controll_2.php 5.99 KB
Newer Older
1
<?php
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

    /* Functions in this file:
    login($username,$passoword) - checks the credentials aganist sucs & uni ldaps
    authCheck($authd,$username) - checks the username and authd area again ban & allow flags
    renew() - checks the players session and tries to renew if allowed
    logout() - removes the session from the database and clears the cookie

    Login Flow:
        call login passing it the username and password
        This will call the ldapAuth function included from ldap-auth.php
        It when then call authCheck with the info to see what the user can do
        If they are allowed access they are then inserted into the database
    Renew Flow:
        call renew, it has no arguments as it works off session_id
        Firstly it gets the username and which ldap server they authd aganist from the database
        Then it calls authCheck with the retrived data to check what they can still do
        If they are still allowed acess the timeout their database entry is update
        Otherwise they are removed from the database
    Logout Flow:
        call logout, it has no arguments as it works off session_id
        It remvoes the user's database entry
        Then destroys the session logging them out fully
    */

26
27
28
29
30
    include('ldap-auth.php');
    error_reporting(E_ERROR);

    session_start();

31
    $DB_PATH = "/opt/gameauth/gameauth.db";
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
    $DB_CON;
    if (!file_exists($DB_PATH)){
        $DB_CON = new SQLite3($DB_PATH);
        $DB_CON->exec("CREATE TABLE gamers
    		(
        		username TEXT PRIMARY KEY NOT NULL,
        		sessionid TEXT NOT NULL,
        		IP TEXT NOT NULL,
        		authd TEXT NOT NULL,
        		lastseen INT NOT NULL
    		)"
    	);
    	$DB_CON->exec("CREATE TABLE bans
    		(
        		username TEXT PRIMARY KEY NOT NULL,
        		reason TEXT
    		)"
    	);
    } else {
        $DB_CON = new SQLite3($DB_PATH);
    }

    function sqlite3Exists($table,$col,$val){
        global $DB_CON;
Stuart John Watson's avatar
Stuart John Watson committed
56
        $query = $DB_CON->prepare("SELECT 1 FROM $table WHERE $col = :val LIMIT 1");
57
        $query->bindValue(':val', $val);
Stuart John Watson's avatar
Stuart John Watson committed
58
        return (bool) $query->execute()->fetchArray();
59
60
    }
    function sqlite3Exec($query){
Stuart John Watson's avatar
Stuart John Watson committed
61
        global $DB_CON;
62
        return $DB_CON->query($query);
63
64
    }

65
    //Checks how authed the user is and returns an obejct describing it
66
67
    function authCheck($authd,$username){
        //Not a valid user
68
        if ($authd != "sucs" && $authd != "uni"){
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
            return [
                level => "NO_LOGIN",
                loginError => "BAD_LOGIN"
            ];
        }

        //Check if they are banned
        if (sqlite3Exists("bans","username",$username)){
            return [
                level => "NO_GAMES",
                loginError => "BANNED"
            ];
        }

        //if they are sucs they are always allowed on
        //or if the uniAllowPath is there (since they will then be uni students)
        if ($authd == "sucs" || file_exists($uniAllowFilePATH)) {
            $accessLevel = "GAME_ACCESS";
        } else {
            //Otherwise they get no games.
            $accessLevel = "NO_GAMES";
            $failReason = "UNI_DISALLOWED";
        }
        return [
            level => $accessLevel,
            loginError => $failReason
        ];
    }

    function login($username,$password){
        //Check to make sure we have a username and password
        if ($username == "" || $password == "") {
                return [
                    level => "NO_LOGIN",
                    loginError => "MISSING_USERNAME_OR_PASSWORD"
                ];
        };

        //Auth the user
        $authd = ldapAuth($username,$password);

        //If they logged in with a email we will detect it and string out username
        if(filter_var($username, FILTER_VALIDATE_EMAIL)){
            //Split the email using "@" as a delimiter
            $s = explode("@",$username);
114
            //Remove the domain (last element), then recombine it
115
116
117
            array_pop($s);
            $username = implode("@",$s);
        }
Imran Hussain's avatar
Imran Hussain committed
118
        $username = strtolower($username);
119
120
121
122
123
124
125
126
127

        $authResult = authCheck($authd,$username);
        //If they gave a good login
        if($authResult["level"] == "GAME_ACCESS"){
            //Add them into the database
            $sessionid = session_id();
            $cip = $_SERVER['REMOTE_ADDR'];
            $time = time();
            sqlite3Exec("DELET FROM gamers WHERE username='$username'");
128
            sqlite3Exec("INSERT INTO gamers (username,sessionid,IP,authd,lastseen) VALUES ('$username','$sessionid','$cip','$authd','$time')");
129
130
131
132
133
134
135
136
137
        }

        //Return the authResult
        return $authResult;
    }

    function renew(){
        $sessionid = session_id();
        if (sqlite3Exists("gamers","sessionid",$sessionid)){
138
139
            $query = sqlite3Exec("SELECT authd,username FROM gamers WHERE sessionid='$sessionid';");
            $row = $query->fetchArray(SQLITE3_NUM);
140
141
142
143
144
145
146
            $authd = $row[0];
            $username = $row[1];

            $authResult = authCheck($authd,$username);

            //Check their login is still good and update if so
            if($authResult["level"] == "GAME_ACCESS"){
147
                $time = time();
148
                sqlite3Exec("UPDATE gamers SET lastseen='$time' WHERE sessionid='$sessionid'");
149
150
151
152
            } else {
                //If it's bad (maybe they have been banned?) delete it and return an error.
                sqlite3Exec("DELETE FROM gamers WHERE sessionid='$sessionid'");
                return $authResult;
153
154
155
156
157
158
159
160
161
162
163
164
            }
            return $authResult;
        } else {
            return [
                level => "NO_LOGIN",
                loginError => "TIMEOUT"
            ];
        }
    }

    function logout(){
        $sessionid = session_id();
165
        sqlite3Exec("DELETE FROM gamers WHERE sessionid='$sessionid'");
166
167
168
169
170
171
        session_destroy();
        return [
            level => "NO_LOGIN",
            loginError => null
        ];
    }
172
173
174
175
176
177

    function serverData(){
        chdir('games');
        include '_manager.php';
        return getGameStatus();
    }
178
?>