105 lines
2.6 KiB
PHP
105 lines
2.6 KiB
PHP
|
<?php
|
||
|
|
||
|
ob_start();
|
||
|
require_once 'MySQL_funcs.php';
|
||
|
require 'MySQL_config.php';
|
||
|
require 'MySQL_access.php';
|
||
|
ob_end_clean();
|
||
|
|
||
|
session_start();
|
||
|
|
||
|
if (isset($_SESSION['userid'])) {
|
||
|
$userid = $_SESSION['userid'];
|
||
|
} else {
|
||
|
$userid = '-guest-';
|
||
|
}
|
||
|
|
||
|
$loggedin = false;
|
||
|
if (strcmp($userid, '-guest-')) {
|
||
|
$loggedin = true;
|
||
|
}
|
||
|
|
||
|
$path = htmlspecialchars($_REQUEST['marker']);
|
||
|
if ((!isset($path)) || strstr($path, "..")) {
|
||
|
header('HTTP/1.0 500 Error');
|
||
|
echo "<h1>500 Error</h1>";
|
||
|
echo "Bad marker: " . $path;
|
||
|
exit();
|
||
|
}
|
||
|
|
||
|
$parts = explode("/", $path);
|
||
|
|
||
|
if (($parts[0] != "faces") && ($parts[0] != "_markers_")) {
|
||
|
header('HTTP/1.0 500 Error');
|
||
|
echo "<h1>500 Error</h1>";
|
||
|
echo "Bad marker: " . $path;
|
||
|
exit();
|
||
|
}
|
||
|
|
||
|
initDbIfNeeded();
|
||
|
|
||
|
if ($parts[0] == "faces") {
|
||
|
if (count($parts) != 3) {
|
||
|
header('HTTP/1.0 500 Error');
|
||
|
echo "<h1>500 Error</h1>";
|
||
|
echo "Bad face: " . $path;
|
||
|
cleanupDb();
|
||
|
exit();
|
||
|
}
|
||
|
$ft = 0;
|
||
|
if ($parts[1] == "8x8") {
|
||
|
$ft = 0;
|
||
|
} elseif ($parts[1] == '16x16') {
|
||
|
$ft = 1;
|
||
|
} elseif ($parts[1] == '32x32') {
|
||
|
$ft = 2;
|
||
|
} elseif ($parts[1] == 'body') {
|
||
|
$ft = 3;
|
||
|
}
|
||
|
$pn = explode(".", $parts[2]);
|
||
|
$stmt = $db->prepare('SELECT Image from ' . $dbprefix . 'Faces WHERE PlayerName=? AND TypeID=?');
|
||
|
$stmt->bind_param('si', $pn[0], $ft);
|
||
|
$res = $stmt->execute();
|
||
|
$stmt->bind_result($timage);
|
||
|
if ($stmt->fetch()) {
|
||
|
header('Content-Type: image/png');
|
||
|
echo $timage;
|
||
|
} else {
|
||
|
header('Location: ../images/blank.png');
|
||
|
}
|
||
|
} else { // _markers_
|
||
|
$in = explode(".", $parts[1]);
|
||
|
$name = implode(".", array_slice($in, 0, count($in) - 1));
|
||
|
$ext = $in[count($in) - 1];
|
||
|
if (($ext == "json") && (strpos($name, "marker_") == 0)) {
|
||
|
$world = substr($name, 7);
|
||
|
$stmt = $db->prepare('SELECT Content from ' . $dbprefix . 'MarkerFiles WHERE FileName=?');
|
||
|
$stmt->bind_param('s', $world);
|
||
|
$res = $stmt->execute();
|
||
|
$stmt->bind_result($timage);
|
||
|
header('Content-Type: application/json');
|
||
|
if ($stmt->fetch()) {
|
||
|
echo $timage;
|
||
|
} else {
|
||
|
echo "{ }";
|
||
|
}
|
||
|
} else {
|
||
|
$stmt = $db->prepare('SELECT Image from ' . $dbprefix . 'MarkerIcons WHERE IconName=?');
|
||
|
$stmt->bind_param('s', $name);
|
||
|
$res = $stmt->execute();
|
||
|
$stmt->bind_result($timage);
|
||
|
if ($stmt->fetch()) {
|
||
|
header('Content-Type: image/png');
|
||
|
echo $timage;
|
||
|
} else {
|
||
|
header('Location: ../images/blank.png');
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
$stmt->close();
|
||
|
|
||
|
cleanupDb();
|
||
|
|
||
|
exit;
|