public function Authorize_h($request)
{
$response = [];
$this->mundane->clear();
if ($request['Token'] == null) {
$this->mundane->username = $request['UserName'];
$this->mundane->username_term = 'like';
if ($this->mundane->find()) {
// Harmonizes old password style with new password style
if (Authorization::KeyExists($this->mundane->password_salt, trim($request['Password']))) {
Authorization::SaltPassword($this->mundane->password_salt, strtoupper(trim($request['UserName'])) . trim($request['Password']), $this->mundane->password_expires);
}
if (Authorization::KeyExists($this->mundane->password_salt, strtoupper(trim($request['UserName'])) . trim($request['Password']))) {
if ($this->mundane->penalty_box == 1) {
$response['Status'] = NoAuthorization();
} else {
$this->mundane->token = md5($request['Password'] . microtime());
$this->mundane->token_expires = date('c', time() + LOGIN_TIMEOUT);
$this->mundane->save();
$response['Status'] = Success();
$response['Token'] = $this->mundane->token;
$response['UserId'] = $this->mundane->mundane_id;
$response['Timeout'] = $this->mundane->token_expires;
}
} else {
$response['Status'] = InvalidParameter(null, "Login and username could not be found.");
}
} else {
$response['Status'] = InvalidParameter(null, "Login and username could not be found.");
}
} else {
$this->mundane->clear();
$this->mundane->token = $request['Token'];
if ($this->mundane->find()) {
if ($this->mundane->penalty_box == 1) {
$response['Status'] = NoAuthorization();
} else {
if (strtotime($this->mundane->token_expires) > time()) {
$this->mundane->token = md5($this->mundane->token . microtime());
$this->mundane->token_expires = date('c', time() + LOGIN_TIMEOUT);
$this->mundane->save();
$response['Status'] = Success();
$response['Token'] = $this->mundane->token;
$response['UserId'] = $this->mundane->mundane_id;
$response['Timeout'] = $this->mundane->token_expires;
} else {
$response['Status'] = InvalidParameter(null, "Token has expired: " . strtotime($this->mundane->token_expires) . ' <= ' . time());
$response['Status']['Detail'] = $request['Token'];
}
}
} else {
$response['Status'] = InvalidParameter(null, "Token could not be found.");
$response['Status']['Detail'] = $request['Token'];
}
}
return $response;
}
public function UpdatePlayer($request)
{
logtrace("UpdatePlayer()", $request);
$mundane = $this->player_info($request['MundaneId']);
$requester_id = Ork3::$Lib->authorization->IsAuthorized($request['Token']);
if (trimlen($request['UserName']) > 0) {
$this->mundane->clear();
$this->mundane->username = $request['UserName'];
if ($this->mundane->find()) {
if ($this->mundane->mundane_id != $request['MundaneId']) {
return InvalidParameter('This username is already in use.');
}
}
}
$notices = '';
if (valid_id($requester_id) && Ork3::$Lib->authorization->HasAuthority($requester_id, AUTH_PARK, $mundane['ParkId'], AUTH_CREATE) || $requester_id == $request['MundaneId']) {
if (Ork3::$Lib->authorization->HasAuthority($request['MundaneId'], AUTH_ADMIN, 0, AUTH_EDIT) && !Ork3::$Lib->authorization->HasAuthority($requester_id, AUTH_ADMIN, 0, AUTH_EDIT)) {
die("You have attempted an illegal operation. Your attempt has been logged.");
}
$this->mundane->clear();
$this->mundane->mundane_id = $request['MundaneId'];
if ($this->mundane->find()) {
logtrace('Updating player', $request);
$this->mundane->modified = date('Y-m-d H:i:s', time());
$this->mundane->given_name = is_null($request['GivenName']) ? $this->mundane->given_name : $request['GivenName'];
$this->mundane->surname = is_null($request['Surname']) ? $this->mundane->surname : $request['Surname'];
$this->mundane->other_name = is_null($request['OtherName']) ? $this->mundane->other_name : $request['OtherName'];
$this->mundane->username = is_null($request['UserName']) ? $this->mundane->username : $request['UserName'];
$this->mundane->persona = is_null($request['Persona']) ? $this->mundane->persona : $request['Persona'];
$this->mundane->save();
$this->set_waiver($request);
$this->mundane->save();
$this->set_image($request);
$this->mundane->save();
logtrace("Mundane DB 1", $this->mundane);
$this->mundane->email = is_null($request['Email']) ? $this->mundane->email : $request['Email'];
if (trimlen($request['Password']) > 0) {
logtrace("Update password", $request['Password']);
$this->mundane->password_expires = date("Y-m-d H:i:s", time() + 60 * 60 * 24 * 365 * 2);
$salt = md5(rand() . microtime() . $this->mundane->email);
$this->mundane->password_salt = $salt;
Authorization::SaltPassword($salt, strtoupper(trim($this->mundane->username)) . trim($request['Password']), $this->mundane->password_expires);
} else {
logtrace("No password update", $request['Password']);
}
logtrace("Mundane DB 2", $this->mundane);
$this->mundane->restricted = is_null($request['Restricted']) ? $this->mundane->restricted : $request['Restricted'] ? 1 : 0;
if (Ork3::$Lib->authorization->HasAuthority($requester_id, AUTH_PARK, $mundane['ParkId'], AUTH_CREATE)) {
$this->mundane->active = is_null($request['Active']) ? $this->mundane->restricted : $request['Active'] ? 1 : 0;
}
if (strlen($request['Heraldry'])) {
Ork3::$Lib->heraldry->SetPlayerHeraldry($request);
}
logtrace("Player Updated", array($request, $this->mundane->lastSql()));
$this->mundane->save();
return Success($notices);
} else {
logtrace('No Player found.', null);
return InvalidParameter();
}
} else {
logtrace('No Authorization found.', null);
return NoAuthorization();
}
}