You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
477 lines
10 KiB
PHP
477 lines
10 KiB
PHP
<?php
|
|
|
|
// Ryzom Core - MMORPG Framework <http://ryzom.dev/>
|
|
// Copyright (C) 2010 Winch Gate Property Limited
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as
|
|
// published by the Free Software Foundation, either version 3 of the
|
|
// License, or (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
if (!isset($UTILS_PHP))
|
|
{
|
|
|
|
// import HTTP_GET_VARS as _GET if _GET doesn't exist
|
|
if (!isset($_GET) && isset($HTTP_GET_VARS))
|
|
$_GET = &$HTTP_GET_VARS;
|
|
|
|
// import HTTP_POST_VARS as _GET if _POST doesn't exist
|
|
if (!isset($_POST) && isset($HTTP_POST_VARS))
|
|
$_POST = &$HTTP_POST_VARS;
|
|
|
|
$allowCookies = false;
|
|
|
|
// import HTTP_POST_VARS as _GET if _POST doesn't exist
|
|
if ($allowCookies && !isset($_COOKIE) && isset($HTTP_COOKIE_VARS))
|
|
$_COOKIE = &$HTTP_COOKIE_VARS;
|
|
|
|
// -------------------------------------
|
|
// import HTTP param (from a GET or POST, or left if already set...)
|
|
// -------------------------------------
|
|
function importParam($var, $secureValue = true)
|
|
{
|
|
if (!$secureValue && isset($GLOBALS[$var]))
|
|
return;
|
|
|
|
global $allowCookies, $_GET, $_POST, $_COOKIE;
|
|
|
|
if (isset($_GET[$var]))
|
|
$GLOBALS[$var] = $_GET[$var];
|
|
else if (isset($_POST[$var]))
|
|
$GLOBALS[$var] = $_POST[$var];
|
|
else if ($allowCookies && isset($_COOKIE[$var]))
|
|
$GLOBALS[$var] = $_COOKIE[$var];
|
|
else
|
|
{
|
|
//die("Missing arg '$var'");
|
|
unset($GLOBALS[$var]);
|
|
}
|
|
}
|
|
|
|
// -------------------------------------
|
|
// export HTTP param, as if user sent var in a POST
|
|
// -------------------------------------
|
|
function exportParam($var, $value)
|
|
{
|
|
global $_POST;
|
|
$_POST[$var] = $value;
|
|
}
|
|
|
|
|
|
// always sent by client
|
|
importParam('user_login');
|
|
importParam('shard');
|
|
importParam('session_cookie');
|
|
|
|
$user_login = trim($user_login);
|
|
$session_cookie = stripslashes($session_cookie);
|
|
|
|
include_once('config.php');
|
|
|
|
$UTILS_PHP = 1;
|
|
|
|
// -------------------------------------
|
|
// read an index
|
|
// -------------------------------------
|
|
function read_index($file, &$header, &$array)
|
|
{
|
|
if (!file_exists($file))
|
|
{
|
|
$header = '';
|
|
$array = array();
|
|
return;
|
|
}
|
|
|
|
$f = fopen($file, 'r');
|
|
|
|
// read header
|
|
$header = fgets($f, 512);
|
|
|
|
while (!feof($f))
|
|
{
|
|
// get a new line
|
|
$line = trim(fgets($f, 10240));
|
|
|
|
// check line is not empty
|
|
if ($line == "")
|
|
continue;
|
|
|
|
// explode line
|
|
$array[] = explode('%%', $line);
|
|
}
|
|
|
|
fclose($f);
|
|
}
|
|
|
|
// -------------------------------------
|
|
// write an index
|
|
// -------------------------------------
|
|
function write_index($file, $header, &$array)
|
|
{
|
|
$f = fopen($file, 'w');
|
|
|
|
fwrite($f, str_pad(trim($header), 256));
|
|
fwrite($f, "\n");
|
|
|
|
if (count($array) > 0)
|
|
{
|
|
foreach ($array as $l)
|
|
{
|
|
fwrite($f, trim(join('%%', $l)));
|
|
fwrite($f, "\n");
|
|
}
|
|
}
|
|
|
|
fclose($f);
|
|
}
|
|
|
|
|
|
// -------------------------------------
|
|
// write an index
|
|
// -------------------------------------
|
|
function use_index($file)
|
|
{
|
|
if (!file_exists($file))
|
|
{
|
|
$f = fopen($file, 'w');
|
|
update_next_index($f, 0);
|
|
fclose($f);
|
|
}
|
|
}
|
|
|
|
|
|
|
|
// -------------------------------------
|
|
// write an index
|
|
// -------------------------------------
|
|
function read_next_index($f, &$index)
|
|
{
|
|
fseek($f, 0, SEEK_SET);
|
|
$index = (int)fgets($f, 512);
|
|
}
|
|
|
|
// -------------------------------------
|
|
// write an index
|
|
// -------------------------------------
|
|
function update_next_index($f, $index)
|
|
{
|
|
