search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux multi-monitor fullscreen support
[ryzomcore.git] / nelns / login_system / www / public_html / index.php
blob03c16b07473f34d8c75fc2d7fd0e9c0d56ea3330
1 <?php
2
3 include_once('../config.php');
4 include_once('service_connection.php');
5
6 // ----------------------------------------------------------------------------------------
7 // Functions
8 // ----------------------------------------------------------------------------------------
9
10 function createSalt()
11 {
12 $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
13
14 return substr($chars, rand(0, strlen($chars)-1), 1).substr($chars, rand(0, strlen($chars)-1), 1);
15 }
16
17 // $reason contains the reason why the check failed or success
18 // return true if the check is ok
19 function checkUserValidity ($login, $password, $clientApplication, $cp, &$id, &$reason, &$priv, &$extended)
20 {
21 global $DBHost, $DBUserName, $DBPassword, $DBName, $AcceptUnknownUser;
22
23 $link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die ("Can't connect to database host:$DBHost user:$DBUserName");
24 mysql_select_db ($DBName) or die ("Can't access to the table dbname:$DBName");
25 $query = "SELECT * FROM user where Login='$login'";
26 $result = mysql_query ($query) or die ("Can't execute the query: ".$query);
27
28 if (mysql_num_rows ($result) == 0)
29 {
30 if ($AcceptUnknownUser)
31 {
32 if (!$cp)
33 {
34 // Create a crypted user/pass.
35 $password = crypt($password, createSalt());
36 }
37
38 // login doesn't exist, create it
39 $query = "INSERT INTO user (Login, Password) VALUES ('$login', '$password')";
40 $result = mysql_query ($query) or die ("Can't execute the query: ".$query);
41
42 // get the user to have his UId
43 $query = "SELECT * FROM user WHERE Login='$login'";
44 $result = mysql_query ($query) or die ("Can't execute the query: ".$query);
45
46 if (mysql_num_rows ($result) == 1)
47 {
48 $reason = "Login '".$login."' was created because it was not found in database (error code 50)";
49 $row = mysql_fetch_array ($result);
50 $id = $row["UId"];
51 $priv = $row["Privilege"];
52 $extended = $row["ExtendedPrivilege"];
53
54 // add the default permission
55 $query = "INSERT INTO permission (UId,ClientApplication) VALUES ('$id', 'snowballs')";
56 $result = mysql_query ($query) or die ("Can't execute the query: ".$query);
57
58 $res = true;
59 }
60 else
61 {
62 $reason = "Can't fetch the login '".$login."' (error code 51)";
63 $res = false;
64 }
65 }
66 else
67 {
68 $reason = "Unknown login '".$login."' (error code 52)";
69 $res = false;
70 }
71 }
72 else
73 {
74 $row = mysql_fetch_array ($result);
75 $salt = substr($row["Password"],0,2);
76 if (($cp && $row["Password"] == $password) || (!$cp && $row["Password"] == crypt($password, $salt)))
77 {
78 // check if the user can use this application
79
80 $query = "SELECT * FROM permission WHERE UId='".$row["UId"]."' AND ClientApplication='$clientApplication'";
81 $result = mysql_query ($query) or die ("Can't execute the query: ".$query);
82 if (mysql_num_rows ($result) == 0)
83 {
84 // no permission
85 $reason = "You can't use the client application '$clientApplication' (error code 53)";
86 $res = false;
87 }
88 else
89 {
90 // check if the user not already online
91
92 if ($row["State"] != "Offline")
93 {
94 $reason = "$login is already online and ";
95 // ask the LS to remove the client
96 if (disconnectClient ($row["ShardId"], $row["UId"], $tempres))
97 {
98 $reason = $reason."was just disconnected. Now you can retry the identification (error code 54)";
99
100 $query = "update shard set NbPlayers=NbPlayers-1 where ShardId=".$row["ShardId"];
101 $result = mysql_query ($query) or die ("Can't execute the query: '$query' errno:".mysql_errno().": ".mysql_error());
102
103 $query = "update user set ShardId=-1, State='Offline' where UId=".$row["UId"];
104 $result = mysql_query ($query) or die ("Can't execute the query: '$query' errno:".mysql_errno().": ".mysql_error());
105 }
106 else
107 {
108 $reason = $reason."can't be disconnected: $tempres (error code 55)";
109 }
110 $res = false;
111 }
112 else
113 {
114 $id = $row["UId"];
115 $priv = $row["Privilege"];
116 $extended = $row["ExtendedPrivilege"];
117 $res = true;
118 }
119 }
120 }
121 else
122 {
123 $reason = "Bad password (error code 56)";
124 $res = false;
125 }
126 }
127 mysql_close($link);
128 return $res;
129 }
130
131 function checkShardAccess($id, $clientApplication, $shardId)
132 {
133 global $PHP_SELF;
134 global $DBHost, $DBUserName, $DBPassword, $DBName;
135
136 $link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die ("0:Can't connect to database host:$DBHost user:$DBUserName");
137 mysql_select_db ($DBName) or die ("0:Can't access to the table dbname:$DBName");
138
139 $query = "SELECT * FROM permission WHERE UId='".$id."' AND ClientApplication='".$clientApplication."' AND (ShardId='".$shardId."' OR ShardId='-1')";;
140 $result = mysql_query ($query) or die ("0:Can't execute the query: ".$query);
141
142 if (mysql_num_rows ($result) > 0)
143 {
