gtoriadotnet
/
fobe-web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

webcontextmanager redirect impl

This commit is contained in:
Astrologies 2021-12-01 19:28:40 -05:00
parent 283237ade3
commit ba7c929dda
52 changed files with 191 additions and 794 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
globals/config.php
View File

@ -149,7 +149,7 @@ try
//step 1, check if under maintenance
if ($maintenance) { //maintenance redirect
if ($accesseddirectory != "/maintenance.php") {
redirect($url . "/maintenance");
WebContextManager::Redirect($url . "/maintenance");
}
}
@ -157,7 +157,7 @@ try
if ($GLOBALS['user']->logged_in && $banned) { //ban redirect
if ($accesseddirectory != "/ban.php" &&
$accesseddirectory != "/logout.php") {
redirect($url . "/ban");
WebContextManager::Redirect($url . "/ban");
}
}
@ -165,14 +165,14 @@ try
if ($GLOBALS['user']->logged_in && !$activated) { //activation redirect
if ($accesseddirectory != "/activate.php" &&
$accesseddirectory != "/logout.php") {
redirect($url . "/activate");
WebContextManager::Redirect($url . "/activate");
}
}
//step 4, check if 2fa is authenticated
if ($GLOBALS['user']->logged_in && !$twofactor) { //2fa redirect
if ($accesseddirectory != "/2fa.php") {
redirect($url . "/2fa");
WebContextManager::Redirect($url . "/2fa");
}
}
@ -192,17 +192,17 @@ try
$accesseddirectory != "/asset/index.php" &&
$accesseddirectory != "/settings/resetpassword.php" &&
$accesseddirectory != "/secret/localtesting.php") { //for local client testing, doesn't contain anything sensitive
redirect($url);
WebContextManager::Redirect($url);
}
}
else if ($accesseddomain == "api.".$domain) { //api
if ($accesseddirectory != "/logo.php") {
redirect($url);
WebContextManager::Redirect($url);
}
}
else if ($accesseddomain == "data.".$domain) { //data
if ($accesseddirectory != "/Error/Dmp.ashx") {
redirect($url);
WebContextManager::Redirect($url);
}
}
else if ($accesseddomain == "setup.".$domain) { //setup
@ -211,7 +211,7 @@ try
else if ($accesseddomain == "clientsettings.api.".$domain) { //clientsettings
//do nothing (we arent restricting on this subdomain)
} else {
redirect($url);
WebContextManager::Redirect($url);
}
}
}

10
globals/functions.php
View File

@ -3570,13 +3570,13 @@ function getRobloxAssetType($assetid)
function ReturnAssetFromHash($hash) //asset CDN
{
//alphaland assets cdn
redirect(constructAssetHashUrl($hash));
WebContextManager::Redirect(constructAssetHashUrl($hash));
}
function ReturnThumbnailFromHash($hash) //thumb CDN (images)
{
//alphaland thumb (images) cdn
redirect(constructThumbnailHashUrl($hash));
WebContextManager::Redirect(constructThumbnailHashUrl($hash));
}
function CreateAsset($AssetTypeId, $IconImageAssetId, $TargetId, $ProductType, $Name, $Description, $Created, $Updated, $CreatorId, $PriceInAlphabux, $Sales, $isPersonalServer, $IsNew, $IsForSale, $IsPublicDomain, $IsLimited, $IsLimitedUnique, $IsCommentsEnabled, $IsApproved, $IsModerated, $Remaining, $MinimumMembershipLevel, $ContentRatingTypeId, $Favorited, $Visited, $MaxPlayers, $UpVotes, $DownVotes, $Hash, $ThumbHash)
@ -6321,12 +6321,6 @@ function getID($username) {
return false; //user not found
}
function redirect($location, $code = 302) {
http_response_code($code);
header("Location: $location");
die();
}
function passwordCorrect($userID, $password) {
$check = $GLOBALS['pdo']->prepare("SELECT pwd FROM users WHERE id = :i");
$check->bindParam(":i", $userID, PDO::PARAM_INT);

7
html/2fa.php
View File

@ -1,20 +1,21 @@
<?php
use Alphaland\Users\TwoFactor;
use Alphaland\Web\WebContextManager;
if (TwoFactor::IsSession2FAUnlocked()){
redirect("/");
WebContextManager::Redirect("/");
}
if(isset($_POST['submit_2fa'])) {
if (TwoFactor::AttemptSession2FAUnlock($_POST['2fa_code'])) {
redirect("/");
WebContextManager::Redirect("/");
}
}
if(isset($_POST['logout'])) {
$user->logout();
redirect("/");
WebContextManager::Redirect("/");
}
$body = <<<EOT

5
html/MCP/approveasset.php
View File

@ -6,13 +6,16 @@ Alphaland 2021
//headers
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true");
if(!$user->isStaff())
{
redirect("../home"); //u not admin nigga
WebContextManager::Redirect("/");
}
$assetid = $_GET['id'];

4
html/MCP/asset-management.php
View File

@ -1,8 +1,10 @@
<?php
use Alphaland\Web\WebContextManager;
if(!$user->isStaff())
{
redirect("../home"); //u not admin nigga
WebContextManager::Redirect("/");
}
$body = <<<EOT

4
html/MCP/chat-logs/index.php
View File

@ -1,8 +1,10 @@
<?php
use Alphaland\Web\WebContextManager;
if(!$user->isStaff())
{
redirect("/");
WebContextManager::Redirect("/");
}
$body = <<<EOT

5
html/MCP/chat-logs/loggedChats.php
View File

@ -5,13 +5,16 @@ Alphaland 2021
*/
//headers
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true");
header('Content-Type: application/json');
if(!$user->isStaff())
{
redirect("/");
WebContextManager::Redirect("/");
}
//get params

5
html/MCP/index.php
View File

@ -1,7 +1,10 @@
<?php
use Alphaland\Web\WebContextManager;
if(!($user->isStaff()))
{
redirect("../404"); //u not admin nigga
WebContextManager::Redirect("/");
}
$body = <<<EOT
<h5 class="text-center">Moderation Control Panel</h5>

4
html/MCP/invite-logs/index.php
View File

@ -1,8 +1,10 @@
<?php
use Alphaland\Web\WebContextManager;
if(!$user->isStaff())
{
redirect("/");
WebContextManager::Redirect("/");
}
$alert = '';

4
html/MCP/invite-logs/inviteLogs.php
View File

@ -1,8 +1,10 @@
<?php
use Alphaland\Web\WebContextManager;
if(!$user->isStaff())
{
redirect("/");
WebContextManager::Redirect("/");
}
//headers

5
html/MCP/moderateasset.php
View File

@ -6,13 +6,16 @@ Alphaland 2021
//headers
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true");
if(!$user->isStaff())
{
redirect("../home"); //u not admin nigga
WebContextManager::Redirect("/");
}
$assetid = $_GET['id'];

3
html/MCP/pendingassets.php
View File

@ -4,10 +4,11 @@
Alphaland 2021
*/
use Alphaland\Web\WebContextManager;
if(!$user->isStaff())
{
redirect("../home"); //u not admin nigga
WebContextManager::Redirect("/");
}
//headers

4
html/MCP/reports/data/close.php
View File

@ -5,6 +5,8 @@
Closes an active report
*/
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true");
header('Content-Type: application/json');
@ -12,7 +14,7 @@ header('Content-Type: application/json');
$id = (int)$_GET['id'];
if(!$user->isStaff() || !$id) {
redirect("/MCP");
WebContextManager::Redirect("/");
}
$report = $GLOBALS['pdo']->prepare("UPDATE user_reports SET `closed` = 1 WHERE `id` = :id AND `closed` = 0");

4
html/MCP/reports/data/index.php
View File

@ -5,6 +5,8 @@
Report Data
*/
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true");
header('Content-Type: application/json');
@ -12,7 +14,7 @@ header('Content-Type: application/json');
$id = (int)$_GET['id'];
if(!$user->isStaff() || !$id) {
redirect("/MCP");
WebContextManager::Redirect("/");
}
$xml = "";

4
html/MCP/reports/data/reports.php
View File

@ -4,12 +4,14 @@
Alphaland 2021
*/
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true");
header('Content-Type: application/json');
if(!$user->isStaff()) {
redirect("/MCP");
WebContextManager::Redirect("/");
}
$report = $GLOBALS['pdo']->prepare("SELECT * FROM user_reports WHERE closed = 0 ORDER BY whenReported ASC");

4
html/MCP/reports/index.php
View File

@ -5,8 +5,10 @@
Active Reports
*/
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) {
redirect("/");
WebContextManager::Redirect("/");
}
$body = <<<EOT

6
html/MCP/reports/view.php
View File

@ -5,8 +5,10 @@
Report viewer
*/
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) {
redirect("/");
WebContextManager::Redirect("/");
}
//chek
@ -14,7 +16,7 @@ $report = $GLOBALS['pdo']->prepare("SELECT * FROM user_reports WHERE `id` = :id
$report->bindParam(":id", $_GET['id'], PDO::PARAM_INT);
$report->execute();
if ($report->rowCount() == 0) {
redirect("/MCP/reports/");
WebContextManager::Redirect("/MCP/reports/");
}
$body = <<<EOT

3
html/MCP/user-management/ban.php
View File

@ -5,9 +5,10 @@ Alphaland 2021
*/
use Alphaland\Moderation\UserModerationManager;
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) {
redirect("/");
WebContextManager::Redirect("/");
}
//headers

4
html/MCP/user-management/banlist.php
View File

@ -4,12 +4,14 @@
Alphaland 2021
*/
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true");
header('Content-Type: application/json');
if(!$user->isStaff()) {
redirect("/MCP");
WebContextManager::Redirect("/");
}
$bans = $GLOBALS['pdo']->prepare("SELECT * FROM user_bans WHERE valid = 1");

4
html/MCP/user-management/index.php
View File

@ -1,8 +1,10 @@
<?php
use Alphaland\Web\WebContextManager;
$body = '';
if(!($user->isStaff())) {
redirect("/"); //u not admin nigga
WebContextManager::Redirect("/");
}
$body = <<<EOT

3
html/MCP/user-management/unban.php
View File

@ -5,9 +5,10 @@ Alphaland 2021
*/
use Alphaland\Moderation\UserModerationManager;
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) {
redirect("/");
WebContextManager::Redirect("/");
}
//headers

3
html/activate.php
View File

@ -1,9 +1,10 @@
<?php
use Alphaland\Users\Activation;
use Alphaland\Web\WebContextManager;
if (Activation::IsUserActivated($user->id)) {
redirect("/");
WebContextManager::Redirect("/");
}
$activationcode = Activation::GetUserActivationCode($user->id);

2
html/asset/index.php
View File

@ -63,6 +63,6 @@ if ($id)
}
else //fallback to roblox assets (compatibility)(will break eventually, need a better solution)(instruct players to use roblox asset url for compatibility?) roblox.com/asset/?id=
{
redirect("https://assetdelivery.roblox.com/v1/asset/?id=" . $id . "&version=" . $assetversion);
WebContextManager::Redirect("https://assetdelivery.roblox.com/v1/asset/?id=" . $id . "&version=" . $assetversion);
}
}

6
html/badges/view.php
View File

@ -1,5 +1,7 @@
<?php
use Alphaland\Web\WebContextManager;
$body = "";
if(isset($_GET['id']))
{
@ -61,13 +63,13 @@ if(isset($_GET['id']))
else
{
//item doesnt exist
redirect("../../404");
WebContextManager::Redirect("../../404");
}
}
else
{
//no url parameter
redirect("../../404");
WebContextManager::Redirect("../../404");
}
pageHandler();
$ph->pageTitle(cleanOutput($i->Name));

9
html/ban.php
View File

@ -1,6 +1,7 @@
<?php
use Alphaland\Moderation\UserModerationManager;
use Alphaland\Web\WebContextManager;
if (UserModerationManager::IsBanned($user->id))
{
@ -17,7 +18,7 @@ if (UserModerationManager::IsBanned($user->id))
if(isset($_POST['logout']))
{
$user->logout();
redirect("/");
WebContextManager::Redirect("/");
}
if(isset($_POST['agree']))
@ -28,7 +29,7 @@ if (UserModerationManager::IsBanned($user->id))
$unban = $pdo->prepare("UPDATE user_bans SET valid = 0 WHERE uid = :u");
$unban->bindParam(":u", $user->id, PDO::PARAM_INT);
$unban->execute();
redirect("/");
WebContextManager::Redirect("/");
}
elseif ($banType == 1) //temporary
{
@ -38,7 +39,7 @@ if (UserModerationManager::IsBanned($user->id))
$unban = $pdo->prepare("UPDATE user_bans SET valid = 0 WHERE uid = :u");
$unban->bindParam(":u", $user->id, PDO::PARAM_INT);
$unban->execute();
redirect("/");
WebContextManager::Redirect("/");
}
}
}
@ -107,5 +108,5 @@ if (UserModerationManager::IsBanned($user->id))
else
{
//not banned
redirect("/");
WebContextManager::Redirect("/");
}

14
html/catalog/config.php
View File

@ -1,5 +1,7 @@
<?php
use Alphaland\Web\WebContextManager;
$body = '';
$alert = "";
if(isset($_GET['id']))
@ -8,7 +10,7 @@ if(isset($_GET['id']))
if (isAssetModerated($id) || !isOwner($id))
{
redirect("/");
WebContextManager::Redirect("/");
}
//Query
@ -154,7 +156,7 @@ if(isset($_GET['id']))
// ...
}
redirect("config?id={$id}");
WebContextManager::Redirect("config?id={$id}");
}
}
elseif (isset($_POST['RegenItem'])) //for admin regen stuff
@ -303,7 +305,7 @@ if(isset($_GET['id']))
}
else
{
redirect("/catalog/view?id=".$id);
WebContextManager::Redirect("/catalog/view?id=".$id);
}
}
}
@ -311,19 +313,19 @@ if(isset($_GET['id']))
else
{
//not a modifiable asset (to the end user)
redirect("/");
WebContextManager::Redirect("/");
}
}
else
{
//catalog item doesnt exist
redirect("/");
WebContextManager::Redirect("/");
}
}
else
{
//no url parameter
redirect("/");
WebContextManager::Redirect("/");
}
$moderatebutton = '';

10
html/catalog/view.php
View File

@ -1,5 +1,7 @@
<?php
use Alphaland\Web\WebContextManager;
$body = "";
if(isset($_GET['id']))
{
@ -21,7 +23,7 @@ if(isset($_GET['id']))
}
elseif ($result == 2)
{
redirect("/catalog/view?id=". $id . "");
WebContextManager::Redirect("/catalog/view?id=". $id . "");
}
}
// ...
@ -61,7 +63,7 @@ if(isset($_GET['id']))
//redirect if a game
if ($i->AssetTypeId == 9)
{
redirect("/games/view?id=" . $id);
WebContextManager::Redirect("/games/view?id=" . $id);
}
// ...
@ -246,13 +248,13 @@ EOT;
else
{
//item doesnt exist
redirect("../../404");
WebContextManager::Redirect("/404");
}
}
else
{
//no url parameter
redirect("/");
WebContextManager::Redirect("/");
}
pageHandler();
$ph->pageTitle(cleanOutput($i->Name));

18
html/create/index.php
View File

@ -4,6 +4,8 @@
Alphaland 2021
*/
use Alphaland\Web\WebContextManager;
$body = '';
$alert = '';
$cosmuploadsuccess = $_GET['cosSuccess'];
@ -261,7 +263,7 @@ function newPlace()
//POINT OF NO RETURN
$newplace = createPlace($GLOBALS['user']->id, $name, $description, 12);
redirect("/games/config?id=".$newplace);
WebContextManager::Redirect("/games/config?id=".$newplace);
}
function newPBSPlace($placetype)
@ -298,7 +300,7 @@ function newPBSPlace($placetype)
//POINT OF NO RETURN
$newpbs = createPBSPlace($GLOBALS['user']->id, $name, $description, 12, $selectedPlacePath);
redirect("/games/pbs/config?id=".$newpbs);
WebContextManager::Redirect("/games/pbs/config?id=".$newpbs);
}
if (isset($_POST['SubmitPBSSuperflat']))
@ -310,7 +312,7 @@ if (isset($_POST['SubmitPBSSuperflat']))
}
else
{
redirect('/create?pbsSuccess=true');
WebContextManager::Redirect('/create?pbsSuccess=true');
}
}
@ -323,7 +325,7 @@ if (isset($_POST['SubmitPBSRugged']))
}
else
{
redirect('/create?pbsSuccess=true');
WebContextManager::Redirect('/create?pbsSuccess=true');
}
}
@ -336,7 +338,7 @@ if (isset($_POST['SubmitPBSHappyHome']))
}
else
{
redirect('/create?pbsSuccess=true');
WebContextManager::Redirect('/create?pbsSuccess=true');
}
}
@ -349,7 +351,7 @@ if (isset($_POST['SubmitPBSBaseplate']))
}
else
{
redirect('/create?pbsSuccess=true');
WebContextManager::Redirect('/create?pbsSuccess=true');
}
}
@ -367,7 +369,7 @@ if (isset($_POST['SubmitAsset']))
}
else
{
redirect('/create?cosSuccess=true');
WebContextManager::Redirect('/create?cosSuccess=true');
}
}
@ -381,7 +383,7 @@ if (isset($_POST['SubmitPlace']))
}
else
{
redirect('/create?placeSuccess=true');
WebContextManager::Redirect('/create?placeSuccess=true');
}
}

12
html/friends/friend-requests.php
View File

@ -1,6 +1,8 @@
<?php
$body = '';
use Alphaland\Web\WebContextManager;
$body = '';
if(isset($_POST['acceptfriend']))
{
@ -174,22 +176,22 @@ if ($pages != 0)
{
if ($_GET['page'] == 0)
{
redirect("friend-requests?page=1");
WebContextManager::Redirect("friend-requests?page=1");
}
elseif ($_GET['page'] == $pages + 1)
{
redirect("friend-requests?page=".$pages."");
WebContextManager::Redirect("friend-requests?page=".$pages."");
}
}
elseif ($pages == 0)
{
if (!$_GET['page'])
{
redirect("friend-requests?page=1");
WebContextManager::Redirect("friend-requests?page=1");
}
elseif($_GET['page'] > 1)
{
redirect("friend-requests?page=1");
WebContextManager::Redirect("friend-requests?page=1");
}
}

6
html/friends/view.php
View File

@ -1,10 +1,12 @@
<?php
use Alphaland\Web\WebContextManager;
$body = '';
if(!isset($_GET['id']))
{
redirect('view?id='. $GLOBALS['user']->id . '');
WebContextManager::Redirect('view?id='. $GLOBALS['user']->id . '');
}
$id = (int)$_GET['id'];
@ -90,7 +92,7 @@ EOT;
}
else
{
redirect("../../404");
WebContextManager::Redirect("/404");
}
//page buttons handling {

18
html/games/config.php
View File

@ -1,5 +1,7 @@
<?php
use Alphaland\Web\WebContextManager;
$gearsportion = false;
$body = '';
@ -70,7 +72,7 @@ function convertToPBSPlace($placetype, $placeid)
$deletepersistence->execute();
handleRenderPlace($placeid);
redirect("/games/pbs/config?id=".$placeid);
WebContextManager::Redirect("/games/pbs/config?id=".$placeid);
}
}
}
@ -86,7 +88,7 @@ if(isset($_GET['id']))
if(getAssetInfo($id)->isPersonalServer)
{
redirect("/games/pbs/config?id=".$id);
WebContextManager::Redirect("/games/pbs/config?id=".$id);
}
//Query
@ -265,7 +267,7 @@ if(isset($_GET['id']))
}
else
{
redirect("config?id={$id}");
WebContextManager::Redirect("config?id={$id}");
}
}
}
@ -306,7 +308,7 @@ if(isset($_GET['id']))
setPlaceUsingCustomThumbnail($id); //set not using rendered thumb
redirect("config?id={$id}");
WebContextManager::Redirect("config?id={$id}");
}
else
{
@ -323,7 +325,7 @@ if(isset($_GET['id']))
setPlaceUsingCustomThumbnail($id); //set not using rendered thumb
}
redirect("config?id={$id}");
WebContextManager::Redirect("config?id={$id}");
}
// ...
}
@ -402,17 +404,17 @@ if(isset($_GET['id']))
}
else
{
redirect("/"); //not owner or not admin
WebContextManager::Redirect("/"); //not owner or not admin
}
}
else
{
redirect("/"); //place doesnt exist
WebContextManager::Redirect("/"); //place doesnt exist
}
}
else
{
redirect("/"); //no url parameters
WebContextManager::Redirect("/"); //no url parameters
}
$gearshtml = "";

6
html/games/pbs/config.php
View File

@ -1,5 +1,7 @@
<?php
use Alphaland\Web\WebContextManager;
$body = '';
$gameid = (int)$_GET['id'];
@ -8,7 +10,7 @@ if ($gameid)
{
if(getAssetInfo($gameid)->isPersonalServer == 0)
{
redirect("/games/config?id=".$gameid);
WebContextManager::Redirect("/games/config?id=".$gameid);
}
if (!is_int($gameid) || getAssetInfo($gameid)->AssetTypeId != 9 || getAssetInfo($gameid)->isPersonalServer != 1)
@ -28,7 +30,7 @@ if (isset($_POST['ConvertToRegular']))
if (setRegularGame($gameid))
{
handleRenderPlace($gameid);
redirect("/games/config?id=".$gameid);
WebContextManager::Redirect("/games/config?id=".$gameid);
}
else
{

680
html/games/test.php
View File

@ -1,680 +0,0 @@
<?php
$gearsportion = false;
$body = '';
function resize($newWidth, $newHeight, $targetFile, $originalFile) {
$info = getimagesize($originalFile);
$mime = $info['mime'];
switch ($mime) {
case 'image/jpeg':
$image_create_func = 'imagecreatefromjpeg';
$image_save_func = 'imagejpeg';;
break;
case 'image/png':
$image_create_func = 'imagecreatefrompng';
$image_save_func = 'imagepng';
break;
case 'image/gif':
$image_create_func = 'imagecreatefromgif';
$image_save_func = 'imagegif';
break;
default:
throw new Exception('Unknown image type.');
}
$img = $image_create_func($originalFile);
list($width, $height) = getimagesize($originalFile);
$tmp = imagecreatetruecolor($newWidth, $newHeight);
imagealphablending($tmp , false);
imagesavealpha($tmp , true);
imagecopyresampled($tmp, $img, 0, 0, 0, 0, $newWidth, $newHeight, $width, $height);
if (file_exists($targetFile)) {
unlink($targetFile);
}
$image_save_func($tmp, "$targetFile");
}
function convertToPBSPlace($placetype, $placeid)
{
$selectedPlacePath = $_SERVER['DOCUMENT_ROOT'] . "/../default_pbs_places/" . $placetype . ".rbxlx";
$assetcdn = $GLOBALS['assetCDNPath'];
//grab a new hash for the game asset
$gamehash = genAssetHash(16);
//copy template, set the game type to PBS, update the hash, delete persistence data, close all servers, start place render and redirect
if (copy($selectedPlacePath, $assetcdn . $gamehash))
{
if (gameCloseAllJobs($placeid))
{
if (setPBSGame($placeid))
{
$set = $GLOBALS['pdo']->prepare("UPDATE assets SET Hash = :hash WHERE id = :i");
$set->bindParam(":hash", $gamehash, PDO::PARAM_INT);
$set->bindParam(":i", $placeid, PDO::PARAM_INT);
$set->execute();
if ($set->rowCount() > 0)
{
//trust mysql!!
$deletepersistence = $GLOBALS['pdo']->prepare("DELETE FROM persistence WHERE placeid = :i");
$deletepersistence->bindParam(":i", $placeid, PDO::PARAM_INT);
$deletepersistence->execute();
handleRenderPlace($placeid);
redirect("/games/pbs/config?id=".$placeid);
}
}
}
setRegularGame($placeid);
}
return "Error converting to PBS";
}
$alert = "";
if(isset($_GET['id']))
{
$id = (int)$_GET['id'];
if(getAssetInfo($id)->isPersonalServer)
{
redirect("/games/pbs/config?id=".$id);
}
//Query
$q = $pdo->prepare("SELECT * FROM assets WHERE id = :i");
$q->bindParam(":i", $id, PDO::PARAM_INT);
$q->execute();
if($q->rowCount() > 0)
{
if (isOwner($id) or $user->isAdmin()) //if the user is the owner of the game, or staff
{
//item parameters
$gameinfo = getAssetInfo($id);
$gamename = cleanOutput($gameinfo->Name);
$gamedescription = cleanOutput($gameinfo->Description, false); //pass false to not replace linebreaks with html
$gamecreator = $gameinfo->CreatorId;
$gamemaxplayers = $gameinfo->MaxPlayers;
$gamerender = handleGameThumb($id);
$commentsstatus = '';
if ($gameinfo->IsCommentsEnabled == true)
{
$commentsstatus = 'checked';
}
$thumbnailstatus = '';
if (isPlaceUsingRender($id))
{
$thumbnailstatus = 'checked';
}
//...
if (isset($_POST['Submit']))
{
//some important parameters
//file parameters
$thumbnailfileExtensionsAllowed = ['png']; // These will be the only file extensions allowed
//upload parameters
$thumbnailuploadDirectory = $GLOBALS['thumbnailCDNPath']; //directory where the textures are stored
$thumbnailHash = genAssetHash(16);
//$thumbnailuploadDirectory = "../thumbnails/places/"; //directory where the games thumbnails are stored
// ...
//temp file locations
$thumbnailfileName = $_FILES['thumbnail_file']['name'];
$thumbnailfileTmpName = $_FILES['thumbnail_file']['tmp_name']; //location of the uploaded png file (temp directory)
$thumbnailfileExtension = strtolower(end(explode('.',$thumbnailfileName)));
// ...
$usedefaultthumb = false;
if(!file_exists($_FILES['thumbnail_file']['tmp_name']) || !is_uploaded_file($_FILES['thumbnail_file']['tmp_name']))
{
$usedefaultthumb = true;
}
//check dimensions
$filecheckfail = false;
$dimensionsfail = false;
//check the image if it exists
if (!$usedefaultthumb)
{
if (in_array($thumbnailfileExtension,$thumbnailfileExtensionsAllowed)) //make sure .png file extension
{
$isimage = @imagecreatefrompng($_FILES['thumbnail_file']['tmp_name']); //check if the file is actually a PNG image
if ($isimage)
{
$imagedetails = getimagesize($_FILES['thumbnail_file']['tmp_name']);
$width = $imagedetails[0];
$height = $imagedetails[1];
if ($width > 1920) //over 1920 width, too big
{
$dimensionsfail = true;
}
if ($height > 1080) //over 1080 height, too big
{
$dimensionsfail = true;
}
}
else
{
$filecheckfail = true;
}
}
else
{
$filecheckfail = true;
}
}
if ($filecheckfail)
{
$alert = "<div class='alert alert-danger' role='alert'>Invalid thumbnail file, must be .PNG</div>";
}
elseif (strlen($_POST['placename']) < 3)
{
$alert = "<div class='alert alert-danger' role='alert'>Place name too short, must be over 3 characters</div>";
}
elseif (strlen($_POST['placename']) > 50)
{
$alert = "<div class='alert alert-danger' role='alert'>Place name too long, must be under 50 characters</div>";
}
elseif(strlen($_POST['description']) > 1000)
{
$alert = "<div class='alert alert-danger' role='alert'>Place description too long, must be under 1k characters</div>";
}
elseif ($_POST['gdskill'][1] < 1) //cant have max players under 1
{
$alert = "<div class='alert alert-danger' role='alert'>An error occurred</div>";
}
elseif ($_POST['gdskill'][1] > 12) //cant have max players over 12
{
$alert = "<div class='alert alert-danger' role='alert'>An error occurred</div>";
}
elseif ($dimensionsfail)
{
$alert = "<div class='alert alert-danger' role='alert'>Thumbnail resolution cannot be over 1920x1080</div>";
}
else //all checks passed, do the do
{
//$
//update place name
$c = $pdo->prepare("UPDATE assets SET Name = :n WHERE id = :i");
$c->bindParam(":n", cleanInput($_POST['placename']), PDO::PARAM_STR); //item name
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
// ...
//update place description
$c = $pdo->prepare("UPDATE assets SET Description = :n WHERE id = :i");
$c->bindParam(":n", cleanInput($_POST['description']), PDO::PARAM_STR); //item description
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
// ...
//update place max players
$c = $pdo->prepare("UPDATE assets SET MaxPlayers = :n WHERE id = :i");
$c->bindParam(":n", $_POST['gdskill'][1], PDO::PARAM_INT); //item price
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
// ...
if (isset($_POST['comments_checkbox']))
{
//update IsCommentsEnabled to enabled
$comments = 1;
$c = $pdo->prepare("UPDATE assets SET IsCommentsEnabled = :n, Updated = UNIX_TIMESTAMP() WHERE id = :i");
$c->bindParam(":n", $comments, PDO::PARAM_INT); //item name
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
// ...
}
else
{
//update IsCommentsEnabled to disabled
$comments = 0;
$c = $pdo->prepare("UPDATE assets SET IsCommentsEnabled = :n, Updated = UNIX_TIMESTAMP() WHERE id = :i");
$c->bindParam(":n", $comments, PDO::PARAM_INT); //item name
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
// ...
}
if (isset($_POST['thumbnail_checkbox']))
{
if (!isPlaceUsingRender($id))
{
$placepost = handleRenderPlace($id);
if ($placepost !== true) {
$alert = "<div class='alert alert-danger' role='alert'>".$placepost."</div>";
}
else
{
redirect("config?id={$id}");
}
}
}
else
{
//grab place image hash
//files in proper places
if (!$usedefaultthumb) //if custom thumb uploaded
{
$GLOBALS['pdo']->exec("LOCK TABLES assets WRITE"); //lock since this stuff is sensitive
$b = $GLOBALS['pdo']->prepare("SELECT * FROM assets");
$b->execute();
//grab auto increment values
$autoincrement = $b->rowCount() + 1; //initial auto increment value
//add texture to assets
$assetname = $gamename . " Thumbnail";
$x = $GLOBALS['pdo']->prepare("INSERT INTO `assets`(`id`, `AssetTypeId`, `Name`, `Description`, `Created`, `Updated`, `CreatorId`, `TargetId`, `PriceInAlphabux`, `Sales`, `IsNew`, `IsForSale`, `IsPublicDomain`, `IsLimited`, `IsLimitedUnique`, `IsApproved`, `Remaining`, `MinimumMembershipLevel`, `ContentRatingTypeId`, `Favorited`, `Visited`, `MaxPlayers`, `UpVotes`, `DownVotes`, `Hash`) VALUES (:aid,1,:aname,'Place Thumbnail',UNIX_TIMESTAMP(),UNIX_TIMESTAMP(),:oid,:aid2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,:hash)");
$x->bindParam(":aid", $autoincrement, PDO::PARAM_INT);
$x->bindParam(":aname", $assetname, PDO::PARAM_STR);
$x->bindParam(":oid", $gamecreator, PDO::PARAM_INT);
$x->bindParam(":aid2", $autoincrement, PDO::PARAM_INT);
$x->bindParam(":hash", $thumbnailHash, PDO::PARAM_STR);
$x->execute();
//update place thumbhash
$c = $pdo->prepare("UPDATE assets SET IconImageAssetId = :n WHERE id = :i");
$c->bindParam(":n", $autoincrement, PDO::PARAM_INT); //item price
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
$GLOBALS['pdo']->exec("UNLOCK TABLES");
resize(768, 432, $thumbnailuploadDirectory . $thumbnailHash, $_FILES['thumbnail_file']['tmp_name']);
setPlaceUsingCustomThumbnail($id); //set not using rendered thumb
redirect("config?id={$id}");
}
else
{
if (isPlaceUsingRender($id))
{
$thumb = rand(4, 6);
//update place icon
$c = $pdo->prepare("UPDATE assets SET IconImageAssetId = :iiad WHERE id = :i");
$c->bindParam(":iiad", $thumb, PDO::PARAM_INT); //item name
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
// ...
setPlaceUsingCustomThumbnail($id); //set not using rendered thumb
}
redirect("config?id={$id}");
}
// ...
}
}
}
if (isset($_POST['SubmitPBSSuperflat']))
{
$upload = convertToPBSPlace("Superflat", $id);
if ($upload !== true)
{
$alert = "<div class='alert alert-danger' role='alert'>" . $upload . "</div>";
}
else
{
$alert = "<div class='alert alert-success' role='alert'>Created Personal Server</div>";
}
}
if (isset($_POST['SubmitPBSRugged']))
{
$upload = convertToPBSPlace("Rugged", $id);
if ($upload !== true)
{
$alert = "<div class='alert alert-danger' role='alert'>" . $upload . "</div>";
}
else
{
$alert = "<div class='alert alert-success' role='alert'>Created Personal Server</div>";
}
}
if (isset($_POST['SubmitPBSHappyHome']))
{
$upload = convertToPBSPlace("HappyHome", $id);
if ($upload !== true)
{
$alert = "<div class='alert alert-danger' role='alert'>" . $upload . "</div>";
}
else
{
$alert = "<div class='alert alert-success' role='alert'>Created Personal Server</div>";
}
}
if (isset($_POST['SubmitPBSBaseplate']))
{
$upload = convertToPBSPlace("Baseplate", $id);
if ($upload !== true)
{
$alert = "<div class='alert alert-danger' role='alert'>" . $upload . "</div>";
}
else
{
$alert = "<div class='alert alert-success' role='alert'>Created Personal Server</div>";
}
}
if (isset($_POST['PBSNoSelection']))
{
$alert = "<div class='alert alert-danger' role='alert'>Please choose a template</div>";
}
if (isset($_POST['SubmitPlace']))
{
$place = newPlace();
if ($place !== true)
{
$alert = "<div class='alert alert-danger' role='alert'>" . $place . "</div>";
}
else
{
$alert = "<div class='alert alert-success' role='alert'>Created place</div>";
}
}
}
else
{
redirect("/"); //not owner or not admin
}
}
else
{
redirect("/"); //place doesnt exist
}
}
else
{
redirect("/"); //no url parameters
}
$gearshtml = "";
if ($gearsportion)
{
$gearshtml = <<<EOT
<div class="container text-center marg-bot-15">
<h6>Allowed Gear Genres</h6>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline1">
<label class="custom-control-label" for="defaultInline1">Melee Weapon</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline2">
<label class="custom-control-label" for="defaultInline2">Ranged Weapons</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline3">
<label class="custom-control-label" for="defaultInline3">Explosive</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline4">
<label class="custom-control-label" for="defaultInline4">Power Up</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline5">
<label class="custom-control-label" for="defaultInline5">Navigation Enhancers</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline6">
<label class="custom-control-label" for="defaultInline6">Musical Instruments</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline7">
<label class="custom-control-label" for="defaultInline7">Social Items</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline8">
<label class="custom-control-label" for="defaultInline8">Building Tools</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline9">
<label class="custom-control-label" for="defaultInline9">Personal Transport</label>
</div>
</div>
EOT;
}
$body = <<<EOT
<div class="container">
{$alert}
<form action="" method="post" enctype="multipart/form-data">
<div class="row">
<div class="col-sm">
<div class="card">
<div class="card-body">
<div class="row">
<div class="col-sm">
<div class="row mb-2">
<div class="col-sm">
<h5>Configure Place</h5>
</div>
<div class="col-sm-2">
<btn class="btn btn-danger w-100 float-right" data-toggle="modal" data-target="#convertpbs">Convert to PBS</btn>
</div>
</div>
<div class="text-center marg-bot-15">
<label style="float:left;">Place Name</label>
<input class="form-control" type="text" name="placename" value="{$gamename}">
</div>
<div class="text-center">
<img class="img-fluid" style="width:40rem;height:20rem;" src="{$gamerender}">
</div>
<div class="text-center marg-bot-15">
<label style="float:left;text-align:top;">Description</label>
<textarea style="min-height:10rem;max-height:10rem;" class="form-control" type="text" name="description" placeholder="Description">{$gamedescription}</textarea>
</div>
<hr>
<div class="container text-center">
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" name="comments_checkbox" {$commentsstatus} class="custom-control-input" autocomplete="off" id="comments">
<label class="custom-control-label" for="comments">Comments Enabled</label>
</div>
</div>
</hr>
<div class="container text-center marg-bot-15">
<label for="playerrange" style="float:left;text-align:top;">Max Players</label>
<input class="form-control-range custom-range" min="1" max="12" name="gdskill[1]" id="gdskill1" value="{$gamemaxplayers}" step="1" type="range" name="placemaxplayers" oninput="Output1.value = gdskill1.value">
<output id="Output1" class="output" style="font-size:18px;">{$gamemaxplayers}</output>
<datalist id="ticks">
<option>1</option>
<option>2</option>
<option>3</option>
<option>4</option>
<option>5</option>
<option>6</option>
<option>7</option>
<option>8</option>
<option>9</option>
<option>10</option>
<option>11</option>
<option>12</option>
</datalist>
</div>
<hr>
<div class="container text-center">
<h5>Badges</h5>
<div class="card w-100 mb-2">
<div class="card-body">
<div class="row">
<div class="col-sm">
<div class="group-approval-container">
<ul id="games_badges">
<li>
<div class="card mb-1">
<div class="card-body">
<a class="red-a-nounder">
<img class="img-fluid" src="{thumbnail}">
<p>{username}</p>
</a>
<div class="row mb-1">
<div class="col-sm">
<button class="btn btn-success w-100" onclick="approveRequest({userid})">Approve</button>
</div>
</div>
<div class="row">
<div class="col-sm">
<button class="btn btn-danger w-100" onclick="denyRequest({userid})">Deny</button>
</div>
</div>
</div>
</div>
</li>
</ul>
</div>
</div>
</div>
</div>
</div>
<div class="text-center">
<div class="btn-group mb-3" id="join_requests_buttons">
</div>
</div>
</div>
<hr>
<div class="text-center">
<h6>If you'd like to use the last Studio position as the Thumbnail, check it below</h6>
<h6>When you update this place through Studio with this ticked, the Thumbnail will update with the current position</h6>
</div>
<div class="container text-center">
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" name="thumbnail_checkbox" {$thumbnailstatus} class="custom-control-input" onclick="checkTick()" autocomplete="off" id="thumbnail_tick">
<label class="custom-control-label" for="thumbnail_tick">Use last Studio position</label>
</div>
</div>
<hr>
<div id="custom_thumb_container">
<div class="text-center">
<h6>Custom Game Thumbnails cannot be above 1920x1080</h6>
<h6>If no custom Thumbnail is provided, a default will be used</h6>
</div>
<div class="input-group mb-3">
<div class="custom-file">
<input type="file" name="thumbnail_file" class="custom-file-input" id="inputGthumbFile">
<label class="custom-file-label" for="inputGthumbFile">Custom Game Thumbnail</label>
</div>
</div>
</div>
<hr>
{$gearshtml}
<input type="Submit" name="Submit" value="Update Place" class="btn btn-danger w-100">
</div>
</div>
</div>
</div>
</div>
</div>
<div class="modal fade" id="convertpbs" tabindex="-1" role="dialog" aria-labelledby="convertpbsLabel" aria-hidden="true">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="exampleModalLabel">Convert to PBS</h5>
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">&times;</span>
</button>
</div>
<div class="modal-body">
<h5>WARNING:</h5>
<p>Selecting a template then pressing <b>Confirm</b> will convert your game to a Personal Build Server (PBS), and all game data will be lost including Data Stores. Please take any backups before proceeding. All running Servers will also shutdown in the process.</p>
<div class="converpbsopcontainer">
<ul>
<li>
<div id="PBSIDSuperflat" class="converpbsopcard" onclick="setPBSType('Superflat')">
<a class="text-center">
<img class="img-fluid" src="/alphaland/cdn/imgs/Previews/Superflat.png">
<span><p>Superflat</p></span>
</a>
</div>
</li>
<li>
<div id="PBSIDRugged" class="converpbsopcard" onclick="setPBSType('Rugged')">
<a class="text-center">
<img class="img-fluid" src="/alphaland/cdn/imgs/Previews/Rugged.png">
<span><p>Rugged</p></span>
</a>
</div>
</li>
<li>
<div id="PBSIDHappyHome" class="converpbsopcard" onclick="setPBSType('HappyHome')">
<a class="text-center">
<img class="img-fluid" src="/alphaland/cdn/imgs/Previews/Happy%20Home.png">
<span><p>Happy Home</p></span>
</a>
</div>
</li>
<li>
<div id="PBSIDBaseplate" class="converpbsopcard" onclick="setPBSType('Baseplate')">
<a class="text-center">
<img class="img-fluid" src="/alphaland/cdn/imgs/Previews/Baseplate.png">
<span><p>Baseplate</p></span>
</a>
</div>
</li>
</ul>
</div>
</div>
<div class="modal-footer">
<form action="" method="post">
<button id="PBSSubmitButton" name="PBSNoSelection" class="btn btn-danger"><b>Confirm</b></button>
</form>
</div>
</div>
</div>
</div>
</form>
</div>
<script>
var currentTypeId = "";
function setPBSType(type) {
if (currentTypeId) {
$(currentTypeId).removeClass("selected-my-group");
}
currentTypeId = "#PBSID"+type;
$(currentTypeId).addClass("selected-my-group");
$("#PBSSubmitButton").prop('name','SubmitPBS'+type);
}
function checkTick()
{
if ($('#thumbnail_tick').is(':checked'))
$("#custom_thumb_container").hide();
else
$("#custom_thumb_container").show();
}
checkTick()
</script>
EOT;
pageHandler();
$ph->body = $body;
$ph->pageTitle("Config");
$ph->output();

6
html/games/view.php
View File

@ -4,6 +4,8 @@
Alphaland 2021
*/
use Alphaland\Web\WebContextManager;
$gameID = $_GET['id'];
$gInfo = getAssetInfo($gameID);
@ -12,12 +14,12 @@ if($gInfo !== false)
$gameName = $gInfo->Name;
if ($gInfo->AssetTypeId != 9) //make sure its actually a place
{
redirect("/404");
WebContextManager::Redirect("/404");
}
}
else
{
redirect("/404");
WebContextManager::Redirect("/404");
}
checkForDeadJobs($gameID);

4
html/login/forgotpassword.php
View File

@ -1,8 +1,10 @@
<?php
use Alphaland\Web\WebContextManager;
if (isLoggedIn())
{
redirect("/");
WebContextManager::Redirect("/");
}
$alert = '';

5
html/login/index.php
View File

@ -1,9 +1,12 @@
<?php
use Alphaland\Web\WebContextManager;
$error = "";
if (isLoggedIn())
{
redirect("/");
WebContextManager::Redirect("/");
}
if(isset($_POST['lg']))

5
html/logout.php
View File

@ -1,3 +1,6 @@
<?php
use Alphaland\Web\WebContextManager;
$user->logout();
redirect("/");
WebContextManager::Redirect("/");

2
html/maintenance.php
View File

@ -4,7 +4,7 @@ use Alphaland\Web\WebContextManager;
if (!WebContextManager::IsUnderMaintenance())
{
redirect("/");
WebContextManager::Redirect("/");
}
$websettings = $pdo->prepare("SELECT * FROM websettings");

5
html/profile/view.php
View File

@ -1,6 +1,7 @@
<?php
use Alphaland\Moderation\UserModerationManager;
use Alphaland\Web\WebContextManager;
$alert = "";
@ -27,7 +28,7 @@ if(isset($_GET['id']))
if (UserModerationManager::IsBanned($id))
{
redirect("/404");
WebContextManager::Redirect("/404");
}
$body = <<<EOT
@ -457,7 +458,7 @@ EOT;
}
else
{
redirect('/404');
WebContextManager::Redirect('/404');
}
}
else

3
html/register.php
View File

@ -6,6 +6,7 @@
*/
use Alphaland\Users\Activation;
use Alphaland\Web\WebContextManager;
$body = '';
$error = '';
@ -136,7 +137,7 @@ else
//send verification email
sendVerificationEmail("info@alphaland.cc", $email);
redirect("/");
WebContextManager::Redirect("/");
}
else
{

10
html/settings/resetpassword.php
View File

@ -1,8 +1,10 @@
<?php
use Alphaland\Web\WebContextManager;
if (isLoggedIn())
{
redirect('/');
WebContextManager::Redirect('/');
}
$alert = '';
@ -38,7 +40,7 @@ if(isset($_GET['token']))
}
else
{
redirect("/forgotpassword");
WebContextManager::Redirect("/forgotpassword");
}
}
}
@ -50,12 +52,12 @@ if(isset($_GET['token']))
}
else
{
redirect("/");
WebContextManager::Redirect("/");
}
}
else
{
redirect("/");
WebContextManager::Redirect("/");
}
$body = <<<EOT

4
html/verifyemail.php
View File

@ -1,5 +1,7 @@
<?php
use Alphaland\Web\WebContextManager;
$token = (int)$_GET['token'];
verifyEmail($token);
redirect("/settings");
WebContextManager::Redirect("/settings");

2
html_admin/client-deployer-upload.php
View File

@ -7,7 +7,7 @@ WebContextManager::ForceHttpsCloudflare();
//permissions
if(!($user->isOwner())) {
if ($user->isAdmin()) {
redirect("/");
WebContextManager::Redirect("/");
}
die('bababooey');
}

2
html_admin/client-deployer.php
View File

@ -6,7 +6,7 @@ WebContextManager::ForceHttpsCloudflare();
if(!($user->isOwner())) {
if ($user->isAdmin()) {
redirect("/");
WebContextManager::Redirect("/");
}
die('bababooey');
}

20
html_admin/configuration.php
View File

@ -6,7 +6,7 @@ WebContextManager::ForceHttpsCloudflare();
if(!($user->isOwner())) {
if ($user->isAdmin()) {
redirect("/");
WebContextManager::Redirect("/");
}
die('bababooey');
}
@ -53,13 +53,13 @@ else
if(isset($_POST['maintenanceon']))
{
enableMaintenance($_POST['optionalmaintenancetext']);
redirect("configuration");
WebContextManager::Redirect("configuration");
}
if(isset($_POST['maintenanceoff']))
{
disableMaintenance();
redirect("configuration");
WebContextManager::Redirect("configuration");
}
if(isset($_POST['devmodeon']))
@ -80,7 +80,7 @@ if(isset($_POST['devmodeon']))
$curl_response = curl_exec($soap_do);
redirect("configuration");
WebContextManager::Redirect("configuration");
}
if(isset($_POST['devmodeoff']))
@ -101,7 +101,7 @@ if(isset($_POST['devmodeoff']))
$curl_response = curl_exec($soap_do);
redirect("configuration");
WebContextManager::Redirect("configuration");
}
if (isset($_POST['clearcachesubmit']))
@ -121,7 +121,7 @@ if (isset($_POST['clearcachesubmit']))
$curl_response = curl_exec($soap_do);
redirect("configuration");
WebContextManager::Redirect("configuration");
}
if (isset($_POST['submitwskey']))
@ -130,7 +130,7 @@ if (isset($_POST['submitwskey']))
$setwskey = $pdo->prepare("UPDATE websettings SET webservice_key = :k");
$setwskey->bindParam(":k", $key, PDO::PARAM_STR);
$setwskey->execute();
redirect("configuration");
WebContextManager::Redirect("configuration");
}
if (isset($_POST['setwsipwhitelist']))
@ -138,21 +138,21 @@ if (isset($_POST['setwsipwhitelist']))
$setwsip = $pdo->prepare("UPDATE websettings SET webservice_whitelist = :w");
$setwsip->bindParam(":w", $_POST['setwsipwhitelist'], PDO::PARAM_STR);
$setwsip->execute();
redirect("configuration");
WebContextManager::Redirect("configuration");
}
if (isset($_POST['cachingon']))
{
$setapprovals = $pdo->prepare("UPDATE websettings SET avatarCaching = 1");
$setapprovals->execute();
redirect("configuration");
WebContextManager::Redirect("configuration");
}
if (isset($_POST['cachingoff']))
{
$setapprovals = $pdo->prepare("UPDATE websettings SET avatarCaching = 0");
$setapprovals->execute();
redirect("configuration");
WebContextManager::Redirect("configuration");
}
$maintenancestatus = "";

2
html_admin/give-asset.php
View File

@ -6,7 +6,7 @@ WebContextManager::ForceHttpsCloudflare();
if(!($user->isOwner())) {
if ($user->isAdmin()) {
redirect("/");
WebContextManager::Redirect("/");
}
die('bababooey');
}

2
html_admin/rank-management.php
View File

@ -6,7 +6,7 @@ WebContextManager::ForceHttpsCloudflare();
if(!($user->isOwner())) {
if ($user->isAdmin()) {
redirect("/");
WebContextManager::Redirect("/");
}
die('bababooey');
}

4
html_api/logo.php
View File

@ -1,3 +1,5 @@
<?php
redirect(getCurrentThemeLogo());
use Alphaland\Web\WebContextManager;
WebContextManager::Redirect(getCurrentThemeLogo());

4
html_api/marketplace/productinfo.php
View File

@ -1,5 +1,7 @@
<?php
use Alphaland\Web\WebContextManager;
header('Content-Type: application/json');
$assetid = $_GET['assetId'];
@ -12,7 +14,7 @@ if (!$assetid)
if ($useroblox == "true")
{
redirect("https://api.roblox.com/marketplace/productinfo?assetId=" . $assetid);
WebContextManager::Redirect("https://api.roblox.com/marketplace/productinfo?assetId=" . $assetid);
}
else
{

5
html_api/users/thumbnail.php
View File

@ -5,6 +5,9 @@ Alphaland 2021
*/
//headers
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true");
@ -15,4 +18,4 @@ if (!$userid) {
$userid = $user->id;
}
redirect(getPlayerRender($userid, $headshot)); //cachebuster
WebContextManager::Redirect(getPlayerRender($userid, $headshot)); //cachebuster

4
html_assetgame/Asset/index.php
View File

@ -2,6 +2,8 @@
//we dont want duplicates of the asset fetching so we will just make this endpoint internally redirect
use Alphaland\Web\WebContextManager;
$id = (int)$_GET["id"];
$assetversionid = (int)$_GET["assetversionid"];
$version = (int)$_GET["version"];
@ -16,4 +18,4 @@ else if ($version)
$assetversion = $version;
}
redirect("https://www.alphaland.cc/asset/?id=" . $id . "&version=" . $assetversion);
WebContextManager::Redirect("https://www.alphaland.cc/asset/?id=" . $id . "&version=" . $assetversion);

4
ratelimit.php
View File

@ -1,9 +1,11 @@
<?php
use Alphaland\Web\WebContextManager;
$url = $_SERVER['REQUEST_URI'];
if (strpos($url, '/ratelimit') !== false || strpos($url, '/ratelimit.php') !== false) {
redirect("/404"); //why not
WebContextManager::Redirect("/404"); //why not
}
echo "Rate limit exceeded, slow down!";