Helau my friends,
today I'm sharing with you our native windows client for our old retro hotel Herofire. It was never public released, the hotel closed before the application came out of the beta. You need some several changes (even in your CMS for the login api). It's not the cleanest and beatuiest code, but as I said, it never left the beta. The labels are in german, feel free to change it. The application got a Shockwave / Flash library.
You can start the programm with the "devhotel" argument, which will log you in into a defined dev hotel.
I know, it's not the securest way with the session thing but as I mentioned, it was never public. It's very useful and shocking comfortable.
It was created by Maxi and me, if you use it please give a contribute or something to the old Herofire. Would even be nice to see it further developed
:
Screenshot:
/api/sessionlogin.php
/api/userlogin.php
SQL
Known Bug:
When you are logged in and press log out, and then log in again, the client won't start up. You have to restart the programm.
Download:
VT:
today I'm sharing with you our native windows client for our old retro hotel Herofire. It was never public released, the hotel closed before the application came out of the beta. You need some several changes (even in your CMS for the login api). It's not the cleanest and beatuiest code, but as I said, it never left the beta. The labels are in german, feel free to change it. The application got a Shockwave / Flash library.
You can start the programm with the "devhotel" argument, which will log you in into a defined dev hotel.
I know, it's not the securest way with the session thing but as I mentioned, it was never public. It's very useful and shocking comfortable.
It was created by Maxi and me, if you use it please give a contribute or something to the old Herofire. Would even be nice to see it further developed
:Screenshot:
/api/sessionlogin.php
PHP:
<?php
require_once("../core.php");
if(isset($_POST["session"]) && isset($_POST["processor_id"]) && !empty($_POST["session"]) && !empty($_POST["processor_id"]))
{
$sql = $conn->prepare("SELECT user_id FROM `user_native_client_sessions` WHERE session = ? AND processor_id = ? AND ip = ? AND expire_timestamp >= ? LIMIT 1");
$sql->bind_param("sssi", $_POST["session"], $_POST["processor_id"], $functions->getIp(), time());
$sql->execute();
$sql->store_result();
if ($sql->num_rows > 0)
{
$sql->bind_result($userid);
$sql->fetch();
$ticket = $functions->GenerateTicket();
$conn->query("UPDATE users SET auth_ticket = '".$ticket."' WHERE id = '".$userid."'");
echo json_encode(array("status" => "true", "sso" => $ticket));
}
else
{
echo json_encode(array("status" => "false"));
}
}
else
{
echo json_encode(array("status" => "false"));
}/api/userlogin.php
PHP:
<?php
require_once("../core.php");
$rememberMe = false;
$username = $functions->FilterText($_POST["username"]);
$password = $functions->HoloHashMD5New($_POST["password"], $username);
if(isset($_POST["remember_me"]) && isset($_POST["processor_id"]))
$rememberMe = true;
if (empty($username) || empty($password))
{
echo json_encode(array("status" => "false"));
}
else
{
$sql = $conn->prepare("SELECT id FROM users WHERE username = ? AND password = '" . $password . "' LIMIT 1");
$sql->bind_param("s", $username);
$sql->execute();
$sql->store_result();
if ($sql->num_rows < 1)
{
echo json_encode(array("status" => "false"));
}
else
{
$sql->bind_result($userid);
$sql->fetch();
$ticket = $functions->GenerateTicket();
$conn->query("UPDATE users SET auth_ticket = '".$ticket."', isNativeApplication = '1' WHERE id = '".$userid."'");
$response = array("status" => "true", "sso" => $ticket);
if($rememberMe)
{
$conn->query("DELETE FROM `user_native_client_sessions` WHERE (`user_id`='$userid')");
$sessionkey = $functions->random_string();
$timestamp = strtotime("+3 months");
$query = $conn->prepare("INSERT INTO `user_native_client_sessions` (`user_id`, `session`, `processor_id`, `ip`, `expire_timestamp`) VALUES (?, ?, ?, ?, ?)");
$query->bind_param("isssi", $userid, $sessionkey, $_POST["processor_id"], $functions->getIp(), $timestamp);
$query->execute();
$response["session"] = $sessionkey;
}
echo json_encode($response);
exit;
}
}SQL
Code:
-- ----------------------------
-- Table structure for `user_native_client_sessions`
-- ----------------------------
DROP TABLE IF EXISTS `user_native_client_sessions`;
CREATE TABLE `user_native_client_sessions` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`session` varchar(255) NOT NULL,
`processor_id` varchar(255) NOT NULL,
`ip` varchar(255) NOT NULL,
`expire_timestamp` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=29 DEFAULT CHARSET=utf8;Known Bug:
When you are logged in and press log out, and then log in again, the client won't start up. You have to restart the programm.
Download:
You must be registered to see links
VT:
You must be registered to see links
Last edited:
