diff options
Diffstat (limited to '')
-rw-r--r-- | ogs/gridserver/usersessions/.htaccess | 5 | ||||
-rw-r--r-- | ogs/gridserver/usersessions/index.php | 81 |
2 files changed, 86 insertions, 0 deletions
diff --git a/ogs/gridserver/usersessions/.htaccess b/ogs/gridserver/usersessions/.htaccess new file mode 100644 index 0000000..3b76a74 --- /dev/null +++ b/ogs/gridserver/usersessions/.htaccess | |||
@@ -0,0 +1,5 @@ | |||
1 | Options +FollowSymlinks | ||
2 | |||
3 | RewriteEngine on | ||
4 | RewriteOptions MaxRedirects=1 | ||
5 | RewriteRule .* index.php [L] | ||
diff --git a/ogs/gridserver/usersessions/index.php b/ogs/gridserver/usersessions/index.php new file mode 100644 index 0000000..3c18932 --- /dev/null +++ b/ogs/gridserver/usersessions/index.php | |||
@@ -0,0 +1,81 @@ | |||
1 | <? | ||
2 | // DIRTY HACK ALERT!!!!!!!!!!!!! | ||
3 | // The following code shows the vital importance of the r69 revision of the original gareth/ branch | ||
4 | |||
5 | |||
6 | // This file parses URLs of the format: | ||
7 | // usersessions/key/userid/data | ||
8 | // where key is the key to authenticate with the grid, userid is the user's LLUUID and data is the data about the user's session being requested | ||
9 | // if the data requested is left out, an XML response will be sent | ||
10 | |||
11 | error_reporting(E_ALL); // Remember kids, PHP errors kill XML-RPC responses and REST too! will the slaughter ever end? | ||
12 | |||
13 | include("../gridserver_config.inc.php"); | ||
14 | include("../../common/database.inc.php"); | ||
15 | include("../../common/util.inc.php"); | ||
16 | |||
17 | // Parse out the parameters from the URL | ||
18 | $params = str_replace($grid_home,'', $_SERVER['REQUEST_URI']); | ||
19 | $params = str_replace("index.php/","",$params); | ||
20 | $params = split('/',$params); | ||
21 | |||
22 | // Die if the key doesn't match | ||
23 | if($params[1]!=$sim_recvkey) { | ||
24 | die(); | ||
25 | } | ||
26 | |||
27 | $link = mysql_connect($dbhost,$dbuser,$dbpasswd) | ||
28 | OR die("Unable to connect to database"); | ||
29 | |||
30 | mysql_select_db($dbname) | ||
31 | or die("Unable to select database"); | ||
32 | |||
33 | $agent_id = strtolower($params[2]); | ||
34 | $query = "SELECT * FROM sessions WHERE agent_id='$agent_id' AND session_active=1"; | ||
35 | |||
36 | // if we have 4 params, then param 4 is the command | ||
37 | if(count($params)==4) { | ||
38 | $cmd=$params['3']; | ||
39 | } else if(count($params)==5) { | ||
40 | $circuit_code=$params[3]; | ||
41 | $cmd=$params[4]; // otherwise, 5 is the command and 4 is the circuit code | ||
42 | } | ||
43 | |||
44 | $result = mysql_query($query); | ||
45 | if(mysql_num_rows($result)>0) { | ||
46 | $info=mysql_fetch_assoc($result); | ||
47 | $circuit_code = $info['circuit_code']; | ||
48 | if($circuit_code == 0) $circuit_code=$params['4']; | ||
49 | $secure_session_id=$info['secure_session_id']; | ||
50 | $session_id=$info['session_id']; | ||
51 | |||
52 | $query = "SELECT * FROM local_user_profiles WHERE userprofile_LLUUID='$agent_id'"; | ||
53 | $result=mysql_query($query); | ||
54 | $userinfo=mysql_fetch_assoc($result); | ||
55 | $firstname=$userinfo['profile_firstname']; | ||
56 | $lastname=$userinfo['profile_lastname']; | ||
57 | $agent_id=$userinfo['userprofile_LLUUID']; | ||
58 | $exists=1; | ||
59 | } else { | ||
60 | $exists=0; | ||
61 | } | ||
62 | |||
63 | // if only 3 params, assume we are sending an XML response | ||
64 | if(count($params)==3) { | ||
65 | output_xml_block("usersession",Array( | ||
66 | 'authkey' => $sim_sendkey, | ||
67 | 'circuit_code' => $circuit_code, | ||
68 | 'agent_id' => $agent_id, | ||
69 | 'session_id' => $session_id, | ||
70 | 'secure_session_id' => $secure_session_id, | ||
71 | 'firstname' => $firstname, | ||
72 | 'lastname' => $lastname | ||
73 | )); | ||
74 | } | ||
75 | |||
76 | switch($cmd) { | ||
77 | case 'exists': | ||
78 | echo $exists; | ||
79 | break; | ||
80 | } | ||
81 | ?> | ||