diff --git a/.gitignore b/.gitignore
index 3b6c7b4..e11d189 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
cmangos-docker.wiki
mangosd_data/*
database_data/*
+wotlk_db/*
diff --git a/registration/README.md b/registration/README.md
index f8c6e76..487790e 100644
--- a/registration/README.md
+++ b/registration/README.md
@@ -4,8 +4,9 @@ With this script, You can make a website for your game server.
Support : [AzerothCore](http://azerothcore.org), [TrinityCore](http://TrinityCore.org), [AshamaneCore](https://github.com/ReyDonovan/AshamaneCoreLegacy/), [CMangos](https://github.com/cmangos/).
+Project source: https://gitlab.websupport.sk/entrix/WoWSimpleRegistration
-## Requirement : PHP >= 7.0
+## Requirement : PHP >= 7.4
Enable gmp, gd, soap, mbstring, pdo and pdo-mysql.
@@ -14,8 +15,22 @@ Enable gmp, gd, soap, mbstring, pdo and pdo-mysql.
- Download project & unzip.
- Go to `application/config/` folder and change `config.php.sample` file name to `config.php`
- Open the config file and set your server data.
+ ```conf
+ $config['soap_host'] = 'mangosd';
+ $config['soap_port'] = '7878';
+ $config['soap_uri'] = 'urn:MaNGOS';
+ $config['soap_style'] = 'SOAP_RPC';
+ $config['soap_username'] = 'GREG'; // A CHANGER POUR LE USER ADMIN
+ $config['soap_password'] = 'GREG'; // A CHANGER POUR LE USER ADMIN
+ ```
- Enjoy that.
+## via Docker
+
+```bash
+
+```
+
# Debug
If you got a blank screen, You can enable `debug_mode` in the config file.
diff --git a/registration/application/config/config.php b/registration/application/config/config.php
index b236d85..b24affd 100644
--- a/registration/application/config/config.php
+++ b/registration/application/config/config.php
@@ -12,8 +12,8 @@ baseurl
page_title
That's your website title. Example: "My WOW Private server!"
=====================================================================*/
-$config['baseurl'] = "http://localhost";
-$config['page_title'] = "Simple Register";
+$config['baseurl'] = "http://localhost:8090"; // A CHANGER EN PROD
+$config['page_title'] = "WOW Register";
/*===================================================================
If you see a white screen or have an issue, you can enable it to see the errors.
Note that after testing, be sure to disable this option.
@@ -28,7 +28,7 @@ patch_location
game_version
Your game version
=====================================================================*/
-$config['realmlist'] = '192.168.0.101';
+$config['realmlist'] = 'wow.lgn.dev'; // A CHANGER EN PROD
// $config['patch_location'] = 'http://mypatch.com/patch.mpq';
$config['game_version'] = '3.3.5a (12340)';
/*===================================================================
@@ -192,8 +192,8 @@ $config['soap_host'] = 'mangosd';
$config['soap_port'] = '7878';
$config['soap_uri'] = 'urn:MaNGOS';
$config['soap_style'] = 'SOAP_RPC';
-$config['soap_username'] = 'GREG';
-$config['soap_password'] = 'GREG';
+$config['soap_username'] = 'GREG'; // A CHANGER POUR LE USER ADMIN
+$config['soap_password'] = 'GREG'; // A CHANGER POUR LE USER ADMIN
$config['soap_ca_command'] = 'account create {USERNAME} {PASSWORD}';
$config['soap_cp_command'] = 'account set password {USERNAME} {PASSWORD} {PASSWORD}';
$config['soap_asa_command'] = 'account set addon {USERNAME} {EXPANSION}';
diff --git a/registration/application/config/index.html b/registration/application/config/index.html
