Generic selectors
Exact matches only
Search in title
Search in content
Search in project

Remote PHP Account Connector

The Remote PHP Account Connector allows you to have your own PHP page that the Atavism server communicates with to verify an account login. This gives the option to use accounts from a website to allow login to your game.

Account Connector system expects to receive an account ID from the PHP code, so it will now look more like:


<?php

// CONNECTIONS =========================================================
mysql_connect("localhost", "db_user", "db_pass") or die("Cant connect into database");
mysql_select_db("db_name")or die("Cant connect into database");

$user = $_POST["user"];
$password = $_POST["password"];

function checkUser($user, $password) {
  $user_name = htmlspecialchars($user,ENT_QUOTES);

  // get user_name's hashed password from wordpress database
  $queryx = "select * from account_table where username='$user'";
  $Resultx = mysql_query($queryx);

  while($row = mysql_fetch_array($Resultx)){
     $passnya = $row['password'];
  }
  
  if ($password === $passnya) {
    echo $row['id'];
  } else {
    echo "-1";
  }
}

checkUser($user, $password);

// Close mySQL Connection
mysql_close();
?>

By putting a PHP file on your web server, filling in the database connection details, and changing the line:


$queryx = "select * from account_table where username='$user'";

to match your table name and column names you can verify accounts for login in Atavism.

Replacing the ‘id’ column name in “echo $row[‘id’];” to match the id column name in your accounts table.

In order to enable external authenticator, you should edit auth_server.py file in Atavism Server/bin directory uncomment few lines and adjust the value in connector.setUrl to point to your previously prepared PHP script.

connector = RemotePhpAccountConnector()
connector.setUrl("http://www.yourdomain.com/verifyAccount.php")
ms.setRemoteConnector(connector)

WordPress integration example

<?php
//CONNECTION INFORMATION - Change HOSTNAME, DBUSERNAME, DBUSERPASSWORD & DBNAME accordingly, advisable to make a new user with read only access to the WordPress DB for this.
$con = mysqli_connect("HOSTNAME", "DBUSERNAME", "DBUSERPASSWORD") or die("Cant connect into database");
$con->select_db("DBNAME")or die("Cant connect into database");

//VARIABLES - Do NOT change anything of this
$email = $_POST["user"];
$password = $_POST["password"];

function checkCustomer($con, $email, $password) {
  error_log("checking customer: " .$email);
  $SQL = "SELECT id, user_pass FROM USERTABLENAME WHERE user_email = '" .$email ."' or user_login = '" .$email ."'"; //Change USERTABLENAME to your Users Table Name from WordPress DB
  $result_id = $con->query($SQL) or die("Cannot invoke SQL command");
  $total = $result_id->num_rows;
  if ($total) 
  {
    require_once $_SERVER['DOCUMENT_ROOT'] . '/wp-includes/class-phpass.php';
    $data = mysqli_fetch_array($result_id);
    error_log("Got account with password: " .$data['user_pass']);
    $wp_hasher = new PasswordHash(8, TRUE);
    $password_hashed = $data['user_pass'];
    $plain_password = $password;
    if ($wp_hasher->CheckPassword($plain_password, $password_hashed))
    {
    echo $data['id'];
    } 
    else 
    { 
    echo "-1";
    }
  }
}
checkCustomer($con, $email, $password);
?>

Possible return parameter for External PHP Authenticator, to handle other messages like:

  • -1: invalid credentials;
  • -2: banned;
  • -3: no access.