<html lang="en"><head> <meta charset="utf-8"> <title>score</title>

1. <html lang="en">
2.  
3. <head>
4. <meta charset="utf-8">
5.  
6. <title>score</title>
7. <meta name="description" content="Score Server">
8. <meta name="author" content="score">
9. <link rel="stylesheet" href="//stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
10. <script src="//code.jquery.com/jquery-3.4.0.min.js"></script>
11. </head>
12. <body style="margin-top: 32px;">
13. <div class="container">
14.  
15. <?php
16. $serverName = "127.0.0.1";
17. $connectionInfo = array( "Database"=>"cohauth", "UID"=>"sa", "PWD"=>"finallyFree!");
18. $conn = sqlsrv_connect( $serverName, $connectionInfo);
19.  
20. function adler32($data)
21. {
22. $mod_adler = 65521;
23. $a = 1;
24. $b = 0;
25. $len = strlen($data);
26. for($index = 0; $index < $len; $index++)
27. {
28. $a = ($a + ord($data[$index])) % $mod_adler;
29. $b = ($b + $a) % $mod_adler;
30. }
31.  
32. return ($b << 16) | $a;
33. }
34.  
35. function game_hash_password($authname, $password)
36. {
37. $authname = strtolower($authname);
38. $a32 = adler32($authname);
39. $a32hex = sprintf('%08s', dechex($a32));
40. $a32hex = substr($a32hex, 6, 2) . substr($a32hex, 4, 2) . substr($a32hex, 2, 2) . substr($a32hex, 0, 2);
41. $digest = hash('sha512', $password . $a32hex, TRUE);
42. return $digest;
43. }
44.  
45. if ( isset($_POST['authname']) && isset($_POST['password']) ) {
46.  
47. $authname = trim($_POST['authname']);
48. $password = trim($_POST['password']);
49.  
50. /* Does this account exist */
51. $sql = "SELECT * FROM user_account where account = '$authname'";
52. $stmt = sqlsrv_query( $conn, $sql, array(), array( "Scrollable" => SQLSRV_CURSOR_KEYSET ));
53.  
54. if( $stmt === false) {
55. die( print_r( sqlsrv_errors(), true) );
56. }
57.  
58. $e = sqlsrv_num_rows( $stmt );
59.  
60. if ($e > 0) {
61. echo "<div class=\"alert alert-danger\">There is already and account with that user id!</div>";
62. }
63. else{
64. /* Grab the next valid id */
65. $sql = "SELECT TOP 1 * from user_account ORDER BY uid DESC;";
66. $stmt = sqlsrv_query( $conn, $sql, array(), array( "Scrollable" => SQLSRV_CURSOR_KEYSET ));
67. $id = 1;
68.  
69. if ( sqlsrv_num_rows( $stmt ) ) {
70. $row = sqlsrv_fetch_array( $stmt, 2 );
71. $id = $row['uid'] + 1;
72. }
73.  
74. $hash = bin2hex(game_hash_password($authname, $password));
75.  
76. $stmt = sqlsrv_query($conn, "INSERT INTO cohauth.dbo.user_account (account, uid, forum_id, pay_stat) VALUES ('$authname', $id, $id, 1014);");
77. $stmt = sqlsrv_query($conn, "INSERT INTO cohauth.dbo.user_auth (account, password, salt, hash_type) VALUES ('$authname', CONVERT(BINARY(128),'$hash'), 0, 1);");
78. $stmt = sqlsrv_query($conn, "INSERT INTO cohauth.dbo.user_data (uid, user_data) VALUES ($id, 0x0080C2E000D00B0C000000000CB40058);");
79. $stmt = sqlsrv_query($conn, "INSERT INTO cohauth.dbo.user_server_group (uid, server_group_id) VALUES ($id, 1);");
80.  
81. echo "<div class=\"alert alert-success\">Your account should be ready to use</div>";
82. }
83.  
84. sqlsrv_free_stmt($stmt);
85.  
86. }
87.  
88. ?>
89.  
90. <div style="display: block; width: 50%; margin: auto;">
91. <form method="post">
92. <label for="user">User:</label>
93. <input type="text" name="authname" id="user" class="form-control" />
94. <br />
95.  
96. <label for="pass">Password:</label>
97. <input type="text" name="password" id="pass" class="form-control" />
98. <br />
99.  
100. <button type="submit" class="btn btn-primary">Submit</button>
101. </form>
102. </div>
103.  
104. </div>
105. </body>
106.  
107. </html>