();
|
||||||
|
return '0:' . call_user_func_array('errorMsg', $args);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Callback called on end of output buffering
|
||||||
|
function ob_callback_r2login($buffer)
|
||||||
|
{
|
||||||
|
// Log only in case of error or malformed result string
|
||||||
|
$blockHd = substr($buffer, 0, 2);
|
||||||
|
if ($blockHd != '1:') {
|
||||||
|
$logFile = new CWwwLog();
|
||||||
|
$logFile->logStr(str_replace("\n", '\n', $buffer));
|
||||||
|
}
|
||||||
|
return $buffer; // sent to output
|
||||||
|
}
|
||||||
|
|
||||||
|
// Callback called on error
|
||||||
|
function err_callback($errno, $errmsg, $filename, $linenum, $vars)
|
||||||
|
{
|
||||||
|
$logFile = new CWwwLog();
|
||||||
|
$logFile->logStr("PHP ERROR/$errno $errmsg ($filename:$linenum)");
|
||||||
|
$logFile->logStr("PHP CALLSTACK/" . print_r(debug_backtrace(), true));
|
||||||
|
// Never die after an error
|
||||||
|
}
|
||||||
|
|
||||||
|
// $reason contains the reason why the check failed or success
|
||||||
|
// return true if the check is ok
|
||||||
|
function checkUserValidity($login, $password, $clientApplication, $cp, &$id, &$reason, &$priv, &$extended, &$domainId, $lang)
|
||||||
|
{
|
||||||
global $DBHost, $DBUserName, $DBPassword, $DBName, $AcceptUnknownUser;
|
global $DBHost, $DBUserName, $DBPassword, $DBName, $AcceptUnknownUser;
|
||||||
|
|
||||||
setMsgLanguage($lang);
|
setMsgLanguage($lang);
|
||||||
|
|
||||||
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
|
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die(errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
|
||||||
mysqli_select_db ($link, $DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
|
mysqli_select_db($link, $DBName) or die(errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
|
||||||
|
|
||||||
// we map the client application to the domain name
|
// we map the client application to the domain name
|
||||||
$domainName = mysqli_real_escape_string($link, $clientApplication);
|
$domainName = mysqli_real_escape_string($link, $clientApplication);
|
||||||
|
|
||||||
// retreive the domain id
|
// retreive the domain id
|
||||||
$query = "SELECT domain_id FROM domain WHERE domain_name='$domainName'";
|
$query = "SELECT domain_id FROM domain WHERE domain_name='$domainName'";
|
||||||
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
$result = mysqli_query($link, $query) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
||||||
|
|
||||||
if (mysqli_num_rows($result) == 0)
|
if (mysqli_num_rows($result) == 0) {
|
||||||
{
|
|
||||||
// unrecoverable error, we must giveup
|
// unrecoverable error, we must giveup
|
||||||
$reason = errorMsg(3007, $domainName);
|
$reason = errorMsg(3007, $domainName);
|
||||||
mysqli_close($link);
|
mysqli_close($link);
|
||||||
|
@ -182,128 +167,106 @@
|
||||||
// now, retrieve the user infos
|
// now, retrieve the user infos
|
||||||
$login = mysqli_real_escape_string($link, $login);
|
$login = mysqli_real_escape_string($link, $login);
|
||||||
$query = "SELECT * FROM user where Login='$login'";
|
$query = "SELECT * FROM user where Login='$login'";
|
||||||
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
$result = mysqli_query($link, $query) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
||||||
|
|
||||||
if (mysqli_num_rows ($result) == 0)
|
if (mysqli_num_rows($result) == 0) {
|
||||||
{
|
if ($AcceptUnknownUser) {
|
||||||
if ($AcceptUnknownUser)
|
|
||||||
{
|
|
||||||
// login doesn't exist, create it
|
// login doesn't exist, create it
|
||||||
$password = mysqli_real_escape_string($link, $password);
|
$password = mysqli_real_escape_string($link, $password);
|
||||||
$query = "INSERT INTO user (Login, Password) VALUES ('$login', '$password')";
|
$query = "INSERT INTO user (Login, Password) VALUES ('$login', '$password')";
|
||||||
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
$result = mysqli_query($link, $query) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
||||||
|
|
||||||
// get the user to have his UId
|
// get the user to have his UId
|
||||||
$query = "SELECT * FROM user WHERE Login='$login'";
|
$query = "SELECT * FROM user WHERE Login='$login'";
|
||||||
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
$result = mysqli_query($link, $query) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
||||||
|
|
||||||
if (mysqli_num_rows ($result) == 1)
|
if (mysqli_num_rows($result) == 1) {
|
||||||
{
|
|
||||||
$reason = errorMsg(3008, $login);
|
$reason = errorMsg(3008, $login);
|
||||||
$row = mysqli_fetch_assoc ($result);
|
$row = mysqli_fetch_assoc($result);
|
||||||
$id = $row["UId"];
|
$id = $row["UId"];
|
||||||
$priv = $row["Privilege"];
|
$priv = $row["Privilege"];
|
||||||
$extended = $row["ExtendedPrivilege"];
|
$extended = $row["ExtendedPrivilege"];
|
||||||
|
|
||||||
// add the default permission
|
// add the default permission
|
||||||
$query = "INSERT INTO permission (UId, DomainId, AccessPrivilege) VALUES ('$id', '$domainId', '$accessPriv')";
|
$query = "INSERT INTO permission (UId, DomainId, AccessPrivilege) VALUES ('$id', '$domainId', '$accessPriv')";
|
||||||
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
$result = mysqli_query($link, $query) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
||||||
|
|
||||||
$res = false;
|
$res = false;
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
$reason = errorMsg(3009, $login);
|
$reason = errorMsg(3009, $login);
|
||||||
$res = false;
|
$res = false;
|
||||||
}
|
}
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
$reason = errorMsg(2001, $login, 'checkUserValidity');
|
$reason = errorMsg(2001, $login, 'checkUserValidity');
|
||||||
}
|
}
|
||||||
}
|
} else {
|
||||||
else
|
$row = mysqli_fetch_assoc($result);
|
||||||
{
|
|
||||||
$row = mysqli_fetch_assoc ($result);
|
|
||||||
$salt = get_salt($row["Password"]);
|
$salt = get_salt($row["Password"]);
|
||||||
if (($cp && $row["Password"] == $password) || (!$cp && $row["Password"] == crypt($password, $salt)))
|
if (($cp && $row["Password"] == $password) || (!$cp && $row["Password"] == crypt($password, $salt))) {
|
||||||
{
|
|
||||||
// Store the real login (with correct case)
|
// Store the real login (with correct case)
|
||||||
$_GET['login'] = $row['Login'];
|
$_GET['login'] = $row['Login'];
|
||||||
// check if the user can use this application
|
// check if the user can use this application
|
||||||
|
|
||||||
$clientApplication = mysqli_real_escape_string($link, $clientApplication);
|
$clientApplication = mysqli_real_escape_string($link, $clientApplication);
|
||||||
$query = "SELECT * FROM permission WHERE UId='".$row["UId"]."' AND DomainId='$domainId'";
|
$query = "SELECT * FROM permission WHERE UId='" . $row["UId"] . "' AND DomainId='$domainId'";
|
||||||
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
$result = mysqli_query($link, $query) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
||||||
if (mysqli_num_rows ($result) == 0)
|
if (mysqli_num_rows($result) == 0) {
|
||||||
{
|
if ($AcceptUnknownUser) {
|
||||||
if ($AcceptUnknownUser)
|
|
||||||
{
|
|
||||||
// add default permission
|
// add default permission
|
||||||
$query = "INSERT INTO permission (UId, DomainId, ShardId, AccessPrivilege) VALUES ('".$row["UId"]."', '$domainId', -1, '$domainStatus')";
|
$query = "INSERT INTO permission (UId, DomainId, ShardId, AccessPrivilege) VALUES ('" . $row["UId"] . "', '$domainId', -1, '$domainStatus')";
|
||||||
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
$result = mysqli_query($link, $query) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
||||||
|
|
||||||
$reason = errorMsg(3010);
|
$reason = errorMsg(3010);
|
||||||
$res = false;
|
$res = false;
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
// no permission
|
// no permission
|
||||||
$reason = errorMsg(3011, $clientApplication, $domainName);
|
$reason = errorMsg(3011, $clientApplication, $domainName);
|
||||||
$res = false;
|
$res = false;
|
||||||
}
|
}
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
// check that the access privilege for the domain
|
// check that the access privilege for the domain
|
||||||
$permission = mysqli_fetch_assoc($result);
|
$permission = mysqli_fetch_assoc($result);
|
||||||
|
|
||||||
if (!strstr($permission['AccessPrivilege'], $accessPriv))
|
if (!strstr($permission['AccessPrivilege'], $accessPriv)) {
|
||||||
{
|
|
||||||
// no right to connect
|
// no right to connect
|
||||||
if ($AcceptUnknownUser)
|
if ($AcceptUnknownUser) {
|
||||||
{
|
|
||||||
// set an additionnal privilege for this player
|
// set an additionnal privilege for this player
|
||||||
$query = "UPDATE permission set AccessPrivilege='".$permission['AccessPrivilege'].",$accessPriv' WHERE PermissionId=".$permission['PermissionId'];
|
$query = "UPDATE permission set AccessPrivilege='" . $permission['AccessPrivilege'] . ",$accessPriv' WHERE PermissionId=" . $permission['PermissionId'];
|
||||||
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
$result = mysqli_query($link, $query) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
||||||
|
|
||||||
$reason = errorMsg(3012, $accessPriv);
|
$reason = errorMsg(3012, $accessPriv);
|
||||||
$res = false;
|
$res = false;
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
// no permission
|
// no permission
|
||||||
$reason = errorMsg(3013, $clientApplication, $domainName, $accessPriv);
|
$reason = errorMsg(3013, $clientApplication, $domainName, $accessPriv);
|
||||||
$res = false;
|
$res = false;
|
||||||
}
|
}
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
|
|
||||||
// // check if the user not already online
|
// // check if the user not already online
|
||||||
//
|
//
|
||||||
// if ($row["State"] != "Offline")
|
// if ($row["State"] != "Offline")
|
||||||
// {
|
// {
|
||||||
// $reason = "$login is already online and ";
|
// $reason = "$login is already online and ";
|
||||||
// // ask the LS to remove the client
|
// // ask the LS to remove the client
|
||||||
// if (disconnectClient ($row["ShardId"], $row["UId"], $tempres))
|
// if (disconnectClient ($row["ShardId"], $row["UId"], $tempres))
|
||||||
// {
|
// {
|
||||||
// $reason = $reason."was just disconnected. Now you can retry the identification (error code 54)";
|
// $reason = $reason."was just disconnected. Now you can retry the identification (error code 54)";
|
||||||
//
|
//
|
||||||
// $query = "update shard set NbPlayers=NbPlayers-1 where ShardId=".$row["ShardId"];
|
// $query = "update shard set NbPlayers=NbPlayers-1 where ShardId=".$row["ShardId"];
|
||||||
// $result = mysqli_query ($link, $query) or die ("Can't execute the query: '$query' errno:".mysqli_errno($link).": ".mysqli_error($link));
|
// $result = mysqli_query ($link, $query) or die ("Can't execute the query: '$query' errno:".mysqli_errno($link).": ".mysqli_error($link));
|
||||||
//
|
//
|
||||||
// $query = "update user set ShardId=-1, State='Offline' where UId=".$row["UId"];
|
// $query = "update user set ShardId=-1, State='Offline' where UId=".$row["UId"];
|
||||||
// $result = mysqli_query ($link, $query) or die ("Can't execute the query: '$query' errno:".mysqli_errno($link).": ".mysqli_error($link));
|
