ViskoB/GW2_TS3_Auth.php

## GW2_TS3_Auth.php
<?php
require_once('TS3F/libraries/TeamSpeak3/TeamSpeak3.php');
require_once('request.inc.php');

$ts3_squeryuser = "squeryuser";
$ts3_squerypass = "squerypass";
$ts3_squery_urlport = "ts3.example.com:10011";
$ts3_server_port = "9987";

$myTS3FErrors = array();

$AuthWorldID = 2014; // Set this to your world ID you wish to allow access
$ts3_groupid = 1; // Group ID with access

$db_hostname = "dbhost";
$db_name = "dbname";
$db_user = "dbuser";
$db_password = "dbpass";
try{
    $dbh_me = new PDO( "mysql:host=$db_hostname; dbname=$db_name", $db_user, $db_password);
}catch(PDOException $e){
    echo $e->getMessage();
}
$dbh_me->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_SILENT);

$last_check = date('Y-m-d H:i:s');
$sessionhash = ""; //GENERATE YOUR SESSION HASH HERE http://php.net/manual/en/function.session-id.php

if(!isset($_POST['submit'])){
    if(!isset($_GET['tsid'])){
        echo "Invalid Teamspeak Session";
        die();
    }

    $ts3_VirtualServer = TeamSpeak3::factory("serverquery://{$ts3_squeryuser}:{$ts3_squerypass}@{$ts3_squery_urlport}/?server_port={$ts3_server_port}");
    try{
        $ts3_dbid = $ts3_VirtualServer->clientInfoDb($_GET['tsid']);
    }catch(Exception $e){
        echo "Invalid Teamspeak ID";
        die();
    }
    $ts3_id = $ts3_dbid['client_unique_identifier'];
    $ts3_dbid = $ts3_dbid['client_database_id'];
    $ts3_user = $ts3_VirtualServer->execute("clientdbinfo", array("cldbid" => $ts3_dbid))->toList();
    ob_start();
    echo $ts3_user['client_lastip'];
    $ts3_user_ip = ob_get_clean();
    if($ts3_user_ip != $_SERVER["REMOTE_ADDR"]; ){
        echo "Last TS IP and current IP are different, please verify whilst TS is connected.";
        die();
    }

	$keyname = uniqid();

    $stmt = $dbh_me->prepare("INSERT INTO ts3auth (ts3_uniqueid,dbsessionhash,keyname) VALUES (?, '{$sessionhash}', '{$keyname}') ON DUPLICATE KEY UPDATE dbsessionhash='{$dbsessionhash}', keyname='{$keyname}'");
    $stmt->execute(array($ts3_id));

    echo <<<EOF
		<p>Link to API Keys: https://account.guildwars2.com/account/api-keys</p>
		<p>Create a key with this name: {$keyname}</p>
		<form action="GW2_TS3_Auth.php" method="post" enctype="multipart/form-data" name="apiForm">
			<input type="hidden" name="ts3id" value="{$ts3_id}" />
			<p style="font-size: large"><input type="text" name="APIKey" value="" size="75" /></p>
			<input name="submit" type="submit" id="submit" value="Submit" /><br />
		</form>
EOF;
}else{
    if($_POST['APIKey'] == ""){
        echo"You must enter your API Key";
        die();
    }else{
		$stmt = $dbh_me->prepare("SELECT * FROM ts3auth WHERE ts3_uniqueid = ? LIMIT 1");
        $stmt->execute(array($_POST['ts3id']));
        $row = $stmt->fetch();

		$response = gw2_api_request('/v2/tokeninfo', $_POST['APIKey']);

		if($response)
		{
			if($row['keyname'] != $response['name'])
			{
				echo "<p>Please ensure you enter the keyname exactly as stated on the original page.<br />";
				echo "Expected name: {$row['keyname']}<br />";
				echo "Returned: {$response['name']}</p>";
				die();
			}
		}else{
			$templateBody = "We have been unable to access your details";
            die();
		}

        $response = gw2_api_request('/v2/account', $_POST['APIKey']);

        if($response){

            if($row['dbsessionhash'] != $sessionhash){
                echo "Mismatching sessions - potential CSRF detected. Please inform an admin if you received this in error.";
                die();
            }

            $stmt = $dbh_me->prepare("UPDATE ts3auth SET gw2_name='{$response['name']}',gw2_world='{$response['world']}', gw2_apikey='{$_POST['APIKey']}', last_check = '{$last_check}', type='apikey' WHERE ts3_uniqueid = ?");
            $stmt->execute(array($_POST['ts3id']));

            if($response['world'] == $AuthWorldID){
                $ts3_VirtualServer = TeamSpeak3::factory("serverquery://{$ts3_squeryuser}:{$ts3_squerypass}@{$ts3_squery_urlport}/?server_port={$ts3_server_port}");
                $ts3_dbid = 0;
                $ts3_dbid = $ts3_VirtualServer->clientFindDb($_POST['ts3id'], true);
                $ts3_dbid = $ts3_dbid[0];
                if($ts3_dbid <> 0){
                    try
                    {
                        $ts3_VirtualServer->execute("servergroupaddclient", array("sgid" => $ts3_groupid, "cldbid" => $ts3_dbid));
                    }
                    catch(Exception $e)
                    {
                        $myTS3FErrors[] = $e;
                    }
                }
                echo 'Thank you. Your account has been verified and you now have access to the WvW Channels. To revoke this application\'s access please visit <a href="https://account.guildwars2.com/account/api-keys">https://account.guildwars2.com/account/api-keys</a>.';
                die();
            }else{
                echo 'Thank you. Your account has been checked, however the ArenaNet servers report that you are not a player of this server. To revoke this application\'s access please visit <a href="https://account.guildwars2.com/account/api-keys">https://account.guildwars2.com/account/api-keys</a>.';
                die();
            }
        }else{
            $templateBody = "We have been unable to access your details";
            die();
        }
    }
}
?>
	<?php
	require_once('TS3F/libraries/TeamSpeak3/TeamSpeak3.php');
	require_once('request.inc.php');

	$ts3_squeryuser = "squeryuser";
	$ts3_squerypass = "squerypass";
	$ts3_squery_urlport = "ts3.example.com:10011";
	$ts3_server_port = "9987";

	$myTS3FErrors = array();

	$AuthWorldID = 2014; // Set this to your world ID you wish to allow access
	$ts3_groupid = 1; // Group ID with access

	$db_hostname = "dbhost";
	$db_name = "dbname";
	$db_user = "dbuser";
	$db_password = "dbpass";
	try{
	$dbh_me = new PDO( "mysql:host=$db_hostname; dbname=$db_name", $db_user, $db_password);
	}catch(PDOException $e){
	echo $e->getMessage();
	}
	$dbh_me->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_SILENT);

	$last_check = date('Y-m-d H:i:s');
	$sessionhash = ""; //GENERATE YOUR SESSION HASH HERE http://php.net/manual/en/function.session-id.php

	if(!isset($_POST['submit'])){
	if(!isset($_GET['tsid'])){
	echo "Invalid Teamspeak Session";
	die();
	}

	$ts3_VirtualServer = TeamSpeak3::factory("serverquery://{$ts3_squeryuser}:{$ts3_squerypass}@{$ts3_squery_urlport}/?server_port={$ts3_server_port}");
	try{
	$ts3_dbid = $ts3_VirtualServer->clientInfoDb($_GET['tsid']);
	}catch(Exception $e){
	echo "Invalid Teamspeak ID";
	die();
	}
	$ts3_id = $ts3_dbid['client_unique_identifier'];
	$ts3_dbid = $ts3_dbid['client_database_id'];
	$ts3_user = $ts3_VirtualServer->execute("clientdbinfo", array("cldbid" => $ts3_dbid))->toList();
	ob_start();
	echo $ts3_user['client_lastip'];
	$ts3_user_ip = ob_get_clean();
	if($ts3_user_ip != $_SERVER["REMOTE_ADDR"]; ){
	echo "Last TS IP and current IP are different, please verify whilst TS is connected.";
	die();
	}

