https://github.com/BlackCetha/SteamAuthOOP

OpenID-Login through Steam for your website
https://github.com/BlackCetha/SteamAuthOOP

openid openid-client steam steam-api steam-login

Last synced: about 2 months ago
JSON representation

OpenID-Login through Steam for your website

• Host: GitHub
• URL: https://github.com/BlackCetha/SteamAuthOOP
• Owner: BlackCetha
• License: other
• Created: 2015-06-25T15:16:31.000Z (about 9 years ago)
• Default Branch: master
• Last Pushed: 2021-01-08T08:57:28.000Z (over 3 years ago)
• Last Synced: 2024-02-02T22:18:45.324Z (5 months ago)
• Topics: openid, openid-client, steam, steam-api, steam-login
• Language: PHP
• Homepage:
• Size: 19.5 KB
• Stars: 38
• Watchers: 5
• Forks: 11
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Lists

• awesome-steam - SteamAuthOOP - An object-oriented alternative to SteamAuthentication. (Packages / PHP)

README

        
# SteamAuthOOP

OOP-based Steam-Login library

# Features

- One-File class

- Doesnt rely on an external library

- Easy to use

- Easy to modify with commented code and function reference

- Saves *all* information the Steam-API provides on a per-user basis

- Doesnt recreate/delete your session if you use it elsewhere

# Installation

- Drop the `steamauthoop.class.php` file into your projects directory

- Insert your API-Key from http://steamcommunity.com/dev/apikey into the config (`$settings["apikey"]`)

- Include it with `require "steamauthoop.class.php";`

- Initialize it with `$steam = new SteamAuthOOP();`

# Basic usage

If you want to have a link, go with

`Link`

Check if the user is logged in with

`$steam->loggedIn();`

(Will return true or false)

User-Data is accessible through `$steam->varName;`

You can find a basic list of variables in the demo file or a more advanced one in the code.

### Example

```php

loggedIn()) {

    echo "Hello ".$steam->personaname."!";

  } else {

    echo "Login";

  }

?>

```

# Planned

Nothing at the moment.

Open an issue if you think there is something that could be better.

# Data security

The library does not deliver safe/escaped data as it would limit the functionality.

This will leave your site vulnerable to cross-site-scripting ("XSS") and SQL-injection attacks if you dont take actions to prevent them.

### XSS

For example if a user calls himself `` and you print that name to other users, their browser will download `hacks.js`.

You can prevent that by passing the string through `htmlspecialchars($string)`.

### SQL injection

For example if a user calls himself `"; DROP TABLE *;--` and you directly execute that as an SQL-query, you will loose all your data.

You can prevent that by passing the strings through `mysqli_escape_string($link, $string)` or `$mysqli->escape_string($string)`.

# Legal stuff

If you choose to use the steam web-api you need to follow the Steam Web API Terms of Use found at

http://steamcommunity.com/dev/apiterms

The marked code is taken from Syntax_Error's "Ultra Simple Steam-Login" Class found at ~~ (Link is dead, [archive version](https://web.archive.org/web/20170524123709/http://forums.steampowered.com/forums/showthread.php?t=1430511))