On my website I have a login with steam feature, upon signing in on the steam end of this process, people are redirected to a white page, rather than the home page, also, the sign in data is never sent to the server, I've tried reading through my code but I can't seem to find why this problem is occurring.
openid.php
settings.php
<?php
$fileLoc = $_SERVER['DOCUMENT_ROOT'] . '/../passwords.txt';
if (file_exists($fileLoc)) {
$fh = fopen($fileLoc, 'r');
$jsonStr = fgets($fh);
$arr = json_decode($jsonStr, true);
$apiKey = $arr['steamAPIKey'];
fclose($fh);
} else {
die('no file found');
}
$steamauth['apikey'] = $7456B63D1E2C9CAFC06ACF35D97E1D9C; // Your Steam WebAPI-Key found at http://steamcommunity.com/dev/apikey
$steamauth['domainname'] = "http://www.csgoexcite.com/"; // The main URL of your website displayed in the login page
$steamauth['buttonstyle'] = "large"; // Style of the login button [small|large_no|large]
$steamauth['logoutpage'] = "index.php"; // Page to redirect to after a successfull logout (from the directory the SteamAuth-folder is located in) - NO slash at the beginning!
$steamauth['loginpage'] = "index.php"; // Page to redirect to after a successfull login (from the directory the SteamAuth-folder is located in) - NO slash at the beginning!
// System stuff
if (empty($steamauth['apikey'])) {die("<div style='display: block; width: 100%; background-color: red; text-align: center;'>SteamAuth:<br>Please supply an API-Key!</div>");}
if (empty($steamauth['domainname'])) {$steamauth['domainname'] = "localhost";}
if ($steamauth['buttonstyle'] != "small" and $steamauth['buttonstyle'] != "large") {$steamauth['buttonstyle'] = "large_no";}
?>
steam-login-handle.php
<?php
# Copyright (c) 2015 Jordan Turley, CSGO Win Big. All Rights Reserved.
session_start();
require('SteamAuthentication/steamauth/openid.php');
try {
require('SteamAuthentication/steamauth/settings.php');
$openid = new LightOpenID($steamauth['domainname']);
if($openid->validate()) {
$id = $openid->identity;
$ptn = "/^http:\/\/steamcommunity\.com\/openid\/id\/(7[0-9]{15,25}+)$/";
preg_match($ptn, $id, $matches);
$_SESSION['steamid'] = $matches[1];
header('Location: /index.html');
//Determine the return to page. We substract "login&"" to remove the login var from the URL.
//"file.php?login&foo=bar" would become "file.php?foo=bar"
# $returnTo = str_replace('login&', '', $_GET['openid_return_to']);
//If it didn't change anything, it means that there's no additionals vars, so remove the login var so that we don't get redirected to Steam over and over.
# if($returnTo === $_GET['openid_return_to']) $returnTo = str_replace('?login', '', $_GET['openid_return_to']);
# header('Location: '.$returnTo);
} else {
echo "User is not logged in.
";
}
} catch(ErrorException $e) {
echo $e->getMessage();
}
?>
