function ryzom_authenticate_with_session(&$name, &$cid, &$error_message)
{
$c = '';
$action = ryzom_get_param('action');
if ($action == 'logout') {
unset($_SESSION['name']);
unset($_SESSION['cid']);
}
if (isset($_SESSION['name']) && ($name == '' || $_SESSION['name'] == $name)) {
$name = $_SESSION['cid'];
$cid = $_SESSION['cid'];
return true;
}
$char = ryzom_get_param('char');
$password = ryzom_get_param('password');
if ($char && $password) {
// check credentials
if (ryzom_authenticate_with_char_and_password($char, $password, $cid)) {
$_SESSION['name'] = $char;
$_SESSION['cid'] = $cid;
return true;
} else {
$error_message = 'bad_auth';
}
} else {
return NULL;
}
return false;
}
function ryzom_get_user_id($cid, $name, $creation_date)
{
if (isset($_SESSION['user'])) {
return $_SESSION['user']['id'];
}
$user = unserialize(base64_decode(ryzom_get_param('user')));
$_SESSION['user'] = $user;
return $user['id'];
}
function ryzom_authenticate_with_session($name, $redirect)
{
if (isset($_SESSION['user'])) {
return true;
}
if (ryzom_get_param('user')) {
return true;
}
return false;
}
function doAction($url_params)
{
if (!$url_params['ryform_name']) {
return array(DATA_RYFORM_VALUE, array());
}
$ret = '';
$ryforms = explode('/', $url_params['ryform_name']);
$this_ryform_name = array_shift($ryforms);
list($ryform_name, $ryform_pos) = explode(':', $this_ryform_name);
if (!isset($this->defines[$ryform_name])) {
return 'Bad ryform name';
}
$def = $this->defines[$ryform_name];
if ($ryforms) {
$action = 'edit';
$next_action = $url_params['ryform_action'];
} else {
$action = $url_params['ryform_action'];
$next_action = '';
}
switch ($action) {
case 'list':
if (isset($url_params['ryform_parent']) && $url_params['ryform_parent']) {
$ryform_parent = $url_params['ryform_parent'] . '/';
} else {
$ryform_parent = '';
}
$ret .= '<table cellpadding="0" cellspacing="0" width="100%">';
foreach ($def->params as $id => $ryform) {
if (is_array($ryform)) {
$ret .= _s('t row 1', '<td height="28px" width="22px" bgcolor=' . ryzom_get_color_style('section') . '></td><td bgcolor=' . ryzom_get_color_style('section') . '>' . ryzom_font(_t('ryform_cat_' . $id), '', '12') . '</td><td bgcolor=' . ryzom_get_color_style('section') . '></td>');
foreach ($ryform as $subid => $subryform) {
$ret .= _s('t row ' . $subid % 2, '<td width="22px" height="34px">' . self::$ryformsIcons[$subryform] . '</td><td> ' . _l(_t($subryform . '_short_description'), $url_params, array('ryform_name' => $ryform_parent . $url_params['ryform_name'], 'ryform_action' => 'add', 'new_ryform' => $subryform)) . '</td><td>' . $subryform . '</td>');
}
} else {
$ret .= _s('t row ' . $id % 2, '<td width="22px" height="34px">' . self::$ryformsIcons[$ryform] . '</td><td> ' . _l(_t($ryform . '_short_description'), $url_params, array('ryform_name' => $ryform_parent . $url_params['ryform_name'], 'ryform_action' => 'add', 'new_ryform' => $ryform)) . '</td><td>' . $ryform . '</td>');
}
}
$ret .= '</table>';
return array(DATA_HTML_FORM, $ret);
break;
case 'list_multiadd':
// TODO
/*
unset($url_params[$deffullname.'_action']);
$ret .= '<table cellpadding="5"><tr>';
foreach ($def->params as $ryform) {
$ret .= '<td bgcolor="#000000">'._l($ryform, $url_params, array('ryform_action' => 'multiadd', 'new_ryform' => $ryform)).'</td>';
}
$ret .= '</tr></table>';
return array(DATA_HTML_FORM, $ret);*/
break;
case 'add':
$new_ryform = ryzom_get_param('new_ryform');
$valid_ryform = false;
if ($new_ryform) {
if (is_string($def->params) && $new_ryform == $def->params || in_array($new_ryform, $def->params)) {
$valid_ryform = true;
} else {
foreach ($def->params as $param) {
if (is_array($param) && in_array($new_ryform, $param)) {
$valid_ryform = true;
}
}
}
if (!$valid_ryform) {
return array(DATA_HTML_FORM, 'Bad ryform');
}
} else {
$new_ryform = $def->params;
}
$ryform = new $new_ryform($new_ryform, '');
