2015-04-06 20:26:05 +00:00
|
|
|
<?php
|
|
|
|
|
/*
|
|
|
|
|
* Sakura Sock Chat authentication script
|
|
|
|
|
* By Flashwave
|
|
|
|
|
*/
|
|
|
|
|
|
2015-04-25 20:08:44 +00:00
|
|
|
// Filesystem path to the _sakura folder WITHOUT an ending /
|
|
|
|
|
// This can also be set before an include of this file in case
|
|
|
|
|
// you're using git to keep in sync and don't want conflicts
|
|
|
|
|
if(!isset($sockSakuraPath))
|
|
|
|
|
$sockSakuraPath = '';
|
2015-04-06 20:26:05 +00:00
|
|
|
|
|
|
|
|
/* * * DON'T EDIT ANYTHING BELOW THIS LINE * * */
|
|
|
|
|
|
|
|
|
|
// Include Sakura
|
|
|
|
|
require_once $sockSakuraPath .'/sakura.php';
|
|
|
|
|
|
|
|
|
|
use sockchat\Auth;
|
2015-04-18 11:35:16 +00:00
|
|
|
use Sakura\Session;
|
|
|
|
|
use Sakura\Users;
|
2015-04-28 15:53:53 +00:00
|
|
|
use Sakura\SockChat;
|
2015-04-06 20:26:05 +00:00
|
|
|
|
|
|
|
|
if(Auth::getPageType() == AUTH_FETCH) {
|
|
|
|
|
|
|
|
|
|
// Check if user is logged into the Sakura backend if not deny
|
2015-04-18 11:35:16 +00:00
|
|
|
if(Users::checkLogin()) {
|
2015-04-06 20:26:05 +00:00
|
|
|
|
|
|
|
|
// If so append the required arguments and accept
|
2015-04-18 11:35:16 +00:00
|
|
|
Auth::AppendArguments([Session::$userId, Session::$sessionId]);
|
2015-04-06 20:26:05 +00:00
|
|
|
Auth::Accept();
|
|
|
|
|
|
|
|
|
|
} else
|
|
|
|
|
Auth::Deny();
|
|
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
2015-04-18 11:35:16 +00:00
|
|
|
// Get arguments
|
2015-04-25 20:08:44 +00:00
|
|
|
$uid = $_REQUEST['arg1'];
|
|
|
|
|
$sid = $_REQUEST['arg2'];
|
2015-04-18 11:35:16 +00:00
|
|
|
|
2015-04-06 20:26:05 +00:00
|
|
|
// Check if session is active else deny
|
2015-04-18 11:35:16 +00:00
|
|
|
if(Session::checkSession($uid, $sid)) {
|
|
|
|
|
|
|
|
|
|
// Get user and rank data
|
|
|
|
|
$user = Users::getUser($uid);
|
|
|
|
|
$rank = Users::getRank($user['rank_main']);
|
|
|
|
|
|
|
|
|
|
// Deny group and user id 0
|
2015-04-28 15:53:53 +00:00
|
|
|
if($user['id'] == 0 || $rank['id'] == 0 || $user['password_algo'] == 'nologin') {
|
2015-04-18 11:35:16 +00:00
|
|
|
|
|
|
|
|
Auth::Deny();
|
|
|
|
|
Auth::Serve();
|
|
|
|
|
exit;
|
|
|
|
|
|
|
|
|
|
}
|
2015-04-06 20:26:05 +00:00
|
|
|
|
2015-04-28 15:53:53 +00:00
|
|
|
// Set the user's data
|
2015-04-06 20:26:05 +00:00
|
|
|
Auth::SetUserData(
|
2015-04-18 11:35:16 +00:00
|
|
|
$user['id'],
|
|
|
|
|
$user['username'],
|
2015-04-25 20:08:44 +00:00
|
|
|
$user['name_colour'] == null ? $rank['colour'] : $user['name_colour']
|
2015-04-06 20:26:05 +00:00
|
|
|
);
|
|
|
|
|
|
2015-04-28 15:53:53 +00:00
|
|
|
// Get the user's permissions
|
|
|
|
|
$perms = SockChat::getUserPermissions($user['id']);
|
2015-04-18 11:35:16 +00:00
|
|
|
|
2015-04-28 15:53:53 +00:00
|
|
|
// Check if they can access the chat
|
|
|
|
|
if(!$perms['access']) {
|
|
|
|
|
|
|
|
|
|
Auth::Deny();
|
|
|
|
|
Auth::Serve();
|
|
|
|
|
exit;
|
2015-04-18 11:35:16 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-28 15:53:53 +00:00
|
|
|
// Set the common permissions
|
|
|
|
|
Auth::SetCommonPermissions(
|
|
|
|
|
$perms['rank'],
|
|
|
|
|
$perms['type'],
|
|
|
|
|
$perms['logs'],
|
|
|
|
|
$perms['nick'],
|
|
|
|
|
$perms['channel']
|
|
|
|
|
);
|
|
|
|
|
|
2015-04-18 11:35:16 +00:00
|
|
|
Auth::Accept();
|
|
|
|
|
|
2015-04-06 20:26:05 +00:00
|
|
|
} else
|
|
|
|
|
Auth::Deny();
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Serve the authentication data
|
|
|
|
|
Auth::Serve();
|
