API tools faq
paste
Advertisement
Guest User

dickbuttes with an s

a guest
May 31st, 2012
117
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.84 KB | None | 0 0
raw download clone embed print report diff
  1. <?php
  2. $forum_path = '/var/www/vhosts/gooncave.com/mwo';
  3.  
  4. require_once( $forum_path . 'SSI.php' );
  5.  
  6. echo "<html>
  7. <head>
  8. <title>mwo - SA Authorization</title>
  9. <link rel='shortcut icon' type='image/x-icon' href='/favicon.ico'>
  10. <!-- CHANGE THE CSS FILE HERE -->
  11. <link rel="stylesheet" type="text/css"href="http://mwo.gooncave.com/Themes/blackrain_202/css/index.css?fin20" />
  12. </head>
  13. <body>
  14. <h3 class='pagetop'>SA Authorization</h3>
  15. <div class='content navigation'>
  16. </div>\n<br><br><br>
  17. <div class='wrapper'><div class='content'>
  18. <div id='content' class='clearfix'>
  19. <div class='guestMessage'><center>";
  20.  
  21.  
  22. if ( !empty($user_info['id'] )
  23. {
  24. if ( in_array(3, $user_info['groups']) ) // Allow only member_group_id == 0, which is 'Regular Members'
  25. {
  26. # Forums Info
  27. $mwoUsername = $user_info['name'];
  28. $mwoMemberID = $user_info['id'];
  29.  
  30. # Start of SomethingAwful Auth
  31. if ( !$_POST )
  32. {
  33. # Generate a key to verify the user
  34. $key = sha1(rand(1000000, 9999999));
  35. $_SESSION['auth_key'] = $key;
  36. $_SESSION['auth_done'] = "no";
  37. $_SESSION['auth_action'] = "signup";
  38.  
  39. echo "<script language='Javascript'>
  40. function validate()
  41. {
  42. if ( !document.auth.sausername.value )
  43. {
  44. alert('You must enter your SA username');
  45. return false;
  46. } else
  47. return true;
  48. }
  49. </script>
  50. <b>Welcome to the Mechwarrior Online Goons forums!</b><br>
  51. We're open to all SA forum members. Use this page to verify that you're an SA forum member.<br><br>
  52.  
  53. To do this, <a href='http://forums.somethingawful.com/member.php?s=&action=editprofile' target='_blank'>edit your SA profile</a>, and add this key to your Interests field:<br>
  54. <b>" . $key . "</b><br>
  55. (notice: this key changes each refresh)
  56. <br/><br/>
  57. Once you've done that, enter your SA username below, and click Continue.
  58. <br/><br/>
  59. <form name='auth' method='post'>
  60. Your SA Username: <input type='text' name='sausername'>
  61. <input type='hidden' name='auth_key' value='" . $_SESSION['auth_key'] . "'>
  62. <input type='submit' onclick='return validate()' name='submit' value='Continue'>
  63. </center>
  64. </form>
  65. </div></div></div></div>";
  66. }
  67. else
  68. {
  69. if ( !isset( $_SESSION['auth_key'] ) )
  70. {
  71.  
  72. echo "<div class='content warning'>Sorry, looks like your key expired. Press Back and try again.</div>";
  73. exit();
  74. } elseif ( $_SESSION['auth_key'] != $_POST['auth_key'] )
  75. {
  76. echo "<div class='content warning'>Key mismatch. Press back and try again.</div>";
  77. exit();
  78. }
  79.  
  80. # The user we want to check, and they key to check
  81. $user = $_POST['sausername'];
  82. $key = $_SESSION['auth_key'];
  83.  
  84. # Setup values to use in the CURL operation
  85. $en = 'action=getinfo&username=' . urlencode($user);
  86. $profile_encode = 'http://forums.somethingawful.com/member.php?' . $en;
  87. $login = array('action' => 'login', 'username' => 'wargames', 'password' => '');
  88.  
  89. # Logfile Access
  90. //$logfile = '/var/www/vhosts/gooncave.com/mwo/debug.txt';
  91. //$open = fopen($logfile, 'w');
  92.  
  93. # These aren't necessary, but it helps to prevent setting off any alarms
  94. $useragent = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0';
  95. $referer = 'http://forums.somethingawful.com/usercp.php?s=';
  96.  
