Cleaned up namespaces (still have to do Map Project) and removed references to FFXIV Classic from the code. Removed the Launcher Editor project as it is no longer needed (host file editing is cleaner).

data/www/login/config.php

@@ -0,0 +1,15 @@
+<?php
+
+$server_name	= "Magis' Funhouse";
+
+$db_server		= "localhost";
+$db_username	= "root";
+$db_password	= "";
+$db_database	= "ffxiv_server";
+
+$recaptcha_publickey = "";
+$recaptcha_privatekey = "";
+
+if(!defined('FFXIV_SESSION_LENGTH')) define('FFXIV_SESSION_LENGTH', 24);		//Session length in hours
+
+?>

data/www/login/css/login.css

@@ -0,0 +1,3 @@
+.loginBody {
+    background-color: #EFEFEF;
+}

data/www/login/database.php

@@ -0,0 +1,388 @@
+<?php
+
+include("config.php");
+
+mysqli_report(MYSQLI_REPORT_STRICT);
+
+function CreateDatabaseConnection($server, $username, $password, $database)
+{
+	try
+	{
+		$dataConnection = new mysqli($server, $username, $password);
+	}
+	catch(Exception $e)
+	{
+		die("Error while connecting to the database");
+	}
+
+	$dataConnection->select_db($database);
+	$dataConnection->query("SET NAMES 'utf8'");
+	
+	return $dataConnection;
+}
+
+$g_databaseConnection = CreateDatabaseConnection($db_server, $db_username, $db_password, $db_database);
+
+function GenerateRandomSha224()
+{
+	mt_srand(microtime(true) * 100000 + memory_get_usage(true));
+	return hash("sha224", uniqid(mt_rand(), true));
+}
+
+function VerifyUser($dataConnection, $username, $password)
+{
+	$statement = $dataConnection->prepare("SELECT id, passhash, salt FROM users WHERE name = ?");
+	if(!$statement)
+	{
+		throw new Exception(__FUNCTION__ . " failed: " . $dataConnection->error);
+	}
+	
+	try
+	{
+		$statement->bind_param('s', $username);
+		if(!$statement->execute())
+		{
+			throw new Exception(__FUNCTION__ . " failed.");
+		}
+
+		$statement->bind_result($id, $storedPasshash, $salt);
+		if(!$statement->fetch())
+		{
+			throw new Exception("Incorrect username.");
+		}
+		
+		$saltedPassword = $password . $salt;
+		$hashedPassword = hash("sha224", $saltedPassword);
+		
+		if($hashedPassword !== $storedPasshash)
+		{
+			throw new Exception("Incorrect password.");
+		}
+		
+		return $id;
+	}
+	finally
+	{
+		$statement->close();
+	}
+}
+
+function InsertUser($dataConnection, $username, $passhash, $salt, $email)
+{
+	{
+		$statement = $dataConnection->prepare("INSERT INTO users (name, passhash, salt, email) VALUES (?, ?, ?, ?)");
+		if(!$statement)
+		{
+			throw new Exception(__FUNCTION__ . " failed: " . $dataConnection->error);
+		}
+
+		try
+		{
+			$statement->bind_param('ssss', $username, $passhash, $salt, $email);
+
+			if(!$statement->execute())
+			{
+				throw new Exception(__FUNCTION__ . " failed.");
+			}
+		}
+		finally
+		{
+			$statement->close();
+		}
+	}	
+}
+
+function RefreshOrCreateSession($dataConnection, $userId)
+{
+	try
+	{
+		$sessionId = GetSessionFromUserId($dataConnection, $userId);
+		RefreshSession($dataConnection, $sessionId);
+	}
+	catch(Exception $e)
+	{
+		$sessionId = CreateSession($dataConnection, $userId);
+	}
+
+	return $sessionId;
+}
+
+function CreateSession($dataConnection, $userId)
+{
+	//Delete any session that might be active
+	{
+		$statement = $dataConnection->prepare("DELETE FROM sessions WHERE userId = ?");
+		if(!$statement)
+		{
+			throw new Exception("Failed to create session: " . $dataConnection->error);
+		}
+		
+		try
+		{
+			$statement->bind_param('i', $userId);
+
+			if(!$statement->execute())
+			{
+				throw new Exception("Failed to create session: " . $dataConnection->error);
+			}
+		}
+		finally
+		{
+			$statement->close();
+		}
+	}
+	
+	//Create new session
+	{
+		$sessionId = GenerateRandomSha224();
+		
+		$statement = $dataConnection->prepare("INSERT INTO sessions (id, userid, expiration) VALUES (?, ?, NOW() + INTERVAL " . FFXIV_SESSION_LENGTH . " HOUR)");
+		if(!$statement)
+		{
+			throw new Exception("Failed to create session: " . $dataConnection->error);
+		}
+		
+		try
+		{
+			$statement->bind_param('si', $sessionId, $userId);
+
+			if(!$statement->execute())
+			{
+				throw new Exception("Failed to create session: " . $dataConnection->error);
+			}
+		}
+		finally
+		{
+			$statement->close();
+		}
+		
+		return $sessionId;
+	}
+}
+
+function GetSessionFromUserId($dataConnection, $userId)
+{
+	$statement = $dataConnection->prepare("SELECT id FROM sessions WHERE userId = ? AND expiration > NOW()");
+	if(!$statement)
+	{
+		throw new Exception("Failed to get session id: " . $dataConnection->error);
+	}
+	
+	try
+	{
+		$statement->bind_param('i', $userId);
+		
+		if(!$statement->execute())
+		{
+			throw new Exception("Failed to get session id: " . $dataConnection->error);
+		}
+		
+		$statement->bind_result($sessionId);
+		if(!$statement->fetch())
+		{
+			throw new Exception("Failed to get session id: " . $dataConnection->error);
+		}
+		
+		return $sessionId;
+	}
+	finally
+	{
+		$statement->close();
+	}
+}
+
+function RefreshSession($dataConnection, $sessionId)
+{
+	$statement = $dataConnection->prepare("UPDATE sessions SET expiration = NOW() + INTERVAL " . FFXIV_SESSION_LENGTH . " HOUR WHERE id = ?");
+	if(!$statement)
+	{
+		throw new Exception("Failed to refresh session: " . $dataConnection->error);
+	}
+	
+	try
+	{
+		$statement->bind_param('s', $sessionId);
+		
+		if(!$statement->execute())
+		{
+			throw new Exception("Failed to refresh session: " . $dataConnection->error);
+		}
+	}
+	finally
+	{
+		$statement->close();
+	}
+}
+
+function GetUserIdFromSession($dataConnection, $sessionId)
+{
+	$statement = $dataConnection->prepare("SELECT userId FROM sessions WHERE id = ? AND expiration > NOW()");
+	if(!$statement)
+	{
+		throw new Exception("Could not get user id.");
+	}
+
+	try
+	{
+		$statement->bind_param('s', $sessionId);
+		if(!$statement->execute())
+		{
+			throw new Exception("Could not get user id.");
+		}
+		
+		$statement->bind_result($userId);
+		if(!$statement->fetch())
+		{
+			throw new Exception("Could not get user id.");
+		}
+		
+		return $userId;
+	}
+	finally
+	{
+		$statement->close();
+	}
+}
+
+function GetUserInfo($dataConnection, $userId)
+{
+	$statement = $dataConnection->prepare("SELECT name FROM users WHERE id = ?");
+	if(!$statement)
+	{
+		throw new Exception("Failed to get user information: " . $dataConnection->error);
+	}
+	
+	try
+	{
+		$statement->bind_param('i', $userId);
+		if(!$statement->execute())
+		{
+			throw new Exception("Failed to get user information: " . $dataConnection->error);
+		}
+		
+		$result = $statement->get_result();
+		if(!$result)
+		{
+			throw new Exception("Failed to get user information: " . $dataConnection->error);
+		}
+
+		$row = $result->fetch_assoc();
+		if(!$row)
+		{
+			throw new Exception("Failed to get user information: " . $dataConnection->error);
+		}
+		
+		return $row;
+	}
+	finally
+	{
+		$statement->close();
+	}
+}
+
+function GetUserCharacters($dataConnection, $userId)
+{
