web/public_php/api/server/hmagic.php

   1 <?php
   2
   3 /* Copyright (C) 2012 Winch Gate Property Limited
   4  *
   5  * This file is part of ryzom_app.
   6  * ryzom_api is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU Lesser General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * ryzom_api is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with ryzom_api.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 /***
  21  * List of web egs commands
  22  *
  23  *  - give_item sheet quality quantity inventory
  24  *  - recv_item sheet quality quantity inventory
  25  *  - check_item sheet quality quantity inventory
  26  *  - check_position min_x min_y max_x max_y
  27  *  - check_fame faction_name "below"|"above" value
  28  *  - check_target "sheet"|"bot_name"|"player_name" name
  29  *  - check_brick brick_name
  30  *  - set_brick "add"|"del" brick_name
  31  *  - check_outpost name "attacker"|"defender"|"attack"|"defend" (attacker/defender : check if guild of player is attacker/defender, attack/defend : check if OP is in state atttack/defend)
  32  *  - create_group number sheet [ dispersion "self"|"random"|orientation bot_name x y ]
  33  *  - group_script bot_name command1 [ command2 ... ]
  34  *  - change_vpx player_name property value
  35  *  - set_title title
  36  *
  37  ***/
  38
  39 include_once(RYAPI_PATH.'/common/dfm.php');
  40
  41 class ryHmagic {
  42
  43         function __construct() {
  44                 $this->dfm = new ryDataFileManager(_user()->id);
  45         }
  46
  47         function getWebCommand($web_app_url, $command, $is_next=false, $need_callback=false, $old_sep=false, $replace_space=true) {
  48                 $command = str_replace('#player', ryzom_get_param('player_eid'), $command);
  49                 if ($replace_space)
  50                         $command = str_replace(' ', chr(160), $command);
  51
  52                 $last_connected_date = strtotime($_SESSION['last_played_date']);
  53                 $index_infos = $this->dfm->loadUserDataFromApp('hmagic.index', 'app_profile');
  54                 if ($index_infos == null) {
  55                         $index_infos['last_played_date'] = $last_connected_date;
  56                         $index_infos['time'] = array();
  57                         $index_infos['index'] = 0;
  58                 }
  59
  60                 if ($index_infos['last_played_date'] != $last_connected_date) {
  61                         $index_infos['last_played_date'] = $last_connected_date;
  62                         $index_infos['time'] = array();
  63                         $index_infos['index'] = 0;
  64                 }
  65                 if (!is_array($index_infos['time']))
  66                         $index_infos['time'] = array();
  67
  68                 $index_infos['index']++;
  69                 $index_infos['time'][strval($index_infos['index'])] = strval($index_infos['index']).'_'.strval(time());
  70                 $index_infos['url'][strval($index_infos['index'])] = $web_app_url;
  71                 $tid = 'tid='.$index_infos['time'][strval($index_infos['index'])];
  72                 $this->dfm->saveUserDataFromApp('hmagic.index', 'app_profile', $index_infos);
  73                 $eid = ryzom_get_param('datasetid');
  74                 $checksum = $web_app_url.'&'.$tid . $last_connected_date . $index_infos['index'] . $command . $eid;
  75                 $hmac =  strtoupper(hash_hmac('sha1', $checksum, RYAPI_EGS_SALT));
  76                 return '        local command = \''.str_replace("'", '\\\'',str_replace('&', '&amp;', $command)).'\''."\n\t".
  77                 (RYAPI_HMAGIC_DEBUG?'runCommand("a","webExecCommand","debug", "1", command, "hmac", "2","'.($is_next?'1':'0').'","'.($need_callback?'1':'0').'")':'runCommand("a","webExecCommand","'.str_replace('&', '&amp;', $web_app_url).'&amp;'.$tid.'","'.$index_infos['index'].'",command,"'.$hmac.'","'.($old_sep?'1':'3').'","'.($is_next?'1':'0').'","'.($need_callback?'1':'0').'")');
  78         }
  79
  80         function validateCallback() {
  81                 $index_infos = $this->dfm->loadUserDataFromApp('hmagic.index', 'app_profile');
  82                 $playerEid = ryzom_get_param('player_eid');
  83                 $event = ryzom_get_param('event');
  84                 $desc_error = ryzom_get_param('desc');
  85                 $desc = '';
  86                 if ($desc_error)
  87                         $desc = '&desc='.$desc_error;
  88                 list($index, $tid) = explode('_', ryzom_get_param('tid'));
  89                 $web_app_url = $index_infos['url'][$index];
  90
  91                 if ($index.'_'.$tid != $index_infos['time'][$index])
  92                         return false;
  93                 $trans_id = '';
  94                 if ($tid)
  95                         $trans_id = '&tid='.$index.'_'.$tid;
  96                 $hmac = ryzom_get_param('hmac');
  97                 $checksum = $web_app_url.$trans_id.'&player_eid='.$playerEid.'&event='.$event.$desc;
  98                 $real_hmac = strtoupper(hash_hmac('sha1', $checksum, RYAPI_EGS_SALT));
  99                 if ($real_hmac != $hmac)
 100                         return false;
 101                 else
 102                         return true;
 103         }
 104 }
 105
 106 ?>