Skip to content

Instantly share code, notes, and snippets.

@robertz

robertz/create.php

Created April 30, 2019 12:28
Show Gist options
  • Save robertz/e5e38998d4c5ddea8a83b29eec48a027 to your computer and use it in GitHub Desktop.
Save robertz/e5e38998d4c5ddea8a83b29eec48a027 to your computer and use it in GitHub Desktop.
Download ZIP
Sets up a user game account on a score server
Raw
create.php
<html lang="en">
<head>
<meta charset="utf-8">
<title>score</title>
<meta name="description" content="Score Server">
<meta name="author" content="score">
<link rel="stylesheet" href="//stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<script src="//code.jquery.com/jquery-3.4.0.min.js"></script>
</head>
<body style="margin-top: 32px;">
<div class="container">
<?php
$serverName = "127.0.0.1";
$connectionInfo = array( "Database"=>"cohauth", "UID"=>"sa", "PWD"=>"finallyFree!");
$conn = sqlsrv_connect( $serverName, $connectionInfo);
function adler32($data)
{
$mod_adler = 65521;
$a = 1;
$b = 0;
$len = strlen($data);
for($index = 0; $index < $len; $index++)
{
$a = ($a + ord($data[$index])) % $mod_adler;
$b = ($b + $a) % $mod_adler;
}
return ($b << 16) | $a;
}
function game_hash_password($authname, $password)
{
$authname = strtolower($authname);
$a32 = adler32($authname);
$a32hex = sprintf('%08s', dechex($a32));
$a32hex = substr($a32hex, 6, 2) . substr($a32hex, 4, 2) . substr($a32hex, 2, 2) . substr($a32hex, 0, 2);
$digest = hash('sha512', $password . $a32hex, TRUE);
return $digest;
}
if ( isset($_POST['authname']) && isset($_POST['password']) ) {
$authname = trim($_POST['authname']);
$password = trim($_POST['password']);
/* Does this account exist */
$sql = "SELECT * FROM user_account where account = '$authname'";
$stmt = sqlsrv_query( $conn, $sql, array(), array( "Scrollable" => SQLSRV_CURSOR_KEYSET ));
if( $stmt === false) {
die( print_r( sqlsrv_errors(), true) );
}
$e = sqlsrv_num_rows( $stmt );
if ($e > 0) {
echo "<div class=\"alert alert-danger\">There is already and account with that user id!</div>";
}
else{
/* Grab the next valid id */
$sql = "SELECT TOP 1 * from user_account ORDER BY uid DESC;";
$stmt = sqlsrv_query( $conn, $sql, array(), array( "Scrollable" => SQLSRV_CURSOR_KEYSET ));
$id = 1;
if ( sqlsrv_num_rows( $stmt ) ) {
$row = sqlsrv_fetch_array( $stmt, 2 );
$id = $row['uid'] + 1;
}
$hash = bin2hex(game_hash_password($authname, $password));
$stmt = sqlsrv_query($conn, "INSERT INTO cohauth.dbo.user_account (account, uid, forum_id, pay_stat) VALUES ('$authname', $id, $id, 1014);");
$stmt = sqlsrv_query($conn, "INSERT INTO cohauth.dbo.user_auth (account, password, salt, hash_type) VALUES ('$authname', CONVERT(BINARY(128),'$hash'), 0, 1);");
$stmt = sqlsrv_query($conn, "INSERT INTO cohauth.dbo.user_data (uid, user_data) VALUES ($id, 0x0080C2E000D00B0C000000000CB40058);");
$stmt = sqlsrv_query($conn, "INSERT INTO cohauth.dbo.user_server_group (uid, server_group_id) VALUES ($id, 1);");
echo "<div class=\"alert alert-success\">Your account should be ready to use</div>";
}
sqlsrv_free_stmt($stmt);
}
?>
<div style="display: block; width: 50%; margin: auto;">
<form method="post">
<label for="user">User:</label>
<input type="text" name="authname" id="user" class="form-control" />
<br />
<label for="pass">Password:</label>
<input type="text" name="password" id="pass" class="form-control" />
<br />
<button type="submit" class="btn btn-primary">Submit</button>
</form>
</div>
</div>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment