diff options
Diffstat (limited to 'ogs/gridserver')
-rw-r--r-- | ogs/gridserver/gridserver_config.inc.php | 14 | ||||
-rw-r--r-- | ogs/gridserver/index.php | 176 | ||||
-rw-r--r-- | ogs/gridserver/usersessions/.htaccess | 5 | ||||
-rw-r--r-- | ogs/gridserver/usersessions/index.php | 85 |
4 files changed, 280 insertions, 0 deletions
diff --git a/ogs/gridserver/gridserver_config.inc.php b/ogs/gridserver/gridserver_config.inc.php new file mode 100644 index 0000000..98ebed3 --- /dev/null +++ b/ogs/gridserver/gridserver_config.inc.php | |||
@@ -0,0 +1,14 @@ | |||
1 | <? | ||
2 | // All the grid server specific stuff lives here | ||
3 | |||
4 | // What we send to authenticate to the user/login server | ||
5 | $userserver_sendkey="1234"; | ||
6 | |||
7 | // What we expect to get back from the user/login server | ||
8 | $userserver_recvkey="1234"; | ||
9 | |||
10 | $sim_recvkey = "1234"; | ||
11 | $sim_sendkey = "1234"; | ||
12 | |||
13 | $grid_home = "/ogs/gridserver/"; | ||
14 | ?> | ||
diff --git a/ogs/gridserver/index.php b/ogs/gridserver/index.php new file mode 100644 index 0000000..f7754c6 --- /dev/null +++ b/ogs/gridserver/index.php | |||
@@ -0,0 +1,176 @@ | |||
1 | <? | ||
2 | error_reporting(E_ALL); // yes, we remember this from the login server, don't we boys and girls? don't kill innocent XML-RPC! | ||
3 | |||
4 | // these files are soooo common..... (to the grid) | ||
5 | include("../common/xmlrpc.inc.php"); | ||
6 | include("../common/database.inc.php"); | ||
7 | include("../common/grid_config.inc.php"); | ||
8 | include("../common/util.inc.php"); | ||
9 | |||
10 | include("gridserver_config.inc.php"); // grid server specific config stuff | ||
11 | |||
12 | function get_sim_info($args) { | ||
13 | global $dbhost,$dbuser,$dbpasswd,$dbname; | ||
14 | global $userserver_sendkey, $userserver_recvkey; | ||
15 | |||
16 | // First see who's talking to us, if key is invalid then send an invalid one back and nothing more | ||
17 | if($args['authkey']!=$userserver_recvkey) { | ||
18 | return Array( | ||
19 | 'authkey' => 'I can play the bad key trick too you know', | ||
20 | 'login' => 'false' | ||
21 | ); | ||
22 | } | ||
23 | |||
24 | // if we get to here, the key is valid, give that login server what it wants! | ||
25 | |||
26 | $link = mysql_connect($dbhost,$dbuser,$dbpasswd) | ||
27 | OR die("Unable to connect to database"); | ||
28 | |||
29 | mysql_select_db($dbname) | ||
30 | or die("Unable to select database"); | ||
31 | |||
32 | $region_handle = $args['region_handle']; | ||
33 | $query = "SELECT * FROM region_profiles WHERE region_handle='$region_handle'"; | ||
34 | $result = mysql_query($query); | ||
35 | |||
36 | return mysql_fetch_assoc($result); | ||
37 | } | ||
38 | |||
39 | function get_session_info($args) { | ||
40 | global $dbhost,$dbuser,$dbpasswd,$dbname; | ||
41 | global $sim_sendkey, $sim_recvkey; | ||
42 | |||
43 | // authkey, session-id, agent-id | ||
44 | |||
45 | // First see who's talking to us, if key is invalid then send an invalid one back and nothing more | ||
46 | if($args[0]!=$sim_recvkey) { | ||
47 | return Array( | ||
48 | 'authkey' => "I can play the bad key trick too you know" | ||
49 | ); | ||
50 | } | ||
51 | |||
52 | $link = mysql_connect($dbhost,$dbuser,$dbpasswd) | ||
53 | OR die("Unable to connect to database"); | ||
54 | |||
55 | mysql_select_db($dbname) | ||
56 | or die("Unable to select database"); | ||
57 | |||
58 | $session_id = $args[1]; | ||
59 | $agent_id = $args[2]; | ||
60 | |||
61 | $query = "SELECT * FROM sessions WHERE session_id = '$session_id' AND agent_id='$agent_id' AND session_active=1"; | ||
62 | $result = mysql_query($query); | ||
63 | if(mysql_num_rows($result)>0) { | ||
64 | $info=mysql_fetch_assoc($result); | ||
65 | $circuit_code = $info['circuit_code']; | ||
66 | $secure_session_id=$info['secure_session_id']; | ||
67 | |||
68 | $query = "SELECT * FROM local_user_profiles WHERE userprofile_LLUUID='$agent_id'"; | ||
69 | $result=mysql_query($query); | ||
70 | $userinfo=mysql_fetch_assoc($result); | ||
71 | $firstname=$userinfo['profile_firstname']; | ||
72 | $lastname=$userinfo['profile_lastname']; | ||
73 | $agent_id=$userinfo['userprofile_LLUUID']; | ||
74 | return Array( | ||
75 | 'authkey' => $sim_sendkey, | ||
76 | 'circuit_code' => $circuit_code, | ||
77 | 'agent_id' => $agent_id, | ||
78 | 'session_id' => $session_id, | ||
79 | 'secure_session_id' => $secure_session_id, | ||
80 | 'firstname' => $firstname, | ||
81 | 'lastname' => $lastname | ||
82 | ); | ||
83 | } | ||
84 | } | ||
85 | |||
86 | function check_loggedin($args) { | ||
87 | global $dbhost,$dbuser,$dbpasswd,$dbname; | ||
88 | global $userserver_sendkey, $userserver_recvkey; | ||
89 | |||
90 | // First see who's talking to us, if key is invalid then send an invalid one back and nothing more | ||
91 | if($args['authkey']!=$userserver_recvkey) { | ||
92 | return Array( | ||
93 | 'authkey' => "I can play the bad key trick too you know" | ||
94 | ); | ||
95 | } | ||
96 | |||
97 | // if we get to here, the key is valid, give that login server what it wants! | ||
98 | |||
99 | $link = mysql_connect($dbhost,$dbuser,$dbpasswd) | ||
100 | OR die("Unable to connect to database"); | ||
101 | |||
102 | mysql_select_db($dbname) | ||
103 | or die("Unable to select database"); | ||
104 | |||
105 | $userprofile_LLUUID = $args['userprofile_LLUUID']; | ||
106 | $query = "SELECT * FROM sessions WHERE agent_id='$userprofile_LLUUID' AND session_active=1"; | ||
107 | $result = mysql_query($query); | ||
108 | |||
109 | if(mysql_num_rows($result)>1) { | ||
110 | return Array( | ||
111 | 'authkey' => $userserver_sendkey, | ||
112 | 'logged_in' => 1 | ||
113 | ); | ||
114 | } else { | ||
115 | return Array( | ||
116 | 'authkey' => $userserver_sendkey, | ||
117 | 'logged_in' => 0 | ||
118 | ); | ||
119 | } | ||
120 | } | ||
121 | |||
122 | function create_session($args) { | ||
123 | global $dbhost,$dbuser,$dbpasswd,$dbname; | ||
124 | global $userserver_sendkey, $userserver_recvkey; | ||
125 | |||
126 | // First see who's talking to us, if key is invalid then send an invalid one back and nothing more | ||
127 | if($args['authkey']!=$userserver_recvkey) { | ||
128 | return Array( | ||
129 | 'authkey' => "I can play the bad key trick too you know" | ||
130 | ); | ||
131 | } | ||
132 | |||
133 | // if we get to here, the key is valid, give that login server what it wants! | ||
134 | |||
135 | $link = mysql_connect($dbhost,$dbuser,$dbpasswd) | ||
136 | OR die("Unable to connect to database"); | ||
137 | |||
138 | mysql_select_db($dbname) | ||
139 | or die("Unable to select database"); | ||
140 | |||
141 | // yes, secure_sessionid should be different, i know... | ||
142 | $query = "SELECT value FROM Grid_settings WHERE setting='highest_LLUUID'"; | ||
143 | $result = mysql_query($query); | ||
144 | $row = mysql_fetch_array($result); | ||
145 | $highest_LLUUID = $row['value']; | ||
146 | $newsession_id=inc_lluuid($highest_LLUUID); | ||
147 | $secure_session_id=inc_lluuid($newsession_id); | ||
148 | |||
149 | $query="UPDATE Grid_settings SET value='$secure_session_id' WHERE setting='highest_LLUUID' LIMIT 1"; | ||
150 | $result=mysql_query($query); | ||
151 | |||
152 | $userprofile_LLUUID=$args['userprofile_LLUUID']; | ||
153 | $current_location=$args['current_location']; | ||
154 | $remote_ip=$args['remote_ip']; | ||
155 | $query="INSERT INTO sessions(session_id,secure_session_id,agent_id,session_start,session_active,current_location,remote_ip) VALUES('$newsession_id','$secure_session_id','$userprofile_LLUUID',NOW(),1,'$current_location','$remote_ip')"; | ||
156 | $result=mysql_query($query); | ||
157 | if(!isset($result)) { | ||
158 | die(); | ||
159 | } | ||
160 | return Array( | ||
161 | 'authkey' => $userserver_sendkey, | ||
162 | 'session_id' => $newsession_id, | ||
163 | 'secure_session_id' => $secure_session_id | ||
164 | ); | ||
165 | } | ||
166 | |||
167 | $server=new IXR_Server( | ||
168 | Array( | ||
169 | 'check_session_loggedin' => 'check_loggedin', | ||
170 | 'create_session' => 'create_session', | ||
171 | 'get_sim_info' => 'get_sim_info', | ||
172 | 'get_session_info' => 'get_session_info' | ||
173 | ) | ||
174 | ); | ||
175 | |||
176 | ?> \ No newline at end of file | ||
diff --git a/ogs/gridserver/usersessions/.htaccess b/ogs/gridserver/usersessions/.htaccess new file mode 100644 index 0000000..3b76a74 --- /dev/null +++ b/ogs/gridserver/usersessions/.htaccess | |||
@@ -0,0 +1,5 @@ | |||
1 | Options +FollowSymlinks | ||
2 | |||
3 | RewriteEngine on | ||
4 | RewriteOptions MaxRedirects=1 | ||
5 | RewriteRule .* index.php [L] | ||
diff --git a/ogs/gridserver/usersessions/index.php b/ogs/gridserver/usersessions/index.php new file mode 100644 index 0000000..e7a3817 --- /dev/null +++ b/ogs/gridserver/usersessions/index.php | |||
@@ -0,0 +1,85 @@ | |||
1 | <? | ||
2 | // DIRTY HACK ALERT!!!!!!!!!!!!! | ||
3 | // The following code shows the vital importance of the r69 revision of the original gareth/ branch | ||
4 | |||
5 | |||
6 | // This file parses URLs of the format: | ||
7 | // usersessions/key/userid/data | ||
8 | // where key is the key to authenticate with the grid, userid is the user's LLUUID and data is the data about the user's session being requested | ||
9 | // if the data requested is left out, an XML response will be sent | ||
10 | |||
11 | error_reporting(E_ALL); // Remember kids, PHP errors kill XML-RPC responses and REST too! will the slaughter ever end? | ||
12 | |||
13 | include("../gridserver_config.inc.php"); | ||
14 | include("../../common/database.inc.php"); | ||
15 | include("../../common/util.inc.php"); | ||
16 | |||
17 | // Parse out the parameters from the URL | ||
18 | $params = str_replace($grid_home,'', $_SERVER['REQUEST_URI']); | ||
19 | $params = str_replace("index.php/","",$params); | ||
20 | $params = split('/',$params); | ||
21 | |||
22 | // Die if the key doesn't match | ||
23 | if($params[1]!=$sim_recvkey) { | ||
24 | die(); | ||
25 | } | ||
26 | |||
27 | $link = mysql_connect($dbhost,$dbuser,$dbpasswd) | ||
28 | OR die("Unable to connect to database"); | ||
29 | |||
30 | mysql_select_db($dbname) | ||
31 | or die("Unable to select database"); | ||
32 | |||
33 | $agent_id = strtolower($params[2]); | ||
34 | $query = "SELECT * FROM sessions WHERE agent_id='$agent_id' AND session_active=1"; | ||
35 | |||
36 | // if we have 4 params, then param 4 is the command | ||
37 | if(count($params)==4) { | ||
38 | $cmd=$params['3']; | ||
39 | } else if(count($params)==5) { | ||
40 | $circuit_code=$params[3]; | ||
41 | $cmd=$params[4]; // otherwise, 5 is the command and 4 is the circuit code | ||
42 | } | ||
43 | |||
44 | $result = mysql_query($query); | ||
45 | if(mysql_num_rows($result)>0) { | ||
46 | $info=mysql_fetch_assoc($result); | ||
47 | $circuit_code = $info['circuit_code']; | ||
48 | if($circuit_code == 0) $circuit_code=$params['4']; | ||
49 | $secure_session_id=$info['secure_session_id']; | ||
50 | $session_id=$info['session_id']; | ||
51 | |||
52 | $query = "SELECT * FROM local_user_profiles WHERE userprofile_LLUUID='$agent_id'"; | ||
53 | $result=mysql_query($query); | ||
54 | $userinfo=mysql_fetch_assoc($result); | ||
55 | $firstname=$userinfo['profile_firstname']; | ||
56 | $lastname=$userinfo['profile_lastname']; | ||
57 | $agent_id=$userinfo['userprofile_LLUUID']; | ||
58 | $exists=1; | ||
59 | } else { | ||
60 | $exists=0; | ||
61 | } | ||
62 | |||
63 | // if only 3 params, assume we are sending an XML response | ||
64 | if(count($params)==3) { | ||
65 | output_xml_block("usersession",Array( | ||
66 | 'authkey' => $sim_sendkey, | ||
67 | 'circuit_code' => $circuit_code, | ||
68 | 'agent_id' => $agent_id, | ||
69 | 'session_id' => $session_id, | ||
70 | 'secure_session_id' => $secure_session_id, | ||
71 | 'firstname' => $firstname, | ||
72 | 'lastname' => $lastname | ||
73 | )); | ||
74 | } | ||
75 | |||
76 | switch($cmd) { | ||
77 | case 'exists': | ||
78 | echo $exists; | ||
79 | break; | ||
80 | case 'delete': | ||
81 | $query = "UPDATE sessions SET session_active=0, session_end=NOW() WHERE agent_id='$agent_id' LIMIT 1"; | ||
82 | $deleteresult = mysql_query($query); | ||
83 | break; | ||
84 | } | ||
85 | ?> | ||