function show_registration($Db)
{
// show a login form.
$username = "";
$email = "";
if (isset($_GET['usid'])) {
$userid = trim($_GET['usid']);
}
if (isset($_GET['apik'])) {
$apikey = trim($_GET['apik']);
}
if (isset($_GET['key'])) {
$short_api_key = trim($_GET['key']);
}
if (!isset($userid) && isset($_COOKIE["api"]) && $_COOKIE["api"] != "") {
$login = explode(',', $_COOKIE["api"]);
if ($login[0] == "api") {
$userid = trim($login[1]);
$apikey = trim($login[2]);
} else {
$short_api_key = trim($login[1]);
}
}
if (isset($short_api_key)) {
$ret = retrieve_api_key($Db->link, $short_api_key);
if ($ret != null) {
$userid = $ret["usid"];
$apikey = $ret["apik"];
}
}
$extra = "";
$apiinfo = "";
if (isset($userid) && isset($apikey)) {
$apiinfo = get_key_info($Db, $userid, $apikey);
}
if ($apiinfo != "") {
$extra = <<<EOD
<input type="checkbox" name="import" value="1" checked> Import the {$apiinfo}
<input type="hidden" name="usid" value="{$userid}">
<input type="hidden" name="apik" value="{$apikey}">
EOD;
}
if (isset($_POST['username'])) {
$username = $_POST['username'];
}
if (isset($_POST['email'])) {
$email = $_POST['email'];
}
return <<<EOD
<h3>Register</h3>
<form action="login.php?register=1" method="post">
<table>
<tr><td>User</td><td><input type="Text" name='username' id='username' value='{$username}'></td></tr>
<tr><td>Pass</td><td><input type="password" name='password' id='password'></td></tr>
<tr><td>Verify</td><td><input type="password" name='password2' id='password2'></td></tr>
<tr><td>Email</td><td><input type="Text" name='email' id='email' value='{$email}'></td></tr>
</table>
{$extra}
<br>
<input type="submit" value="Register">
</form>
<a class="smalllink" href="login.php" onclick="if(!hide_div('register')&&!show_div('login'))return false;">[login]</a>
EOD;
}
function make_short_key($link, $usid, $apik, $char = null, $chid = null)
{
$key = hash('md5', $char . $chid . $usid);
if (!$chid) {
$chid = "null";
} else {
$chid = "'" . mysql_real_escape_string($chid) . "'";
}
if (retrieve_api_key($link, $key) == null) {
$sql = "INSERT INTO " . DB_PREFIX . API_TABLE . " (keyv, chara, chid, usid, apik) " . "VALUES('{$key}','" . mysql_real_escape_string($char) . "',{$chid},'" . mysql_real_escape_string($usid) . "','" . mysql_real_escape_string($apik) . "')";
$result = mysql_query($sql, $link);
if (mysql_error()) {
echo "QUERY: '{$sql}'\n\n" . mysql_error() . "\n\nBacktrace:\n";
debug_print_backtrace();
exit;
}
if ($result) {
return $key;
}
} else {
mysql_query("UPDATE " . DB_PREFIX . API_TABLE . " SET apik='" . mysql_real_escape_string($apik) . "' WHERE keyv='{$key}'", $link);
return $key;
}
return null;
}
public function skills()
{
//print_r($dB);
$sql = getenv('DB_HOST');
$sql_u = getenv('DB_USERNAME');
$sql_p = getenv('DB_PASSWORD');
$db = getenv('DB_DATABASE');
$Db = new eveApi\eveDb($sql, $sql_u, $sql_p, $db);
$userid = 4526453;
$apikey = "REcp21O2Djg2uSfv5ioLLpGuJyeVh4rxrd3sdk8V1TDGRpNSuzXTAk67gsoGh6MJ";
$chid = 93501378;
$charSelect = true;
//$charSelect = false;
//require_once("login.php");
$_SESSION['redirect'] = "index.php";
$cookielogin = false;
if (isset($_GET['newapi'])) {
clear_api_cookie();
}
// load variables n such - defined here temporary before being set to constants later on
if (isset($_GET['usid'])) {
$userid = trim($_GET['usid']);
}
if (isset($_GET['apik'])) {
$apikey = trim($_GET['apik']);
}
if (isset($_GET['chid'])) {
$chid = trim($_GET['chid']);
}
if (isset($_GET['key'])) {
$short_api_key = trim($_GET['key']);
}
/*if (!login_load_creds($Db, (isset($userid) && isset($apikey) || isset($short_api_key)))) {
// handle cookie stuff
if (isset($_COOKIE["api"]) && ($_COOKIE["api"] != "") && !isset($userid) && !isset($short_api_key)) { // if a cookie was present, and we were not passed args via get, try to use what is in the cookie
$login = explode(',',$_COOKIE["api"]);
$cookielogin = true;
if ($login[0] == "api") {
$userid = trim($login[1]);
$apikey = trim($login[2]);
if (count($login) > 3)
$chid = trim($login[3]);
} else
$short_api_key = trim($login[1]);
$_GET['save'] = "1";
}
} else
$_GET['save'] = "1";*/
if (isset($short_api_key)) {
// get stored apikey
$charSelect = false;
$ret = retrieve_api_key($Db->link, $short_api_key);
if ($ret != null) {
$chid = $ret["chid"];
$userid = $ret["usid"];
$apikey = $ret["apik"];
} else {
unset($short_api_key);
// invalid key
$cookielogin = false;
}
}
if (!isset($chid) && isset($_GET['chid'])) {
$chid = trim($_GET['chid']);
$charSelect = true;
}
define("COOKIE_LOGIN", $cookielogin);
if ((!isset($apikey) || !isset($userid)) && !isset($short_api_key)) {
$info = "";
if (isset($_GET['fittingid'])) {
$result = mysql_query("SELECT * FROM " . DB_PREFIX . FITTINGS_TABLE . " WHERE keyv=\"" . mysql_real_escape_string($_GET['fittingid']) . "\"", $Db->link);
if ($result != false && mysql_num_rows($result) > 0) {
// yay! got a cached value
$row = mysql_fetch_assoc($result);
mysql_free_result($result);
$info = "Your ability to use the fitting '{$row['name']}' ({$row['ship']}) will be shown after you log in.";
}
$Db->close();
}
api_input($info);
// die
}
define("USER_ID", $userid);
define("API_KEY", isset($_GET['oldkey']) && $_GET['oldkey'] == "1" ? "old_{$apikey}" : $apikey);
$multiplechars = false;
if (strpos(API_KEY, "old_") === 0) {
// old api key, must load characters and other horseshit
$keyinfo = 1;
$chars = $Db->fetchApiChars(USER_ID, API_KEY);
if (!$chars) {
fatal_error("Unable to load API. Verify the key is correct and not expired.");
}
$keys = array_keys($chars);
define("KEY_MASK", isFullApi($Db->link, $keys[0], USER_ID, API_KEY) ? 268435455 : 8);
$multiplechars = count($chars) > 1;
if (!$multiplechars) {
$chid = $keys[0];
}
if (isset($chid)) {
foreach ($chars as $ch_id => $char) {
if ($ch_id == $chid) {
define("CHAR_NAME", $char["name"]);
}
}
if (!defined("CHAR_NAME")) {
fatal_error("The character ID was not found on this account.");
}
}
define("CORP_MODE", false);
define("KEY_TYPE", "Account");
} else {
// modern fancy ass keys ////////////////////////
$keyInfo = eveApi\cache_api_retrieve($Db->link, "/account/APIKeyInfo.xml.aspx", array("keyID" => USER_ID, "vCode" => API_KEY), 5 * 60)->value;
if ($keyInfo->error) {
fatal_error("Unable to load API. Verify the key is correct and not expired.");
}
define("KEY_MASK", (double) $keyInfo->result->key["accessMask"]);
$multiplechars = count($keyInfo->result->key->rowset->row) > 1;
if (!$multiplechars) {
$chid = (string) $keyInfo->result->key->rowset->row[0]["characterID"];
}
if (isset($chid)) {
$char = $keyInfo->api->xpath("//row[@characterID='{$chid}']");
if (count($char) == 0) {
fatal_error("The character ID was not found on this account.");
}
define("CHAR_NAME", (string) $char[0]["characterName"]);
}
define("KEY_TYPE", (string) $keyInfo->result->key["type"]);
if (KEY_TYPE == "Corporation") {
define("CORP_MODE", true);
define("CORP_ID", (string) $keyInfo->result->key->rowset->row[0]["corporationID"]);
define("CORP_NAME", (string) $keyInfo->result->key->rowset->row[0]["corporationName"]);
$multiplechars = false;
} else {
define("CORP_MODE", false);
}
}
if (isset($short_api_key) && $charSelect) {
$urlAuthInfo = "key={$short_api_key}&chid={$chid}";
} elseif (isset($short_api_key) && !$charSelect) {
$urlAuthInfo = "key={$short_api_key}";
} else {
$urlAuthInfo = (isset($chid) ? "chid={$chid}&" : "") . "usid=" . USER_ID . "&apik=" . API_KEY;
}
define("FULL_URL", "?" . $urlAuthInfo . (isset($_GET['save']) && $_GET['save'] == "1" ? "&save=1" : ""));
/* . ((!isset($_GET['view']) && isset($_GET['fittingid'])) ? "&fittingid=$_GET[fittingid]" : "")*/
if ($multiplechars && !isset($chid)) {
// must resolve a character id
if (!isset($chars)) {
$chars = $Db->fetchApiChars(USER_ID, API_KEY);
}
character_select($Db, $chars);
}
define("CHAR_ID", $chid);
define("USER_NAME", CORP_MODE ? CORP_NAME : CHAR_NAME);
// set to corp name or char name depending on key type
if (!CORP_MODE && isset($_GET['save']) && $_GET['save'] == "1") {
// save api key into a cookie if present
if (isset($short_api_key)) {
$auth = "key,{$short_api_key}";
} else {
$auth = "api," . USER_ID . "," . API_KEY . "," . CHAR_ID;
}
setcookie("api", $auth, time() + 60 * 60 * 24 * 30);
}
// load pages into registered_pages (all pages),eligible_pages (supported by key type),enabled_pages
require_once "audit.pages.php";
if (isset($_GET['makeshorturl'])) {
$key = make_short_key($Db->link, USER_ID, API_KEY, CHAR_NAME, CHAR_ID);
if ($key) {
header("Location: " . SELF_URL . "key={$key}" . (isset($_GET['view']) ? "&view=" . $_GET['view'] : ""));
die("<html><body><a href=\"" . SELF_URL . "key={$key}" . (isset($_GET['view']) ? "&view=" . $_GET['view'] : "") . "\">Click here to continue.</a><body></html>");
} else {
fatal_error("Unable to create key.", "Please try again later.", true);
}
}
$infobar = "<span class=\"infobar\">< ";
$getpage = "none";
if (isset($_GET['view'])) {
$getpage = trim($_GET['view']);
if (!isset($eligible_pages[$getpage])) {
$getpage = "none";
}
}
foreach ($eligible_pages as $name => $page) {
if (isset($enabled_pages[$name])) {
if ($getpage == "none") {
$getpage = $name;
}
if ($name != $getpage) {
$infobar .= "<a href=\"" . FULL_URL . "&view={$name}\">{$name}</a>";
} else {
$infobar .= "<span class=\"current_page\">{$name}</span>";
}
} else {
$infobar .= "<span class=\"disabled_page\">{$name}</span>";
}
$infobar .= " ";
}
if ($getpage == "none") {
fatal_error("This API has no pages that the Jackknife can display.");
}
define("PAGE_VIEW", $getpage);
$infobar .= "| ";
$infobar .= "<a href=\"" . SELF_URL . "newapi\">new api</a> ";
if ($multiplechars && $charSelect) {
if (isset($short_api_key)) {
$infobar .= "<a href=\"" . SELF_URL . "key={$short_api_key}\">char select</a> ";
} else {
$infobar .= "<a href=\"" . SELF_URL . "usid=" . USER_ID . "&apik=" . API_KEY . (isset($_GET['save']) && $_GET['save'] == "1" ? "&save=1" : "") . "\">char select</a> ";
}
}
if (!isset($short_api_key)) {
$infobar .= "<a href=\"" . FULL_URL . "&makeshorturl&view=" . PAGE_VIEW . "\">short url</a> ";
}
//$infobar.="| ".get_loginbar().get_api_bar();
$infobar .= "> <b>" . strtoupper(KEY_TYPE);
$infobar .= "</b></span>";
//$infobar .=get_form_divs();
//////// FINAL OUTPUT
if (PAGE_VIEW == "onepage") {
insert_header("Ataglance for " . USER_NAME);
echo $infobar . "<br>";
$next = 1;
$time_start2 = microtime_float();
