As you know, steam provides a script to allow people to connect on your site through the steam database.
I would like if I refresh the page I don't have to login again. But with steamapi I don't have any idea how to do it.
My Code:
<?php
require 'includes/lightopenid/openid.php';
include_once("db.php");
$_STEAMAPI = "MYAPI";
try {
$openid = new LightOpenID('http://test/dev1/index.php?id=1');
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'http://steamcommunity.com/openid/?l=english';
header('Location: ' . $openid->authUrl());
} else {
echo "<form action='?login' method='post'>";
echo "<input type='image' src='http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_small.png'>";
echo "</form>";
}
} elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$url = "http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=$_STEAMAPI&steamids=$matches[1]";
$json_object= file_get_contents($url);
$json_decoded = json_decode($json_object);
foreach ($json_decoded->response->players as $player)
{
$sql_fetch_id = "SELECT * FROM member WHERE steamid = '$player->steamid'";
$query_id = mysqli_query($db, $sql_fetch_id);
if (mysqli_num_rows($query_id) == 0) {
$sql_steam = "INSERT INTO member (name, steamid, avatar) VALUES ('$player->personaname', '$player->steamid', '$player->avatar')";
mysqli_query($db, $sql_steam);
}
echo "Welcome back <b>" . $player->personaname . "</br>";
}
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
?>
The general approach would be to setup session - in PHP, you can use $_SESSION to store this information. This allows you to store persistent server-side data per user.
Once you retrieve user's SteamID64, save it in the $_SESSION, e.g.:
$_SESSION['steamid'] = $someVal;
You can check if it's set on every subsequent request and act accordingly.
You can see full example here: https://github.com/SmItH197/SteamAuthentication
(Disclaimer: I'm not the author of the lib.)
Related
I have a problem with the Steam Authentication for the web. As you know, Steam provides a script to allow people to connect on your site through the Steam database. My problem is my code only inserts the Steam ID in the database and not the name & avatar.
My code:
if (isset($_GET['login'])){
require 'db.php';
require 'openid.php';
require 'userInfo.php';
try {
require 'SteamConfig.php';
$openid = new LightOpenID($steamauth['domainname']);
if(!$openid->mode) {
$openid->identity = 'http://steamcommunity.com/openid';
header('Location: ' . $openid->authUrl());
} elseif ($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$_SESSION['steamid'] = $matches[1];
$sql_fetch_id = "SELECT * FROM member WHERE steamid = '".$_SESSION['steamid']."'";
$query_id = mysqli_query($db, $sql_fetch_id);
if (mysqli_num_rows($query_id) == 0) {
$sql_steam = "INSERT INTO member (name, steamid, avatar) VALUES ('".$_SESSION['personaname']."', '".$_SESSION['steamid']."', '".$_SESSION['avatar']."')";
mysqli_query($db, $sql_steam);
}
if (!headers_sent()) {
header('Location: '.$steamauth['loginpage']);
exit;
} else {
?>
<script type="text/javascript">
window.location.href="<?=$steamauth['loginpage']?>";
</script>
<noscript>
<meta http- equiv="refresh" content="0;url=<?=$steamauth['loginpage']?>" />
</noscript>
<?php
exit;
}
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
}
Screenshot
Looking at the output of var_dump($_SESSION) (which should be in the question) it seems as if you're not actually referencing the keys of the session correctly.
With this line of code:
$sql_steam = "INSERT INTO member (name, steamid, avatar) VALUES ('".$_SESSION['personaname']."', '".$_SESSION['steamid']."', '".$_SESSION['avatar']."')";
You're referencing $_SESSION['personaname'], however, only ['steam_personaname'] is provided in the session. So you're referencing something that isn't there.
So you should be using:
$sql_steam = "INSERT INTO member (name, steamid, avatar) VALUES ('".$_SESSION['steam_personaname']."', '".$_SESSION['steamid']."', '".$_SESSION['steam_avatarfull']."')";
So i am currently studying PHP and Java and i encountered an error while working on my code. I am working on a login button where the user is able to connect to my page using the SteamAPI login.
I am testing 2 codes to make this work. The first code is the following:
<?php
require('openid.php');
$db = mysqli_connect("localhost", "root", "(my pw of the database)", "(name of my database)");
$_STEAMAPI = "(My steam api key)";
try {
$openid = new LightOpenID("http://mypage.com?id=1");
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'http://steamcommunity.com/openid/?l=english';
header("Location: " . $openid->authUrl());
} else {
echo "<h2>Connect to Steam</h2>";
echo "<form action='?login' method='post'>";
echo "<input type='image' src='http://steamcommunity-a.akamaihd.net/public/images/signinthroughsteam/sits_large_border.png'>";
echo "</form>";
}
} elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$url = "http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=$_STEAMAPI&steamids=$matches[1]";
$json_object= file_get_contents($url);
$json_decoded = json_decode($json_object);
foreach ($json_decoded->response->players as $player)
{
$sql_fetch_id = "SELECT * FROM users_steam WHERE steamid = $player->steamid";
$query_id = mysqli_query($db, $sql_fetch_id);
$_SESSION['name'] = $player->personaname;
$_SESSION['steamid'] = $player->steamid;
$_SESSION['avatar'] = $player->avatar;
if (mysqli_num_rows($query_id) == 0) {
$sql_steam = "INSERT INTO users_steam (name, steamid, avatar) VALUES ('$player->personaname', '$player->steamid', '$player->avatar')";
mysqli_query($db, $sql_steam);
}
}
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
?>
`
The other code i am working with is:
<?php
require 'openid.php';
$_STEAMAPI = "(My steam api key)";
try
{
$openid = new LightOpenID('http://mypage.com/');
if(!$openid->mode)
{
if(isset($_GET['login']))
{
$openid->identity = 'http://steamcommunity.com/openid/?l=english'; // This is forcing english because it has a weird habit of selecting a random language otherwise
header('Location: ' . $openid->authUrl());
}
?>
<form action="?login" method="post">
<input type="image" src="http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_small.png">
</form>
<?php
}
elseif($openid->mode == 'cancel')
{
echo 'User has canceled authentication!';
}
else
{
if($openid->validate())
{
$id = $openid->identity;
// identity is something like: http://steamcommunity.com/openid/id/76561197960435530
// we only care about the unique account ID at the end of the URL.
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
echo "User is logged in (steamID: $matches[1])\n";
$url = "http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=$_STEAMAPI&steamids=$matches[1]";
$json_object= file_get_contents($url);
$json_decoded = json_decode($json_object);
foreach ($json_decoded->response->players as $player)
{
echo "
<br/>Player ID: $player->steamid
<br/>Player Name: $player->personaname
<br/>Profile URL: $player->profileurl
<br/>SmallAvatar: <img src='$player->avatar'/>
<br/>MediumAvatar: <img src='$player->avatarmedium'/>
<br/>LargeAvatar: <img src='$player->avatarfull'/>
";
}
}
else
{
echo "User is not logged in.\n";
}
}
}
catch(ErrorException $e)
{
echo $e->getMessage();
}
?>
So my problem is that i am trying to redirect to my index.html but it doesn't work. On the first code i get redirected to my index.html because i added a ?id=1 after the URL of my website. If i remove that it will leave me on a blank page. So, it does the work when adding the ?id=1, but it sends me to my website offline. In other words, it send me to my index.html but the login button is still there, showing as if i didn't log in at all (offline index).
On the second code (i haven't used it a lot), it will redirect me to a website showing the information i asked for (id steam, steam name, etc.). It gives me the information i asked for, but it doesn't redirect me to the index.html.
I searched all over the internet and i couldn't find an answer. If someone can help me and tell me where i should change the code so as to get redirected to the index.html and connected i would appreciate it a lot.
Thanks in advanced and sorry for my english, Davor.
I am running a PHP script and this error shows up when I host the files on my VPS but not on a web-server.
Here is the error:
Notice: Undefined index: buttonstyle in
C:\xampp\htdocs\steamauth\steamauth.php on line 19
And here is the script (C:\xampp\htdocs\steamauth\steamauth.php)
<?php
ob_start();
session_start();
require ('openid.php');
function logoutbutton() {
echo "<form action=\"steamauth/logout.php\" method=\"post\"><input value=\"Logout\" type=\"submit\" /></form>"; //logout button
}
function steamlogin()
{
try {
require("steamauth/settings.php");
$openid = new LightOpenID($steamauth['domainname']);
$button['small'] = "small";
$button['large_no'] = "large_noborder";
$button['large'] = "large_border";
$button = $button[$steamauth['buttonstyle']];
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'http://steamcommunity.com/openid';
header('Location: ' . $openid->authUrl());
}
//echo "<form action=\"?login\" method=\"post\"> <input type=\"image\" src=\"http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_".$button.".png\"></form>";
}
elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$_SESSION['steamid'] = $matches[1];
include_once("set.php");
$query = mysql_query("SELECT * FROM users WHERE steamid='".$_SESSION['steamid']."'");
if (mysql_num_rows($query) == 0) {
mysql_query("INSERT INTO users (steamid) VALUES ('".$_SESSION['steamid']."')") or die("MySQL ERROR: ".mysql_error());
}
if (isset($steamauth['loginpage'])) {
header('Location: '.$steamauth['loginpage']);
}
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
}
?>
or (For a better looking version): http://pastebin.com/gEQT0SUW
Here is the code of steamauth/settings.php
<?php
$steamauth['apikey'] = "CANT SAHRE IT. PRIVATE"; // Your Steam WebAPI-Key found at http://steamcommunity.com/dev/apikey
$steamauth['domainname'] = "CANT SAHRE IT. PRIVATE"; // The main URL of your website displayed in the login page
$steamauth['logoutpage'] = ""; // Page to redirect to after a successfull logout (from the directory the SteamAuth-folder is located in) - NO slash at the beginning!
$steamauth['loginpage'] = "/"; // Page to redirect to after a successfull login (from the directory the SteamAuth-folder is located in) - NO slash at the beginning!
?>
In your setting.Php file there is no index available with $steamauth['buttonstyle'].
Solution:
What you need define $steamauth['buttonstyle'] in setting.php file your required value as:
$steamauth['apikey'] = "CANT SAHRE IT. PRIVATE";
$steamauth['domainname'] = "CANT SAHRE IT. PRIVATE";
$steamauth['logoutpage'] = "";
$steamauth['loginpage'] = "/";
$steamauth['buttonstyle'] = "value that you need"; // add this index
Set the value in buttonstyle index that you need for this URL:
http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_".$button.".png
<?php
ob_start();
session_start();
require ('openid.php');
function logoutbutton() {
echo "<form action=\"steamauth/logout.php\" method=\"post\"><input value=\"Logout\" type=\"submit\" /></form>"; //logout button
}
function steamlogin()
{
try {
require("settings.php");
$openid = new LightOpenID($steamauth['']);
$button['small'] = "small";
$button['large_no'] = "large_noborder";
$button['large'] = "large_border";
$button = $button[$steamauth['buttonstyle']];
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'http://steamcommunity.com/openid';
header('Location: ' . $openid->authUrl());
}
return "<form action=\"?login\" method=\"post\"> <input type=\"image\" src=\"http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_".$button.".png\"></form>";
}
elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$_SESSION['steamid'] = $matches[1];
// First determine of the $steamauth['loginpage'] has been set, if yes then redirect there. If not redirect to where they came from
if($steamauth['loginpage'] !== "") {
$returnTo = $steamauth['loginpage'];
} else {
//Determine the return to page. We substract "login&"" to remove the login var from the URL.
//"file.php?login&foo=bar" would become "file.php?foo=bar"
$returnTo = str_replace('login&', '', $_GET['openid_return_to']);
//If it didn't change anything, it means that there's no additionals vars, so remove the login var so that we don't get redirected to Steam over and over.
if($returnTo === $_GET['openid_return_to']) $returnTo = str_replace('?login', '', $_GET['openid_return_to']);
}
header('Location: '.$returnTo);
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
}
?>
"Not Found The requested URL /login was not found on this server." idk how i do that.. search here and here but nothing found :c i tried all time but i get the error with /login not found on the server "yes i know my english is maybe to bad :D"
<?php
ob_start();
session_start();
require ('openid.php');
function logout() {
echo '<form action="logout.php" method="post"><button class="btn btn-danger" type="submit"><i class="fa fa-power-off"></i> Log Out</button></form>'; //logout button
}
function steamlogin() {
try {
require("settings.php");
$openid = new LightOpenID($domain);
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'http://steamcommunity.com/openid';
header('Location: ' . $openid->authUrl());
}
return "<form action=\"?login\" method=\"post\"> <input type=\"image\" src=\"http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_large_noborder.png\"></form>";
}
elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$steamid = $matches[1];
$link = file_get_contents("http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=".$key."&steamids=".$steamid."");
$decode = json_decode($link);
$newlink = $decode->response->players->profileurl;
$xml = simplexml_load_file($newlink."?xml=1");
#$custom = $xml->customURL;
if(strlen($custom) <= 4){
$user = $xml->steamID64;
} else {
$user = $custom;
}
$_SESSION['steamid'] = $user;
//Determine the return to page. We substract "login&"" to remove the login var from the URL.
//"file.php?login&foo=bar" would become "file.php?foo=bar"
$returnTo = str_replace('login&', '', $_GET['openid_return_to']);
//If it didn't change anything, it means that there's no additionals vars, so remove the login var so that we don't get redirected to Steam over and over.
if($returnTo === $_GET['openid_return_to']) $returnTo = str_replace('?login', '', $_GET['openid_return_to']);
header('Location: '.$returnTo);
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
}
I checked this code 10 times (atleast) , but i don't understand why it doesn't create $_SESSION['steamid'] . Can you help me ?
I edited first post !
First off, you should try setting dummy data to test if your session is working at all. Right after your session_start() put a line like
$_SESSION['test'] = 'test';
var_dump($_SESSION);
If the key does not persist throughout requests then it means there is a problem with your session handler (possibly lacking write permission).
If your session is working then you start going down the tree of logic, check the expressions in each if statement to see what the execution path is, you do not provide any current output so I cannot tell right away.
This is not a definitive answer but I'm sure if you follow my advice you'll get to the root of the problem.