|
|
<?php |
|
|
|
|
|
ob_start(); |
|
|
require_once 'MySQL_funcs.php'; |
|
|
require 'MySQL_config.php'; |
|
|
require 'MySQL_access.php'; |
|
|
ob_end_clean(); |
|
|
|
|
|
$world = $_REQUEST['world']; |
|
|
|
|
|
session_start(); |
|
|
|
|
|
if (isset($_SESSION['userid'])) { |
|
|
$userid = $_SESSION['userid']; |
|
|
} else { |
|
|
$userid = '-guest-'; |
|
|
} |
|
|
|
|
|
$loggedin = false; |
|
|
if (strcmp($userid, '-guest-')) { |
|
|
$loggedin = true; |
|
|
} |
|
|
|
|
|
header('Content-type: application/json; charset=utf-8'); |
|
|
|
|
|
if (strpos($world, '/') || strpos($world, '\\')) { |
|
|
echo "{ \"error\": \"invalid-world\" }"; |
|
|
return; |
|
|
} |
|
|
|
|
|
if ($loginenabled) { |
|
|
$fname = 'updates_' . $world . '.php'; |
|
|
} else { |
|
|
$fname = 'updates_' . $world . '.json'; |
|
|
} |
|
|
|
|
|
$useridlc = strtolower($userid); |
|
|
$uid = '[' . $useridlc . ']'; |
|
|
|
|
|
if (isset($worldaccess[$world])) { |
|
|
$ss = stristr($worldaccess[$world], $uid); |
|
|
if ($ss === false) { |
|
|
echo "{ \"error\": \"access-denied\" }"; |
|
|
return; |
|
|
} |
|
|
} |
|
|
|
|
|
$serverid = 0; |
|
|
if (isset($_REQUEST['serverid'])) { |
|
|
$serverid = $_REQUEST['serverid']; |
|
|
} |
|
|
|
|
|
$content = getStandaloneFile('dynmap_' . $world . '.json'); |
|
|
if (!isset($content)) { |
|
|
header('HTTP/1.0 503 Database Unavailable'); |
|
|
echo "<h1>503 Database Unavailable</h1>"; |
|
|
echo 'Error reading database - ' . $fname . ' #' . $serverid; |
|
|
cleanupDb(); |
|
|
exit; |
|
|
} |
|
|
|
|
|
|
|
|
if (!$loginenabled) { |
|
|
echo $content; |
|
|
} elseif (isset($json->loginrequired) && $json->loginrequired && !$loggedin) { |
|
|
echo "{ \"error\": \"login-required\" }"; |
|
|
} else { |
|
|
$json = json_decode($content); |
|
|
$json->loggedin = $loggedin; |
|
|
if (isset($json->protected) && $json->protected) { |
|
|
$ss = stristr($seeallmarkers, $uid); |
|
|
if ($ss === false) { |
|
|
if (isset($playervisible[$useridlc])) { |
|
|
$plist = $playervisible[$useridlc]; |
|
|
$pcnt = count($json->players); |
|
|
for ($i = 0; $i < $pcnt; $i++) { |
|
|
$p = $json->players[$i]; |
|
|
if (!stristr($plist, '[' . $p->account . ']')) { |
|
|
$p->world = "-some-other-bogus-world-"; |
|
|
$p->x = 0.0; |
|
|
$p->y = 64.0; |
|
|
$p->z = 0.0; |
|
|
} |
|
|
} |
|
|
} else { |
|
|
$pcnt = count($json->players); |
|
|
for ($i = 0; $i < $pcnt; $i++) { |
|
|
$p = $json->players[$i]; |
|
|
if (strcasecmp($userid, $p->account) != 0) { |
|
|
$p->world = "-some-other-bogus-world-"; |
|
|
$p->x = 0.0; |
|
|
$p->y = 64.0; |
|
|
$p->z = 0.0; |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
echo json_encode($json); |
|
|
} |
|
|
cleanupDb(); |
|
|
|
