gtoriadotnet
/
fobe-web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

webcontextmanager redirect impl

This commit is contained in:
Astrologies 2021-12-01 19:28:40 -05:00
parent 283237ade3
commit ba7c929dda
52 changed files with 191 additions and 794 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
globals/config.php
View File

@ -149,7 +149,7 @@ try
//step 1, check if under maintenance //step 1, check if under maintenance
if ($maintenance) { //maintenance redirect if ($maintenance) { //maintenance redirect
if ($accesseddirectory != "/maintenance.php") { if ($accesseddirectory != "/maintenance.php") {
redirect($url . "/maintenance"); WebContextManager::Redirect($url . "/maintenance");
} }
} }
@ -157,7 +157,7 @@ try
if ($GLOBALS['user']->logged_in && $banned) { //ban redirect if ($GLOBALS['user']->logged_in && $banned) { //ban redirect
if ($accesseddirectory != "/ban.php" && if ($accesseddirectory != "/ban.php" &&
$accesseddirectory != "/logout.php") { $accesseddirectory != "/logout.php") {
redirect($url . "/ban"); WebContextManager::Redirect($url . "/ban");
} }
} }
@ -165,14 +165,14 @@ try
if ($GLOBALS['user']->logged_in && !$activated) { //activation redirect if ($GLOBALS['user']->logged_in && !$activated) { //activation redirect
if ($accesseddirectory != "/activate.php" && if ($accesseddirectory != "/activate.php" &&
$accesseddirectory != "/logout.php") { $accesseddirectory != "/logout.php") {
redirect($url . "/activate"); WebContextManager::Redirect($url . "/activate");
} }
} }
//step 4, check if 2fa is authenticated //step 4, check if 2fa is authenticated
if ($GLOBALS['user']->logged_in && !$twofactor) { //2fa redirect if ($GLOBALS['user']->logged_in && !$twofactor) { //2fa redirect
if ($accesseddirectory != "/2fa.php") { if ($accesseddirectory != "/2fa.php") {
redirect($url . "/2fa"); WebContextManager::Redirect($url . "/2fa");
} }
} }
@ -192,17 +192,17 @@ try
$accesseddirectory != "/asset/index.php" && $accesseddirectory != "/asset/index.php" &&
$accesseddirectory != "/settings/resetpassword.php" && $accesseddirectory != "/settings/resetpassword.php" &&
$accesseddirectory != "/secret/localtesting.php") { //for local client testing, doesn't contain anything sensitive $accesseddirectory != "/secret/localtesting.php") { //for local client testing, doesn't contain anything sensitive
redirect($url); WebContextManager::Redirect($url);
} }
} }
else if ($accesseddomain == "api.".$domain) { //api else if ($accesseddomain == "api.".$domain) { //api
if ($accesseddirectory != "/logo.php") { if ($accesseddirectory != "/logo.php") {
redirect($url); WebContextManager::Redirect($url);
} }
} }
else if ($accesseddomain == "data.".$domain) { //data else if ($accesseddomain == "data.".$domain) { //data
if ($accesseddirectory != "/Error/Dmp.ashx") { if ($accesseddirectory != "/Error/Dmp.ashx") {
redirect($url); WebContextManager::Redirect($url);
} }
} }
else if ($accesseddomain == "setup.".$domain) { //setup else if ($accesseddomain == "setup.".$domain) { //setup
@ -211,7 +211,7 @@ try
else if ($accesseddomain == "clientsettings.api.".$domain) { //clientsettings else if ($accesseddomain == "clientsettings.api.".$domain) { //clientsettings
//do nothing (we arent restricting on this subdomain) //do nothing (we arent restricting on this subdomain)
} else { } else {
redirect($url); WebContextManager::Redirect($url);
} }
} }
} }

10
globals/functions.php
View File

@ -3570,13 +3570,13 @@ function getRobloxAssetType($assetid)
function ReturnAssetFromHash($hash) //asset CDN function ReturnAssetFromHash($hash) //asset CDN
{ {
//alphaland assets cdn //alphaland assets cdn
redirect(constructAssetHashUrl($hash)); WebContextManager::Redirect(constructAssetHashUrl($hash));
} }
function ReturnThumbnailFromHash($hash) //thumb CDN (images) function ReturnThumbnailFromHash($hash) //thumb CDN (images)
{ {
//alphaland thumb (images) cdn //alphaland thumb (images) cdn
redirect(constructThumbnailHashUrl($hash)); WebContextManager::Redirect(constructThumbnailHashUrl($hash));
} }
function CreateAsset($AssetTypeId, $IconImageAssetId, $TargetId, $ProductType, $Name, $Description, $Created, $Updated, $CreatorId, $PriceInAlphabux, $Sales, $isPersonalServer, $IsNew, $IsForSale, $IsPublicDomain, $IsLimited, $IsLimitedUnique, $IsCommentsEnabled, $IsApproved, $IsModerated, $Remaining, $MinimumMembershipLevel, $ContentRatingTypeId, $Favorited, $Visited, $MaxPlayers, $UpVotes, $DownVotes, $Hash, $ThumbHash) function CreateAsset($AssetTypeId, $IconImageAssetId, $TargetId, $ProductType, $Name, $Description, $Created, $Updated, $CreatorId, $PriceInAlphabux, $Sales, $isPersonalServer, $IsNew, $IsForSale, $IsPublicDomain, $IsLimited, $IsLimitedUnique, $IsCommentsEnabled, $IsApproved, $IsModerated, $Remaining, $MinimumMembershipLevel, $ContentRatingTypeId, $Favorited, $Visited, $MaxPlayers, $UpVotes, $DownVotes, $Hash, $ThumbHash)
@ -6321,12 +6321,6 @@ function getID($username) {
return false; //user not found return false; //user not found
} }
function redirect($location, $code = 302) {
http_response_code($code);
header("Location: $location");
die();
}
function passwordCorrect($userID, $password) { function passwordCorrect($userID, $password) {
$check = $GLOBALS['pdo']->prepare("SELECT pwd FROM users WHERE id = :i"); $check = $GLOBALS['pdo']->prepare("SELECT pwd FROM users WHERE id = :i");
$check->bindParam(":i", $userID, PDO::PARAM_INT); $check->bindParam(":i", $userID, PDO::PARAM_INT);

7
html/2fa.php
View File

@ -1,20 +1,21 @@
<?php <?php
use Alphaland\Users\TwoFactor; use Alphaland\Users\TwoFactor;
use Alphaland\Web\WebContextManager;
if (TwoFactor::IsSession2FAUnlocked()){ if (TwoFactor::IsSession2FAUnlocked()){
redirect("/"); WebContextManager::Redirect("/");
} }
if(isset($_POST['submit_2fa'])) { if(isset($_POST['submit_2fa'])) {
if (TwoFactor::AttemptSession2FAUnlock($_POST['2fa_code'])) { if (TwoFactor::AttemptSession2FAUnlock($_POST['2fa_code'])) {
redirect("/"); WebContextManager::Redirect("/");
} }
} }
if(isset($_POST['logout'])) { if(isset($_POST['logout'])) {
$user->logout(); $user->logout();
redirect("/"); WebContextManager::Redirect("/");
} }
$body = <<<EOT $body = <<<EOT

5
html/MCP/approveasset.php
View File

@ -6,13 +6,16 @@ Alphaland 2021
//headers //headers
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true"); header("access-control-allow-credentials: true");
if(!$user->isStaff()) if(!$user->isStaff())
{ {
redirect("../home"); //u not admin nigga WebContextManager::Redirect("/");
} }
$assetid = $_GET['id']; $assetid = $_GET['id'];

4
html/MCP/asset-management.php
View File

@ -1,8 +1,10 @@
<?php <?php
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) if(!$user->isStaff())
{ {
redirect("../home"); //u not admin nigga WebContextManager::Redirect("/");
} }
$body = <<<EOT $body = <<<EOT

