From 3e06bf376fafdd3a4bcb7ab5ea077bdc4c1ca054 Mon Sep 17 00:00:00 2001 From: kaetemi Date: Tue, 2 Sep 2014 19:56:37 +0200 Subject: [PATCH] Remove invalid behaviour with ring databases --- code/web/private_php/ams/autoload/helpers.php | 191 +++++++++--------- code/web/private_php/ams/autoload/users.php | 76 +++---- code/web/public_php/ams/inc/login.php | 21 +- 3 files changed, 148 insertions(+), 140 deletions(-) diff --git a/code/web/private_php/ams/autoload/helpers.php b/code/web/private_php/ams/autoload/helpers.php index 0ac440800..272d758e1 100644 --- a/code/web/private_php/ams/autoload/helpers.php +++ b/code/web/private_php/ams/autoload/helpers.php @@ -1,16 +1,16 @@ setCompileDir( $SITEBASE . '/templates_c/' ); $smarty -> setCacheDir( $SITEBASE . '/cache/' ); @@ -35,11 +35,11 @@ class Helpers { // caching must be disabled for multi-language support $smarty -> caching = false; $smarty -> cache_lifetime = 5; - + // needed by smarty. helpers :: create_folders (); global $FORCE_INGAME; - + // if ingame, then use the ingame templates if ( helpers :: check_if_game_client() or $FORCE_INGAME ) { $smarty -> template_dir = $AMS_LIB . '/ingame_templates/'; @@ -47,29 +47,29 @@ class Helpers { $variables = parse_ini_file( $AMS_LIB . '/configs/ingame_layout.ini', true ); foreach ( $variables[$INGAME_LAYOUT] as $key => $value ) { $smarty -> assign( $key, $value ); - } + } } else { $smarty -> template_dir = $SITEBASE . '/templates/'; $smarty -> setConfigDir( $SITEBASE . '/configs' ); - } - + } + foreach ( $vars as $key => $value ) { $smarty -> assign( $key, $value ); - } - + } + // load page specific variables that are language dependent $variables = Helpers :: handle_language(); if ( $template != 'layout_plugin' ) { foreach ( $variables[$template] as $key => $value ) { $smarty -> assign( $key, $value ); - } - } + } + } // load ams content variables that are language dependent foreach ( $variables['ams_content'] as $key => $value ) { $smarty -> assign( $key, $value ); - } - + } + //load ams content variables that are language dependent foreach ( $variables['ams_content'] as $key => $value){ $smarty -> assign( $key, $value); @@ -84,20 +84,20 @@ class Helpers { $inherited = "extends:layout_user.tpl|"; } else { $inherited = ""; - } - + } + // if $returnHTML is set to true, return the html by fetching the template else display the template. if ( $returnHTML == true ) { return $smarty -> fetch( $inherited . $template . '.tpl' ); } else { $smarty -> display( $inherited . $template . '.tpl' ); - } - } - - + } + } + + /** * creates the folders that are needed for smarty. - * + * * @todo for the drupal module it might be possible that drupal_mkdir needs to be used instead of mkdir, also this should be in the install.php instead. */ static public function create_folders() { @@ -112,19 +112,19 @@ class Helpers { $SITEBASE . '/configs' ); foreach ( $arr as &$value ) { - + if ( !file_exists( $value ) ) { print( $value ); mkdir( $value ); - } - } - - } - - + } + } + + } + + /** * check if the http request is sent ingame or not. - * + * * @return returns true in case it's sent ingame, else false is returned. */ static public function check_if_game_client() @@ -135,37 +135,37 @@ class Helpers { return true; } else { return false; - } - } - - + } + } + + /** * Handles the language specific aspect. * The language can be changed by setting the $_GET['Language'] & $_GET['setLang'] together. This will also change the language entry of the user in the db. * Cookies are also being used in case the user isn't logged in. - * + * * @return returns the parsed content of the language .ini file related to the users language setting. */ static public function handle_language() { global $DEFAULT_LANGUAGE; global $AMS_TRANS; - + // if user wants to change the language if ( isset( $_GET['Language'] ) && isset( $_GET['setLang'] ) ) { // The ingame client sometimes sends full