game-projects/dragon-forks
1
0
Fork 0
Code Issues 64 Pull requests 1 Projects 7 Releases Packages Wiki Activity Actions

♻️ Port the user management to the new db

Browse source
This commit is contained in:
Kazhnuz 2025-04-12 15:12:41 +02:00
parent 43185d4b13
commit dcf952ff9b
5 changed files with 69 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
controllers/site/login.php
View file

@ -8,14 +8,15 @@ function index() {
function index_post() {
global $renderer;
global $router;
// TODO: change the password encryption method
$query = doquery("SELECT * FROM {{table}} WHERE username='".$_POST["username"]."' AND password='".md5($_POST["password"])."' LIMIT 1", "users");
if (mysqli_num_rows($query) != 1) {
global $userRepository;
global $db;
$row = $userRepository->getByUsernameAndPassword($_POST["username"], $_POST["password"]);
if (empty($row)) {
$renderer->simple("Connexion error", "Invalid username or password. Please go back and try again.");
}
$row = mysqli_fetch_array($query);
if (isset($_POST["rememberme"])) { $expiretime = time()+31536000; $rememberme = 1; } else { $expiretime = 0; $rememberme = 0; }
$cookie = $row["id"] . " " . $row["username"] . " " . md5($row["password"] . "--" . $dbsettings["secretword"]) . " " . $rememberme;
$cookie = $row["id"] . " " . $row["username"] . " " . md5($row["password"] . "--" . $db->getSecretWord()) . " " . $rememberme;
setcookie("dkgame", $cookie, $expiretime, "/", "", 0);
$router->redirect("/");
}
@ -44,6 +45,7 @@ function register_post() {
global $router;
global $controlrow;
global $postData;
global $userRepository;
$postData->addField("Username", ["required", "alphanumeric", "unique"], "username", ["field"=>"username", "table"=>"users"]);
$postData->addField("Character Name", ["required", "alphanumeric", "unique"], "charname", ["field"=>"charname", "table"=>"users"]);
@ -55,6 +57,10 @@ function register_post() {
if ($postData->validate() == false) {
$renderer->addPostFields(["username", "charname", "email1", "charclass", "difficulty"]);
if ($controlrow["verifyemail"] == 1) {
$renderer->prepare("verifytext", "A verification code will be sent to the address above, and you will not be able to log in without first entering the code. Please be sure to enter your correct email address.");
}
$renderer->prepare("class1name", $controlrow["class1name"]);
$renderer->prepare("class2name", $controlrow["class2name"]);
$renderer->prepare("class3name", $controlrow["class3name"]);
@ -72,13 +78,11 @@ function register_post() {
$charclass = $postData->getField("charclass");
$difficulty = $postData->getField("difficulty");
$password = md5($password1);
$verifycode = ($controlrow["verifyemail"] == 1)
? substr(str_shuffle(str_repeat('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-', 8)), 0, 8)
: '1';
$query = doquery("INSERT INTO {{table}} SET regdate=NOW(),verify='$verifycode',username='$username',password='$password',email='$email',charname='$charname',charclass='$charclass',difficulty='$difficulty'", "users") or die(mysql_error());
$userRepository->createUser($username, $password1, $email, $charname, $charclass, $difficulty, $verifycode);
if ($controlrow["verifyemail"] == 1) {
if (__sendregmail($email, $verifycode) == true) {
@ -89,15 +93,13 @@ function register_post() {
} else {
$messages->put("success", "Your account was created succesfully.<br /><br />You may now continue to the <a href=\"login.php?do=login\">Login Page</a> and start playing ".$controlrow["gamename"]."!");
}
$router->redirect();
$router->redirect("/");
}
function __sendregmail($emailaddress, $vercode) {
global $controlrow;
$controlquery = doquery("SELECT * FROM {{table}} WHERE id='1' LIMIT 1", "control");
$controlrow = mysqli_fetch_array($controlquery);
extract($controlrow);
$verurl = $gameurl . "?do=verify";
$verurl = $gameurl . "/user/verify";
$email = <<<END
You or someone using your email address recently signed up for an account on the $gamename server, located at $gameurl.

13
kernel/cookies.php
View file

@ -2,32 +2,33 @@
function checkcookies() {
global $renderer;
global $db;
global $userRepository;
$row = false;
if (isset($_COOKIE["dkgame"])) {
// COOKIE FORMAT:
// {ID} {USERNAME} {PASSWORDHASH} {REMEMBERME}
$theuser = explode(" ",$_COOKIE["dkgame"]);
$query = doquery("SELECT * FROM {{table}} WHERE username='$theuser[1]'", "users");
if (mysqli_num_rows($query) != 1) {
$row = $userRepository->getByUsername($theuser[1]);
if ($row === null) {
$renderer->simple("Connexion error", "Invalid cookie data. Please clear cookies and log in again. (Error 1)");
}
$row = mysqli_fetch_array($query);
if ($row["id"] != $theuser[0]) {
$renderer->simple("Connexion error", "Invalid cookie data. Please clear cookies and log in again. (Error 2)");
}
if (md5($row["password"] . "--" . $dbsettings["secretword"]) !== $theuser[2]) {
if (md5($row["password"] . "--" . $db->getSecretWord()) !== $theuser[2]) {
$renderer->simple("Connexion error", "Invalid cookie data. Please clear cookies and log in again. (Error 3)");
}
// If we've gotten this far, cookie should be valid, so write a new one.
$newcookie = implode(" ",$theuser);
if ($theuser[3] == 1) { $expiretime = time()+31536000; } else { $expiretime = 0; }
setcookie ("dkgame", $newcookie, $expiretime, "/", "", 0);
$onlinequery = doquery("UPDATE {{table}} SET onlinetime=NOW() WHERE id='$theuser[0]' LIMIT 1", "users");
$userRepository->updateOnlineTime($theuser[0]);
}
return $row;
}
?>

2
kernel/core.php
View file

@ -27,7 +27,7 @@ if ($userrow != false) {
$renderer->prepare("isConnected", true);
// Force verify if the user isn't verified yet.
if ($controlrow["verifyemail"] == 1 && $userrow["verify"] != 1) {
$router->redirect("/users/verify");
$router->redirect("/user/verify");
}
// Block user if they have been banned.
if ($userrow["authlevel"] == -1) {

2
kernel/init.php
View file

@ -46,6 +46,7 @@ require(PATH_KERNEL . 'database.php');
require(PATH_REPOSITORIES . 'base.php');
require(PATH_REPOSITORIES . 'control.php');
require(PATH_REPOSITORIES . 'users.php');
$starttime = getmicrotime();
@ -55,3 +56,4 @@ $link = opendb();
// Repositories
$controlRepositories = new ControlRepository();
$userRepository = new UserRepository();

42
kernel/repositories/users.php Normal file
View file

@ -0,0 +1,42 @@
<?php
/**
* Repository pour les utilisateurs, contient les différents appels
*/
class UserRepository extends Repository {
public function __construct() {
parent::__construct('users');
}
public function getByUsername($username) {
return $this->fetchOne("SELECT * FROM {{table}} WHERE username = :username", ["username" => $username]);
}
public function getByUsernameAndPassword($username, $password) {
return $this->fetchOne("SELECT * FROM {{table}} WHERE username = :username AND password = :pass", [
"username" => $username,
"pass" => $this->cryptPassword($password)
]);
}
public function updateOnlineTime($id) {
$this->doquery("UPDATE {{table}} SET onlinetime=NOW() WHERE id=:id LIMIT 1", ["id" => $id]);
}
public function createUser($username, $password, $email, $charname, $charclass, $difficulty, $verifycode) {
return $this->doquery("INSERT INTO {{table}} SET regdate=NOW(),verify=:verifycode,username=:username,password=:password,email=:email,charname=:charname,charclass=:charclass,difficulty=:difficulty", [
"username" => $username,
"password" => $this->cryptPassword($password),
"email" => $email,
"charname" => $charname,
"charclass" => $charclass,
"difficulty" => $difficulty,
"verifycode" => $verifycode
]);
}
private function cryptPassword($password) {
// TODO: change the password encryption method
return md5($password);
}
}