clockwerk-www – Rev 57

Subversion Repositories:
Rev:
<?php

///////////////////////////////////////////////////////////////////////////
//       Copyright (C) Wizardry and Steamworks 2014 - License: MIT       //
///////////////////////////////////////////////////////////////////////////

// Hostname or IP of your OpenSim MySQL server.
$MYSQL_HOSTNAME='localhost';
// Username of the OpenSim MySQL user.
$MYSQL_USERNAME='opensim';
// Password of the OpenSim MySQL user.
$MYSQL_PASSWORD='***';
// Name of the OpenSim database on the MySQL server.
$MYSQL_DATABASE='opensim';

require_once 'lib/recaptchalib.php';
require_once 'lib/wasRemoteAdmin.php';

define('RECAPTCHA_PRIVATE_KEY', '6Lcz9ukSAAAAAC3u90rcOIdnNnaK_JgMjrOsSzZr');

$first = $_POST["first"];
$last = $_POST["last"];
$region = $_POST["region"];
$file = $_FILES["file"]["tmp_name"];
$password = $_POST["password"];

$resp = recaptcha_check_answer(RECAPTCHA_PRIVATE_KEY,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);

?>

<!DOCTYPE html>
<html>
<head>
<title>Clockwerk</title>
<link rel="stylesheet" href="css/gray.css" type="text/css" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
</head>
<body class=dark-grey>
<div class="center">
<img src="img/clockwerk-logo.png" alt="logo">
<h1><?php print gethostname(); ?></h1>
<hr>

<?php

  switch((bool)$resp->is_valid) {
    case TRUE:
      $req = new wasRemoteAdmin('http://127.0.0.1:10000', 'opensim');
      $ret = $req->admin_authenticate_user($first, $last, MD5($password), '1');
      $rep = new SimpleXMLElement($ret);
      foreach($rep->params->param->value->struct->member as $member) {
        switch($member->name) {
          case "success":
            switch((bool)$member->value->boolean) {
              case TRUE:
                try {
                  $mysql = new PDO('mysql:host='.$MYSQL_HOSTNAME.';dbname='.$MYSQL_DATABASE.';', $MYSQL_USERNAME, $MYSQL_PASSWORD);
                  $mysql->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
                  $query = $mysql->prepare("SELECT RegionName FROM regions WHERE owner_uuid=(SELECT PrincipalID FROM UserAccounts WHERE FirstName=:first AND LastName=:last)");
                  $query->bindParam(':first', $first);
                  $query->bindParam(':last', $last);
                  $query->execute();
                }
                catch(PDOException $e) {
                  print '<p>Sorry, the authenticated agent is not the owner of the region to download.</p>';
                  goto last;
                }
                while ($result = $query->fetchObject()) {
                  if ($result->RegionName == $region) {
                    if (file_exists($file)) {
                      $req->admin_console_command('change region '.$region);
                      chmod($file, 0644);
                      $req->admin_console_command('load oar '.$file);
                      chmod($file, 0600);
                      echo '<p>OAR uploaded successfully.</p>';
                      goto last;
                    }
                  }
                }
                goto last;
              default:
                echo '<p>Sorry, wrong password.</p>';
                goto last;
            }
            break;
          }
        }
    default:
      echo '<p>Sorry, incorrect CAPTCHA. Please try again.</p>';
  }

last:

?>

<p>
<a class="button" href="welcome.php">Main Page</a>
</p>
</div>
</body>
</html>