From 7c23353dc86bdf815f221a6763e0857768b35c31 Mon Sep 17 00:00:00 2001
From: Botanic <Botanic@localhost>
Date: Tue, 25 Jun 2013 12:45:43 -0700
Subject: [PATCH] Merge with quitta-gsoc-2013

---
 .../ryzom_ams/ams_lib/autoload/helpers.php    |   9 +-
 .../ryzom_ams/ams_lib/autoload/users.php      | 119 +++++++++++++++++-
 .../tools/server/ryzom_ams/www/config.php     |  18 ++-
 .../ryzom_ams/www/html/inc/add_user.php       |  38 +++++-
 .../tools/server/ryzom_ams/www/html/index.php |  60 +++++----
 .../tools/server/ryzom_ams/www/html/login.php |  44 -------
 .../server/ryzom_ams/www/html/sql/db.sql      |  19 +++
 .../ryzom_ams/www/html/templates/login.tpl    |   5 +-
 .../ryzom_ams/www/html/templates/register.tpl |   1 -
 9 files changed, 228 insertions(+), 85 deletions(-)
 delete mode 100644 code/ryzom/tools/server/ryzom_ams/www/html/login.php
 create mode 100644 code/ryzom/tools/server/ryzom_ams/www/html/sql/db.sql

diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/helpers.php b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/helpers.php
index daed71db8..bedd1e2b8 100644
--- a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/helpers.php
+++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/helpers.php
@@ -44,9 +44,9 @@ class Helpers{
          foreach ( $variables[$template] as $key => $value ){
              $smarty -> assign( $key, $value );
              }
-          if( $vars['permission'] == 2 ){
+          if( isset($vars['permission']) && $vars['permission'] == 2 ){
                $inherited = "extends:layout_admin.tpl|";
-          }else if($vars['permission'] == 1){
+          }else if( isset($vars['permission']) && $vars['permission'] == 1){
                $inherited = "extends:layout_user.tpl|";
           }else{
                $inherited ="";
@@ -60,7 +60,7 @@ class Helpers{
          global $SITEBASE;
          $arr = array( $AMS_LIB . '/ingame_templates/',
              $AMS_LIB . '/configs',
-             $AMS_LIB . '/cache',
+             //$AMS_LIB . '/cache',
              $SITEBASE . '/cache/',
              $SITEBASE . '/templates/',
              $SITEBASE . '/templates_c/',
@@ -68,7 +68,8 @@ class Helpers{
              );
          foreach ( $arr as & $value ){
              if ( !file_exists( $value ) ){
-                 mkdir( $value );
+                 echo $value;
+                 mkdir( $value);
                  }
              }
 
diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/users.php b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/users.php
index 69dd98ccc..731eb5cdd 100644
--- a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/users.php
+++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/users.php
@@ -234,6 +234,123 @@ class Users{
              }
          // done!
         return $salt;
-         }
      }
+     
+     function create_Server_User($params)
+     {
+         try {
+             $hostname = 'localhost';
+             $port     = '3306';
+             $dbname   = 'nel';
+             $username = 'shard';
+             $password = '';
+             $dbh      = new PDO("mysql:host=$hostname;port=$port;dbname=$dbname", $username, $password);
+             $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+             $statement = $dbh->prepare("INSERT INTO user (Login, Password, Email) VALUES (?, ?, ?)");
+             $statement->execute($params);
+             return "success";
+         }
+         catch (PDOException $e) {
+             return "fail";
+         }
+        // createPermissions(array($login));
+     }
+     
+     function createUser($values){
+          $login = $values["name"];
+          $pass = $values["pass"];
+          $email = $values["mail"];
+          
+          $webhost = $values["webhost"];
+          $webport = $values["webport"];
+          $webdbname = $values["webdbname"];
+          $webusername = $values["webusername"];
+          $webpassword = $values["webpassword"];
+      
+          $shardhost = $values["shardhost"];
+          $shardport = $values["shardport"];
+          $sharddbname = $values["sharddbname"];
+          $shardusername = $values["shardusername"];
+          $shardpassword = $values["shardpassword"];
+          
+          $salt = Users::generateSALT();
+          $hashpass = crypt($pass, $salt);
+      
+          $params = array(
+              $login,
+              $hashpass,
+              $email
+          );
+          
+          try{
+               //make connection with web db
+               $dbw = new PDO("mysql:host=$webhost;port=$webport;dbname=$webdbname", $webusername, $webpassword);
+               $dbw->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+               
+               //put into web db
+               $statement = $dbw->prepare("INSERT INTO ams_user (Login, Password, Email) VALUES (?, ?, ?)");
+               $statement->execute($params);
+               try {
+                    //make connection with and put into shard db
+                    $dbs = new PDO("mysql:host=$shardhost;port=$shardport;dbname=$sharddbname", $shardusername, $shardpassword);
+                    $dbs->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+                    $statement = $dbs->prepare("INSERT INTO user (Login, Password, Email) VALUES (?, ?, ?)");
+                    $statement->execute($params);
+               }
+               catch (PDOException $e) {
+                    //print_r($e);
+                    //oh noooz, the shard is offline! Put in query queue at web db!
+                    $params = array("type" => "createUser","query" => json_encode(array($login,$pass,$email)));
+                    $statement = $dbw->prepare("INSERT INTO ams_querycache (type, query) VALUES (:type, :query)");
+                    $statement->execute($params);
+               }
+          
+          }catch (PDOException $e) {
+                //go to error page or something, because can't access website db
+                print_r($e);
+                exit;
+          }
+          
+     }
+     
+     public function login($params){
+          $webhost = $params["webhost"];
+          $webport = $params["webport"];
+          $webdbname = $params["webdbname"];
+          $webusername = $params["webusername"];
+          $webpassword = $params["webpassword"];
+          
+          try{
+               $dbw = new PDO("mysql:host=$webhost;port=$webport;dbname=$webdbname", $webusername, $webpassword);
+               $dbw->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+               
+               $statement = $dbw->prepare("SELECT * FROM ams_user WHERE Login=:user");
+               $statement->execute(array('user' => $params['name']));
+               $count = $statement->rowCount();
+       
+               if ($count==1) {
+                    $row = $statement->fetch();
+                    $salt = substr($row['Password'],0,2);
+                    $hashed_input_pass = crypt($params["pass"], $salt);
+                    if($hashed_input_pass == $row['Password']){
+                         //handle successful login
+                         print("nice welcome!");
+                         $_SESSION['user'] = $params['name'];
+                         $_SESSION['permission'] = $row['Permission'];
+                         print( $_SESSION['user']);
+                         return "success";
+                    }else{
+                         //handle login failure
+                         print("Login failed");
+                         return "failure";
+                    }	
+               }
+          }catch (PDOException $e) {
+               //go to error page or something, because can't access website db
+               print_r($e);
+               exit;
+          }
+     }
+}
+
 
diff --git a/code/ryzom/tools/server/ryzom_ams/www/config.php b/code/ryzom/tools/server/ryzom_ams/www/config.php
index db2571b3a..8a6728dd6 100644
--- a/code/ryzom/tools/server/ryzom_ams/www/config.php
+++ b/code/ryzom/tools/server/ryzom_ams/www/config.php
@@ -5,10 +5,20 @@
 // Variables for database access
 // ----------------------------------------------------------------------------------------
 // where we can find the mysql database
-$DBHOST = 'localhost' ;
- $DBNAME = 'nel' ;
- $DBUSERNAME = 'shard' ;
- $DBPASSWORD = '' ;
+
+$WEBDBHOST = 'localhost';
+$WEBDBPORT = '3306';
+$WEBDBNAME = 'ryzom_ams';
+$WEBDBUSERNAME = 'shard';
+$WEBDBPASSWORD = '' ;
+     
+$SHARDDBHOST = 'localhost' ;
+$SHARDDBPORT = '3306';
+$SHARDDBNAME = 'nel' ;
+$SHARDDBUSERNAME = 'shard' ;
+$SHARDDBPASSWORD = '' ;
+
+
 
 // If true= the server will add automatically unknown user in the database
 // (in nel.user= nel.permission= ring.ring_user and ring.characters
diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/inc/add_user.php b/code/ryzom/tools/server/ryzom_ams/www/html/inc/add_user.php
index da92e14f9..81639130f 100644
--- a/code/ryzom/tools/server/ryzom_ams/www/html/inc/add_user.php
+++ b/code/ryzom/tools/server/ryzom_ams/www/html/inc/add_user.php
@@ -12,7 +12,7 @@ function add_user(){
               'init' => $_POST["Email"],
               'unhashpass' => $_POST["Password"],
               'status' => 1,
-              'access' => REQUEST_TIME
+              'access' => $_SERVER['REQUEST_TIME']
               );
           //header( 'Location: email_sent.php' );
           write_user( $edit );
@@ -25,14 +25,42 @@ function add_user(){
           $result['prevEmail'] = $_POST["Email"];
           $result['no_visible_elements'] = 'TRUE';
           helpers :: loadtemplate( 'register', $result);
+          exit;
      }
 }
 
