api.php

<?php
// Client's endpoint for matters outside of a particular HeroWO game: obtaining list of maps, creating a new multi-player game, etc. Serves client's requests. Starts a Server-Sent Events server ("meta-server" in relation to HeroWO Node "servers").
//
// You may include api.php as a library but do not call do_...() functions
// in this case.

$keepCWD = true;
$apiTakeOver = count(get_included_files()) < 2;
require_once __DIR__.'/core.php';

spl_autoload_register(function ($class) {
  if (ltrim($class, 'A..Za..z0..9\\') === '' and !strncmp('Phiws\\', $class, 6)) {
    require_once __DIR__.'/Phiws/'.strtr($class, '\\', '/').'.php';
  }
});

// We could require databank/core.php but we only need this constant and it's
// better to keep code of databank and game client separate in case they do
// have to be separated in the future (e.g. to move to another repository).
preg_match('~^  const FORMAT_VERSION = (\\d+);~mu',
           file_get_contents(__DIR__.'/databank/core.php'), $match);
define('FORMAT_VERSION', (int) $match[1]);

// api.php supports two interfaces: HTTP and CLI.
define('CLI', !strncmp(PHP_SAPI, 'cli', 3));

//Phiws\Logger::defaultMinLevel('info');
//Phiws\Loggers\InMemory::$dumpOnShutdown = true;

$dpp = new Phiws\Plugins\DataProcessorPicker;
$dpp->proc(Phiws\DataProcessors\BufferAndTrigger::class)->whenIsText();
Phiws\BaseTunnel::globalPlugins([new Phiws\Plugins\UserAgent, $dpp]);

// For HeroWO, GoingAway is a normal termination but Phiws treats
// non-NormalClosure as a warning (BaseTunnel->sendClose()), spamming in the log.
class Drop extends Phiws\StatusCodes\NormalClosure {
  const CODE = Phiws\StatusCodes\GoingAway::CODE;
  const TEXT = Phiws\StatusCodes\GoingAway::TEXT;
}

class PublicException extends Exception {}

// Called if api.php is the main script invoked by HTTP or CLI, not as library.
function apiTakeOver(array $argv) {
  try {
    if (CLI) {
      define('ADMIN', true);

      $do = $argv[1] ?? '';
      $request = json_decode($argv[2] ?? '[]', true);

      if (!is_array($request) and is_file($file = __DIR__.'/noXXXep/noXXXep.php')) {
        try {
          include_once $file;
          $request = json_decode(noXXXep::extractJSON($argv[2]), true);
        } catch (Throwable $e) {}
      }

      if (!is_array($request)) {
        throw new Exception("Cannot parse arguments $argv[2]: ".json_last_error_msg());
      }
    } else {
      $request = $_REQUEST;

      $do = $request['do'] ?? null;
      unset($request['do']);

      define('ADMIN', isset($request['admin']) and hash_equals(keyValue('admin'), $request['admin']));
      unset($request['admin']);

      header('Content-Type: text/plain; charset=utf-8');
      // No reason to support preflighted requests.
      header('Access-Control-Allow-Origin: *');
    }

    function_exists($func = "do_$do") or $func = 'do_help';
    $json = $func($request);

    if ($json !== null) {
      header('Content-Type: application/json; charset=utf-8');
      echo encodeJsonLine($json);
    }
  } catch (Throwable $e) {
    $public = $e instanceof PublicException;
    $code = $public ? $e->getCode() ?: 400 : 500;
    http_response_code($code);

    if ($admin = (defined('ADMIN') and ADMIN) or $public) {
      $admin or $e = $e->getMessage();
      // We don't know which Content-Type was emitted so making it HTML-safe,
      // at the same time allowing better human readability in case it's plain/text.
      CLI ? fwrite(STDERR, $e.PHP_EOL) : print("<pre>\n".str_replace('<', '&lt;', $e));
    } else {
      try {
        mailAdmin('apiex', get_class($e).' in api.php', $e);
      } catch (Throwable $e) {}
    }
  }

  $code = http_response_code();
  if (CLI) {
    if ($code >= 200 and $code < 300) {
      $code > 200 and fwrite(STDERR, 'Exit code: '.$code.PHP_EOL);
      $code = 0;
    }
    exit($code);
  } elseif ((!$code or $code === 200) and !headers_sent() and !ob_get_length()) {
    http_response_code(204);
  }
}

// Returns value for configuration parameter $key.
function keyValue($key) {
  global $keyValueOverrides;

  $res = $keyValueOverrides[$key] ?? null;
  if (isset($res)) {
    return $res;
  }

  $key = pdo()->quote($key);
  $res = pdo("SELECT value FROM keyValues WHERE `key` = $key");

  if (!$res) {
    throw new Exception("Undefined keyValues key: $key");
  }

  return $res->value;
}

// Common CSS styles for HTML pages generated by api.php.
function apiStylesheet() {
  return <<<CSS
    body { background: #fafafa; font-family: sans-serif; }
    .hi, mark { background: orange; }
    .lo, th { background: #eee; }
    /* For td.hi color the border so adjacent td.lo's outline looks nicer. */
    .hi { border-color: orange; }
    .lo { outline: 0.06em solid orange; outline-offset: -0.06em; }
    table { margin: 1em 0; background: white; border-collapse: collapse; }
    th, td { border: .06em solid #ddd; padding: .25em .5em; }
CSS;
}

// Fails if $path doesn't exist.
function realpathOrFail($path) {
  if ($path = realpath($path)) {
    return $path;
  } else {
    throw new Exception("Path does not exist: $path");
  }
}

// Returns array with info about a map uploaded using maps.php (in particular, statistics like last play time).
//
// $mapPath must be safe. Does not clear stat/realpath caches.
//
// Trivia: PHP has 3 types of caches relevant to our cause: stat() cache
// (per-request; affects functions like include and filemtime()), "realpath"
// cache (per-process; affects the same file functions; holds only 'is_dir' and
// 'realpath' values as seen in realpath_cache_get()) and opcache (per-process;
// affects include).
//
// Do opcache_invalidate() before reading data *.php files (upload.php).
// Do clearstatcache() before reading attributes of a file whose attributes
// were already read during this request. Ignore realpath cache for simplicity
// because we do not expect symlinks among our data files.
//
// Thankfully, opcache_invalidate() does not rely on stat cache so there's no need
// to clearstatcache() before calling it even if the file's time has changed.
function uploadInfo($mapPath) {
  $file = "$mapPath/upload.php";
  // Doesn't want canonicalized path, unlike clearstatcache().
  function_exists('opcache_invalidate') and opcache_invalidate($file);
  try {
    return include $file;
  } catch (Throwable $e) {}
}

// Connects to the database holding api.php configuration and other stuff.
function pdo($query = null) {
  static $pdo;
  static $driver;

  if (!$pdo) {
    // This file needs to be created for every installation. For development and
    // (very) small servers, zero-configuration SQLite database is the best
    // choice (but ensure this file cannot be downloaded via the web server!).
    //
    //   <?php return new PDO('sqlite:/var/herowo.sqlite');
    //
    // If you experience lockups (such as do=watchdog pausing when you are
    // browsing do=dashboard), switch to a proper engine of your choice.
    // HeroWO's SQL usage is rudimentary and easily portable, albeit there is
    // no such thing as standard SQL.
    //
    //   <?php return new PDO('mysql:host=localhost;dbname=herowo');
    //
    // You can also override some `keyValues` such as based on request data:
    //
    //   $keyValueOverrides['production'] = $_SERVER['HTTP_HEADER'] ...;
    //
    // Note: CWD inside this script may have arbitrary value.
    $pdo = require __DIR__.'/api-db.php';
    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

    $driver = $pdo->getAttribute(PDO::ATTR_DRIVER_NAME);
    $driver === 'sqlite' and $pdo->exec('PRAGMA foreign_keys = ON');