+	$statement = $dataConnection->prepare("SELECT id, name FROM characters WHERE userId = ?");
+	if(!$statement)
+	{
+		throw new Exception(__FUNCTION__ . " failed: " . $dataConnection->error);
+	}
+	
+	try
+	{
+		$statement->bind_param('i', $userId);
+		if(!$statement->execute())
+		{
+			throw new Exception(__FUNCTION__ . " failed: " . $dataConnection->error);
+		}
+		
+		$result = $statement->get_result();
+		if(!$result)
+		{
+			throw new Exception(__FUNCTION__ . " failed: " . $dataConnection->error);
+		}
+
+		$characters = array();
+		
+		while(1)
+		{
+			$row = $result->fetch_assoc();
+			if(!$row)
+			{
+				break;
+			}
+			array_push($characters, $row);
+		}
+		
+		return $characters;
+	}
+	finally
+	{
+		$statement->close();
+	}
+}
+
+function GetCharacterInfo($dataConnection, $userId, $characterId)
+{
+	$query = sprintf("SELECT * FROM characters WHERE userId = '%d' AND id = '%d'", 
+		$userId, $characterId);
+	$result = $dataConnection->query($query);
+	if(!$result)
+	{
+			throw new Exception(__FUNCTION__ . " failed: " . $dataConnection->error);
+	}
+	
+	$row = $result->fetch_assoc();
+	if(!$row)
+	{
+			throw new Exception(__FUNCTION__ . " failed: " . $dataConnection->error);
+	}
+	
+	return $row;
+}
+
+function UpdateCharacterInfo($dataConnection, $characterId, $characterInfo)
+{
+	$statement = $dataConnection->prepare("UPDATE ffxiv_characters SET
+		name = ?, tribe = ?, size = ?, voice = ?, skinColor = ?, hairStyle = ?, hairColor = ?, hairOption = ?,
+		eyeColor = ?, faceType = ?, faceBrow = ?, faceEye = ?, faceIris = ?, faceNose = ?, faceMouth = ?, faceJaw = ?,
+		faceCheek = ?, faceOption1 = ?, faceOption2 = ?, guardian = ?, birthMonth = ?, birthDay = ?, allegiance = ?,
+		weapon1 = ?, weapon2 = ?, headGear = ?, bodyGear = ?, legsGear = ?, handsGear = ?, feetGear = ?, 
+		waistGear = ?, rightEarGear = ?, leftEarGear = ?, rightFingerGear = ?, leftFingerGear = ?
+		WHERE id = ?");
+	if(!$statement)
+	{
+		throw new Exception("Failed to update character information: " . $dataConnection->error);
+	}
+	
+	try
+	{
+		if(!$statement->bind_param("siiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii",
+			$characterInfo["name"], $characterInfo["tribe"], $characterInfo["size"], $characterInfo["voice"],
+			$characterInfo["skinColor"], $characterInfo["hairStyle"], $characterInfo["hairColor"],
+			$characterInfo["hairOption"], $characterInfo["eyeColor"], $characterInfo["faceType"],
+			$characterInfo["faceBrow"], $characterInfo["faceEye"], $characterInfo["faceIris"],
+			$characterInfo["faceNose"], $characterInfo["faceMouth"], $characterInfo["faceJaw"],
+			$characterInfo["faceCheek"], $characterInfo["faceOption1"], $characterInfo["faceOption2"],
+			$characterInfo["guardian"], $characterInfo["birthMonth"], $characterInfo["birthDay"], $characterInfo["allegiance"],
+			$characterInfo["weapon1"], $characterInfo["weapon2"], $characterInfo["headGear"], $characterInfo["bodyGear"], 
+			$characterInfo["legsGear"], $characterInfo["handsGear"], $characterInfo["feetGear"],
+			$characterInfo["waistGear"], $characterInfo["rightEarGear"], $characterInfo["leftEarGear"], 
+			$characterInfo["rightFingerGear"], $characterInfo["leftFingerGear"],
+			$characterId))
+		{
+			throw new Exception("Failed to update character information: " . $dataConnection->error);
+		}
+		
+		if(!$statement->execute())
+		{
+			throw new Exception("Failed to update character information: " . $dataConnection->error);
+		}
+	}
+	finally
+	{
+		$statement->close();
+	}
+}
+
+?>

data/www/login/index.php

@@ -0,0 +1,151 @@
+<?php 
+		
+	error_reporting(E_ALL | E_STRICT);
+
+	include("config.php");
+	include("database.php");	
+		
+	$loginError = "";
+		
+	function doLogin($dataConnection)
+	{
+		$username 		= trim($_POST["username"]);
+		$password 		= trim($_POST["password"]);
+
+		if(empty($username))
+		{
+			throw new Exception("You must enter an username.");
+		}
+		
+		if(empty($password))
+		{
+			throw new Exception("You must enter a password.");
+		}
+	
+		$userId = VerifyUser($dataConnection, $username, $password);
+		return RefreshOrCreateSession($dataConnection, $userId);
+	}
+
+	$loginError = "";
+	$currentTimeUTC = time();
+
+	if(isset($_POST["login"]))
+	{
+		try
+		{
+			$sessionId = doLogin($g_databaseConnection);
+		}
+		catch(Exception $e)
+		{
+			$loginError = $e->getMessage();
+		}
+	}
+
+?>
+
+<html><head>
+<meta http-equiv="content-type" content="text/html; charset=windows-1252">
+		<style>
+		html, body {
+			font-family: Arial;
+			font-size: 14px;
+			margin:0;
+			padding: 0;
+			width: 600px;
+		}
+
+		html {
+			padding: 10px;
+		}
+
+		form {
+			background-color: #eee;
+			border: solid 1px #666;
+			border-radius: 3px;
+			margin-bottom: 0;
+		}
+
+		table {
+			justify-content: center;
+			width: 100%;
+			height: 100%;
+			padding: 20px;
+		}
+
+		form input {
+			width: 100%;
+			border: solid 1px #222;
+			padding: 3px;
+			outline: none;
+		}
+				
+		form button {
+			background-image: url(img/btLogin.gif);
+			background-position: 0 0;
+			background-repeat: no-repeat;
+			border: none;
+			width: 200px;
+			height: 40px;
+		}
+		form button:hover {
+			background-position: 0 -40px;
+			cursor: pointer;
+		}
+		
+		.errorText{
+			color: red;
+		}
+		
+		.banner {
+			margin-top: 10px;
+		}
+		</style>
+	</head>
+	
+	<body>
+			<?php if (isset($sessionId)) echo("<x-sqexauth sid=\"$sessionId\" lang=\"en-us\" region=\"2\" utc=\"$currentTimeUTC\" />"); ?>
+			<table border="0" cellpadding="0" cellspacing="0">
+			<tbody><tr>
+				<td width="50%">
+					<img src="img/logo.png" class="logo" width="300px">
+				</td>
+				<td width="50%">
+					<form method="post">
+						<table border="0" cellpadding="5px" cellspacing="0">
+						<tbody><tr>
+							<td width="5%"><img src="img/lbSQEXId_mem.gif"></td>
+							<td width="40%"><label for="username">Username</label></td>
+							<td width="50%"><input id="username" name="username" autocomplete="off" type="text"></td>
+						</tr>
+						<tr>
+							<td><img src="img/lbSQEXPass_mem.gif" <="" td="">
+							</td><td><label for="password">Password</label></td>
+							<td><input id="password" name="password" autocomplete="off" type="password"></td>
+						</tr>
+						<tr>
+							<td colspan="3" align="center">
+							<p class=errorText><?php echo($loginError) ?></p>
+							</td>
+						</tr>
+						<tr>
+							<td colspan="3" align="center">
+								<button type="submit" name="login">&nbsp;</button>
+							</td>
+						</tr>
+						<tr>
+							<td colspan="3" align="center">
+								<a href="..\login_su\create_user.php">Don't have a awesome account?</a>
+							</td>
+						</tr>
+						</tbody></table>
+					
+				</form></td>
+			</tr>
+			<tr>
+				<td colspan="2" align="center">
+					<img src="img/banner.png" class="banner" width="720px">
+				</td>
+			</tr>
+			</tbody></table>
+
+</body></html>