capturemunzee.php 5.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127
  1. <?php
  2. if (!isset($database) || ($database == null)) {
  3. sendError("Please don't do that.", true);
  4. }
  5. $saneinput = true;
  6. if (is_empty($latitude) || is_empty($longitude)) {
  7. $saneinput = false;
  8. }
  9. if (!preg_match('/-?[0-9]{1,3}\.[0-9]{3,}/', $latitude)) {
  10. $saneinput = false;
  11. }
  12. if (!preg_match('/-?[0-9]{1,3}\.[0-9]{3,}/', $longitude)) {
  13. $saneinput = false;
  14. }
  15. if (!preg_match('/[0-9]+/', $accuracy)) {
  16. $saneinput = false;
  17. }
  18. /* If the user has a Munzee key and input is sane */
  19. if ($database->has('munzee', ['player_uuid' => $_SESSION['uuid']]) && $saneinput) {
  20. file_put_contents("munzee.log", "Checking if user " . $_SESSION['uuid'] . " has an unexpired token\n", FILE_APPEND);
  21. /* Check if we need to refresh the bearer token first */
  22. if ($database->has('munzee', ["AND" => ['player_uuid' => $_SESSION['uuid'], 'expires[<=]' => (time() + 30)]])) {
  23. file_put_contents("munzee.log", "User " . $_SESSION['uuid'] . " has an expired token. Refreshing.\n", FILE_APPEND);
  24. $url = 'https://api.munzee.com/oauth/login';
  25. $fields = array(
  26. 'client_id' => urlencode(MUNZEE_KEY),
  27. 'client_secret' => urlencode(MUNZEE_SECRET),
  28. 'grant_type' => 'refresh_token',
  29. 'refresh_token' => $database->select('munzee', 'refreshtoken', ['player_uuid' => $_SESSION['uuid']])[0]
  30. );
  31. foreach ($fields as $key => $value) {
  32. $fields_string .= $key . '=' . $value . '&';
  33. }
  34. rtrim($fields_string, '&');
  35. // Don't enable this in prod, it exposes the secret key to the public
  36. //file_put_contents("munzee.log", "Sending refresh request data: $fields_string\n\n", FILE_APPEND);
  37. $ch = curl_init();
  38. $options = array(
  39. CURLOPT_URL => $url,
  40. CURLOPT_POST => 1,
  41. CURLOPT_POSTFIELDS => $fields_string,
  42. CURLOPT_RETURNTRANSFER => 1, // return web page
  43. CURLOPT_HEADER => false, // don't return headers
  44. CURLOPT_ENCODING => "", // handle compressed
  45. CURLOPT_USERAGENT => "TerranQuest Game Server (terranquest.net; Ubuntu; Linux x86_64; PHP 7)", // name of client
  46. CURLOPT_AUTOREFERER => true, // set referrer on redirect
  47. CURLOPT_CONNECTTIMEOUT => 120, // time-out on connect
  48. CURLOPT_TIMEOUT => 120, // time-out on response
  49. );
  50. curl_setopt_array($ch, $options);
  51. $result = curl_exec($ch);
  52. curl_close($ch);
  53. $data = json_decode($result, TRUE)['data'];
  54. $status_code = json_decode($result, TRUE)['status_code'];
  55. file_put_contents("munzee.log", "$result\n\n", FILE_APPEND);
  56. if ($status_code == 200) {
  57. file_put_contents("munzee.log", "User " . $_SESSION['uuid'] . " has a new unexpired token!\n", FILE_APPEND);
  58. $database->update('munzee', ['bearertoken' => $data['token']['access_token'], 'refreshtoken' => $data['token']['refresh_token'], 'expires' => $data['token']['expires']], ['player_uuid' => $_SESSION['uuid']]);
  59. }
  60. }
  61. file_put_contents("munzee.log", "User " . $_SESSION['uuid'] . " has an valid token.\n", FILE_APPEND);
  62. /* Check again now */
  63. if ($database->has('munzee', ["AND" => ['player_uuid' => $_SESSION['uuid'], 'expires[>]' => (time() + 30)]])) {
  64. file_put_contents("munzee.log", "User " . $_SESSION['uuid'] . " attempting capture of $origcode.\n", FILE_APPEND);
  65. $url = 'https://api.munzee.com/capture/light/';
  66. $header = array(
  67. 'Authorization: ' . $database->select('munzee', ['bearertoken'], ['player_uuid' => $_SESSION['uuid']])[0]['bearertoken']
  68. );
  69. $time = time();
  70. $fields = array('data' => '{"language":"EN","latitude":"' . $latitude . '","longitude":"' . $longitude . '","code":"' . $origcode . '","time":' . $time . ',"accuracy":' . $accuracy . '}');
  71. //open connection
  72. $ch = curl_init();
  73. $options = array(
  74. CURLOPT_URL => $url,
  75. CURLOPT_POST => true,
  76. CURLOPT_POSTFIELDS => $fields,
  77. CURLOPT_HTTPHEADER => $header,
  78. CURLOPT_RETURNTRANSFER => true, // return web page
  79. CURLOPT_HEADER => false, // don't return headers
  80. CURLOPT_FOLLOWLOCATION => true, // follow redirects
  81. CURLOPT_MAXREDIRS => 10, // stop after 10 redirects
  82. CURLOPT_ENCODING => "", // handle compressed
  83. CURLOPT_USERAGENT => "TerranQuest Game Server (terranquest.net; Ubuntu; Linux x86_64; PHP 7)", // name of client
  84. CURLOPT_AUTOREFERER => true, // set referrer on redirect
  85. CURLOPT_CONNECTTIMEOUT => 120, // time-out on connect
  86. CURLOPT_TIMEOUT => 120, // time-out on response
  87. );
  88. curl_setopt_array($ch, $options);
  89. file_put_contents("munzee.log", "User " . $_SESSION['uuid'] . " attempting to capture $origcode:\n", FILE_APPEND);
  90. $result = curl_exec($ch);
  91. //close connection
  92. curl_close($ch);
  93. $data = json_decode($result, TRUE);
  94. if ($data['status_code'] == 200) {
  95. file_put_contents("munzee.log", "User " . $_SESSION['uuid'] . " captured $origcode:\n", FILE_APPEND);
  96. file_put_contents("munzee.log", " Sent data: $fields_string\n\n", FILE_APPEND);
  97. file_put_contents("munzee.log", " Result: $result\n\n", FILE_APPEND);
  98. // Add munzee capture info to response
  99. $returndata["messages"][] = ["title" => $data["data"]["munzee_data"]["friendly_name"], "text" => $data["data"]["result"]];
  100. } else {
  101. file_put_contents("munzee.log", "User " . $_SESSION['uuid'] . " did not capture $origcode:\n", FILE_APPEND);
  102. file_put_contents("munzee.log", " Sent headers: " . var_export($header, true) . "\n\n", FILE_APPEND);
  103. file_put_contents("munzee.log", " Sent data: $fields_string\n\n", FILE_APPEND);
  104. file_put_contents("munzee.log", " Response: " . var_export($result, true) . "\n\n", FILE_APPEND);
  105. }
  106. }
  107. }