|
|
<?php |
|
|
|
|
|
ob_start(); |
|
|
require 'dynmap_access.php'; |
|
|
ob_end_clean(); |
|
|
|
|
|
if (!isset($markerspath)) { |
|
|
$markerspath = "../tiles/"; |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
session_start(); |
|
|
|
|
|
if (isset($_SESSION['userid'])) { |
|
|
$userid = $_SESSION['userid']; |
|
|
} else { |
|
|
$userid = '-guest-'; |
|
|
} |
|
|
|
|
|
$loggedin = false; |
|
|
if (strcmp($userid, '-guest-')) { |
|
|
$loggedin = true; |
|
|
} |
|
|
|
|
|
$path = htmlspecialchars($_REQUEST['marker']); |
|
|
if ((!isset($path)) || strstr($path, "..")) { |
|
|
header('HTTP/1.0 500 Error'); |
|
|
echo "<h1>500 Error</h1>"; |
|
|
echo "Bad marker: " . $path; |
|
|
exit(); |
|
|
} |
|
|
|
|
|
$fname = $markerspath . $path; |
|
|
|
|
|
$parts = explode("/", $path); |
|
|
|
|
|
if (($parts[0] != "faces") && ($parts[0] != "_markers_")) { |
|
|
header('HTTP/1.0 500 Error'); |
|
|
echo "<h1>500 Error</h1>"; |
|
|
echo "Bad marker: " . $path; |
|
|
exit(); |
|
|
} |
|
|
|
|
|
$uid = '[' . strtolower($userid) . ']'; |
|
|
|
|
|
if (!is_readable($fname)) { |
|
|
if (strstr($path, ".jpg") || strstr($path, ".png")) { |
|
|
$fname = "../images/blank.png"; |
|
|
} else { |
|
|
header('HTTP/1.0 404 Not Found'); |
|
|
echo "<h1>404 Not Found</h1>"; |
|
|
echo "Not found: " . $path; |
|
|
exit(); |
|
|
} |
|
|
} |
|
|
$fp = fopen($fname, 'rb'); |
|
|
if (strstr($path, ".png")) { |
|
|
header("Content-Type: image/png"); |
|
|
} elseif (strstr($path, ".jpg")) { |
|
|
header("Content-Type: image/jpeg"); |
|
|
} else { |
|
|
header("Content-Type: application/text"); |
|
|
} |
|
|
|
|
|
header("Content-Length: " . filesize($fname)); |
|
|
|
|
|
fpassthru($fp); |
|
|
exit; |
|
|
|
