# HG changeset patch # User Administrator@buildbox.tempestintheaether.org # Date 1330587702 28800 # Node ID 2cb95cfee2f75c42a3dd3677e740cd9ca8527b2e # Parent 855a9dd6241e4ec9fdb97566e62aa5a52e490107 Added account creation php scripts. Client also now works. diff -r 855a9dd6241e -r 2cb95cfee2f7 code/ryzom/tools/server/www/login/accountfunc.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/code/ryzom/tools/server/www/login/accountfunc.php Wed Feb 29 23:41:42 2012 -0800 @@ -0,0 +1,300 @@ + 64) + { + // local part length exceeded + $isValid = false; + } + else if ($domainLen < 1 || $domainLen > 255) + { + // domain part length exceeded + $isValid = false; + } + else if ($local[0] == '.' || $local[$localLen-1] == '.') + { + // local part starts or ends with '.' + $isValid = false; + } + else if (preg_match('/\\.\\./', $local)) + { + // local part has two consecutive dots + $isValid = false; + } + else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) + { + // character not valid in domain part + $isValid = false; + } + else if (preg_match('/\\.\\./', $domain)) + { + // domain part has two consecutive dots + $isValid = false; + } + else if +(!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', + str_replace("\\\\","",$local))) + { + // character not valid in local part unless + // local part is quoted + if (!preg_match('/^"(\\\\"|[^"])+"$/', + str_replace("\\\\","",$local))) + { + $isValid = false; + } + } + if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))) + { + // domain not found in DNS + $isValid = false; + } + } + return $isValid; +} + +function generateSALT ($length = 2) + { + + // start with a blank salt + $salt = ""; + + // define possible characters - any character in this string can be + // picked for use in the salt, so if you want to put vowels back in + // or add special characters such as exclamation marks, this is where + // you should do it + $possible = "2346789bcdfghjkmnpqrtvwxyzBCDFGHJKLMNPQRTVWXYZ"; + + // we refer to the length of $possible a few times, so let's grab it now + $maxlength = strlen($possible); + + // check for length overflow and truncate if necessary + if ($length > $maxlength) { + $length = $maxlength; + } + + // set up a counter for how many characters are in the salt so far + $i = 0; + + // add random characters to $salt until $length is reached + while ($i < $length) { + + // pick a random character from the possible ones + $char = substr($possible, mt_rand(0, $maxlength-1), 1); + + // have we already used this character in $salt? + if (!strstr($salt, $char)) { + // no, so it's OK to add it onto the end of whatever we've already got... + $salt .= $char; + // ... and increase the counter by one + $i++; + } + + } + + // done! + return $salt; + + } +function do_encrypt($pass,$user) +{ + $cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, ''); + + $iv_size = mcrypt_enc_get_iv_size($cipher); + //printf("iv_size = %d\n", $iv_size); + + //must take 16 byte key + $key128 = 'fmaksdmf44Afwgnk'; + + $iv = 'ag0ka93kAsfewA3'; + + //printf("iv: %s\n", bin2hex($iv)); + //printf("key128: %s\n", bin2hex($key128)); + + // This is the plain-text to be encrypted: + $cleartext = $pass.$pass.$user.$user; + //printf("plainText: %s\n\n", $cleartext); + + // Now let's do 128-bit encryption: + if (mcrypt_generic_init($cipher, $key128, $iv) != -1) { + // PHP pads with NULL bytes if $cleartext is not a multiple of the block size.. + $cipherText = mcrypt_generic($cipher, $cleartext); + mcrypt_generic_deinit($cipher); + + // Display the result in hex. + //printf("128-bit encrypted result:\n%s\n\n", bin2hex($cipherText)); + } + return bin2hex($cipherText); +} + +function checkUser () { + if (isset($_POST["Username"])) { + if (strlen($_POST["Username"])>12) { + return "Username must be no more than 12 characters."; + } elseif (strlen($_POST["Username"])<5) { + return "Username must be 5 or more characters."; + } elseif (!preg_match('/^[a-z0-9\.]*$/', $_POST["Username"])) { + return "Username can only contain numbers and letters."; + } else { + return "success"; + } + } else { + return "success"; + } +} + +function checkPassword () { + if (isset($_POST["Password"])) { + if (strlen($_POST["Password"])>8) { + return "Password must be no more than 8 characters."; + } elseif (strlen($_POST["Password"])<5) { + return "Password must be more than 5 characters."; + } else { + return "success"; + } + } +} + +function confirmPassword () { + if (($_POST["Password"]) != ($_POST["ConfirmPass"])) { + return "Passwords do not match."; + } else { + return "success"; + } +} + + +function checkEmail () { + if (isset($_POST["Email"])) { + if (!validEmail($_POST["Email"])) { + return "Email address is not valid."; + } else { + return "success"; + } + } else { + return "success"; + } +} + + // see errorMsg + function errorMsgBlock($errNum=GENERIC_ERROR_NUM) // $mixedArgs + { + $args = func_get_args(); + return '0:'.call_user_func_array('errorMsg', $args); + } + +function createUser () { + $salt = generateSALT(); + $login = $_POST["Username"]; + $password = crypt($_POST["Password"], $salt); + $email = $_POST["Email"]; + global $DBHost; + global $DBHost; + global $DBUserName; + global $DBPassword; + global $DBName; + + global $RingDBUserName; + global $RingDBName; + global $RingDBPassword; + + $link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName)); + mysql_select_db ($DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName)); + + // login doesn't exist, create it + $query = "INSERT INTO user (Login, Password, Email) VALUES ('$login', '$password', '$email')"; + $result = mysql_query ($query) or die (errorMsgBlock(2005, 'main', $DBHost, $DBUserName)); + + // get the user to have his UId + $query = "SELECT * FROM user WHERE Login='$login'"; + $result = mysql_query ($query) or die (errorMsgBlock(2004, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error())); + + + if (mysql_num_rows ($result) == 1) + { + $reason = errorMsg(3008, $login); + $row = mysql_fetch_array ($result); + $id = $row["UId"]; + $priv = $row["Privilege"]; + $extended = $row["ExtendedPrivilege"]; + + // add the default permissions + $query = "INSERT INTO permission (UId, ClientApplication, AccessPrivilege) VALUES ('$id', 'r2', 'OPEN')"; + $result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error())); + $query = "INSERT INTO permission (UId, ClientApplication, AccessPrivilege) VALUES ('$id', 'ryzom_open', 'OPEN')"; + $result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error())); + + $res = false; + return true; + } +} + +function webpageSuccess () { + echo ' + + + + + + Tempest in the Aether + + + + + + + + + + + + + +
+
+ +
+ +
+
+
+ +
+ +
+
+
+ TEMPEST IN THE AETHER REGISTRATION
+
+ +
+
+ Congratulations!

+ Your account is now registered! Click HERE to download the client.
+
+
+
+
+
+
+
+ + + + + '; + exit; +} diff -r 855a9dd6241e -r 2cb95cfee2f7 code/ryzom/tools/server/www/login/config.php --- a/code/ryzom/tools/server/www/login/config.php Sun Feb 19 03:15:05 2012 -0800 +++ b/code/ryzom/tools/server/www/login/config.php Wed Feb 29 23:41:42 2012 -0800 @@ -20,8 +20,8 @@ // If true, the server will add automatically unknown user in the database // (in nel.user, nel.permission, ring.ring_user and ring.characters -$AcceptUnknownUser = true; +$AcceptUnknownUser = false; // if true, the login service automaticaly create a ring user and a editor character if needed -$AutoCreateRingInfo = true; +$AutoCreateRingInfo = false; ?> \ No newline at end of file diff -r 855a9dd6241e -r 2cb95cfee2f7 code/ryzom/tools/server/www/login/register.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/code/ryzom/tools/server/www/login/register.php Wed Feb 29 23:41:42 2012 -0800 @@ -0,0 +1,327 @@ +TEMPEST IN THE AETHER REGISTRATION + +
Welcome! Please fill in the following fields to get your new Tempest in the Aether account:
+ +
+ + + + + + '; + if ($user != "success") { + echo ''; + } else { + ' + + + + + + '; + if ($pass != "success") { + echo ''; + } else { + ' + + + + + '; + if ($cpass != "success") { + echo ''; + } else { + ' + + + + '; + if ($email != "success") { + echo ''; + } else { + ' + + + '; + if (!isset($_POST["TaC"])) { + echo ''; + } else { + ' + + +
Desired Username: + '.$user.''; + } + echo '
Desired Password: '.$pass.''; + } + echo ' +
Confirm Password: + + '.$cpass.''; + } + echo ' +
Email Address (to which a confirmation email will be sent): + '.$email.''; + } + echo '
YES, I agree to the terms of useYou must accept the Terms of Service'; + } + echo '
+ +
+ +
+ +
+ +
+
5-12 lower-case characters and numbers. The login (username) you create here will be your login name. The name of your game characters will be chosen later on.
+
5-8 alpha-numerical characters.
+
Retype your Password
+
Please verify that the e-mail address you enter here is valid and will remain valid in the future. It will only be used to manage your Tempest in the Aether account.
+
'; + } else { + //must be webpage so display webpage + echo ' + + + + + + + Tempest in the Aether + + + + + + + + + + + + + +
+
+ +
+ +
+
+
+ +
+ +
+
+ + TEMPEST IN THE AETHER REGISTRATION +
+ +
+ Welcome!
+ Please fill in the following fields to get your new Tempest in the Aether + account:
+
+ +
+ + + + + + + + '; + if ($user != "success") { + echo ''; + } + echo ' + + + + + + + + '; + if ($pass != "success") { + echo ''; + } + echo ' + + + + + + + + + + + + + + + + + + + '; + if ($email != "success") { + echo ''; + } + echo ' + + + + + + '; + } + echo ' + + + + + + + + +
Desired Username:'.$user.'
Desired Password:'.$pass.'
Confirm Password:
Email Address (to which a + confirmation email will be sent):'.$email.'
+ + YES, I agree to the terms of use'; + if ((!isset($_POST["TaC"])) and (isset($_POST["Submit"]))) { + echo '
+ You must agree to the Terms of Use +
+ +
+ + +
+
+ +
+ Desired Username:
+ 5-12 lower-case characters and numbers.
+ The login (username) you create here will be your public name in the + official forum and chat ("Klients"). The name of your game characters + will be chosen later on. +
+ +
+ +
+
+ +
+
+
+ + + + '; + + } + } + + +?> \ No newline at end of file