    // Known keyValues keys:
    // - admin - the ?admin=SECRET value
    // - path - HeroWO WebSocket server -path (e.g. "v1")
    // - sseURL - space-separated public-facing URLs of meta-servers' EventSource;
    //   relative; any valid URL (allows https://, ?query, etc.)
    // - maps - path to the directory with HeroWO maps, relative to __DIR__;
    //   on Windows, must not resolve to a drive root ("C:\") because it will
    //   have "\" appended, breaking our realpath detection ("C:\\");
    //   map folders will have upload.php files that the webserver should
    //   not serve to clients
    // - mapsURL - space-separated public URL prefixes, relative;
    //   use multiple to load-balance (client receives one depending on IP)
    // - databanks - like maps but points to the directory with db-ver/*.json
    // - databanksURL - space-separated public URL prefixes; relative
    // - databank - subfolder in databanks|URL; for converting maps and for MainMenu
    // - apiURL - public URL to api.php; relative
    // - production - 1 = online server for end users; 0 = local development
    //   machine; -1 = online server for modders; both 0 and -1 allow custom
    //   modules, use non-minified build, etc. but 0 additionally preloads
    //   databank styles (see index.php)
    //
    // "Relative" URLs are relative to folder URL of api.php/index.php/maps.php.
    //
    // On the webserver's side, enable gzip on sseURL, mapsURL and databanksURL. Brotli
    // gives better compression but may be slower. For mapsURL/databanksURL,
    // enable CORS via A-C-A-O if they are not on index.php's domain.
    // databanksURL is also used for static files (DEF-PNG, etc.); they don't
    // require CORS except for audio files (if WebAudio is used) and
    // $databanksURL/$databank/herowo.min.js (due to <script crossorigin>).
    //
    // It is worth placing maps and databanks folders onto a transparently
    // compressing FS since they consist of very large JSONs that can be
    // compressed down to <5%. BTRFS and ZFS are good options:
    //
    //   mount -o compress-force=zstd /dev/$btrfs /var/herowo/maps
    //
    // Use compsize to see compression statistics. If zstd is unavailable or
    // slow, try lzo (its compression ratio is about 2X worse than zstd's).
    //
    // If you have many duplicate maps (possibly because users upload them),
    // see if deduplication helps (it may have no or negative effect because
    // of inflated file meta-data). BTRFS only supports on-demand deduplication;
    // you can cron duperemove to trigger it:
    //
    //   duperemove -rd /var/herowo/maps
    //
    // If you allow map uploads (maps.php), set PHP's sys_temp_dir to a similar
    // FS, or to a ZRAM disk if you have a lot of RAM:
    //
    //   modprobe zram
    //   zramctl -f -s 8G
    //   mkfs.xfs /dev/zram0
    //   mount /dev/zram0 /var/herowo/tmp
    //
    // Run zramctl to see disk info. Note: ZRAM won't allow writing files whose
    // total uncompressed size is more than -s bytes. In other words, -s is not
    // the limit on RAM used. On the other hand, BTRFS' limit is expectedly
    // calculated from compressed size (i.e. actually stored blocks on disk).
    //
    // Rarely accessed maps (backups) can be converted to a binary format. For
    // example, CBOR takes 25% of non-pretty printed JSON. Compressing CBOR is
    // also advantageous (gzip gives 80% of the same compressed JSON).

    $INSERT_OR_IGNORE = pdo('INSERT OR IGNORE');
    $RANDOM_SECRET = pdo('RANDOM SECRET');
    $AUTOINCREMENT = pdo('AUTOINCREMENT');

    $sql = <<<SQL
      CREATE TABLE IF NOT EXISTS keyValues (
        `key` VARCHAR(50) NOT NULL PRIMARY KEY,
        value TEXT
      );

      $INSERT_OR_IGNORE INTO keyValues (`key`, value)
      VALUES
        ("admin", $RANDOM_SECRET),
        ("path", "v1"),
        ("sseURL", "http://127.0.0.1:8080"),
        ("maps", "maps"),
        ("mapsURL", "maps/"),
        ("databanks", "databanks"),
        ("databanksURL", "databanks/"),
        ("databank", "sod"),
        ("apiURL", "api.php"),
        ("production", 0);

      CREATE TABLE IF NOT EXISTS secrets (
        target VARCHAR(50) NOT NULL,
        id VARCHAR(50) NOT NULL,
        secret TEXT NOT NULL,
        algorithm TEXT,
        tagLength INT,

        PRIMARY KEY (target, id)
      );

      CREATE TABLE IF NOT EXISTS servers (
        id VARCHAR(50) NOT NULL PRIMARY KEY,
        secret TEXT NOT NULL,
        maxMemory INT NOT NULL,
        accepting INT,

        host VARCHAR(250) NOT NULL,
        port INT NOT NULL,
        secure INT,

        serverStatsTime REAL,
        totalClients INT,
        lingering INT,
        connected INT,
        special INT,
        pending INT,
        lobby INT,
        games INT,
        memory INT,
        pid INT,
        uptime INT,

        UNIQUE (host, port)
      );

      CREATE TABLE IF NOT EXISTS lobby (
        server VARCHAR(50) NOT NULL,
        pin VARCHAR(50) NOT NULL,
        context TEXT NOT NULL,
        time INT NOT NULL,

        PRIMARY KEY (server, pin)
      );

      CREATE TABLE IF NOT EXISTS chat (
        rowid $AUTOINCREMENT,
        data MEDIUMTEXT NOT NULL
      );
SQL;

    // With SQLite, exec() works with semicolon-separated statements but I'm not
    // sure how portable it is with other drivers.
    foreach (explode(';', $sql) as $sql) {
      trim($sql) and $pdo->exec($sql);
    }
  }

  static $tokens = [
    'INSERT OR IGNORE' => [
      'sqlite' => 'INSERT OR IGNORE',
      'mysql' => 'INSERT IGNORE',
    ],
    'INSERT OR REPLACE' => [
      'sqlite' => 'INSERT OR REPLACE',
      'mysql' => 'REPLACE',
    ],
    'RANDOM SECRET' => [
      'sqlite' => 'HEX(RANDOMBLOB(8))',
      'mysql' => 'HEX(RANDOM_BYTES(8))',
    ],
    'AUTOINCREMENT' => [
      'sqlite' => 'INTEGER PRIMARY KEY AUTOINCREMENT',
      'mysql' => 'INT AUTO_INCREMENT PRIMARY KEY',
    ],
  ];

  if ($query === null) {
    return $pdo;
  } elseif ($token = $tokens[$query] ?? null) {
    return $token[$driver];
  } else {
    $stmt = $pdo->query($query);
    $res = $stmt->fetchObject();
    $stmt->closeCursor();
    return $res;
  }
}

function do_help(array $request) {
  $dos = [];

  foreach (get_defined_functions()['user'] as $func) {
    strncmp($func, 'do_', 3) or $dos[] = substr($func, 3);
  }

  sort($dos);
  $dos = join(PHP_EOL.'  ', $dos);

  http_response_code(405);

  echo <<<HELP
php api.php ACTION [ '{"arg": "uments"}' ]
http://.../api.php?admin=SECRET&do=ACTION&arg=uments

Known ACTION's:
  $dos
HELP;

  if (ADMIN) {
    $secret = keyValue('admin');
    echo "\n\nSECRET = $secret";
  }

  if (CLI and !strncasecmp(PHP_OS, 'win', 3)) {
    echo "\n\nMake sure to triple \"s in Windows CLI (tailing \" is optional):";
    echo "\n", '  php api.php keyValue "{"""newAdmin""": """SECRET"""}"';
  }

  if (is_file(__DIR__.'/noXXXep/noXXXep.php')) {
    echo "\n\nAlternative syntax available (noXXXep's Easy JSON):";
    echo "\n", '  php api.php keyValue "{newAdmin: SECRET}"';
  }

  echo PHP_EOL;
}

function do_mail(array $request) {
  if (!ADMIN) {
    throw new PublicException('Admin only.', 403);
  }

  mailAdmin($request['id'] ?? 'api', $request['title'] ?? 'api.php mail', $request['body']);
}

// [ {"set": "val", "set2": ...} ]
//
// Use the "newAdmin" key to change the ?admin's secret.
function do_keyValue(array $request) {
  if (!ADMIN) {
    throw new PublicException('Admin only.', 403);
  }

  if (isset($request['newAdmin'])) {
    $request['admin'] = $request['newAdmin'];
    unset($request['newAdmin']);
  }

  if ($request) {
    $sql = [];

    foreach ($request as $key => $value) {
      $sql[] = ' ('.pdo()->quote($key).', '.pdo()->quote($value).')';
    }

    $sql = pdo('INSERT OR REPLACE')." INTO keyValues (`key`, value) VALUES ".join(',', $sql);
    pdo()->exec($sql);
  }

  $query = pdo()->query('SELECT `key`, value FROM keyValues ORDER BY `key`');

  while ($row = $query->fetchObject()) {
    printf('%20s %s= %s%s',
      $row->key,
      array_key_exists($row->key, $request) ? ':' : ' ',
      $row->value,
      PHP_EOL);
  }
}

// php api.php server {"id": "erathia", "secret": "H0tA", "maxMemory": 64, "host": "1.2.3.4"}
//
// api.php?do=server&admin=c001b00b5&id=erathia&accepting=1
function do_server(array $request) {
  if (!ADMIN) {
    throw new PublicException('Admin only.', 403);
  }

  if ($request) {
    // PDO casts execute() arguments to strings (PARAM_STR) so false becomes ''.
    // Most engines won't convert it to INT and will error (except SQLite which
    // will simply store '' as a string).
    isset($request['accepting']) and $request['accepting'] *= 1;
    isset($request['secure'])    and $request['secure'] *= 1;

    $exists = pdo('SELECT 1 FROM servers WHERE id = '.pdo()->quote($request['id']));

    if ($exists) {
      $values = array_intersect_key($request, array_flip(['secret', 'maxMemory', 'accepting', 'host', 'port', 'secure']));
      $fields = join(', ', preg_replace('/$/', ' = ?', array_keys($values)));
      $stmt = pdo()->prepare("UPDATE servers SET $fields WHERE id = ?");
      $stmt->execute(array_merge(array_values($values), [$request['id']]));
      $stmt->closeCursor();
    } else {
      $request += ['port' => 8081, 'accepting' => -1];
      $request += ['secure' => (int) ($request['port'] === 443)];
      $stmt = pdo()->prepare('INSERT INTO servers (id, secret, maxMemory, accepting, host, port, secure) VALUES (?, ?, ?, ?, ?, ?, ?)');
      $stmt->execute([$request['id'], $request['secret'], $request['maxMemory'], $request['accepting'], $request['host'], $request['port'], $request['secure']]);
      $stmt->closeCursor();
      http_response_code(201);
    }
  }

  $query = pdo()->query('SELECT * FROM servers ORDER BY id');

  while ($row = $query->fetchObject()) {
    printf('%-15s %s  %3s: up=%s mem=%d/%dM conn=%d lobby=%d games=%d PID=%d %s',
      $row->id,
      [-1 => '#', '-', '+'][$row->accepting],
      ($diff = microtime(true) - $row->serverStatsTime) > 3600 ? round($diff / 3600).'h' : round($diff),
      $row->uptime > 12 * 3600 ? round($row->uptime / 3600 / 24).'d' : round($row->uptime / 3600, 1).'h',
      $row->memory,
      $row->maxMemory,
      $row->connected,
      $row->lobby,
      $row->games,
      $row->pid,
      PHP_EOL);

    printf('%18s  %s%s',
      wss($row),
      $row->secret,
      PHP_EOL);
  }
}

// [ {"target": "save|replay", "id": "20220411", "secret": "abc..."} ]
function do_secret(array $request) {
  if (!ADMIN) {
    throw new PublicException('Admin only.', 403);
  }

  if ($request) {
    $algo = $request['algorithm'] ?? ($request['target'] === 'replay' ? 'sha256' : 'aes-256-gcm');
    if (!strncasecmp($algo, 'aes', 3) and strlen($request['secret']) !== $len = openssl_cipher_iv_length($algo)) {
      throw new Exception("secret must be exactly $len bytes for $algo, not ".strlen($request['secret']));
    }
    $stmt = pdo()->prepare(pdo('INSERT OR REPLACE').' INTO secrets (target, id, secret, algorithm, tagLength) VALUES (?, ?, ?, ?, ?)');
    $stmt->execute([$request['target'], $request['id'], $request['secret'], $algo, $request['tagLength'] ?? 16]);
    $stmt->closeCursor();
  }

  $query = pdo()->query('SELECT * FROM secrets ORDER BY target, id');

  while ($row = $query->fetchObject()) {
    printf('%-8s %10s %s= %-32s (%s, tag %d)%s',
      $row->target,
      $row->id,
      ($row->target === ($request['target'] ?? '') and $row->id === $request['id'])
        ? ':' : ' ',
      $row->secret,
      $row->algorithm,
      $row->tagLength,
      PHP_EOL);
  }
}

class JsonrpcException extends Exception {}

abstract class JsonrpcData extends Phiws\StatefulPlugin {
  const LOGIN = 1;

  static function request($cx, $id, $method, array $params = []) {
    $jsonrpc = '2.0';
    $data = compact('jsonrpc', 'method', 'params');
    isset($id) and $data['id'] = $id;
    $cx and $cx->queueJsonData($data);
    return $data;
  }

  function events() {
    return ['bufferedFrameComplete'];
  }

  function bufferedFrameComplete($cx, $applicationData = null, $extensionData = null) {
    $resp = json_decode($applicationData->readAll());
    $this->request($cx, null, 'ack', ['id' => $resp->id]);

    if (($resp->event ?? null) === 'jsonrpc') {
      $batch = is_array($resp->data) ? $resp->data : [$resp->data];

      foreach ($batch as $data) {
        if (($data->jsonrpc ?? null) !== '2.0') {
          throw new JsonrpcException('Bad jsonrpc value: '.($data->jsonrpc ?? null));
        }

        if (property_exists($data, 'error')) {
          throw new JsonrpcException($data->error->message ?? 'Unspecified error.', $data->error->code ?? 0);
        }
      }

      $this->jsonrpcBatch($cx, $batch);
    }
  }

  // Is allowed to throw.
  //
  // Members in $batch were validated for JSON-RPC format and lack of 'error'.
  // They may go in any order, not necessary in the original request's order.
  protected function jsonrpcBatch($cx, array $batch) {
    foreach ($batch as $data) {
      switch ($data->id) {
        default:
          $this->jsonrpc($cx, $data->id, $data->result);
        case static::LOGIN:   // commonly used so handled in the base class
      }
    }
  }

  // Is allowed to throw.
  abstract protected function jsonrpc($cx, $id, $result);
}

// Returns fully-qualified URL of the WebSocket $server (row from servers table).
function wss(stdClass $server) {
  return sprintf('%s://%s:%d/%s',
    $server->secure ? 'wss' : 'ws',
    $server->host,
    $server->port,
    keyValue('path'));
}

// Returns a new Phiws\Client instance connected to $server (row from servers table).
function connectTo(stdClass $server) {
  $addr = new Phiws\ServerAddress($server->host, $server->port);
  $addr->secure($server->secure);
  $addr->path(keyValue('path'));

  $client = new Phiws\Client;
  // Subject to minLevel().
  CLI and $client->logger()->echoMode(true);
  $client->connect($addr);

  return $client;
}

// crontab -e
// @daily /bin/bash -c 'php /.../api.php dashboard | sendmail root@localhost'
function do_dashboard(array $request) {
  if (!ADMIN) {
    throw new PublicException('Admin only.', 403);
  }

  $loHiClass = function ($value, $min, $max = PHP_INT_MAX) {
    return $value < $min ? 'lo' : ($value > $max ? 'hi' : null);
  };

  $loHi = function ($value) use ($loHiClass) {
    return ' class="'.$loHiClass(...func_get_args()).'">'.
           htmlspecialchars($value ?? '');
  };

  $ago = function ($seconds) {
    return $seconds === null    ? '' :
          ($seconds < 50        ? round($seconds, 1) :
          ($seconds < 50 * 60   ? round($seconds / 60).'m' :
          ($seconds < 24 * 3600 ? round($seconds / 3600).'h' :
                                  round($seconds / 24 / 3600).'d')));
  };

  $isListening = function ($host, $port) {
    $time = microtime(true);
    try {
      fclose(fsockopen($host, $port, $errno, $error, 2));
      $open = true;
    } catch (Throwable $e) {}
    return [!empty($open), microtime(true) - $time];
  };

  // Diagona Icons (CC-BY 3.0) | pinvoke.com | https://p.yusukekamiyamane.com
  // oxipng -omax --strip all -a -Z 16/148.png 16/152.png 16/156.png
  $icons = [
    'red' => 'iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAAgVBMVEX/////qoj/ZkT9Y0H5Xz3/VTPSKQfOJQPMIgD/ZkT2WjjVLgzMIgD/qoj/pYP/n33/l3X9k3H/jmz+h2X/hGL7fVv/e1n/cU//aEb/ZkT9Y0H/YD75Xz3/Wjj/VTPxVDL0TiztTizqRyXoRyXjQR/nPRveOhjaNBLSKQfOJQPMIgBY0iR1AAAADXRSTlMAAAAAAAAAAAC/v7+/XtiDwwAAAHJJREFUeNplyAMSA0EABdG1bVuT+x8wP9zBK3W1JFIUxa7fbCSGKjep/5Y2soqhdXHwFXcahpOHf7mDMUaUEWNOKDPGmlFWjK2gbBhHSTkwzopyYrhL+7e4GMY19V/TZWCYOtmHt53oJoZlWd7jzUNKgieViBAPbN/HxwAAAABJRU5ErkJggg==',
    'green' => 'iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAAyVBMVEX///+I7ohVu1VEqkRCqEI+pD4XfRcTeRMRdxFEqkQ7oTsagBoRdxFCqEI+pD4XfRcTeRNEqkQ2nDYfhR8RdxFEqkQymDIjiSMRdxFHrUdApkAfhR8YfhiI7oiF64WB54F84nx43nh33Xd123Vy2HJv1W9u1G5ozmhnzWdhx2FexF5WvFZVu1VUulRTuVNSuFJRt1FPtU9Ns01LsUtKsEpIrkhHrUdGrEZFq0VEqkQ8ojw7oTs5nzkzmTMwljAtky0ojigjiSMRdxHZiKCbAAAAHXRSTlMAAAAAAAAAAAAqKioqZWVlZYKCgoLOzs7O5+fn58De1a8AAACrSURBVHjaZMgDcsUAAAbhZztGGdt27n+o/rV2tPNN/jefz7dXqiio6xYLWEyPnPF0d/dkcMfpArA8RfL9W3J0WgJ2vPrwkcrvADf78Sv7BqB16fkjSacBnZf6pqYomumnXgfog7r5qA56AGOl1UepxQCI0kuKtxKvJAB7IXaDEAVuLOwBq/OQ2Y7rOnY2nFeA9ewitrlt5614ma0Bm83mQLLjyJIH7MswPQ8AhSAbM24sPI8AAAAASUVORK5CYII=',
    'yellow' => 'iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAA1VBMVEX/////zGb/mQD9lwD5kwDSbADOaADMZgD/mQD2kADVbwDMZgD9lwD5kwDSbADOaAD/mQDxiwDadADMZgD/mQDthwDeeADMZgD9mwf3lAbYcgHRawD/zGb/yWD/xVj/wE//wE7/u0T/ukL9ukb9t0D+szf7rzT9rjH+ri36pyf3oiP3nhr2nhz6nRL2nBb7mwv5mw/+mgb9mgX/mQD9mQX5mAn5lwn0lxP2lQv1lQ30kwr0kwnzjwTzjQDxjQXwjQXqigruiADoggDkfgDjfQDadQHMZgD4TUsyAAAAHHRSTlMAAAAAAAAAACoqKiplZWVlgoKCgs7Ozs7n5+fnGavOOgAAAK1JREFUeNpkyANyBAEABdGsbVtj29b9j5QfY7vU9V6eq9fr3elS15fTLhbQqA23zPV4vDLbYa0BaI7Ex+m9hzhqAno74vwZsesBZtzlO24GWFH322d3agXIBFtgaZKkWUwGKKQ4/SyWCsCad6PPXH4NmCeK47/nKMkc0N97smkhU/b2fUBrXAaqZhiaGpTjFqBdnxzyUNfD/DCptwGdTmew2FTV68SFuYFMTM8DAG1rG4nL3dGaAAAAAElFTkSuQmCC',
  ];

  $secret = keyValue('admin');
  $path = '/'.keyValue('path');
  $keyValues = pdo()->prepare('SELECT `key`, value FROM keyValues ORDER BY `key`');
  $servers = pdo()->prepare('SELECT * FROM servers ORDER BY id');
  $onlineServersStmt = pdo()->prepare("SELECT COUNT(1) FROM servers WHERE accepting = 1 AND serverStatsTime > ? - 1.0");
  $serverTotalsStmt = pdo()->prepare('SELECT SUM(lingering) lingering, SUM(connected) connected, SUM(lobby) lobby, SUM(games) games FROM servers');

  if (empty($request['sse'])) {
    header('Content-Type: text/html; charset=utf-8');
?>
<!DOCTYPE html>
<html>
  <head>
    <title>HeroWO Servers Dashboard</title>

    <style>
      <?=apiStylesheet()?>

      body:not(.sse_timeout) .sse__timeout { display: none; }
      .sse__timeout { background: orange; padding: 1em; }
      .accepting_0 { outline: 0.06em solid orange; text-decoration: line-through; }
      .online_0 { background: #eee; }
      [colspan] > * { margin-right: 1em; }
    </style>
  </head>
  <body>
    <script>
      function sseInfo(url) {
        ;(new EventSource(url))
          .addEventListener('full', function (e) {
            this.close()

            // Use Firefox to see the result nicely formatted.
            var win = open('data:application/json;charset=utf-8,' + encodeURIComponent(e.data))

            if (!win) {
              alert('Got spanked by your browser for trying to open a new tab with statistics.')
            } else if (navigator.userAgent.match(/WebKit/)) {
              // Chrome seems to always open about:blank from open() or <a>
              // even though it works if you type in the URL directly.
              win.document.write('<pre style="white-space: pre-wrap">')
              win.document.write(e.data
                .replace(/&/g, '&amp;')
                .replace(/</g, '&lt;'))
              win.document.close()
            }
          })
      }

      // Don't change HTML while user is clicking to avoid ignoring that click
      // or making selection impossible.
      var down
      document.body.addEventListener('mousedown', function () { down = true })
      document.body.addEventListener('mouseup',   function () { down = false })

      addEventListener('DOMContentLoaded', function () {
        var ping = 0
        var es

        setInterval(function () {
          if (ping + 10000 < Date.now()) {
            document.body.classList.add('sse_timeout')
            down = false
            es.close()
            start()
          }
        }, 10000)

        function start() {
          es = new EventSource(<?=escapeHtmlScriptJSON(encodeJsonLine('?'.http_build_query(['do' => 'dashboard', 'admin' => $secret, 'sse' => true])))?>)

          es.onmessage = function (e) {
            if (!down) {
              ping = Date.now()
              document.body.innerHTML = e.data
              document.body.classList.remove('sse_timeout')
            }
          }
        }

        start()
      })
    </script>
<?php
  } else {
    header('Content-Type: text/event-stream; charset=utf-8');
    header('X-Accel-Buffering: no');

    ob_start(function ($buf, $phase) {
      $buf = 'data:'.str_replace("\n", "\ndata:", $buf);
      // NB: strange stuff, PHP_OUTPUT_HANDLER_WRITE == 0 but how can such a
      // value be part of a bitmask?
      if ($phase & PHP_OUTPUT_HANDLER_FLUSH) {
        // End of SSE message. It's okay if we accidentally emit more than two
        // consecutive \n.
        $buf .= "\n\n";
      }
      return $buf;
    });
  }

  for ($iteration = +empty($request['sse']) ?: -1; $iteration--; ) {
    if ($iteration !== 0 /*first non-?sse=1 iteration*/ and $iteration !== -2 /*first ?sse*/) {
      sleep(1);
    }
    $time = microtime(true);
    $onlineServersStmt->execute([$time]);
    $onlineServers = $onlineServersStmt->fetchColumn();
    $onlineServersStmt->closeCursor();
    $serverTotalsStmt->execute();
    $serverTotals = $serverTotalsStmt->fetchObject();
    $serverTotalsStmt->closeCursor();
?>
  <p class="sse__timeout">
    Data on this page is stale because the server
    is taking too long to send an update.
  </p>

  <h2>Key/Values</h2>

  <table>
    <?php $keyValues->execute()?>
    <?php while ($row = $keyValues->fetchObject()) {?>
      <tr>
        <th><?=htmlspecialchars($row->key)?></th>
        <td><?=htmlspecialchars($row->value)?></td>
      </tr>
    <?php }?>
  </table>

  <h2>Servers</h2>

  <table>
    <tr>
      <th>Game Servers</th>
      <th>Lobbies</th>
      <th>Games</th>
      <th>Game Clients</th>
      <th>SSE Clients</th>
    </tr>
    <tr>
      <td <?=$loHi($onlineServers, 3)?></td>
      <td <?=$loHi($serverTotals->lobby, 3, 10)?></td>
      <td <?=$loHi($serverTotals->games, 3, 10)?></td>
      <td class="<?=$loHiClass($serverTotals->connected + $serverTotals->lingering, 5, 20)?>">
        <?=htmlspecialchars("$serverTotals->connected+$serverTotals->lingering")?>
      </td>
      <?php
        $offline = $slow = false;
        $counts = [];

        foreach (explode(' ', keyValue('sseURL')) as $i => $url) {
          $addr = parse_url($url);
          $secure = $addr['scheme'] === 'https';
          $addr += ['port' => $secure ? 443 : 80];
          [$online, $est] = $isListening($addr['host'], $addr['port']);
          $offline |= !$online;
          $slow = $est > 0.1;
          $counts[] = '?';

          if ($online) {
            try {
              $f = fsockopen($addr['host'], $addr['port'], $error, $errno, 0.2);
              try {
                $secure and stream_socket_enable_crypto($f, true, STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT);
                $s = "GET /?admin=".rawurlencode($secret)." HTTP/1.1\r\n".
                     "Host: $addr[host]\r\n".
                     "Accept: text/event-stream\r\n".
                     "\r\n";
                fwrite($f, $s);
                while (fgets($f) !== "\r\n") ;    // HTTP/1.1 200 OK ... blank
                $count = fgets($f);   // body
                is_numeric($count) and $counts[$i] = $count;
              } finally {
                fclose($f);
              }
            } catch (Throwable $e) {}
          }
        }

        $class = [];
        $offline and $class[] = 'accepting_0 online_0';
        $slow and $class[] = 'lo';

        foreach ($counts as $count) {
          $class[] = $loHiClass($count, 10, 100);
        }

        echo '<td class="', join(' ', $class), '">';
        echo join('+', $counts);
        $offline and print(' (offline)');
        $slow and print(' (slow conn)');
        echo '</td>';
      ?>
    </tr>
  </table>

  <p>
    <a href="#" onclick="sseInfo(<?=htmlspecialchars(encodeJsonLine(strtok(keyValue('sseURL'), ' ')))?>); return false">
      Games &amp; Maps
    </a>
  </p>

  <table>
    <thead>
      <tr>
        <th>ID</th>
        <th>State</th>
        <th>URL</th>
        <th>Secret</th>
        <th>Free Mem</th>
        <th>Updated</th>

        <th>Seen Clients</th>
        <th>Lingering</th>
        <th>Connected</th>
        <th>Special</th>
        <th>Pending Commands</th>
        <th>Lobby</th>
        <th>Games</th>
        <th>PID</th>
        <th>Uptime</th>
      </tr>
    </thead>
    <tbody>
      <?php $servers->execute()?>
      <?php while ($row = $servers->fetchObject()) {?>
        <?php
          [$online, $est] = $row->accepting < 0 ? [0, 0]
            : $isListening($row->host, $row->port);
          $class = ['accepting_'.+!!$row->accepting, 'online_'.+$online];
        ?>

        <tr class="<?=join(' ', $class)?>">
          <th rowspan="2">
            <img src="data:image/png;base64,<?=htmlspecialchars($icons[$online ? $row->accepting ? 'green' : 'yellow' : 'red'])?>">
            <?=htmlspecialchars($row->id)?>
          </th>
          <td class="<?=$loHiClass($est, 0, 0.1)?>">
            <?=$row->accepting < 0 ? 'Masked' : (!$online ? 'Offline' : ($row->accepting ? 'Accepting' : 'Draining').($est > 0.1 ? ' (slow conn)' : ''))?>
          </td>
          <td>
            <?=htmlspecialchars(wss($row))?>
          </td>
          <td><?=htmlspecialchars($row->secret)?></td>
          <td <?=$loHi($row->maxMemory - $row->memory, 64, $row->maxMemory * 0.3)."/{$row->maxMemory}M"?></td>
          <td class="<?=$row->serverStatsTime ? $loHiClass($diff = $time - $row->serverStatsTime, 0, 0.5) : 'lo'?>">
            <?=$row->serverStatsTime ? $ago($diff) : ''?>
          </td>

          <td <?=$loHi($row->totalClients, 100, 10000)?></td>
          <td <?=$loHi($row->lingering, 0, 20)?></td>
          <td <?=$loHi($row->connected, 5, 20)?></td>
          <td><?=htmlspecialchars($row->special ?? '')?></td>
          <td <?=$loHi($row->pending, 0, 10)?></td>
          <td <?=$loHi($row->lobby, 1, 5)?></td>
          <td <?=$loHi($row->games, 1, 5)?></td>
          <td><?=htmlspecialchars($row->pid ?? '')?></td>
          <td class="<?=$loHiClass($row->uptime, 60, 30 * 24 * 3600)?>">
            <?=$ago($row->uptime)?>
          </td>
        </tr>

        <tr>
          <td colspan="13">
            <a href="#" onclick="prompt('websocket.js options:', <?=htmlspecialchars(encodeJsonLine("-console connect -host $row->host -port $row->port".($row->secure ? ' -secure' : '')." -path ".escapeshellarg($path)." -admin ".escapeshellarg($row->secret)))?>); return false">
              Connection String</a>

            <?php if ($online) {?>
              <a target="_blank" href="<?=htmlspecialchars('?'.http_build_query(['do' => 'dashboardInfo', 'admin' => $secret, 'info' => 'contextStats', 'server' => $row->id]))?>">
                Context Stats</a>

              <a href="#" onclick="(new Image).src = <?=htmlspecialchars(encodeJsonLine('?'.http_build_query(['do' => 'server', 'admin' => $secret, 'id' => $row->id, 'accepting' => !$row->accepting])))?>; this.innerHTML += '...'; return false">
                <?=$row->accepting ? 'Stop Accepting' : 'Start Accepting'?></a>
            <?php }?>
          </td>
        </tr>
      <?php }?>
    </tbody>
  </table>
<?php
    ob_get_level() and ob_flush();
    flush();
  }
}

function do_dashboardInfo(array $request) {
  if (!ADMIN) {
    throw new PublicException('Admin only.', 403);
  }

  switch ($request['info']) {
    default:
      throw new PublicException('Bad ?info: '.$request['info']);

    case 'contextStats':
      $server = pdo('SELECT host, port, secure, secret FROM servers WHERE id = '.pdo()->quote($request['server']));

      $client = connectTo($server);
      $client->plugins()->add($dd = new DashboardData);
      $dd->request($client, $dd::LOGIN, 'admin', ['secret' => $server->secret]);
      $dd->request($client, $dd::STATS, 'contextStats');
      $client->loop();
      return $dd->result;
  }
}

class DashboardData extends JsonrpcData {
  const STATS = 2;

  public $result;

  protected function jsonrpc($cx, $id, $result) {
    switch ($id) {
      default:
        throw new JsonrpcException("Bad response \$id: $id");

      case static::STATS:
        $this->result = $result;
        $cx->gracefulDisconnectAndWait(null, new Drop);
        break;
    }
  }
}

// {"url": "User/Map/Path", "private": true}
//
// In multipart/form-data mode, ?url may be replaced by ?load (a binary file
// upload or a regular parameter, base64-encoded).
function do_newLobby(array $request, $join = false) {
  if (!$join) {
    // 250 = default statsInterval of do_watchdog().
    // 10  = Phiws\BaseObject->$loopWait used in do_watchdog().
    $time = microtime(true) - (250 + 10) * 2 /*lag allowance*/ * 1000;
    $sql = <<<SQL
      SELECT host, port, secure, secret
        FROM servers
       WHERE accepting = 1
         AND maxMemory - 16 > memory
         AND uptime > 10
         AND serverStatsTime > $time
    ORDER BY maxMemory - memory - 100 * lobby DESC
SQL;
    // Treating each lobby game as taking 100 MiB to estimate how much it'd
    // take when started (rough, greatly depends on map dimensions).

    $server = pdo($sql);

    if (!$server) {
      mailAdmin('apinoserver', 'No free servers', '');
      throw new PublicException('No free servers available.', 503);
    }

    $data = null;
    $SAVE_VERSION = 1;    // XXX=RH
    $REPLAY_VERSION = 1;  // XXX=RH
    if ($request['load'] ?? '') {
      $f = fopen('php://temp', 'w+b');
      fwrite($f, base64_decode($request['load']));
      rewind($f);
      goto read;    // zanzibar
    }
    if (($_FILES['load']['error'] ?? UPLOAD_ERR_NO_FILE) !== UPLOAD_ERR_NO_FILE) {
      if (!is_uploaded_file($file = $_FILES['load']['tmp_name'])) {
        throw new PublicException('Problem uploading the save file.');
      }
      $f = fopen($file, 'rb');
read:
      $header = fgets($f);
      $replay = $header === "HeroWO replay file\n";
      if ($header !== "HeroWO save file\n" and !$replay) {
        $data = json_decode($header);
        if (isset($data->startTime)) {
          if ($data->version !== $REPLAY_VERSION) {
            throw new PublicException("Replay file version ($data->version) is unsupported (expected to be $REPLAY_VERSION).");
          }
          $data = json_decode(fgets($f));
        } else {
          // If the file consisted of a single line (i.e. a not pretty-printed
          // JSON save file) then fgets() got it all and we already have the
          // file parsed. No need to rewind() and read again.
          if (!feof($f)) {
            rewind($f);
            $data = json_decode(stream_get_contents($f));
          }
          if (!isset($data->version)) {
            throw new PublicException('Not a HeroWO save or replay file.');
          }
          if ($data->version !== $SAVE_VERSION) {
            throw new PublicException("Save file version ($data->version) is unsupported (expected to be $SAVE_VERSION).");
          }
        }
        fclose($f);
      } else {
        $target = $replay ? 'replay' : 'save';
        $secret = pdo("SELECT secret, algorithm, tagLength FROM secrets WHERE target = \"$target\" AND id = ".pdo()->quote(rtrim(fgets($f))));
        if (!$secret) {
          throw new PublicException("Corrupted $target file.");
        }
        $data = stream_get_contents($f);
        fclose($f);
        if ($replay) {
          $len = strlen(hash($secret->algorithm, '', true));
          if (!hash_equals(hash_hmac($secret->algorithm, substr($data, 0, -$len), $secret->secret, true), substr($data, -$len))) {
            throw new PublicException('Corrupted replay file.');
          }
          $data = gzdecode(substr($data, 0, -$len));
          $pos = strpos($data, "\n");
          $header = json_decode(substr($data, 0, $pos));
          if ($header->version !== $REPLAY_VERSION) {
            throw new PublicException("Replay file version ($header->version) is unsupported (expected to be $REPLAY_VERSION).");
          }
          $data = json_decode(substr($data, $pos, strpos($data, "\n", $pos + 1) - $pos));
        } else {
          try {
            $data = json_decode(gzdecode(decrypt($data, $secret)));
          } catch (Throwable $e) {
            throw new PublicException('Corrupted save file.', 0, $e);
          }
          if ($data->version !== $SAVE_VERSION) {
            throw new PublicException("Save file version ($data->version) is unsupported (expected to be $SAVE_VERSION).");
          }
        }
      }
      $url = $data->map->url;
      $data = ['HeroWO.Map' => [$url => $data]];
    } else {
      $url = rawurldecode($request['url']);
    }

    chdir(__DIR__);
    $root = realpathOrFail(keyValue('maps')).DIRECTORY_SEPARATOR;
    $path = $root.$url;
    if (!strncmp(realpath($path), $root, strlen($root)) and
        is_file("$path/map.json")) {
      $info = (array) uploadInfo($path);
      if (($info['playTime'] ?? 0) < time() - 24 * 3600) {
        $info['playTime'] = time();
        $info['playCount'] = ($info['playCount'] ?? 0) + 1;
      }
      file_put_contents("$path/upload-.php", "<?php\nreturn ".var_export($info, true).';');
      rename("$path/upload-.php", "$path/upload.php");
      touch("$path/map.json");
    } elseif (!$data) {
      // Non-existing map is definitely a failure unless we were supplied ?load
      // (i.e. loading a game). Problems might arise even in this case but most
      // maps don't depend on external data (images, modules, etc.) so trying
      // to continue.
      throw new PublicException('Unknown map: '.$url, 404);
    }
  } else {
    $pin = pdo()->quote($request['pin']);
    $sql = <<<SQL
  SELECT host, port, secure, secret, context
    FROM lobby
    JOIN servers
      ON id = server
   WHERE pin = $pin
SQL;

    $server = pdo($sql);

    if (!$server) {
      throw new PublicException('No lobby with the matching PIN exists.', 404);
    }
  }

  $client = connectTo($server);
  $client->plugins()->add($nd = new NewData);
  $nd->request($client, $nd::LOGIN, 'admin', ['secret' => $server->secret]);

  if (!$join) {
    $params = ['url' => $url, 'data' => $data, 'lobby' => true, 'private' => (bool) $request['private'], 'classic' => (bool) $request['classic']];
    $nd->request($client, $nd::NEW_CONTEXT, 'newContext', $params);
  } else {
    // The lobby table may have outdated entries (such as for games of servers deleted while the watchdog wasn't running or that were shut down uncleanly). 'lobby' makes the command atomic, failing if the game is not a lobby at the time the command is executed (preventing a new player from joining after the host has pressed "Begin" but before the watchdog has polled the server). Therefore it is expected that newPlayer may fail.
    $params = ['context' => $server->context, 'observer' => true, 'lobby' => true, 'player' => true];
    $nd->request($client, $nd::NEW_PLAYER, 'newPlayer', $params);
  }

  $client->loop();

  http_response_code(201);

  return [
    'server' => wss($server),
    //'context' => $nd->contextKey,
    'player' => $nd->player->secret,
  ];
}

function decrypt($data, stdClass $secret) {
  switch ($secret->algorithm) {
    default:
      throw new Exception('Unsupported $algorithm: '.$secret->algorithm);

    case 'aes-128-gcm':
    case 'aes-192-gcm':
    case 'aes-256-gcm':
      $len = openssl_cipher_iv_length($secret->algorithm);

      if (strlen($data) <= $len + $secret->tagLength) {
        throw new Exception('Ciphertext is too short.');
      }

      $iv = substr($data, 0, $len);
      // From Node sources, src\crypto\crypto_aes.cc:
      // "[...] in WebCrypto, the auth tag is concatenated to the end
      // of the generated ciphertext and returned in the same ArrayBuffer."
      $tag = substr($data, -$secret->tagLength);
      $data = substr($data, $len, -$secret->tagLength);
      $plain = openssl_decrypt($data, $secret->algorithm, $secret->secret, OPENSSL_RAW_DATA, $iv, $tag);

      if (!is_string($plain)) {
        throw new Exception('Unable to decrypt.');
      }

      return $plain;
  }
}

class NewData extends JsonrpcData {
  const NEW_CONTEXT = 2;
  const NEW_PLAYER = 3;

  public $contextKey;
  public $player;

  protected function jsonrpc($cx, $id, $result) {
    switch ($id) {
      default:
        throw new JsonrpcException("Bad response \$id: $id");

      case static::NEW_CONTEXT:
        $this->contextKey = $result->context;

        $this->request($cx, static::NEW_PLAYER, 'newPlayer', [
          'context' => $this->contextKey,
          'lobby' => true,
          'player' => true,
          'host' => true,
        ]);

        break;

      case static::NEW_PLAYER:
        $this->player = $result;
        $cx->gracefulDisconnectAndWait(null, new Drop);
        break;
    }
  }
}

// {"pin": "12345"}
function do_joinLobby(array $request) {
  return do_newLobby($request, true);
}

// {"type": "text", "data": "\"kivrin"\"}
function do_chat(array $request) {
  $data = [
    'seat' => $request['seat'] ?? '',
    'date' => round(microtime(true) * 1000),
    'type' => $request['type'],
    'data' => json_decode($request['data']),
  ];

  $stmt = pdo()->prepare('INSERT INTO chat (data) VALUES (?)');
  // SSE's data: must be one-line.
  $stmt->execute([encodeJsonLine($data)]);

  if (!mt_rand(0, 100)) {
    // Same limit as in WatchdogSSE.
    pdo()->exec('DELETE FROM chat WHERE rowid <= '.(pdo()->lastInsertId() - 100));
  }

  http_response_code(201);
}

// This "meta-server" serves data global to all game servers and thus not possible to be served by websocket.js. Incoming SSE connections must be HTTP/1.1 and no HTTPS - front-end it with nginx, preferably with gzip on.
//
// Calling this when !CLI probably makes no sense.
//
//[
// [Install]
// WantedBy=multi-user.target
//
// [Unit]
// Description=HeroWO Game Servers Watchdog
//
// [Service]
// ExecStart=/bin/env php /.../api.php watchdog
// Restart=on-failure
// User=www-data
//]
function do_watchdog(array $request) {
  if (!ADMIN) {
    throw new PublicException('Admin only.', 403);
  }

  // For correct realpath() resolution of 'maps'.
  chdir(__DIR__);

  $times = $request['times'] ?? PHP_INT_MAX;
  $path = keyValue('path');
  $clients = [];
  // Using rowid for pruning would be simpler but since we are doing INSERT OR
  // REPLACE, the ID may grow by hundreds per second.
  $lobbyPrune = pdo()->prepare('DELETE FROM lobby WHERE time < ?');

  $sse = new WatchdogSSE;
  $sse->suffix = $request['suffix'] ?? '';
  // $request['host'] can be 0.0.0.0.
  //
  // sseURL supplies defaults for host and port but other components
  // (schema, path, etc.) are ignored and not checked by this server.
  $addr = $request + parse_url(explode(' ', keyValue('sseURL'))[((int) $sse->suffix ?: 1) - 1]);
  $sse->start("tcp://$addr[host]:$addr[port]");

  $iterate = function ($inLoop = false)
      use (&$iterate, &$times, &$clients, $sse, $request, $path, $lobbyPrune) {
    static $loopWait = 10;

    while ($times-- > 0) {
      $sse->tick();

      $query = pdo()->query('SELECT id, host, port, secure, secret FROM servers WHERE accepting <> -1');

      while ($row = $query->fetchObject()) {
        $client = $clients[$row->id] ?? null;

        if (!$client) {
          if ($clients and $times % 100) {
            continue;   // see below
          }

          $addr = new Phiws\ServerAddress($row->host, $row->port);
          $addr->secure($row->secure);
          $addr->path($path);

          $client = new Phiws\Client;
          $client->logger()->echoMode(true);
          $client->loopFail(false);

          // Phiws is written around synchronous sockets. As such, every offline
          // server will impact the polling of others since we will wait for the
          // connect timeout to expire. Setting the timeout to a very low value
          // (which is fine for local and datacenter networks) and only adding
          // new clients every 100 iterations (about 5 seconds) somewhat
          // mitigates the problem.
          $client->timeout(0.150);

          $client->herowo = new WatchdogClientContext;
          // "Master meta-server" updates the database. Non-master exist to
          // load-balance clients using data gathered on-the-fly.
          $client->herowo->master = $sse->suffix === '';
          $client->herowo->id = $row->id;
          $client->herowo->secret = $row->secret;
          $client->herowo->master and $client->herowo->updateStats = pdo()->prepare('UPDATE servers SET totalClients = ?, lingering = ?, connected = ?, special = ?, pending = ?, lobby = ?, games = ?, memory = ?, pid = ?, uptime = ?, serverStatsTime = ? WHERE id = '.pdo()->quote($row->id));
          $client->herowo->statsInterval = ($request['stats'] ?? 250) / 1000;
          $client->herowo->lobbyInterval = ($request['lobby'] ?? 500) / 1000;
          $client->herowo->lobbyPrune = $lobbyPrune;

          try {
            $client->connect($addr);
          } catch (Throwable $e) {
            continue;
          }

          $clients[$row->id] = $client;
        }

        $client->herowo->times = $times;
      }

      foreach ($clients as $client) {
        if ($client->herowo->times !== $times) {    // removed server
          $client->gracefulDisconnectAndWait($loopWait, new Drop);
        }
      }

      if ($inLoop) {
        return;   // continue the loop of a Phiws\Client
      } else {
        // Randomize by +/- 25% to avoid bombarding game servers in case
        // multiple watchdogs are started simultaneously.
        $wait = round($loopWait + mt_rand(0, $loopWait / 2) - $loopWait / 4);
        $clients ? reset($clients)->loopWait($wait)->loop() : usleep($wait * 1000);
        // If $clients[0] returns from loop(), it means the Client was disconnected
        // (isStoppingLoop()) because of SIGINT or because it was removed from
        // the database. In the latter case, continue with while.
        //
        // Instead of while, we could call $iterate() but in the long run this
        // may eventually exhaust the stack.
      }
    }

    $sse->stop();

    foreach ($clients as $client) {
      $client->gracefulDisconnectAndWait(null, new Drop);
    }
  };

  register_shutdown_function(function () use (&$times, $iterate) {
    $times = 0;
    $iterate();
  });

  Phiws\BaseTunnel::globalPlugins(new WatchdogData($clients, $sse, $iterate));
  $iterate();
}

class WatchdogData extends JsonrpcData {
  const STATS = 2;
  const LOBBY = 3;

  public $clients;
  public $sse;
  public $iterate;

  function __construct(array &$clients, WatchdogSSE $sse, $iterate) {
    $this->clients = &$clients;
    $this->sse = $sse;
    $this->iterate = $iterate;
  }

  function events() {
    return array_merge(parent::events(), ['clientConnected', 'disconnect', 'loopTick']);
  }

  function bufferedFrameComplete($cx, $applicationData = null, $extensionData = null) {
    try {
      parent::bufferedFrameComplete(...func_get_args());
    } catch (Throwable $e) {
      $cx->log("jsonrpc frame exception", $e, 'error');
    }
  }

  function clientConnected($cx) {
    $this->request($cx, static::LOGIN, 'admin', ['secret' => $cx->herowo->secret]);
  }

  function disconnect($cx, $code = null) {
    $i = array_search($cx, array_values($this->clients));

    if ($i !== false) {
      array_splice($this->clients, $i, 1);
    }
  }

  function loopTick($cx, $maxWait, $iterDuration) {
    $clients = array_values($this->clients);
    $i = array_search($cx, $clients);

    if ($i !== false) {
      $herowo = $cx->herowo;

      if ($herowo->master and
          microtime(true) > $herowo->lastStats + $herowo->statsInterval) {
        $herowo->lastStats = PHP_INT_MAX;
        $this->request($cx, static::STATS, 'serverStats');
      }

      if (microtime(true) > $herowo->lastLobby + $herowo->lobbyInterval) {
        $herowo->lastLobby = PHP_INT_MAX;
        $this->request($cx, static::LOBBY, 'lobbyStats');
      }

      $next = $clients[$i + 1] ?? null;
      $next ? $next->loopWait($maxWait)->loop(1) : call_user_func($this->iterate, true);
    }
  }

  protected function jsonrpc($cx, $id, $result) {
    switch ($id) {
      default:
        throw new JsonrpcException("Bad response \$id: $id");

      case static::STATS:
        $cx->herowo->lastStats = microtime(true);

        $cx->herowo->updateStats->execute([
          $result->totalClients,
          $result->lingering,
          $result->connected,
          $result->special,
          $result->pending,
          $result->lobby,
          $result->games,
          (int) $result->memory,
          $result->pid,
          (int) $result->uptime,
          microtime(true),
        ]);

        $cx->herowo->updateStats->closeCursor();
        break;

      case static::LOBBY:
        $cx->herowo->lastLobby = microtime(true);
        $full = &$this->sse->lobby[$cx->herowo->id];
        $full or $full = [];
        $query = $events = $public = [];

        foreach ($result as $lobby) {
          $cur = $lobby->map;
          $query[] = [$cx->herowo->id, $cur->pin, $lobby->key, time()];

          if (!$cur->private) {
            $public[] = $lobby->key;
            $cur->seats = count(array_filter((array) $lobby->seats, 'count'));
            $cur->seated = count(array_filter($lobby->seated, 'strlen'));
            $cur->classic = $lobby->classic;

            $ref = &$full[$lobby->key];
            if (encodeJsonLine($ref) !== encodeJsonLine($cur)) {
              $ref = $cur;
              $events[] = ['add', ['lobby', $lobby->key, $cur]];
            }
          }
        }

        if ($query and $cx->herowo->master) {
          $stmt = pdo()->prepare(pdo('INSERT OR REPLACE').' INTO lobby (server, pin, context, time) VALUES '.join(', ', array_fill(0, count($query), '(?, ?, ?, ?)')));
          $stmt->execute(array_merge(...$query));
          $stmt->closeCursor();

          if (!mt_rand(0, 100)) {
            $cx->herowo->lobbyPrune->execute([time() - 60]);
            $cx->herowo->lobbyPrune->closeCursor();
          }
        }

        foreach (array_diff(array_keys($full), $public) as $key) {
          $events[] = ['remove', ['lobby', $key]];
          unset($full[$key]);
        }

        $this->sse->send($events);
        break;
    }
  }
}

class WatchdogClientContext {
  public $master;
  public $id;
  public $times;    // used to determine servers removed from the database
  public $secret;
  public $updateStats;
  public $lastStats;
  public $statsInterval;
  public $lastLobby;
  public $lobbyInterval;
  public $lobbyPrune;
}

class WatchdogSSE implements Countable, JsonSerializable {
  static $pingInterval = 30;
  public $suffix = '';   // must be set before start()
  protected $server;
  // If updates are rare (data is rarely written to SSE), $clients may
  // accumulate a lot of members that are no longer connected. They will be
  // dropped as soon as an event occurs (i.e. we try to send something).
  // $pingInterval sets a maximum cap for disconnected members to remain in the
  // list. However, the frontend web server (if any) may have its own
  // considerations on top of this.
  protected $clients = [];   // array of WatchdogSseClient
  protected $lastMapScan;
  public $mapScanInterval = 1.0;
  protected $selectChat;

  public $lobby = [];     // hash 'server id' => hash 'cx key' => stats
  protected $maps = [];   // url (in URI path format) => Map in unser format
  public $chat = [];      // array of one-line JSON strings

  function __destruct() {
    $this->stop();
  }

  function count(): int {
    return count($this->clients);
  }

  #[\ReturnTypeWillChange]
  function jsonSerialize() {
    $lobby = array_merge(...array_values($this->lobby ?: [[]]));

    return [
      'lobby' => $lobby ?: new stdClass,
      'maps' => $this->maps,
    ];
  }

  function start($addr) {
    $this->selectChat = pdo()->prepare('SELECT rowid, data FROM chat WHERE rowid > ? ORDER BY rowid');

    $this->server = stream_socket_server($addr, $errno, $error);

    if ($this->server === false) {
      throw new Exception("stream_socket_server(): $errno $error");
    }

    printf('SSE%s listening on %s%s',
      $this->suffix === '' ? '' : ' #'.$this->suffix,
      stream_socket_get_name($this->server, false),
      PHP_EOL);
  }

  function stop() {
    if ($this->server) {
      foreach (array_splice($this->clients, 0) as $client) {
        $client->disconnect();
      }

      fclose($this->server);
      $this->server = null;
    }
  }

  function remove(WatchdogSseClient $client) {
    $i = array_search($client, $this->clients);

    if ($i !== false) {
      array_splice($this->clients, $i, 1);
    }
  }

  function tick() {
    if (microtime(true) > $this->lastMapScan + $this->mapScanInterval) {
      $this->scanMaps();
      $this->lastMapScan = microtime(true);
    }

