コード例 #1
0
ファイル: login.php プロジェクト: cls1991/ryzomcore 
/**
* This function is beign used to load info that's needed for the login page.
* it will try to auto-login, this can only be used while ingame, the web browser sends additional cookie information that's also stored in the open_ring db.
* We will compare the values and if they match, the user will be automatically logged in!
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function login()
{
    global $INGAME_WEBPATH;
    global $WEBPATH;
    if (helpers::check_if_game_client()) {
        //check if you are logged in ingame, this should auto login
        $result = Helpers::check_login_ingame();
        if ($result) {
            //handle successful login
            $_SESSION['user'] = $result['name'];
            $_SESSION['id'] = WebUsers::getId($result['name']);
            $_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id']));
            //go back to the index page.
            header("Cache-Control: max-age=1");
            if (Helpers::check_if_game_client()) {
                header('Location: ' . $INGAME_WEBPATH);
            } else {
                header('Location: ' . $WEBPATH);
            }
            throw new SystemExit();
        }
    }
    $pageElements['ingame_webpath'] = $INGAME_WEBPATH;
    $GETString = "";
    foreach ($_GET as $key => $value) {
        $GETString = $GETString . $key . '=' . $value . "&";
    }
    if ($GETString != "") {
        $GETString = '?' . $GETString;
    }
    $pageElements['getstring'] = $GETString;
    return $pageElements;
}
コード例 #2
0
ファイル: reset_password.php プロジェクト: cls1991/ryzomcore 
function reset_password()
{
    $email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL);
    $user = filter_var($_GET["user"], FILTER_SANITIZE_STRING);
    $key = filter_var($_GET["key"], FILTER_SANITIZE_STRING);
    $target_id = WebUsers::getId($user);
    $webUser = new WebUsers($target_id);
    if (WebUsers::getIdFromEmail($email) == $target_id && hash('sha512', $webUser->getHashedPass()) == $key) {
        //you are allowed on the page!
        $GETString = "";
        foreach ($_GET as $key => $value) {
            $GETString = $GETString . $key . '=' . $value . "&";
        }
        if ($GETString != "") {
            $GETString = '?' . $GETString;
        }
        $pageElements['getstring'] = $GETString;
        return $pageElements;
    } else {
        global $WEBPATH;
        $_SESSION['error_code'] = "403";
        header("Cache-Control: max-age=1");
        header("Location: " . $WEBPATH . "?page=error");
        throw new SystemExit();
    }
}
コード例 #3
0
/**
* This function is beign used to add a user to a support group.
* It will first check if the user who executed this function is an admin. If the user exists it will try to add it to the supportgroup, in case it's not a mod or admin it will not
* add it to the group. if the executing user is not an admin or not logged in, the page will be redirected to the error page.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function add_user_to_sgroup()
{
    global $INGAME_WEBPATH;
    global $WEBPATH;
    if (WebUsers::isLoggedIn()) {
        //check if the that executed the task is an admin.
        if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user'])) && isset($_POST['target_id'])) {
            $name = filter_var($_POST['Name'], FILTER_SANITIZE_STRING);
            $id = filter_var($_POST['target_id'], FILTER_SANITIZE_NUMBER_INT);
            $user_id = WebUsers::getId($name);
            if ($user_id != "") {
                //if the target user is a mod/admin
                if (Ticket_User::constr_ExternId($user_id)->getPermission() > 1) {
                    //add it to the support group
                    $result['RESULT_OF_ADDING'] = Support_Group::addUserToSupportGroup($user_id, $id);
                } else {
                    //return error message.
                    $result['RESULT_OF_ADDING'] = "NOT_MOD_OR_ADMIN";
                }
            } else {
                $result['RESULT_OF_ADDING'] = "USER_NOT_EXISTING";
            }
            //$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
            //$result['no_visible_elements'] = 'FALSE';
            //$result['username'] = $_SESSION['user'];
            //global $SITEBASE;
            //require_once($SITEBASE . 'inc/show_sgroup.php');
            //$result= array_merge($result, show_sgroup());
            //helpers :: loadtemplate( 'show_sgroup', $result);
            if (Helpers::check_if_game_client()) {
                header("Cache-Control: max-age=1");
                header("Location: " . $INGAME_WEBPATH . "?page=show_sgroup&id=" . $id);
            } else {
                header("Cache-Control: max-age=1");
                header("Location: " . $WEBPATH . "?page=show_sgroup&id=" . $id);
            }
            throw new SystemExit();
        } else {
            //ERROR: No access!
            $_SESSION['error_code'] = "403";
            header("Cache-Control: max-age=1");
            header("Location: index.php?page=error");
            throw new SystemExit();
        }
    } else {
        //ERROR: not logged in!
        header("Cache-Control: max-age=1");
        header("Location: index.php");
        throw new SystemExit();
    }
}
コード例 #4
0
ファイル: reset_password.php プロジェクト: cls1991/ryzomcore 
function reset_password()
{
    //filter all data
    $email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL);
    $user = filter_var($_GET["user"], FILTER_SANITIZE_STRING);
    $key = filter_var($_GET["key"], FILTER_SANITIZE_STRING);
    $password = filter_var($_POST['NewPass'], FILTER_SANITIZE_STRING);
    $confirmpass = filter_var($_POST['ConfirmNewPass'], FILTER_SANITIZE_STRING);
    $target_id = WebUsers::getId($user);
    $webUser = new WebUsers($target_id);
    if (WebUsers::getIdFromEmail($email) == $target_id && hash('sha512', $webUser->getHashedPass()) == $key) {
        $params = array('user' => $user, 'CurrentPass' => "dummy", 'NewPass' => $password, 'ConfirmNewPass' => $confirmpass, 'adminChangesOther' => true);
        $result = $webUser->check_change_password($params);
        if ($result == "success") {
            $result = array();
            $status = WebUsers::setPassword($user, $password);
            if ($status == 'ok') {
                $result['SUCCESS_PASS'] = "******";
            } else {
                if ($status == 'shardoffline') {
                    $result['SUCCESS_PASS'] = "******";
                }
            }
            $result['no_visible_elements'] = 'TRUE';
            helpers::loadtemplate('reset_success', $result);
            throw new SystemExit();
        }
        $GETString = "";
        foreach ($_GET as $key => $value) {
            $GETString = $GETString . $key . '=' . $value . "&";
        }
        if ($GETString != "") {
            $GETString = '?' . $GETString;
        }
        $result['getstring'] = $GETString;
        $result['prevNewPass'] = $password;
        $result['prevConfirmNewPass'] = $confirmpass;
        $result['no_visible_elements'] = 'TRUE';
        helpers::loadtemplate('reset_password', $result);
        throw new SystemExit();
    }
}
コード例 #5
0
ファイル: ticket_user.php プロジェクト: ryzom/ryzomcore 
 /**
  * return the TUserId of a ticket_user by giving a username.
  * @param $username the username of a user.
  * @return the TUserId related to that username.
  */
 public static function get_id_from_username($username)
 {
     $externId = WebUsers::getId($username);
     $user = Ticket_User::constr_ExternId($externId);
     return $user->getTUserId();
 }