diff options
Diffstat (limited to 'ogs/login')
-rw-r--r-- | ogs/login/index.php | 170 | ||||
-rw-r--r-- | ogs/login/login_config.inc.php | 11 |
2 files changed, 181 insertions, 0 deletions
diff --git a/ogs/login/index.php b/ogs/login/index.php new file mode 100644 index 0000000..4f53c11 --- /dev/null +++ b/ogs/login/index.php | |||
@@ -0,0 +1,170 @@ | |||
1 | <? | ||
2 | error_reporting(0); // Remember kids, PHP errors kill XML-RPC responses! | ||
3 | |||
4 | // include all the common stuff | ||
5 | include("../common/xmlrpc.inc.php"); | ||
6 | include("../common/database.inc.php"); | ||
7 | include("../common/grid_config.inc.php"); | ||
8 | include("../common/util.inc.php"); | ||
9 | |||
10 | include("login_config.inc.php"); // include login/user specific config stuff (authentication keys etc) | ||
11 | |||
12 | function login($args) { | ||
13 | global $dbhost,$dbuser,$dbpasswd,$dbname; | ||
14 | global $grid_owner, $gridserver_sendkey, $gridserver_recvkey, $gridserver_url; | ||
15 | |||
16 | |||
17 | if(get_magic_quotes_gpc()) { | ||
18 | $firstname=addslashes($args['first']); | ||
19 | $lastname=addslashes($args['last']); | ||
20 | $passwd=addslashes($args['passwd']); | ||
21 | } else { | ||
22 | $firstname=$args['first']; | ||
23 | $lastname=$args['last']; | ||
24 | $passwd=$args['passwd']; | ||
25 | } | ||
26 | |||
27 | $link = mysql_connect($dbhost,$dbuser,$dbpasswd) | ||
28 | OR die("Unable to connect to database"); | ||
29 | |||
30 | mysql_select_db($dbname) | ||
31 | or die("Unable to select database"); | ||
32 | |||
33 | $query = "SELECT userprofile_LLUUID, profile_firstname, profile_lastname, profile_passwdmd5, homesim_ip, homesim_port, homeasset_url, look_at, region_handle, position FROM local_user_profiles WHERE profile_firstname='".$firstname."' AND profile_lastname='".$lastname."' AND profile_passwdmd5='" .$passwd."'"; | ||
34 | |||
35 | $profile_lookup_result=mysql_query($query); | ||
36 | |||
37 | if(mysql_num_rows($profile_lookup_result) >0) { | ||
38 | $profiledata = mysql_fetch_assoc($profile_lookup_result); | ||
39 | |||
40 | // if we get here, the username/password is valid, but still need to check there's not an already existing session | ||
41 | $client = new IXR_Client($gridserver_url); | ||
42 | if (!$client->query('check_session_loggedin', Array('userprofile_LLUUID' => $profiledata['userprofile_LLUUID'], 'authkey' => $gridserver_sendkey, 'server_type' => 'login'))) { // if this doesn't work, grid server is down - that's bad | ||
43 | return Array ( | ||
44 | 'reason' => 'key', | ||
45 | 'message' => "Could not connect to grid server. Please try again later or contact the grid owner ". $grid_owner, | ||
46 | 'login' => "false" | ||
47 | ); | ||
48 | } | ||
49 | |||
50 | $response=$client->getResponse(); | ||
51 | if($response['authkey'] != $gridserver_recvkey) { // if this doesn't match up, it's a fake grid server | ||
52 | return Array ( | ||
53 | 'reason' => 'key', | ||
54 | 'message' => "Could not connect to grid server due to possible security issues. It is possible that the grid has been compromised. Please contact the grid owner " . $grid_owner . " and report this issue", | ||
55 | 'login' => "false" | ||
56 | ); | ||
57 | } | ||
58 | |||
59 | |||
60 | if($response['logged_in'] == 1) { // if the user is already logged in, tell them | ||
61 | return Array ( | ||
62 | 'reason' => 'presence', | ||
63 | 'message' => "You appear to already be logged into this grid, if your client has recently crashed then please try again later", | ||
64 | 'login' => "false" | ||
65 | ); | ||
66 | } | ||
67 | |||
68 | // now we start a new session on the grid | ||
69 | $remote_ip=$_SERVER['REMOTE_ADDR']; | ||
70 | $region_handle=$profiledata['region_handle']; | ||
71 | $client->query('create_session',Array('userprofile_LLUUID' => $profiledata['userprofile_LLUUID'], 'authkey' => $gridserver_sendkey, 'remote_ip' => $remote_ip, 'current_location' => $region_handle)); | ||
72 | $response = $client->getResponse(); | ||
73 | $session_id = $response['session_id']; | ||
74 | $secure_session_id = $response['secure_session_id']; | ||
75 | |||
76 | // ask the grid server what the IP address and port of the sim we want to connect to is | ||
