| <?php |
|
|
| ob_start(); |
| require_once 'MySQL_funcs.php'; |
| require 'MySQL_config.php'; |
| require 'MySQL_access.php'; |
| ob_end_clean(); |
|
|
| session_start(); |
|
|
| if (isset($_SESSION['userid'])) { |
| $userid = $_SESSION['userid']; |
| } else { |
| $userid = '-guest-'; |
| } |
|
|
| $loggedin = false; |
| if (strcmp($userid, '-guest-')) { |
| $loggedin = true; |
| } |
|
|
| $path = htmlspecialchars($_REQUEST['marker']); |
| if ((!isset($path)) || strstr($path, "..")) { |
| header('HTTP/1.0 500 Error'); |
| echo "<h1>500 Error</h1>"; |
| echo "Bad marker: " . $path; |
| exit(); |
| } |
|
|
| $parts = explode("/", $path); |
|
|
| if (($parts[0] != "faces") && ($parts[0] != "_markers_")) { |
| header('HTTP/1.0 500 Error'); |
| echo "<h1>500 Error</h1>"; |
| echo "Bad marker: " . $path; |
| exit(); |
| } |
|
|
| initDbIfNeeded(); |
|
|
| if ($parts[0] == "faces") { |
| if (count($parts) != 3) { |
| header('HTTP/1.0 500 Error'); |
| echo "<h1>500 Error</h1>"; |
| echo "Bad face: " . $path; |
| cleanupDb(); |
| exit(); |
| } |
| $ft = 0; |
| if ($parts[1] == "8x8") { |
| $ft = 0; |
| } elseif ($parts[1] == '16x16') { |
| $ft = 1; |
| } elseif ($parts[1] == '32x32') { |
| $ft = 2; |
| } elseif ($parts[1] == 'body') { |
| $ft = 3; |
| } |
| $pn = explode(".", $parts[2]); |
| $stmt = $db->prepare('SELECT Image from ' . $dbprefix . 'Faces WHERE PlayerName=? AND TypeID=?'); |
| $stmt->bind_param('si', $pn[0], $ft); |
| $res = $stmt->execute(); |
| $stmt->bind_result($timage); |
| if ($stmt->fetch()) { |
| header('Content-Type: image/png'); |
| echo $timage; |
| } else { |
| header('Location: ../images/blank.png'); |
| } |
| } else { |
| $in = explode(".", $parts[1]); |
| $name = implode(".", array_slice($in, 0, count($in) - 1)); |
| $ext = $in[count($in) - 1]; |
| if (($ext == "json") && (strpos($name, "marker_") == 0)) { |
| $world = substr($name, 7); |
| $stmt = $db->prepare('SELECT Content from ' . $dbprefix . 'MarkerFiles WHERE FileName=?'); |
| $stmt->bind_param('s', $world); |
| $res = $stmt->execute(); |
| $stmt->bind_result($timage); |
| header('Content-Type: application/json'); |
| if ($stmt->fetch()) { |
| echo $timage; |
| } else { |
| echo "{ }"; |
| } |
| } else { |
| $stmt = $db->prepare('SELECT Image from ' . $dbprefix . 'MarkerIcons WHERE IconName=?'); |
| $stmt->bind_param('s', $name); |
| $res = $stmt->execute(); |
| $stmt->bind_result($timage); |
| if ($stmt->fetch()) { |
| header('Content-Type: image/png'); |
| echo $timage; |
| } else { |
| header('Location: ../images/blank.png'); |
| } |
| } |
| } |
|
|
| $stmt->close(); |
|
|
| cleanupDb(); |
|
|
| exit; |
|
|
