PageRenderTime 68ms CodeModel.GetById 44ms RepoModel.GetById 0ms app.codeStats 0ms

/mcsrv/auth.php

https://bitbucket.org/mhell/mhmcr
PHP | 60 lines | 60 code | 0 blank | 0 comment | 13 complexity | 04f55e48b7721e0b3a7375f133355a7b MD5 | raw file
    

  1. <?php

    2. 

  2. 	require_once('../system.php');

    3. 

  3. 	$str = '';

    4. 

  4. 	if (!empty($_POST['user']) and !empty($_POST['password']) and !empty($_POST['version'])) {

    5. 

  5. 		require_once('../inñ/pass.inc.php');

    6. 

  6. 		$login    = $_POST['user'];

    7. 

  7. 		$password = $_POST['password'];

    8. 

  8. 		$ver      = $_POST['version'];

    9. 

  9. 		if (!preg_match("/^[a-zA-Z0-9_-]+$/", $login)) {

    10. 

  10. 			$str = "Login process [Bad symbols Login] ";

    11. 

  11. 			echo "Bad login";

    12. 

  12. 		} elseif (!preg_match("/^[a-zA-Z0-9_-]+$/", $password)) {

    13. 

  13. 			$str = "Login process [Bad symbols Password] ";

    14. 

  14. 			echo "Bad login";

    15. 

  15. 		} elseif (!preg_match("/^[0-9]+$/", $ver)) {

    16. 

  16. 			$str = "Login process [Bad symbols Version] ";

    17. 

  17. 			echo "Bad login";

    18. 

  18. 		} elseif (getGameInfo('launcher') == $ver) {

    19. 

  19. 			$result = mysql_query("SELECT * FROM " . $db['tables']['users'] . " WHERE " . $db['users']['username'] . "='$login';");

    20. 

  20. 			$line   = mysql_fetch_array($result);

    21. 

  21. 			if (!$line) {

    22. 

  22. 				vtxtlog("Login process [Unknown user] User [$login] Password [$password]");

    23. 

  23. 				echo "Bad login";

    24. 

  24. 				exit;

    25. 

  25. 			}

    26. 

  26. 			$user_lvl = $line[$bd_aLvl];

    27. 

  27. 			if ($user_lvl <= 0) {

    28. 

  28. 				$str = "Login process [Banned user] User [$login] Password [$password]";

    29. 

  29. 				echo "Bad login";

    30. 

  30. 			} else {

    31. 

  31. 				$realPass   = $line[$bd_aPassword];

    32. 

  32. 				$orig_login = $line[$bd_aUsername];

    33. 

  33. 				if (checkPass($realPass, $password)) {

    34. 

  34. 					$sessid    = generateSessionId();

    35. 

  35. 					$gamebuild = getGameInfo('build');

    36. 

  36. 					mysql_query("UPDATE " . $db['tables']['users'] . " SET " . $db['users']['session'] . "='$sessid' WHERE " . $db['users']['username'] . "='$login'");

    37. 

  37. 					$dlticket = md5($orig_login);

    38. 

  38. 					echo $gamebuild . ':' . $dlticket . ':' . $orig_login . ':' . $sessid . ':';

    39. 

  39. 					$str = "Login process [Success] User [$login] Session [$sessid]";

    40. 

  40. 				} else {

    41. 

  41. 					$str = "Login process [Bad login] User [$login] Password [$password]";

    42. 

  42. 					echo "Bad login";

    43. 

  43. 				}

    44. 

  44. 			}

    45. 

  45. 		} else {

    46. 

  46. 			$str = "Login process [Old version]";

    47. 

  47. 			echo 'Old version';

    48. 

  48. 		}

    49. 

  49. 	} else {

    50. 

  50. 		$str = "Login process [POST parameter empty] ";

    51. 

  51. 		if (empty($_POST['user']))

    52. 

  52. 			$str .= "LOGIN parameter is empty | ";

    53. 

  53. 		if (empty($_POST['password']))

    54. 

  54. 			$str .= "PASSWORD parameter is empty";

    55. 

  55. 		if (empty($_POST['version']))

    56. 

  56. 			$str .= "VER parameter is empty";

    57. 

  57. 		echo "Bad login";

    58. 

  58. 	}

    59. 

  59. 	vtxtlog($str);

    60. 

  60. ?>
    61.