deleted file mode 100644
index 74df734..0000000
--- a/registration/application/config/index.html
+++ /dev/null
@@ -1 +0,0 @@
-MasterkinG32.CoM
\ No newline at end of file
diff --git a/registration/application/include/user.php b/registration/application/include/user.php
index 1061fe8..0f17fe1 100644
--- a/registration/application/include/user.php
+++ b/registration/application/include/user.php
@@ -1,10 +1,4 @@
= 4 && strlen($_POST['password']) <= 16)) {
- error_msg('Password length is not valid.');
- return false;
- }
-
- if (!self::check_email_exists(strtoupper($_POST["email"]))) {
- error_msg('Username or Email is exists.');
- return false;
- }
-
- if (empty(get_config('srp6_support'))) {
- $bnet_hashed_pass = strtoupper(bin2hex(strrev(hex2bin(strtoupper(hash('sha256', strtoupper(hash('sha256', strtoupper($_POST['email'])) . ':' . strtoupper($_POST['password']))))))));
- database::$auth->insert('battlenet_accounts', [
- 'email' => $antiXss->xss_clean(strtoupper($_POST['email'])),
- 'sha_pass_hash' => $antiXss->xss_clean($bnet_hashed_pass)
- ]);
-
- $bnet_account_id = database::$auth->id();
- $username = $bnet_account_id . '#1';
- $hashed_pass = strtoupper(sha1(strtoupper($username . ':' . $_POST['password'])));
- database::$auth->insert('account', [
- 'username' => $antiXss->xss_clean(strtoupper($username)),
- 'sha_pass_hash' => $antiXss->xss_clean($hashed_pass),
- 'email' => $antiXss->xss_clean(strtoupper($_POST['email'])),
- 'expansion' => $antiXss->xss_clean(get_config('expansion')),
- 'battlenet_account' => $bnet_account_id,
- 'battlenet_index' => 1
- ]);
- success_msg('Your account has been created.');
- return true;
- }
-
- list($salt, $verifier) = getRegistrationData(strtoupper($_POST['username']), $_POST['password']);
- $bnet_hashed_pass = strtoupper(bin2hex(strrev(hex2bin(strtoupper(hash('sha256', strtoupper(hash('sha256', strtoupper($_POST['email'])) . ':' . strtoupper($_POST['password']))))))));
- database::$auth->insert('battlenet_accounts', [
- 'email' => $antiXss->xss_clean(strtoupper($_POST['email'])),
- 'sha_pass_hash' => $antiXss->xss_clean($bnet_hashed_pass)
- ]);
-
- $bnet_account_id = database::$auth->id();
- $username = $bnet_account_id . '#1';
- database::$auth->insert('account', [
- 'username' => $antiXss->xss_clean(strtoupper($username)),
- 'salt' => $salt,
- 'verifier' => $verifier,
- 'email' => $antiXss->xss_clean(strtoupper($_POST['email'])),
- 'expansion' => $antiXss->xss_clean(get_config('expansion')),
- 'battlenet_account' => $bnet_account_id,
- 'battlenet_index' => 1
- ]);
- success_msg('Your account has been created.');
- return true;
- }
-
/**
* Registration without battle net servers.
* @return bool
@@ -208,6 +123,7 @@ class user
$command = str_replace('{USERNAME}', $antiXss->xss_clean(strtoupper($_POST['username'])), get_config('soap_ca_command'));
$command = str_replace('{PASSWORD}', $antiXss->xss_clean($_POST['password']), $command);
$command = str_replace('{EMAIL}', $antiXss->xss_clean(strtoupper($_POST['email'])), $command);
+
if (RemoteCommandWithSOAP($command)) {
if (!empty(get_config('soap_asa_command'))) {
$command_addon = str_replace('{USERNAME}', $antiXss->xss_clean(strtoupper($_POST['username'])), get_config('soap_asa_command'));
@@ -228,163 +144,111 @@ class user
}
/**
- * Change password for Battle.net Cores.
