diff --git a/globals/config.php b/globals/config.php index 95a17b4..53dface 100644 --- a/globals/config.php +++ b/globals/config.php @@ -149,7 +149,7 @@ try //step 1, check if under maintenance if ($maintenance) { //maintenance redirect if ($accesseddirectory != "/maintenance.php") { - redirect($url . "/maintenance"); + WebContextManager::Redirect($url . "/maintenance"); } } @@ -157,7 +157,7 @@ try if ($GLOBALS['user']->logged_in && $banned) { //ban redirect if ($accesseddirectory != "/ban.php" && $accesseddirectory != "/logout.php") { - redirect($url . "/ban"); + WebContextManager::Redirect($url . "/ban"); } } @@ -165,14 +165,14 @@ try if ($GLOBALS['user']->logged_in && !$activated) { //activation redirect if ($accesseddirectory != "/activate.php" && $accesseddirectory != "/logout.php") { - redirect($url . "/activate"); + WebContextManager::Redirect($url . "/activate"); } } //step 4, check if 2fa is authenticated if ($GLOBALS['user']->logged_in && !$twofactor) { //2fa redirect if ($accesseddirectory != "/2fa.php") { - redirect($url . "/2fa"); + WebContextManager::Redirect($url . "/2fa"); } } @@ -192,17 +192,17 @@ try $accesseddirectory != "/asset/index.php" && $accesseddirectory != "/settings/resetpassword.php" && $accesseddirectory != "/secret/localtesting.php") { //for local client testing, doesn't contain anything sensitive - redirect($url); + WebContextManager::Redirect($url); } } else if ($accesseddomain == "api.".$domain) { //api if ($accesseddirectory != "/logo.php") { - redirect($url); + WebContextManager::Redirect($url); } } else if ($accesseddomain == "data.".$domain) { //data if ($accesseddirectory != "/Error/Dmp.ashx") { - redirect($url); + WebContextManager::Redirect($url); } } else if ($accesseddomain == "setup.".$domain) { //setup @@ -211,7 +211,7 @@ try else if ($accesseddomain == "clientsettings.api.".$domain) { //clientsettings //do nothing (we arent restricting on this subdomain) } else { - redirect($url); + WebContextManager::Redirect($url); } } } diff --git a/globals/functions.php b/globals/functions.php index f566c7e..3278417 100644 --- a/globals/functions.php +++ b/globals/functions.php @@ -3570,13 +3570,13 @@ function getRobloxAssetType($assetid) function ReturnAssetFromHash($hash) //asset CDN { //alphaland assets cdn - redirect(constructAssetHashUrl($hash)); + WebContextManager::Redirect(constructAssetHashUrl($hash)); } function ReturnThumbnailFromHash($hash) //thumb CDN (images) { //alphaland thumb (images) cdn - redirect(constructThumbnailHashUrl($hash)); + WebContextManager::Redirect(constructThumbnailHashUrl($hash)); } function CreateAsset($AssetTypeId, $IconImageAssetId, $TargetId, $ProductType, $Name, $Description, $Created, $Updated, $CreatorId, $PriceInAlphabux, $Sales, $isPersonalServer, $IsNew, $IsForSale, $IsPublicDomain, $IsLimited, $IsLimitedUnique, $IsCommentsEnabled, $IsApproved, $IsModerated, $Remaining, $MinimumMembershipLevel, $ContentRatingTypeId, $Favorited, $Visited, $MaxPlayers, $UpVotes, $DownVotes, $Hash, $ThumbHash) @@ -6321,12 +6321,6 @@ function getID($username) { return false; //user not found } -function redirect($location, $code = 302) { - http_response_code($code); - header("Location: $location"); - die(); -} - function passwordCorrect($userID, $password) { $check = $GLOBALS['pdo']->prepare("SELECT pwd FROM users WHERE id = :i"); $check->bindParam(":i", $userID, PDO::PARAM_INT); diff --git a/html/2fa.php b/html/2fa.php index 09dee6b..3f45cc2 100644 --- a/html/2fa.php +++ b/html/2fa.php @@ -1,20 +1,21 @@ logout(); - redirect("/"); + WebContextManager::Redirect("/"); } $body = <<isStaff()) { - redirect("../home"); //u not admin nigga + WebContextManager::Redirect("/"); } $assetid = $_GET['id']; diff --git a/html/MCP/asset-management.php b/html/MCP/asset-management.php index 8bd6da5..970b147 100644 --- a/html/MCP/asset-management.php +++ b/html/MCP/asset-management.php @@ -1,8 +1,10 @@ isStaff()) { - redirect("../home"); //u not admin nigga + WebContextManager::Redirect("/"); } $body = <<isStaff()) { - redirect("/"); + WebContextManager::Redirect("/"); } $body = <<isStaff()) { - redirect("/"); + WebContextManager::Redirect("/"); } //get params diff --git a/html/MCP/index.php b/html/MCP/index.php index 7351f7a..d2b051a 100644 --- a/html/MCP/index.php +++ b/html/MCP/index.php @@ -1,7 +1,10 @@ isStaff())) { - redirect("../404"); //u not admin nigga + WebContextManager::Redirect("/"); } $body = <<Moderation Control Panel diff --git a/html/MCP/invite-logs/index.php b/html/MCP/invite-logs/index.php index 6539dd7..2e80a54 100644 --- a/html/MCP/invite-logs/index.php +++ b/html/MCP/invite-logs/index.php @@ -1,8 +1,10 @@ isStaff()) { - redirect("/"); + WebContextManager::Redirect("/"); } $alert = ''; diff --git a/html/MCP/invite-logs/inviteLogs.php b/html/MCP/invite-logs/inviteLogs.php index 685cbfb..6e928b7 100644 --- a/html/MCP/invite-logs/inviteLogs.php +++ b/html/MCP/invite-logs/inviteLogs.php @@ -1,8 +1,10 @@ isStaff()) { - redirect("/"); + WebContextManager::Redirect("/"); } //headers diff --git a/html/MCP/moderateasset.php b/html/MCP/moderateasset.php index 48abac0..4484cd2 100644 --- a/html/MCP/moderateasset.php +++ b/html/MCP/moderateasset.php @@ -6,13 +6,16 @@ Alphaland 2021 //headers + +use Alphaland\Web\WebContextManager; + header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); if(!$user->isStaff()) { - redirect("../home"); //u not admin nigga + WebContextManager::Redirect("/"); } $assetid = $_GET['id']; diff --git a/html/MCP/pendingassets.php b/html/MCP/pendingassets.php index be78f3f..a9d1350 100644 --- a/html/MCP/pendingassets.php +++ b/html/MCP/pendingassets.php @@ -4,10 +4,11 @@ Alphaland 2021 */ +use Alphaland\Web\WebContextManager; if(!$user->isStaff()) { - redirect("../home"); //u not admin nigga + WebContextManager::Redirect("/"); } //headers diff --git a/html/MCP/reports/data/close.php b/html/MCP/reports/data/close.php index cd85cfe..e014b5d 100644 --- a/html/MCP/reports/data/close.php +++ b/html/MCP/reports/data/close.php @@ -5,6 +5,8 @@ Closes an active report */ +use Alphaland\Web\WebContextManager; + header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); header('Content-Type: application/json'); @@ -12,7 +14,7 @@ header('Content-Type: application/json'); $id = (int)$_GET['id']; if(!$user->isStaff() || !$id) { - redirect("/MCP"); + WebContextManager::Redirect("/"); } $report = $GLOBALS['pdo']->prepare("UPDATE user_reports SET `closed` = 1 WHERE `id` = :id AND `closed` = 0"); diff --git a/html/MCP/reports/data/index.php b/html/MCP/reports/data/index.php index 7927beb..dadeaa8 100644 --- a/html/MCP/reports/data/index.php +++ b/html/MCP/reports/data/index.php @@ -5,6 +5,8 @@ Report Data */ +use Alphaland\Web\WebContextManager; + header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); header('Content-Type: application/json'); @@ -12,7 +14,7 @@ header('Content-Type: application/json'); $id = (int)$_GET['id']; if(!$user->isStaff() || !$id) { - redirect("/MCP"); + WebContextManager::Redirect("/"); } $xml = ""; diff --git a/html/MCP/reports/data/reports.php b/html/MCP/reports/data/reports.php index 4098569..d773491 100644 --- a/html/MCP/reports/data/reports.php +++ b/html/MCP/reports/data/reports.php @@ -4,12 +4,14 @@ Alphaland 2021 */ +use Alphaland\Web\WebContextManager; + header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); header('Content-Type: application/json'); if(!$user->isStaff()) { - redirect("/MCP"); + WebContextManager::Redirect("/"); } $report = $GLOBALS['pdo']->prepare("SELECT * FROM user_reports WHERE closed = 0 ORDER BY whenReported ASC"); diff --git a/html/MCP/reports/index.php b/html/MCP/reports/index.php index 8febc1b..a373d0b 100644 --- a/html/MCP/reports/index.php +++ b/html/MCP/reports/index.php @@ -5,8 +5,10 @@ Active Reports */ +use Alphaland\Web\WebContextManager; + if(!$user->isStaff()) { - redirect("/"); + WebContextManager::Redirect("/"); } $body = <<isStaff()) { - redirect("/"); + WebContextManager::Redirect("/"); } //chek @@ -14,7 +16,7 @@ $report = $GLOBALS['pdo']->prepare("SELECT * FROM user_reports WHERE `id` = :id $report->bindParam(":id", $_GET['id'], PDO::PARAM_INT); $report->execute(); if ($report->rowCount() == 0) { - redirect("/MCP/reports/"); + WebContextManager::Redirect("/MCP/reports/"); } $body = <<isStaff()) { - redirect("/"); + WebContextManager::Redirect("/"); } //headers diff --git a/html/MCP/user-management/banlist.php b/html/MCP/user-management/banlist.php index a25a4f1..46ca0f2 100644 --- a/html/MCP/user-management/banlist.php +++ b/html/MCP/user-management/banlist.php @@ -4,12 +4,14 @@ Alphaland 2021 */ +use Alphaland\Web\WebContextManager; + header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("access-control-allow-credentials: true"); header('Content-Type: application/json'); if(!$user->isStaff()) { - redirect("/MCP"); + WebContextManager::Redirect("/"); } $bans = $GLOBALS['pdo']->prepare("SELECT * FROM user_bans WHERE valid = 1"); diff --git a/html/MCP/user-management/index.php b/html/MCP/user-management/index.php index 9408fc6..7e381e1 100644 --- a/html/MCP/user-management/index.php +++ b/html/MCP/user-management/index.php @@ -1,8 +1,10 @@ isStaff())) { - redirect("/"); //u not admin nigga + WebContextManager::Redirect("/"); } $body = <<isStaff()) { - redirect("/"); + WebContextManager::Redirect("/"); } //headers diff --git a/html/activate.php b/html/activate.php index ac05175..e39a95c 100644 --- a/html/activate.php +++ b/html/activate.php @@ -1,9 +1,10 @@ id)) { - redirect("/"); + WebContextManager::Redirect("/"); } $activationcode = Activation::GetUserActivationCode($user->id); diff --git a/html/asset/index.php b/html/asset/index.php index 1f2e4c1..1ed8d2d 100644 --- a/html/asset/index.php +++ b/html/asset/index.php @@ -63,6 +63,6 @@ if ($id) } else //fallback to roblox assets (compatibility)(will break eventually, need a better solution)(instruct players to use roblox asset url for compatibility?) roblox.com/asset/?id= { - redirect("https://assetdelivery.roblox.com/v1/asset/?id=" . $id . "&version=" . $assetversion); + WebContextManager::Redirect("https://assetdelivery.roblox.com/v1/asset/?id=" . $id . "&version=" . $assetversion); } } diff --git a/html/badges/view.php b/html/badges/view.php index c4507cd..2d96b60 100644 --- a/html/badges/view.php +++ b/html/badges/view.php @@ -1,5 +1,7 @@ pageTitle(cleanOutput($i->Name)); diff --git a/html/ban.php b/html/ban.php index 8aee9b2..93c138d 100644 --- a/html/ban.php +++ b/html/ban.php @@ -1,6 +1,7 @@ id)) { @@ -17,7 +18,7 @@ if (UserModerationManager::IsBanned($user->id)) if(isset($_POST['logout'])) { $user->logout(); - redirect("/"); + WebContextManager::Redirect("/"); } if(isset($_POST['agree'])) @@ -28,7 +29,7 @@ if (UserModerationManager::IsBanned($user->id)) $unban = $pdo->prepare("UPDATE user_bans SET valid = 0 WHERE uid = :u"); $unban->bindParam(":u", $user->id, PDO::PARAM_INT); $unban->execute(); - redirect("/"); + WebContextManager::Redirect("/"); } elseif ($banType == 1) //temporary { @@ -38,7 +39,7 @@ if (UserModerationManager::IsBanned($user->id)) $unban = $pdo->prepare("UPDATE user_bans SET valid = 0 WHERE uid = :u"); $unban->bindParam(":u", $user->id, PDO::PARAM_INT); $unban->execute(); - redirect("/"); + WebContextManager::Redirect("/"); } } } @@ -107,5 +108,5 @@ if (UserModerationManager::IsBanned($user->id)) else { //not banned - redirect("/"); + WebContextManager::Redirect("/"); } \ No newline at end of file diff --git a/html/catalog/config.php b/html/catalog/config.php index 4ca4b29..6b904fc 100644 --- a/html/catalog/config.php +++ b/html/catalog/config.php @@ -1,5 +1,7 @@ AssetTypeId == 9) { - redirect("/games/view?id=" . $id); + WebContextManager::Redirect("/games/view?id=" . $id); } // ... @@ -246,13 +248,13 @@ EOT; else { //item doesnt exist - redirect("../../404"); + WebContextManager::Redirect("/404"); } } else { //no url parameter - redirect("/"); + WebContextManager::Redirect("/"); } pageHandler(); $ph->pageTitle(cleanOutput($i->Name)); diff --git a/html/create/index.php b/html/create/index.php index 568d40b..585639a 100644 --- a/html/create/index.php +++ b/html/create/index.php @@ -4,6 +4,8 @@ Alphaland 2021 */ +use Alphaland\Web\WebContextManager; + $body = ''; $alert = ''; $cosmuploadsuccess = $_GET['cosSuccess']; @@ -261,7 +263,7 @@ function newPlace() //POINT OF NO RETURN $newplace = createPlace($GLOBALS['user']->id, $name, $description, 12); - redirect("/games/config?id=".$newplace); + WebContextManager::Redirect("/games/config?id=".$newplace); } function newPBSPlace($placetype) @@ -298,7 +300,7 @@ function newPBSPlace($placetype) //POINT OF NO RETURN $newpbs = createPBSPlace($GLOBALS['user']->id, $name, $description, 12, $selectedPlacePath); - redirect("/games/pbs/config?id=".$newpbs); + WebContextManager::Redirect("/games/pbs/config?id=".$newpbs); } if (isset($_POST['SubmitPBSSuperflat'])) @@ -310,7 +312,7 @@ if (isset($_POST['SubmitPBSSuperflat'])) } else { - redirect('/create?pbsSuccess=true'); + WebContextManager::Redirect('/create?pbsSuccess=true'); } } @@ -323,7 +325,7 @@ if (isset($_POST['SubmitPBSRugged'])) } else { - redirect('/create?pbsSuccess=true'); + WebContextManager::Redirect('/create?pbsSuccess=true'); } } @@ -336,7 +338,7 @@ if (isset($_POST['SubmitPBSHappyHome'])) } else { - redirect('/create?pbsSuccess=true'); + WebContextManager::Redirect('/create?pbsSuccess=true'); } } @@ -349,7 +351,7 @@ if (isset($_POST['SubmitPBSBaseplate'])) } else { - redirect('/create?pbsSuccess=true'); + WebContextManager::Redirect('/create?pbsSuccess=true'); } } @@ -367,7 +369,7 @@ if (isset($_POST['SubmitAsset'])) } else { - redirect('/create?cosSuccess=true'); + WebContextManager::Redirect('/create?cosSuccess=true'); } } @@ -381,7 +383,7 @@ if (isset($_POST['SubmitPlace'])) } else { - redirect('/create?placeSuccess=true'); + WebContextManager::Redirect('/create?placeSuccess=true'); } } diff --git a/html/friends/friend-requests.php b/html/friends/friend-requests.php index 58ba04a..92bb67b 100644 --- a/html/friends/friend-requests.php +++ b/html/friends/friend-requests.php @@ -1,6 +1,8 @@ 1) { - redirect("friend-requests?page=1"); + WebContextManager::Redirect("friend-requests?page=1"); } } diff --git a/html/friends/view.php b/html/friends/view.php index 53b39c7..dc8979d 100644 --- a/html/friends/view.php +++ b/html/friends/view.php @@ -1,10 +1,12 @@ id . ''); + WebContextManager::Redirect('view?id='. $GLOBALS['user']->id . ''); } $id = (int)$_GET['id']; @@ -90,7 +92,7 @@ EOT; } else { - redirect("../../404"); + WebContextManager::Redirect("/404"); } //page buttons handling { diff --git a/html/games/config.php b/html/games/config.php index 7bdd058..fa50115 100644 --- a/html/games/config.php +++ b/html/games/config.php @@ -1,5 +1,7 @@ execute(); handleRenderPlace($placeid); - redirect("/games/pbs/config?id=".$placeid); + WebContextManager::Redirect("/games/pbs/config?id=".$placeid); } } } @@ -86,7 +88,7 @@ if(isset($_GET['id'])) if(getAssetInfo($id)->isPersonalServer) { - redirect("/games/pbs/config?id=".$id); + WebContextManager::Redirect("/games/pbs/config?id=".$id); } //Query @@ -265,7 +267,7 @@ if(isset($_GET['id'])) } else { - redirect("config?id={$id}"); + WebContextManager::Redirect("config?id={$id}"); } } } @@ -306,7 +308,7 @@ if(isset($_GET['id'])) setPlaceUsingCustomThumbnail($id); //set not using rendered thumb - redirect("config?id={$id}"); + WebContextManager::Redirect("config?id={$id}"); } else { @@ -323,7 +325,7 @@ if(isset($_GET['id'])) setPlaceUsingCustomThumbnail($id); //set not using rendered thumb } - redirect("config?id={$id}"); + WebContextManager::Redirect("config?id={$id}"); } // ... } @@ -402,17 +404,17 @@ if(isset($_GET['id'])) } else { - redirect("/"); //not owner or not admin + WebContextManager::Redirect("/"); //not owner or not admin } } else { - redirect("/"); //place doesnt exist + WebContextManager::Redirect("/"); //place doesnt exist } } else { - redirect("/"); //no url parameters + WebContextManager::Redirect("/"); //no url parameters } $gearshtml = ""; diff --git a/html/games/pbs/config.php b/html/games/pbs/config.php index 3076389..27c15b4 100644 --- a/html/games/pbs/config.php +++ b/html/games/pbs/config.php @@ -1,5 +1,7 @@ isPersonalServer == 0) { - redirect("/games/config?id=".$gameid); + WebContextManager::Redirect("/games/config?id=".$gameid); } if (!is_int($gameid) || getAssetInfo($gameid)->AssetTypeId != 9 || getAssetInfo($gameid)->isPersonalServer != 1) @@ -28,7 +30,7 @@ if (isset($_POST['ConvertToRegular'])) if (setRegularGame($gameid)) { handleRenderPlace($gameid); - redirect("/games/config?id=".$gameid); + WebContextManager::Redirect("/games/config?id=".$gameid); } else { diff --git a/html/games/test.php b/html/games/test.php deleted file mode 100644 index 76d651d..0000000 --- a/html/games/test.php +++ /dev/null @@ -1,680 +0,0 @@ -prepare("UPDATE assets SET Hash = :hash WHERE id = :i"); - $set->bindParam(":hash", $gamehash, PDO::PARAM_INT); - $set->bindParam(":i", $placeid, PDO::PARAM_INT); - $set->execute(); - if ($set->rowCount() > 0) - { - //trust mysql!! - $deletepersistence = $GLOBALS['pdo']->prepare("DELETE FROM persistence WHERE placeid = :i"); - $deletepersistence->bindParam(":i", $placeid, PDO::PARAM_INT); - $deletepersistence->execute(); - - handleRenderPlace($placeid); - redirect("/games/pbs/config?id=".$placeid); - } - } - } - setRegularGame($placeid); - } - return "Error converting to PBS"; -} - -$alert = ""; -if(isset($_GET['id'])) -{ - $id = (int)$_GET['id']; - - if(getAssetInfo($id)->isPersonalServer) - { - redirect("/games/pbs/config?id=".$id); - } - - //Query - $q = $pdo->prepare("SELECT * FROM assets WHERE id = :i"); - $q->bindParam(":i", $id, PDO::PARAM_INT); - $q->execute(); - - if($q->rowCount() > 0) - { - if (isOwner($id) or $user->isAdmin()) //if the user is the owner of the game, or staff - { - //item parameters - $gameinfo = getAssetInfo($id); - $gamename = cleanOutput($gameinfo->Name); - $gamedescription = cleanOutput($gameinfo->Description, false); //pass false to not replace linebreaks with html - $gamecreator = $gameinfo->CreatorId; - $gamemaxplayers = $gameinfo->MaxPlayers; - $gamerender = handleGameThumb($id); - - $commentsstatus = ''; - if ($gameinfo->IsCommentsEnabled == true) - { - $commentsstatus = 'checked'; - } - - $thumbnailstatus = ''; - if (isPlaceUsingRender($id)) - { - $thumbnailstatus = 'checked'; - } - //... - - if (isset($_POST['Submit'])) - { - //some important parameters - - //file parameters - $thumbnailfileExtensionsAllowed = ['png']; // These will be the only file extensions allowed - - //upload parameters - $thumbnailuploadDirectory = $GLOBALS['thumbnailCDNPath']; //directory where the textures are stored - $thumbnailHash = genAssetHash(16); - //$thumbnailuploadDirectory = "../thumbnails/places/"; //directory where the games thumbnails are stored - // ... - - //temp file locations - $thumbnailfileName = $_FILES['thumbnail_file']['name']; - $thumbnailfileTmpName = $_FILES['thumbnail_file']['tmp_name']; //location of the uploaded png file (temp directory) - $thumbnailfileExtension = strtolower(end(explode('.',$thumbnailfileName))); - // ... - - $usedefaultthumb = false; - if(!file_exists($_FILES['thumbnail_file']['tmp_name']) || !is_uploaded_file($_FILES['thumbnail_file']['tmp_name'])) - { - $usedefaultthumb = true; - } - - //check dimensions - $filecheckfail = false; - $dimensionsfail = false; - - //check the image if it exists - if (!$usedefaultthumb) - { - if (in_array($thumbnailfileExtension,$thumbnailfileExtensionsAllowed)) //make sure .png file extension - { - $isimage = @imagecreatefrompng($_FILES['thumbnail_file']['tmp_name']); //check if the file is actually a PNG image - - if ($isimage) - { - $imagedetails = getimagesize($_FILES['thumbnail_file']['tmp_name']); - $width = $imagedetails[0]; - $height = $imagedetails[1]; - - if ($width > 1920) //over 1920 width, too big - { - $dimensionsfail = true; - } - - if ($height > 1080) //over 1080 height, too big - { - $dimensionsfail = true; - } - } - else - { - $filecheckfail = true; - } - } - else - { - $filecheckfail = true; - } - } - - if ($filecheckfail) - { - $alert = ""; - } - elseif (strlen($_POST['placename']) < 3) - { - $alert = ""; - } - elseif (strlen($_POST['placename']) > 50) - { - $alert = ""; - } - elseif(strlen($_POST['description']) > 1000) - { - $alert = ""; - } - elseif ($_POST['gdskill'][1] < 1) //cant have max players under 1 - { - $alert = ""; - } - elseif ($_POST['gdskill'][1] > 12) //cant have max players over 12 - { - $alert = ""; - } - elseif ($dimensionsfail) - { - $alert = ""; - } - else //all checks passed, do the do - { - //$ - //update place name - $c = $pdo->prepare("UPDATE assets SET Name = :n WHERE id = :i"); - $c->bindParam(":n", cleanInput($_POST['placename']), PDO::PARAM_STR); //item name - $c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id - $c->execute(); - // ... - - //update place description - $c = $pdo->prepare("UPDATE assets SET Description = :n WHERE id = :i"); - $c->bindParam(":n", cleanInput($_POST['description']), PDO::PARAM_STR); //item description - $c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id - $c->execute(); - // ... - - //update place max players - $c = $pdo->prepare("UPDATE assets SET MaxPlayers = :n WHERE id = :i"); - $c->bindParam(":n", $_POST['gdskill'][1], PDO::PARAM_INT); //item price - $c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id - $c->execute(); - // ... - - if (isset($_POST['comments_checkbox'])) - { - //update IsCommentsEnabled to enabled - $comments = 1; - $c = $pdo->prepare("UPDATE assets SET IsCommentsEnabled = :n, Updated = UNIX_TIMESTAMP() WHERE id = :i"); - $c->bindParam(":n", $comments, PDO::PARAM_INT); //item name - $c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id - $c->execute(); - // ... - } - else - { - //update IsCommentsEnabled to disabled - $comments = 0; - $c = $pdo->prepare("UPDATE assets SET IsCommentsEnabled = :n, Updated = UNIX_TIMESTAMP() WHERE id = :i"); - $c->bindParam(":n", $comments, PDO::PARAM_INT); //item name - $c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id - $c->execute(); - // ... - } - - if (isset($_POST['thumbnail_checkbox'])) - { - if (!isPlaceUsingRender($id)) - { - $placepost = handleRenderPlace($id); - if ($placepost !== true) { - $alert = ""; - } - else - { - redirect("config?id={$id}"); - } - } - } - else - { - //grab place image hash - - //files in proper places - if (!$usedefaultthumb) //if custom thumb uploaded - { - $GLOBALS['pdo']->exec("LOCK TABLES assets WRITE"); //lock since this stuff is sensitive - - $b = $GLOBALS['pdo']->prepare("SELECT * FROM assets"); - $b->execute(); - - //grab auto increment values - $autoincrement = $b->rowCount() + 1; //initial auto increment value - - //add texture to assets - $assetname = $gamename . " Thumbnail"; - $x = $GLOBALS['pdo']->prepare("INSERT INTO `assets`(`id`, `AssetTypeId`, `Name`, `Description`, `Created`, `Updated`, `CreatorId`, `TargetId`, `PriceInAlphabux`, `Sales`, `IsNew`, `IsForSale`, `IsPublicDomain`, `IsLimited`, `IsLimitedUnique`, `IsApproved`, `Remaining`, `MinimumMembershipLevel`, `ContentRatingTypeId`, `Favorited`, `Visited`, `MaxPlayers`, `UpVotes`, `DownVotes`, `Hash`) VALUES (:aid,1,:aname,'Place Thumbnail',UNIX_TIMESTAMP(),UNIX_TIMESTAMP(),:oid,:aid2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,:hash)"); - $x->bindParam(":aid", $autoincrement, PDO::PARAM_INT); - $x->bindParam(":aname", $assetname, PDO::PARAM_STR); - $x->bindParam(":oid", $gamecreator, PDO::PARAM_INT); - $x->bindParam(":aid2", $autoincrement, PDO::PARAM_INT); - $x->bindParam(":hash", $thumbnailHash, PDO::PARAM_STR); - $x->execute(); - - //update place thumbhash - $c = $pdo->prepare("UPDATE assets SET IconImageAssetId = :n WHERE id = :i"); - $c->bindParam(":n", $autoincrement, PDO::PARAM_INT); //item price - $c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id - $c->execute(); - - $GLOBALS['pdo']->exec("UNLOCK TABLES"); - - resize(768, 432, $thumbnailuploadDirectory . $thumbnailHash, $_FILES['thumbnail_file']['tmp_name']); - - setPlaceUsingCustomThumbnail($id); //set not using rendered thumb - - redirect("config?id={$id}"); - } - else - { - if (isPlaceUsingRender($id)) - { - $thumb = rand(4, 6); - - //update place icon - $c = $pdo->prepare("UPDATE assets SET IconImageAssetId = :iiad WHERE id = :i"); - $c->bindParam(":iiad", $thumb, PDO::PARAM_INT); //item name - $c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id - $c->execute(); - // ... - - setPlaceUsingCustomThumbnail($id); //set not using rendered thumb - } - redirect("config?id={$id}"); - } - // ... - } - } - } - - if (isset($_POST['SubmitPBSSuperflat'])) - { - $upload = convertToPBSPlace("Superflat", $id); - if ($upload !== true) - { - $alert = ""; - } - else - { - $alert = ""; - } - } - - if (isset($_POST['SubmitPBSRugged'])) - { - $upload = convertToPBSPlace("Rugged", $id); - if ($upload !== true) - { - $alert = ""; - } - else - { - $alert = ""; - } - } - - if (isset($_POST['SubmitPBSHappyHome'])) - { - $upload = convertToPBSPlace("HappyHome", $id); - if ($upload !== true) - { - $alert = ""; - } - else - { - $alert = ""; - } - } - - if (isset($_POST['SubmitPBSBaseplate'])) - { - $upload = convertToPBSPlace("Baseplate", $id); - if ($upload !== true) - { - $alert = ""; - } - else - { - $alert = ""; - } - } - - if (isset($_POST['PBSNoSelection'])) - { - $alert = ""; - } - - if (isset($_POST['SubmitPlace'])) - { - $place = newPlace(); - if ($place !== true) - { - $alert = ""; - } - else - { - $alert = ""; - } - } - } - else - { - redirect("/"); //not owner or not admin - } - } - else - { - redirect("/"); //place doesnt exist - } -} -else -{ - redirect("/"); //no url parameters -} - -$gearshtml = ""; - if ($gearsportion) - { - $gearshtml = << -
Allowed Gear Genres
-
- - -
-
- - -
-
- - -
-
- - -
-
- - -
-
- - -
-
- - -
-
- - -
-
- - -
- -EOT; - } - - $body = << - {$alert} -
-
-
-
-
-
-
-
-
-
Configure Place
-
-
- Convert to PBS -
-
-
- - -
-
- -
-
- - -
-
-
-
- - -
-
- -
- - - {$gamemaxplayers} - - - - - - - - - - - - - - -
-
-
-
Badges
-
-
-
-
-
- -
-
-
-
-
-
-
- -
-
-
-
-
-
If you'd like to use the last Studio position as the Thumbnail, check it below
-
When you update this place through Studio with this ticked, the Thumbnail will update with the current position
-
-
-
- - -
-
-
-
-
-
Custom Game Thumbnails cannot be above 1920x1080
-
If no custom Thumbnail is provided, a default will be used
-
-
-
- - -
-
-
-
- {$gearshtml} - -
-
-
-
-
-
-
- - - -EOT; - -pageHandler(); -$ph->body = $body; -$ph->pageTitle("Config"); -$ph->output(); \ No newline at end of file diff --git a/html/games/view.php b/html/games/view.php index 5eb07c6..f37fcb4 100644 --- a/html/games/view.php +++ b/html/games/view.php @@ -4,6 +4,8 @@ Alphaland 2021 */ +use Alphaland\Web\WebContextManager; + $gameID = $_GET['id']; $gInfo = getAssetInfo($gameID); @@ -12,12 +14,12 @@ if($gInfo !== false) $gameName = $gInfo->Name; if ($gInfo->AssetTypeId != 9) //make sure its actually a place { - redirect("/404"); + WebContextManager::Redirect("/404"); } } else { - redirect("/404"); + WebContextManager::Redirect("/404"); } checkForDeadJobs($gameID); diff --git a/html/login/forgotpassword.php b/html/login/forgotpassword.php index 2c00d9c..506e00c 100644 --- a/html/login/forgotpassword.php +++ b/html/login/forgotpassword.php @@ -1,8 +1,10 @@ logout(); -redirect("/"); \ No newline at end of file +WebContextManager::Redirect("/"); \ No newline at end of file diff --git a/html/maintenance.php b/html/maintenance.php index 50bd453..75be226 100644 --- a/html/maintenance.php +++ b/html/maintenance.php @@ -4,7 +4,7 @@ use Alphaland\Web\WebContextManager; if (!WebContextManager::IsUnderMaintenance()) { - redirect("/"); + WebContextManager::Redirect("/"); } $websettings = $pdo->prepare("SELECT * FROM websettings"); diff --git a/html/profile/view.php b/html/profile/view.php index dd0f2fa..5e4fc35 100644 --- a/html/profile/view.php +++ b/html/profile/view.php @@ -1,6 +1,7 @@ isOwner())) { if ($user->isAdmin()) { - redirect("/"); + WebContextManager::Redirect("/"); } die('bababooey'); } diff --git a/html_admin/client-deployer.php b/html_admin/client-deployer.php index a5ba126..44dc4ab 100644 --- a/html_admin/client-deployer.php +++ b/html_admin/client-deployer.php @@ -6,7 +6,7 @@ WebContextManager::ForceHttpsCloudflare(); if(!($user->isOwner())) { if ($user->isAdmin()) { - redirect("/"); + WebContextManager::Redirect("/"); } die('bababooey'); } diff --git a/html_admin/configuration.php b/html_admin/configuration.php index ea1db77..b22d5f2 100644 --- a/html_admin/configuration.php +++ b/html_admin/configuration.php @@ -6,7 +6,7 @@ WebContextManager::ForceHttpsCloudflare(); if(!($user->isOwner())) { if ($user->isAdmin()) { - redirect("/"); + WebContextManager::Redirect("/"); } die('bababooey'); } @@ -53,13 +53,13 @@ else if(isset($_POST['maintenanceon'])) { enableMaintenance($_POST['optionalmaintenancetext']); - redirect("configuration"); + WebContextManager::Redirect("configuration"); } if(isset($_POST['maintenanceoff'])) { disableMaintenance(); - redirect("configuration"); + WebContextManager::Redirect("configuration"); } if(isset($_POST['devmodeon'])) @@ -80,7 +80,7 @@ if(isset($_POST['devmodeon'])) $curl_response = curl_exec($soap_do); - redirect("configuration"); + WebContextManager::Redirect("configuration"); } if(isset($_POST['devmodeoff'])) @@ -101,7 +101,7 @@ if(isset($_POST['devmodeoff'])) $curl_response = curl_exec($soap_do); - redirect("configuration"); + WebContextManager::Redirect("configuration"); } if (isset($_POST['clearcachesubmit'])) @@ -121,7 +121,7 @@ if (isset($_POST['clearcachesubmit'])) $curl_response = curl_exec($soap_do); - redirect("configuration"); + WebContextManager::Redirect("configuration"); } if (isset($_POST['submitwskey'])) @@ -130,7 +130,7 @@ if (isset($_POST['submitwskey'])) $setwskey = $pdo->prepare("UPDATE websettings SET webservice_key = :k"); $setwskey->bindParam(":k", $key, PDO::PARAM_STR); $setwskey->execute(); - redirect("configuration"); + WebContextManager::Redirect("configuration"); } if (isset($_POST['setwsipwhitelist'])) @@ -138,21 +138,21 @@ if (isset($_POST['setwsipwhitelist'])) $setwsip = $pdo->prepare("UPDATE websettings SET webservice_whitelist = :w"); $setwsip->bindParam(":w", $_POST['setwsipwhitelist'], PDO::PARAM_STR); $setwsip->execute(); - redirect("configuration"); + WebContextManager::Redirect("configuration"); } if (isset($_POST['cachingon'])) { $setapprovals = $pdo->prepare("UPDATE websettings SET avatarCaching = 1"); $setapprovals->execute(); - redirect("configuration"); + WebContextManager::Redirect("configuration"); } if (isset($_POST['cachingoff'])) { $setapprovals = $pdo->prepare("UPDATE websettings SET avatarCaching = 0"); $setapprovals->execute(); - redirect("configuration"); + WebContextManager::Redirect("configuration"); } $maintenancestatus = ""; diff --git a/html_admin/give-asset.php b/html_admin/give-asset.php index 9645b33..5a7ba6a 100644 --- a/html_admin/give-asset.php +++ b/html_admin/give-asset.php @@ -6,7 +6,7 @@ WebContextManager::ForceHttpsCloudflare(); if(!($user->isOwner())) { if ($user->isAdmin()) { - redirect("/"); + WebContextManager::Redirect("/"); } die('bababooey'); } diff --git a/html_admin/rank-management.php b/html_admin/rank-management.php index 1c1499d..544d914 100644 --- a/html_admin/rank-management.php +++ b/html_admin/rank-management.php @@ -6,7 +6,7 @@ WebContextManager::ForceHttpsCloudflare(); if(!($user->isOwner())) { if ($user->isAdmin()) { - redirect("/"); + WebContextManager::Redirect("/"); } die('bababooey'); } diff --git a/html_api/logo.php b/html_api/logo.php index c21e05a..0a71500 100644 --- a/html_api/logo.php +++ b/html_api/logo.php @@ -1,3 +1,5 @@ id; } -redirect(getPlayerRender($userid, $headshot)); //cachebuster \ No newline at end of file +WebContextManager::Redirect(getPlayerRender($userid, $headshot)); //cachebuster \ No newline at end of file diff --git a/html_assetgame/Asset/index.php b/html_assetgame/Asset/index.php index 22467a7..9ab0bab 100644 --- a/html_assetgame/Asset/index.php +++ b/html_assetgame/Asset/index.php @@ -2,6 +2,8 @@ //we dont want duplicates of the asset fetching so we will just make this endpoint internally redirect +use Alphaland\Web\WebContextManager; + $id = (int)$_GET["id"]; $assetversionid = (int)$_GET["assetversionid"]; $version = (int)$_GET["version"]; @@ -16,4 +18,4 @@ else if ($version) $assetversion = $version; } -redirect("https://www.alphaland.cc/asset/?id=" . $id . "&version=" . $assetversion); \ No newline at end of file +WebContextManager::Redirect("https://www.alphaland.cc/asset/?id=" . $id . "&version=" . $assetversion); \ No newline at end of file diff --git a/ratelimit.php b/ratelimit.php index d249300..4a8fc97 100644 --- a/ratelimit.php +++ b/ratelimit.php @@ -1,9 +1,11 @@