fseek($f, 0, SEEK_SET);
|
|
|
|
fwrite($f, str_pad($index, 256));
|
|
fwrite($f, "\n");
|
|
}
|
|
|
|
// -------------------------------------
|
|
// write an index
|
|
// -------------------------------------
|
|
function append_to_index($f, $line)
|
|
{
|
|
fseek($f, 0, SEEK_END);
|
|
|
|
fwrite($f, $line, 8192);
|
|
fwrite($f, "\n");
|
|
}
|
|
|
|
|
|
|
|
|
|
// -------------------------------------
|
|
// write html prolog
|
|
// -------------------------------------
|
|
function write_prolog($f, $title)
|
|
{
|
|
fwrite($f, "<html><head><title>$title</title></head><body>\n");
|
|
}
|
|
|
|
// -------------------------------------
|
|
// write html epilog
|
|
// -------------------------------------
|
|
function write_epilog($f)
|
|
{
|
|
fwrite($f, "</body></html>\n");
|
|
}
|
|
|
|
|
|
|
|
|
|
// -------------------------------------
|
|
// read template file
|
|
// -------------------------------------
|
|
function read_template($file, &$template)
|
|
{
|
|
global $TEMPLATE_DIR;
|
|
$filename = $TEMPLATE_DIR.'/'.$file;
|
|
$f = fopen($filename, 'r');
|
|
$template = fread($f, filesize($filename));
|
|
fclose($f);
|
|
}
|
|
|
|
|
|
|
|
// -------------------------------------
|
|
// redirect
|
|
// -------------------------------------
|
|
function redirect($url, $time=0)
|
|
{
|
|
echo "<html><head><title>Redirecting...</title>\n";
|
|
echo "<meta http-equiv='refresh' content='$time; URL=$url'>\n";
|
|
echo "</head>\n";
|
|
echo "<body></body></html>\n";
|
|
}
|
|
|
|
|
|
|
|
// -------------------------------------
|
|
// convert to forum name
|
|
// -------------------------------------
|
|
function convert_forum_name($str)
|
|
{
|
|
return ucfirst(strtr($str, '_', ' '));
|
|
}
|
|
|
|
|
|
// -------------------------------------
|
|
// clean string
|
|
// -------------------------------------
|
|
function clean_string($str)
|
|
{
|
|
return strtr($str, array("\n" => '', '%' => '\%'));
|
|
}
|
|
|
|
// -------------------------------------
|
|
// clean content
|
|
// -------------------------------------
|
|
function clean_content($str)
|
|
{
|
|
return strtr($str, array("\n" => '\n', '%' => '\%'));
|
|
}
|
|
|
|
// -------------------------------------
|
|
// displayable string
|
|
// -------------------------------------
|
|
function displayable_string($str)
|
|
{
|
|
return nl2br(htmlspecialchars(stripslashes($str), ENT_QUOTES));
|
|
}
|
|
|
|
// -------------------------------------
|
|
// displayable string
|
|
// -------------------------------------
|
|
function displayable_content($str)
|
|
{
|
|
return htmlspecialchars(stripcslashes($str), ENT_QUOTES);
|
|
}
|
|
|
|
// -------------------------------------
|
|
// displayable string
|
|
// -------------------------------------
|
|
function displayable_date()
|
|
{
|
|
return "<i>date#".date("y/m/d")."</i> ".date("H:i");
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function matchParam($var, $param, &$value)
|
|
{
|
|
$plen = strlen($param);
|
|
if (!strncmp($param, $var, $plen))
|
|
{
|
|
$value = trim(substr($var, $plen));
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
|
|
function nameToFile($name)
|
|
{
|
|
$r = '';
|
|
for ($i=0; $i<strlen($name); ++$i)
|
|
{
|
|
if ($name[$i] == ' ')
|
|
$r .= '_';
|
|
else if ($name[$i] == '%' || $name[$i] <= chr(32) || $name[$i] >= chr(127))
|
|
$r .= sprintf("%%%02x", ord($name[$i]));
|
|
else
|
|
$r .= $name[$i];
|
|
}
|
|
return $r;
|
|
}
|
|
|
|
function nameToURL($name)
|
|
{
|
|
$r = '';
|
|
for ($i=0; $i<strlen($name); ++$i)
|
|
{
|
|
if ($name[$i] == ' ')
|
|
$r .= '%20';
|
|
else
|
|
$r .= $name[$i];
|
|
}
|
|
return $r;
|
|
}
|
|
|
|
function nameFromURL($name)
|
|
{
|
|
return rawurldecode($name);
|
|
}
|
|
|
|
function fileToName($file)
|
|
{
|
|
$n = '';
|
|
for ($p=0; $p<strlen($file); ++$p)
|
|
{
|
|
if ($file[$p] == '%' && $file[$p+1] != '%')
|
|
{
|
|
