Skip to content

Commit

Permalink
mojang auth and small stuff
Browse files Browse the repository at this point in the history
  • Loading branch information
@GeorgeFilipkin
GeorgeFilipkin committed Oct 16, 2014
1 parent fde33d9 commit 7d7a079
Show file tree
Hide file tree
Showing 3 changed files with 39 additions and 12 deletions.
28 changes: 24 additions & 4 deletions functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,26 @@ function m_join($accessToken,$selectedProfile) {
return TRUE;
}

function mojang_hasJoined($user,$serverId) {
$link = newdb();
$stmt = $link->prepare("SELECT isMojang, accessToken FROM players WHERE player=?");
$stmt->bind_param('s',$user);
$stmt->execute();
$stmt->bind_result($isMojang,$accessToken);
if (!$stmt->fetch()) {
if($GLOBALS['DEBUG']) error_log("mojang_hasJoined: $user is $isMojang");
return FALSE;
}
if (!$isMojang)
return FALSE;
$json = file_get_contents("https://sessionserver.mojang.com/session/minecraft/hasJoined?username=$user&serverId=$serverId");
if (strlen(json) == 0)
return FALSE;
$jsonData=json_decode($json,true);
$jsonData['id'] = $accessToken;
return json_encode($jsonData);
}

function m_hasJoined($user,$serverId) {
$link = newdb();
$stmt = $link->prepare("SELECT serverId FROM players WHERE player=?");
Expand Down Expand Up @@ -77,16 +97,16 @@ function m_unban($user,$target,$reason) {
return TRUE;
}

function m_ismod($user) {
function m_isMod($user) {
$link = newdb();
$stmt = $link->prepare("SELECT ismod FROM players where player=?");
$stmt = $link->prepare("SELECT isMod FROM players where player=?");
$stmt->bind_param('s',$user);
if (!$stmt->execute())
return FALSE;
$stmt->bind_result($ismod);
$stmt->bind_result($isMod);
if (!$stmt->fetch())
return FALSE;
return (bool)$ismod;
return (bool)$isMod;
}

function echo_log($string){
Expand Down
20 changes: 13 additions & 7 deletions index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
$jsonData=json_decode($json,true);

(empty($_GET['act'])) && die('wat');
//$skinDate=round(microtime(true) * 1000)+90000;
$skinDate=((time() * 1000));

switch ($_GET['act']) {
Expand Down Expand Up @@ -72,13 +73,18 @@
case 'hasJoined':
if(empty($_GET['username']) || empty($_GET['serverId']))
die('Bad request');
if(!m_hasJoined($_GET['username'],$_GET['serverId']))
die();
$status = m_checkban($_GET['username']);
if ($status) {
$answer = array('username' => $_GET['username'], 'status' => 'banned', 'info' => $status);
die(echo_log(json_encode($answer)));
}
if(!m_hasJoined($_GET['username'],$_GET['serverId'])) {
$answer=mojang_hasJoined($_GET['username'],$_GET['serverId']);
if (!strlen($answer))
die();
echo_log($answer);
break;
}
header("HTTP/1.1 200 OK");
$link = newdb();
$stmt = $link->prepare("SELECT clientToken,isCapeOn FROM players WHERE player=?");
Expand Down Expand Up @@ -137,7 +143,7 @@
$error = array('error' => 'Unauthorized', 'errorMessage' => 'Unauthorized', 'cause' => 'Wrong username/password');
die(echo_log(json_encode($error)));
}
if ((!m_ismod($_GET['username']) || m_checkban($_GET['username']))) {
if ((!m_isMod($_GET['username']) || m_checkban($_GET['username']))) {
header("HTTP/1.1 401 Unauthorized");
$error = array('error' => 'Unauthorized', 'errorMessage' => 'Unauthorized', 'cause' => 'Permission denied');
die(echo_log(json_encode($error)));
Expand All @@ -162,10 +168,10 @@
die('Bad request');
if (!m_login($_GET['username'],$_GET['password'])) {
header("HTTP/1.1 401 Unauthorized");
$error = array('error' => 'Unauthorized', 'errorMessage' => 'Unauthorized', 'cause' => 'Wrong usernam/passworde');
$error = array('error' => 'Unauthorized', 'errorMessage' => 'Unauthorized', 'cause' => 'Wrong username/password');
die(echo_log(json_encode($error)));
}
if ((!m_ismod($_GET['username']) || m_checkban($_GET['username']))) {
if ((!m_isMod($_GET['username']) || m_checkban($_GET['username']))) {
header("HTTP/1.1 401 Unauthorized");
$error = array('error' => 'Unauthorized', 'errorMessage' => 'Unauthorized', 'cause' => 'Permission denied');
die(echo_log(json_encode($error)));
Expand Down Expand Up @@ -196,9 +202,9 @@
die(echo_log(json_encode(array('error' => 'Bad request',
'errorMessage' => 'Bad request', 'cause' => 'Bad request'))));
if (!m_login($jsonData['username'],$jsonData['password']))
die();
die(json_encode(array('error' => 'Unauthorized', 'errorMessage' => 'Unauthorized', 'cause' => 'Wrong username/password')));
if (file_put_contents("./feedback/".$jsonData['username'].".".
date('Y-m-d_H-i-s_').explode(" ",microtime())[0].".log",$jsonData['desc']."\n".$jsonData['log']."\n")) {
date('Y-m-d_H-i-s_').explode(" ",microtime())[0].".log",base64_decode($jsonData['desc'])."\n".base64_decode($jsonData['log'])."\n")) {
$answer = array('username' => $jsonData['username'], 'status' => 'accepted');
} else {
$answer = array('username' => $jsonData['username'], 'status' => 'not accepted');
Expand Down
3 changes: 2 additions & 1 deletion schema.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,8 @@ CREATE TABLE `players` (
`player` varchar(32) DEFAULT NULL,
`password` varchar(64) DEFAULT NULL,
`salt` varchar(64) DEFAULT NULL,
`ismod` tinyint(1) DEFAULT '0',
`isMod` tinyint(1) DEFAULT '0',
`isMojang` tinyint(1) DEFAULT '0',
`isCapeOn` tinyint(1) DEFAULT '0',
`clientToken` varchar(64) DEFAULT NULL,
`accessToken` varchar(64) DEFAULT NULL,
Expand Down

0 comments on commit 7d7a079

Please sign in to comment.