Door System/unlock.php
aus Metalab Wiki, dem offenen Zentrum für meta-disziplinäre Magier und technisch-kreative Enthusiasten.
Zur Navigation springenZur Suche springen
<? // // Metalab Keks (Keymembers exclusive Key System) // - unlock.php // this file allows the endpoint(pos) to figure out if a // certain user is allowed to access the metalab at the // given time // include 'config.php'; $time = time(); if (isset($_REQUEST['token'])){ $token = mysql_real_escape_string($_REQUEST['token']); }else{ //you are going down die("No Token Set"); } $sqlt2u = mysql_query("SELECT * FROM door_users WHERE token = '$token'"); $sqlt2uq = mysql_fetch_array($sqlt2u); $user = $sqlt2uq['username']; if ($_REQUEST['token'] == $sqlt2uq['token']){ //welcome known user, lets see if you got any permissions $sqlu2a = mysql_query("SELECT * FROM door_acl WHERE username = '$user'"); $sqlu2aq = mysql_fetch_array($sqlu2a); if ($sqlu2aq['permission'] == "0"){ //you got full acess echo "TRUE"; mysql_query("INSERT INTO door_timeline SET who='$user', action='unlock', timestamp='$time'"); }elseif($sqlu2aq['permission'] == "1"){ //you got partial access $sqlu2e = mysql_query("SELECT * FROM door_expires WHERE username = '$user'"); $sqlu2eq = mysql_fetch_array($sqlu2e); if($sqlu2eq['dead'] == "FALSE"){ echo "TEMP"; mysql_query("INSERT INTO door_timeline SET who='$user', action='unlock_once', timestamp='$time'"); //kill the ticket - the user is only allowed to ride once mysql_query("UPDATE door_expires SET `dead` = 'TRUE' WHERE username = '$user';"); }else{ echo "FALSE"; mysql_query("INSERT INTO door_timeline SET who='$user', action='fail_once', timestamp='$time'"); } }else{ //you have no access echo "FALSE"; mysql_query("INSERT INTO door_timeline SET who='$token', action='fail', timestamp='$time'"); } die(); }else{ //unkn0wn user is not allowed to log in mysql_query("INSERT INTO door_timeline SET who='$token', action='fail', timestamp='$time'"); die("FALSE"); } ?>