File size: 1,903 Bytes
36ddefa |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 |
<?php
ob_start();
require 'dynmap_access.php';
ob_end_clean();
if (!isset($tilespath)) {
$tilespath = "../tiles/";
}
//Use this to force specific tiles path, versus using passed value
//$tilespath = 'my-tiles-path';
session_start();
if (isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
} else {
$userid = '-guest-';
}
$loggedin = false;
if (strcmp($userid, '-guest-')) {
$loggedin = true;
}
$path = htmlspecialchars($_REQUEST['tile']);
if ((!isset($path)) || strstr($path, "..")) {
header('HTTP/1.0 500 Error');
echo "<h1>500 Error</h1>";
echo "Bad marker: " . $path;
exit();
}
$fname = $tilespath . $path;
$parts = explode("/", $path);
$uid = '[' . strtolower($userid) . ']';
$world = $parts[0];
if (isset($worldaccess[$world])) {
$ss = stristr($worldaccess[$world], $uid);
if ($ss === false) {
$fname = "../images/blank.png";
}
}
if (count($parts) > 2) {
$prefix = $parts[1];
$plen = strlen($prefix);
if (($plen > 4) && (substr($prefix, $plen - 4) === "_day")) {
$prefix = substr($prefix, 0, $plen - 4);
}
$mapid = $world . "." . $prefix;
if (isset($mapaccess[$mapid])) {
$ss = stristr($mapaccess[$mapid], $uid);
if ($ss === false) {
$fname = "../images/blank.png";
}
}
}
if (!is_readable($fname)) {
if (strstr($path, ".jpg") || strstr($path, ".png")) {
$fname = "../images/blank.png";
} else {
echo "{ \"result\": \"bad-tile\" }";
exit;
}
}
$fp = fopen($fname, 'rb');
if (strstr($path, ".png")) {
header("Content-Type: image/png");
} elseif (strstr($path, ".jpg")) {
header("Content-Type: image/jpeg");
} elseif (strstr($path, ".webp")) {
header("Content-Type: image/webp");
} else {
header("Content-Type: application/text");
}
header("Content-Length: " . filesize($fname));
fpassthru($fp);
exit;
|