Last active
August 29, 2015 14:20
-
-
Save ViskoB/bed32acad622a2603805 to your computer and use it in GitHub Desktop.
GW2 TS3 Authentication - Enter API Key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
require_once('TS3F/libraries/TeamSpeak3/TeamSpeak3.php'); | |
require_once('request.inc.php'); | |
$ts3_squeryuser = "squeryuser"; | |
$ts3_squerypass = "squerypass"; | |
$ts3_squery_urlport = "ts3.example.com:10011"; | |
$ts3_server_port = "9987"; | |
$myTS3FErrors = array(); | |
$AuthWorldID = 2014; // Set this to your world ID you wish to allow access | |
$ts3_groupid = 1; // Group ID with access | |
$db_hostname = "dbhost"; | |
$db_name = "dbname"; | |
$db_user = "dbuser"; | |
$db_password = "dbpass"; | |
try{ | |
$dbh_me = new PDO( "mysql:host=$db_hostname; dbname=$db_name", $db_user, $db_password); | |
}catch(PDOException $e){ | |
echo $e->getMessage(); | |
} | |
$dbh_me->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_SILENT); | |
$last_check = date('Y-m-d H:i:s'); | |
$sessionhash = ""; //GENERATE YOUR SESSION HASH HERE http://php.net/manual/en/function.session-id.php | |
if(!isset($_POST['submit'])){ | |
if(!isset($_GET['tsid'])){ | |
echo "Invalid Teamspeak Session"; | |
die(); | |
} | |
$ts3_VirtualServer = TeamSpeak3::factory("serverquery://{$ts3_squeryuser}:{$ts3_squerypass}@{$ts3_squery_urlport}/?server_port={$ts3_server_port}"); | |
try{ | |
$ts3_dbid = $ts3_VirtualServer->clientInfoDb($_GET['tsid']); | |
}catch(Exception $e){ | |
echo "Invalid Teamspeak ID"; | |
die(); | |
} | |
$ts3_id = $ts3_dbid['client_unique_identifier']; | |
$ts3_dbid = $ts3_dbid['client_database_id']; | |
$ts3_user = $ts3_VirtualServer->execute("clientdbinfo", array("cldbid" => $ts3_dbid))->toList(); | |
ob_start(); | |
echo $ts3_user['client_lastip']; | |
$ts3_user_ip = ob_get_clean(); | |
if($ts3_user_ip != $_SERVER["REMOTE_ADDR"]; ){ | |
echo "Last TS IP and current IP are different, please verify whilst TS is connected."; | |
die(); | |
} | |
$keyname = uniqid(); | |
$stmt = $dbh_me->prepare("INSERT INTO ts3auth (ts3_uniqueid,dbsessionhash,keyname) VALUES (?, '{$sessionhash}', '{$keyname}') ON DUPLICATE KEY UPDATE dbsessionhash='{$dbsessionhash}', keyname='{$keyname}'"); | |
$stmt->execute(array($ts3_id)); | |
echo <<<EOF | |
<p>Link to API Keys: https://account.guildwars2.com/account/api-keys</p> | |
<p>Create a key with this name: {$keyname}</p> | |
<form action="GW2_TS3_Auth.php" method="post" enctype="multipart/form-data" name="apiForm"> | |
<input type="hidden" name="ts3id" value="{$ts3_id}" /> | |
<p style="font-size: large"><input type="text" name="APIKey" value="" size="75" /></p> | |
<input name="submit" type="submit" id="submit" value="Submit" /><br /> | |
</form> | |
EOF; | |
}else{ | |
if($_POST['APIKey'] == ""){ | |
echo"You must enter your API Key"; | |
die(); | |
}else{ | |
$stmt = $dbh_me->prepare("SELECT * FROM ts3auth WHERE ts3_uniqueid = ? LIMIT 1"); | |
$stmt->execute(array($_POST['ts3id'])); | |
$row = $stmt->fetch(); | |
$response = gw2_api_request('/v2/tokeninfo', $_POST['APIKey']); | |
if($response) | |
{ | |
if($row['keyname'] != $response['name']) | |
{ | |
echo "<p>Please ensure you enter the keyname exactly as stated on the original page.<br />"; | |
echo "Expected name: {$row['keyname']}<br />"; | |
echo "Returned: {$response['name']}</p>"; | |
die(); | |
} | |
}else{ | |
$templateBody = "We have been unable to access your details"; | |
die(); | |
} | |
$response = gw2_api_request('/v2/account', $_POST['APIKey']); | |
if($response){ | |
if($row['dbsessionhash'] != $sessionhash){ | |
echo "Mismatching sessions - potential CSRF detected. Please inform an admin if you received this in error."; | |
die(); | |
} | |
$stmt = $dbh_me->prepare("UPDATE ts3auth SET gw2_name='{$response['name']}',gw2_world='{$response['world']}', gw2_apikey='{$_POST['APIKey']}', last_check = '{$last_check}', type='apikey' WHERE ts3_uniqueid = ?"); | |
$stmt->execute(array($_POST['ts3id'])); | |
if($response['world'] == $AuthWorldID){ | |
$ts3_VirtualServer = TeamSpeak3::factory("serverquery://{$ts3_squeryuser}:{$ts3_squerypass}@{$ts3_squery_urlport}/?server_port={$ts3_server_port}"); | |
$ts3_dbid = 0; | |
$ts3_dbid = $ts3_VirtualServer->clientFindDb($_POST['ts3id'], true); | |
$ts3_dbid = $ts3_dbid[0]; | |
if($ts3_dbid <> 0){ | |
try | |
{ | |
$ts3_VirtualServer->execute("servergroupaddclient", array("sgid" => $ts3_groupid, "cldbid" => $ts3_dbid)); | |
} | |
catch(Exception $e) | |
{ | |
$myTS3FErrors[] = $e; | |
} | |
} | |
echo 'Thank you. Your account has been verified and you now have access to the WvW Channels. To revoke this application\'s access please visit <a href="https://account.guildwars2.com/account/api-keys">https://account.guildwars2.com/account/api-keys</a>.'; | |
die(); | |
}else{ | |
echo 'Thank you. Your account has been checked, however the ArenaNet servers report that you are not a player of this server. To revoke this application\'s access please visit <a href="https://account.guildwars2.com/account/api-keys">https://account.guildwars2.com/account/api-keys</a>.'; | |
die(); | |
} | |
}else{ | |
$templateBody = "We have been unable to access your details"; | |
die(); | |
} | |
} | |
} | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment