function ryzom_authenticate_with_char_and_password($character, $password, &$cid) { $db = new ServerDatabase(RYAPI_NELDB_HOST, RYAPI_NELDB_LOGIN, RYAPI_NELDB_PASS, RYAPI_NELDB_RING); $char = $db->escape_string($character); $sql = "SELECT char_id, char_name, user_id, home_mainland_session_id FROM characters WHERE char_name = '{$char}'"; $row = $db->query_single_row($sql); $character = $row['char_name']; $cid = $row['char_id']; $uid = $row['user_id']; $db->select_db('nel'); $sql = "SELECT Password FROM user WHERE UId = {$uid}"; $row = $db->query_single_row($sql); $ok = $row['Password'] == crypt($password, $row['Password']); return $ok; }
function replaceBook(Book $newBook) { $db = new ServerDatabase(); $db->newQuery("UPDATE book SET author='%2', title='%3', image='%4', category=%5 WHERE id=%1"); $db->addParameter($newBook->id); $db->addParameter($newBook->author); $db->addParameter($newBook->title); $db->addParameter($newBook->image); $db->addParameter($newBook->category); $db->execute(); return $db->getRowsAffected() > 0; }
function ryzom_authenticate_with_char_and_password($character, $password, &$cid) { $db = new ServerDatabase(RYAPI_NELDB_HOST, RYAPI_NELDB_LOGIN, RYAPI_NELDB_PASS, RYAPI_NELDB_RING); $char = $db->escape_string($character); $schar = explode('@', $char); $_SESSION['dev_shard'] = 0; if (count($schar) == 2 && $schar[1] == RYAPI_DEV_SHARD) { $_SESSION['dev_shard'] = 1; $char = $schar[0]; $db = new ServerDatabase(RYAPI_NELDB_HOST, RYAPI_NELDB_LOGIN, RYAPI_NELDB_PASS, RYAPI_NELDB_RING_DEV); } $sql = "SELECT char_id, char_name, user_id, home_mainland_session_id FROM characters WHERE char_name = '{$char}'"; $row = $db->query_single_row($sql); $character = $row['char_name']; $cid = $row['char_id']; $uid = $row['user_id']; $db->select_db('nel'); $sql = "SELECT Password FROM user WHERE UId = {$uid}"; $row = $db->query_single_row($sql); $ok = $row['Password'] == crypt($password, $row['Password']); return $ok; }
function ryzom_user_get_info($cid, $webprivs = false, $player_stats = false) { // User information global $_RYZOM_API_CONFIG; if (isset($_SESSION['dev_shard']) && $_SESSION['dev_shard']) { $db = new ServerDatabase(RYAPI_NELDB_HOST, RYAPI_NELDB_LOGIN, RYAPI_NELDB_PASS, RYAPI_NELDB_RING_DEV); } else { $db = new ServerDatabase(RYAPI_NELDB_HOST, RYAPI_NELDB_LOGIN, RYAPI_NELDB_PASS, RYAPI_NELDB_RING); } $sql = "SELECT char_name, race, civilisation, cult, guild_id, creation_date, last_played_date FROM characters WHERE char_id = {$cid}"; $result = $db->query($sql) or die('Could not query on ryzom_user_get_info'); $found = $db->num_rows($result) >= 1; if (!$found) { return array('char_name' => _t('guest'), 'cid' => $cid, 'ERROR' => 'unknown_user', 'groups' => array('GUEST')); } $row = $db->fetch_assoc($result); $db->free_result($result); if ($row) { $row['race'] = substr($row['race'], 2); $row['cult'] = substr($row['cult'], 2); $row['civ'] = substr($row['civilisation'], 2); if ($row['guild_id'] != '0') { $xml = @simplexml_load_file(ryzom_guild($row['guild_id'], false)); // $xml = false; if ($xml !== false) { $row['guild_icon'] = (string) $xml->icon; $row['guild_name'] = (string) $xml->name; $result = $xml->xpath("/guild/members/member[cid={$cid}]"); while (list(, $item) = each($result)) { $row['grade'] = (string) $item->grade; } } else { $row['guild_name'] = 'UNKNOWN_GUILD_' . $row['guild_id']; // Unknow name (normal in yubo shard) } } } $uid = intval($cid / 16); $db = new ServerDatabase(RYAPI_NELDB_HOST, RYAPI_NELDB_LOGIN, RYAPI_NELDB_PASS, RYAPI_NELDB_NEL); $sql = "SELECT Privilege FROM user WHERE UId = {$uid}"; $result = $db->query($sql) or die("Could not query."); $priv_row = $db->fetch_row($result, MYSQLI_NUM); $priv = $priv_row[0]; $db->free_result($result); $groups = array(); $row['uid'] = $uid; $row['cid'] = $cid; $row['slot'] = $cid % 16; if (strpos($priv, ':DEV:') !== false) { $groups[] = 'DEV'; $groups[] = 'SGM'; $groups[] = 'GM'; $groups[] = 'EM'; $groups[] = 'EG'; $groups[] = 'VG'; $groups[] = 'G'; } if (strpos($priv, ':SGM:') !== false) { $groups[] = 'SGM'; $groups[] = 'GM'; $groups[] = 'VG'; $groups[] = 'G'; } if (strpos($priv, ':GM:') !== false) { $groups[] = 'GM'; $groups[] = 'VG'; $groups[] = 'G'; } if (strpos($priv, ':VG:') !== false) { $groups[] = 'VG'; $groups[] = 'G'; } if (strpos($priv, ':G:') !== false) { $groups[] = 'G'; } if (strpos($priv, ':SEM:') !== false) { $groups[] = 'SEM'; $groups[] = 'EM'; $groups[] = 'EG'; } if (strpos($priv, ':EM:') !== false) { $groups[] = 'EM'; $groups[] = 'EG'; } if (strpos($priv, ':EG:') !