$ryform->preSerialization();
if ($def->type != DEF_TYPE_RYFORM) {
p($def->value);
if (!is_array($def->value)) {
$savedRyform = array($def->value);
} else {
$savedRyform = $def->value;
}
if ($ryform_pos === 0) {
$value = array_values(array_merge(array($ryform), $savedRyform));
} else {
if ($ryform_pos !== NULL) {
$begin = array_slice($savedRyform, 0, $ryform_pos);
$end = array_slice($savedRyform, $ryform_pos, count($savedRyform) - $ryform_pos);
$value = array_values(array_merge($begin, array($ryform), $end));
} else {
$value[] = $ryform;
}
}
p($ryform_name, $value);
//return array(DATA_RYFORM_VALUE, array('stages' => array()));
return array(DATA_RYFORM_VALUE, array($ryform_name => $value));
} else {
p($ryform_name, $ryform);
return array(DATA_RYFORM_VALUE, array($ryform_name => $ryform));
}
break;
case 'edit':
$a_ryforms = $def->value;
if (is_array($a_ryforms)) {
$ryform = $a_ryforms[$ryform_pos];
} else {
$ryform = $a_ryforms;
}
$ryform->postSerialization();
$validate = isset($url_params['validate']) && $url_params['validate'];
$form = new ryForm('', $def->name);
foreach ($ryform->getFormDefs() as $form_def) {
$form->addDefine($form_def);
$name = $form_def->name;
// Init form with ryfom values
if (property_exists($ryform, $name)) {
$form->addValue($form_def->name, $ryform->{$name});
}
}
foreach ($ryform->getFormDefsExtraValues() as $def_name => $extra_values) {
$form->addExtraValues($def_name, $extra_values);
}
$form->setTemplate($ryform->getTemplate());
list($result_type, $value) = $form->getForm(array('action' => $url_params['action'], 'script' => $url_params['script'], 'ryform_action' => $next_action, 'ryform_parent' => $this_ryform_name, 'ryform_name' => implode('/', $ryforms), 'validate' => $validate));
if ($result_type == DATA_HTML_FORM) {
return array(DATA_HTML_FORM, $value);
} else {
if ($result_type == DATA_FORM_VALUES) {
$value = $form->validateFormPost($value);
}
$ryform->setFormParams($value);
$ryform->preSerialization();
}
if (is_array($a_ryforms)) {
$a_ryforms[$ryform_pos] = $ryform;
} else {
$a_ryforms = $ryform;
}
$value = array($ryform_name => $a_ryforms);
return array(DATA_RYFORM_VALUE, $value);
break;
case 'del':
$id = $ryform_pos;
p($def->value);
if (!is_array($def->value)) {
$def->value = array();
} else {
unset($def->value[$id]);
}
$value = array_values($def->value);
return array(DATA_RYFORM_VALUE, array($ryform_name => $value));
break;
case 'up':
$a_ryforms = $def->value;
if (!is_array($a_ryforms)) {
ryzom_redirect(_url($url_params, array('ryform_action' => '')));
}
$temp_ryform = $a_ryforms[$ryform_pos - 1];
$a_ryforms[$ryform_pos - 1] = $a_ryforms[$ryform_pos];
$a_ryforms[$ryform_pos] = $temp_ryform;
$a_ryforms = array_values($a_ryforms);
p($ryform_name, $a_ryforms);
return array(DATA_RYFORM_VALUE, array($ryform_name => $a_ryforms));
break;
case 'down':
$a_ryforms = $def->value;
if (!is_array($a_ryforms)) {
ryzom_redirect(_url($url_params, array('ryform_action' => '')));
}
$temp_ryform = $a_ryforms[$ryform_pos + 1];
$a_ryforms[$ryform_pos + 1] = $a_ryforms[$ryform_pos];
$a_ryforms[$ryform_pos] = $temp_ryform;
$a_ryforms = array_values($a_ryforms);
return array(DATA_RYFORM_VALUE, array($ryform_name => $a_ryforms));
break;
case 'source':
$a_ryforms = $def->value;
if (is_array($a_ryforms)) {
$ryform = $a_ryforms[$ryform_pos];
} else {
$ryform = $a_ryforms;
}
$ryform->postSerialization();
$form = new ryForm('', $def->name);
$form->addDefine(new ryFormDef('ryform_source', DEF_TYPE_TEXTAREA, '', base64_encode(serialize($ryform))));
$validate = isset($url_params['validate']) && $url_params['validate'];
list($result_type, $value) = $form->getForm(array('ryform_action' => $next_action, 'ryform_parent' => $this_ryform_name, 'ryform_name' => implode('/', $ryforms), 'validate' => $validate));
if ($result_type == DATA_HTML_FORM) {
return array(DATA_HTML_FORM, $value);
} else {
