Backed out php-mysqli-refactor, broke logins

This commit is contained in:
botanic 2014-01-26 01:31:47 -08:00
parent 09e3471f1b
commit 5317c9f080
8 changed files with 108 additions and 129 deletions

View file

@ -74,21 +74,19 @@
die2(); die2();
} }
$domainName = getPost("domain"); $domainName = getPost("domain");
$nelLink = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die2 (__FILE__. " " .__LINE__." Can't connect to database host:$DBHost user:$DBUserName"); $nelLink = mysql_connect($DBHost, $DBUserName, $DBPassword) or die2 (__FILE__. " " .__LINE__." Can't connect to database host:$DBHost user:$DBUserName");
mysqli_select_db ($nelLink, $DBName) or die2 (__FILE__. " " .__LINE__." Can't access to the table dbname:$DBName"); mysql_select_db ($DBName, $nelLink) or die2 (__FILE__. " " .__LINE__." Can't access to the table dbname:$DBName");
$domainName = mysqli_real_escape_string($nelLink, $domainName);
$query = "SELECT backup_patch_url, patch_urls FROM domain WHERE domain_name='$domainName'"; $query = "SELECT backup_patch_url, patch_urls FROM domain WHERE domain_name='$domainName'";
$result = mysqli_query ($nelLink, $query) or die2 (__FILE__. " " .__LINE__." Can't execute the query: ".$query); $result = mysql_query ($query, $nelLink) or die2 (__FILE__. " " .__LINE__." Can't execute the query: ".$query);
if (mysqli_num_rows($result) != 1) if (mysql_num_rows($result) != 1)
{ {
// unrecoverable error, we must giveup // unrecoverable error, we must giveup
$reason = "Can't find domain '".$domainName."' (error code x)"; $reason = "Can't find domain '".$domainName."' (error code x)";
$res = false; $res = false;
} }
$req = mysqli_fetch_array($result); $req = mysql_fetch_array($result);
$backup_patch_url = $req["backup_patch_url"]; $backup_patch_url = $req["backup_patch_url"];
$patch_urls = $req["patch_urls"]; $patch_urls = $req["patch_urls"];
@ -116,7 +114,7 @@
} }
echo "</version>\n"; echo "</version>\n";
mysqli_close($nelLink); mysql_close($nelLink);
unset($nelLink); unset($nelLink);
break; break;
@ -126,3 +124,4 @@
} }
?>