words, derive those! switch ( $_GET['Language'] ) { - + case "English": $lang = "en"; break; - + case "French": $lang = "fr"; break; - + default: $lang = $_GET['Language']; - } + } // if the file exists en the setLang = true if ( file_exists( $AMS_TRANS . '/' . $lang . '.ini' ) && $_GET['setLang'] == "true" ) { // set a cookie & session var and incase logged in write it to the db! @@ -173,10 +173,10 @@ class Helpers { $_SESSION['Language'] = $lang; if ( WebUsers :: isLoggedIn() ) { WebUsers :: setLanguage( $_SESSION['id'], $lang ); - } + } } else { $_SESSION['Language'] = $DEFAULT_LANGUAGE; - } + } } else { // if the session var is not set yet if ( !isset( $_SESSION['Language'] ) ) { @@ -186,61 +186,68 @@ class Helpers { // else use the default language } else { $_SESSION['Language'] = $DEFAULT_LANGUAGE; - } - } - } + } + } + } if ( $_SESSION['Language'] == "" ) { $_SESSION['Language'] = $DEFAULT_LANGUAGE; - } + } return parse_ini_file( $AMS_TRANS . '/' . $_SESSION['Language'] . '.ini', true ); - } + } -/** - * Time output function for handling the time display. - * - * @return returns the time in the format specified in the $TIME_FORMAT global variable. - */ -static public function outputTime( $time, $str = 1 ) { -global $TIME_FORMAT; - if ( $str ) { - return date( $TIME_FORMAT, strtotime( $time ) ); - } else { - return date( $TIME_FORMAT, $time ); - } -} + /** + * Time output function for handling the time display. + * + * @return returns the time in the format specified in the $TIME_FORMAT global variable. + */ + static public function outputTime($time, $str = 1) { + global $TIME_FORMAT; + if ($str) { + return date($TIME_FORMAT, strtotime($time)); + } else { + return date($TIME_FORMAT, $time); + } + } + + /** + * Auto login function for ingame use. + * This function will allow users who access the website ingame, to log in without entering the username and password. It uses the COOKIE entry in the open_ring db. + * it checks if the cookie sent by the http request matches the one in the db. This cookie in the db is changed everytime the user relogs. + * + * @return returns "FALSE" if the cookies didn't match, else it returns an array with the user's id and name. + */ + static public function check_login_ingame() { + return NULL; + + // FIXME + /* + if ( helpers :: check_if_game_client () or $forcelibrender = false ) { + $dbr = new DBLayer( "ring" ); + if ( isset( $_GET['UserId'] ) && isset( $_COOKIE['ryzomId'] ) ) { + $id = $_GET['UserId']; + + $statement = $dbr -> select( "ring_users", array( 'id' => $id, 'cookie' => $_COOKIE['ryzomId'] ), "user_id=:id AND cookie =:cookie" ); + + // $statement = $dbr->execute("SELECT * FROM ring_users WHERE user_id=:id AND cookie =:cookie", array('id' => $id, 'cookie' => $_COOKIE['ryzomId'])); + + if ( $statement -> rowCount() ) { + $entry = $statement -> fetch(); + // print_r($entry); + return array( 'id' => $entry['user_id'], 'name' => $entry['user_name'] ); + } else { + return "FALSE"; + } + } else { + return "FALSE"; + } + } else { + return "FALSE"; + } + } + */ + } -/** - * Auto login function for ingame use. - * This function will allow users who access the website ingame, to log in without entering the username and password. It uses the COOKIE entry in the open_ring db. - * it checks if the cookie sent by the http request matches the one in the db. This cookie in the db is changed everytime the user relogs. - * - * @return returns "FALSE" if the cookies didn't match, else it returns an array with the user's id and name. - */ -static public function check_login_ingame() { -if ( helpers :: check_if_game_client () or $forcelibrender = false ) { - $dbr = new DBLayer( "ring" ); - if ( isset( $_GET['UserId'] ) && isset( $_COOKIE['ryzomId'] ) ) { - $id = $_GET['UserId']; - - $statement = $dbr -> select( "ring_users", array( 'id' => $id, 'cookie' => $_COOKIE['ryzomId'] ), "user_id=:id AND cookie =:cookie" ); - - // $statement = $dbr->execute("SELECT * FROM ring_users WHERE user_id=:id AND cookie =:cookie", array('id' => $id, 'cookie' => $_COOKIE['ryzomId'])); - - if ( $statement -> rowCount() ) { - $entry = $statement -> fetch(); - // print_r($entry); - return array( 'id' => $entry['user_id'], 'name' => $entry['user_name'] ); - } else { - return "FALSE"; - } - } else { - return "FALSE"; - } - } else { - return "FALSE"; - } -} } diff --git a/code/web/private_php/ams/autoload/users.php b/code/web/private_php/ams/autoload/users.php index b398270e4..baa3eb2f2 100644 --- a/code/web/private_php/ams/autoload/users.php +++ b/code/web/private_php/ams/autoload/users.php @@ -6,12 +6,12 @@ * @author Daan Janssens, mentored by Matthew Lagoe */ class Users{ - + /** * checks if entered values before registering are valid. * @param $values array with Username,Password, ConfirmPass and Email. * @return string Info: Returns a string, if input data is valid then "success" is returned, else an array with errors - */ + */ public function check_Register($values){ // check values if ( isset( $values["Username"] ) and isset( $values["Password"] ) and isset( $values["ConfirmPass"] ) and isset( $values["Email"] ) ){ @@ -44,7 +44,7 @@ class Users{ }else{ $pageElements['USERNAME_ERROR'] = 'FALSE'; } - + if ( $pass != "success" ){ $pageElements['PASSWORD_ERROR'] = 'TRUE'; }else{ @@ -69,13 +69,13 @@ class Users{ } } - - + + /** * checks if entered username is valid. * @param $username the username that the user wants to use. * @return string Info: Returns a string based on if the username is valid, if valid then "success" is returned - */ + */ public function checkUser( $username ) { if ( isset( $username ) ){ @@ -95,7 +95,7 @@ class Users{ } return "fail"; } - + /** * check if username already exists. * This is the base function, it should be overwritten by the WebUsers class. @@ -105,10 +105,10 @@ class Users{ protected function checkUserNameExists($username){ //You should overwrite this method with your own version! print('this is the base class!'); - + } - - + + /** * checks if the password is valid. * @param $pass the password willing to be used. @@ -129,8 +129,8 @@ class Users{ } return "fail"; } - - + + /** * checks if the confirmPassword matches the original. * @param $pass_result the result of the previous password check. @@ -152,8 +152,8 @@ class Users{ } return "fail"; } - - + + /** * wrapper to check if the email address is valid. * @param $email the email address @@ -185,10 +185,10 @@ class Users{ protected function checkEmailExists($email){ //TODO: You should overwrite this method with your own version! print('this is the base class!'); - + } - - + + /** * check if the emailaddress structure is valid. * @param $email the email address @@ -276,7 +276,7 @@ class Users{ // done! return $salt; } - + /** @@ -286,23 +286,25 @@ class Users{ * @param $user_id the extern id of the user (the id given by the www/CMS) * @return ok if it's get correctly added to the shard, else return lib offline and put in libDB, if libDB is also offline return liboffline. */ - public static function createUser($values, $user_id){ + public static function createUser($values, $user_id){ try { //make connection with and put into shard db $dbs = new DBLayer("shard"); $dbs->insert("user", $values); + /* $dbr = new DBLayer("ring"); $valuesRing['user_id'] =$user_id; $valuesRing['user_name'] = $values['Login']; $valuesRing['user_type'] = 'ut_pioneer'; - $dbr->insert("ring_users", $valuesRing); + $dbr->insert("ring_users", $valuesRing); + */ ticket_user::createTicketUser( $user_id, 1); return "ok"; } catch (PDOException $e) { //oh noooz, the shard is offline! Put in query queue at ams_lib db! try { - $dbl = new DBLayer("lib"); + $dbl = new DBLayer("lib"); $dbl->insert("ams_querycache", array("type" => "createUser", "query" => json_encode(array($values["Login"],$values["Password"],$values["Email"])), "db" => "shard")); ticket_user::createTicketUser( $user_id , 1 ); @@ -311,17 +313,17 @@ class Users{ print_r($e); return "liboffline"; } - } + } } - + /** * creates permissions in the shard db for a user. * incase the shard is offline it will place it in the ams_querycache. * @param $pvalues with username */ public static function createPermissions($pvalues) { - + try { $values = array('username' => $pvalues[0]); $dbs = new DBLayer("shard"); @@ -338,12 +340,12 @@ class Users{ //oh noooz, the shard is offline! Put it in query queue at ams_lib db! $dbl = new DBLayer("lib"); $dbl->insert("ams_querycache", array("type" => "createPermissions", - "query" => json_encode(array($pvalues[0])), "db" => "shard")); - } + "query" => json_encode(array($pvalues[0])), "db" => "shard")); + } return true; } - - + + /** * check if username and password matches. * This is the base function, it should be overwritten by the WebUsers class. @@ -353,7 +355,7 @@ class Users{ protected static function checkLoginMatch($user,$pass){ print('This is the base class!'); } - + /** * check if the changing of a password is valid. * a mod/admin doesn't has to fill in the previous password when he wants to change the password, however for changing his own password he has to fill it in. @@ -412,7 +414,7 @@ class Users{ return $pageElements; } } - + /** * sets the shards password. * in case the shard is offline, the entry will be stored in the ams_querycache. @@ -421,9 +423,9 @@ class Users{ * @return ok if it worked, if the lib or shard is offline it will return liboffline or shardoffline. */ protected static function setAmsPassword($user, $pass){ - + $values = Array('Password' => $pass); - + try { //make connection with and put into shard db $dbs = new DBLayer("shard"); @@ -440,9 +442,9 @@ class Users{ }catch (PDOException $e) { return "liboffline"; } - } + } } - + /** * sets the shards email. * in case the shard is offline, the entry will be stored in the ams_querycache. @@ -451,9 +453,9 @@ class Users{ * @return ok if it worked, if the lib or shard is offline it will return liboffline or shardoffline. */ protected static function setAmsEmail($user, $mail){ - + $values = Array('Email' => $mail); - + try { //make connection with and put into shard db $dbs = new DBLayer("shard"); @@ -470,6 +472,6 @@ class Users{ }catch (PDOException $e) { return "liboffline"; } - } + } } } diff --git a/code/web/public_php/ams/inc/login.php b/code/web/public_php/ams/inc/login.php index b40d3bc1d..23ad547a9 100644 --- a/code/web/public_php/ams/inc/login.php +++ b/code/web/public_php/ams/inc/login.php @@ -5,35 +5,34 @@ * We will compare the values and if they match, the user will be automatically logged in! * @author Daan Janssens, mentored by Matthew Lagoe */ -function login(){ +function login() { global $INGAME_WEBPATH; global $WEBPATH; - if ( helpers :: check_if_game_client () ){ + if (helpers::check_if_game_client()) { //check if you are logged in ingame, this should auto login $result = Helpers::check_login_ingame(); - if( $result != "FALSE"){ + if ($result) { //handle successful login $_SESSION['user'] = $result['name']; $_SESSION['id'] = WebUsers::getId($result['name']); $_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id'])); //go back to the index page. if (Helpers::check_if_game_client()) { - header( 'Location: '.$INGAME_WEBPATH ); - }else{ - header( 'Location: '.$WEBPATH ); + header('Location: ' . $INGAME_WEBPATH); + } else { + header('Location: ' . $WEBPATH); } exit; } } $pageElements['ingame_webpath'] = $INGAME_WEBPATH; $GETString = ""; - foreach($_GET as $key => $value){ + foreach ($_GET as $key => $value) { $GETString = $GETString . $key . '=' . $value . "&"; - } - if($GETString != ""){ - $GETString = '?'.$GETString; + } + if ($GETString != "") { + $GETString = '?' . $GETString; } $pageElements['getstring'] = $GETString; return $pageElements; - }