4
html/MCP/chat-logs/index.php
View File

@ -1,8 +1,10 @@
<?php <?php
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) if(!$user->isStaff())
{ {
redirect("/"); WebContextManager::Redirect("/");
} }
$body = <<<EOT $body = <<<EOT

5
html/MCP/chat-logs/loggedChats.php
View File

@ -5,13 +5,16 @@ Alphaland 2021
*/ */
//headers //headers
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true"); header("access-control-allow-credentials: true");
header('Content-Type: application/json'); header('Content-Type: application/json');
if(!$user->isStaff()) if(!$user->isStaff())
{ {
redirect("/"); WebContextManager::Redirect("/");
} }
//get params //get params

5
html/MCP/index.php
View File

@ -1,7 +1,10 @@
<?php <?php
use Alphaland\Web\WebContextManager;
if(!($user->isStaff())) if(!($user->isStaff()))
{ {
redirect("../404"); //u not admin nigga WebContextManager::Redirect("/");
} }
$body = <<<EOT $body = <<<EOT
<h5 class="text-center">Moderation Control Panel</h5> <h5 class="text-center">Moderation Control Panel</h5>

4
html/MCP/invite-logs/index.php
View File

@ -1,8 +1,10 @@
<?php <?php
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) if(!$user->isStaff())
{ {
redirect("/"); WebContextManager::Redirect("/");
} }
$alert = ''; $alert = '';

4
html/MCP/invite-logs/inviteLogs.php
View File

@ -1,8 +1,10 @@
<?php <?php
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) if(!$user->isStaff())
{ {
redirect("/"); WebContextManager::Redirect("/");
} }
//headers //headers

5
html/MCP/moderateasset.php
View File

@ -6,13 +6,16 @@ Alphaland 2021
//headers //headers
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true"); header("access-control-allow-credentials: true");
if(!$user->isStaff()) if(!$user->isStaff())
{ {
redirect("../home"); //u not admin nigga WebContextManager::Redirect("/");
} }
$assetid = $_GET['id']; $assetid = $_GET['id'];

3
html/MCP/pendingassets.php
View File

@ -4,10 +4,11 @@
Alphaland 2021 Alphaland 2021
*/ */
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) if(!$user->isStaff())
{ {
redirect("../home"); //u not admin nigga WebContextManager::Redirect("/");
} }
//headers //headers

4
html/MCP/reports/data/close.php
View File

@ -5,6 +5,8 @@
Closes an active report Closes an active report
*/ */
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true"); header("access-control-allow-credentials: true");
header('Content-Type: application/json'); header('Content-Type: application/json');
@ -12,7 +14,7 @@ header('Content-Type: application/json');
$id = (int)$_GET['id']; $id = (int)$_GET['id'];
if(!$user->isStaff() || !$id) { if(!$user->isStaff() || !$id) {
redirect("/MCP"); WebContextManager::Redirect("/");
} }
$report = $GLOBALS['pdo']->prepare("UPDATE user_reports SET `closed` = 1 WHERE `id` = :id AND `closed` = 0"); $report = $GLOBALS['pdo']->prepare("UPDATE user_reports SET `closed` = 1 WHERE `id` = :id AND `closed` = 0");

4
html/MCP/reports/data/index.php
View File

@ -5,6 +5,8 @@
Report Data Report Data
*/ */
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true"); header("access-control-allow-credentials: true");
header('Content-Type: application/json'); header('Content-Type: application/json');
@ -12,7 +14,7 @@ header('Content-Type: application/json');
$id = (int)$_GET['id']; $id = (int)$_GET['id'];
if(!$user->isStaff() || !$id) { if(!$user->isStaff() || !$id) {
redirect("/MCP"); WebContextManager::Redirect("/");
} }
$xml = ""; $xml = "";

4
html/MCP/reports/data/reports.php
View File

@ -4,12 +4,14 @@
Alphaland 2021 Alphaland 2021
*/ */
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true"); header("access-control-allow-credentials: true");
header('Content-Type: application/json'); header('Content-Type: application/json');
if(!$user->isStaff()) { if(!$user->isStaff()) {
redirect("/MCP"); WebContextManager::Redirect("/");
} }
$report = $GLOBALS['pdo']->prepare("SELECT * FROM user_reports WHERE closed = 0 ORDER BY whenReported ASC"); $report = $GLOBALS['pdo']->prepare("SELECT * FROM user_reports WHERE closed = 0 ORDER BY whenReported ASC");

4
html/MCP/reports/index.php
View File

@ -5,8 +5,10 @@
Active Reports Active Reports
*/ */
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) { if(!$user->isStaff()) {
redirect("/"); WebContextManager::Redirect("/");
} }
$body = <<<EOT $body = <<<EOT

6
html/MCP/reports/view.php
View File

@ -5,8 +5,10 @@
Report viewer Report viewer
*/ */
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) { if(!$user->isStaff()) {
redirect("/"); WebContextManager::Redirect("/");
} }
//chek //chek
@ -14,7 +16,7 @@ $report = $GLOBALS['pdo']->prepare("SELECT * FROM user_reports WHERE `id` = :id
$report->bindParam(":id", $_GET['id'], PDO::PARAM_INT); $report->bindParam(":id", $_GET['id'], PDO::PARAM_INT);
$report->execute(); $report->execute();
if ($report->rowCount() == 0) { if ($report->rowCount() == 0) {
redirect("/MCP/reports/"); WebContextManager::Redirect("/MCP/reports/");
} }
$body = <<<EOT $body = <<<EOT

3
html/MCP/user-management/ban.php
View File

@ -5,9 +5,10 @@ Alphaland 2021
*/ */
use Alphaland\Moderation\UserModerationManager; use Alphaland\Moderation\UserModerationManager;
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) { if(!$user->isStaff()) {
redirect("/"); WebContextManager::Redirect("/");
} }
//headers //headers

4
html/MCP/user-management/banlist.php
View File

@ -4,12 +4,14 @@
Alphaland 2021 Alphaland 2021
*/ */
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true"); header("access-control-allow-credentials: true");
header('Content-Type: application/json'); header('Content-Type: application/json');
if(!$user->isStaff()) { if(!$user->isStaff()) {
redirect("/MCP"); WebContextManager::Redirect("/");
} }
$bans = $GLOBALS['pdo']->prepare("SELECT * FROM user_bans WHERE valid = 1"); $bans = $GLOBALS['pdo']->prepare("SELECT * FROM user_bans WHERE valid = 1");

4
html/MCP/user-management/index.php
View File

@ -1,8 +1,10 @@
<?php <?php
use Alphaland\Web\WebContextManager;
$body = ''; $body = '';
if(!($user->isStaff())) { if(!($user->isStaff())) {
redirect("/"); //u not admin nigga WebContextManager::Redirect("/");
} }
$body = <<<EOT $body = <<<EOT

3
html/MCP/user-management/unban.php
View File

@ -5,9 +5,10 @@ Alphaland 2021
*/ */
use Alphaland\Moderation\UserModerationManager; use Alphaland\Moderation\UserModerationManager;
use Alphaland\Web\WebContextManager;
if(!$user->isStaff()) { if(!$user->isStaff()) {
redirect("/"); WebContextManager::Redirect("/");
} }
//headers //headers

3
html/activate.php
View File

@ -1,9 +1,10 @@
<?php <?php
use Alphaland\Users\Activation; use Alphaland\Users\Activation;
use Alphaland\Web\WebContextManager;
if (Activation::IsUserActivated($user->id)) { if (Activation::IsUserActivated($user->id)) {
redirect("/"); WebContextManager::Redirect("/");
} }
$activationcode = Activation::GetUserActivationCode($user->id); $activationcode = Activation::GetUserActivationCode($user->id);

