clockwerk-www – Diff between revs 43 and 44
?pathlinks?
Rev 43 | Rev 44 | |||
---|---|---|---|---|
1 | <?php |
1 | <?php |
|
2 | |
2 | |
|
3 | ///////////////////////////////////////////////////////////// |
3 | /////////////////////////////////////////////////////////////////////////// |
|
4 | // Wizardry and Steamworks (c) was.fm - 2014, License: MIT // |
- | ||
5 | // // |
- | ||
6 | // Permission is hereby granted, free of charge, to any // |
- | ||
7 | // person obtaining a copy of this software and associated // |
- | ||
8 | // documentation files (the "Software"), to deal in the // |
- | ||
9 | // Software without restriction, //including without // |
- | ||
10 | // limitation the rights to use, copy, modify, merge, // |
- | ||
11 | // publish, distribute, sublicense, and/or sell copies of // |
- | ||
12 | // the Software, and to permit persons to whom the // |
- | ||
13 | // Software is furnished to do so, subject to the // |
- | ||
14 | // following conditions: // |
- | ||
15 | // // |
- | ||
16 | // The above copyright notice and this permission notice // |
- | ||
17 | // shall be included in all copies or substantial portions // |
- | ||
18 | // of the Software. // |
- | ||
19 | // // |
- | ||
20 | // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF // |
- | ||
21 | // ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT // |
- | ||
22 | // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS // |
- | ||
23 | // FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO // |
- | ||
24 | // EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE // |
- | ||
25 | // FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER // |
- | ||
26 | // IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING // |
- | ||
27 | // FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR // |
- | ||
28 | // THE USE OR OTHER DEALINGS IN THE SOFTWARE. // |
- | ||
29 | ///////////////////////////////////////////////////////////// |
- | ||
30 | ///////////////////////////////////////////////////////////// |
- | ||
31 | // CONFIGURATION // |
4 | // Copyright (C) Wizardry and Steamworks 2014 - License: MIT // |
|
- | 5 | /////////////////////////////////////////////////////////////////////////// |
||
32 | ///////////////////////////////////////////////////////////// |
6 | |
|
33 | // Hostname or IP of your OpenSim MySQL server. |
7 | // Hostname or IP of your OpenSim MySQL server. |
|
34 | define("MYSQL_HOSTNAME", "localhost"); |
8 | $MYSQL_HOSTNAME='localhost'; |
|
35 | // Username of the OpenSim MySQL user. |
9 | // Username of the OpenSim MySQL user. |
|
36 | define("MYSQL_USERNAME", "opensim"); |
10 | $MYSQL_USERNAME='opensim'; |
|
37 | // Password of the OpenSim MySQL user. |
11 | // Password of the OpenSim MySQL user. |
|
38 | define("MYSQL_PASSWORD", "***"); |
12 | $MYSQL_PASSWORD='***'; |
|
39 | // Name of the OpenSim database on the MySQL server. |
13 | // Name of the OpenSim database on the MySQL server. |
|
40 | define("MYSQL_DATABASE", "opensim"); |
14 | $MYSQL_DATABASE='opensim'; |
|
41 | |
15 | |
|
42 | require_once 'lib/recaptchalib.php'; |
16 | require_once 'lib/recaptchalib.php'; |
|
43 | require_once 'lib/wasRemoteAdmin.php'; |
17 | require_once 'lib/wasRemoteAdmin.php'; |
|
44 | |
18 | |
|
45 | define('RECAPTCHA_PRIVATE_KEY', '6Lcz9ukSAAAAAC3u90rcOIdnNnaK_JgMjrOsSzZr'); |
19 | define('RECAPTCHA_PRIVATE_KEY', '6Lcz9ukSAAAAAC3u90rcOIdnNnaK_JgMjrOsSzZr'); |
|
46 | |
20 | |
|
47 | $first = $_POST["first"]; |
21 | $first = $_GET["first"]; |
|
48 | $last = $_POST["last"]; |
22 | $last = $_GET["last"]; |
|
49 | $region = $_POST["region"]; |
23 | $region = $_GET["region"]; |
|
50 | $password = $_POST["password"]; |
24 | $password = $_GET["password"]; |
|
51 | |
25 | |
|
52 | $resp = recaptcha_check_answer(RECAPTCHA_PRIVATE_KEY, |
26 | $resp = recaptcha_check_answer(RECAPTCHA_PRIVATE_KEY, |
|
53 | $_SERVER["REMOTE_ADDR"], |
27 | $_SERVER["REMOTE_ADDR"], |
|
54 | $_POST["recaptcha_challenge_field"], |
28 | $_POST["recaptcha_challenge_field"], |
|
55 | $_POST["recaptcha_response_field"]); |
29 | $_POST["recaptcha_response_field"]); |
|
56 | |
30 | |
|
57 | if ($resp->is_valid) { |