if ($result_type == DATA_FORM_VALUES) {
$params = $form->validateFormPost($value);
} else {
$params = $value;
}
$ryform = unserialize(base64_decode($params['ryform_source']));
if (!is_object($ryform)) {
unset($url_params['validate']);
ryzom_redirect(_url($url_params, array('ryform_action' => '', 'message' => 'bad_paste')));
}
$is_valid = false;
p($def->params);
foreach ($def->params as $id => $ryform_class) {
if (is_array($ryform_class)) {
if (in_array(get_class($ryform), array_values($ryform_class))) {
$is_valid = true;
}
} else {
if (get_class($ryform) == $ryform_class) {
$is_valid = true;
}
}
}
if (!$is_valid) {
p(get_class($ryform), $def->params);
ryzom_redirect(_url($url_params, array($deffullname . '_action' => '', 'message' => 'not_valid_stage')));
return;
}
if (is_array($a_ryforms)) {
$a_ryforms[$ryform_pos] = $ryform;
} else {
$a_ryforms = $ryform;
}
$value = array($ryform_name => $a_ryforms);
return array(DATA_RYFORM_VALUE, $value);
}
return;
break;
}
return $ret;
}
* ryzom_api is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with ryzom_api. If not, see <http://www.gnu.org/licenses/>.
*/
require_once 'ryzom_api.php';
$cid = ryzom_get_param('cid');
$name = ryzom_get_param('name');
$authserver = ryzom_get_param('authserver');
$authkey = ryzom_get_param('authkey');
if ($authserver) {
if (ryzom_authenticate_with_serverkey($cid, $name, $authserver, $authkey)) {
die('1');
}
die('0');
}
if (isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'], 'Ryzom') || ryzom_get_param('ig')) {
echo 'ig';
if (ryzom_authenticate_ingame($cid, $name, $authkey)) {
echo 'ok';
$user_infos = ryzom_user_get_info($cid);
echo ryzom_get_user_id($cid, $name, $user_infos['creation_date']);
die('1');
}
die('0');
} else {
echo ryzom_authenticate_with_session($name, $cid, $error_message);
}
function validateCallback()
{
$index_infos = $this->dfm->loadUserDataFromApp('hmagic.index', 'app_profile');
$playerEid = ryzom_get_param('player_eid');
$event = ryzom_get_param('event');
$desc_error = ryzom_get_param('desc');
$desc = '';
if ($desc_error) {
$desc = '&desc=' . $desc_error;
}
list($index, $tid) = explode('_', ryzom_get_param('tid'));
$web_app_url = $index_infos['url'][$index];
if ($index . '_' . $tid != $index_infos['time'][$index]) {
return false;
}
$trans_id = '';
if ($tid) {
$trans_id = '&tid=' . $index . '_' . $tid;
}
$hmac = ryzom_get_param('hmac');
$checksum = $web_app_url . $trans_id . '&player_eid=' . $playerEid . '&event=' . $event . $desc;
$real_hmac = strtoupper(hash_hmac('sha1', $checksum, RYAPI_EGS_SALT));
if ($real_hmac != $hmac) {
return false;
} else {
return true;
}
}
function ryzom_app_authenticate(&$user, $ask_login = true, $welcome_message = '', $webprivs = true)
{
$name = ryzom_get_param('name');
$urluser = ryzom_get_param('user');
// user serialization send by auth server
$urlusercheksum = ryzom_get_param('checksum');
// user serialization checksum
$authkey = ryzom_get_param('authkey');
// InGame authkey
$lang = ryzom_get_param('lang');
$cid = intval(ryzom_get_param('cid'));
$is_auth_ingame = false;
// we have to set the $user['lang'] even for anonymous user or we cannot display the test in the right langage
if ($lang == '') {
if (!isset($_SESSION['lang'])) {
$l = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2) : 'en';
if ($l == 'fr' || $l == 'en' || $l == 'de' || $l == 'ru' || $l == 'es') {
$lang = $l;
} else {
$lang = 'en';
}
} else {
$lang = $_SESSION['lang'];
}
}
if ($lang != 'fr' && $lang != 'en' && $lang != 'de' && $lang != 'ru' && $lang != 'es') {
$lang = 'en';
}
$user['message'] = '';
$user['lang'] = $lang;
$user['groups'] = array();
if (isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'], 'Ryzom') || ryzom_get_param('ig')) {
$user['ig'] = true;
} else {
$user['ig'] = false;
}
if (isset($_SESSION['user'])) {
if (ryzom_get_param('action') == 'logout') {
unset($_SESSION['user']);