2
html/asset/index.php
View File

@ -63,6 +63,6 @@ if ($id)
} }
else //fallback to roblox assets (compatibility)(will break eventually, need a better solution)(instruct players to use roblox asset url for compatibility?) roblox.com/asset/?id= else //fallback to roblox assets (compatibility)(will break eventually, need a better solution)(instruct players to use roblox asset url for compatibility?) roblox.com/asset/?id=
{ {
redirect("https://assetdelivery.roblox.com/v1/asset/?id=" . $id . "&version=" . $assetversion); WebContextManager::Redirect("https://assetdelivery.roblox.com/v1/asset/?id=" . $id . "&version=" . $assetversion);
} }
} }

6
html/badges/view.php
View File

@ -1,5 +1,7 @@
<?php <?php
use Alphaland\Web\WebContextManager;
$body = ""; $body = "";
if(isset($_GET['id'])) if(isset($_GET['id']))
{ {
@ -61,13 +63,13 @@ if(isset($_GET['id']))
else else
{ {
//item doesnt exist //item doesnt exist
redirect("../../404"); WebContextManager::Redirect("../../404");
} }
} }
else else
{ {
//no url parameter //no url parameter
redirect("../../404"); WebContextManager::Redirect("../../404");
} }
pageHandler(); pageHandler();
$ph->pageTitle(cleanOutput($i->Name)); $ph->pageTitle(cleanOutput($i->Name));

9
html/ban.php
View File

@ -1,6 +1,7 @@
<?php <?php
use Alphaland\Moderation\UserModerationManager; use Alphaland\Moderation\UserModerationManager;
use Alphaland\Web\WebContextManager;
if (UserModerationManager::IsBanned($user->id)) if (UserModerationManager::IsBanned($user->id))
{ {
@ -17,7 +18,7 @@ if (UserModerationManager::IsBanned($user->id))
if(isset($_POST['logout'])) if(isset($_POST['logout']))
{ {
$user->logout(); $user->logout();
redirect("/"); WebContextManager::Redirect("/");
} }
if(isset($_POST['agree'])) if(isset($_POST['agree']))
@ -28,7 +29,7 @@ if (UserModerationManager::IsBanned($user->id))
$unban = $pdo->prepare("UPDATE user_bans SET valid = 0 WHERE uid = :u"); $unban = $pdo->prepare("UPDATE user_bans SET valid = 0 WHERE uid = :u");
$unban->bindParam(":u", $user->id, PDO::PARAM_INT); $unban->bindParam(":u", $user->id, PDO::PARAM_INT);
$unban->execute(); $unban->execute();
redirect("/"); WebContextManager::Redirect("/");
} }
elseif ($banType == 1) //temporary elseif ($banType == 1) //temporary
{ {
@ -38,7 +39,7 @@ if (UserModerationManager::IsBanned($user->id))
$unban = $pdo->prepare("UPDATE user_bans SET valid = 0 WHERE uid = :u"); $unban = $pdo->prepare("UPDATE user_bans SET valid = 0 WHERE uid = :u");
$unban->bindParam(":u", $user->id, PDO::PARAM_INT); $unban->bindParam(":u", $user->id, PDO::PARAM_INT);
$unban->execute(); $unban->execute();
redirect("/"); WebContextManager::Redirect("/");
} }
} }
} }
@ -107,5 +108,5 @@ if (UserModerationManager::IsBanned($user->id))
else else
{ {
//not banned //not banned
redirect("/"); WebContextManager::Redirect("/");
} }

