From 839f4518ca27ef3cc131231b03e603a454adbeef Mon Sep 17 00:00:00 2001 From: anomen Date: Tue, 8 May 2012 22:49:44 +0200 Subject: [PATCH] www-apps/gc-fallout - updates --- www-apps/gc-fallout/dev/custom.php | 3 ++- www-apps/gc-fallout/dev/index.php | 42 +++++++++++++++++-------------------- www-apps/gc-fallout/dev/readme.txt | 28 +++++++++++++++++++++++++ www-apps/gc-fallout/dev/token.php | 17 ++++++--------- www-apps/gc-fallout/dev/toolbox.php | 2 +- 5 files changed, 56 insertions(+), 36 deletions(-) create mode 100644 www-apps/gc-fallout/dev/readme.txt diff --git a/www-apps/gc-fallout/dev/custom.php b/www-apps/gc-fallout/dev/custom.php index 2dc64b5..d03eb08 100644 --- a/www-apps/gc-fallout/dev/custom.php +++ b/www-apps/gc-fallout/dev/custom.php @@ -23,6 +23,7 @@ define("PERK_HEIGHT", 140); */ function over_platnost($vstup) { + return true; $v = true; $v &= over_poradi($vstup, 1, 3, 9); @@ -60,7 +61,7 @@ function vyhodnot_klice($vstup) if (in_array(1, $vstup) && in_array(9, $vstup)) { // odstranit 101; mazani je komplikovane - $key101 = array_search(101, $vystup) + $key101 = array_search(101, $vystup); if ($key101 !== FALSE) { unset($vystup[$key101]); } diff --git a/www-apps/gc-fallout/dev/index.php b/www-apps/gc-fallout/dev/index.php index 529b1eb..4f3e766 100644 --- a/www-apps/gc-fallout/dev/index.php +++ b/www-apps/gc-fallout/dev/index.php @@ -25,8 +25,8 @@ foreach ($params as $p) { + - - - -
-

-\n"; -if (!empty($U['klice'])) { - echo "

\n"; - -if (!ip_check()) { + if (!ip_check()) { echo "OPAKOVANY POKUS"; if (LIMIT_TRIES_PER_DAY) { - echo "

\n"; + echo "

\n"; die; } -} + } -// echo "volam ohodnot_hrace(${U['klice']})"; // DEBUG +// echo "volam ohodnot_hrace(${U['klice']})"; // DEBUG ohodnot_hrace($U); + foreach($U['perky'] as $perk) { echo "

\n"; } @@ -93,23 +88,24 @@ if (!ip_check()) { echo "

odkaz pro zalogovani:
\n"; $token_b64 = getToken($U); - $script="http://${_SERVER['SERVER_NAME']}:${_SERVER['SERVER_PORT']}" . str_replace('index.php','cert.php', $_SERVER['SCRIPT_NAME']) . "?$token_b64"; + $script="http://${_SERVER['SERVER_NAME']}:${_SERVER['SERVER_PORT']}" + . str_replace('index.php','cert.php', $_SERVER['SCRIPT_NAME']) + . "?$token_b64"; // $script="http://${_SERVER['SERVER_NAME']}:${_SERVER['SERVER_PORT']}/~guppy/fallout/cert.php?$token_b64"; //TEST // $script = 'http://guppy.zemeplocha.info:10080/~guppy/fallout/cert.php?' . implode('/', array_keys($perky)); // echo "[url=$script][/url]
\n"; - echo "$token_b64
\n"; + echo "CERTIFIKÁT
\n"; + echo "\n"; // print_r(decodeToken($token_b64)); -} +} ?> -

- diff --git a/www-apps/gc-fallout/dev/readme.txt b/www-apps/gc-fallout/dev/readme.txt new file mode 100644 index 0000000..f7b06b9 --- /dev/null +++ b/www-apps/gc-fallout/dev/readme.txt @@ -0,0 +1,28 @@ += Workflow = + +index.php: +== Vyplnění formuláře == +pole $U: +- login +- klice +- penize +- jidlo +- karma +- perky - pole perku + +kontrola IP (ip_check) + +ohodnot_hrace($U): +- parse_keys +- vyhodnot_klice (vygeneruje perky vygenerovane pomoci) +- over_platnost +- spocti_skore + +zobraz perky + +vygeneruj token + +vypis odkaz na certifikat + +== certifikat == + diff --git a/www-apps/gc-fallout/dev/token.php b/www-apps/gc-fallout/dev/token.php index 9e68dc1..4df75a4 100644 --- a/www-apps/gc-fallout/dev/token.php +++ b/www-apps/gc-fallout/dev/token.php @@ -2,7 +2,7 @@ require_once('phpseclib/AES.php'); -define(SEED_LENGTH, 2); +define('SEED_LENGTH', 2); function base64_url_encode($input) { return strtr(base64_encode($input), '+', '_'); @@ -12,7 +12,6 @@ function base64_url_decode($input) { return base64_decode(strtr($input, '_', '+')); } - function aes_encrypt($pass, $plaintext) { $aes = new Crypt_AES(CRYPT_AES_MODE_CTR); @@ -49,12 +48,13 @@ function getToken($U) $seed = str_pad('', SEED_LENGTH, 'x'); $plain = "$seed!${U['login']}!${U['karma']}!${U['penize']}!${U['jidlo']}!${U['skore']}!$perkyStr"; while (strlen($plain) % 3 != 0) { // pad to base64 block - $plain .= '!'; + $plain .= ' '; } $sha = sha1(PASSWORD . $plain, true); for ($i = 0; $i < SEED_LENGTH; $i++) { $plain{$i} = $sha{$i}; } + echo " XXX $plain XXX"; $token = aes_encrypt(PASSWORD, $plain); $token_b64 = base64_url_encode($token); @@ -72,6 +72,7 @@ function decodeToken($token) for ($i = 0; $i < SEED_LENGTH; $i++) { $token_check{$i} = 'x'; } + header('X-Token: '.$token_check ); $sha = sha1(PASSWORD . $token_check, true); if (substr($token_dec,0,SEED_LENGTH) != substr($sha,0,SEED_LENGTH)) { @@ -82,20 +83,14 @@ function decodeToken($token) } header('X-Token: ' . $token_check); - $token_list = explode($sep,$token_dec); - $U['seed'] = array_shift($token_list); + $token_list = explode($sep, trim($token_check)); + array_shift($token_list); // = xx $U['login'] = array_shift($token_list); $U['karma'] = array_shift($token_list); $U['penize'] = array_shift($token_list); $U['jidlo'] = array_shift($token_list); $U['skore'] = array_shift($token_list); - // remove empty items used as padding - foreach($token_list as $k=> $v) { - if (empty($v)) { - unset($token_list[$k]); - } - } $U['perky'] = $token_list; return $U; diff --git a/www-apps/gc-fallout/dev/toolbox.php b/www-apps/gc-fallout/dev/toolbox.php index 6d1ec0d..1bb48c5 100644 --- a/www-apps/gc-fallout/dev/toolbox.php +++ b/www-apps/gc-fallout/dev/toolbox.php @@ -58,7 +58,7 @@ function ohodnot_hrace($klice_str) /** * Vrati pole obsahujici klice vstupniho pole, ktere maji hodnotu true. * - * Example: + * Example: * $v = array( 1=>true, 2=>false, 13=>true); * $res = array_keys_true($v); * // $res == array(1, 13); -- 2.11.4.GIT