I want to make Steam login for my site. The only thing I want from Steam is to login, get his username and start a session for that user. I followed a tutorial on YouTube, did basically everything on that video but when I press sign in through Steam I get: example.com/(()%7D.
Code:
<?php
include "includes/apikey.php";
include "includes/openid.php";
ob_start();
$OpenID = new LightOpenID("http://astral-gaming.com");
session_start();
?>
This is my header. Also, I put this php on the middle of the doc (because I want sign in to appear after all navbar elements:
<?php
if(!$OpenID->mode) {
if(isset($_GET['login'])) {
$OpenID->identity = "http://steamcommunity.com/openid";
header("Location: ($OpenID->authUrl()}");
}
if(!isset($_SESSION['T2SteamAuth'])) {
$login = "<li><img src=\"http://steamcommunity- a.akamaihd.net/public/images/signinthroughsteam/sits_small.png\"/></li>";
}
} elseif($OpenID->mode == "cancel"){
} else {
if(!isset($_SESSION['TF2SteamAuth'])) {
$_SESSION['TF2SteamAuth'] = $OpenID->validate() ? $OpenID->identity: null;
$_SESSION['TF2SteamID64'] = str_replace("http://steamcommunity.com/openid/id/", "", $_SESSION['TF2SteamAuth']);
if($_SESSION['TF2SteamAuth'] !== null) {
$Steam64 = str_replace("http:// (ignore space)steamcommunity.com/openid/id/", "", $_SESSION['TF2SteamAuth']);
$profile = file_get_contents("http:// (ignore space) api.steampowered.com/IsteamUser/GetPlayerSummaries/v0002/?key={$api}&steamids=($Steam64)");
$buffer = fopen("cache/{$steam64}.json", "w+");
fwrite($buffer, $profile);
fclose($buffer);
}
header("Location: index.php");
}
}
if(isset($_SESSION['T2SteamAuth'])) {
$login = "<li>Steam LogOut</li>";
}
if(isset($_GET['logout'])) {
unset($_SESSION['T2SteamAuth']);
unset($_SESSION['T2SteamAuth']);
header("Location: index.php");
}
You have bad/mismatched bracketing/bracing everywhere in your code:
header("Location: ($OpenID->authUrl()}");
^-- this should probably be a {?
Related
So i am currently studying PHP and Java and i encountered an error while working on my code. I am working on a login button where the user is able to connect to my page using the SteamAPI login.
I am testing 2 codes to make this work. The first code is the following:
<?php
require('openid.php');
$db = mysqli_connect("localhost", "root", "(my pw of the database)", "(name of my database)");
$_STEAMAPI = "(My steam api key)";
try {
$openid = new LightOpenID("http://mypage.com?id=1");
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'http://steamcommunity.com/openid/?l=english';
header("Location: " . $openid->authUrl());
} else {
echo "<h2>Connect to Steam</h2>";
echo "<form action='?login' method='post'>";
echo "<input type='image' src='http://steamcommunity-a.akamaihd.net/public/images/signinthroughsteam/sits_large_border.png'>";
echo "</form>";
}
} elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$url = "http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=$_STEAMAPI&steamids=$matches[1]";
$json_object= file_get_contents($url);
$json_decoded = json_decode($json_object);
foreach ($json_decoded->response->players as $player)
{
$sql_fetch_id = "SELECT * FROM users_steam WHERE steamid = $player->steamid";
$query_id = mysqli_query($db, $sql_fetch_id);
$_SESSION['name'] = $player->personaname;
$_SESSION['steamid'] = $player->steamid;
$_SESSION['avatar'] = $player->avatar;
if (mysqli_num_rows($query_id) == 0) {
$sql_steam = "INSERT INTO users_steam (name, steamid, avatar) VALUES ('$player->personaname', '$player->steamid', '$player->avatar')";
mysqli_query($db, $sql_steam);
}
}
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
?>
`
The other code i am working with is:
<?php
require 'openid.php';
$_STEAMAPI = "(My steam api key)";
try
{
$openid = new LightOpenID('http://mypage.com/');
if(!$openid->mode)
{
if(isset($_GET['login']))
{
$openid->identity = 'http://steamcommunity.com/openid/?l=english'; // This is forcing english because it has a weird habit of selecting a random language otherwise
header('Location: ' . $openid->authUrl());
}
?>
<form action="?login" method="post">
<input type="image" src="http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_small.png">
</form>
<?php
}
elseif($openid->mode == 'cancel')
{
echo 'User has canceled authentication!';
}
else
{
if($openid->validate())
{
$id = $openid->identity;
// identity is something like: http://steamcommunity.com/openid/id/76561197960435530
// we only care about the unique account ID at the end of the URL.
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
echo "User is logged in (steamID: $matches[1])\n";
$url = "http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=$_STEAMAPI&steamids=$matches[1]";
$json_object= file_get_contents($url);
$json_decoded = json_decode($json_object);
foreach ($json_decoded->response->players as $player)
{
echo "
<br/>Player ID: $player->steamid
<br/>Player Name: $player->personaname
<br/>Profile URL: $player->profileurl
<br/>SmallAvatar: <img src='$player->avatar'/>
<br/>MediumAvatar: <img src='$player->avatarmedium'/>
<br/>LargeAvatar: <img src='$player->avatarfull'/>
";
}
}
else
{
echo "User is not logged in.\n";
}
}
}
catch(ErrorException $e)
{
echo $e->getMessage();
}
?>
So my problem is that i am trying to redirect to my index.html but it doesn't work. On the first code i get redirected to my index.html because i added a ?id=1 after the URL of my website. If i remove that it will leave me on a blank page. So, it does the work when adding the ?id=1, but it sends me to my website offline. In other words, it send me to my index.html but the login button is still there, showing as if i didn't log in at all (offline index).
On the second code (i haven't used it a lot), it will redirect me to a website showing the information i asked for (id steam, steam name, etc.). It gives me the information i asked for, but it doesn't redirect me to the index.html.
I searched all over the internet and i couldn't find an answer. If someone can help me and tell me where i should change the code so as to get redirected to the index.html and connected i would appreciate it a lot.
Thanks in advanced and sorry for my english, Davor.
<?php
ob_start();
session_start();
require ('openid.php');
function logoutbutton() {
echo "<form action=\"steamauth/logout.php\" method=\"post\"><input value=\"Logout\" type=\"submit\" /></form>"; //logout button
}
function steamlogin()
{
try {
require("settings.php");
$openid = new LightOpenID($steamauth['']);
$button['small'] = "small";
$button['large_no'] = "large_noborder";
$button['large'] = "large_border";
$button = $button[$steamauth['buttonstyle']];
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'http://steamcommunity.com/openid';
header('Location: ' . $openid->authUrl());
}
return "<form action=\"?login\" method=\"post\"> <input type=\"image\" src=\"http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_".$button.".png\"></form>";
}
elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$_SESSION['steamid'] = $matches[1];
// First determine of the $steamauth['loginpage'] has been set, if yes then redirect there. If not redirect to where they came from
if($steamauth['loginpage'] !== "") {
$returnTo = $steamauth['loginpage'];
} else {
//Determine the return to page. We substract "login&"" to remove the login var from the URL.
//"file.php?login&foo=bar" would become "file.php?foo=bar"
$returnTo = str_replace('login&', '', $_GET['openid_return_to']);
//If it didn't change anything, it means that there's no additionals vars, so remove the login var so that we don't get redirected to Steam over and over.
if($returnTo === $_GET['openid_return_to']) $returnTo = str_replace('?login', '', $_GET['openid_return_to']);
}
header('Location: '.$returnTo);
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
}
?>
"Not Found The requested URL /login was not found on this server." idk how i do that.. search here and here but nothing found :c i tried all time but i get the error with /login not found on the server "yes i know my english is maybe to bad :D"
<?php
ob_start();
session_start();
require ('openid.php');
function logout() {
echo '<form action="logout.php" method="post"><button class="btn btn-danger" type="submit"><i class="fa fa-power-off"></i> Log Out</button></form>'; //logout button
}
function steamlogin() {
try {
require("settings.php");
$openid = new LightOpenID($domain);
if(!$openid->mode) {
if(isset($_GET['login'])) {
$openid->identity = 'http://steamcommunity.com/openid';
header('Location: ' . $openid->authUrl());
}
return "<form action=\"?login\" method=\"post\"> <input type=\"image\" src=\"http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_large_noborder.png\"></form>";
}
elseif($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$steamid = $matches[1];
$link = file_get_contents("http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=".$key."&steamids=".$steamid."");
$decode = json_decode($link);
$newlink = $decode->response->players->profileurl;
$xml = simplexml_load_file($newlink."?xml=1");
#$custom = $xml->customURL;
if(strlen($custom) <= 4){
$user = $xml->steamID64;
} else {
$user = $custom;
}
$_SESSION['steamid'] = $user;
//Determine the return to page. We substract "login&"" to remove the login var from the URL.
//"file.php?login&foo=bar" would become "file.php?foo=bar"
$returnTo = str_replace('login&', '', $_GET['openid_return_to']);
//If it didn't change anything, it means that there's no additionals vars, so remove the login var so that we don't get redirected to Steam over and over.
if($returnTo === $_GET['openid_return_to']) $returnTo = str_replace('?login', '', $_GET['openid_return_to']);
header('Location: '.$returnTo);
} else {
echo "User is not logged in.\n";
}
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
}
I checked this code 10 times (atleast) , but i don't understand why it doesn't create $_SESSION['steamid'] . Can you help me ?
I edited first post !
First off, you should try setting dummy data to test if your session is working at all. Right after your session_start() put a line like
$_SESSION['test'] = 'test';
var_dump($_SESSION);
If the key does not persist throughout requests then it means there is a problem with your session handler (possibly lacking write permission).
