IsleHorse/HISP
1
0
Fork 0
mirror of https://github.com/islehorse/HISP.git synced 2025-07-16 20:11:32 +12:00
Code Issues Projects Releases Packages Wiki Activity Actions

Rewrite alot of how game & master site are handled (note in current state its impossible to make an account.)

Browse source
This commit is contained in:
SilicaAndPina 2021-05-19 00:43:27 +12:00
parent 1ad0783f8f
commit c12399dc0e
23 changed files with 548 additions and 888 deletions
Download patch file Download diff file Expand all files Collapse all files

40
WebInterface/game-site/setupaccount.php Normal file
View file

@ -0,0 +1,40 @@
<?php
include('config.php');
if($hmac_secret === "!!NOTSET!!") # Defaults bad.
{
header("HTTP/1.1 403 Forbidden");
echo("Please set HMAC_SECRET in CONFIG.PHP! for security reasons joining the server is refused.<br>Change it from the default and then try again!");
exit();
}
if(isset($_POST["ID"], $_POST["USERNAME"], $_POST["USERNAME"], $_POST["PASSHASH"], $_POST["PASSSALT"], $_POST["SEX"], $_POST["MODERATOR"], $_POST["ADMIN"], $_POST["CODE"]))
{
$id = $_POST["ID"];
$username = $_POST["USERNAME"];
$passhash = $_POST["PASSHASH"];
$passsalt = $_POST["PASSSALT"];
$sex = $_POST["SEX"];
$moderator = $_POST["MODERATOR"];
$admin = $_POST["ADMIN"];
$code = $_POST["CODE"];
#Verify Input
$hmac = hash_hmac('sha256', (string)$id.$username.$passhash.$passsalt.$sex.$moderator.$admin, $hmac_secret."HOIL4321"));
if (hash_equals($code, $hmac))
{
# Create Account.
$stmt = $connect->prepare("INSERT INTO Users VALUES(?,?,?,?,?,?,?)");
$stmt->bind_param("issssss", $id, $username, $passhash, $passsalt, $sex, $admin, $moderator);
$stmt->execute();
echo("OK");
}
else
{
header("HTTP/1.1 403 Forbidden");
echo("Invalid HMAC! Please ensure that all game-site's have the same HMAC as the master-site!
}
}
?>