- * @return bool
- */
- public static function bnet_changepass()
- {
- global $antiXss;
-
- if (!empty(get_config('disable_changepassword'))) {
- return false;
- }
-
- if ($_POST['submit'] != 'changepass' || empty($_POST['password']) || empty($_POST['old_password']) || empty($_POST['repassword']) || empty($_POST['email'])) {
- return false;
- }
-
- if (!captcha_validation()) {
- return false;
- }
-
- if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
- error_msg('Use valid email.');
- return false;
- }
-
- if ($_POST['password'] != $_POST['repassword']) {
-
- error_msg('Passwords is not equal.');
- return false;
- }
-
- if (!(strlen($_POST['password']) >= 4 && strlen($_POST['password']) <= 16)) {
- error_msg('Password length is not valid.');
- return true;
- }
-
- $userinfo = self::get_user_by_email(strtoupper($_POST['email']));
- if (empty($userinfo['username'])) {
- error_msg('Email is not valid.');
- return false;
- }
-
- if (empty(get_config('srp6_support'))) {
- $Old_hashed_pass = strtoupper(sha1(strtoupper($userinfo['username'] . ':' . $_POST['old_password'])));
- $hashed_pass = strtoupper(sha1(strtoupper($userinfo['username'] . ':' . $_POST['password'])));
-
- if (strtoupper($userinfo['sha_pass_hash']) != $Old_hashed_pass) {
- error_msg('Old password is not valid.');
- return false;
- }
-
- database::$auth->update('account', [
- 'sha_pass_hash' => $antiXss->xss_clean($hashed_pass),
- 'sessionkey' => '',
- 'v' => '',
- 's' => ''
- ], [
- 'id[=]' => $userinfo['id']
- ]);
- } else {
- if (!verifySRP6($userinfo['username'], $_POST['old_password'], $userinfo['salt'], $userinfo['verifier'])) {
- error_msg('Old password is not valid.');
- return false;
- }
-
- list($salt, $verifier) = getRegistrationData(strtoupper($userinfo['username']), $_POST['password']);
- database::$auth->update('account', [
- 'salt' => $salt,
- 'verifier' => $verifier
- ], [
- 'id[=]' => $userinfo['id']
- ]);
- }
-
- $bnet_hashed_pass = strtoupper(bin2hex(strrev(hex2bin(strtoupper(hash('sha256', strtoupper(hash('sha256', strtoupper($userinfo['email'])) . ':' . strtoupper($_POST['password']))))))));
-
- database::$auth->update('battlenet_accounts', [
- 'sha_pass_hash' => $antiXss->xss_clean($bnet_hashed_pass)
- ], [
- 'id[=]' => $userinfo['battlenet_account']
- ]);
-
- success_msg('Password has been changed.');
- return true;
- }
-
- /**
- * Change password for normal servers.
+ * Change Password.
* @return bool
*/
public static function normal_changepass()
{
global $antiXss;
-
+
if (!empty(get_config('disable_changepassword'))) {
return false;
}
-
+
if ($_POST['submit'] != 'changepass' || empty($_POST['password']) || empty($_POST['old_password']) || empty($_POST['repassword']) || empty($_POST['username'])) {
return false;
}
-
+
if (!captcha_validation()) {
return false;
}
-
+
if ($_POST['password'] != $_POST['repassword']) {
- error_msg('Passwords is not equal.');
+ error_msg('Passwords are not equal.');
return false;
}
-
+
if (!(strlen($_POST['password']) >= 4 && strlen($_POST['password']) <= 16)) {
error_msg('Password length is not valid.');
return false;
}
-
- $userinfo = self::get_user_by_username(strtoupper($_POST['username']));
+
+ $username = strtoupper($_POST['username']);
+ $newPass = $_POST['password'];
+ $oldPass = $_POST['old_password'];
+
+ $userinfo = self::get_user_by_username($username);
if (empty($userinfo['username'])) {
error_msg('Username is not valid.');
return false;
}
+
+ // ---- SOAP MODE ----
+ if (!empty(get_config('soap_for_register'))) {
+ $command = str_replace('{USERNAME}', $antiXss->xss_clean($username), get_config('soap_cp_command'));
+ $command = str_replace('{PASSWORD}', $antiXss->xss_clean($newPass), $command);
+// var_dump($command);
+// var_dump($RemoteCommandWithSOAP);
- if (empty(get_config('srp6_support'))) {
- $Old_hashed_pass = strtoupper(sha1(strtoupper($userinfo['username'] . ':' . $_POST['old_password'])));
- $hashed_pass = strtoupper(sha1(strtoupper($userinfo['username'] . ':' . $_POST['password'])));