  97. # Initialize CURL and start collecting the output buffer
  98. $ch = curl_init();
  99.  
  100. # Setup CURL options
  101. curl_setopt($ch, CURLOPT_URL, "http://forums.somethingawful.com/account.php");
  102. curl_setopt($ch, CURLOPT_POST, TRUE);
  103. curl_setopt($ch, CURLOPT_POSTFIELDS, $login);
  104. curl_setopt($ch, CURLOPT_HEADER, TRUE);
  105. curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
  106. curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
  107. //curl_setopt($ch, CURLOPT_STDERR, $open);
  108. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  109. curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt");
  110. curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt");
  111. curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
  112. curl_setopt($ch, CURLOPT_REFERER, $referer);
  113. $result = curl_exec ($ch);
  114.  
  115. curl_setopt($ch, CURLOPT_HTTPGET, TRUE);
  116. curl_setopt($ch, CURLOPT_URL, "http://forums.somethingawful.com/index.php");
  117. $response = curl_exec ($ch);
  118.  
  119. curl_setopt($ch, CURLOPT_URL, $profile_encode);
  120. curl_setopt($ch, CURLINFO_HEADER_OUT, TRUE);
  121. $response = curl_exec ($ch);
  122. $headers = curl_getinfo($ch, CURLINFO_HEADER_OUT);
  123.  
  124. # SA Scrape Debug
  125. //echo $headers;
  126. //echo "<hr />";
  127. //echo $profile_encode;
  128. //echo "<hr />";
  129. //echo $result2;
  130. //echo "<hr />";
  131.  
  132. $x = curl_version();
  133. if ( $response == "" )
  134. {
  135. echo "<div class='content warning'>The signup system is down! Please report this to wargames. (No response from SA forums: " . curl_errno($ch) . " " . curl_error($ch) .")</div>";
  136. } elseif ( strpos($response, 'This user has not registered and therefore does not have a profile to view.') )
  137. {
  138. echo "<div class='content warning'>I could not find your profile, did you type your nickname correctly? Press back and try again.</div>";
  139. } elseif ( strpos($response, 'You are not logged in') )
  140. {
  141. echo "<div class='content warning'>The signup system is down! Please report this to wargames. (Could not log in)</div>";
  142. } elseif ( strpos($response, 'Special Message from Senor Lowtax') )
  143. {
  144. echo "<div class='content warning'>There was a problem checking your nickname against the forums. (Special message from Senor Lowtax - forums down?)</div>";
  145. } elseif ( strpos($response, $key) )
  146. {
  147. # Begin session cleanup
  148. $_SESSION['auth_done'] = 'yes';
  149. $_SESSION['auth_username'] = $_POST['sausername'];
  150. unset( $_SESSION['auth_key'] );
  151.  
  152. require_once($sourcedir . '/Subs-MemberGroups.php');
  153. # Change users forum group to 'Authorized Members' (10) and adds their SA Name to their profilez
  154. addMembersToGroup($user_info['id'], 10, 'only_additional', true)
  155.  
  156. # Congrats!
  157. echo "<h3>Well done, " . $user_info['name'] . "!</h3>\n<div class='content current'>\nThank you, you have now been verified as a forum member.\n
  158. <b>First, <a href='http://forums.somethingawful.com/member.php?s=&action=editprofile'>edit your SA profile</a> again, and remove the key.</b><br><br></div>";
  159. } else
  160. {
  161. echo "<div class='content warning'>I couldn't see your key ( <b>" . $_SESSION['auth_key'] . "</b> ) in your profile. Press Back and try again.</div>";
  162. }
  163. curl_close($ch);
  164. }
  165. } else {
  166. echo "ERROR: User is not an 'Unauthorized Member'<br><br>\n";
  167.  
  168. // Forums Info
  169. echo "Forums Username: " . $user_info['name'] . "<br>\n";
  170. echo "Forums memberID: " . $user_info['id'] . "<br>\n";
  171. echo "Forums Group ID: " . implode(',', $user_info['groups']) . "<br>\n";
  172. }
  173. } else {
  174. echo "User is not logged into the mwo goons forums.<br>\n";
  175. }
  176. ?>
  177. </div></div></div></div>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!