If your session is working then you start going down the tree of logic, check the expressions in each if statement to see what the execution path is, you do not provide any current output so I cannot tell right away.
This is not a definitive answer but I'm sure if you follow my advice you'll get to the root of the problem.
Alright, I am having a bit of a problem with signing in through steam on my website. The code seems to work up until you press the "Yes, sign in." here: Screenshot.
When I click the "Yes, sign in." button it redirects me back to the page that the sign in button was on and the sign in button is not not visible as if it worked but the scripted logout button is not there either. It is just a blank page and it has a really long URL:
http://localhost/Websites/Unknown%20Infernos/?page=login&login&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Flogin&openid.claimed_id=http%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561198059756738&openid.identity=http%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561198059756738&openid.return_to=http%3A%2F%2Flocalhost%2FWebsites%2FUnknown%2520Infernos%2F%3Fpage%3Dlogin%26login&openid.response_nonce=2014-01-24T10%3A00%3A27Ze43wSImRFeCb5vc9qw8uwlv8y9c%3D&openid.assoc_handle=1234567890&openid.signed=signed%2Cop_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=SYWQBh%2BxowKdUqWvVhK6nl7Vskk%3D
The log in button also comes back after a page refresh.
Here is the code, I am using the LightOpenID API.
<?php
session_start();
include "openid.php";
$key = "XXXXXXXXXXXXXXXXXXXXXXXXX";
$OpenID = new LightOpenID("localhost");
if (!$OpenID->mode) {
if (isset($_GET['login'])) {
$OpenID->identity = "http://steamcommunity.com/openid";
header("Location: {$OpenID->authUrl()}");
}
if (!isset($_SESSION['T2SteamAuth'])) {
$login = "<div id=\"login\">Welcome Guest. Please <img src=\"http://cdn.steamcommunity.com/public/images/signinthroughsteam/sits_small.png\"/> to access this website.</div>";
} elseif ($OpenID->mode == "cancel") {
echo "user has cancelled Authentication.";
} else {
if (!isset($_SESSION['T2SteamAuth'])) {
$_SESSION['T2SteamAuth'] = $OpenID->validate() ? $OpenID->identity : null;
$_SESSION['T2SteamID64'] = str_replace("http://steamcommunity.com/openid/id", "", $_SESSION['T2SteamAuth']);
if ($_SESSION['T2SteamAuth'] !== null) {
$Steam64 = str_replace("http://steamcommunity.com/openid/id", "", $_SESSION['T2SteamAuth']);
$profile = file_get_contents("http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key={$key}&steamids={$Steam64}");
$buffer = fopen("cache/{$Steam64}.json", "w+");
fwrite($buffer, $profile);
fclose($buffer);
}
header("Location: ./index.php")
}
}
if (isset($_SESSION['T2SteamAuth'])) {
$login = "<div id=\"login\">Welcome Guest. Please Logout to access this website.</div>";
}
if (isset($_GET['logout'])) {
unset($_SESSION['T2SteamAuth']);
unset($_SESSION['T2SteamID64']);
header("Location: ./index.php");
}
$steam = json_decode(file_get_contents("cache/{$_SESSION['T2SteamID64']}.json"));
echo $login;
//echo "<img src\"{$steam->responce->players[0]->avatarfull}\"/>";
}
?>
I'm very new to php. I found some CMS like code for east text editing here on SO and now I'm trying to implement it on our micro site.
My problem is, that I want login error report to show on exact position on the page - just under the login button.
Can someone tell me how can I put that error report text whereever I want? I don't want to override it with CSS positioning.
In basic, I want to put that p class="error":
<?php
if (empty($_POST) && isset($_GET['action'])) {
$action = $_GET['action'];
switch ($action) {
case 'logout':
session_unset();
session_destroy();
break;
}
}
if (!isset($_SESSION['user'])) {
$user = '';
$pass = '';
if (isset($_POST['login'])) {
$user = strtolower(trim($_POST['user']));
$pass = $_POST['pass'];
$errors = array();
if ($user == '' || $user != '1') {
$errors['user'] = '';
}
if ($pass == '' || $pass != '1') {
$errors['pass'] = '';
}
if (empty($errors)) {
$_SESSION['user'] = $user;
} else {
echo '<p class="error">Insert correct ';
if (isset($errors['user']))
echo 'name';
if (count($errors) == 2)
echo ' a ';
if (isset($errors['pass']))
echo 'password';
echo '.</p>', "\n";
}
}
}
if (isset($_SESSION['user'])) {
$user = $_SESSION['user'];
?>
somewhere else in the whole code of my page. Do I need to cut out something from that php code, or do I need to write new part of code for that?
Thank you for you help, Matej
Instead of just doing 'echo' all over the place, which means you get output at the place where the PHP code is embedded in the page, set some flags/message variables to output later.
e.g.
<?php
$errors = false;
$msgs = '';
if (....) {
$errors = true;
$msgs = "something dun gone wrong";
}
?>
... various bits of your html go here ...
<?php if ($errors) { echo $msgs; } ?>
... more html here ...