foreach ($enabled_pages as $name => $page) {
if ($page == "onepage") {
continue;
}
$error = !$page->GetOutput($Db);
if ($error) {
//fatal_error("API: " . $page->Output);
} else {
echo "<br>";
echo "<a name=\"s" . ($next - 1) . "\"></a>";
echo "<span style=\"font-size: 70%\"><a href=\"#s{$next}\">skip to next section</a></span><br>";
$next++;
echo "<h2>" . ucfirst($name) . "</h2>";
if ($page->Header != "") {
echo $page->Header . "<br>";
}
echo $page->Output . "<hr>";
}
}
echo "<a name=\"s" . ($next - 1) . "\"></a>";
$time_end2 = microtime_float();
$time_exec = $time_end2 - $time_start2;
echo "<br><span style=\"font-size:80%;\"><a href=\"#top\">top</a></span><br>\n";
echo "<span style=\"font-size:80%;\">";
if ($Db->queries != 0) {
echo "\n" . $Db->queries . " queries<br>";
}
echo "exec time: {$time_exec} s<br>";
echo "</span>";
echo "</body></html>";
} else {
$page = $eligible_pages[PAGE_VIEW];
$error = "";
print_r($page->GetOutput($Db));
exit;
$error = !$page->GetOutput($Db);
echo $infobar . "<br>";
if ($error) {
fatal_error("API: " . $page->Output, "", true);
} else {
$page->SetHeaders();
insert_header($page->Title);
if ($page->Updated) {
echo "<span class=\"updated_text\">" . $page->Updated . "</span><br>";
}
if ($page->Header != "") {
echo $page->Header . "<br>";
} else {
echo "<span style=\"font-size:450%\">" . USER_NAME . "</span><br>";
}
echo $page->Output . "<br>";
echo $page->Times . "<br>";
echo "</body></html>";
}
}
//print_r($chars);
echo "FInal";
}
$apikey = trim($login[2]);
if (count($login) > 3) {
$chid = trim($login[3]);
}
} else {
$short_api_key = trim($login[1]);
}
$_GET['save'] = "1";
}
} else {
$_GET['save'] = "1";
}
if (isset($short_api_key)) {
// get stored apikey
$charSelect = false;
$ret = retrieve_api_key($Db, $short_api_key);
if ($ret != null) {
$chid = $ret["chid"];
$userid = $ret["usid"];
$apikey = $ret["apik"];
} else {
unset($short_api_key);
// invalid key
$cookielogin = false;
}
}
if (!isset($chid) && isset($_GET['chid'])) {
$chid = trim($_GET['chid']);
$charSelect = true;
}
define("COOKIE_LOGIN", $cookielogin);
$apikey = trim($login[2]);
if (count($login) > 3) {
$chid = trim($login[3]);
}
} else {
$short_api_key = trim($login[1]);
}
$_GET['save'] = "1";
}
} else {
$_GET['save'] = "1";
}
if (isset($short_api_key)) {
// get stored apikey
$charSelect = false;
$ret = retrieve_api_key($Db->link, $short_api_key);
if ($ret != null) {
$chid = $ret["chid"];
$userid = $ret["usid"];
$apikey = $ret["apik"];
} else {
unset($short_api_key);
// invalid key
$cookielogin = false;
}
}
if (!isset($chid) && isset($_GET['chid'])) {
$chid = trim($_GET['chid']);
$charSelect = true;
}
define("COOKIE_LOGIN", $cookielogin);
function make_short_key($Db, $usid, $apik, $char = null, $chid = null)
{
$key = hash('md5', $char . $chid . $usid);
if (retrieve_api_key($Db, $key) == null) {
// $sql= "INSERT INTO ".DB_PREFIX.API_TABLE." (keyv, chara, chid, usid, apik) ".
// "VALUES('$key','".$link->real_escape_string($char)."',$chid,'".$link->real_escape_string($usid)."','".$link->real_escape_string($apik)."')";
// $result = $link->query($sql);
$result = $Db->insert(API_TABLE, ['keyv' => $key, 'chara' => $char, 'chid' => $chid, 'usid' => $usid, 'apik' => $apik]);
if ($result) {
return $key;
}
} else {
$Db->update(API_TABLE, ['keyv' => $key], ['apik' => $apik]);
//$link->query("UPDATE ".DB_PREFIX.API_TABLE." SET apik='".$link->real_escape_string($apik)."' WHERE keyv='$key'");
return $key;
}
return null;
}