== false) { $groups[] = 'EG'; } $groups[] = 'PLAYER'; if (isset($_SESSION['dev_shard']) && $_SESSION['dev_shard']) { $groups[] = 'DEV_SHARD'; } if ($webprivs) { $db = new ServerDatabase(RYAPI_WEBDB_HOST, RYAPI_WEBDB_LOGIN, RYAPI_WEBDB_PASS, 'webig'); $sql = 'SELECT web_privs FROM accounts WHERE uid = ' . intval($cid / 16); $result = $db->query($sql) or die("Could not query." . $db->get_error()); if ($result->num_rows == 0) { $db->query('INSERT INTO accounts (`uid`, `web_privs`) VALUES (' . intval($cid / 16) . ', \'\')') or die("Could not query." . $db->get_error()); } $priv_row = $db->fetch_row($result, MYSQLI_NUM); $privs = $priv_row[0]; $db->free_result($result); $groups = array_merge($groups, explode(':', $privs)); } if ($player_stats) { include_once RYAPI_PATH . 'server/player_stats.php'; $row['fames'] = ryzom_player_fames_array($cid); } $row['groups'] = $groups; return $row; }
function emptyBasket($sessionId, $db = null) { if (!$db) { $db = new ServerDatabase(); } try { $db->newQuery("DELETE FROM basket WHERE session = '%1'"); $db->addParameter($sessionId); $db->execute(); return true; } catch (Exception $e) { return false; } }
<?php /* ** Создание БД */ require "server.classes.php"; define("USER_DB", "users.db"); if (file_exists(USER_DB)) { unlink(USER_DB); } $db = new ServerDatabase(USER_DB); $db->newQuery("CREATE TABLE user\n\t\t(\n\t\t\tname \t\t\tTEXT,\t\t-- Имя пользователя\n\t\t\temail \t\t\tTEXT,\t\t-- E-mail/логин пользователя\n\t\t\tpassword \t\tTEXT, \t\t-- Хеш пароля пользователя\n\t\t\tsalt \t\t\tTEXT,\t\t-- Соль (энтропия) хеширования пароля\n\t\t\titerationCount\tNUMERIC, \t-- Число итераций засоливания\n\t\t\tPRIMARY KEY (email)\t\t\t-- Первичный ключ - это E-mail пользователя\n\t\t)"); $db->execute(); $db->newQuery("CREATE INDEX ixUserName ON user (name)"); $db->execute(); // Создание пользователей createUser(new User("Вася Пупкин", "*****@*****.**", "password")); createUser(new User("Федя Сумкин", "*****@*****.**", "password")); createUser(new User("Маша Морковкина", "*****@*****.**", "password")); echo "<h2>База данных создана!</h2>"; // Функция добавления пользователя в БД function createUser($user) { global $db; $user->setPassword($user->password); $db->newQuery("INSERT INTO user (name, email, password, salt, iterationCount) VALUES ('%1', '%2', '%3', '%4', %5)"); $db->addParameter($user->name); $db->addParameter($user->email); $db->addParameter($user->password); $db->addParameter($user->dbEntropy->salt); $db->addParameter($user->dbEntropy->iterationCount);
static function updateDatabaseStruct($defs) { if (file_exists(RYAPP_PATH . 'database.versions')) { $versions = unserialize(file_get_contents(RYAPP_PATH . 'database.versions')); } else { $versions = array(); } $c = "Updating DB Structure...\n"; foreach ($defs as $dbname => $tables) { $db = new ServerDatabase(RYAPI_WEBDB_HOST, RYAPI_WEBDB_LOGIN, RYAPI_WEBDB_PASS, $dbname); $db->query("SET NAMES utf8"); $c .= "\n\tSelected DB '{$dbname}'\n"; foreach ($tables as $table => $sql) { $version = count($sql); if (array_key_exists($table, $versions)) { $diff = $version - $versions[$table]; } else { $versions[$table] = 0; $diff = $version; } $c .= "\t\tTable '{$table}' need v{$version} (current v" . strval($versions[$table] . ') => '); if ($diff > 0) { $sql_to_run = array_slice($sql, $versions[$table], $diff); foreach ($sql_to_run as $sql_run) { if ($sql_run) { $c .= "Run sql... "; $result = $db->query($sql_run); } else { $c .= "KO!!!"; } } if ($result) { $c .= "OK"; $versions[$table] = $version; } } else { $c .= "OK"; } $c .= "\n"; } $c .= "\n"; $db->close(); } file_put_contents(RYAPP_PATH . 'database.versions', serialize($versions)); return '<pre>' . $c . '<pre>'; }
/* ** Сервер авторизации пользователя */ require 'server.classes.php'; // Объект пользователя $user = new User(); // Читаем данные, переданные в POST $rawPost = file_get_contents('php://input'); // Если данные были переданы... if ($rawPost) { // Десериализация пакета JSON $userInfo = json_decode($rawPost); // Если email указан - находим пользователя в БД if ($userInfo->email) { $db = new ServerDatabase(); $db->newQuery("SELECT name, email, password, salt, iterationCount FROM user WHERE email = '%1'"); $db->addParameter($userInfo->email); $result = $db->execute(true); // Если пользователь найден - заполним его данные... if (count($result) > 0) { $user->fillFromArray($result[0]); } // Если пароль указан - проверяем его if ($userInfo->password) { // Восстанавливаем энтропию, которая использовалась при передаче $user->transferEntropy = new Entropy($userInfo->transferEntropy->salt, $userInfo->transferEntropy->iterationCount); // Если пароль указан неверно - стираем данные if (!$user->isValidPassword($userInfo->password)) { $user->name = ""; }