Prevent the linking of fake ckeys to forum accounts

Until a better solution is figured out.

Author: skull-test

app/Http/Controllers/User/LinkController.php

@@ -118,13 +118,17 @@ public function add(Request $request)
 
         $ckey = Helpers::sanitize_ckey($request->input("Byond_Username"));
 
-        #Check if a player with that ckey exists
-        $player_count = ServerPlayer::where('ckey', $ckey)->count();
+        $player = ServerPlayer::where('ckey', $ckey)->first();
 
-        if ($player_count != 1) {
+        #Check if a player with that ckey exists
+        if (is_null($player)) {
             return redirect()->route('user.link')->withErrors(array("Could not find player with the ckey" . $ckey . ". You need to join on the server before you can link your account."));
         }
 
+        if ($player->ckey_is_external) {
+            return redirect()->route('user.link')->withErrors(array("Your ckey " . $ckey . " is an external ckey. Linking forum accounts to these keys is currently not supported."));
+        }
+
         //Only add a new linking request if there is no existing one (where the deleted_at date is not set)
         if (DB::connection('server')->table('player_linking')->where('forum_id', '=', $request->user()->user_id)->where('deleted_at', '=', NULL)->count() == 0) {
 

app/Models/ServerPlayer.php

@@ -28,7 +28,7 @@ class ServerPlayer extends Model
     public $timestamps = FALSE;
     protected $connection = 'server';
     protected $table = 'player';
-    protected $fillable = ['ckey', 'ip', 'whitelist_status'];
+    protected $fillable = ['ckey', 'ip', 'whitelist_status', 'ckey_is_external'];
     protected $primaryKey = 'id';
     protected $dates = ['firstseen', 'lastseen'];