 
-function write_user(){
-
-
-     // add user locally here
+function write_user($newUser){
+     global $WEBDBHOST;
+     global $WEBDBPORT;
+     global $WEBDBNAME;
+     global $WEBDBUSERNAME;
+     global $WEBDBPASSWORD;
+     global $SHARDDBHOST;
+     global $SHARDDBPORT;
+     global $SHARDDBNAME; 
+     global $SHARDDBUSERNAME;
+     global $SHARDDBPASSWORD;
+     
+     $values["name"] = $newUser["name"];
+     $values["pass"] = $newUser["pass"];
+     $values["mail"] = $newUser["mail"];
+     
+     $values["webhost"] =  $WEBDBHOST;
+     $values["webport"] =  $WEBDBPORT;
+     $values["webdbname"] = $WEBDBNAME;
+     $values["webusername"] = $WEBDBUSERNAME;
+     $values["webpassword"] = $WEBDBPASSWORD ;
+ 
+     $values["shardhost"] = $SHARDDBHOST;
+     $values["shardport"] = $SHARDDBPORT;
+     $values["sharddbname"] = $SHARDDBNAME;
+     $values["shardusername"] = $SHARDDBUSERNAME;
+     $values["shardpassword"] = $SHARDDBPASSWORD;
+     
+     
+     $result = Users :: createUser($values);
+    
      print('Awesome');
      }
 
diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/index.php b/code/ryzom/tools/server/ryzom_ams/www/html/index.php
index 941f9d628..d15dbee03 100644
--- a/code/ryzom/tools/server/ryzom_ams/www/html/index.php
+++ b/code/ryzom/tools/server/ryzom_ams/www/html/index.php
@@ -1,39 +1,51 @@
 <?php
-
+error_reporting(E_ALL);
+ini_set('display_errors', 'on');
 require( '../config.php' );
 require( '../../ams_lib/libinclude.php' );
-//default page
-$page = 'login';
+session_start();
 
- 
-if ( isset( $_POST["function"] ) ){
-     require( "inc/" . $_POST["function"] . ".php" );
-     $tempReturn = $_POST["function"]();
-     $functionReturn = array_merge($tempReturn,$_POST);
-     if ( isset($_POST["callBack"])){
-          $page = $_POST["callBack"];
-          
-     }
+print("[" . $_SESSION['user'] . "] ");
+
+//Decide what page to load
+if(isset($_SESSION['user'])){
+     $page = 'home';
+}else{
+     //default page
+     $page = 'login';   
 }
 
-function loadpage ( $page ){
-     require_once( 'autoload/' . $page . '.php' );
-     }
-
 if ( isset( $_GET["page"] ) ){
      $page = $_GET["page"];
      }
 
-//Page Handling
-if($page == 'login' || $page == 'register'){
-     $no_visible_elements = 'TRUE';
+//perform an action in case one is specified
+if ( isset( $_POST["function"] ) ){
+     require( "inc/" . $_POST["function"] . ".php" );
+     $return = $_POST["function"]();
 }
 
-if ( isset($functionReturn) ){
-     $return = array_merge(array( 'permission' => 1, 'no_visible_elements' => $no_visible_elements ),$functionReturn);
-}else{
-     $return = array( 'permission' => 1, 'no_visible_elements' => $no_visible_elements );
+
+function loadpage ( $page ){
+     require_once( 'autoload/' . $page . '.php' );
+}
+
+//Set permission
+if(isset($_SESSION['Permission'])){
+     $return['permission'] = $_SESSION['Permission'];
+}else{
+     //default permission
+     $return['permission'] = 0; 
+}
+
+
+//hide sidebar + topbar in case of login/register
+if($page == 'login' || $page == 'register'){
+     $return['no_visible_elements'] = 'TRUE';
+}else{
+     $return['no_visible_elements'] = 'FALSE';
 }
-//print_r($return);
 