    $this->accept();

    foreach ($this->clients as $client) {
      $client->flush();

      if ($client->lastPing + static::$pingInterval < time()) {
        $client->send("event: ping\r\ndata\n\n");
      }
    }

    $this->selectChat->execute([end($this->chat)->rowid ?? 0]);
    $events = [];

    while ($row = $this->selectChat->fetchObject()) {
      $events[] = ['chat', $row->data, true];
      $row->data = '{"history":true,'.substr($row->data, 1);
      $this->chat[] = $row;
    }

    array_splice($this->chat, 0, -100);   // same limit as in do_chat()
    $this->send($events);
  }

  function scanMaps() {
    // All paths must be absolute and canonical (use correct separators and character case, for case-insensitive FS), otherwise clearstatcache() won't clear.
    $ds = DIRECTORY_SEPARATOR;
    $files = [];
    $root = realpathOrFail(keyValue('maps')).$ds;

    // pa/
    // pa/th/
    // pa/th/map.json   - not descending into pa/th/
    // pa/se/
    // pa/se/co/
    $scan = function (array $path) use (&$scan, $root, &$files, $ds) {
      $pathString = $path ? join($ds, $path).$ds : '';

      // opendir() is the only function within $scan that may fail. is_...()
      // functions never fail (thanks to IS_EXISTS_CHECK in php_stat(), see
      // ext\standard\filestat.c).
      try {
        // If the directory we're opening was removed after its name was read
        // by the parent $scan, this will error. Same if its parent was removed.
        //
        // If the directory is removed after opendir() when we call readdir(),
        // the latter will return false (and no warning) and closedir() will
        // succeed. If the directory is moved or any of its parents is moved or
        // removed, readdir() will continue reading it - this will make our
        // paths wrong but such situations will be detected once we try reading
        // map.json.
        //
        // Tested on ext4 and tmpfs.
        $dir = opendir($root.$pathString);
      } catch (Throwable $e) {
        return;
      }

      while (false !== $file = readdir($dir)) {
        if ($file !== '.' and $file !== '..') {
          $full = $root.$pathString.$file;
          clearstatcache(false, $full);

          if (is_dir($full)) {
            $mapFile = $full.$ds.'map.json';
            clearstatcache(false, $mapFile);

            $subPath = array_merge($path, [$file]);

            if (is_file($mapFile)) {
              $files[] = join('/', array_map('rawurlencode', $subPath));
            } else {
              $scan($subPath);
            }
          }
        }
      }

      closedir($dir);
    };

    $scan([]);
    $events = [];

    foreach ($this->maps + array_flip($files) as $key => $existing) {
      $mapFile = $root.str_replace('/', $ds, rawurldecode($key)).$ds.'map.json';

      try {
        $mtime = filemtime($mapFile);
      } catch (Throwable $e) {
        $mtime = null;
      }

      if (!$mtime) {
        if (is_object($existing)) {
          $events[] = ['remove', ['maps', $key]];
          unset($this->maps[$key]);
        }
      } elseif ($mtime !== ($existing->mtime ?? null)) {
        // New or changed.
        try {
          $data = json_decode(file_get_contents($mapFile));
        } catch (Throwable $e) {}
        if (($data->format ?? null) === FORMAT_VERSION) {
          $data->mtime = $mtime;    // internal, for $mtime check above
          $info = ((array) uploadInfo(dirname($mapFile))) + ['changeTime' => $mtime];
          foreach (['changeTime', 'addTime', 'playTime', 'playCount'] as $k) {
            $data->$k = $info[$k] ?? null;
          }
          $events[] = ['add', ['maps', $key, $data]];
          $this->maps[$key] = $data;
        }
      }
    }

    $this->send($events);
  }

  function send(array $events) {
    if ($events and $this->clients) {
      $events = WatchdogSseClient::formatEvents($events);

      foreach ($this->clients as $client) {
        $client->send($events);
      }
    }
  }

  function accept() {
    $null = null;

    while (true) {
      $handles = [$this->server];

      if (!stream_select($handles, $null, $null, 0) or
          !($client = stream_socket_accept($this->server))) {
        break;
      }

      try {
        stream_set_blocking($client, false);
        $proto = fgets($client);

        if (strpos($proto, 'admin=') and strpos($proto, keyValue('admin'))) {
          fwrite($client, "HTTP/1.1 200 OK\r\n\r\n".count($this));
          fclose($client);
          continue;
        }
      } catch (Throwable $e) {
        try {
          fclose($client);
        } catch (Throwable $e) {}

        continue;
      }

      $this->clients[] = new WatchdogSseClient($this, $client);
    }
  }
}

class WatchdogSseClient {
  protected $sse;
  protected $handle;
  protected $buffer = [];   // consists only of non-empty strings
  protected $offset = 0;
  public $lastPing;

  static function formatEvents(array $events) {
    foreach ($events as &$ref) {
      $ref = "event: $ref[0]\n".
             "data: ".(empty($ref[2]) ? encodeJsonLine($ref[1]) : $ref[1])."\n".
             "\n";
    }

    return join($events);
  }

  function __construct(WatchdogSSE $sse, $handle) {
    $this->sse = $sse;
    $this->handle = $handle;
    $this->sendHandshake();
  }

  function __destruct() {
    $this->disconnect();
  }

  function disconnect() {
    $this->sse->remove($this);

    try {
      fclose($this->handle);
    } catch (Throwable $e) {}

    $this->buffer = [];
    $this->offset = 0;
  }

  function sendHandshake() {
    // Assuming the request is a valid HTTP/1.1.
    $data = [
      'HTTP/1.1 200 OK',
      'Content-Type: text/event-stream; charset=utf-8',
      'Date: '.gmdate(DATE_RFC7231),
      'Access-Control-Allow-Origin: *',
      'X-Accel-Buffering: no',
      '',
      'event: full',
      'data: '.encodeJsonLine($this->sse),
      '',
    ];

    foreach ($this->sse->chat as $row) {
      $data[] = 'event: chat';
      $data[] = 'data: '.$row->data;
      $data[] = '';
    }

    $data[] = '';
    $this->send(join("\r\n", $data));
  }

  function send($data) {
    // Placing chunks into an array buffer rather than concatenating them into a single string makes all clients reference the same string (chunk) instead of creating numerous copies per each client (check with debug_zval_dump()). This reduces memory footprint from data_length * client_count to data_length * max(1, client_count), given that all SSE clients receive the same data.
    $data = (string) $data;
    strlen($data) and $this->buffer[] = $data;
  }

  function flush() {
    if ($this->buffer) {
      $handles = [$this->handle];
      $null = null;

      try {
        if (!stream_select($null, $handles, $null, 0)) {
          return;
        }

        $buf = substr(join($this->buffer), $this->offset);
        $written = $this->write($buf);
      } catch (Throwable $e) {
        $written = 0;
      }

      // According to the comment in the fwrite()'s documentation, fwrite()
      // returns 0 on most errors instead of false so treating both values the
      // same.
      //
      // "[...] I took a look at the source code for php's fwrite() itself. The function will only return false if you pass in invalid arguments. Any other error, just as a broken pipe or closed connection, will result in a return value of less than strlen($string), in most cases 0."
      if (!$written) {
        $this->disconnect();
      } else {
        $this->lastPing = time();
        $this->offset += $written;

        while ($this->buffer and
               ($len = strlen($this->buffer[0])) <= $this->offset) {
          array_shift($this->buffer);
          $this->offset -= $len;
        }
      }
    }
  }

  protected function write($buf) {
    // Under Windows, attempt to write over 64 KiB of data at once in non-blocking mode to a non-localhost peer causes this PHP Notice ($buf length = 65536 + 1347):
    //
    // "fwrite(): send of 1347 bytes failed with errno=10035 A non-blocking socket operation could not be completed immediately."
    //
    // 10035 is WSAEWOULDBLOCK:
    // "It is a nonfatal error, and the operation should be retried later."
    // https://docs.microsoft.com/en-us/windows/win32/winsock/windows-sockets-error-codes-2#WSAEWOULDBLOCK
    //
    // See also https://bugs.php.net/bug.php?id=39068
    if (!strncasecmp(PHP_OS, 'win', 3)) {
      $oldEH = set_error_handler(function ($errno, $errstr) use (&$oldEH) {
        if ($errno !== E_NOTICE or strpos($errstr, 'errno=10035') === false) {
          call_user_func_array($oldEH, func_get_args());
        }
      });
      try {
        return fwrite($this->handle, $buf);
      } finally {
        set_error_handler($oldEH);
      }
    } else {
      return fwrite($this->handle, $buf);
    }
  }
}

$apiTakeOver and apiTakeOver($argv ?? []);