144 mysql_close($link);
145 return;
146 }
147 mysql_close($link);
148 die("0:Invalid shard access");
149 }
150
151 function displayAvailableShards($id, $clientApplication, $multiplePatchers)
152 {
153 global $PHP_SELF;
154 global $DBHost, $DBUserName, $DBPassword, $DBName;
155
156 $link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die ("0:Can't connect to database host:$DBHost user:$DBUserName");
157 mysql_select_db ($DBName) or die ("0:Can't access to the table dbname:$DBName");
158
159 $query = "SELECT * FROM user WHERE UId='".$id."'";
160 $result = mysql_query ($query) or die ("0:Can't execute the query: ".$query);
161
162 if ($result)
163 $uData = mysql_fetch_array($result);
164
165 if (strstr($uData['Privilege'], ':DEV:'))
166 $priv = 'dev';
167 else if (strlen($uData['Privilege']) > 0)
168 $priv = 'gm';
169 else
170 $priv = '';
171
172 $query = "SELECT * FROM shard WHERE ClientApplication='".$clientApplication."'";
173 $result = mysql_query ($query) or die ("0:Can't execute the query: ".$query);
174
175 $nbs = 0;
176 $res = "";
177 if (mysql_num_rows ($result) > 0)
178 {
179 //echo "<h1>Please, select a shard:</h1>\n";
180 while($row = mysql_fetch_array($result))
181 {
182 $query2 = "SELECT * FROM permission WHERE UId='".$id."' AND ClientApplication='".$clientApplication."' AND ShardId='".$row["ShardId"]."'";
183 $result2 = mysql_query ($query2) or die ("Can't execute the query: ".$query2);
184
185 $online = $row["Online"];
186 $uOnline = 1;
187
188 switch ($online)
189 {
190 case 0:
191 $uOnline = 0;
192 break;
193 case 1:
194 $uOnline = ($priv == 'dev' ? 1 : 2);
195 break;
196 case 2:
197 $uOnline = (($priv == 'dev' || $priv == 'gm') ? 1 : 2);
198 break;
199 default:
200 $uOnline = 1;
201 break;
202 }
203
204 // only display the shard if the user have the good application name AND access to this shard with the permission table
205 if (mysql_num_rows ($result2) > 0 && $row["ProgramName"] == $programName)
206 {
207 $nbs++;
208 $res = $res.$row["Version"]."|";
209 $res = $res.$uOnline."|";
210 $res = $res.$row["ShardId"]."|";
211 $res = $res.$row["Name"]."|";
212 $res = $res."999999|";
213 $res = $res.$row["WsAddr"]."|";
214 $res = $res.$row["PatchURL"];
215 if (strlen($row["DynPatchURL"]) > 0 && $multiplePatchers)
216 $res = $res."|".$row["DynPatchURL"];
217 $res = $res."\n";
218 }
219 }
220 }
221
222 echo "1:".$nbs."\n";
223 echo $res;
224 mysql_close($link);
225 return $res;
226 }
227
228 function askSalt($login)
229 {
230 global $PHP_SELF;
231 global $DBHost, $DBUserName, $DBPassword, $DBName, $AcceptUnknownUser;
232
233 $link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die ("0:Can't connect to database host:$DBHost user:$DBUserName");
234 mysql_select_db ($DBName) or die ("0:Can't access to the table dbname:$DBName");
235
236 $query = "SELECT Password FROM user WHERE Login='$login'";
237 $result = mysql_query ($query) or die ("0:Can't execute the query: ".$query);
238
239 if (mysql_num_rows ($result) != 1)
240 {
241 if ($AcceptUnknownUser)
242 {
243 $salt = createSalt();
244 }
245 else
246 {
247 die ("0:Unknown login $login (error code 64)");
248 }
249 }
250 else
251 {
252 $res_array = mysql_fetch_array($result);
253 $salt = substr($res_array['Password'], 0, 2);
254 }
255
256 echo "1:".$salt;
257 mysql_close($link);
258 }
259
260 // --------------------------------------------------------------------------------------
261 // main
262 // --------------------------------------------------------------------------------------
263
264 if ($_GET["cmd"] == "ask")
265 {
266 askSalt($_GET["login"]);
267 die();
268 }
269
270 // check cp is set (force bool)
271 $cp = ($_GET["cp"] == "1");
272
273 if (!checkUserValidity($_GET["login"], $_GET["password"], $_GET["clientApplication"], $cp, $id, $reason, $priv, $extended))
274 {
275 echo "0:".$reason;
276 }
277 else
278 {
279 if ($_GET["cmd"] == "login")
280 {
281 checkShardAccess($id, $_GET["clientApplication"], $_GET["shardid"]);
282
283 // user selected a shard, try to add the user to the shard
284
285 if (askClientConnection($_GET["shardid"], $id, $_GET["login"], $priv, $extended, $res, $patchURLS))
286 {
287 // access granted, send cookie and addr
288 echo "1:".$res;
289
290 // LS sent patching URLS? Add them at the end of the string
291 if (strlen($patchURLS) > 0)
292 echo ' '.$patchURLS;
293
294 /*
295 // OBSOLETE: emergency patch URI already sent at displayAvailableShards - no need to add it
296 // There is a default patching address? Add it at the end of the patching URLS
297 $query = "SELECT PatchURL FROM shard WHERE ShardId='$shardid'";
298 $result = mysql_query($query);
299 if ($result && ($array=mysql_fetch_array($result)))
300 {
301 $patchURL = $array['PatchURL'];
302 if (strlen($patchURL) > 0)
303 {
304 echo (strlen($patchURLS) > 0 ? '|' : ' ').$patchURL;
305 }
306 }
307 */
308 }
309 else
310 {
311 // access denied, display why
312 echo "0:".$res;
313 }
314 }
315 else
316 {
317 // user logged, display the available shard
318 displayAvailableShards ($id, $_GET["clientApplication"], $cp);
319 }
320 }
321 ?>