// $result = mysqli_query ($link, $query) or die ("Can't execute the query: '$query' errno:".mysqli_errno($link).": ".mysqli_error($link));
|
||||||
// }
|
// }
|
||||||
// else
|
// else
|
||||||
// {
|
// {
|
||||||
// $reason = $reason."can't be disconnected: $tempres (error code 55)";
|
// $reason = $reason."can't be disconnected: $tempres (error code 55)";
|
||||||
// }
|
// }
|
||||||
// $res = false;
|
// $res = false;
|
||||||
// }
|
// }
|
||||||
// else
|
// else
|
||||||
// {
|
// {
|
||||||
$id = $row["UId"];
|
$id = $row["UId"];
|
||||||
$priv = $row["Privilege"];
|
$priv = $row["Privilege"];
|
||||||
$extended = $row["ExtendedPrivilege"];
|
$extended = $row["ExtendedPrivilege"];
|
||||||
|
@ -311,43 +274,37 @@
|
||||||
// }
|
// }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
$reason = errorMsg(2004, 'user');
|
$reason = errorMsg(2004, 'user');
|
||||||
$res = false;
|
$res = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
mysqli_close($link);
|
mysqli_close($link);
|
||||||
return $res;
|
return $res;
|
||||||
}
|
}
|
||||||
|
|
||||||
function askSalt($login, $lang)
|
function askSalt($login, $lang)
|
||||||
{
|
{
|
||||||
global $PHP_SELF;
|
global $PHP_SELF;
|
||||||
global $DBHost, $DBUserName, $DBPassword, $DBName;
|
global $DBHost, $DBUserName, $DBPassword, $DBName;
|
||||||
global $AcceptUnknownUser;
|
global $AcceptUnknownUser;
|
||||||
|
|
||||||
setMsgLanguage($lang);
|
setMsgLanguage($lang);
|
||||||
|
|
||||||
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
|
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die(errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
|
||||||
mysqli_select_db ($link, $DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
|
mysqli_select_db($link, $DBName) or die(errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
|
||||||
|
|
||||||
$login = mysqli_real_escape_string($link, $login);
|
$login = mysqli_real_escape_string($link, $login);
|
||||||
$query = "SELECT Password FROM user WHERE Login='$login'";
|
$query = "SELECT Password FROM user WHERE Login='$login'";
|
||||||
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
$result = mysqli_query($link, $query) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
||||||
|
|
||||||
if (mysqli_num_rows ($result) != 1)
|
if (mysqli_num_rows($result) != 1) {
|
||||||
{
|
if ($AcceptUnknownUser) {
|
||||||
if ($AcceptUnknownUser)
|
|
||||||
{
|
|
||||||
// just accept the client and return a default salk
|
// just accept the client and return a default salk
|
||||||
echo "1:AA";
|
echo "1:AA";
|
||||||
die;
|
die;
|
||||||
}
|
} else {
|
||||||
else
|
die(errorMsgBlock(2001, $login, 'askSalt'));
|
||||||
{
|
|
||||||
die (errorMsgBlock(2001, $login, 'askSalt'));
|
|
||||||
// Check if this is not an unconfirmed account
|
// Check if this is not an unconfirmed account
|
||||||
/*$query = "SELECT GamePassword, Language FROM signup_data WHERE login='$login'";
|
/*$query = "SELECT GamePassword, Language FROM signup_data WHERE login='$login'";
|
||||||
$result = mysqli_query($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
$result = mysqli_query($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
||||||
|
@ -378,15 +335,11 @@
|
||||||
die (errorMsgBlock(2003));
|
die (errorMsgBlock(2003));
|
||||||
}*/
|
}*/
|
||||||
}
|
}
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
$res_array = mysqli_fetch_assoc($result);
|
$res_array = mysqli_fetch_assoc($result);
|
||||||
$salt = get_salt($res_array['Password']);
|
$salt = get_salt($res_array['Password']);
|
||||||
}
|
}
|
||||||
|
|
||||||
echo "1:".$salt;
|
echo "1:" . $salt;
|
||||||
mysqli_close($link);
|
mysqli_close($link);
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
|
||||||
|
|
Loading…
Reference in a new issue