14
html/catalog/config.php
View File

@ -1,5 +1,7 @@
<?php <?php
use Alphaland\Web\WebContextManager;
$body = ''; $body = '';
$alert = ""; $alert = "";
if(isset($_GET['id'])) if(isset($_GET['id']))
@ -8,7 +10,7 @@ if(isset($_GET['id']))
if (isAssetModerated($id) || !isOwner($id)) if (isAssetModerated($id) || !isOwner($id))
{ {
redirect("/"); WebContextManager::Redirect("/");
} }
//Query //Query
@ -154,7 +156,7 @@ if(isset($_GET['id']))
// ... // ...
} }
redirect("config?id={$id}"); WebContextManager::Redirect("config?id={$id}");
} }
} }
elseif (isset($_POST['RegenItem'])) //for admin regen stuff elseif (isset($_POST['RegenItem'])) //for admin regen stuff
@ -303,7 +305,7 @@ if(isset($_GET['id']))
} }
else else
{ {
redirect("/catalog/view?id=".$id); WebContextManager::Redirect("/catalog/view?id=".$id);
} }
} }
} }
@ -311,19 +313,19 @@ if(isset($_GET['id']))
else else
{ {
//not a modifiable asset (to the end user) //not a modifiable asset (to the end user)
redirect("/"); WebContextManager::Redirect("/");
} }
} }
else else
{ {
//catalog item doesnt exist //catalog item doesnt exist
redirect("/"); WebContextManager::Redirect("/");
} }
} }
else else
{ {
//no url parameter //no url parameter
redirect("/"); WebContextManager::Redirect("/");
} }
$moderatebutton = ''; $moderatebutton = '';

10
html/catalog/view.php
View File

@ -1,5 +1,7 @@
<?php <?php
use Alphaland\Web\WebContextManager;
$body = ""; $body = "";
if(isset($_GET['id'])) if(isset($_GET['id']))
{ {
@ -21,7 +23,7 @@ if(isset($_GET['id']))
} }
elseif ($result == 2) elseif ($result == 2)
{ {
redirect("/catalog/view?id=". $id . ""); WebContextManager::Redirect("/catalog/view?id=". $id . "");
} }
} }
// ... // ...
@ -61,7 +63,7 @@ if(isset($_GET['id']))
//redirect if a game //redirect if a game
if ($i->AssetTypeId == 9) if ($i->AssetTypeId == 9)
{ {
redirect("/games/view?id=" . $id); WebContextManager::Redirect("/games/view?id=" . $id);
} }
// ... // ...
@ -246,13 +248,13 @@ EOT;
else else
{ {
//item doesnt exist //item doesnt exist
redirect("../../404"); WebContextManager::Redirect("/404");
} }
} }
else else
{ {
//no url parameter //no url parameter
redirect("/"); WebContextManager::Redirect("/");
} }
pageHandler(); pageHandler();
$ph->pageTitle(cleanOutput($i->Name)); $ph->pageTitle(cleanOutput($i->Name));

18
html/create/index.php
View File

@ -4,6 +4,8 @@
Alphaland 2021 Alphaland 2021
*/ */
use Alphaland\Web\WebContextManager;
$body = ''; $body = '';
$alert = ''; $alert = '';
$cosmuploadsuccess = $_GET['cosSuccess']; $cosmuploadsuccess = $_GET['cosSuccess'];
@ -261,7 +263,7 @@ function newPlace()
//POINT OF NO RETURN //POINT OF NO RETURN
$newplace = createPlace($GLOBALS['user']->id, $name, $description, 12); $newplace = createPlace($GLOBALS['user']->id, $name, $description, 12);
redirect("/games/config?id=".$newplace); WebContextManager::Redirect("/games/config?id=".$newplace);
} }
function newPBSPlace($placetype) function newPBSPlace($placetype)
@ -298,7 +300,7 @@ function newPBSPlace($placetype)
//POINT OF NO RETURN //POINT OF NO RETURN
$newpbs = createPBSPlace($GLOBALS['user']->id, $name, $description, 12, $selectedPlacePath); $newpbs = createPBSPlace($GLOBALS['user']->id, $name, $description, 12, $selectedPlacePath);
redirect("/games/pbs/config?id=".$newpbs); WebContextManager::Redirect("/games/pbs/config?id=".$newpbs);
} }
if (isset($_POST['SubmitPBSSuperflat'])) if (isset($_POST['SubmitPBSSuperflat']))
@ -310,7 +312,7 @@ if (isset($_POST['SubmitPBSSuperflat']))
} }
else else
{ {
redirect('/create?pbsSuccess=true'); WebContextManager::Redirect('/create?pbsSuccess=true');
} }
} }
@ -323,7 +325,7 @@ if (isset($_POST['SubmitPBSRugged']))
} }
else else
{ {
redirect('/create?pbsSuccess=true'); WebContextManager::Redirect('/create?pbsSuccess=true');
} }
} }
@ -336,7 +338,7 @@ if (isset($_POST['SubmitPBSHappyHome']))
} }
else else
{ {
redirect('/create?pbsSuccess=true'); WebContextManager::Redirect('/create?pbsSuccess=true');
} }
} }
@ -349,7 +351,7 @@ if (isset($_POST['SubmitPBSBaseplate']))
} }
else else
{ {
redirect('/create?pbsSuccess=true'); WebContextManager::Redirect('/create?pbsSuccess=true');
} }
} }
@ -367,7 +369,7 @@ if (isset($_POST['SubmitAsset']))
} }
else else
{ {
redirect('/create?cosSuccess=true'); WebContextManager::Redirect('/create?cosSuccess=true');
} }
} }
@ -381,7 +383,7 @@ if (isset($_POST['SubmitPlace']))
} }
else else
{ {
redirect('/create?placeSuccess=true'); WebContextManager::Redirect('/create?placeSuccess=true');
} }
} }

