unset($input['password']);
}
$values = $input;
// Load the DataLayer
@(include_once 'includes/datalayer.class.php');
// Make sure the DataLayer class loaded sucessfully
if (!class_exists('DataLayer')) {
die("ERROR: Unable to load DataLayer class.\n");
}
$dl = new DataLayer($config['datalayer']);
if ($dl === false) {
die("ERROR: Unable to connect to database.\n");
}
// Prune out dead servers
bzlog('Deleting inactive servers from list', 3);
$dl->Servers_Delete_ByAge(NOW - $config['maximumServerAge']);
// Check if they are requesting a token
if (isset($values['username']) && isset($values['password'])) {
// Pull the player's information from the database
$data['player'] = $dl->Player_Fetch_ByUsername($values['username']);
// Verify that the user exists and that their password is correct
if (!$data['player'] || md5($values['password']) != $data['player']['password']) {
// If not, they do not get a token. Inform the client.
die("NOTOK: Invalid username or password.\n");
} else {
// We're done with the password, so get rid of it
unset($values['password']);
// If there is still enough time left before the token expires, give it
// back to them. Verify this is a request from the same IP.
if ($_SERVER['REMOTE_ADDR'] == $data['player']['tokenipaddress'] && !empty($data['player']['token']) && $data['player']['tokendate'] + ($config['token']['lifetime'] - $config['token']['regenerationGracePeriod']) > NOW) {
echo "TOKEN: " . $data['player']['token'] . "\n";
