Badges, true); //if (verify_user() !== true and $user->Name == "dreamer") {die("dreamer moment");} if (/*in_array(1, $badges["Badges"]) !== true*/$userInfo->MembershipLevel < 3) { die(header("Location: /RobloniumDefaultErrorPage.aspx")); } //moved up here since this involves header changes if (isset($_POST['upload'])) { $uploadOK = false; $type = $_POST['type']; $forsale = $_POST['forsale']; if ($forsale == true) { $forsale = 1;}else{ $forsale = 0;} $currency = $_POST['currency']; if ($type !== 4) { $price = $_POST['price']; } $description = $_POST['description']; $title = $_POST['title']; //check here if user is admin $dbtype = $type; $title = preg_replace("/[^ \w]+/", "", $title); $title = preg_replace('!\s+!', ' ', $title); $description = preg_replace('<(|\/|[^\/>][^>]+|\/[^>][^>]+)>', ' ', $description); $description = preg_replace('!\s+!', ' ', $description); if (strlen($title) > 36) { header("Location: /catalog/upload.aspx?error=2"); exit; } if (strlen($title) < 1) { header("Location: /catalog/upload.aspx?error=5"); exit; } if (strlen($description) > 800) { header("Location: /catalog/upload.aspx?error=1"); exit; } if ($price < 0 and $dbtype !== 13) { header("Location: /catalog/upload.aspx?error=4"); exit; } if ($price > 99999 and $dbtype !== 13) { header("Location: /catalog/upload.aspx?error=3"); exit; } if ($dbtype == 13) { $price = 0; } } function newAssetId() { global $database; //$query = "SELECT * FROM asset WHERE AssetTypeId=".$dbtype." ORDER BY AssetId DESC LIMIT 1;"; $query = "SELECT * FROM asset ORDER BY AssetId DESC LIMIT 1;"; $execute = $database->query($query); if ($execute !== false) { //$final = $execute->fetchAll(); $result = $execute->fetch(PDO::FETCH_ASSOC); //die(print_r($result)); }else { return false; } if (!is_array($result)) { $assetId = 1; }else{ $assetId = $result['AssetId']+1; while (file_exists($_SERVER["DOCUMENT_ROOT"].'/Asset/'.$assetId)) { $assetId = $assetId+1; } } return $assetId; } ?> Upload - ROBLONIUM
99999.', '#dada01'); }elseif($id == 4) { echo alert('Your asset price cannot be lower than 0.', '#dada01'); }elseif($id == 5) { echo alert('Your asset name must be at least 1 character in length.', '#dada01'); }elseif($id == 6) { echo alert('Illegal character has been detected!', 'red'); } } ?>

Upload

Name:

Description:

Price:                                                                 For Sale

Currency:
Robux Tix
Type:

File:



Uploading Info 

This is where you can upload assets such as T-Shirts, Decals, and Pants. Uploading an asset costs 20. You'll need to wait for your asset to be approved before you can use it. If a moderator decides that your asset is against our terms of service, they have every right to delete your asset without compensation.
alert("'.$width.'");'; echo ''; }*/ if ($width != 580 and $height != 556) { if ($dbtype == 11 or $dbtype == 12) { $uploadOK = false; } } $uploadOK = true; if ($check == false and ($dbtype == 11 or $dbtype == 12 or $dbtype == 13 or $dbtype == 2 or $dbtype == 1)) { echo('
' . alert('The file you tried to upload is not an image.', '#dada01') . '
'); $uploadOK = false; }else{ /*if ($dbtype !== 11 and $dbtype !== 12 and $dbtype !== 13 and $dbtype !== 2 and $dbtype !== 1) { $xml=simplexml_load_string(file_get_contents($target_file)); if ($xml === false) { echo('
' . alert("The asset you tried to upload isn't in XML format. (It's too new)", '#dada01') . '
'); $uploadOK = false; } }*/ $imageFileType = pathinfo($_FILES['file']["name"], PATHINFO_EXTENSION); if ($_FILES["file"]["size"] > 30000000) { echo('
' . alert('The file you tried to upload is greater than 30 MB.', '#dada01') . '
'); $uploadOK = false; }else{ $finfo = finfo_open(FILEINFO_MIME_TYPE); $mime = finfo_file($finfo, $_FILES['file']['tmp_name']); if (($dbtype == 11 or $dbtype == 12 or $dbtype == 13 or $dbtype == 2 or $dbtype == 1) && $imageFileType != "jpg" && $imageFileType != "JPG" && $imageFileType != "png" && $imageFileType != "PNG" && $imageFileType != "jpeg" && $imageFileType != "JPEG" && $mime != "image/png" && $mime != "image/jpeg") { //echo 'The file you tried to upload is not allowed. Only JPG, JPEG and PNG are allowed.'; echo('
' . alert('The file you tried to upload is not allowed.', '#dada01') . '
'); $uploadOK = false; }else{ if ($userInfo->Robux < 20) { echo('
' . alert('You do not have enough ROBUX. :(', '#dada01') . '
'); }else{ if ($uploadOK == true) { if (move_uploaded_file($_FILES["file"]["tmp_name"], $target_file)) { $userInfo->Robux = $userInfo->Robux-20; $userInfo = $database->updateRow("public_users", [ // update code in secondary database "Robux" => $userInfo->Robux ], ["Id" => $userInfo->Id]); if (isset($imageReliantAssetTypes[$dbtype])) { $database->insertRow("asset", [ // upload secondary asset "Name" => $title, "Description" => assetTypeToString($dbtype)." Image", "PriceInRobux" => 0, "PriceInTickets" => 0, "IsForSale" => 0, "AssetTypeId" => 1, "CreatorId" => $userInfo->Id, "AssetId" => $assetId, ], "AssetId"); giveItem($userInfo->Id, $assetId); //give the owner the texture //the texture has been uploaded now to upload the user's requested asset... //handle the asset that the user was trying to upload rather than the texture $processedAsset = processAsset($dbtype, array('http://sitetest1.roblonium.com/asset/?id='.$assetId)); //append the proper text to the asset $assetId = newAssetId(); //generate a new asset id $target_file = $target_dir.$assetId; //generate a new target file for the requested asset if ($processedAsset !== false) { file_put_contents($target_file, $processedAsset); //upload the user's requested asset } } if ($currency == 2) { $newasset = $database->insertRow("asset", [ // upload asset with Tickets currency "Name" => $title, "Description" => $description, "PriceInRobux" => 0, "PriceInTickets" => $price, "IsForSale" => $forsale, "AssetTypeId" => $dbtype, "CreatorId" => $userInfo->Id, "AssetId" => $assetId, ], "AssetId"); }else { $newasset = $database->insertRow("asset", [ // upload asset with Robux currency "Name" => $title, "Description" => $description, "PriceInRobux" => $price, "PriceInTickets" => 0, "IsForSale" => $forsale, "AssetTypeId" => $dbtype, "CreatorId" => $userInfo->Id, "AssetId" => $assetId, ], "AssetId"); } echo('
' . alert('Asset successfully uploaded!', 'green') . '
'); /*//ping thumbnail to start rendering file_get_contents('http://'.$_SERVER['SERVER_NAME'].'/Game/Tools/ThumbnailAsset.ashx?aid='.$assetId.'&fmt=png&wd=320&ht=320'); */ giveItem($userInfo->Id, $assetId); echo(' '); }else{ if ($_FILES['file']['error'] == 1) { echo('
' . alert('[The uploaded file size exceeds the file size limit.]', 'red') . '
'); } else{ echo('
' . alert('An error occurred while uploading. Please try again soon! ['.$_FILES['file']['error'].']', 'red') . '
'); } } }else{ echo('
' . alert('Could not upload your file. Are you using the correct template?', '#dada01') . '
'); } } } } } }else{ echo('
' . alert('Critical Error!', 'red') . '
'); } }else{ echo('
' . alert('Fill in the fields above and press upload to upload an asset.', 'black') . '
'); } ?>