From 23a0419c7de9593546def18c743d95b1b2b6b840 Mon Sep 17 00:00:00 2001 From: Jeff P Date: Wed, 28 Jul 2021 21:15:33 -0400 Subject: [PATCH 1/7] Parse Essentials RGB Hexcode nickname colors --- .../src/main/java/org/dynmap/Client.java | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/DynmapCore/src/main/java/org/dynmap/Client.java b/DynmapCore/src/main/java/org/dynmap/Client.java index e48f06bf..73efc257 100644 --- a/DynmapCore/src/main/java/org/dynmap/Client.java +++ b/DynmapCore/src/main/java/org/dynmap/Client.java @@ -226,6 +226,26 @@ public class Client { break; } } + else if (c == 'x') { // Essentials nickname hexcode format + if (i + 12 <= cnt){ // Check if string is at least long enough to be valid hexcode + if (s.charAt(i+1) == s.charAt(i+3) && + s.charAt(i+1) == s.charAt(i+5) && + s.charAt(i+1) == s.charAt(i+7) && + s.charAt(i+1) == s.charAt(i+9) && + s.charAt(i+1) == s.charAt(i+11) && // Check if there are enough ยง in a row + s.charAt(i+1) == '\u00A7'){ + StringBuilder hex = new StringBuilder().append(s.charAt(i+2)) + .append(s.charAt(i+4)) + .append(s.charAt(i+6)) + .append(s.charAt(i+8)) + .append(s.charAt(i+10)) + .append(s.charAt(i+12)); // Build hexcode string + sb.append(""); // Substitute with hexcode + i = i + 12; //move past hex codes + } + } + break; + } } else if (c == '&') { // Essentials color code? i++; // Move past it From db8b1d49c1571ba9666eff313a9361f26fdb8896 Mon Sep 17 00:00:00 2001 From: Robb Currall Date: Thu, 5 Aug 2021 10:56:41 -0400 Subject: [PATCH 2/7] chore: run formatter tools against PHP code Run formatting tools against the PHP source code to meet PSR12 standards The tools used to format the code (for anyone interested in validating the changes are: * [PHP-CS-FIXER](https://github.com/FriendsOfPHP/PHP-CS-Fixer) * [PHPCS](https://github.com/squizlabs/PHP_CodeSniffer/wiki/Fixing-Errors-Automatically) --- .../main/resources/extracted/web/gettiles.php | 15 +- .../extracted/web/standalone/MySQL_access.php | 6 +- .../web/standalone/MySQL_configuration.php | 106 +++++----- .../extracted/web/standalone/MySQL_funcs.php | 194 ++++++++--------- .../web/standalone/MySQL_getlogin.php | 6 +- .../extracted/web/standalone/MySQL_login.php | 102 +++++---- .../web/standalone/MySQL_markers.php | 143 ++++++------- .../web/standalone/MySQL_register.php | 136 ++++++------ .../web/standalone/MySQL_sendmessage.php | 114 +++++----- .../extracted/web/standalone/MySQL_tiles.php | 117 +++++------ .../extracted/web/standalone/MySQL_update.php | 122 +++++------ .../web/standalone/PostgreSQL_access.php | 8 +- .../standalone/PostgreSQL_configuration.php | 106 +++++----- .../web/standalone/PostgreSQL_funcs.php | 198 +++++++++--------- .../web/standalone/PostgreSQL_getlogin.php | 6 +- .../web/standalone/PostgreSQL_login.php | 102 +++++---- .../web/standalone/PostgreSQL_markers.php | 135 ++++++------ .../web/standalone/PostgreSQL_sendmessage.php | 114 +++++----- .../web/standalone/PostgreSQL_tiles.php | 129 ++++++------ .../web/standalone/PostgreSQL_update.php | 122 +++++------ .../web/standalone/SQLite_markers.php | 143 ++++++------- .../extracted/web/standalone/SQLite_tiles.php | 119 +++++------ .../web/standalone/configuration.php | 101 ++++----- .../extracted/web/standalone/login.php | 120 +++++------ .../extracted/web/standalone/markers.php | 53 +++-- .../extracted/web/standalone/register.php | 110 +++++----- .../extracted/web/standalone/sendmessage.php | 103 +++++---- .../extracted/web/standalone/tiles.php | 81 ++++--- .../extracted/web/standalone/update.php | 119 +++++------ .../src/main/resources/extracted/web/up.php | 68 +++--- 30 files changed, 1438 insertions(+), 1560 deletions(-) diff --git a/DynmapCore/src/main/resources/extracted/web/gettiles.php b/DynmapCore/src/main/resources/extracted/web/gettiles.php index 159e69ea..9b41e580 100644 --- a/DynmapCore/src/main/resources/extracted/web/gettiles.php +++ b/DynmapCore/src/main/resources/extracted/web/gettiles.php @@ -1,21 +1,22 @@ diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_access.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_access.php index ece703d9..9845bc07 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_access.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_access.php @@ -1,8 +1,8 @@ diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_configuration.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_configuration.php index 214362b8..232586ee 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_configuration.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_configuration.php @@ -1,22 +1,22 @@ loginrequired && !$loggedin) { + echo $content; +} elseif ($json->loginrequired && !$loggedin) { echo "{ \"error\": \"login-required\" }"; -} -else { - $uid = '[' . strtolower($userid) . ']'; - $json->loggedin = $loggedin; - $wcnt = count($json->worlds); - $newworlds = array(); - for($i = 0; $i < $wcnt; $i++) { - $w = $json->worlds[$i]; - if($w->protected) { - $ss = stristr($worldaccess[$w->name], $uid); - if($ss !== false) { - $newworlds[] = $w; - } - else { - $w = null; - } - } - else { - $newworlds[] = $w; - } - if($w != null) { - $mcnt = count($w->maps); - $newmaps = array(); - for($j = 0; $j < $mcnt; $j++) { - $m = $w->maps[$j]; - if($m->protected) { - $ss = stristr($mapaccess[$w->name . '.' . $m->prefix], $uid); - if($ss !== false) { - $newmaps[] = $m; - } - } - else { - $newmaps[] = $m; - } - } - $w->maps = $newmaps; - } - } - $json->worlds = $newworlds; - - echo json_encode($json); +} else { + $uid = '[' . strtolower($userid) . ']'; + $json->loggedin = $loggedin; + $wcnt = count($json->worlds); + $newworlds = array(); + for ($i = 0; $i < $wcnt; $i++) { + $w = $json->worlds[$i]; + if ($w->protected) { + $ss = stristr($worldaccess[$w->name], $uid); + if ($ss !== false) { + $newworlds[] = $w; + } else { + $w = null; + } + } else { + $newworlds[] = $w; + } + if ($w != null) { + $mcnt = count($w->maps); + $newmaps = array(); + for ($j = 0; $j < $mcnt; $j++) { + $m = $w->maps[$j]; + if ($m->protected) { + $ss = stristr($mapaccess[$w->name . '.' . $m->prefix], $uid); + if ($ss !== false) { + $newmaps[] = $m; + } + } else { + $newmaps[] = $m; + } + } + $w->maps = $newmaps; + } + } + $json->worlds = $newworlds; + + echo json_encode($json); } cleanupDb(); - -?> - diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_funcs.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_funcs.php index d38e9403..a33952e8 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_funcs.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_funcs.php @@ -1,115 +1,121 @@ close(); - $db = NULL; - } +function cleanupDb() +{ + if (isset($db)) { + $db->close(); + $db = null; + } } -function abortDb($errormsg) { - header('HTTP/1.0 500 Error'); - echo "

500 Error

"; - echo $errormsg; - cleanupDb(); - exit; +function abortDb($errormsg) +{ + header('HTTP/1.0 500 Error'); + echo "

500 Error

"; + echo $errormsg; + cleanupDb(); + exit; } -function initDbIfNeeded() { - global $db, $dbhost, $dbuserid, $dbpassword, $dbname, $dbport; - - $pos = strpos($dbname, '?'); +function initDbIfNeeded() +{ + global $db, $dbhost, $dbuserid, $dbpassword, $dbname, $dbport; - if ($pos) { - $dbname = substr($dbname, 0, $pos); - } - - if (!$db) { - $db = mysqli_connect('p:' . $dbhost, $dbuserid, $dbpassword, $dbname, $dbport); - if (mysqli_connect_errno()) { - abortDb("Error opening database"); - } - } + $pos = strpos($dbname, '?'); + + if ($pos) { + $dbname = substr($dbname, 0, $pos); + } + + if (!$db) { + $db = mysqli_connect('p:' . $dbhost, $dbuserid, $dbpassword, $dbname, $dbport); + if (mysqli_connect_errno()) { + abortDb("Error opening database"); + } + } } -function getStandaloneFileByServerId($fname, $sid) { - global $db, $dbprefix; - - initDbIfNeeded(); - $stmt = $db->prepare('SELECT Content from ' . $dbprefix . 'StandaloneFiles WHERE FileName=? AND ServerID=?'); - $stmt->bind_param('si', $fname, $sid); - $res = $stmt->execute(); - $stmt->store_result(); - $stmt->bind_result($content); - if ($stmt->fetch()) { +function getStandaloneFileByServerId($fname, $sid) +{ + global $db, $dbprefix; + + initDbIfNeeded(); + $stmt = $db->prepare('SELECT Content from ' . $dbprefix . 'StandaloneFiles WHERE FileName=? AND ServerID=?'); + $stmt->bind_param('si', $fname, $sid); + $res = $stmt->execute(); + $stmt->store_result(); + $stmt->bind_result($content); + if ($stmt->fetch()) { $rslt = $content; - } - else { - $rslt = NULL; - } - $stmt->close(); - return $rslt; + } else { + $rslt = null; + } + $stmt->close(); + return $rslt; } -function getStandaloneFile($fname) { - global $serverid; - - if (!isset($serverid)) { - $serverid = 0; - if(isset($_REQUEST['serverid'])) { - $serverid = $_REQUEST['serverid']; - } - } - return getStandaloneFileByServerId($fname, $serverid); +function getStandaloneFile($fname) +{ + global $serverid; + + if (!isset($serverid)) { + $serverid = 0; + if (isset($_REQUEST['serverid'])) { + $serverid = $_REQUEST['serverid']; + } + } + return getStandaloneFileByServerId($fname, $serverid); } -function updateStandaloneFileByServerId($fname, $sid, $content) { - global $db, $dbprefix; - - initDbIfNeeded(); - $stmt = $db->prepare('UPDATE ' . $dbprefix . 'StandaloneFiles SET Content=? WHERE FileName=? AND ServerID=?'); - $stmt->bind_param('ssi', $content, $fname, $sid); - $res = $stmt->execute(); - $stmt->close(); - if (!$res) { - $res = insertStandaloneFileByServerId($fname, $sid, $content); - } - return $res; +function updateStandaloneFileByServerId($fname, $sid, $content) +{ + global $db, $dbprefix; + + initDbIfNeeded(); + $stmt = $db->prepare('UPDATE ' . $dbprefix . 'StandaloneFiles SET Content=? WHERE FileName=? AND ServerID=?'); + $stmt->bind_param('ssi', $content, $fname, $sid); + $res = $stmt->execute(); + $stmt->close(); + if (!$res) { + $res = insertStandaloneFileByServerId($fname, $sid, $content); + } + return $res; } -function updateStandaloneFile($fname, $content) { - global $serverid; - - if (!isset($serverid)) { - $serverid = 0; - if(isset($_REQUEST['serverid'])) { - $serverid = $_REQUEST['serverid']; - } - } - return updateStandaloneFileByServerId($fname, $serverid, $content); +function updateStandaloneFile($fname, $content) +{ + global $serverid; + + if (!isset($serverid)) { + $serverid = 0; + if (isset($_REQUEST['serverid'])) { + $serverid = $_REQUEST['serverid']; + } + } + return updateStandaloneFileByServerId($fname, $serverid, $content); } -function insertStandaloneFileByServerId($fname, $sid, $content) { - global $db, $dbprefix; - - initDbIfNeeded(); - $stmt = $db->prepare('INSERT INTO ' . $dbprefix . 'StandaloneFiles (Content,FileName,ServerID) VALUES (?,?,?);'); - $stmt->bind_param('ssi', $content, $fname, $sid); - $res = $stmt->execute(); - $stmt->close(); - return $res; +function insertStandaloneFileByServerId($fname, $sid, $content) +{ + global $db, $dbprefix; + + initDbIfNeeded(); + $stmt = $db->prepare('INSERT INTO ' . $dbprefix . 'StandaloneFiles (Content,FileName,ServerID) VALUES (?,?,?);'); + $stmt->bind_param('ssi', $content, $fname, $sid); + $res = $stmt->execute(); + $stmt->close(); + return $res; } -function insertStandaloneFile($fname, $content) { - global $serverid; - - if (!isset($serverid)) { - $serverid = 0; - if(isset($_REQUEST['serverid'])) { - $serverid = $_REQUEST['serverid']; - } - } - return insertStandaloneFileByServerId($fname, $serverid, $content); -} +function insertStandaloneFile($fname, $content) +{ + global $serverid; -?> + if (!isset($serverid)) { + $serverid = 0; + if (isset($_REQUEST['serverid'])) { + $serverid = $_REQUEST['serverid']; + } + } + return insertStandaloneFileByServerId($fname, $serverid, $content); +} diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_getlogin.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_getlogin.php index 5098b455..727b5016 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_getlogin.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_getlogin.php @@ -1,8 +1,8 @@ diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_login.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_login.php index aa86f975..122f285c 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_login.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_login.php @@ -1,75 +1,69 @@ - diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_markers.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_markers.php index 1c61bab1..688ebe6d 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_markers.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_markers.php @@ -1,22 +1,22 @@ 500 Error"; echo "Bad marker: " . $path; @@ -39,70 +39,62 @@ if(($parts[0] != "faces") && ($parts[0] != "_markers_")) { initDbIfNeeded(); if ($parts[0] == "faces") { - if (count($parts) != 3) { - header('HTTP/1.0 500 Error'); - echo "

500 Error

"; - echo "Bad face: " . $path; - cleanupDb(); - exit(); - } - $ft = 0; - if ($parts[1] == "8x8") { - $ft = 0; - } - else if ($parts[1] == '16x16') { - $ft = 1; - } - else if ($parts[1] == '32x32') { - $ft = 2; - } - else if ($parts[1] == 'body') { - $ft = 3; - } - $pn = explode(".", $parts[2]); - $stmt = $db->prepare('SELECT Image from ' . $dbprefix . 'Faces WHERE PlayerName=? AND TypeID=?'); - $stmt->bind_param('si', $pn[0], $ft); - $res = $stmt->execute(); - $stmt->bind_result($timage); - if ($stmt->fetch()) { - header('Content-Type: image/png'); - echo $timage; - } - else { - header('Location: ../images/blank.png'); - } -} -else { // _markers_ - $in = explode(".", $parts[1]); - $name = implode(".", array_slice($in, 0, count($in) - 1)); - $ext = $in[count($in) - 1]; - if (($ext == "json") && (strpos($name, "marker_") == 0)) { - $world = substr($name, 7); - $stmt = $db->prepare('SELECT Content from ' . $dbprefix . 'MarkerFiles WHERE FileName=?'); - $stmt->bind_param('s', $world); - $res = $stmt->execute(); - $stmt->bind_result($timage); - header('Content-Type: application/json'); - if ($stmt->fetch()) { - echo $timage; - } - else { - echo "{ }"; - } - } - else { - $stmt = $db->prepare('SELECT Image from ' . $dbprefix . 'MarkerIcons WHERE IconName=?'); - $stmt->bind_param('s', $name); - $res = $stmt->execute(); - $stmt->bind_result($timage); - if ($stmt->fetch()) { - header('Content-Type: image/png'); - echo $timage; - } - else { - header('Location: ../images/blank.png'); - } - } + if (count($parts) != 3) { + header('HTTP/1.0 500 Error'); + echo "

500 Error

"; + echo "Bad face: " . $path; + cleanupDb(); + exit(); + } + $ft = 0; + if ($parts[1] == "8x8") { + $ft = 0; + } elseif ($parts[1] == '16x16') { + $ft = 1; + } elseif ($parts[1] == '32x32') { + $ft = 2; + } elseif ($parts[1] == 'body') { + $ft = 3; + } + $pn = explode(".", $parts[2]); + $stmt = $db->prepare('SELECT Image from ' . $dbprefix . 'Faces WHERE PlayerName=? AND TypeID=?'); + $stmt->bind_param('si', $pn[0], $ft); + $res = $stmt->execute(); + $stmt->bind_result($timage); + if ($stmt->fetch()) { + header('Content-Type: image/png'); + echo $timage; + } else { + header('Location: ../images/blank.png'); + } +} else { // _markers_ + $in = explode(".", $parts[1]); + $name = implode(".", array_slice($in, 0, count($in) - 1)); + $ext = $in[count($in) - 1]; + if (($ext == "json") && (strpos($name, "marker_") == 0)) { + $world = substr($name, 7); + $stmt = $db->prepare('SELECT Content from ' . $dbprefix . 'MarkerFiles WHERE FileName=?'); + $stmt->bind_param('s', $world); + $res = $stmt->execute(); + $stmt->bind_result($timage); + header('Content-Type: application/json'); + if ($stmt->fetch()) { + echo $timage; + } else { + echo "{ }"; + } + } else { + $stmt = $db->prepare('SELECT Image from ' . $dbprefix . 'MarkerIcons WHERE IconName=?'); + $stmt->bind_param('s', $name); + $res = $stmt->execute(); + $stmt->bind_result($timage); + if ($stmt->fetch()) { + header('Content-Type: image/png'); + echo $timage; + } else { + header('Location: ../images/blank.png'); + } + } } $stmt->close(); @@ -110,4 +102,3 @@ $stmt->close(); cleanupDb(); exit; -?> diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_register.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_register.php index 0100679f..c6ec38b1 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_register.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_register.php @@ -1,40 +1,37 @@ diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_sendmessage.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_sendmessage.php index 8f7bc0a3..56335b19 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_sendmessage.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_sendmessage.php @@ -1,75 +1,69 @@ timestamp = $timestamp; - $data->ip = $_SERVER['REMOTE_ADDR']; - if(isset($_SESSION['userid'])) { - $uid = $_SESSION['userid']; - if(strcmp($uid, '-guest-')) { - $data->userid = $uid; - } - } - if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) - $data->ip = $_SERVER['HTTP_X_FORWARDED_FOR']; - $content = getStandaloneFile('dynmap_webchat.json'); - $gotold = false; - if (isset($content)) { - $old_messages = json_decode($content, true); - $gotold = true; - } - - if(!empty($old_messages)) - { - foreach($old_messages as $message) - { - if(($timestamp - $config['updaterate'] - 10000) < $message['timestamp']) - $new_messages[] = $message; - } - } - $new_messages[] = $data; - - if ($gotold) { - updateStandaloneFile('dynmap_webchat.json', json_encode($new_messages)); - } - else { - insertStandaloneFile('dynmap_webchat.json', json_encode($new_messages)); - } - - $_SESSION['lastchat'] = time()+$msginterval; - echo "{ \"error\" : \"none\" }"; } -elseif($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat > time()) -{ - header('HTTP/1.1 403 Forbidden'); -} -else { - echo "{ \"error\" : \"none\" }"; + +if ($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat < time()) { + $micro = microtime(true); + $timestamp = round($micro * 1000.0); + + $data = json_decode(trim(file_get_contents('php://input'))); + $data->timestamp = $timestamp; + $data->ip = $_SERVER['REMOTE_ADDR']; + if (isset($_SESSION['userid'])) { + $uid = $_SESSION['userid']; + if (strcmp($uid, '-guest-')) { + $data->userid = $uid; + } + } + if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { + $data->ip = $_SERVER['HTTP_X_FORWARDED_FOR']; + } + $content = getStandaloneFile('dynmap_webchat.json'); + $gotold = false; + if (isset($content)) { + $old_messages = json_decode($content, true); + $gotold = true; + } + + if (!empty($old_messages)) { + foreach ($old_messages as $message) { + if (($timestamp - $config['updaterate'] - 10000) < $message['timestamp']) { + $new_messages[] = $message; + } + } + } + $new_messages[] = $data; + + if ($gotold) { + updateStandaloneFile('dynmap_webchat.json', json_encode($new_messages)); + } else { + insertStandaloneFile('dynmap_webchat.json', json_encode($new_messages)); + } + + $_SESSION['lastchat'] = time() + $msginterval; + echo "{ \"error\" : \"none\" }"; +} elseif ($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat > time()) { + header('HTTP/1.1 403 Forbidden'); +} else { + echo "{ \"error\" : \"none\" }"; } cleanupDb(); - -?> \ No newline at end of file diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_tiles.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_tiles.php index e266abaa..cb68e9b0 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_tiles.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_tiles.php @@ -1,22 +1,22 @@ 4) && (substr($prefix, $plen - 4) === "_day")) { - $prefix = substr($prefix, 0, $plen - 4); - $variant = 'DAY'; - } - $mapid = $world . "." . $prefix; - if(isset($mapaccess[$mapid])) { +$prefix = $parts[1]; +$plen = strlen($prefix); +if (($plen > 4) && (substr($prefix, $plen - 4) === "_day")) { + $prefix = substr($prefix, 0, $plen - 4); + $variant = 'DAY'; +} +$mapid = $world . "." . $prefix; +if (isset($mapaccess[$mapid])) { $ss = stristr($mapaccess[$mapid], $uid); - if($ss === false) { - header('Location: ../images/blank.png'); - cleanupDb(); - exit; - } - } + if ($ss === false) { + header('Location: ../images/blank.png'); + cleanupDb(); + exit; + } +} $fparts = explode("_", $parts[3]); if (count($fparts) == 3) { // zoom_x_y - $zoom = strlen($fparts[0]); - $x = intval($fparts[1]); - $y = intval($fparts[2]); -} -else if (count($fparts) == 2) { // x_y - $zoom = 0; - $x = intval($fparts[0]); - $y = intval($fparts[1]); -} -else { - header('Location: ../images/blank.png'); - cleanupDb(); - exit; + $zoom = strlen($fparts[0]); + $x = intval($fparts[1]); + $y = intval($fparts[2]); +} elseif (count($fparts) == 2) { // x_y + $zoom = 0; + $x = intval($fparts[0]); + $y = intval($fparts[1]); +} else { + header('Location: ../images/blank.png'); + cleanupDb(); + exit; } initDbIfNeeded(); @@ -88,22 +86,19 @@ $stmt->bind_param('sssiii', $world, $prefix, $variant, $x, $y, $zoom); $res = $stmt->execute(); $stmt->bind_result($timage, $format, $thash, $tlast); if ($stmt->fetch()) { - if ($format == 0) { - header('Content-Type: image/png'); - } - else { - header('Content-Type: image/jpeg'); - } - header('ETag: \'' . $thash . '\''); - header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $tlast/1000) . ' GMT'); - echo $timage; -} -else { - header('Location: ../images/blank.png'); + if ($format == 0) { + header('Content-Type: image/png'); + } else { + header('Content-Type: image/jpeg'); + } + header('ETag: \'' . $thash . '\''); + header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $tlast / 1000) . ' GMT'); + echo $timage; +} else { + header('Location: ../images/blank.png'); } $stmt->close(); cleanupDb(); exit; -?> diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_update.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_update.php index 10beaac6..1cc571c2 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_update.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_update.php @@ -1,52 +1,53 @@ loginrequired) && $json->loginrequired && !$loggedin) { + echo $content; +} elseif (isset($json->loginrequired) && $json->loginrequired && !$loggedin) { echo "{ \"error\": \"login-required\" }"; -} -else { - $json = json_decode($content); - $json->loggedin = $loggedin; - if (isset($json->protected) && $json->protected) { - $ss = stristr($seeallmarkers, $uid); - if($ss === false) { - if(isset($playervisible[$useridlc])) { - $plist = $playervisible[$useridlc]; - $pcnt = count($json->players); - for($i = 0; $i < $pcnt; $i++) { - $p = $json->players[$i]; - if(!stristr($plist, '[' . $p->account . ']')) { - $p->world = "-some-other-bogus-world-"; - $p->x = 0.0; - $p->y = 64.0; - $p->z = 0.0; - } - } - } - else { - $pcnt = count($json->players); - for($i = 0; $i < $pcnt; $i++) { - $p = $json->players[$i]; - if(strcasecmp($userid, $p->account) != 0) { - $p->world = "-some-other-bogus-world-"; - $p->x = 0.0; - $p->y = 64.0; - $p->z = 0.0; - } - } - } - } - } - echo json_encode($json); +} else { + $json = json_decode($content); + $json->loggedin = $loggedin; + if (isset($json->protected) && $json->protected) { + $ss = stristr($seeallmarkers, $uid); + if ($ss === false) { + if (isset($playervisible[$useridlc])) { + $plist = $playervisible[$useridlc]; + $pcnt = count($json->players); + for ($i = 0; $i < $pcnt; $i++) { + $p = $json->players[$i]; + if (!stristr($plist, '[' . $p->account . ']')) { + $p->world = "-some-other-bogus-world-"; + $p->x = 0.0; + $p->y = 64.0; + $p->z = 0.0; + } + } + } else { + $pcnt = count($json->players); + for ($i = 0; $i < $pcnt; $i++) { + $p = $json->players[$i]; + if (strcasecmp($userid, $p->account) != 0) { + $p->world = "-some-other-bogus-world-"; + $p->x = 0.0; + $p->y = 64.0; + $p->z = 0.0; + } + } + } + } + } + echo json_encode($json); } cleanupDb(); - - -?> - diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_access.php b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_access.php index ff4deea7..11d5eb01 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_access.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_access.php @@ -1,9 +1,9 @@ diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_configuration.php b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_configuration.php index 7678df14..7f93c902 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_configuration.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_configuration.php @@ -1,22 +1,22 @@ loginrequired && !$loggedin) { + echo $content; +} elseif ($json->loginrequired && !$loggedin) { echo "{ \"error\": \"login-required\" }"; -} -else { - $uid = '[' . strtolower($userid) . ']'; - $json->loggedin = $loggedin; - $wcnt = count($json->worlds); - $newworlds = array(); - for($i = 0; $i < $wcnt; $i++) { - $w = $json->worlds[$i]; - if($w->protected) { - $ss = stristr($worldaccess[$w->name], $uid); - if($ss !== false) { - $newworlds[] = $w; - } - else { - $w = null; - } - } - else { - $newworlds[] = $w; - } - if($w != null) { - $mcnt = count($w->maps); - $newmaps = array(); - for($j = 0; $j < $mcnt; $j++) { - $m = $w->maps[$j]; - if($m->protected) { - $ss = stristr($mapaccess[$w->name . '.' . $m->prefix], $uid); - if($ss !== false) { - $newmaps[] = $m; - } - } - else { - $newmaps[] = $m; - } - } - $w->maps = $newmaps; - } - } - $json->worlds = $newworlds; - - echo json_encode($json); +} else { + $uid = '[' . strtolower($userid) . ']'; + $json->loggedin = $loggedin; + $wcnt = count($json->worlds); + $newworlds = array(); + for ($i = 0; $i < $wcnt; $i++) { + $w = $json->worlds[$i]; + if ($w->protected) { + $ss = stristr($worldaccess[$w->name], $uid); + if ($ss !== false) { + $newworlds[] = $w; + } else { + $w = null; + } + } else { + $newworlds[] = $w; + } + if ($w != null) { + $mcnt = count($w->maps); + $newmaps = array(); + for ($j = 0; $j < $mcnt; $j++) { + $m = $w->maps[$j]; + if ($m->protected) { + $ss = stristr($mapaccess[$w->name . '.' . $m->prefix], $uid); + if ($ss !== false) { + $newmaps[] = $m; + } + } else { + $newmaps[] = $m; + } + } + $w->maps = $newmaps; + } + } + $json->worlds = $newworlds; + + echo json_encode($json); } cleanupDb(); - -?> - diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_funcs.php b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_funcs.php index 51b4315c..be540f18 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_funcs.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_funcs.php @@ -1,118 +1,124 @@ close(); - $db = NULL; - } +function cleanupDb() +{ + if (isset($db)) { + $db->close(); + $db = null; + } } -function abortDb($errormsg) { - header('HTTP/1.0 500 Error'); - echo "

500 Error

"; - echo $errormsg; - cleanupDb(); - exit; +function abortDb($errormsg) +{ + header('HTTP/1.0 500 Error'); + echo "

500 Error

"; + echo $errormsg; + cleanupDb(); + exit; } -function initDbIfNeeded() { - global $db, $dbhost, $dbuserid, $dbpassword, $dbname, $dbport; - - $pos = strpos($dbname, '?'); +function initDbIfNeeded() +{ + global $db, $dbhost, $dbuserid, $dbpassword, $dbname, $dbport; - if ($pos) { - $dbname = substr($dbname, 0, $pos); - } - - if (!$db) { - $db = new PDO("pgsql:host=$dbhost;port=$dbport;dbname=$dbname", $dbuserid , $dbpassword, array(PDO::ATTR_PERSISTENT => true)); - $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); - if (!$db) { - abortDb("Error opening database"); - } - } + $pos = strpos($dbname, '?'); + + if ($pos) { + $dbname = substr($dbname, 0, $pos); + } + + if (!$db) { + $db = new PDO("pgsql:host=$dbhost;port=$dbport;dbname=$dbname", $dbuserid, $dbpassword, array(PDO::ATTR_PERSISTENT => true)); + $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + if (!$db) { + abortDb("Error opening database"); + } + } } -function getStandaloneFileByServerId($fname, $sid) { - global $db, $dbprefix; - - initDbIfNeeded(); - $stmt = $db->prepare('SELECT Content from ' . $dbprefix . 'StandaloneFiles WHERE FileName=:fname AND ServerID=:sid'); - $stmt->bindParam(':fname', $fname, PDO::PARAM_STR); - $stmt->bindParam(':sid', $sid, PDO::PARAM_INT); - $res = $stmt->execute(); - $content = $stmt->fetch(PDO::FETCH_BOTH); - if ($res && $content) { +function getStandaloneFileByServerId($fname, $sid) +{ + global $db, $dbprefix; + + initDbIfNeeded(); + $stmt = $db->prepare('SELECT Content from ' . $dbprefix . 'StandaloneFiles WHERE FileName=:fname AND ServerID=:sid'); + $stmt->bindParam(':fname', $fname, PDO::PARAM_STR); + $stmt->bindParam(':sid', $sid, PDO::PARAM_INT); + $res = $stmt->execute(); + $content = $stmt->fetch(PDO::FETCH_BOTH); + if ($res && $content) { $rslt = stream_get_contents($content[0]); //stupid streams... - } - else { - $rslt = NULL; - } - $stmt->closeCursor(); - return $rslt; + } else { + $rslt = null; + } + $stmt->closeCursor(); + return $rslt; } -function getStandaloneFile($fname) { - global $serverid; - - if (!isset($serverid)) { - $serverid = 0; - if(isset($_REQUEST['serverid'])) { - $serverid = $_REQUEST['serverid']; - } - } - return getStandaloneFileByServerId($fname, $serverid); +function getStandaloneFile($fname) +{ + global $serverid; + + if (!isset($serverid)) { + $serverid = 0; + if (isset($_REQUEST['serverid'])) { + $serverid = $_REQUEST['serverid']; + } + } + return getStandaloneFileByServerId($fname, $serverid); } -function updateStandaloneFileByServerId($fname, $sid, $content) { - global $db, $dbprefix; - - initDbIfNeeded(); - $stmt = $db->prepare('UPDATE ' . $dbprefix . 'StandaloneFiles SET Content=:content WHERE FileName=:fname AND ServerID=:sid'); - $stmt->bindParam(':content', $content, PDO::PARAM_STR); - $stmt->bindParam(':fname', $fname, PDO::PARAM_STR); - $stmt->bindParam(':sid', $sid, PDO::PARAM_INT); - $res = $stmt->execute(); - $stmt->closeCursor(); - if (!$res) { - $res = insertStandaloneFileByServerId($fname, $sid, $content); - } - return $res; +function updateStandaloneFileByServerId($fname, $sid, $content) +{ + global $db, $dbprefix; + + initDbIfNeeded(); + $stmt = $db->prepare('UPDATE ' . $dbprefix . 'StandaloneFiles SET Content=:content WHERE FileName=:fname AND ServerID=:sid'); + $stmt->bindParam(':content', $content, PDO::PARAM_STR); + $stmt->bindParam(':fname', $fname, PDO::PARAM_STR); + $stmt->bindParam(':sid', $sid, PDO::PARAM_INT); + $res = $stmt->execute(); + $stmt->closeCursor(); + if (!$res) { + $res = insertStandaloneFileByServerId($fname, $sid, $content); + } + return $res; } -function updateStandaloneFile($fname, $content) { - global $serverid; - - if (!isset($serverid)) { - $serverid = 0; - if(isset($_REQUEST['serverid'])) { - $serverid = $_REQUEST['serverid']; - } - } - return updateStandaloneFileByServerId($fname, $serverid, $content); +function updateStandaloneFile($fname, $content) +{ + global $serverid; + + if (!isset($serverid)) { + $serverid = 0; + if (isset($_REQUEST['serverid'])) { + $serverid = $_REQUEST['serverid']; + } + } + return updateStandaloneFileByServerId($fname, $serverid, $content); } -function insertStandaloneFileByServerId($fname, $sid, $content) { - global $db, $dbprefix; - - initDbIfNeeded(); - $stmt = $db->prepare('INSERT INTO ' . $dbprefix . 'StandaloneFiles (Content,FileName,ServerID) VALUES (?,?,?);'); - $res = $stmt->execute(array($content, $fname, $sid)); - $stmt->close(); - return $res; +function insertStandaloneFileByServerId($fname, $sid, $content) +{ + global $db, $dbprefix; + + initDbIfNeeded(); + $stmt = $db->prepare('INSERT INTO ' . $dbprefix . 'StandaloneFiles (Content,FileName,ServerID) VALUES (?,?,?);'); + $res = $stmt->execute(array($content, $fname, $sid)); + $stmt->close(); + return $res; } -function insertStandaloneFile($fname, $content) { - global $serverid; - - if (!isset($serverid)) { - $serverid = 0; - if(isset($_REQUEST['serverid'])) { - $serverid = $_REQUEST['serverid']; - } - } - return insertStandaloneFileByServerId($fname, $serverid, $content); -} +function insertStandaloneFile($fname, $content) +{ + global $serverid; -?> + if (!isset($serverid)) { + $serverid = 0; + if (isset($_REQUEST['serverid'])) { + $serverid = $_REQUEST['serverid']; + } + } + return insertStandaloneFileByServerId($fname, $serverid, $content); +} diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_getlogin.php b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_getlogin.php index 4619d8ff..b6bf62cf 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_getlogin.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_getlogin.php @@ -1,8 +1,8 @@ diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_login.php b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_login.php index fc80539d..42bcbea9 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_login.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_login.php @@ -1,75 +1,69 @@ - diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_markers.php b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_markers.php index a73ed066..76beb457 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_markers.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_markers.php @@ -1,22 +1,22 @@ 500 Error"; echo "Bad marker: " . $path; @@ -39,67 +39,59 @@ if(($parts[0] != "faces") && ($parts[0] != "_markers_")) { initDbIfNeeded(); if ($parts[0] == "faces") { - if (count($parts) != 3) { - header('HTTP/1.0 500 Error'); - echo "

500 Error

"; - echo "Bad face: " . $path; - cleanupDb(); - exit(); - } - $ft = 0; - if ($parts[1] == "8x8") { - $ft = 0; - } - else if ($parts[1] == '16x16') { - $ft = 1; - } - else if ($parts[1] == '32x32') { - $ft = 2; - } - else if ($parts[1] == 'body') { - $ft = 3; - } - $pn = explode(".", $parts[2]); - $stmt = $db->prepare('SELECT Image from ' . $dbprefix . 'Faces WHERE PlayerName=? AND TypeID=?'); - $res = $stmt->execute(array($pn[0], $ft)); - $timage = $stmt->fetch(); - if ($res && $timage) { - header('Content-Type: image/png'); - echo stream_get_contents($timage[0]); - } - else { - header('Location: ../images/blank.png'); - } -} -else { // _markers_ - $in = explode(".", $parts[1]); - $name = implode(".", array_slice($in, 0, count($in) - 1)); - $ext = $in[count($in) - 1]; - if (($ext == "json") && (strpos($name, "marker_") == 0)) { - $world = substr($name, 7); - $stmt = $db->prepare('SELECT Content from ' . $dbprefix . 'MarkerFiles WHERE FileName=?'); - $res = $stmt->execute(array($world)); - $timage = $stmt->fetch(); - header('Content-Type: application/json'); - if ($res && $timage) { - echo stream_get_contents($timage[0]); //PDO returns arrays, even for single colums, and bytea is returned as stream. - } - else { - echo "{ }"; - } - } - else { - $stmt = $db->prepare('SELECT Image from ' . $dbprefix . 'MarkerIcons WHERE IconName=?'); - $res = $stmt->execute(array($name)); + if (count($parts) != 3) { + header('HTTP/1.0 500 Error'); + echo "

500 Error

"; + echo "Bad face: " . $path; + cleanupDb(); + exit(); + } + $ft = 0; + if ($parts[1] == "8x8") { + $ft = 0; + } elseif ($parts[1] == '16x16') { + $ft = 1; + } elseif ($parts[1] == '32x32') { + $ft = 2; + } elseif ($parts[1] == 'body') { + $ft = 3; + } + $pn = explode(".", $parts[2]); + $stmt = $db->prepare('SELECT Image from ' . $dbprefix . 'Faces WHERE PlayerName=? AND TypeID=?'); + $res = $stmt->execute(array($pn[0], $ft)); + $timage = $stmt->fetch(); + if ($res && $timage) { + header('Content-Type: image/png'); + echo stream_get_contents($timage[0]); + } else { + header('Location: ../images/blank.png'); + } +} else { // _markers_ + $in = explode(".", $parts[1]); + $name = implode(".", array_slice($in, 0, count($in) - 1)); + $ext = $in[count($in) - 1]; + if (($ext == "json") && (strpos($name, "marker_") == 0)) { + $world = substr($name, 7); + $stmt = $db->prepare('SELECT Content from ' . $dbprefix . 'MarkerFiles WHERE FileName=?'); + $res = $stmt->execute(array($world)); $timage = $stmt->fetch(); - if ($res && $timage) { - header('Content-Type: image/png'); - echo stream_get_contents($timage[0]); - } - else { - header('Location: ../images/blank.png'); - } - } + header('Content-Type: application/json'); + if ($res && $timage) { + echo stream_get_contents($timage[0]); //PDO returns arrays, even for single colums, and bytea is returned as stream. + } else { + echo "{ }"; + } + } else { + $stmt = $db->prepare('SELECT Image from ' . $dbprefix . 'MarkerIcons WHERE IconName=?'); + $res = $stmt->execute(array($name)); + $timage = $stmt->fetch(); + if ($res && $timage) { + header('Content-Type: image/png'); + echo stream_get_contents($timage[0]); + } else { + header('Location: ../images/blank.png'); + } + } } $stmt->closeCursor(); @@ -107,4 +99,3 @@ $stmt->closeCursor(); cleanupDb(); exit; -?> diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_sendmessage.php b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_sendmessage.php index 6aaa6281..1b8e62fd 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_sendmessage.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_sendmessage.php @@ -1,75 +1,69 @@ timestamp = $timestamp; - $data->ip = $_SERVER['REMOTE_ADDR']; - if(isset($_SESSION['userid'])) { - $uid = $_SESSION['userid']; - if(strcmp($uid, '-guest-')) { - $data->userid = $uid; - } - } - if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) - $data->ip = $_SERVER['HTTP_X_FORWARDED_FOR']; - $content = getStandaloneFile('dynmap_webchat.json'); - $gotold = false; - if (isset($content)) { - $old_messages = json_decode($content, true); - $gotold = true; - } - - if(!empty($old_messages)) - { - foreach($old_messages as $message) - { - if(($timestamp - $config['updaterate'] - 10000) < $message['timestamp']) - $new_messages[] = $message; - } - } - $new_messages[] = $data; - - if ($gotold) { - updateStandaloneFile('dynmap_webchat.json', json_encode($new_messages)); - } - else { - insertStandaloneFile('dynmap_webchat.json', json_encode($new_messages)); - } - - $_SESSION['lastchat'] = time()+$msginterval; - echo "{ \"error\" : \"none\" }"; } -elseif($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat > time()) -{ - header('HTTP/1.1 403 Forbidden'); -} -else { - echo "{ \"error\" : \"none\" }"; + +if ($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat < time()) { + $micro = microtime(true); + $timestamp = round($micro * 1000.0); + + $data = json_decode(trim(file_get_contents('php://input'))); + $data->timestamp = $timestamp; + $data->ip = $_SERVER['REMOTE_ADDR']; + if (isset($_SESSION['userid'])) { + $uid = $_SESSION['userid']; + if (strcmp($uid, '-guest-')) { + $data->userid = $uid; + } + } + if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { + $data->ip = $_SERVER['HTTP_X_FORWARDED_FOR']; + } + $content = getStandaloneFile('dynmap_webchat.json'); + $gotold = false; + if (isset($content)) { + $old_messages = json_decode($content, true); + $gotold = true; + } + + if (!empty($old_messages)) { + foreach ($old_messages as $message) { + if (($timestamp - $config['updaterate'] - 10000) < $message['timestamp']) { + $new_messages[] = $message; + } + } + } + $new_messages[] = $data; + + if ($gotold) { + updateStandaloneFile('dynmap_webchat.json', json_encode($new_messages)); + } else { + insertStandaloneFile('dynmap_webchat.json', json_encode($new_messages)); + } + + $_SESSION['lastchat'] = time() + $msginterval; + echo "{ \"error\" : \"none\" }"; +} elseif ($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat > time()) { + header('HTTP/1.1 403 Forbidden'); +} else { + echo "{ \"error\" : \"none\" }"; } cleanupDb(); - -?> diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_tiles.php b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_tiles.php index 0e2cf7c8..752e977d 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_tiles.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_tiles.php @@ -1,22 +1,22 @@ 4) && (substr($prefix, $plen - 4) === "_day")) { - $prefix = substr($prefix, 0, $plen - 4); - $variant = 'DAY'; - } - $mapid = $world . "." . $prefix; - if(isset($mapaccess[$mapid])) { +$prefix = $parts[1]; +$plen = strlen($prefix); +if (($plen > 4) && (substr($prefix, $plen - 4) === "_day")) { + $prefix = substr($prefix, 0, $plen - 4); + $variant = 'DAY'; +} +$mapid = $world . "." . $prefix; +if (isset($mapaccess[$mapid])) { $ss = stristr($mapaccess[$mapid], $uid); - if($ss === false) { - header('Location: ../images/blank.png'); - cleanupDb(); - exit; - } - } + if ($ss === false) { + header('Location: ../images/blank.png'); + cleanupDb(); + exit; + } +} $fparts = explode("_", $parts[3]); if (count($fparts) == 3) { // zoom_x_y - $zoom = strlen($fparts[0]); - $x = intval($fparts[1]); - $y = intval($fparts[2]); -} -else if (count($fparts) == 2) { // x_y - $zoom = 0; - $x = intval($fparts[0]); - $y = intval($fparts[1]); -} -else { - header('Location: ../images/blank.png'); - cleanupDb(); - exit; + $zoom = strlen($fparts[0]); + $x = intval($fparts[1]); + $y = intval($fparts[2]); +} elseif (count($fparts) == 2) { // x_y + $zoom = 0; + $x = intval($fparts[0]); + $y = intval($fparts[1]); +} else { + header('Location: ../images/blank.png'); + cleanupDb(); + exit; } initDbIfNeeded(); $stmt = $db->prepare('SELECT t.Image,t.Format,t.HashCode,t.LastUpdate FROM ' . $dbprefix . 'Maps m JOIN ' . $dbprefix . 'Tiles t ON m.ID=t.MapID WHERE m.WorldID=? AND m.MapID=? AND m.Variant=? AND t.x=? AND t.y=? and t.zoom=?'); -$stmt->bindParam(1,$world, PDO::PARAM_STR); -$stmt->bindParam(2,$prefix, PDO::PARAM_STR); -$stmt->bindParam(3,$variant, PDO::PARAM_STR); -$stmt->bindParam(4,$x, PDO::PARAM_INT); -$stmt->bindParam(5,$y, PDO::PARAM_INT); -$stmt->bindParam(6,$zoom, PDO::PARAM_INT); +$stmt->bindParam(1, $world, PDO::PARAM_STR); +$stmt->bindParam(2, $prefix, PDO::PARAM_STR); +$stmt->bindParam(3, $variant, PDO::PARAM_STR); +$stmt->bindParam(4, $x, PDO::PARAM_INT); +$stmt->bindParam(5, $y, PDO::PARAM_INT); +$stmt->bindParam(6, $zoom, PDO::PARAM_INT); $res = $stmt->execute(); list($timage, $format, $thash, $tlast) = $stmt->fetch(); if ($res && $timage) { - if ($format == 0) { - header('Content-Type: image/png'); - } - else { - header('Content-Type: image/jpeg'); - } - header('ETag: \'' . $thash . '\''); - header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $tlast/1000) . ' GMT'); - echo stream_get_contents($timage); -} -else { - header('Location: ../images/blank.png'); + if ($format == 0) { + header('Content-Type: image/png'); + } else { + header('Content-Type: image/jpeg'); + } + header('ETag: \'' . $thash . '\''); + header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $tlast / 1000) . ' GMT'); + echo stream_get_contents($timage); +} else { + header('Location: ../images/blank.png'); } $stmt->closeCursor(); cleanupDb(); exit; -?> diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_update.php b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_update.php index 45b9efb7..8238ceaf 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_update.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_update.php @@ -1,52 +1,53 @@ loginrequired) && $json->loginrequired && !$loggedin) { + echo $content; +} elseif (isset($json->loginrequired) && $json->loginrequired && !$loggedin) { echo "{ \"error\": \"login-required\" }"; -} -else { - $json = json_decode($content); - $json->loggedin = $loggedin; - if (isset($json->protected) && $json->protected) { - $ss = stristr($seeallmarkers, $uid); - if($ss === false) { - if(isset($playervisible[$useridlc])) { - $plist = $playervisible[$useridlc]; - $pcnt = count($json->players); - for($i = 0; $i < $pcnt; $i++) { - $p = $json->players[$i]; - if(!stristr($plist, '[' . $p->account . ']')) { - $p->world = "-some-other-bogus-world-"; - $p->x = 0.0; - $p->y = 64.0; - $p->z = 0.0; - } - } - } - else { - $pcnt = count($json->players); - for($i = 0; $i < $pcnt; $i++) { - $p = $json->players[$i]; - if(strcasecmp($userid, $p->account) != 0) { - $p->world = "-some-other-bogus-world-"; - $p->x = 0.0; - $p->y = 64.0; - $p->z = 0.0; - } - } - } - } - } - echo json_encode($json); +} else { + $json = json_decode($content); + $json->loggedin = $loggedin; + if (isset($json->protected) && $json->protected) { + $ss = stristr($seeallmarkers, $uid); + if ($ss === false) { + if (isset($playervisible[$useridlc])) { + $plist = $playervisible[$useridlc]; + $pcnt = count($json->players); + for ($i = 0; $i < $pcnt; $i++) { + $p = $json->players[$i]; + if (!stristr($plist, '[' . $p->account . ']')) { + $p->world = "-some-other-bogus-world-"; + $p->x = 0.0; + $p->y = 64.0; + $p->z = 0.0; + } + } + } else { + $pcnt = count($json->players); + for ($i = 0; $i < $pcnt; $i++) { + $p = $json->players[$i]; + if (strcasecmp($userid, $p->account) != 0) { + $p->world = "-some-other-bogus-world-"; + $p->x = 0.0; + $p->y = 64.0; + $p->z = 0.0; + } + } + } + } + } + echo json_encode($json); } cleanupDb(); - - -?> - diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_markers.php b/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_markers.php index 7d4c894a..769f2562 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_markers.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_markers.php @@ -1,20 +1,20 @@ 500 Error"; echo "Bad marker: " . $path; @@ -37,72 +37,64 @@ if(($parts[0] != "faces") && ($parts[0] != "_markers_")) { $db = new SQLite3($dbfile, SQLITE3_OPEN_READONLY); if ($parts[0] == "faces") { - if (count($parts) != 3) { - header('HTTP/1.0 500 Error'); - echo "

500 Error

"; - echo "Bad face: " . $path; - exit(); - } - $ft = 0; - if ($parts[1] == "8x8") { - $ft = 0; - } - else if ($parts[1] == '16x16') { - $ft = 1; - } - else if ($parts[1] == '32x32') { - $ft = 2; - } - else if ($parts[1] == 'body') { - $ft = 3; - } - $pn = explode(".", $parts[2]); - $stmt = $db->prepare('SELECT Image from Faces WHERE PlayerName=:pn AND TypeID=:ft'); - $stmt->bindValue(":pn", $pn[0], SQLITE3_TEXT); - $stmt->bindValue(":ft", $ft, SQLITE3_INTEGER); - $res = $stmt->execute(); - $row = $res->fetchArray(); - if (isset($row[0])) { - header('Content-Type: image/png'); - echo $row[0]; - } - else { - header('Location: ../images/blank.png'); - exit; - } -} -else { // _markers_ - $in = explode(".", $parts[1]); - $name = implode(".", array_slice($in, 0, count($in) - 1)); - $ext = $in[count($in) - 1]; - if (($ext == "json") && (strpos($name, "marker_") == 0)) { - $world = substr($name, 7); - $stmt = $db->prepare('SELECT Content from MarkerFiles WHERE FileName=:fn'); - $stmt->bindValue(':fn', $world, SQLITE3_TEXT); - $res = $stmt->execute(); - $row = $res->fetchArray(); - header('Content-Type: application/json'); - if (isset($row[0])) { - echo $row[0]; - } - else { - echo "{ }"; - } - } - else { - $stmt = $db->prepare('SELECT Image from MarkerIcons WHERE IconName=:in'); - $stmt->bindValue(":in", $name, SQLITE3_TEXT); - $res = $stmt->execute(); - $row = $res->fetchArray(); - if (isset($row[0])) { - header('Content-Type: image/png'); - echo $row[0]; - } - else { - header('Location: ../images/blank.png'); - exit; - } - } + if (count($parts) != 3) { + header('HTTP/1.0 500 Error'); + echo "

500 Error

"; + echo "Bad face: " . $path; + exit(); + } + $ft = 0; + if ($parts[1] == "8x8") { + $ft = 0; + } elseif ($parts[1] == '16x16') { + $ft = 1; + } elseif ($parts[1] == '32x32') { + $ft = 2; + } elseif ($parts[1] == 'body') { + $ft = 3; + } + $pn = explode(".", $parts[2]); + $stmt = $db->prepare('SELECT Image from Faces WHERE PlayerName=:pn AND TypeID=:ft'); + $stmt->bindValue(":pn", $pn[0], SQLITE3_TEXT); + $stmt->bindValue(":ft", $ft, SQLITE3_INTEGER); + $res = $stmt->execute(); + $row = $res->fetchArray(); + if (isset($row[0])) { + header('Content-Type: image/png'); + echo $row[0]; + } else { + header('Location: ../images/blank.png'); + exit; + } +} else { // _markers_ + $in = explode(".", $parts[1]); + $name = implode(".", array_slice($in, 0, count($in) - 1)); + $ext = $in[count($in) - 1]; + if (($ext == "json") && (strpos($name, "marker_") == 0)) { + $world = substr($name, 7); + $stmt = $db->prepare('SELECT Content from MarkerFiles WHERE FileName=:fn'); + $stmt->bindValue(':fn', $world, SQLITE3_TEXT); + $res = $stmt->execute(); + $row = $res->fetchArray(); + header('Content-Type: application/json'); + if (isset($row[0])) { + echo $row[0]; + } else { + echo "{ }"; + } + } else { + $stmt = $db->prepare('SELECT Image from MarkerIcons WHERE IconName=:in'); + $stmt->bindValue(":in", $name, SQLITE3_TEXT); + $res = $stmt->execute(); + $row = $res->fetchArray(); + if (isset($row[0])) { + header('Content-Type: image/png'); + echo $row[0]; + } else { + header('Location: ../images/blank.png'); + exit; + } + } } $res->finalize(); @@ -111,4 +103,3 @@ $db->close(); exit; -?> diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_tiles.php b/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_tiles.php index adf86a7a..bd034583 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_tiles.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_tiles.php @@ -1,20 +1,20 @@ 4) && (substr($prefix, $plen - 4) === "_day")) { - $prefix = substr($prefix, 0, $plen - 4); - $variant = 'DAY'; - } - $mapid = $world . "." . $prefix; - if(isset($mapaccess[$mapid])) { +$prefix = $parts[1]; +$plen = strlen($prefix); +if (($plen > 4) && (substr($prefix, $plen - 4) === "_day")) { + $prefix = substr($prefix, 0, $plen - 4); + $variant = 'DAY'; +} +$mapid = $world . "." . $prefix; +if (isset($mapaccess[$mapid])) { $ss = stristr($mapaccess[$mapid], $uid); - if($ss === false) { - header('Location: ../images/blank.png'); - exit; - } - } + if ($ss === false) { + header('Location: ../images/blank.png'); + exit; + } +} $fparts = explode("_", $parts[3]); if (count($fparts) == 3) { // zoom_x_y - $zoom = strlen($fparts[0]); - $x = intval($fparts[1]); - $y = intval($fparts[2]); -} -else if (count($fparts) == 2) { // x_y - $zoom = 0; - $x = intval($fparts[0]); - $y = intval($fparts[1]); -} -else { - header('Location: ../images/blank.png'); - exit; + $zoom = strlen($fparts[0]); + $x = intval($fparts[1]); + $y = intval($fparts[2]); +} elseif (count($fparts) == 2) { // x_y + $zoom = 0; + $x = intval($fparts[0]); + $y = intval($fparts[1]); +} else { + header('Location: ../images/blank.png'); + exit; } $db = new SQLite3($dbfile, SQLITE3_OPEN_READONLY); @@ -88,25 +86,23 @@ $stmt->bindValue(':zoom', $zoom, SQLITE3_INTEGER); $res = $stmt->execute(); $row = $res->fetchArray(); if (isset($row[1])) { - $format = $row[1]; - if ($format == 0) { - header('Content-Type: image/png'); - } - else { - header('Content-Type: image/jpeg'); - } - header('ETag: \'' . $row[2] . '\''); - header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $row[3]/1000) . ' GMT'); - if ($row[4] > 0) { - $v = substr($row[0], 0, $row[4]); - } else { - $v = rtrim($row[0], "\0"); - } - header('Content-Length: ' . strlen($v)); - echo $v; -} -else { - header('Location: ../images/blank.png'); + $format = $row[1]; + if ($format == 0) { + header('Content-Type: image/png'); + } else { + header('Content-Type: image/jpeg'); + } + header('ETag: \'' . $row[2] . '\''); + header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $row[3] / 1000) . ' GMT'); + if ($row[4] > 0) { + $v = substr($row[0], 0, $row[4]); + } else { + $v = rtrim($row[0], "\0"); + } + header('Content-Length: ' . strlen($v)); + echo $v; +} else { + header('Location: ../images/blank.png'); } $res->finalize(); @@ -114,4 +110,3 @@ $stmt->close(); $db->close(); exit; -?> diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/configuration.php b/DynmapCore/src/main/resources/extracted/web/standalone/configuration.php index 700af65e..436701c8 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/configuration.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/configuration.php @@ -1,74 +1,65 @@ loginrequired && !$loggedin) { +if ($json->loginrequired && !$loggedin) { echo "{ \"error\": \"login-required\" }"; +} else { + $uid = '[' . strtolower($userid) . ']'; + $json->loggedin = $loggedin; + $wcnt = count($json->worlds); + for ($i = 0; $i < $wcnt; $i++) { + $w = $json->worlds[$i]; + if ($w->protected) { + $ss = stristr($worldaccess[$w->name], $uid); + if ($ss !== false) { + $newworlds[] = $w; + } else { + $w = null; + } + } else { + $newworlds[] = $w; + } + if ($w != null) { + $mcnt = count($w->maps); + $newmaps = array(); + for ($j = 0; $j < $mcnt; $j++) { + $m = $w->maps[$j]; + if ($m->protected) { + $ss = stristr($mapaccess[$w->name . '.' . $m->prefix], $uid); + if ($ss !== false) { + $newmaps[] = $m; + } + } else { + $newmaps[] = $m; + } + } + $w->maps = $newmaps; + } + } + $json->worlds = $newworlds; + + echo json_encode($json); } -else { - $uid = '[' . strtolower($userid) . ']'; - $json->loggedin = $loggedin; - $wcnt = count($json->worlds); - for($i = 0; $i < $wcnt; $i++) { - $w = $json->worlds[$i]; - if($w->protected) { - $ss = stristr($worldaccess[$w->name], $uid); - if($ss !== false) { - $newworlds[] = $w; - } - else { - $w = null; - } - } - else { - $newworlds[] = $w; - } - if($w != null) { - $mcnt = count($w->maps); - $newmaps = array(); - for($j = 0; $j < $mcnt; $j++) { - $m = $w->maps[$j]; - if($m->protected) { - $ss = stristr($mapaccess[$w->name . '.' . $m->prefix], $uid); - if($ss !== false) { - $newmaps[] = $m; - } - } - else { - $newmaps[] = $m; - } - } - $w->maps = $newmaps; - } - } - $json->worlds = $newworlds; - - echo json_encode($json); -} - - - -?> - diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/login.php b/DynmapCore/src/main/resources/extracted/web/standalone/login.php index 70e27cf1..2f720dd8 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/login.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/login.php @@ -1,78 +1,72 @@ '; - file_put_contents('dynmap_reg.php', implode("\n", $newlines)); - } - } +if (is_readable('dynmap_reg.php')) { + $lines = file('dynmap_reg.php'); +} else { + $lines = array(); +} +if (!empty($lines)) { + $cnt = count($lines) - 1; + $changed = false; + for ($i = 1; $i < $cnt; $i++) { + list($uid, $pc, $hsh) = explode('=', rtrim($lines[$i])); + if ($uid == $useridlc) { + continue; + } + if (array_key_exists($uid, $pendingreg)) { + $newlines[] = $uid . '=' . $pc . '=' . $hsh; + } else { + $changed = true; + } + } + if ($changed) { + if (count($newlines) < 2) { /* Nothing? */ + unlink('dynmap_reg.php'); + } else { + $newlines[] = '*/ ?>'; + file_put_contents('dynmap_reg.php', implode("\n", $newlines)); + } + } } -if($good) { - echo "{ \"result\": \"success\" }"; +if ($good) { + echo "{ \"result\": \"success\" }"; +} else { + echo "{ \"result\": \"loginfailed\" }"; } -else { - echo "{ \"result\": \"loginfailed\" }"; -} - -?> - diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/markers.php b/DynmapCore/src/main/resources/extracted/web/standalone/markers.php index 8f9045f1..795ef8de 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/markers.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/markers.php @@ -1,10 +1,11 @@ 500 Error"; echo "Bad marker: " . $path; @@ -46,26 +46,25 @@ if(($parts[0] != "faces") && ($parts[0] != "_markers_")) { $uid = '[' . strtolower($userid) . ']'; if (!is_readable($fname)) { - if(strstr($path, ".jpg") || strstr($path, ".png")) { - $fname = "../images/blank.png"; - } - else { - header('HTTP/1.0 404 Not Found'); - echo "

404 Not Found

"; - echo "Not found: " . $path; - exit(); - } + if (strstr($path, ".jpg") || strstr($path, ".png")) { + $fname = "../images/blank.png"; + } else { + header('HTTP/1.0 404 Not Found'); + echo "

404 Not Found

"; + echo "Not found: " . $path; + exit(); + } } $fp = fopen($fname, 'rb'); -if (strstr($path, ".png")) - header("Content-Type: image/png"); -else if (strstr($path, ".jpg")) - header("Content-Type: image/jpeg"); -else - header("Content-Type: application/text"); +if (strstr($path, ".png")) { + header("Content-Type: image/png"); +} elseif (strstr($path, ".jpg")) { + header("Content-Type: image/jpeg"); +} else { + header("Content-Type: application/text"); +} header("Content-Length: " . filesize($fname)); fpassthru($fp); exit; -?> diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/register.php b/DynmapCore/src/main/resources/extracted/web/standalone/register.php index ee0e742e..1c16f9e6 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/register.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/register.php @@ -1,38 +1,35 @@ '; - file_put_contents('dynmap_reg.php', implode("\n", $newlines)); - } - } + $newlines[] = ''; + file_put_contents('dynmap_reg.php', implode("\n", $newlines)); + } + } } -if($good) { - echo "{ \"result\": \"success\" }"; +if ($good) { + echo "{ \"result\": \"success\" }"; +} else { + echo "{ \"result\": \"registerfailed\" }"; } -else { - echo "{ \"result\": \"registerfailed\" }"; -} - -?> diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/sendmessage.php b/DynmapCore/src/main/resources/extracted/web/standalone/sendmessage.php index f435169c..e3dd65ce 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/sendmessage.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/sendmessage.php @@ -1,63 +1,58 @@ timestamp = $timestamp; - $data->ip = $_SERVER['REMOTE_ADDR']; - if(isset($_SESSION['userid'])) { - $uid = $_SESSION['userid']; - if(strcmp($uid, '-guest-')) { - $data->userid = $uid; - } - } - if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) - $data->ip = $_SERVER['HTTP_X_FORWARDED_FOR']; - if(is_readable('dynmap_webchat.json')) { - $old_messages = json_decode(file_get_contents('dynmap_webchat.json'), true); - } - if(!empty($old_messages)) - { - foreach($old_messages as $message) - { - if(($timestamp - $config['updaterate'] - 10000) < $message['timestamp']) - $new_messages[] = $message; - } - } - $new_messages[] = $data; - file_put_contents('dynmap_webchat.json', json_encode($new_messages)); - $_SESSION['lastchat'] = time()+$msginterval; - echo "{ \"error\" : \"none\" }"; +if ($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat < time()) { + $micro = microtime(true); + $timestamp = round($micro * 1000.0); + + $data = json_decode(trim(file_get_contents('php://input'))); + $data->timestamp = $timestamp; + $data->ip = $_SERVER['REMOTE_ADDR']; + if (isset($_SESSION['userid'])) { + $uid = $_SESSION['userid']; + if (strcmp($uid, '-guest-')) { + $data->userid = $uid; + } + } + if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { + $data->ip = $_SERVER['HTTP_X_FORWARDED_FOR']; + } + if (is_readable('dynmap_webchat.json')) { + $old_messages = json_decode(file_get_contents('dynmap_webchat.json'), true); + } + if (!empty($old_messages)) { + foreach ($old_messages as $message) { + if (($timestamp - $config['updaterate'] - 10000) < $message['timestamp']) { + $new_messages[] = $message; + } + } + } + $new_messages[] = $data; + file_put_contents('dynmap_webchat.json', json_encode($new_messages)); + $_SESSION['lastchat'] = time() + $msginterval; + echo "{ \"error\" : \"none\" }"; +} elseif ($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat > time()) { + header('HTTP/1.1 403 Forbidden'); +} else { + echo "{ \"error\" : \"none\" }"; } -elseif($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat > time()) -{ - header('HTTP/1.1 403 Forbidden'); -} -else { - echo "{ \"error\" : \"none\" }"; -} -?> \ No newline at end of file diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/tiles.php b/DynmapCore/src/main/resources/extracted/web/standalone/tiles.php index 354023f5..a82f4886 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/tiles.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/tiles.php @@ -1,10 +1,11 @@ 2) { - $prefix = $parts[1]; - $plen = strlen($prefix); - if(($plen > 4) && (substr($prefix, $plen - 4) === "_day")) { - $prefix = substr($prefix, 0, $plen - 4); - } - $mapid = $world . "." . $prefix; - if(isset($mapaccess[$mapid])) { - $ss = stristr($mapaccess[$mapid], $uid); - if($ss === false) { - $fname = "../images/blank.png"; - } - } +if (count($parts) > 2) { + $prefix = $parts[1]; + $plen = strlen($prefix); + if (($plen > 4) && (substr($prefix, $plen - 4) === "_day")) { + $prefix = substr($prefix, 0, $plen - 4); + } + $mapid = $world . "." . $prefix; + if (isset($mapaccess[$mapid])) { + $ss = stristr($mapaccess[$mapid], $uid); + if ($ss === false) { + $fname = "../images/blank.png"; + } + } } if (!is_readable($fname)) { - if(strstr($path, ".jpg") || strstr($path, ".png")) { - $fname = "../images/blank.png"; - } - else { - echo "{ \"result\": \"bad-tile\" }"; - exit; - } + if (strstr($path, ".jpg") || strstr($path, ".png")) { + $fname = "../images/blank.png"; + } else { + echo "{ \"result\": \"bad-tile\" }"; + exit; + } } $fp = fopen($fname, 'rb'); -if (strstr($path, ".png")) - header("Content-Type: image/png"); -else if (strstr($path, ".jpg")) - header("Content-Type: image/jpeg"); -else - header("Content-Type: application/text"); +if (strstr($path, ".png")) { + header("Content-Type: image/png"); +} elseif (strstr($path, ".jpg")) { + header("Content-Type: image/jpeg"); +} else { + header("Content-Type: application/text"); +} header("Content-Length: " . filesize($fname)); fpassthru($fp); exit; -?> diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/update.php b/DynmapCore/src/main/resources/extracted/web/standalone/update.php index 26082ebe..07d7212e 100644 --- a/DynmapCore/src/main/resources/extracted/web/standalone/update.php +++ b/DynmapCore/src/main/resources/extracted/web/standalone/update.php @@ -1,102 +1,95 @@ loginrequired) && $json->loginrequired && !$loggedin) { +if (isset($json->loginrequired) && $json->loginrequired && !$loggedin) { echo "{ \"error\": \"login-required\" }"; +} else { + $json->loggedin = $loggedin; + if (isset($json->protected) && $json->protected) { + $ss = stristr($seeallmarkers, $uid); + if ($ss === false) { + if (isset($playervisible[$useridlc])) { + $plist = $playervisible[$useridlc]; + $pcnt = count($json->players); + for ($i = 0; $i < $pcnt; $i++) { + $p = $json->players[$i]; + if (!stristr($plist, '[' . $p->account . ']')) { + $p->world = "-some-other-bogus-world-"; + $p->x = 0.0; + $p->y = 64.0; + $p->z = 0.0; + } + } + } else { + $pcnt = count($json->players); + for ($i = 0; $i < $pcnt; $i++) { + $p = $json->players[$i]; + if (strcasecmp($userid, $p->account) != 0) { + $p->world = "-some-other-bogus-world-"; + $p->x = 0.0; + $p->y = 64.0; + $p->z = 0.0; + } + } + } + } + } + echo json_encode($json); } -else { - $json->loggedin = $loggedin; - if (isset($json->protected) && $json->protected) { - $ss = stristr($seeallmarkers, $uid); - if($ss === false) { - if(isset($playervisible[$useridlc])) { - $plist = $playervisible[$useridlc]; - $pcnt = count($json->players); - for($i = 0; $i < $pcnt; $i++) { - $p = $json->players[$i]; - if(!stristr($plist, '[' . $p->account . ']')) { - $p->world = "-some-other-bogus-world-"; - $p->x = 0.0; - $p->y = 64.0; - $p->z = 0.0; - } - } - } - else { - $pcnt = count($json->players); - for($i = 0; $i < $pcnt; $i++) { - $p = $json->players[$i]; - if(strcasecmp($userid, $p->account) != 0) { - $p->world = "-some-other-bogus-world-"; - $p->x = 0.0; - $p->y = 64.0; - $p->z = 0.0; - } - } - } - } - } - echo json_encode($json); -} - - - -?> - diff --git a/DynmapCore/src/main/resources/extracted/web/up.php b/DynmapCore/src/main/resources/extracted/web/up.php index a18f76e7..93c74933 100644 --- a/DynmapCore/src/main/resources/extracted/web/up.php +++ b/DynmapCore/src/main/resources/extracted/web/up.php @@ -1,6 +1,6 @@ $value ) { - $cookie[] = $key . '=' . $value; +foreach ($_COOKIE as $key => $value) { + $cookie[] = $key . '=' . $value; } $cookie[] = SID; -$cookie = implode( '; ', $cookie ); -curl_setopt( $ch, CURLOPT_COOKIE, $cookie ); - +$cookie = implode('; ', $cookie); +curl_setopt($ch, CURLOPT_COOKIE, $cookie); + //curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true ); -curl_setopt( $ch, CURLOPT_HEADER, true ); -curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true ); - -curl_setopt( $ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT'] ); - -list( $header, $contents ) = preg_split( '/([\r\n][\r\n])\\1/', curl_exec( $ch ), 2 ); - -$status = curl_getinfo( $ch ); - -curl_close( $ch ); +curl_setopt($ch, CURLOPT_HEADER, true); +curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + +curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); + +list($header, $contents) = preg_split('/([\r\n][\r\n])\\1/', curl_exec($ch), 2); + +$status = curl_getinfo($ch); + +curl_close($ch); // Split header text into an array. -$header_text = preg_split( '/[\r\n]+/', $header ); - -// Propagate headers to response. -foreach ( $header_text as $header ) { - if ( preg_match( '/^(?:Content-Type|Content-Language|Set-Cookie):/i', $header ) ) { - header( $header ); - } -} - -print $contents; +$header_text = preg_split('/[\r\n]+/', $header); -?> \ No newline at end of file +// Propagate headers to response. +foreach ($header_text as $header) { + if (preg_match('/^(?:Content-Type|Content-Language|Set-Cookie):/i', $header)) { + header($header); + } +} + +print $contents; From 4e5fb3f151e1ebf86d8b121d9fcb230148fac4e0 Mon Sep 17 00:00:00 2001 From: mikeprimm Date: Mon, 16 Aug 2021 23:54:06 -0500 Subject: [PATCH 3/7] Update README.md --- README.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 59041905..90badbf8 100644 --- a/README.md +++ b/README.md @@ -16,14 +16,22 @@ to run on the default JDK for those platforms (JDK 8), as will all common librar To build, run: ./gradlew clean build + +Or (on Windows): + + gradlew.bat clean build + +The Forge 1.11.2 and 1.12.2 versions (specifically ForgeGradle for these) is very sensitive to being built by JDH 8, so to build them, +set JAVA_HOME to correspond to a JDK 8 installation, then build using the following; + cd oldgradle ./gradlew clean build Or (on Windows): - gradlew.bat clean build cd oldgradle gradlew.bat clean build + # What platforms are supported? The following target platforms are supported, and you can find them at the links supplied: From 8864f8098408b571eafe3847340d56811162c34e Mon Sep 17 00:00:00 2001 From: mikeprimm Date: Mon, 16 Aug 2021 23:54:49 -0500 Subject: [PATCH 4/7] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 90badbf8..c8011dbf 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ Or (on Windows): gradlew.bat clean build -The Forge 1.11.2 and 1.12.2 versions (specifically ForgeGradle for these) is very sensitive to being built by JDH 8, so to build them, +The Forge 1.11.2 and 1.12.2 versions (specifically ForgeGradle for these) are very sensitive to being built by JDK 8, so to build them, set JAVA_HOME to correspond to a JDK 8 installation, then build using the following; cd oldgradle From c019a84b711ae892349af5ebf43ae7210ea3a49f Mon Sep 17 00:00:00 2001 From: mikeprimm Date: Tue, 17 Aug 2021 07:59:28 -0500 Subject: [PATCH 5/7] Update .spellcheck.yaml --- .spellcheck.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.spellcheck.yaml b/.spellcheck.yaml index dd4b31ef..57d67be1 100644 --- a/.spellcheck.yaml +++ b/.spellcheck.yaml @@ -20,7 +20,6 @@ matrix: - ':matches(code, pre)' - 'code' - 'pre' - - 'JDK' sources: - '**/*.md' default_encoding: utf-8 From e98eeb0e8f36a4bf4bd907e0c125588f4e8b1dba Mon Sep 17 00:00:00 2001 From: mikeprimm Date: Tue, 17 Aug 2021 07:59:52 -0500 Subject: [PATCH 6/7] Update gibberish.txt --- .github/workflows/gibberish.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/gibberish.txt b/.github/workflows/gibberish.txt index 03d05ddd..b03f3792 100644 --- a/.github/workflows/gibberish.txt +++ b/.github/workflows/gibberish.txt @@ -51,3 +51,4 @@ subreddit gg pqBpw JDBC +JDK From a66cbc0817bf73d89f1b7ee63309189748f98dde Mon Sep 17 00:00:00 2001 From: FedUpWith-Tech <7731191+FedUpWith-Tech@users.noreply.github.com> Date: Thu, 19 Aug 2021 21:06:39 -0400 Subject: [PATCH 7/7] Remove Broken Dynmap reload command This isn't a fix for the reload command it just removes it from being exposed to the user to prevent them from running the command and breaking it till the reload command can be fixed. --- DynmapCore/src/main/java/org/dynmap/DynmapCore.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/DynmapCore/src/main/java/org/dynmap/DynmapCore.java b/DynmapCore/src/main/java/org/dynmap/DynmapCore.java index cf5664ce..3d1e19f6 100644 --- a/DynmapCore/src/main/java/org/dynmap/DynmapCore.java +++ b/DynmapCore/src/main/java/org/dynmap/DynmapCore.java @@ -1159,7 +1159,6 @@ public class DynmapCore implements DynmapCommonAPI { "cancelrender", "radiusrender", "updaterender", - "reload", "stats", "triggerstats", "resetstats", @@ -1590,11 +1589,11 @@ public class DynmapCore implements DynmapCommonAPI { } else { sender.sendMessage("World name is required"); } - } else if (c.equals("reload") && checkPlayerPermission(sender, "reload")) { + } /*else if (c.equals("reload") && checkPlayerPermission(sender, "reload")) { sender.sendMessage("Reloading Dynmap..."); getServer().reload(); sender.sendMessage("Dynmap reloaded"); - } else if (c.equals("stats") && checkPlayerPermission(sender, "stats")) { + } */else if (c.equals("stats") && checkPlayerPermission(sender, "stats")) { if(args.length == 1) mapManager.printStats(sender, null); else