Fix login and order
This commit is contained in:
parent
dbecad8606
commit
484a36ce11
22 changed files with 399 additions and 520 deletions
|
|
@ -3,9 +3,6 @@
|
|||
declare(strict_types=1);
|
||||
|
||||
require_once __DIR__ . '/paths.php';
|
||||
if (is_readable(WEBSITE_PANEL_INCLUDE_DIR . '/sso.php')) {
|
||||
require_once WEBSITE_PANEL_INCLUDE_DIR . '/sso.php';
|
||||
}
|
||||
|
||||
if (defined('GSP_WEBSITE_BOOTSTRAPPED')) {
|
||||
return;
|
||||
|
|
@ -44,7 +41,6 @@ $websiteDefaults = [
|
|||
'billing_base_url' => '/billing',
|
||||
'panel_url' => 'https://panel.iaregamer.com/',
|
||||
'login_url' => 'https://panel.iaregamer.com/',
|
||||
'panel_sso_url' => 'https://panel.iaregamer.com/sso.php',
|
||||
'company' => [
|
||||
'name' => 'Runlevel Systems',
|
||||
'url' => 'https://runlevelsystems.com/',
|
||||
|
|
@ -476,6 +472,9 @@ function website_authenticate_user(string $login, string $password): ?array
|
|||
if (!$user || !website_verify_panel_password($user, $password)) {
|
||||
return null;
|
||||
}
|
||||
if ((string)($user['users_role'] ?? '') === 'banned') {
|
||||
return null;
|
||||
}
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
|
@ -543,7 +542,7 @@ function website_log_activity(string $message, int $userId = 0, string $eventTyp
|
|||
}
|
||||
|
||||
$safeTable = $db->real_escape_string($table);
|
||||
$ip = substr((function_exists('gsp_sso_client_ip') ? gsp_sso_client_ip() : (string)($_SERVER['REMOTE_ADDR'] ?? '')), 0, 255);
|
||||
$ip = substr((string)($_SERVER['REMOTE_ADDR'] ?? ''), 0, 255);
|
||||
$stmt = $db->prepare(
|
||||
"INSERT INTO `{$safeTable}` (`date`, `user_id`, `ip`, `message`, `source_type`, `category`, `event_type`, `severity`)
|
||||
VALUES (FROM_UNIXTIME(UNIX_TIMESTAMP(), '%d-%m-%Y %H:%i:%s'), ?, ?, ?, 'website', 'authentication', ?, 'info')"
|
||||
|
|
@ -560,15 +559,16 @@ function website_log_activity(string $message, int $userId = 0, string $eventTyp
|
|||
|
||||
function website_safe_return_path(string $returnPath, string $default = 'index.php'): string
|
||||
{
|
||||
if (function_exists('gsp_sso_safe_return_path')) {
|
||||
return gsp_sso_safe_return_path($returnPath, $default);
|
||||
}
|
||||
|
||||
if ($returnPath === '' || preg_match('#^[a-z][a-z0-9+.-]*://#i', $returnPath) === 1 || str_starts_with($returnPath, '//')) {
|
||||
return $default;
|
||||
}
|
||||
|
||||
return ltrim($returnPath, '/');
|
||||
$returnPath = ltrim($returnPath, '/');
|
||||
if (str_contains($returnPath, "\0") || str_starts_with($returnPath, '../') || str_contains($returnPath, '/../')) {
|
||||
return $default;
|
||||
}
|
||||
|
||||
return $returnPath;
|
||||
}
|
||||
|
||||
function website_login_url(string $returnPath = ''): string
|
||||
|
|
@ -580,15 +580,9 @@ function website_login_url(string $returnPath = ''): string
|
|||
return website_url($path);
|
||||
}
|
||||
|
||||
function website_panel_sso_url(string $returnPath = 'home.php?m=dashboard&p=dashboard'): string
|
||||
{
|
||||
$path = 'sso.php?destination=panel&return=' . rawurlencode(website_safe_return_path($returnPath, 'home.php?m=dashboard&p=dashboard'));
|
||||
return website_url($path);
|
||||
}
|
||||
|
||||
function website_control_panel_url(string $returnPath = 'home.php?m=dashboard&p=dashboard'): string
|
||||
{
|
||||
return website_is_logged_in() ? website_panel_sso_url($returnPath) : website_login_url('panel');
|
||||
return panel_url(website_safe_return_path($returnPath, 'home.php?m=dashboard&p=dashboard'));
|
||||
}
|
||||
|
||||
function website_order_url(int|string $serviceId): string
|
||||
|
|
