Door System/unlock.php: Unterschied zwischen den Versionen
aus Metalab Wiki, dem offenen Zentrum für meta-disziplinäre Magier und technisch-kreative Enthusiasten.
Zur Navigation springenZur Suche springen
Naxx (Diskussion | Beiträge) (Die Seite wurde neu angelegt: <pre> - will be here soon - </pre>) |
Naxx (Diskussion | Beiträge) Keine Bearbeitungszusammenfassung |
||
Zeile 1: | Zeile 1: | ||
<pre> | <pre> | ||
- | |||
<? | |||
// | |||
// Metalab Keks (Keymembers exclusive Key System) | |||
// - unlock.php | |||
// this file allows the endpoint(pos) to figure out if a | |||
// certain user is allowed to access the metalab at the | |||
// given time | |||
// | |||
include 'config.php'; | |||
$time = time(); | |||
if (isset($_REQUEST['token'])){ | |||
$token = mysql_real_escape_string($_REQUEST['token']); | |||
}else{ | |||
//you are going down | |||
die("No Token Set"); | |||
} | |||
$sqlt2u = mysql_query("SELECT * FROM door_users WHERE token = '$token'"); | |||
$sqlt2uq = mysql_fetch_array($sqlt2u); | |||
$user = $sqlt2uq['username']; | |||
if ($_REQUEST['token'] == $sqlt2uq['token']){ | |||
//welcome known user, lets see if you got any permissions | |||
$sqlu2a = mysql_query("SELECT * FROM door_acl WHERE username = '$user'"); | |||
$sqlu2aq = mysql_fetch_array($sqlu2a); | |||
if ($sqlu2aq['permission'] == "0"){ | |||
//you got full acess | |||
echo "TRUE"; | |||
mysql_query("INSERT INTO door_timeline SET who='$user', action='unlock', timestamp='$time'"); | |||
}elseif($sqlu2aq['permission'] == "1"){ | |||
//you got partial access | |||
$sqlu2e = mysql_query("SELECT * FROM door_expires WHERE username = '$user'"); | |||
$sqlu2eq = mysql_fetch_array($sqlu2e); | |||
if($sqlu2eq['dead'] == "FALSE"){ | |||
echo "TEMP"; | |||
mysql_query("INSERT INTO door_timeline SET who='$user', action='unlock_once', timestamp='$time'"); | |||
//kill the ticket - the user is only allowed to ride once | |||
mysql_query("UPDATE door_expires SET `dead` = 'TRUE' WHERE username = '$user';"); | |||
}else{ | |||
echo "FALSE"; | |||
mysql_query("INSERT INTO door_timeline SET who='$user', action='fail_once', timestamp='$time'"); | |||
} | |||
}else{ | |||
//you have no access | |||
echo "FALSE"; | |||
mysql_query("INSERT INTO door_timeline SET who='$token', action='fail', timestamp='$time'"); | |||
} | |||
die(); | |||
}else{ | |||
//unkn0wn user is not allowed to log in | |||
mysql_query("INSERT INTO door_timeline SET who='$token', action='fail', timestamp='$time'"); | |||
die("FALSE"); | |||
} | |||
?> | |||
</pre> | </pre> |
Aktuelle Version vom 18. April 2008, 17:13 Uhr
<? // // Metalab Keks (Keymembers exclusive Key System) // - unlock.php // this file allows the endpoint(pos) to figure out if a // certain user is allowed to access the metalab at the // given time // include 'config.php'; $time = time(); if (isset($_REQUEST['token'])){ $token = mysql_real_escape_string($_REQUEST['token']); }else{ //you are going down die("No Token Set"); } $sqlt2u = mysql_query("SELECT * FROM door_users WHERE token = '$token'"); $sqlt2uq = mysql_fetch_array($sqlt2u); $user = $sqlt2uq['username']; if ($_REQUEST['token'] == $sqlt2uq['token']){ //welcome known user, lets see if you got any permissions $sqlu2a = mysql_query("SELECT * FROM door_acl WHERE username = '$user'"); $sqlu2aq = mysql_fetch_array($sqlu2a); if ($sqlu2aq['permission'] == "0"){ //you got full acess echo "TRUE"; mysql_query("INSERT INTO door_timeline SET who='$user', action='unlock', timestamp='$time'"); }elseif($sqlu2aq['permission'] == "1"){ //you got partial access $sqlu2e = mysql_query("SELECT * FROM door_expires WHERE username = '$user'"); $sqlu2eq = mysql_fetch_array($sqlu2e); if($sqlu2eq['dead'] == "FALSE"){ echo "TEMP"; mysql_query("INSERT INTO door_timeline SET who='$user', action='unlock_once', timestamp='$time'"); //kill the ticket - the user is only allowed to ride once mysql_query("UPDATE door_expires SET `dead` = 'TRUE' WHERE username = '$user';"); }else{ echo "FALSE"; mysql_query("INSERT INTO door_timeline SET who='$user', action='fail_once', timestamp='$time'"); } }else{ //you have no access echo "FALSE"; mysql_query("INSERT INTO door_timeline SET who='$token', action='fail', timestamp='$time'"); } die(); }else{ //unkn0wn user is not allowed to log in mysql_query("INSERT INTO door_timeline SET who='$token', action='fail', timestamp='$time'"); die("FALSE"); } ?>