View file

@ -34,16 +34,16 @@
// gather the domain information (server version, patch urls and backup patch url // gather the domain information (server version, patch urls and backup patch url
global $DBHost, $DBUserName, $DBPassword, $DBName, $AutoInsertInRing; global $DBHost, $DBUserName, $DBPassword, $DBName, $AutoInsertInRing;
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName)); $link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
mysqli_select_db ($link, $DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName)); mysql_select_db ($DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
$query = "SELECT * FROM domain WHERE domain_id=$domainId"; $query = "SELECT * FROM domain WHERE domain_id=$domainId";
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link))); $result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
if( mysqli_num_rows($result) != 1) if( mysql_num_rows($result) != 1)
{ {
die(errorMsgBlock(3001, $domainId)); die(errorMsgBlock(3001, $domainId));
} }
$row = mysqli_fetch_array($result); $row = mysql_fetch_array($result);
// set the cookie // set the cookie
setcookie ( "ryzomId" , $cookie, 0, "/"); setcookie ( "ryzomId" , $cookie, 0, "/");
@ -178,28 +178,27 @@
{ {
////////////// Temporary code alpha 0 only ///////////////////////////////////// ////////////// Temporary code alpha 0 only /////////////////////////////////////
// check if the ring user exist, and create it if not // check if the ring user exist, and create it if not
$ringDb = mysqli_connect($DBHost, $RingDBUserName, $RingDBPassword) or die(errorMsgBlock(3004, 'Ring', $DBHost, $RingDBUserName)); $ringDb = mysql_connect($DBHost, $RingDBUserName, $RingDBPassword) or die(errorMsgBlock(3004, 'Ring', $DBHost, $RingDBUserName));
mysqli_select_db ($ringDb, $domainInfo['ring_db_name']) or die(errorMsgBlock(3005, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName)); mysql_select_db ($domainInfo['ring_db_name'], $ringDb) or die(errorMsgBlock(3005, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName));
$query = "SELECT user_id FROM ring_users where user_id = '".$id."'"; $query = "SELECT user_id FROM ring_users where user_id = '".$id."'";
$result = mysqli_query ($ringDb, $query) or die(errorMsgBlock(3006, $query, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName, mysqli_error($ringDb))); $result = mysql_query ($query) or die(errorMsgBlock(3006, $query, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName, mysql_error()));
if (mysqli_num_rows($result) == 0) if (mysql_num_rows($result) == 0)
{ {
// no ring user record, build one // no ring user record, build one
$login = mysqli_real_escape_string($ringDb, $login); $query = "INSERT INTO ring_users SET user_id = '".$id."', user_name = '".$_GET["login"]."', user_type='ut_pioneer'";
$query = "INSERT INTO ring_users SET user_id = '$id', user_name = '$login', user_type='ut_pioneer'"; $result = mysql_query ($query) or die(errorMsgBlock(3006, $query, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName, mysql_error()));
$result = mysqli_query ($ringDb, $query) or die(errorMsgBlock(3006, $query, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName, mysqli_error($ringDb)));
} }
// // check that there is a character record (deprecated) // // check that there is a character record (deprecated)
// $query = "SELECT user_id FROM characters where user_id = '".$id."'"; // $query = "SELECT user_id FROM characters where user_id = '".$id."'";
// $result = mysqli_query ($ringDb, $query) or die("Query ".$query." failed"); // $result = mysql_query ($query) or die("Query ".$query." failed");
// if (mysqli_num_rows($result) == 0) // if (mysql_num_rows($result) == 0)
// { // {
// // no characters record, build a default one // // no characters record, build a default one
// $charId = ($id * 16); // $charId = ($id * 16);
// $query = "INSERT INTO characters SET char_id='".$charId."', char_name='".$_GET["login"]."_default', user_id = '".$id."'"; // $query = "INSERT INTO characters SET char_id='".$charId."', char_name='".$_GET["login"]."_default', user_id = '".$id."'";
// $result = mysqli_query ($ringDb, $query) or die("Query ".$query." failed"); // $result = mysql_query ($query) or die("Query ".$query." failed");
// } // }
} }
@ -270,25 +269,24 @@
setMsgLanguage($lang); setMsgLanguage($lang);
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
mysqli_select_db ($link, $DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
// we map the client application to the domain name // we map the client application to the domain name
$domainName = mysqli_real_escape_string($link, $clientApplication); $domainName = $clientApplication;
$link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
mysql_select_db ($DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
// retreive the domain id // retreive the domain id
$query = "SELECT domain_id FROM domain WHERE domain_name='$domainName'"; $query = "SELECT domain_id FROM domain WHERE domain_name='$domainName'";
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link))); $result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
if (mysqli_num_rows($result) == 0) if (mysql_num_rows($result) == 0)
{ {
// unrecoverable error, we must giveup // unrecoverable error, we must giveup
$reason = errorMsg(3007, $domainName); $reason = errorMsg(3007, $domainName);
mysqli_close($link); mysql_close($link);
return false; return false;
} }
$row = mysqli_fetch_array($result); $row = mysql_fetch_array($result);
$domainId = $row[0]; $domainId = $row[0];
// retreive the domain info // retreive the domain info
@ -298,34 +296,32 @@
$accessPriv = strtoupper(substr($domainInfo['status'], 3)); $accessPriv = strtoupper(substr($domainInfo['status'], 3));
// now, retrieve the user infos // now, retrieve the user infos
$login = mysqli_real_escape_string($link, $login);
$query = "SELECT * FROM user where Login='$login'"; $query = "SELECT * FROM user where Login='$login'";
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link))); $result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
if (mysqli_num_rows ($result) == 0) if (mysql_num_rows ($result) == 0)
{ {
if ($AcceptUnknownUser) if ($AcceptUnknownUser)
{ {
// login doesn't exist, create it // login doesn't exist, create it
$password = mysqli_real_escape_string($link, $password);
$query = "INSERT INTO user (Login, Password) VALUES ('$login', '$password')"; $query = "INSERT INTO user (Login, Password) VALUES ('$login', '$password')";
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link))); $result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
// get the user to have his UId // get the user to have his UId
$query = "SELECT * FROM user WHERE Login='$login'"; $query = "SELECT * FROM user WHERE Login='$login'";
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link))); $result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
if (mysqli_num_rows ($result) == 1) if (mysql_num_rows ($result) == 1)
{ {
$reason = errorMsg(3008, $login); $reason = errorMsg(3008, $login);
$row = mysqli_fetch_assoc ($result); $row = mysql_fetch_array ($result);
$id = $row["UId"]; $id = $row["UId"];
$priv = $row["Privilege"]; $priv = $row["Privilege"];
$extended = $row["ExtendedPrivilege"]; $extended = $row["ExtendedPrivilege"];
// add the default permission // add the default permission
$query = "INSERT INTO permission (UId, ClientApplication, AccessPrivilege) VALUES ('$id', 'r2', '$accessPriv')"; $query = "INSERT INTO permission (UId, ClientApplication, AccessPrivilege) VALUES ('$id', 'r2', '$accessPriv')";
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link))); $result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$res = false; $res = false;
} }