@ -596,6 +590,21 @@ function website_order_url(int|string $serviceId): string
|
|||
return website_url('order.php?service_id=' . rawurlencode((string)$serviceId));
|
||||
}
|
||||
|
||||
function website_cart_url(): string
|
||||
{
|
||||
return website_url('cart.php');
|
||||
}
|
||||
|
||||
function website_checkout_url(): string
|
||||
{
|
||||
return website_url('cart.php?checkout=1');
|
||||
}
|
||||
|
||||
function website_register_url(string $returnPath = 'cart.php'): string
|
||||
{
|
||||
return panel_url('index.php?m=register');
|
||||
}
|
||||
|
||||
function website_fetch_service_by_id(int $serviceId): ?array
|
||||
{
|
||||
$db = website_db();
|
||||
|
|
@ -638,6 +647,96 @@ function website_fetch_service_by_id(int $serviceId): ?array
|
|||
return $service;
|
||||
}
|
||||
|
||||
function website_service_name(array $service): string
|
||||
{
|
||||
$name = trim((string)($service['cfg_game_name'] ?? ''));
|
||||
if ($name === '') {
|
||||
$name = trim((string)($service['service_name'] ?? ''));
|
||||
}
|
||||
return $name === '' ? 'Game Server' : $name;
|
||||
}
|
||||
|
||||
function website_service_min_slots(array $service): int
|
||||
{
|
||||
foreach (['min_slots', 'minimum_slots', 'slots_min'] as $column) {
|
||||
if (isset($service[$column]) && (int)$service[$column] > 0) {
|
||||
return (int)$service[$column];
|
||||
}
|
||||
}
|
||||
|
||||
$pricing = website_config('pricing', []);
|
||||
return max(1, (int)($pricing['standard_min_slots'] ?? 16));
|
||||
}
|
||||
|
||||
function website_service_max_slots(array $service): int
|
||||
{
|
||||
foreach (['max_slots', 'maximum_slots', 'slots_max', 'max_players'] as $column) {
|
||||
if (isset($service[$column]) && (int)$service[$column] > 0) {
|
||||
return (int)$service[$column];
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
function website_service_locations(array $service): array
|
||||
{
|
||||
$raw = trim((string)($service['remote_server_id'] ?? ''));
|
||||
if ($raw === '') {
|
||||
return [];
|
||||
}
|
||||
|
||||
$locations = [];
|
||||
foreach (preg_split('/\s*,\s*/', $raw) ?: [] as $remoteServerId) {
|
||||
$remoteServerId = trim($remoteServerId);
|
||||
if ($remoteServerId === '' || !ctype_digit($remoteServerId)) {
|
||||
continue;
|
||||
}
|
||||
$locations[$remoteServerId] = 'Location ' . $remoteServerId;
|
||||
}
|
||||
|
||||
return $locations;
|
||||
}
|
||||
|
||||
function website_cart_items(): array
|
||||
{
|
||||
website_start_session();
|
||||
return is_array($_SESSION['website_cart'] ?? null) ? $_SESSION['website_cart'] : [];
|
||||
}
|
||||
|
||||
function website_cart_count(): int
|
||||
{
|
||||
return count(website_cart_items());
|
||||
}
|
||||
|
||||
function website_cart_add(array $item): void
|
||||
{
|
||||
website_start_session();
|
||||
if (!isset($_SESSION['website_cart']) || !is_array($_SESSION['website_cart'])) {
|
||||
$_SESSION['website_cart'] = [];
|
||||
}
|
||||
|
||||
$key = bin2hex(random_bytes(8));
|
||||
$_SESSION['website_cart'][$key] = $item;
|
||||
}
|
||||
|
||||
function website_cart_remove(string $key): void
|
||||
{
|
||||
website_start_session();
|
||||
if (isset($_SESSION['website_cart'][$key])) {
|
||||
unset($_SESSION['website_cart'][$key]);
|
||||
}
|
||||
}
|
||||
|
||||
function website_cart_total(): float
|
||||
{
|
||||
$total = 0.0;
|
||||
foreach (website_cart_items() as $item) {
|
||||
$total += (float)($item['monthly_total'] ?? 0);
|
||||
}
|
||||
return $total;
|
||||
}
|
||||
|
||||
function website_billing_docs_root(): ?string
|
||||
{
|
||||
if (is_dir(WEBSITE_BILLING_DOCS_DIR)) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue