Skip to content
This repository was archived by the owner on Feb 17, 2021. It is now read-only.

Commit

Permalink
Submission Issue #1, #2
Browse files Browse the repository at this point in the history
  • Loading branch information
XATEV authored and XATEV committed Oct 12, 2019
1 parent a3864b5 commit b5d8528
Show file tree
Hide file tree
Showing 5 changed files with 125 additions and 25 deletions.
46 changes: 46 additions & 0 deletions sandbox/HttpStatusCode.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
<?php


class httpStatusCode extends SplEnum {
const __default = self::OK;

const SWITCHING_PROTOCOLS = 101;
const OK = 200;
const CREATED = 201;
const ACCEPTED = 202;
const NONAUTHORITATIVE_INFORMATION = 203;
const NO_CONTENT = 204;
const RESET_CONTENT = 205;
const PARTIAL_CONTENT = 206;
const MULTIPLE_CHOICES = 300;
const MOVED_PERMANENTLY = 301;
const MOVED_TEMPORARILY = 302;
const SEE_OTHER = 303;
const NOT_MODIFIED = 304;
const USE_PROXY = 305;
const BAD_REQUEST = 400;
const UNAUTHORIZED = 401;
const PAYMENT_REQUIRED = 402;
const FORBIDDEN = 403;
const NOT_FOUND = 404;
const METHOD_NOT_ALLOWED = 405;
const NOT_ACCEPTABLE = 406;
const PROXY_AUTHENTICATION_REQUIRED = 407;
const REQUEST_TIMEOUT = 408;
const CONFLICT = 408;
const GONE = 410;
const LENGTH_REQUIRED = 411;
const PRECONDITION_FAILED = 412;
const REQUEST_ENTITY_TOO_LARGE = 413;
const REQUESTURI_TOO_LARGE = 414;
const UNSUPPORTED_MEDIA_TYPE = 415;
const REQUESTED_RANGE_NOT_SATISFIABLE = 416;
const EXPECTATION_FAILED = 417;
const IM_A_TEAPOT = 418;
const INTERNAL_SERVER_ERROR = 500;
const NOT_IMPLEMENTED = 501;
const BAD_GATEWAY = 502;
const SERVICE_UNAVAILABLE = 503;
const GATEWAY_TIMEOUT = 504;
const HTTP_VERSION_NOT_SUPPORTED = 505;
}
33 changes: 24 additions & 9 deletions sandbox/login.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,14 @@
require("utils_security.php");
require("utils_database.php");
require("session.php");
require("utils_json.php");

$sec = new utils_security();
$db = new utils_database();
$ses = new session();
$json = new utils_json();

$username = $sec->rm_inject(($_POST["username"]));
$player_name = $sec->rm_inject(($_POST["username"]));
$password = $sec->rm_inject($_POST["password"]);

/*
Expand All @@ -18,19 +20,19 @@
$str_player_not_found= "Could not find player";
$str_missing_user_psw = "Missing username or password";

if(empty($username) || empty($password)) {
if(empty($player_name) || empty($password)) {

echo $str_missing_user_psw;
$json->fail_msg($str_missing_user_psw);
} else {

$con = $db->new_connection();

$stmt = $con->prepare("
SELECT password
FROM sandbox.player_administrative_info
WHERE playername=?
WHERE player_name=?
");
$stmt->bind_param("s", $username);
$stmt->bind_param("s", $player_name);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($res_password_hash);
Expand All @@ -39,13 +41,26 @@

if(password_verify($password, $res_password_hash)){

$ses->generate_session_login($con, $username);
$stmt = $con->prepare("
SELECT id
FROM sandbox.player_administrative_info
WHERE player_name=?");

$stmt->bind_param("s", $player_name);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($player_id);

if($stmt->fetch()) {

$session_id = $ses->generate_session_login($con, $player_id);
$json->success_login($player_id, $player_name, $session_id);
}
} else {
echo $str_incorrect_password;
$json->fail_msg($str_incorrect_password);
}
} else {

echo $str_player_not_found;
$json->fail_msg($str_player_not_found);
}
$stmt->close();
$con->close();
Expand Down
27 changes: 18 additions & 9 deletions sandbox/register.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,15 @@

require("utils_security.php");
require("utils_database.php");
require("utils_json.php");
require("session.php");

$sec = new utils_security();
$db = new utils_database();
$json = new utils_json();
$ses = new session();

$username = $sec->rm_inject($_POST["username"]);
$player_name = $sec->rm_inject($_POST["username"]);
$mail_address = $sec->rm_inject($_POST["email"]);
$password = $sec->rm_inject($_POST["password"]);

Expand All @@ -29,7 +33,7 @@
try{
// Validate if fields are populated correctly
if(!filter_var($mail_address, FILTER_VALIDATE_EMAIL)
&& !empty($username)
&& !empty($player_name)
&& !empty($password)
&& strlen($password) > 5) {

Expand All @@ -40,11 +44,11 @@

// Check whether username is already registered
$stmt_usr = $con->prepare("
SELECT playername
SELECT player_name
FROM sandbox.player_administrative_info
WHERE playername=?
WHERE player_name=?
");
$stmt_usr->bind_param("s", $username);
$stmt_usr->bind_param("s", $player_name);

if((!$stmt_usr->execute())) {
throw new \Exception($stmt_usr->error);
Expand Down Expand Up @@ -77,19 +81,24 @@

// Add new player to player_administrative_info
$stmt = $con->prepare("
INSERT INTO sandbox.player_administrative_info (playername, password, mail)
INSERT INTO sandbox.player_administrative_info (player_name, password, mail)
VALUES (?,?,?)
");
$stmt->bind_param("sss", $username, $password, $mail_address);
$stmt->bind_param("sss", $player_name, $password, $mail_address);

if(!$stmt->execute()) {
throw new \Exception($stmt->error);
}

echo $str_registration_successful;
$stmt->store_result();

$player_id = $con->insert_id;

$session_id = $ses->generate_session_login($con, $player_id);
$json->success_login($player_id, $player_name, $session_id);
}
} catch(\Exception $e) {
echo $e->getMessage();
$json->fail_msg($e->getMessage());
} finally {

$stmt->close();
Expand Down
13 changes: 6 additions & 7 deletions sandbox/session.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,27 +3,26 @@
class session
{

public function generate_session_login($con, $username)
public function generate_session_login($con, $player_id)
{

try {

$stmt = $con->prepare("
INSERT INTO sandbox.player_session (playername, id, valid_until)
INSERT INTO sandbox.player_session (player_id, session_id, valid_until)
VALUES (?,?,DATE_ADD(NOW(), INTERVAL 30 MINUTE ))
ON DUPLICATE KEY UPDATE playername=VALUES(playername),id=VALUES(id),valid_until=VALUES(valid_until)
ON DUPLICATE KEY UPDATE player_id=VALUES(player_id),session_id=VALUES(session_id),valid_until=VALUES(valid_until)
");
// Generate unique session-ID
$session_id = bin2hex(openssl_random_pseudo_bytes(50));
$session_id = bin2hex(openssl_random_pseudo_bytes(20));

$stmt->bind_param("ss", $username, $session_id);
$stmt->bind_param("is", $player_id, $session_id);

if (!$stmt->execute()) {
throw new \Exception($stmt->error);
}

echo $session_id;

return $session_id;
} catch (\Exception $e) {
echo $e->getMessage();
}
Expand Down
31 changes: 31 additions & 0 deletions sandbox/utils_json.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
<?php


class utils_json
{
public function success_login($player_id, $playername, $session_id) {

$arr = array(
'success' => true,
'user' => array(
'id' => $player_id,
'name' => $playername
),
'token' => $session_id
);

echo json_encode($arr);
http_response_code(new httpStatusCode(httpStatusCode::OK));
}

public function fail_msg($message) {

$arr = array(
'success' => false,
'message' => $message
);

echo json_encode($arr);
http_response_code(new httpStatusCode(httpStatusCode::BAD_REQUEST));
}
}

0 comments on commit b5d8528

Please sign in to comment.