Game server and admin dashboard for TerranQuest.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123
  1. <?php
  2. /*
  3. * This Source Code Form is subject to the terms of the Mozilla Public
  4. * License, v. 2.0. If a copy of the MPL was not distributed with this
  5. * file, You can obtain one at http://mozilla.org/MPL/2.0/.
  6. */
  7. /**
  8. * Build and send a simple JSON response.
  9. * @param string $msg A message
  10. * @param string $status "OK" or "ERROR"
  11. * @param array $data More JSON data
  12. */
  13. function sendJsonResp(string $msg = null, string $status = "OK", array $data = null) {
  14. $resp = [];
  15. if (!is_null($data)) {
  16. $resp = $data;
  17. }
  18. if (!is_null($msg)) {
  19. $resp["msg"] = $msg;
  20. }
  21. $resp["status"] = $status;
  22. header("Content-Type: application/json");
  23. exit(json_encode($resp));
  24. }
  25. function exitWithJson(array $json) {
  26. header("Content-Type: application/json");
  27. exit(json_encode($json));
  28. }
  29. /**
  30. * Get the API key with most of the characters replaced with *s.
  31. * @global string $key
  32. * @return string
  33. */
  34. function getCensoredKey() {
  35. global $key;
  36. $resp = $key;
  37. if (strlen($key) > 5) {
  38. for ($i = 2; $i < strlen($key) - 2; $i++) {
  39. $resp[$i] = "*";
  40. }
  41. }
  42. return $resp;
  43. }
  44. /**
  45. * Check if the request is allowed
  46. * @global type $VARS
  47. * @global type $database
  48. * @return bool true if the request should continue, false if the request is bad
  49. */
  50. function authenticate(): bool {
  51. global $VARS, $database;
  52. if (empty($VARS['key'])) {
  53. return false;
  54. } else {
  55. $key = $VARS['key'];
  56. if ($database->has('apikeys', ['key' => $key]) !== TRUE) {
  57. engageRateLimit();
  58. http_response_code(403);
  59. Log::insert(LogType::API_BAD_KEY, null, "Key: " . $key);
  60. return false;
  61. }
  62. }
  63. return true;
  64. }
  65. function checkVars($vars, $or = false) {
  66. global $VARS;
  67. $ok = [];
  68. foreach ($vars as $key => $val) {
  69. if (strpos($key, "OR") === 0) {
  70. checkVars($vars[$key], true);
  71. continue;
  72. }
  73. // Only check type of optional variables if they're set, and don't
  74. // mark them as bad if they're not set
  75. if (strpos($key, " (optional)") !== false) {
  76. $key = str_replace(" (optional)", "", $key);
  77. if (empty($VARS[$key])) {
  78. continue;
  79. }
  80. } else {
  81. if (empty($VARS[$key])) {
  82. $ok[$key] = false;
  83. continue;
  84. }
  85. }
  86. $checkmethod = "is_$val";
  87. if ($checkmethod($VARS[$key]) !== true) {
  88. $ok[$key] = false;
  89. } else {
  90. $ok[$key] = true;
  91. }
  92. }
  93. if ($or) {
  94. $success = false;
  95. $bad = "";
  96. foreach ($ok as $k => $v) {
  97. if ($v) {
  98. $success = true;
  99. break;
  100. } else {
  101. $bad = $k;
  102. }
  103. }
  104. if (!$success) {
  105. http_response_code(400);
  106. die("400 Bad request: variable $bad is missing or invalid");
  107. }
  108. } else {
  109. foreach ($ok as $key => $bool) {
  110. if (!$bool) {
  111. http_response_code(400);
  112. die("400 Bad request: variable $key is missing or invalid");
  113. }
  114. }
  115. }
  116. }