Exemplo n.º 1
0
 public function Authorize_h($request)
 {
     $response = [];
     $this->mundane->clear();
     if ($request['Token'] == null) {
         $this->mundane->username = $request['UserName'];
         $this->mundane->username_term = 'like';
         if ($this->mundane->find()) {
             // Harmonizes old password style with new password style
             if (Authorization::KeyExists($this->mundane->password_salt, trim($request['Password']))) {
                 Authorization::SaltPassword($this->mundane->password_salt, strtoupper(trim($request['UserName'])) . trim($request['Password']), $this->mundane->password_expires);
             }
             if (Authorization::KeyExists($this->mundane->password_salt, strtoupper(trim($request['UserName'])) . trim($request['Password']))) {
                 if ($this->mundane->penalty_box == 1) {
                     $response['Status'] = NoAuthorization();
                 } else {
                     $this->mundane->token = md5($request['Password'] . microtime());
                     $this->mundane->token_expires = date('c', time() + LOGIN_TIMEOUT);
                     $this->mundane->save();
                     $response['Status'] = Success();
                     $response['Token'] = $this->mundane->token;
                     $response['UserId'] = $this->mundane->mundane_id;
                     $response['Timeout'] = $this->mundane->token_expires;
                 }
             } else {
                 $response['Status'] = InvalidParameter(null, "Login and username could not be found.");
             }
         } else {
             $response['Status'] = InvalidParameter(null, "Login and username could not be found.");
         }
     } else {
         $this->mundane->clear();
         $this->mundane->token = $request['Token'];
         if ($this->mundane->find()) {
             if ($this->mundane->penalty_box == 1) {
                 $response['Status'] = NoAuthorization();
             } else {
                 if (strtotime($this->mundane->token_expires) > time()) {
                     $this->mundane->token = md5($this->mundane->token . microtime());
                     $this->mundane->token_expires = date('c', time() + LOGIN_TIMEOUT);
                     $this->mundane->save();
                     $response['Status'] = Success();
                     $response['Token'] = $this->mundane->token;
                     $response['UserId'] = $this->mundane->mundane_id;
                     $response['Timeout'] = $this->mundane->token_expires;
                 } else {
                     $response['Status'] = InvalidParameter(null, "Token has expired: " . strtotime($this->mundane->token_expires) . ' <= ' . time());
                     $response['Status']['Detail'] = $request['Token'];
                 }
             }
         } else {
             $response['Status'] = InvalidParameter(null, "Token could not be found.");
             $response['Status']['Detail'] = $request['Token'];
         }
     }
     return $response;
 }
Exemplo n.º 2
0
 public function UpdatePlayer($request)
 {
     logtrace("UpdatePlayer()", $request);
     $mundane = $this->player_info($request['MundaneId']);
     $requester_id = Ork3::$Lib->authorization->IsAuthorized($request['Token']);
     if (trimlen($request['UserName']) > 0) {
         $this->mundane->clear();
         $this->mundane->username = $request['UserName'];
         if ($this->mundane->find()) {
             if ($this->mundane->mundane_id != $request['MundaneId']) {
                 return InvalidParameter('This username is already in use.');
             }
         }
     }
     $notices = '';
     if (valid_id($requester_id) && Ork3::$Lib->authorization->HasAuthority($requester_id, AUTH_PARK, $mundane['ParkId'], AUTH_CREATE) || $requester_id == $request['MundaneId']) {
         if (Ork3::$Lib->authorization->HasAuthority($request['MundaneId'], AUTH_ADMIN, 0, AUTH_EDIT) && !Ork3::$Lib->authorization->HasAuthority($requester_id, AUTH_ADMIN, 0, AUTH_EDIT)) {
             die("You have attempted an illegal operation.  Your attempt has been logged.");
         }
         $this->mundane->clear();
         $this->mundane->mundane_id = $request['MundaneId'];
         if ($this->mundane->find()) {
             logtrace('Updating player', $request);
             $this->mundane->modified = date('Y-m-d H:i:s', time());
             $this->mundane->given_name = is_null($request['GivenName']) ? $this->mundane->given_name : $request['GivenName'];
             $this->mundane->surname = is_null($request['Surname']) ? $this->mundane->surname : $request['Surname'];
             $this->mundane->other_name = is_null($request['OtherName']) ? $this->mundane->other_name : $request['OtherName'];
             $this->mundane->username = is_null($request['UserName']) ? $this->mundane->username : $request['UserName'];
             $this->mundane->persona = is_null($request['Persona']) ? $this->mundane->persona : $request['Persona'];
             $this->mundane->save();
             $this->set_waiver($request);
             $this->mundane->save();
             $this->set_image($request);
             $this->mundane->save();
             logtrace("Mundane DB 1", $this->mundane);
             $this->mundane->email = is_null($request['Email']) ? $this->mundane->email : $request['Email'];
             if (trimlen($request['Password']) > 0) {
                 logtrace("Update password", $request['Password']);
                 $this->mundane->password_expires = date("Y-m-d H:i:s", time() + 60 * 60 * 24 * 365 * 2);
                 $salt = md5(rand() . microtime() . $this->mundane->email);
                 $this->mundane->password_salt = $salt;
                 Authorization::SaltPassword($salt, strtoupper(trim($this->mundane->username)) . trim($request['Password']), $this->mundane->password_expires);
             } else {
                 logtrace("No password update", $request['Password']);
             }
             logtrace("Mundane DB 2", $this->mundane);
             $this->mundane->restricted = is_null($request['Restricted']) ? $this->mundane->restricted : $request['Restricted'] ? 1 : 0;
             if (Ork3::$Lib->authorization->HasAuthority($requester_id, AUTH_PARK, $mundane['ParkId'], AUTH_CREATE)) {
                 $this->mundane->active = is_null($request['Active']) ? $this->mundane->restricted : $request['Active'] ? 1 : 0;
             }
             if (strlen($request['Heraldry'])) {
                 Ork3::$Lib->heraldry->SetPlayerHeraldry($request);
             }
             logtrace("Player Updated", array($request, $this->mundane->lastSql()));
             $this->mundane->save();
             return Success($notices);
         } else {
             logtrace('No Player found.', null);
             return InvalidParameter();
         }
     } else {
         logtrace('No Authorization found.', null);
         return NoAuthorization();
     }
 }