Patrick
/
license-vpn
Слідкувати 1
В обрані 0
Форк 0
Код Проблеми 0 Запити на злиття 0 Релізи 0 Вікі Активність
VPN licensing server
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
2 Коміти
1 Гілка
94KB
Гілка: master
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з 'master'
${ noResults }
license-vpn/index.php

401 lines
12KB
Неформатований Постійне посилання Blame Історія 

  1. <?php 

  2. require "vendor/autoload.php";

  3. require "config.php";

  4. 

  5. 

  6. class LicenseRegistration {

  7.     private $db = null; 

  8.     private $m_request_body = "";

  9.     private $m_input = FALSE;

  10.     

  11.     function __construct() 

  12.     {

  13.         // Takes raw data from the request

  14.         $this->m_request_body = file_get_contents('php://input');

  15.         $this->m_input = json_decode(($this->m_request_body));

  16.         $this->db = new MeekroDB(DB_HOST, DB_USER, DB_PASS,DB_NAME); // from config file

  17.         //enable exception

  18.         $this->db->error_handler  = false;

  19.         $this->db->nonsql_error_handler = false; 

  20.         $this->db->throw_exception_on_error = true;

  21.         $this->db->throw_exception_on_nonsql_error = true;

  22. 

  23.     }

  24.     

  25.    

  26.     private function is_valid_input() 

  27.     {

  28.         //if it's not a valid json

  29.         if ( $this->m_input != FALSE && 

  30.              property_exists($this->m_input, "license") && 

  31.              property_exists($this->m_input, "mid")

  32.         ){

  33. 

  34.             if ( strlen($this->m_input->license) >= 10 &&

  35.                  strlen($this->m_input->mid) >=10 

  36.             ){

  37.                 return true; 

  38.             }

  39.             

  40.         }

  41.         $this->record_possible_hack();

  42.         return false; 

  43.     }

  44.     

  45.     private function is_legit_code() 

  46.     {

  47.         $code = $this->m_input->license;

  48.         $f = $this->db->query("SELECT * FROM volume WHERE code='$code'");

  49.         return count($f) == 1 ; 

  50.     }

  51.     

  52.     //record possible hack input

  53.     //save ip, date, request header, and invalid inputs

  54.     private function record_possible_hack()

  55.     {

  56.         $dump = new DumpHTTPRequestToString();

  57.         $req = $dump->execute(); 

  58.         $err = $this->db->insert("hack", array(

  59.             "ip" => $this->get_client_ip(),

  60.             "input" => $this->m_request_body,

  61.             "request" => $req

  62.         ));   

  63.     }

  64.     

  65.     private function fresh_registration()

  66.     {

  67.         $config = $this->get_license_config(); 

  68.         //inser it into database

  69.         $license = [

  70.             'code' => $this->m_input->license,

  71.             'mid' => $this->m_input->mid,

  72.             'seat' => 1,

  73.             'quota' => $this->get_license_quota() ,

  74.             'config' => intVal($config["id"]),

  75.             'enabled' => 1,

  76.             'ip' => $this->get_client_ip()

  77.         ];

  78.  

  79.         try {

  80.             $this->db->insert("register", $license);

  81.             $this->send_config($config, $license);

  82.         }catch (MeekroDBException $e){

  83.             $this->send_error("Failed to add registration, please try again later" );

  84.         }

  85.     }

  86.     

  87.     private function get_exact_match()

  88.     {

  89.         $code = $this->m_input->license;

  90.         $mid = $this->m_input->mid;

  91.         $match =  $this->db->query("SELECT * FROM register WHERE code='$code' AND mid='$mid';");

  92.         if (count($match) !=1 ){

  93.             return FALSE;

  94.         }else{

  95.             return $match[0]; 

  96.         }

  97.     }

  98.     

  99.     private function get_license_by_code()

  100.     {

  101.         $code = $this->m_input->license;

  102.         $matches =  $this->db->query("SELECT * FROM register WHERE code='$code';");

  103.         if (count($matches) < 1 ){

  104.             return FALSE;

  105.         }else{

  106.             return $matches;

  107.         }

  108.     }

  109.     

  110.     private function quota_available($matches)

  111.     {

  112.         return count($matches) < $this->get_license_quota(); 

  113.         

  114.     }

  115.     

  116.     private function allocate_seat($matches){

  117.         $seat = $this->find_empty_seat($matches); 

  118.         $config = $this->get_license_config(); 

  119.         

  120.         $license = array(

  121.             'code' => $this->m_input->license,

  122.             'mid' => $this->m_input->mid,

  123.             'seat' => $seat,

  124.             'quota' => $this->get_license_quota() ,

  125.             'config' => intVal($config["id"]),

  126.             'enabled' => 1,

  127.             'ip' => $this->get_client_ip()

  128.         );

  129.         try {

  130.             $this->db->insert("register",$license);

  131.             $this->send_config($config, $license);

  132.         }catch (MeekroDBException $e){

  133.             $this->send_error("Allocate Seats $seat failed");

  134.         }

  135.         

  136.           

  137.     }

  138.     

  139.     private function find_empty_seat($matches)

  140.     {

  141.         for ($i=1; $i <= $this->get_license_quota(); $i++) {

  142.             if ( $this->seats_occupied($matches, $i) ) 

  143.                 continue; 

  144.             return $i; 

  145.         }

  146.     }

  147.     

  148.     private function seats_occupied($matches, $seat)

  149.     {

  150.         for ($i=0; $i< count($matches); $i++){

  151.             if ( $matches[$i]["seat"] == $seat )

  152.                 return true; 

  153.         }

  154.         return false; 

  155.     }

  156.     

  157.     //main routine

  158.     public function start_registration() 

  159.     {

  160.         if (! $this->is_valid_input() ){

  161.             $this->send_error("Sorry, your input is invalid");

  162.             return; //stop everything 

  163.         }

  164. 

  165.         if (! $this->is_legit_code()) { 

  166.             $this->send_error("Sorry, Your license is not valid");

  167.             return; 

  168.         }

  169.             

  170.         //check mid see if a matched license code and mid already exist

  171.         $license = $this->get_exact_match(); 

  172.         if ( $license != FALSE ){ //we found the match both license-code and machine-id  

  173.             //get existing config

  174.             if ( $license['enabled'] == 1 ) {

  175.                 $existing_config = $this->get_config_by_id($license["config"]);

  176.                 $this->send_config($existing_config, $license);

  177.             }else{

  178.                 $this->send_error("Sorry, Your license is disabled"); 

  179.             }

  180.         }else{

  181.             $licenses = $this->get_license_by_code(); 

  182.             

  183.             if ( $licenses == FALSE ) {//not found

  184.                 $this->fresh_registration(); 

  185.             }else{//we found, existing records

  186.                 if ( $this->quota_available($licenses) ){ 

  187.                     $this->allocate_seat($licenses);

  188.                 }else{

  189.                     $this->send_error("Sorry, Your license has been fully allocated");

  190.                 }

  191.             }

  192.         }

  193.     }

  194.     

  195.     private function get_config_by_id($id)

  196.     {

  197.         $f= $this->db->query("SELECT * FROM servers WHERE id=$id");

  198.         return $f[0];

  199.     }

  200.     

  201.     private function send_config($config, $license) 

  202.     {

  203.         

  204.         $msg = "" ;

  205.         if ($license["quota"] >1){

  206.            $msg = "Seat " . $license["seat"] . "/" . $license["quota"] . " has been allocated to you";

  207.            

  208.         }else{

  209.             $msg = "Single user license registered sucessfully";

  210.         }

  211.         

  212.         $result= array(

  213.             "success" => true,

  214.             "type" => $config["type"], 

  215.             "host" => $config["host"],

  216.             "port" => $config["port"],

  217.             "username" => $config["user"],

  218.             "password" => $config["pass"], 

  219.             "license" => $license["code"],

  220.             "mid" => $license["mid"],

  221.             "proxyDNS" => true,

  222.             "enable" => true,

  223.             "errMsg" => $msg,

  224.             "link" => "https://hk-01.biukop.com/",

  225.             "linkText" => "Check My IP",

  226.         );

  227.         $myJSON = json_encode($result);

  228.         echo $myJSON; 

  229.     }

  230.     

  231.     private function send_error($msg){

  232.         echo $msg; 

  233.         die(); 

  234.     }

  235.     

  236.     private function decode_pass($encrypt)

  237.     {

  238.         $buf = base64_decode($encrypt);

  239.         if ( substr($buf, -3, 2) != "#!" )

  240.             return "invalid-encrypt";

  241.         

  242.         $magic_digit = intVal(substr($buf, 2 , 1)); 

  243.         $pass = substr($buf,5, -$magic_digit);

  244.         return $pass; 

  245.     }

  246.     

  247.     private function encode_pass($pass) {

  248.         // prefix: "xxyxx";  Y is digit

  249.         $magic_digit = $this->rand_digit();

  250.         $prefix = $this->build_prefix($magic_digit);

  251.         $suffix = $this->build_suffix($magic_digit);     

  252.         //surffix  yyyyy#!xx , max 9  

  253.         return base64_encode($prefix . $pass . $suffix);  

  254.     }

  255.         

  256.     private function rand_char() {

  257.         $pool="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789~!@#$%^&*()_+:{}|<>?[]\;,./";

  258.         $idx = rand(0, strlen($pool) -1 ); 

  259.         return substr($pool, $idx, 1);  

  260.     }

  261.     

  262.     private function rand_digit() {

  263.         return rand(3,9); 

  264.     }

  265.     

  266.     private function build_prefix($magic_digit) 

  267.     {

  268.         return $this->rand_char() . $this->rand_char() . 

  269.                    "$magic_digit" . 

  270.                $this->rand_char() . $this->rand_char();

  271.     }

  272.     

  273.     private function build_suffix($magic_digit)

  274.     {   //$magic_digit >=3

  275.         $suffix = "";

  276.         for ($i=1; $i<= $magic_digit-3; $i++) {

  277.             $suffix .= $this->rand_char();

  278.         }

  279.         $suffix .= "#!";

  280.         $suffix .= $this->rand_char(); 

  281.         return $suffix; 

  282.     }

  283.     

  284.     private function get_client_ip ()

  285.     {

  286.         //whether ip is from share internet

  287.         if (!empty($_SERVER['HTTP_CLIENT_IP']))

  288.         {

  289.             $ip_address = $_SERVER['HTTP_CLIENT_IP'];

  290.         }

  291.         //whether ip is from proxy

  292.         elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))

  293.         {

  294.             $ip_address = $_SERVER['HTTP_X_FORWARDED_FOR'];

  295.         }

  296.         //whether ip is from remote address

  297.         else

  298.         {

  299.             $ip_address = $_SERVER['REMOTE_ADDR'];

  300.         }

  301.         return $ip_address;

  302.     }

  303.     

  304.     private function get_license_quota()

  305.     {

  306.         $code = $this->m_input->license;

  307.         $f = $this->db->query("SELECT * FROM volume WHERE code='$code'");

  308.         return intVal($f[0]["max"]);

  309.     }

  310.     

  311.     private function get_license_config()

  312.     {

  313.         $code = $this->m_input->license;

  314.         $f = $this->db->query("SELECT * FROM servers WHERE code='$code'");

  315.         return $f[0];

  316.     }

  317.     

  318.     public function test_password() {

  319.         $encrypt = $this->encode_pass("superforex");

  320.         $pass1 = $this->decode_pass($encrypt);

  321.         $pass = $this->decode_pass("Y2Q1ZDFzdXBlcmZvcmV4MTIjITU=");

  322.         if ($pass != $pass1){

  323.             echo "wrong"; 

  324.         }

  325.     }

  326.     

  327.     public function test_license_quota() {

  328.         $this->m_input = new stdClass();

  329.         $this->m_input->license = "VOL-XDTG-ADQE-DQERG-QERFDA"; 

  330.         $six = $this->get_license_quota();

  331.         if ($six != 6)

  332.             echo "wrong: license quota"; 

  333.     }

  334.     

  335.     public function test_get_config() {

  336.         $this->m_input = new stdClass();

  337.         $this->m_input->license = "VOL-XDTG-ADQE-DQERG-QERFDA";

  338.         $config = $this->get_license_config(); 

  339.     }

  340.     

  341.     public function test_fresh_registration() {

  342.         $this->m_input = new stdClass();

  343.         $this->m_input->license = "VOL-XDTG-ADQE-DQERG-QERFDA";

  344.         $this->m_input->mid = "AFDAFDSAFDSAFSDAFSAFSDA";

  345.         $this->fresh_registration(); 

  346.         

  347.     }

  348.     

  349.     public function test_licenses() {

  350.         $this->m_input = new stdClass();

  351.         $this->m_input->license = "VOL-XDTG-ADQE-DQERG-QERFDA";

  352.         $this->m_input->mid = "2-AFDAFDSAFDSAFSDAFSAFSDA";

  353.         $this->start_registration(); 

  354.     }

  355.     

  356.     public function test() {

  357.         $this->m_input = new stdClass();

  358.         $this->m_input->license = "VOL";

  359.         $this->m_input->mid = "2-AFD";

  360.         $this->start_registration();

  361.     }

  362.     

  363. }

  364. 

  365. class DumpHTTPRequestToString {

  366.     public function execute() {

  367.         $data = sprintf(

  368.             "%s %s %s %s\n\nHTTP headers:\n",

  369.             $_SERVER['REQUEST_METHOD'],

  370.             $_SERVER['REQUEST_URI'],

  371.             $_SERVER['SERVER_PROTOCOL'],

  372.             $_SERVER['REMOTE_ADDR']

  373.             );

  374.         foreach ($this->getHeaderList() as $name => $value) {

  375.             $data .= $name . ': ' . $value . "\n";

  376.         }

  377.         $data .= "\nRequest body:\n" . file_get_contents('php://input');

  378.         return $data; 

  379.     }

  380.     private function getHeaderList() {

  381.         $headerList = [];

  382.         foreach ($_SERVER as $name => $value) {

  383.             if (preg_match('/^HTTP_/',$name)) {

  384.                 // convert HTTP_HEADER_NAME to Header-Name

  385.                 $name = strtr(substr($name,5),'_',' ');

  386.                 $name = ucwords(strtolower($name));

  387.                 $name = strtr($name,' ','-');

  388.                 // add to list

  389.                 $headerList[$name] = $value;

  390.             }

  391.         }

  392.         return $headerList;

  393.     }

  394. }

  395. 

  396. $bb = new LicenseRegistration();

  397. $bb->start_registration();

  398. //$bb->test(); 

  399. 

  400. ?>