2007-02-27 23:31:14 +00:00
|
|
|
<?
|
|
|
|
// DIRTY HACK ALERT!!!!!!!!!!!!!
|
|
|
|
// The following code shows the vital importance of the r69 revision of the original gareth/ branch
|
|
|
|
|
|
|
|
|
|
|
|
// This file parses URLs of the format:
|
|
|
|
// usersessions/key/userid/data
|
|
|
|
// where key is the key to authenticate with the grid, userid is the user's LLUUID and data is the data about the user's session being requested
|
|
|
|
// if the data requested is left out, an XML response will be sent
|
|
|
|
|
|
|
|
error_reporting(E_ALL); // Remember kids, PHP errors kill XML-RPC responses and REST too! will the slaughter ever end?
|
|
|
|
|
|
|
|
include("../gridserver_config.inc.php");
|
|
|
|
include("../../common/database.inc.php");
|
|
|
|
include("../../common/util.inc.php");
|
|
|
|
|
|
|
|
// Parse out the parameters from the URL
|
|
|
|
$params = str_replace($grid_home,'', $_SERVER['REQUEST_URI']);
|
|
|
|
$params = str_replace("index.php/","",$params);
|
|
|
|
$params = split('/',$params);
|
|
|
|
|
|
|
|
// Die if the key doesn't match
|
|
|
|
if($params[1]!=$sim_recvkey) {
|
|
|
|
die();
|
|
|
|
}
|
|
|
|
|
|
|
|
$link = mysql_connect($dbhost,$dbuser,$dbpasswd)
|
|
|
|
OR die("Unable to connect to database");
|
|
|
|
|
|
|
|
mysql_select_db($dbname)
|
|
|
|
or die("Unable to select database");
|
|
|
|
|
|
|
|
$agent_id = strtolower($params[2]);
|
|
|
|
$query = "SELECT * FROM sessions WHERE agent_id='$agent_id' AND session_active=1";
|
|
|
|
|
|
|
|
// if we have 4 params, then param 4 is the command
|
|
|
|
if(count($params)==4) {
|
|
|
|
$cmd=$params['3'];
|
|
|
|
} else if(count($params)==5) {
|
|
|
|
$circuit_code=$params[3];
|
|
|
|
$cmd=$params[4]; // otherwise, 5 is the command and 4 is the circuit code
|
|
|
|
}
|
|
|
|
|
|
|
|
$result = mysql_query($query);
|
|
|
|
if(mysql_num_rows($result)>0) {
|
|
|
|
$info=mysql_fetch_assoc($result);
|
|
|
|
$circuit_code = $info['circuit_code'];
|
|
|
|
if($circuit_code == 0) $circuit_code=$params['4'];
|
|
|
|
$secure_session_id=$info['secure_session_id'];
|
|
|
|
$session_id=$info['session_id'];
|
|
|
|
|
|
|
|
$query = "SELECT * FROM local_user_profiles WHERE userprofile_LLUUID='$agent_id'";
|
|
|
|
$result=mysql_query($query);
|
|
|
|
$userinfo=mysql_fetch_assoc($result);
|
|
|
|
$firstname=$userinfo['profile_firstname'];
|
|
|
|
$lastname=$userinfo['profile_lastname'];
|
|
|
|
$agent_id=$userinfo['userprofile_LLUUID'];
|
|
|
|
$exists=1;
|
|
|
|
} else {
|
|
|
|
$exists=0;
|
|
|
|
}
|
|
|
|
|
|
|
|
// if only 3 params, assume we are sending an XML response
|
|
|
|
if(count($params)==3) {
|
|
|
|
output_xml_block("usersession",Array(
|
|
|
|
'authkey' => $sim_sendkey,
|
|
|
|
'circuit_code' => $circuit_code,
|
|
|
|
'agent_id' => $agent_id,
|
|
|
|
'session_id' => $session_id,
|
|
|
|
'secure_session_id' => $secure_session_id,
|
|
|
|
'firstname' => $firstname,
|
|
|
|
'lastname' => $lastname
|
|
|
|
));
|
|
|
|
}
|
|
|
|
|
|
|
|
switch($cmd) {
|
|
|
|
case 'exists':
|
|
|
|
echo $exists;
|
|
|
|
break;
|
2007-03-02 23:26:36 +00:00
|
|
|
case 'delete':
|
|
|
|
$query = "UPDATE sessions SET session_active=0, session_end=NOW() WHERE agent_id='$agent_id' LIMIT 1";
|
|
|
|
$deleteresult = mysql_query($query);
|
|
|
|
break;
|
2007-02-27 23:31:14 +00:00
|
|
|
}
|
|
|
|
?>
|