diff options
Diffstat (limited to 'Game/Lobby/Server')
-rw-r--r-- | Game/Lobby/Server/index.php | 56 |
1 files changed, 36 insertions, 20 deletions
diff --git a/Game/Lobby/Server/index.php b/Game/Lobby/Server/index.php index 16be3ef..ae734a6 100644 --- a/Game/Lobby/Server/index.php +++ b/Game/Lobby/Server/index.php @@ -2,9 +2,11 @@ /* * Routes: - * /host ?host&port=$port&name=$name - * /get-list ?get-list - * /join ?join=$id + * /host ?port=$port&name=$name + * /get-list ? + * /join ?id=$id + * /close ?id=$id + * /keep-alive ?id=$id */ $dbname = $_ENV['DB_NAME'] ?? 'db'; @@ -24,7 +26,8 @@ if (php_sapi_name() == 'cli') { port integer, creation_time integer, ping_time integer, - name text + name text, + secret text ); SQL) ->execute(); @@ -33,14 +36,19 @@ if (php_sapi_name() == 'cli') { return; } -$inputPost = json_decode(file_get_contents('php://input'), true); -if ($inputPost) { - $_POST = $inputPost + $_POST; +$url = parse_url("$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"); +$method = $_SERVER['REQUEST_METHOD']; + +if ($method == 'POST') { + $inputPost = json_decode(file_get_contents('php://input'), true); + if ($inputPost) { + $_POST = $inputPost + $_POST; + } } $response = []; -if (isset($_POST['host'])) { +if ($method == 'POST' && $url['path'] == '/host') { $ip = filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP); if ($ip === false) { @@ -54,9 +62,10 @@ if (isset($_POST['host'])) { $port = intval($_POST['port']); $name = $_POST['name']; $id = md5($name . time()); + $secret = md5($id . random_bytes($port)); $success = $db->prepare(<<<SQL - insert or replace into games (id, ip, port, creation_time, ping_time, name) values (:id, :ip, :port, :timestamp, :timestamp, :name) + insert or replace into games (id, ip, port, creation_time, ping_time, name, secret) values (:id, :ip, :port, :timestamp, :timestamp, :name, :secret) SQL) ->execute([ 'id' => $id, @@ -64,13 +73,16 @@ if (isset($_POST['host'])) { 'port' => $port, 'timestamp' => time(), 'name' => $name, + 'secret' => $secret, ]); - if ($success) { $response = [ 'success' => $success, - 'data' => $id, + 'data' => [ + 'id' => $id, + 'secret' => $secret, + ], ]; } else { $response = [ @@ -81,7 +93,7 @@ if (isset($_POST['host'])) { } } -else if (isset($_GET['get-list'])) { +else if ($method == 'GET' && $url['path'] == '/get-list') { $statement = $db->prepare(<<<SQL select id, name from games where ping_time > :comparison_time @@ -105,8 +117,8 @@ else if (isset($_GET['get-list'])) { ]; } -else if (isset($_GET['join'])) { - $id = $_GET['join']; +else if ($method == 'GET' && $url['path'] == '/join') { + $id = $_GET['id']; $statement = $db->prepare(<<<SQL select ip, port from games @@ -136,14 +148,16 @@ else if (isset($_GET['join'])) { } } -else if (isset($_POST['close'])) { - $id = $_POST['close']; +else if ($method == 'POST' && $url['path'] == '/close') { + $id = $_POST['id']; + $secret = $_POST['secret']; $success = $db->prepare(<<<SQL - delete from games where id = :id + delete from games where id = :id and secret = :secret SQL) ->execute([ 'id' => $id, + 'secret' => $secret, ]); $response = [ @@ -151,14 +165,16 @@ else if (isset($_POST['close'])) { ]; } -else if (isset($_POST['keep-alive'])) { - $id = $_POST['keep-alive']; +else if ($method == 'POST' && $url['path'] == '/keep-alive') { + $id = $_POST['id']; + $secret = $_POST['secret']; $success = $db->prepare(<<<SQL - update games set ping_time = :ping_time where id = :id + update games set ping_time = :ping_time where id = :id and secret = :secret SQL) ->execute([ 'id' => $id, + 'secret' => $secret, 'ping_time' => time(), ]); |