31 | if ($resp->is_valid) { |
|
58 | $req = new wasRemoteAdmin('http://127.0.0.1:10000', 'opensim'); |
32 | $req = new wasRemoteAdmin('http://127.0.0.1:10000', 'opensim'); |
|
59 | $ret = $req->admin_authenticate_user($first, $last, MD5($password), '1'); |
33 | $ret = $req->admin_authenticate_user($first, $last, MD5($password), '1'); |
|
60 | $rep = new SimpleXMLElement($ret); |
34 | $rep = new SimpleXMLElement($ret); |
|
61 | foreach($rep->params->param->value->struct->member as $member) { |
35 | foreach($rep->params->param->value->struct->member as $member) { |
|
62 | if ($member->name == "success" && $member->value->boolean == "0") { |
36 | if ($member->name == "success" && $member->value->boolean == "0") { |
|
63 | echo 'Sorry, wrong password.'; |
37 | echo 'Sorry, wrong password.'; |
|
64 | exit; |
38 | exit; |
|
65 | } |
- | ||
66 | } |
- | ||
67 | try { |
- | ||
68 | $mysql = new PDO('mysql:host=MYSQL_HOSTNAME;dbname=MYSQL_DATABASE;', 'MYSQL_USERNAME', 'MYSQL_PASSWORD'); |
- | ||
69 | $mysql->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
- | ||
70 | $query = $mysql->prepare("SELECT RegionName FROM regions WHERE owner_uuid=(SELECT PrincipalID FROM UserAccounts WHERE FirstName=:first AND LastName=:last)"); |
- | ||
71 | $query->bindParam(':first', $first); |
- | ||
72 | $query->bindParam(':last', $last); |
- | ||
73 | $query->execute(); |
- | ||
74 | } |
39 | } |
|
- | 40 | } |
||
- | 41 | try { |
||
- | 42 | $mysql = new PDO('mysql:host='.$MYSQL_HOSTNAME.';dbname='.$MYSQL_DATABASE.';', $MYSQL_USERNAME, $MYSQL_PASSWORD); |
||
- | 43 | $mysql->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
||
- | 44 | $query = $mysql->prepare("SELECT RegionName FROM regions WHERE owner_uuid=(SELECT PrincipalID FROM UserAccounts WHERE FirstName=:first AND LastName=:last)"); |
||
- | 45 | $query->bindParam(':first', $first); |
||
- | 46 | $query->bindParam(':last', $last); |
||
- | 47 | $query->execute(); |
||
- | 48 | } |
||
75 | catch(PDOException $e) { |
49 | catch(PDOException $e) { |
|
76 | print 'The given agent is not the owner of the region to download.'; |
50 | print 'The given agent is not the owner of the region to download.'; |
|
77 | return 1; |
51 | return 1; |
|
- | 52 | } |
||
- | 53 | while ($result = $query->fetchObject()) { |
||
- | 54 | if ($result->RegionName == $region) { |
||
- | 55 | $oar_path = '/var/lib/oar/'.$region.'/'.$region.'.oar'; |
||
- | 56 | if (file_exists($oar_path)) { |
||
- | 57 | header('Content-Description: File Transfer'); |
||
- | 58 | header('Content-Type: application/x-gzip-compressed'); |
||
- | 59 | header('Content-Disposition: attachment; filename='.basename($oar_path)); |
||
- | 60 | header('Content-Transfer-Encoding: binary'); |
||
- | 61 | header('Expires: 0'); |
||
- | 62 | header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); |
||
- | 63 | header('Pragma: public'); |
||
- | 64 | header('Content-Length: '.filesize($oar_path)); |
||
- | 65 | readfile($oar_path); |
||
- | 66 | exit; |
||
- | 67 | } |
||
78 | } |
68 | } |
|
79 | while ($result = $query->fetchObject()) { |
- | ||
80 | if ($result->RegionName == $region) { |
- | ||
81 | $oar_path = '/var/lib/oar/'.$region.'.oar'; |
- | ||
82 | if (file_exists($oar_path)) { |
- | ||
83 | if (false !== ($handler = fopen($oar_path, 'r'))) { |
- | ||
84 | header('Content-Description: File Transfer'); |
- | ||
85 | header('Content-Type: application/x-gzip-compressed'); |
- | ||
86 | header('Content-Disposition: attachment; filename='.basename($oar_path)); |
- | ||
87 | header('Content-Transfer-Encoding: binary'); |
- | ||
88 | header('Expires: 0'); |
- | ||
89 | header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); |
- | ||
90 | header('Pragma: public'); |
- | ||
91 | header('Content-Length: '.filesize($oar_path)); |
- | ||
92 | while (false !== ($chunk = fread($handler, 4096))) { |
- | ||
93 | echo $chunk; |
- | ||
94 | } |
- | ||
95 | } |
- | ||
96 | exit; |
- | ||
97 | } |
- | ||
98 | } |
- | ||
99 | } |
69 | } |
|
100 | } |
70 | } |
|
101 | |
71 | |
|
102 | echo '<p>Sorry, incorrect captcha. Please try again.</p>'; |
72 | echo '<p>Sorry, incorrect CAPTCHA. Please try again.</p>'; |
|
103 | |
73 | |