@ -339,9 +335,9 @@
{ {
// Check if this is not an unconfirmed account // Check if this is not an unconfirmed account
$query = "SELECT GamePassword, Email, Language FROM signup_data WHERE login='$login'"; $query = "SELECT GamePassword, Email, Language FROM signup_data WHERE login='$login'";
$result = mysqli_query($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link))); $result = mysql_query($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
if (mysqli_num_rows($result) == 0) if (mysql_num_rows($result) == 0)
{ {
$reason = errorMsg(2001, $login, 'checkUserValidity'); $reason = errorMsg(2001, $login, 'checkUserValidity');
$res = false; $res = false;
@ -350,7 +346,7 @@
{ {
// Check password to avoid revealing email address to third-party // Check password to avoid revealing email address to third-party
$passwordMatchedRow = false; $passwordMatchedRow = false;
while ($row = mysqli_fetch_assoc($result)) while ($row = mysql_fetch_array($result))
{ {
$salt = substr($row['GamePassword'],0,2); $salt = substr($row['GamePassword'],0,2);
if (($cp && $row['GamePassword'] == $password) || (!$cp && $row['GamePassword'] == crypt($password, $salt))) if (($cp && $row['GamePassword'] == $password) || (!$cp && $row['GamePassword'] == crypt($password, $salt)))
@ -373,7 +369,7 @@
} }
else else
{ {
$row = mysqli_fetch_assoc ($result); $row = mysql_fetch_array ($result);
$salt = substr($row["Password"],0,2); $salt = substr($row["Password"],0,2);
if (($cp && $row["Password"] == $password) || (!$cp && $row["Password"] == crypt($password, $salt))) if (($cp && $row["Password"] == $password) || (!$cp && $row["Password"] == crypt($password, $salt)))
{ {
@ -381,16 +377,15 @@
$_GET['login'] = $row['Login']; $_GET['login'] = $row['Login'];
// check if the user can use this application // check if the user can use this application
$clientApplication = mysqli_real_escape_string($link, $clientApplication);
$query = "SELECT * FROM permission WHERE UId='".$row["UId"]."' AND ClientApplication='$clientApplication'"; $query = "SELECT * FROM permission WHERE UId='".$row["UId"]."' AND ClientApplication='$clientApplication'";
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link))); $result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
if (mysqli_num_rows ($result) == 0) if (mysql_num_rows ($result) == 0)
{ {
if ($AcceptUnknownUser) if ($AcceptUnknownUser)
{ {
// add default permission // add default permission
$query = "INSERT INTO permission (UId, ClientApplication, ShardId, AccessPrivilege) VALUES ('".$row["UId"]."', '$clientApplication', -1, '$domainStatus')"; $query = "INSERT INTO permission (UId, ClientApplication, ShardId, AccessPrivilege) VALUES ('".$row["UId"]."', '$clientApplication', -1, '$domainStatus')";
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link))); $result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$reason = errorMsg(3010); $reason = errorMsg(3010);
$res = false; $res = false;
@ -405,7 +400,7 @@
else else
{ {
// check that the access privilege for the domain // check that the access privilege for the domain
$permission = mysqli_fetch_assoc($result); $permission = mysql_fetch_array($result);
if (!strstr($permission['AccessPrivilege'], $accessPriv)) if (!strstr($permission['AccessPrivilege'], $accessPriv))
{ {
@ -414,7 +409,7 @@
{ {
// set an additionnal privilege for this player // set an additionnal privilege for this player
$query = "UPDATE permission set AccessPrivilege='".$permission['AccessPrivilege'].",$accessPriv' WHERE prim=".$permission['prim']; $query = "UPDATE permission set AccessPrivilege='".$permission['AccessPrivilege'].",$accessPriv' WHERE prim=".$permission['prim'];
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link))); $result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$reason = errorMsg(3012, $accessPriv); $reason = errorMsg(3012, $accessPriv);
$res = false; $res = false;
@ -440,10 +435,10 @@
// $reason = $reason."was just disconnected. Now you can retry the identification (error code 54)"; // $reason = $reason."was just disconnected. Now you can retry the identification (error code 54)";
// //
// $query = "update shard set NbPlayers=NbPlayers-1 where ShardId=".$row["ShardId"]; // $query = "update shard set NbPlayers=NbPlayers-1 where ShardId=".$row["ShardId"];
// $result = mysqli_query ($link, $query) or die ("Can't execute the query: '$query' errno:".mysqli_errno($link).": ".mysqli_error($link)); // $result = mysql_query ($query) or die ("Can't execute the query: '$query' errno:".mysql_errno().": ".mysql_error());
// //
// $query = "update user set ShardId=-1, State='Offline' where UId=".$row["UId"]; // $query = "update user set ShardId=-1, State='Offline' where UId=".$row["UId"];
// $result = mysqli_query ($link, $query) or die ("Can't execute the query: '$query' errno:".mysqli_errno($link).": ".mysqli_error($link)); // $result = mysql_query ($query) or die ("Can't execute the query: '$query' errno:".mysql_errno().": ".mysql_error());
// } // }
// else // else
// { // {
@ -467,7 +462,7 @@
$res = false; $res = false;
} }
} }
mysqli_close($link); mysql_close($link);
return $res; return $res;
} }
@ -479,14 +474,13 @@
setMsgLanguage($lang); setMsgLanguage($lang);
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName)); $link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
mysqli_select_db ($link, $DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName)); mysql_select_db ($DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
$login = mysqli_real_escape_string($link, $login);
$query = "SELECT Password FROM user WHERE Login='$login'"; $query = "SELECT Password FROM user WHERE Login='$login'";
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link))); $result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
if (mysqli_num_rows ($result) != 1) if (mysql_num_rows ($result) != 1)
{ {
if ($AcceptUnknownUser) if ($AcceptUnknownUser)
{ {
@ -498,17 +492,17 @@
{ {
// Check if this is not an unconfirmed account // Check if this is not an unconfirmed account
$query = "SELECT GamePassword, Language FROM signup_data WHERE login='$login'"; $query = "SELECT GamePassword, Language FROM signup_data WHERE login='$login'";
$result = mysqli_query($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link))); $result = mysql_query($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
if (mysqli_num_rows($result) == 0) if (mysql_num_rows($result) == 0)
{ {
// no user record, reject it // no user record, reject it
die (errorMsgBlock(2001, $login, 'askSalt')); die (errorMsgBlock(2001, $login, 'askSalt'));
} }
else if (mysqli_num_rows($result) == 1) else if (mysql_num_rows($result) == 1)
{ {
// one unconfirmed record, let the client send the encrypted password to get the corresponding email address // one unconfirmed record, let the client send the encrypted password to get the corresponding email address
$row = mysqli_fetch_assoc($result); $row = mysql_fetch_array($result);
$salt = substr($row['GamePassword'], 0, 2); $salt = substr($row['GamePassword'], 0, 2);
} }
else else
@ -517,7 +511,7 @@
{ {
// several matching records => display a multi-language message now // several matching records => display a multi-language message now
$languages = array(); $languages = array();
while ($row = mysqli_fetch_assoc($result)) while ($row = mysql_fetch_array($result))
{ {
$languages[$row['Language']] = true; $languages[$row['Language']] = true;
} }
@ -529,11 +523,12 @@
} }
else else
{ {
$res_array = mysqli_fetch_assoc($result); $res_array = mysql_fetch_array($result);
$salt = substr($res_array['Password'], 0, 2); $salt = substr($res_array['Password'], 0, 2);
} }
echo "1:".$salt; echo "1:".$salt;
mysqli_close($link); mysql_close($link);
} }
?>

