Door System/unlock.php: Unterschied zwischen den Versionen

VisuellWikitext

@@ Zeile 1: / Zeile 1: @@
 <pre>
-- will be here soon -
+<?
+//
+// Metalab Keks (Keymembers exclusive Key System)
+// - unlock.php
+// this file allows the endpoint(pos) to figure out if a
+// certain user is allowed to access the metalab at the
+// given time
+//
+include 'config.php';
+$time = time();
+if (isset($_REQUEST['token'])){
+	$token = mysql_real_escape_string($_REQUEST['token']);
+}else{
+	//you are going down
+	die("No Token Set");
+}
+$sqlt2u  = mysql_query("SELECT * FROM door_users WHERE token = '$token'");
+$sqlt2uq = mysql_fetch_array($sqlt2u);
+$user =  $sqlt2uq['username'];
+if ($_REQUEST['token'] == $sqlt2uq['token']){
+	//welcome known user, lets see if you got any permissions
+	$sqlu2a  = mysql_query("SELECT * FROM door_acl WHERE username = '$user'");
+	$sqlu2aq = mysql_fetch_array($sqlu2a);
+	if ($sqlu2aq['permission'] == "0"){
+		//you got full acess
+		echo "TRUE";
+		mysql_query("INSERT INTO door_timeline SET who='$user', action='unlock', timestamp='$time'");
+	}elseif($sqlu2aq['permission'] == "1"){
+		//you got partial access
+		 $sqlu2e  = mysql_query("SELECT * FROM door_expires WHERE username = '$user'");
+        	 $sqlu2eq = mysql_fetch_array($sqlu2e);
+		 if($sqlu2eq['dead'] == "FALSE"){
+			echo "TEMP";
+			mysql_query("INSERT INTO door_timeline SET who='$user', action='unlock_once', timestamp='$time'");
+			//kill the ticket - the user is only allowed to ride once
+			mysql_query("UPDATE door_expires SET `dead` = 'TRUE' WHERE username = '$user';");
+		}else{
+			echo "FALSE";
+			mysql_query("INSERT INTO door_timeline SET who='$user', action='fail_once', timestamp='$time'");
+		}
+	}else{
+		//you have no access
+		echo "FALSE";
+		mysql_query("INSERT INTO door_timeline SET who='$token', action='fail', timestamp='$time'");
+	}
+	die();
+}else{
+	//unkn0wn user is not allowed to log in
+	mysql_query("INSERT INTO door_timeline SET who='$token', action='fail', timestamp='$time'");
+	die("FALSE");
+}
+?>
 </pre>