$b = $file[++$p];
|
|
$b .= $file[++$p];
|
|
list($c) = sscanf($b, "%x");
|
|
$n .= chr($c);
|
|
}
|
|
else if ($file[$p] == '_')
|
|
{
|
|
$n .= ' ';
|
|
}
|
|
else
|
|
{
|
|
$n .= $file[$p];
|
|
}
|
|
}
|
|
return $n;
|
|
}
|
|
|
|
|
|
// -------------------------------------
|
|
// get user home directory
|
|
// -------------------------------------
|
|
function get_user_dir($user, $shard)
|
|
{
|
|
if ($user == "" || $shard == "")
|
|
die("INTERNAL ERROR CODE 1");
|
|
|
|
global $USERS_DIR;
|
|
|
|
$user = nameToFile($user);
|
|
|
|
return $USERS_DIR.'/'.strtolower($shard).'/'.substr(strtolower($user), 0, 2).'/'.strtolower($user).'/';
|
|
}
|
|
|
|
// -------------------------------------
|
|
// build user home directory
|
|
// -------------------------------------
|
|
function build_user_dir($user, $shard)
|
|
{
|
|
$dir = get_user_dir($user, $shard);
|
|
|
|
$p = 0;
|
|
while (!is_dir($dir))
|
|
{
|
|
$p = strpos($dir, '/', $p+1);
|
|
if ($p == 0)
|
|
{
|
|
die("INTERNAL ERROR CODE 3");
|
|
}
|
|
else
|
|
{
|
|
$interm = substr($dir, 0, $p);
|
|
if (!is_dir($interm))
|
|
{
|
|
if (!mkdir($interm, 0777))
|
|
die("INTERNAL ERROR CODE 3");
|
|
}
|
|
}
|
|
}
|
|
return $dir;
|
|
}
|
|
|
|
include_once('login/config.php');
|
|
|
|
// -------------------------------------
|
|
// connect to DB server and select ring DB
|
|
// -------------------------------------
|
|
function connect_to_ring_db()
|
|
{
|
|
global $DBHost, $RingDBUserName, $RingDBPassword, $RingDBName;
|
|
$ringDb = mysql_connect($DBHost, $RingDBUserName, $RingDBPassword) or die("can't connect to ring db @'".$DBHost."' with user '".$RingDBUserName."'");
|
|
mysql_select_db($RingDBName, $ringDb) or die("can't select ring db: '$RingDBName' Host=$DBHost User=$RingDBUserName (not enough privilege?)");
|
|
return $ringDb;
|
|
}
|
|
|
|
// -------------------------------------
|
|
// user_login=character_name => ring_live.characters[user_login].guild_id
|
|
// test ring_live.guilds[guild_id].guild_name == $forum
|
|
// -------------------------------------
|
|
function check_character_belongs_to_guild($charName, $guildName)
|
|
{
|
|
connect_to_ring_db();
|
|
$res = mysql_query(
|
|
"SELECT guilds.guild_name FROM guilds
|
|
JOIN characters ON characters.guild_id=guilds.guild_id
|
|
WHERE char_name='$charName'")
|
|
or die("Can't query guild for $charName in DB");
|
|
if (false === ($row = mysql_fetch_row($res)))
|
|
die("Guild not found for char $charName in DB");
|
|
if ($row[0] != $guildName)
|
|
die("ACCESS DENIED: $charName is not a member of $guildName");
|
|
}
|
|
|
|
$remote_addr = $HTTP_SERVER_VARS['REMOTE_ADDR'];
|
|
if ($remote_addr == "213.208.119.226" || $remote_addr == "38.117.236.132")
|
|
{
|
|
importParam('internal_check');
|
|
if ($internal_check)
|
|
{
|
|
echo "INTERNAL CHECK\n";
|
|
die("$internal_check:1");
|
|
}
|
|
}
|
|
|
|
|
|
/*
|
|
* check user is valid
|
|
*/
|
|
if ($user_login == "support" && ($remote_addr == "192.168.1.153" || $remote_addr == "192.168.3.1") ||
|
|
$remote_addr == "127.0.0.1" )
|
|
{
|
|
echo "SUPPORT MODE!";
|
|
// do not check "support" email that come from rsweb
|
|
//echo $HTTP_SERVER_VARS['REMOTE_ADDR'];
|
|
//die();
|
|
importParam('translate_user_login');
|
|
if ($translate_user_login)
|
|
$user_login = $translate_user_login;
|
|
}
|
|
else
|
|
{
|
|
if (!strstr($HTTP_SERVER_VARS['HTTP_USER_AGENT'], 'Ryzom'))
|
|
die("ERROR: Bad parameters");
|
|
$udir = get_user_dir($user_login, $shard);
|
|
$ufile = $udir.'session';
|
|
if (is_dir($udir) && file_exists($ufile))
|
|
{
|
|
$file = fopen($ufile, 'r');
|
|
if (!$file)
|
|
die("ERROR: Not logged");
|
|
$server_cookie = trim(fgets($file, 1024));
|
|
if ($server_cookie != $session_cookie)
|
|
die("ERROR: Authentication failed");
|
|
}
|
|
else
|
|
{
|
|
die("ERROR: Directory not found: ".$udir);
|
|
}
|
|
}
|
|
|
|
}
|
|
?>
|