 helpers :: loadTemplate( $page , $return );
+
+session_destroy();
diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/login.php b/code/ryzom/tools/server/ryzom_ams/www/html/login.php
deleted file mode 100644
index 9bb640c2c..000000000
--- a/code/ryzom/tools/server/ryzom_ams/www/html/login.php
+++ /dev/null
@@ -1,44 +0,0 @@
-<?php
-$no_visible_elements=true;
-include('header.php'); ?>
-
-			<div class="row-fluid">
-				<div class="span12 center login-header">
-					<img src="img/mainlogo.png"/>
-				</div><!--/span-->
-			</div><!--/row-->
-			
-			<div class="row-fluid">
-				<div class="well span5 center login-box">
-					<div class="alert alert-info">
-						Please login with your Username and Password.
-					</div>
-					<form class="form-horizontal" action="index.php" method="post">
-						<fieldset>
-							<div class="input-prepend" title="Username" data-rel="tooltip">
-								<span class="add-on"><i class="icon-user"></i></span><input autofocus class="input-large span10" name="username" id="username" type="text" value="" />
-							</div>
-							<div class="clearfix"></div>
-
-							<div class="input-prepend" title="Password" data-rel="tooltip">
-								<span class="add-on"><i class="icon-lock"></i></span><input class="input-large span10" name="password" id="password" type="password" value="" />
-							</div>
-							<div class="clearfix"></div>
-
-							<div class="input-prepend">
-							<label class="remember" for="remember"><input type="checkbox" id="remember" />Remember me</label>
-							</div>
-							<div class="clearfix"></div>
-
-							<p class="center span5">
-							<button type="submit" class="btn btn-primary">Login</button>
-							</p>
-						</fieldset>
-					</form>
-					<div class="alert alert-info">
-					<strong>Register</strong>
-						If you dont have an account yet, create one <a href="register.php">here</a>!
-					</div>
-				</div><!--/span-->
-			</div><!--/row-->
-<?php include('footer.php'); ?>
diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/sql/db.sql b/code/ryzom/tools/server/ryzom_ams/www/html/sql/db.sql
new file mode 100644
index 000000000..44daf16e5
--- /dev/null
+++ b/code/ryzom/tools/server/ryzom_ams/www/html/sql/db.sql
@@ -0,0 +1,19 @@
+CREATE DATABASE IF NOT EXISTS `ryzom_ams`;
+USE `ryzom_ams`;
+DROP TABLE IF EXISTS ams_user;
+DROP TABLE IF EXISTS ams_querycache;
+
+CREATE TABLE IF NOT EXISTS `ams_user` (
+  `UId` int(10) NOT NULL AUTO_INCREMENT,
+  `Login` varchar(64) NOT NULL DEFAULT '',
+  `Password` varchar(13) DEFAULT NULL,
+  `Email` varchar(255) NOT NULL DEFAULT '',
+  `Permission` int(3) NOT NULL DEFAULT 1,
+  PRIMARY KEY (`UId`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COMMENT='contains all users information for ryzom_ams';
+
+CREATE TABLE ams_querycache (
+    `SID` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
+    `type` VARCHAR( 64 ) NOT NULL ,
+    `query` VARCHAR( 512 ) NOT NULL 
+);
\ No newline at end of file
diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/templates/login.tpl b/code/ryzom/tools/server/ryzom_ams/www/html/templates/login.tpl
index 2c36c3ce3..fdf5c2d2c 100644
--- a/code/ryzom/tools/server/ryzom_ams/www/html/templates/login.tpl
+++ b/code/ryzom/tools/server/ryzom_ams/www/html/templates/login.tpl
@@ -15,12 +15,12 @@
 					<form method="post" action="index.php" class="form-horizontal">
 						<fieldset>
 							<div data-rel="tooltip" class="input-prepend" data-original-title="Username">
-								<span class="add-on"><i class="icon-user"></i></span><input type="text" value="" id="username" name="username" class="input-large span10" autofocus="">
+								<span class="add-on"><i class="icon-user"></i></span><input type="text" value="" id="Username" name="Username" class="input-large span10" autofocus="">
 							</div>
 							<div class="clearfix"></div>
 
 							<div data-rel="tooltip" class="input-prepend" data-original-title="Password">
-								<span class="add-on"><i class="icon-lock"></i></span><input type="password" value="" id="password" name="password" class="input-large span10">
+								<span class="add-on"><i class="icon-lock"></i></span><input type="password" value="" id="Password" name="Password" class="input-large span10">
 							</div>
 							<div class="clearfix"></div>
 
@@ -30,6 +30,7 @@
 							<div class="clearfix"></div>
 
 							<p class="center span5">
+							<input type="hidden" name="function" value="login">
 							<button class="btn btn-primary" type="submit">Login</button>
 							</p>
 						</fieldset>
diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/templates/register.tpl b/code/ryzom/tools/server/ryzom_ams/www/html/templates/register.tpl
index bd5e92788..5a154bb92 100644
--- a/code/ryzom/tools/server/ryzom_ams/www/html/templates/register.tpl
+++ b/code/ryzom/tools/server/ryzom_ams/www/html/templates/register.tpl
@@ -106,7 +106,6 @@
 			{/if}
 			
 			 <input type="hidden" name="function" value="add_user">
-			 <input type="hidden" name="callBack" value="register">
 			<div class="control-group">
 			<label class="control-label"></label>
 		      <div class="controls">