77 | $client->query('get_sim_info', Array('region_handle' => $region_handle, 'authkey' => $gridserver_sendkey) ); | ||
78 | $siminfo = $client->getResponse(); | ||
79 | |||
80 | // send the final response! | ||
81 | $position=$profiledata['position']; | ||
82 | $look_at=$profiledata['look_at']; | ||
83 | |||
84 | $LocX=intval($siminfo['GridLocX'])*256; | ||
85 | $LocY=intval($siminfo['GridLocY'])*256; | ||
86 | $home="{'region_handle':'$region_handle', 'position':'$position', 'look_at':'$look_at'}"; | ||
87 | |||
88 | $globaltextures = new LLBlock( | ||
89 | Array( | ||
90 | 'sun_texture_id' => "cce0f112-878f-4586-a2e2-a8f104bba271", | ||
91 | 'cloud_texture_id' => "fc4b9f0b-d008-45c6-96a4-01dd947ac621", | ||
92 | 'moon_texture_id' => "d07f6eed-b96a-47cd-b51d-400ad4a1c428" | ||
93 | )); | ||
94 | |||
95 | $login_flags = new LLBlock( | ||
96 | Array( | ||
97 | 'stipend_since_login' => "N", | ||
98 | 'ever_logged_in' => "Y", | ||
99 | 'gendered' => "Y", | ||
100 | 'daylight_savings' => "N" | ||
101 | )); | ||
102 | $ui_config = new LLBlock( | ||
103 | Array( | ||
104 | 'allow_first_life' => "Y" | ||
105 | )); | ||
106 | $inventory_skeleton = new LLBlock(Array( | ||
107 | Array( | ||
108 | 'name' => 'My inventory', | ||
109 | 'parent_id' => '00000000-0000-0000-0000-000000000000', | ||
110 | 'version' => 4, | ||
111 | 'type_default' => 8, | ||
112 | 'folder_id' => 'f798e114-c10f-409b-a90d-a11577ff1de8' | ||
113 | ), | ||
114 | Array( | ||
115 | 'name' => 'Textures', | ||
116 | 'parent_id' => 'f798e114-c10f-409b-a90d-a11577ff1de8', | ||
117 | 'version' => 1, | ||
118 | 'type_default' => 0, | ||
119 | 'folder_id' => 'fc8b4059-30bb-43a8-a042-46f5b431ad82' | ||
120 | ))); | ||
121 | $inventory_root = new LLBlock( | ||
122 | Array( | ||
123 | 'folder_id' => "f798e114-c10f-409b-a90d-a11577ff1de8" | ||
124 | )); | ||
125 | $initial_outfit = new LLBlock( | ||
126 | Array( | ||
127 | 'folder_name' => "Nightclub Female", | ||
128 | 'gender' => "female" | ||
129 | )); | ||
130 | return Array ( | ||
131 | 'message' => "Welcome to OGS!", | ||
132 | 'session_id' => format_lluuid($session_id), | ||
133 | 'sim_port' => intval($siminfo['port']), | ||
134 | 'agent_access' => "M", | ||
135 | 'start_location' => "last", | ||
136 | 'global-textures' => $globaltextures, | ||
137 | 'seconds_since_epoch' => time(), | ||
138 | 'first_name' => $profiledata['profile_firstname'], | ||
139 | 'circuit_code' => 50633318, | ||
140 | 'login_flags' => $login_flags, | ||
141 | 'seed_capability' => '', | ||
142 | 'home' => $home, | ||
143 | 'secure_session_id' => format_lluuid($secure_session_id), | ||
144 | 'last_name' => $profiledata['profile_lastname'], | ||
145 | 'ui-config' => $ui_config, | ||
146 | 'region_x' => $LocX, | ||
147 | 'inventory_skeleton' => $inventory_skeleton, | ||
148 | 'sim_ip' => $siminfo['ip_addr'], | ||
149 | 'region_y' => $LocY, | ||
150 | 'inventory-root' => $inventory_root, | ||
151 | 'login' => "true", | ||
152 | 'look_at' => $look_at, | ||
153 | 'agent_id' => format_lluuid($profiledata['userprofile_LLUUID']), | ||
154 | 'initial-outfit' => $initial_outfit | ||
155 | ); | ||
156 | |||
157 | |||
158 | } else { | ||
159 | // this is the default invalid username/password error | ||
160 | return Array ( | ||
161 | 'reason' => 'key', | ||
162 | 'message' => "You have entered an invalid name/password combination or are using an incompatible client. Please check with the grid owner " .$grid_owner . " if you are sure your login details are accurate.", | ||
163 | 'login' => "false", | ||
164 | ); | ||
165 | } | ||
166 | |||
167 | } | ||
168 | |||
169 | $server=new IXR_Server(array('login_to_simulator' => 'login')); | ||
170 | ?> | ||
diff --git a/ogs/login/login_config.inc.php b/ogs/login/login_config.inc.php new file mode 100644 index 0000000..4cce696 --- /dev/null +++ b/ogs/login/login_config.inc.php | |||
@@ -0,0 +1,11 @@ | |||
1 | <? | ||
2 | // All the user/login server specific stuff lives here | ||
3 | |||
4 | // What we send to authenticate to the grid server | ||
5 | $gridserver_sendkey="1234"; | ||
6 | |||
7 | // What we expect to get back from the grid server | ||
8 | $gridserver_recvkey="1234"; | ||
9 | |||
10 | $gridserver_url="http://www.osgrid.org/ogs/gridserver/index.php"; | ||
11 | ?> | ||