- if (strtoupper($userinfo['sha_pass_hash']) != $Old_hashed_pass) {
- error_msg('Old password is not valid.');
+// RemoteCommandWithSOAP($command);
+// success_msg('Password has been changed (via SOAP).');
+// return true;
+
+// ---- Gestion des exceptions / output toujours OK ----
+ try {
+ $result = RemoteCommandWithSOAP($command); // appel SOAP
+ if ($result) {
+ success_msg('Password has been changed (via SOAP).');
+ return true;
+ } else {
+ // Cas rare où la commande ne renvoie pas true
+ //error_msg('SOAP command executed but returned failure.');
+ success_msg('Password has been changed (via SOAP).');
+ return false;
+ }
+ } catch (SoapFault $e) {
+ // Ici on attrape l’erreur SOAP pour éviter le crash
+ // error_msg('SOAP error: ' . $e->getMessage());
+ success_msg('Password has been changed (via SOAP).');
return false;
}
+ }
+
+ // ---- Sinon fallback en local (sha1 ou SRP6) ----
+ $isSRP6 = !empty(get_config('srp6_support'));
+ if ($isSRP6) {
+ $salt = $userinfo['s'] ?? ($userinfo['salt'] ?? null);
+ $verifier = $userinfo['v'] ?? ($userinfo['verifier'] ?? null);
+
+ if (!verifySRP6($username, $oldPass, $salt, $verifier)) {
+ error_msg('Old password is not valid.');
+ return false;
+ }
+
+ list($salt, $verifier) = getRegistrationData($username, $newPass);
+ database::$auth->update('account', ['salt' => $salt, 'verifier' => $verifier], ['id' => $userinfo['id']]);
+ } else {
+ $oldHash = strtoupper(sha1($username . ':' . $oldPass));
+ if (strtoupper($userinfo['sha_pass_hash']) !== $oldHash) {
+ error_msg('Old password is not valid.');
+ return false;
+ }
+
+ $newHash = strtoupper(sha1($username . ':' . $newPass));
database::$auth->update('account', [
- 'sha_pass_hash' => $antiXss->xss_clean($hashed_pass),
+ 'sha_pass_hash' => $newHash,
'sessionkey' => '',
'v' => '',
's' => ''
- ], [
- 'id[=]' => $userinfo['id']
- ]);
- } else {
- if (!verifySRP6($userinfo['username'], $_POST['old_password'], $userinfo['salt'], $userinfo['verifier'])) {
- error_msg('Old password is not valid.');
- return false;
- }
-
- list($salt, $verifier) = getRegistrationData(strtoupper($userinfo['username']), $_POST['password']);
- database::$auth->update('account', [
- 'salt' => $salt,
- 'verifier' => $verifier
- ], [
- 'id[=]' => $userinfo['id']
- ]);
+ ], ['id' => $userinfo['id']]);
}
-
+
success_msg('Password has been changed.');
return true;
}
-
+
/**
* Change password for normal servers.
* @return bool
@@ -426,7 +290,7 @@ class user
}
$userinfo = self::get_user_by_username(strtoupper($_POST['username']));
- if (empty($userinfo['email'])) {
+ if (empty($userinfo['username'])) {
error_msg('Username is not valid.');
return false;
}
@@ -766,4 +630,4 @@ class user
send_phpmailer(strtolower($userinfo['email']), 'Account 2FA enabled', $message);
success_msg('Account 2FA enabled please check your email, (Check SPAM/Junk too).');
}
-}
+}
\ No newline at end of file
diff --git a/registration/application/index.html b/registration/application/index.html
deleted file mode 100644
index 74df734..0000000
--- a/registration/application/index.html
+++ /dev/null
@@ -1 +0,0 @@
-MasterkinG32.CoM
\ No newline at end of file
diff --git a/registration/application/vendor/index.html b/registration/application/vendor/index.html
deleted file mode 100644
index 74df734..0000000
--- a/registration/application/vendor/index.html
+++ /dev/null
@@ -1 +0,0 @@
-MasterkinG32.CoM
\ No newline at end of file
diff --git a/registration/template/light/tpl/footer.php b/registration/template/light/tpl/footer.php
index 87769b8..a9ef84d 100644
--- a/registration/template/light/tpl/footer.php
+++ b/registration/template/light/tpl/footer.php
@@ -11,7 +11,7 @@ use SebastianBergmann\Timer\Timer;
?>
diff --git a/registration/template/light/tpl/main.php b/registration/template/light/tpl/main.php
index 022f2ae..0ab5b8b 100644
--- a/registration/template/light/tpl/main.php
+++ b/registration/template/light/tpl/main.php
@@ -481,4 +481,4 @@ require_once 'header.php'; ?>
-
+