	$keyname = uniqid();

	$stmt = $dbh_me->prepare("INSERT INTO ts3auth (ts3_uniqueid,dbsessionhash,keyname) VALUES (?, '{$sessionhash}', '{$keyname}') ON DUPLICATE KEY UPDATE dbsessionhash='{$dbsessionhash}', keyname='{$keyname}'");
	$stmt->execute(array($ts3_id));

	echo <<<EOF
	<p>Link to API Keys: https://account.guildwars2.com/account/api-keys</p>
	<p>Create a key with this name: {$keyname}</p>
	<form action="GW2_TS3_Auth.php" method="post" enctype="multipart/form-data" name="apiForm">
	<input type="hidden" name="ts3id" value="{$ts3_id}" />
	<p style="font-size: large"><input type="text" name="APIKey" value="" size="75" /></p>
	<input name="submit" type="submit" id="submit" value="Submit" /><br />
	</form>
	EOF;
	}else{
	if($_POST['APIKey'] == ""){
	echo"You must enter your API Key";
	die();
	}else{
	$stmt = $dbh_me->prepare("SELECT * FROM ts3auth WHERE ts3_uniqueid = ? LIMIT 1");
	$stmt->execute(array($_POST['ts3id']));
	$row = $stmt->fetch();

	$response = gw2_api_request('/v2/tokeninfo', $_POST['APIKey']);

	if($response)
	{
	if($row['keyname'] != $response['name'])
	{
	echo "<p>Please ensure you enter the keyname exactly as stated on the original page.<br />";
	echo "Expected name: {$row['keyname']}<br />";
	echo "Returned: {$response['name']}</p>";
	die();
	}
	}else{
	$templateBody = "We have been unable to access your details";
	die();
	}

	$response = gw2_api_request('/v2/account', $_POST['APIKey']);

	if($response){

	if($row['dbsessionhash'] != $sessionhash){
	echo "Mismatching sessions - potential CSRF detected. Please inform an admin if you received this in error.";
	die();
	}

	$stmt = $dbh_me->prepare("UPDATE ts3auth SET gw2_name='{$response['name']}',gw2_world='{$response['world']}', gw2_apikey='{$_POST['APIKey']}', last_check = '{$last_check}', type='apikey' WHERE ts3_uniqueid = ?");
	$stmt->execute(array($_POST['ts3id']));

	if($response['world'] == $AuthWorldID){
	$ts3_VirtualServer = TeamSpeak3::factory("serverquery://{$ts3_squeryuser}:{$ts3_squerypass}@{$ts3_squery_urlport}/?server_port={$ts3_server_port}");
	$ts3_dbid = 0;
	$ts3_dbid = $ts3_VirtualServer->clientFindDb($_POST['ts3id'], true);
	$ts3_dbid = $ts3_dbid[0];
	if($ts3_dbid <> 0){
	try
	{
	$ts3_VirtualServer->execute("servergroupaddclient", array("sgid" => $ts3_groupid, "cldbid" => $ts3_dbid));
	}
	catch(Exception $e)
	{
	$myTS3FErrors[] = $e;
	}
	}
	echo 'Thank you. Your account has been verified and you now have access to the WvW Channels. To revoke this application\'s access please visit <a href="https://account.guildwars2.com/account/api-keys">https://account.guildwars2.com/account/api-keys</a>.';
	die();
	}else{
	echo 'Thank you. Your account has been checked, however the ArenaNet servers report that you are not a player of this server. To revoke this application\'s access please visit <a href="https://account.guildwars2.com/account/api-keys">https://account.guildwars2.com/account/api-keys</a>.';
	die();
	}
	}else{
	$templateBody = "We have been unable to access your details";
	die();
	}
	}
	}
	?>