View file

@ -16,10 +16,9 @@
$domainInfo = getDomainInfo($domainId); $domainInfo = getDomainInfo($domainId);
global $DBHost, $RingDBUserName, $RingDBPassword, $RingDBName; global $DBHost, $DBUserName, $DBPassword, $DBName, $RingDBName;
$link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die ("Can't connect to database host:$DBHost user:$DBUserName");
$link = mysqli_connect($DBHost, $RingDBUserName, $RingDBPassword) or die ("Can't connect to database host:$DBHost user:$RingDBUserName"); mysql_select_db ($RingDBName) or die ("Can't access to the db dbname:$RingDBName");
mysqli_select_db($link, $RingDBName) or die ("Can't access to the db dbname:$RingDBName");
// Find out if the character has an open editing session // Find out if the character has an open editing session
$query = "SELECT session_id, state "; $query = "SELECT session_id, state ";
@ -27,8 +26,8 @@
$query .= " WHERE (owner = '".$charId."')"; $query .= " WHERE (owner = '".$charId."')";
$query .= " AND (session_type = 'st_edit')"; $query .= " AND (session_type = 'st_edit')";
$query .= " AND (NOT (state IN ('ss_closed', 'ss_locked')))"; $query .= " AND (NOT (state IN ('ss_closed', 'ss_locked')))";
$result = mysqli_query($link, $query) or die ("Can't execute the query: ".$query); $result = mysql_query ($query) or die ("Can't execute the query: ".$query);
$num = mysqli_num_rows($result); $num = mysql_num_rows ($result);
if ($num > 1) if ($num > 1)
{ {
echo "Error: more than one editing sessions for char".$charId; echo "Error: more than one editing sessions for char".$charId;
@ -40,14 +39,11 @@
{ {
// Not found => first, create an editing session for this character, start the session and invite himself // Not found => first, create an editing session for this character, start the session and invite himself
$query = "SELECT char_name FROM characters WHERE char_id = $charId"; $query = "SELECT char_name FROM characters WHERE char_id = $charId";
$result = mysqli_query($link, $query) or die ("Can't execute the query: ".$query); $result = mysql_query ($query) or die ("Can't execute the query: ".$query);
$num = mysqli_num_rows($result); $num = mysql_num_rows ($result);
$characterName = ""; $characterName = "";
if ($num > 0) if ($num > 0)
{ $characterName = mysql_result($result, 0, 0);
$row = mysqli_fetch_assoc($result);
$characterName = $row['char_name'];
}
global $SessionId, $SessionToolsResult; global $SessionId, $SessionToolsResult;
planEditSession($charId, $domainId, "st_edit", $characterName, ""); planEditSession($charId, $domainId, "st_edit", $characterName, "");
if ($SessionToolsResult === false) if ($SessionToolsResult === false)
@ -59,7 +55,7 @@
} }
else else
{ {
$row = mysqli_fetch_assoc($result); $row = mysql_fetch_array($result);
$sessionId = $row['session_id']; $sessionId = $row['session_id'];
$state = $row['state']; $state = $row['state'];
echo "Found your session: $sessionId ($state)<br>"; echo "Found your session: $sessionId ($state)<br>";
@ -77,12 +73,13 @@
} }
// check that we character have a participation in the session and invite him if needed // check that we character have a participation in the session and invite him if needed
mysql_select_db ($RingDBName) or die ("Can't access to the db dbname:$RingDBName");
$query = "SELECT count(*) FROM session_participant WHERE session_id = $sessionId AND char_id = $charId"; $query = "SELECT count(*) FROM session_participant WHERE session_id = $sessionId AND char_id = $charId";
$result = mysqli_query($link, $query) or die ("Can't execute the query: ".$query); $result = mysql_query ($query) or die ("Can't execute the query: ".$query);
$num = mysqli_num_rows($result); $num = mysql_num_rows ($result);
if ($num != 1) if ($num != 1)
die ("Invalid result whil checking participation for char $charId in session $sessionId<br>"); die ("Invalid result whil checking participation for char $charId in session $sessionId<br>");
$value = mysqli_fetch_row($result); $value = mysql_fetch_array($result);
if ($value[0] == 0) if ($value[0] == 0)
{ {
// the character have not is own invitation ! // the character have not is own invitation !
@ -94,4 +91,4 @@
// Join the session // Join the session
joinSessionFromId($userId, $domainId, $sessionId); joinSessionFromId($userId, $domainId, $sessionId);
?>

View file

@ -42,25 +42,24 @@
if (isset($_POST["execute"])) if (isset($_POST["execute"]))
{ {
// lookup in the database to convert character name into // lookup in the database to convert character name into
global $DBHost, $RingDBUserName, $RingDBPassword, $RingDBName; global $DBHost, $DBUserName, $DBPassword, $RingDBName;
$link = mysqli_connect($DBHost, $RingDBUserName, $RingDBPassword) or die ("Can't connect to database host:$DBHost user:$RingDBUserName"); $link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die ("Can't connect to database host:$DBHost user:$DBUserName");
mysqli_select_db($link, $RingDBName) or die ("Can't access to the table dbname:$RingDBName"); mysql_select_db ($RingDBName) or die ("Can't access to the table dbname:$RingDBName");
// extract the character that have the specified name // extract the character that have the specified name
$charName = mysqli_real_escape_string($link, $_POST['charName']); $query = "select * from characters where char_name = '".$_POST["charName"]."'";
$query = "select char_id, char_name from characters where char_name = '$charName'"; $result = mysql_query ($query) or die ("Can't execute the query: ".$query);
$result = mysqli_query($link, $query) or die ("Can't execute the query: ".$query);
if (mysqli_num_rows($result) == 0) if (mysql_num_rows ($result) == 0)
{ {
echo "<h1>Can't find the character ".$_POST["charName"]."<h1>"; echo "<h1>Can't find the character ".$_POST["charName"]."<h1>";
} }
else else
{ {
$row = mysqli_fetch_assoc($result); $row = mysql_fetch_row($result);
$currentSession = $row['char_id']; $currentSession = $row[0];
$currentchar = $row['char_name']; $currentchar = $row[1];
// send the invitation info to the session manager // send the invitation info to the session manager
$invitePioneer = new InvitePioneerCb; $invitePioneer = new InvitePioneerCb;

View file

@ -184,17 +184,13 @@ function displayAllShards(&$onlineShardsBySessionId)
} }
// List all shards of the domain, including offline ones // List all shards of the domain, including offline ones
global $DBName, $DBHost, $DBUserName, $DBPassword; global $DBName;
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die("Can't connect to nel database"); mysql_select_db ($DBName) or die ("Can't access to the db dbname:$DBName");
mysqli_select_db($link, $DBName) or die ("Can't access to the db dbname:$DBName");
$domainId = (int) $domainId;
$query = "select * from shard where domain_id = $domainId"; $query = "select * from shard where domain_id = $domainId";
$resShards = mysqli_query($link, $query) or die ("Can't execute the query: ".$query." ".mysqli_error($link)); $resShards = mysql_query ($query) or die ("Can't execute the query: ".$query." ".mysql_error());
echo "Select a shard to join:<br>"; echo "Select a shard to join:<br>";
//echo "<form name='far_tp' action='join_shard.php' method='post'>"; //echo "<form name='far_tp' action='join_shard.php' method='post'>";
while ($rowShard = mysqli_fetch_assoc($resShards)) while ($rowShard = mysql_fetch_array($resShards))
{ {
$mainlandSessionId = $rowShard['FixedSessionId']; $mainlandSessionId = $rowShard['FixedSessionId'];
$isOnline = isset($onlineShardsBySessionId[$mainlandSessionId]); $isOnline = isset($onlineShardsBySessionId[$mainlandSessionId]);
@ -249,4 +245,4 @@ function joinMainland($userId, $domainId)
global $FSHostResult; global $FSHostResult;
return $FSHostResult; return $FSHostResult;
} }
?>

View file

@ -108,23 +108,19 @@ function inviteOwnerInSession($charId, $domainId, $sessionId)
$RSMPort = $addr[1]; $RSMPort = $addr[1];
global $rsmProxy, $rsmSkel, $userId, $charId, $callbackClient, $RingDBName, /*$SessionId,*/ $SessionToolsResult; global $rsmProxy, $rsmSkel, $userId, $charId, $callbackClient, $RingDBName, /*$SessionId,*/ $SessionToolsResult;
global $DBHost, $RingDBUserName, $RingDBPassword;
$SessionId = $sessionId; $SessionId = $sessionId;
$DomainId = $domainId; $DomainId = $domainId;
$link = mysqli_connect($DBHost, $RingDBUserName, $RingDBPassword) or die("Can't connect to ring database"); mysql_select_db ($RingDBName) or die ("Can't access to the db dbname:$RingDBName");
mysqli_select_db($link, $RingDBName) or die ("Can't access to the db dbname:$RingDBName");
$sessionId = (int) $sessionId;
$query = "select session_type from sessions where session_id=".$sessionId; $query = "select session_type from sessions where session_id=".$sessionId;
$result = mysqli_query($link, $query) or die ("Can't execute the query: ".$query); $result = mysql_query ($query) or die ("Can't execute the query: ".$query);
if (mysqli_num_rows($result) != 1) if (mysql_num_rows ($result) != 1)
{ {
echo "Can't find 1 row for ring session ".$sessionId."<br>"; echo "Can't find 1 row for ring session ".$sessionId."<br>";
die(); die();
} }
$row = mysqli_fetch_row($result); $row = mysql_fetch_row($result);
$session_type = $row[0]; $session_type = $row[0];
$mode = ($session_type == "st_edit") ? "sps_edit_invited" : "sps_anim_invited"; $mode = ($session_type == "st_edit") ? "sps_edit_invited" : "sps_anim_invited";
echo "Inviting character ".$charId." of user ".$userId." in session ".$sessionId."<br>"; echo "Inviting character ".$charId." of user ".$userId." in session ".$sessionId."<br>";
@ -188,4 +184,4 @@ class InviteOwnerCb extends CRingSessionManagerWeb
echo '<p><p><a href="web_start.php">Back to menu</a>'; echo '<p><p><a href="web_start.php">Back to menu</a>';
} }
} }
?>

