|
|
<?php |
|
|
|
|
|
ob_start(); |
|
|
require_once 'PostgreSQL_funcs.php'; |
|
|
require 'PostgreSQL_config.php'; |
|
|
require 'PostgreSQL_access.php'; |
|
|
ob_end_clean(); |
|
|
|
|
|
session_start(); |
|
|
|
|
|
if (isset($_SESSION['userid'])) { |
|
|
$userid = $_SESSION['userid']; |
|
|
} else { |
|
|
$userid = '-guest-'; |
|
|
} |
|
|
|
|
|
$loggedin = false; |
|
|
if (strcmp($userid, '-guest-')) { |
|
|
$loggedin = true; |
|
|
} |
|
|
|
|
|
$path = htmlspecialchars($_REQUEST['tile']); |
|
|
if ((!isset($path)) || strstr($path, "..")) { |
|
|
header('HTTP/1.0 500 Error'); |
|
|
echo "<h1>500 Error</h1>"; |
|
|
echo "Bad tile: " . $path; |
|
|
exit(); |
|
|
} |
|
|
|
|
|
$parts = explode("/", $path); |
|
|
|
|
|
if (count($parts) != 4) { |
|
|
header('Location: ../images/blank.png'); |
|
|
cleanupDb(); |
|
|
exit; |
|
|
} |
|
|
|
|
|
$uid = '[' . strtolower($userid) . ']'; |
|
|
|
|
|
$world = $parts[0]; |
|
|
|
|
|
if (isset($worldaccess[$world])) { |
|
|
$ss = stristr($worldaccess[$world], $uid); |
|
|
if ($ss === false) { |
|
|
header('Location: ../images/blank.png'); |
|
|
cleanupDb(); |
|
|
exit; |
|
|
} |
|
|
} |
|
|
$variant = 'STANDARD'; |
|
|
|
|
|
$prefix = $parts[1]; |
|
|
$plen = strlen($prefix); |
|
|
if (($plen > 4) && (substr($prefix, $plen - 4) === "_day")) { |
|
|
$prefix = substr($prefix, 0, $plen - 4); |
|
|
$variant = 'DAY'; |
|
|
} |
|
|
$mapid = $world . "." . $prefix; |
|
|
if (isset($mapaccess[$mapid])) { |
|
|
$ss = stristr($mapaccess[$mapid], $uid); |
|
|
if ($ss === false) { |
|
|
header('Location: ../images/blank.png'); |
|
|
cleanupDb(); |
|
|
exit; |
|
|
} |
|
|
} |
|
|
|
|
|
$fparts = explode("_", $parts[3]); |
|
|
if (count($fparts) == 3) { |
|
|
$zoom = strlen($fparts[0]); |
|
|
$x = intval($fparts[1]); |
|
|
$y = intval($fparts[2]); |
|
|
} elseif (count($fparts) == 2) { |
|
|
$zoom = 0; |
|
|
$x = intval($fparts[0]); |
|
|
$y = intval($fparts[1]); |
|
|
} else { |
|
|
header('Location: ../images/blank.png'); |
|
|
cleanupDb(); |
|
|
exit; |
|
|
} |
|
|
initDbIfNeeded(); |
|
|
|
|
|
$stmt = $db->prepare('SELECT t.Image,t.Format,t.HashCode,t.LastUpdate FROM ' . $dbprefix . 'Maps m JOIN ' . $dbprefix . 'Tiles t ON m.ID=t.MapID WHERE m.WorldID=? AND m.MapID=? AND m.Variant=? AND t.x=? AND t.y=? and t.zoom=?'); |
|
|
$stmt->bindParam(1, $world, PDO::PARAM_STR); |
|
|
$stmt->bindParam(2, $prefix, PDO::PARAM_STR); |
|
|
$stmt->bindParam(3, $variant, PDO::PARAM_STR); |
|
|
$stmt->bindParam(4, $x, PDO::PARAM_INT); |
|
|
$stmt->bindParam(5, $y, PDO::PARAM_INT); |
|
|
$stmt->bindParam(6, $zoom, PDO::PARAM_INT); |
|
|
$res = $stmt->execute(); |
|
|
list($timage, $format, $thash, $tlast) = $stmt->fetch(); |
|
|
if ($res && $timage) { |
|
|
if ($format == 0) { |
|
|
header('Content-Type: image/png'); |
|
|
} else if ($format == 2) { |
|
|
header('Content-Type: image/webp'); |
|
|
} else { |
|
|
header('Content-Type: image/jpeg'); |
|
|
} |
|
|
header('ETag: \'' . $thash . '\''); |
|
|
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', (int) ($tlast / 1000)) . ' GMT'); |
|
|
echo stream_get_contents($timage); |
|
|
} else { |
|
|
header('Location: ../images/blank.png'); |
|
|
} |
|
|
|
|
|
$stmt->closeCursor(); |
|
|
cleanupDb(); |
|
|
|
|
|
exit; |
|
|
|
