133 lines
4.2 KiB
PHP
133 lines
4.2 KiB
PHP
<?php
|
|
namespace Mince;
|
|
|
|
use Index\XString;
|
|
use Index\Http\HttpFx;
|
|
use Index\Security\CSRFP;
|
|
|
|
require_once __DIR__ . '/../mince.php';
|
|
|
|
// replace this with id.flashii.net shit
|
|
$authToken = (string)filter_input(INPUT_COOKIE, 'msz_auth');
|
|
$userInfo = ChatAuth::attempt($db, $config['chat_endpoint'], $config['chat_secret'], $authToken);
|
|
|
|
$csrfp = new CSRFP(
|
|
$config['csrf_secret'],
|
|
$userInfo->success ? $authToken : $_SERVER['REMOTE_ADDR']
|
|
);
|
|
|
|
$templating = new Templating;
|
|
$templating->addPath(MCR_DIR_TPL);
|
|
|
|
$templating->addVars([
|
|
'global' => [
|
|
'title' => 'Flashii Minecraft Servers',
|
|
'loginUrl' => $config['login_url'],
|
|
],
|
|
'auth' => $userInfo,
|
|
'csrfp' => $csrfp->createToken(),
|
|
]);
|
|
|
|
$router = new HttpFx;
|
|
|
|
$router->setDefaultErrorHandler(function($response, $request, $code, $text) use ($userInfo, $templating) {
|
|
$response->setContent($templating->render('http-error', [
|
|
'error' => [
|
|
'code' => sprintf('%03d', $code),
|
|
'text' => $text,
|
|
],
|
|
]));
|
|
});
|
|
|
|
$router->use('/', function($response, $request) {
|
|
$response->setPoweredBy('Mince');
|
|
});
|
|
|
|
$router->get('/index.php', function($response) {
|
|
$response->redirect('/', true);
|
|
});
|
|
|
|
$router->get('/', function($response, $request) use ($userInfo, $templating) {
|
|
$name = (string)$request->getParam('name');
|
|
$error = (string)$request->getParam('error');
|
|
|
|
if(!empty($error) && ctype_lower($error)) {
|
|
$errors = [
|
|
'request' => ['Invalid request type.', 'Try to reload the page and try again.'],
|
|
'verify' => ['Request verification failed.', 'Try to reload the page and try again.'],
|
|
'itainthappenin' => ['Haha', 'No'],
|
|
'short' => ['Invalid username', 'The provided name is too short.'],
|
|
'long' => ['Invalid username', 'The provided name is too long.'],
|
|
'invalid' => ['Invalid username', 'The provided name contains invalid characters.'],
|
|
'conflict' => ['Username conflict', 'This username is already whitelisted with someone, contact flashwave if this is unexpected.'],
|
|
'connect' => ['Failed to connect to the server', 'The server is probably offline, pope flashwave if this is not expected.'],
|
|
'not-listed' => ['You have not been whitelisted yet', 'Add yourself to the whitelist before trying to remove yourself from it.'],
|
|
];
|
|
|
|
if(array_key_exists($error, $errors)) {
|
|
$mErrorTitle = $errors[$error][0];
|
|
$mErrorComment = $errors[$error][1];
|
|
} else {
|
|
$mErrorTitle = 'Unexpected response from server';
|
|
$mErrorComment = $error;
|
|
}
|
|
|
|
$templating->addVars([
|
|
'error' => [
|
|
'title' => $mErrorTitle,
|
|
'body' => $mErrorComment,
|
|
],
|
|
]);
|
|
}
|
|
|
|
if($userInfo->mc_whitelisted > 0)
|
|
$templating->setVar('whitelist_pending', floor($userInfo->mc_whitelisted / 300) === floor(time() / 300));
|
|
|
|
return $templating->render('index', [
|
|
'wladdform_username' => $name,
|
|
]);
|
|
});
|
|
|
|
$router->use('/whitelist', function($response, $request) use ($csrfp) {
|
|
if(!$request->isFormContent()) {
|
|
$response->redirect('/?error=request');
|
|
return true;
|
|
}
|
|
|
|
$body = $request->getContent();
|
|
|
|
if(!$body->hasParam('csrfp') || !$csrfp->verifyToken((string)$body->getParam('csrfp'))) {
|
|
$response->redirect('/?error=verify');
|
|
return true;
|
|
}
|
|
});
|
|
|
|
$router->post('/whitelist/add', function($response, $request) use ($db, $userInfo) {
|
|
if($userInfo->user_id == 45) {
|
|
$response->redirect('/?error=itainthappenin');
|
|
return true;
|
|
}
|
|
|
|
$body = $request->getContent();
|
|
$name = (string)$body->getParam('name');
|
|
$resp = (new Whitelist($db))->add($userInfo, $name);
|
|
|
|
if($resp === '')
|
|
$response->redirect('/');
|
|
else {
|
|
if($resp === 'invalid')
|
|
$name = '';
|
|
$response->redirect("/?error={$resp}&name={$name}");
|
|
}
|
|
});
|
|
|
|
$router->post('/whitelist/remove', function($response) use ($db, $userInfo) {
|
|
$resp = (new Whitelist($db))->remove($userInfo);
|
|
|
|
if($resp === '')
|
|
$response->redirect('/');
|
|
else
|
|
$response->redirect("/?error={$resp}");
|
|
});
|
|
|
|
$router->dispatch();
|