} else {
$_SESSION['user']['ig'] = $user['ig'];
define('RYZOM_IG', $user['ig']);
$user = $_SESSION['user'];
return true;
}
}
if ($urluser && $urlusercheksum) {
// Check $authuser (used to test app from another server ingame)
if (hash_hmac('sha1', $urluser, RYAPI_AUTH_KEY) == $urlusercheksum) {
$ig = $user['ig'];
$user = array_merge($user, unserialize(base64_decode($urluser)));
$user['ig'] = $ig;
if (!isset($user['groups'])) {
$user['groups'] = array();
}
define('RYZOM_IG', $user['ig']);
$_SESSION['user'] = $user;
return true;
}
}
if ($user['ig']) {
// Ingame
$shardid = ryzom_get_param('shardid');
$error_message = '';
if (ryzom_authenticate_ingame($shardid, $cid, $name, $authkey) || ryzom_authenticate_with_session($name, $cid, $error_message)) {
$is_auth_ingame = true;
}
} else {
// Outgame or bad ingame auth (external server) : Use session
$error_message = '';
if (!ryzom_authenticate_with_session($name, $cid, $error_message)) {
define('RYZOM_IG', false);
if ($ask_login) {
if ($error_message) {
$c = '<h3>' . _t($error_message) . '</h3>';
} else {
$c = '';
}
if (!$welcome_message) {
$welcome_message = '<span style="font-size:11pt; color: #AAAAFF">The application <strong style="color: #99FFFF">' . _t(APP_NAME) . '</strong> require authentication. Please enter your credentials</span>';
}
$c .= '<div style="text-align: center">' . $welcome_message . '</div><br />';
if ($user['message']) {
$c .= '<div style="text-align: center"><strong style="color: #FF5555">' . _t($user['message']) . '</strong></div><br />';
}
$c .= ryzom_render_login_form($name, false);
echo ryzom_app_render(_t('app_' . APP_NAME), $c);
die;
}
return false;
}
}
$_SESSION['lang'] = $lang;
define('RYZOM_IG', $user['ig']);
// get user informations
$ig = $user['ig'];
$user = ryzom_user_get_info($cid, $webprivs, RYAPI_USE_PLAYER_STATS);
if (isset($user['creation_date'])) {
$user['id'] = ryzom_get_user_id($cid, $user['char_name'], $user['creation_date'], $user);
}
$user['gender'] = ryzom_get_user_gender($user['id']);
$user['ig'] = $ig;
$user['lang'] = $_SESSION['lang'];
if (!isset($user['groups'])) {
$user['groups'] = array();
}
if ($is_auth_ingame && $user['last_played_date'] != '0') {
$user['auth_ig'] = true;
} else {
$user['auth_ig'] = false;
}
if (!isset($_SESSION['translater_mode']) || ryzom_get_param('translate_this') == '0') {
$_SESSION['translater_mode'] = false;
}
// Set/unset translation mode
if (in_array('WTRS', $user['groups']) && ryzom_get_param('translate_this') == '1') {
$_SESSION['translater_mode'] = true;
}
$user['translation_mode'] = $_SESSION['translater_mode'];
// $user['after_merge'] = $user['uid'] >= 671686;
ryzom_unset_url_param('translate_this');
if (isset($user['last_played_date'])) {
$_SESSION['last_played_date'] = $user['last_played_date'];
}
// don't send this informations to external apps
unset($user['last_played_date']);
unset($user['creation_date']);
return true;
}
<?php
include_once 'config.php';
include_once 'lang.php';
// List of apps
$apps = array('app_test');
$c = '';
// Ask to authenticate user (using ingame or session method) and fill $user with all information
$logged = ryzom_app_authenticate($user, false);
if ($logged) {
$c .= '<h1>' . _t('welcome', $user['char_name']) . '</h1>';
} else {
if (!$user['ig']) {
if ($user['message']) {
$c .= '<div style="text-align: center"><strong style="color: #FF5555">' . _t($user['message']) . '</strong></div><br />';
}
$c .= ryzom_render_login_form(ryzom_get_param('name'));
}
}
foreach ($apps as $app) {
$c .= '<a href="' . RYAPP_URL . '/' . $app . '/index.php"><img src="' . RYAPP_URL . '/' . $app . '/favicon.png" />' . _t($app) . '</a><br />';
}
if ($logged && !$user['ig']) {
$c .= '<br /><a href="' . RYAPP_URL . '/index.php?action=logout">' . _t('logout') . '</a>';
}
// Print GET values on debug view
p($_GET);
echo ryzom_app_render('Ryzom', $c, $user['ig']);
