public static function ValidateLogin(&$ErrorMessage, $SelfURL)
{
$Mode = Filter_Input(INPUT_GET, 'openid_mode', FILTER_SANITIZE_SPECIAL_CHARS);
if ($Mode === 'error') {
$ErrorMessage = Filter_Input(INPUT_GET, 'openid_error', FILTER_SANITIZE_STRING);
if (empty($ErrorMessage)) {
$ErrorMessage = 'Something went wrong.';
}
return false;
} else {
if ($Mode !== 'id_res') {
$ErrorMessage = 'Invalid OpenID mode.';
return false;
}
}
// See http://openid.net/specs/openid-authentication-2_0.html#positive_assertions
$Arguments = Filter_Input_Array(INPUT_GET, array('openid_ns' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '/^http:\\/\\/specs\\.openid\\.net\\/auth\\/2\\.0$/')), 'openid_op_endpoint' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '/^' . Preg_Quote(self::STEAM_LOGIN, '/') . '$/')), 'openid_claimed_id' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '/^https?:\\/\\/steamcommunity.com\\/openid\\/id\\/(7656119[0-9]{10})\\/?$/')), 'openid_identity' => FILTER_SANITIZE_URL, 'openid_return_to' => FILTER_SANITIZE_URL, 'openid_response_nonce' => FILTER_SANITIZE_STRING, 'openid_assoc_handle' => FILTER_SANITIZE_SPECIAL_CHARS, 'openid_signed' => FILTER_SANITIZE_SPECIAL_CHARS, 'openid_sig' => FILTER_SANITIZE_SPECIAL_CHARS));
if (!Is_Array($Arguments)) {
$ErrorMessage = 'Invalid arguments.';
return false;
} else {
if (In_Array(null || false, $Arguments)) {
$ErrorMessage = 'One of the arguments is invalid and/or missing.';
return false;
} else {
if ($Arguments['openid_claimed_id'] !== $Arguments['openid_identity']) {
$ErrorMessage = 'Claimed id must match your identity.';
return false;
} else {
if (strpos($Arguments['openid_return_to'], $SelfURL) !== 0) {
$ErrorMessage = 'Invalid return uri.';
return false;
}
}
}
}
if (Preg_Match('/^https?:\\/\\/steamcommunity.com\\/openid\\/id\\/(7656119[0-9]{10})\\/?$/', $Arguments['openid_identity'], $CommunityID) === 1) {
$CommunityID = $CommunityID[1];
} else {
$ErrorMessage = 'Failed to find your CommunityID. If this issue persists, please contact us.';
return false;
}
$Arguments['openid_mode'] = 'check_authentication';
// Add mode for verification
$c = cURL_Init();
cURL_SetOpt_Array($c, array(CURLOPT_USERAGENT => 'Steam Database Party OpenID Login', CURLOPT_RETURNTRANSFER => true, CURLOPT_URL => self::STEAM_LOGIN, CURLOPT_CONNECTTIMEOUT => 6, CURLOPT_TIMEOUT => 6, CURLOPT_POST => true, CURLOPT_POSTFIELDS => $Arguments));
$Response = cURL_Exec($c);
cURL_Close($c);
if (Preg_Match('/is_valid\\s*:\\s*true/', $Response) === 1) {
return $CommunityID;
}
// If we reach here, then it failed
$ErrorMessage = 'Failed to verify your login with Steam, it could be down. Check Steam\'s status at http://steamstat.us.';
return false;
}
private function CreateHandle($Master, $URL)
{
$Slave = cURL_Init();
$File = $URL['File'];
$Options = $this->Options;
$Options[CURLOPT_URL] = $this->GenerateURL($URL['URL']);
$this->Requests[(int) $Slave] = $File;
if ($this->UseCache) {
// If we have an ETag saved, add If-None-Match header
if (Array_Key_Exists($File, $this->ETags)) {
$Options[CURLOPT_HTTPHEADER] = array('If-None-Match: ' . $this->ETags[$File]);
} else {
if (File_Exists($File)) {
$Options[CURLOPT_HTTPHEADER] = array('If-Modified-Since: ' . GMDate('D, d M Y H:i:s \\G\\M\\T', FileMTime($File)));
}
}
}
cURL_SetOpt_Array($Slave, $Options);
cURL_Multi_Add_Handle($Master, $Slave);
return $Slave;
}
private static function CreateSlave($URL, $Timeout)
{
$Slave = cURL_Init();
cURL_SetOpt_Array($Slave, array(CURLOPT_URL => $URL, CURLOPT_USERAGENT => self::USER_AGENT, CURLOPT_HEADER => 0, CURLOPT_AUTOREFERER => 1, CURLOPT_RETURNTRANSFER => 1, CURLOPT_FOLLOWLOCATION => 0, CURLOPT_TIMEOUT => $Timeout, CURLOPT_SSL_VERIFYPEER => 1, CURLOPT_SSL_VERIFYHOST => 2));
return $Slave;
}