<?php
ob_start();
session_start();
require ('openid.php');
function logout() {
echo '<form action="logout.php" method="post"><button class="btn btn-danger" type="submit"><i class="fa fa-power-off"></i> Log Out</button></form>'; //logout button
}
function steamlogin() {
try {
require("settings.php");
$openid = new LightOpenID($domain);
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'http://steamcommunity.com/openid';
header('Location: ' . $openid->authUrl());
}
return "<form action=\"?login\" method=\"post\"> <input type=\"image\" src=\"http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_large_noborder.png\"></form>";
}
elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$steamid = $matches[1];
$link = file_get_contents("http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=".$key."&steamids=".$steamid."");
$decode = json_decode($link);
$newlink = $decode->response->players->profileurl;
$xml = simplexml_load_file($newlink."?xml=1");
#$custom = $xml->customURL;
if(strlen($custom) <= 4){
$user = $xml->steamID64;
} else {
$user = $custom;
}
$_SESSION['steamid'] = $user;
//Determine the return to page. We substract "login&"" to remove the login var from the URL.
//"file.php?login&foo=bar" would become "file.php?foo=bar"
$returnTo = str_replace('login&', '', $_GET['openid_return_to']);
//If it didn't change anything, it means that there's no additionals vars, so remove the login var so that we don't get redirected to Steam over and over.
if($returnTo === $_GET['openid_return_to']) $returnTo = str_replace('?login', '', $_GET['openid_return_to']);
header('Location: '.$returnTo);
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
}
I checked this code 10 times (atleast) , but i don't understand why it doesn't create $_SESSION['steamid'] . Can you help me ?
I edited first post !
First off, you should try setting dummy data to test if your session is working at all. Right after your session_start() put a line like
$_SESSION['test'] = 'test';
var_dump($_SESSION);
If the key does not persist throughout requests then it means there is a problem with your session handler (possibly lacking write permission).
If your session is working then you start going down the tree of logic, check the expressions in each if statement to see what the execution path is, you do not provide any current output so I cannot tell right away.
This is not a definitive answer but I'm sure if you follow my advice you'll get to the root of the problem.
Related
As you know, steam provides a script to allow people to connect on your site through the steam database.
I would like if I refresh the page I don't have to login again. But with steamapi I don't have any idea how to do it.
My Code:
<?php
require 'includes/lightopenid/openid.php';
include_once("db.php");
$_STEAMAPI = "MYAPI";
try {
$openid = new LightOpenID('http://test/dev1/index.php?id=1');
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'http://steamcommunity.com/openid/?l=english';
header('Location: ' . $openid->authUrl());
} else {
echo "<form action='?login' method='post'>";
echo "<input type='image' src='http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_small.png'>";
echo "</form>";
}
} elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$url = "http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=$_STEAMAPI&steamids=$matches[1]";
$json_object= file_get_contents($url);
$json_decoded = json_decode($json_object);
foreach ($json_decoded->response->players as $player)
{
$sql_fetch_id = "SELECT * FROM member WHERE steamid = '$player->steamid'";
$query_id = mysqli_query($db, $sql_fetch_id);
if (mysqli_num_rows($query_id) == 0) {
$sql_steam = "INSERT INTO member (name, steamid, avatar) VALUES ('$player->personaname', '$player->steamid', '$player->avatar')";
mysqli_query($db, $sql_steam);
}
echo "Welcome back <b>" . $player->personaname . "</br>";
}
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
?>
The general approach would be to setup session - in PHP, you can use $_SESSION to store this information. This allows you to store persistent server-side data per user.
Once you retrieve user's SteamID64, save it in the $_SESSION, e.g.:
$_SESSION['steamid'] = $someVal;
You can check if it's set on every subsequent request and act accordingly.
You can see full example here: https://github.com/SmItH197/SteamAuthentication
(Disclaimer: I'm not the author of the lib.)
So i am currently studying PHP and Java and i encountered an error while working on my code. I am working on a login button where the user is able to connect to my page using the SteamAPI login.
I am testing 2 codes to make this work. The first code is the following:
<?php
require('openid.php');
$db = mysqli_connect("localhost", "root", "(my pw of the database)", "(name of my database)");
$_STEAMAPI = "(My steam api key)";
try {
$openid = new LightOpenID("http://mypage.com?id=1");
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'http://steamcommunity.com/openid/?l=english';
header("Location: " . $openid->authUrl());
} else {
echo "<h2>Connect to Steam</h2>";
echo "<form action='?login' method='post'>";
echo "<input type='image' src='http://steamcommunity-a.akamaihd.net/public/images/signinthroughsteam/sits_large_border.png'>";
echo "</form>";
}
} elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$url = "http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=$_STEAMAPI&steamids=$matches[1]";
$json_object= file_get_contents($url);
$json_decoded = json_decode($json_object);
foreach ($json_decoded->response->players as $player)
{
$sql_fetch_id = "SELECT * FROM users_steam WHERE steamid = $player->steamid";
$query_id = mysqli_query($db, $sql_fetch_id);
$_SESSION['name'] = $player->personaname;
$_SESSION['steamid'] = $player->steamid;
$_SESSION['avatar'] = $player->avatar;
if (mysqli_num_rows($query_id) == 0) {
$sql_steam = "INSERT INTO users_steam (name, steamid, avatar) VALUES ('$player->personaname', '$player->steamid', '$player->avatar')";
mysqli_query($db, $sql_steam);
}
}
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
?>
`
The other code i am working with is:
<?php
require 'openid.php';
$_STEAMAPI = "(My steam api key)";
try
{
$openid = new LightOpenID('http://mypage.com/');
if(!$openid->mode)
{
if(isset($_GET['login']))
{
$openid->identity = 'http://steamcommunity.com/openid/?l=english'; // This is forcing english because it has a weird habit of selecting a random language otherwise
header('Location: ' . $openid->authUrl());
}
?>
<form action="?login" method="post">
<input type="image" src="http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_small.png">
</form>
<?php
}
elseif($openid->mode == 'cancel')
{
echo 'User has canceled authentication!';
}
else
{
if($openid->validate())
{
$id = $openid->identity;
// identity is something like: http://steamcommunity.com/openid/id/76561197960435530
// we only care about the unique account ID at the end of the URL.
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
echo "User is logged in (steamID: $matches[1])\n";
$url = "http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=$_STEAMAPI&steamids=$matches[1]";
$json_object= file_get_contents($url);
$json_decoded = json_decode($json_object);
foreach ($json_decoded->response->players as $player)
{
echo "
<br/>Player ID: $player->steamid
<br/>Player Name: $player->personaname
<br/>Profile URL: $player->profileurl
<br/>SmallAvatar: <img src='$player->avatar'/>
<br/>MediumAvatar: <img src='$player->avatarmedium'/>
<br/>LargeAvatar: <img src='$player->avatarfull'/>
";
}
}
else
{
echo "User is not logged in.\n";
}
}
}
catch(ErrorException $e)
{
echo $e->getMessage();
}
?>
So my problem is that i am trying to redirect to my index.html but it doesn't work. On the first code i get redirected to my index.html because i added a ?id=1 after the URL of my website. If i remove that it will leave me on a blank page. So, it does the work when adding the ?id=1, but it sends me to my website offline. In other words, it send me to my index.html but the login button is still there, showing as if i didn't log in at all (offline index).
On the second code (i haven't used it a lot), it will redirect me to a website showing the information i asked for (id steam, steam name, etc.). It gives me the information i asked for, but it doesn't redirect me to the index.html.
I searched all over the internet and i couldn't find an answer. If someone can help me and tell me where i should change the code so as to get redirected to the index.html and connected i would appreciate it a lot.
Thanks in advanced and sorry for my english, Davor.
<?php
ob_start();
session_start();
require ('openid.php');
function logoutbutton() {
echo "<form action=\"steamauth/logout.php\" method=\"post\"><input value=\"Logout\" type=\"submit\" /></form>"; //logout button
}
function steamlogin()
{
try {
require("settings.php");
$openid = new LightOpenID($steamauth['']);
$button['small'] = "small";
$button['large_no'] = "large_noborder";
$button['large'] = "large_border";
$button = $button[$steamauth['buttonstyle']];
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'http://steamcommunity.com/openid';
header('Location: ' . $openid->authUrl());
}
return "<form action=\"?login\" method=\"post\"> <input type=\"image\" src=\"http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_".$button.".png\"></form>";
}
elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$_SESSION['steamid'] = $matches[1];
// First determine of the $steamauth['loginpage'] has been set, if yes then redirect there. If not redirect to where they came from
if($steamauth['loginpage'] !== "") {
$returnTo = $steamauth['loginpage'];
} else {
//Determine the return to page. We substract "login&"" to remove the login var from the URL.
//"file.php?login&foo=bar" would become "file.php?foo=bar"
$returnTo = str_replace('login&', '', $_GET['openid_return_to']);
//If it didn't change anything, it means that there's no additionals vars, so remove the login var so that we don't get redirected to Steam over and over.
if($returnTo === $_GET['openid_return_to']) $returnTo = str_replace('?login', '', $_GET['openid_return_to']);
}
header('Location: '.$returnTo);
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
}
?>
"Not Found The requested URL /login was not found on this server." idk how i do that.. search here and here but nothing found :c i tried all time but i get the error with /login not found on the server "yes i know my english is maybe to bad :D"
I want to make Steam login for my site. The only thing I want from Steam is to login, get his username and start a session for that user. I followed a tutorial on YouTube, did basically everything on that video but when I press sign in through Steam I get: example.com/(()%7D.
Code:
<?php
include "includes/apikey.php";
include "includes/openid.php";
ob_start();
$OpenID = new LightOpenID("http://astral-gaming.com");
session_start();
?>
This is my header. Also, I put this php on the middle of the doc (because I want sign in to appear after all navbar elements:
<?php
if(!$OpenID->mode) {
if(isset($_GET['login'])) {
$OpenID->identity = "http://steamcommunity.com/openid";
header("Location: ($OpenID->authUrl()}");
}
if(!isset($_SESSION['T2SteamAuth'])) {
$login = "<li><img src=\"http://steamcommunity- a.akamaihd.net/public/images/signinthroughsteam/sits_small.png\"/></li>";
}
} elseif($OpenID->mode == "cancel"){
} else {
if(!isset($_SESSION['TF2SteamAuth'])) {
$_SESSION['TF2SteamAuth'] = $OpenID->validate() ? $OpenID->identity: null;
$_SESSION['TF2SteamID64'] = str_replace("http://steamcommunity.com/openid/id/", "", $_SESSION['TF2SteamAuth']);
if($_SESSION['TF2SteamAuth'] !== null) {
$Steam64 = str_replace("http:// (ignore space)steamcommunity.com/openid/id/", "", $_SESSION['TF2SteamAuth']);
$profile = file_get_contents("http:// (ignore space) api.steampowered.com/IsteamUser/GetPlayerSummaries/v0002/?key={$api}&steamids=($Steam64)");
$buffer = fopen("cache/{$steam64}.json", "w+");
fwrite($buffer, $profile);
fclose($buffer);
}
header("Location: index.php");
}
}
if(isset($_SESSION['T2SteamAuth'])) {
$login = "<li>Steam LogOut</li>";
}
if(isset($_GET['logout'])) {
unset($_SESSION['T2SteamAuth']);
unset($_SESSION['T2SteamAuth']);
header("Location: index.php");
}
You have bad/mismatched bracketing/bracing everywhere in your code:
header("Location: ($OpenID->authUrl()}");
^-- this should probably be a {?
Alright, I am having a bit of a problem with signing in through steam on my website. The code seems to work up until you press the "Yes, sign in." here: Screenshot.
When I click the "Yes, sign in." button it redirects me back to the page that the sign in button was on and the sign in button is not not visible as if it worked but the scripted logout button is not there either. It is just a blank page and it has a really long URL:
http://localhost/Websites/Unknown%20Infernos/?page=login&login&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Flogin&openid.claimed_id=http%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561198059756738&openid.identity=http%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561198059756738&openid.return_to=http%3A%2F%2Flocalhost%2FWebsites%2FUnknown%2520Infernos%2F%3Fpage%3Dlogin%26login&openid.response_nonce=2014-01-24T10%3A00%3A27Ze43wSImRFeCb5vc9qw8uwlv8y9c%3D&openid.assoc_handle=1234567890&openid.signed=signed%2Cop_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=SYWQBh%2BxowKdUqWvVhK6nl7Vskk%3D
The log in button also comes back after a page refresh.
Here is the code, I am using the LightOpenID API.
<?php
session_start();
include "openid.php";
$key = "XXXXXXXXXXXXXXXXXXXXXXXXX";
$OpenID = new LightOpenID("localhost");
if (!$OpenID->mode) {
if (isset($_GET['login'])) {
$OpenID->identity = "http://steamcommunity.com/openid";
header("Location: {$OpenID->authUrl()}");
}
if (!isset($_SESSION['T2SteamAuth'])) {
$login = "<div id=\"login\">Welcome Guest. Please <img src=\"http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_small.png\"/> to access this website.</div>";
} elseif ($OpenID->mode == "cancel") {
echo "user has cancelled Authentication.";
} else {
if (!isset($_SESSION['T2SteamAuth'])) {
$_SESSION['T2SteamAuth'] = $OpenID->validate() ? $OpenID->identity : null;
$_SESSION['T2SteamID64'] = str_replace("http://steamcommunity.com/openid/id", "", $_SESSION['T2SteamAuth']);
if ($_SESSION['T2SteamAuth'] !== null) {
$Steam64 = str_replace("http://steamcommunity.com/openid/id", "", $_SESSION['T2SteamAuth']);
$profile = file_get_contents("http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key={$key}&steamids={$Steam64}");
$buffer = fopen("cache/{$Steam64}.json", "w+");
fwrite($buffer, $profile);
fclose($buffer);
}
header("Location: ./index.php")
}
}
if (isset($_SESSION['T2SteamAuth'])) {
$login = "<div id=\"login\">Welcome Guest. Please Logout to access this website.</div>";
}
if (isset($_GET['logout'])) {
unset($_SESSION['T2SteamAuth']);
unset($_SESSION['T2SteamID64']);
header("Location: ./index.php");
}
$steam = json_decode(file_get_contents("cache/{$_SESSION['T2SteamID64']}.json"));
echo $login;
//echo "<img src\"{$steam->responce->players[0]->avatarfull}\"/>";
}
?>