View file

@ -6,20 +6,19 @@
{ {
global $DBHost, $DBUserName, $DBPassword, $DBName; global $DBHost, $DBUserName, $DBPassword, $DBName;
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die("can't connect to nel db"); $nelDb = mysql_connect($DBHost, $DBUserName, $DBPassword) or die("can't connect to nel db");
mysqli_select_db ($link, $DBName) or die("can't select nel db"); mysql_select_db ($DBName, $nelDb) or die("can't select nel db");
$query = "SELECT * FROM domain WHERE domain_id = '".$domainId."'";
$result = mysql_query ($query) or die("query ".$query." failed");
$domainId = (int)$domainId; if (mysql_num_rows($result) == 0)
$query = "SELECT * FROM domain WHERE domain_id = $domainId";
$result = mysqli_query($link, $query) or die("query ($query) failed");
if (mysqli_num_rows($result) == 0)
{ {
die("Can't find row for domain ".$domainId); die("Can't find row for domain ".$domainId);
} }
$domainInfo = mysqli_fetch_array($result); $domainInfo = mysql_fetch_array($result);
return $domainInfo; return $domainInfo;
} }
?>

View file

@ -16,7 +16,7 @@
function validateCookie(&$userId, &$domainId, &$charId) function validateCookie(&$userId, &$domainId, &$charId)
{ {
global $DBHost, $RingDBUserName, $RingDBPassword, $RingDBName, $AcceptUnknownUser; global $DBHost, $DBUserName, $DBPassword, $DBName, $RingDBName, $AcceptUnknownUser;
if (!isset($_COOKIE["ryzomId"])) if (!isset($_COOKIE["ryzomId"]))
{ {
@ -40,20 +40,18 @@
} }
// check the cookie in the database // check the cookie in the database
$link = mysqli_connect($DBHost, $RingDBUserName, $RingDBPassword) or die ("Can't connect to database host:$DBHost user:$RingDBUserName"); $link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die ("Can't connect to database host:$DBHost user:$DBUserName");
mysqli_select_db($link, $RingDBName) or die ("Can't access to the table dbname:$RingDBName"); mysql_select_db ($RingDBName) or die ("Can't access to the table dbname:$RingDBName");
$cookie = mysqli_real_escape_string($link, $cookie);
$query = "SELECT user_id, current_status, current_domain_id FROM ring_users where cookie='$cookie'"; $query = "SELECT user_id, current_status, current_domain_id FROM ring_users where cookie='$cookie'";
$result = mysqli_query($link, $query) or die ("Can't execute the query: ".$query); $result = mysql_query ($query) or die ("Can't execute the query: ".$query);
if (mysqli_num_rows($result) == 0) if (mysql_num_rows ($result) == 0)
{ {
echo "Can't find cookie $cookie in database<BR>"; echo "Can't find cookie $cookie in database<BR>";
return false; return false;
} }
$row = mysqli_fetch_assoc($result); $row = mysql_fetch_array($result);
if ($row["current_status"] != "cs_logged" && $row["current_status"] != "cs_online" ) if ($row["current_status"] != "cs_logged" && $row["current_status"] != "cs_online" )
{ {
@ -79,4 +77,4 @@
else else
return 0; // temp dev: use 0 as the "ring character" return 0; // temp dev: use 0 as the "ring character"
} }
?>