12
html/friends/friend-requests.php
View File

@ -1,6 +1,8 @@
<?php <?php
$body = ''; use Alphaland\Web\WebContextManager;
$body = '';
if(isset($_POST['acceptfriend'])) if(isset($_POST['acceptfriend']))
{ {
@ -174,22 +176,22 @@ if ($pages != 0)
{ {
if ($_GET['page'] == 0) if ($_GET['page'] == 0)
{ {
redirect("friend-requests?page=1"); WebContextManager::Redirect("friend-requests?page=1");
} }
elseif ($_GET['page'] == $pages + 1) elseif ($_GET['page'] == $pages + 1)
{ {
redirect("friend-requests?page=".$pages.""); WebContextManager::Redirect("friend-requests?page=".$pages."");
} }
} }
elseif ($pages == 0) elseif ($pages == 0)
{ {
if (!$_GET['page']) if (!$_GET['page'])
{ {
redirect("friend-requests?page=1"); WebContextManager::Redirect("friend-requests?page=1");
} }
elseif($_GET['page'] > 1) elseif($_GET['page'] > 1)
{ {
redirect("friend-requests?page=1"); WebContextManager::Redirect("friend-requests?page=1");
} }
} }

6
html/friends/view.php
View File

@ -1,10 +1,12 @@
<?php <?php
use Alphaland\Web\WebContextManager;
$body = ''; $body = '';
if(!isset($_GET['id'])) if(!isset($_GET['id']))
{ {
redirect('view?id='. $GLOBALS['user']->id . ''); WebContextManager::Redirect('view?id='. $GLOBALS['user']->id . '');
} }
$id = (int)$_GET['id']; $id = (int)$_GET['id'];
@ -90,7 +92,7 @@ EOT;
} }
else else
{ {
redirect("../../404"); WebContextManager::Redirect("/404");
} }
//page buttons handling { //page buttons handling {

18
html/games/config.php
View File

@ -1,5 +1,7 @@
<?php <?php
use Alphaland\Web\WebContextManager;
$gearsportion = false; $gearsportion = false;
$body = ''; $body = '';
@ -70,7 +72,7 @@ function convertToPBSPlace($placetype, $placeid)
$deletepersistence->execute(); $deletepersistence->execute();
handleRenderPlace($placeid); handleRenderPlace($placeid);
redirect("/games/pbs/config?id=".$placeid); WebContextManager::Redirect("/games/pbs/config?id=".$placeid);
} }
} }
} }
@ -86,7 +88,7 @@ if(isset($_GET['id']))
if(getAssetInfo($id)->isPersonalServer) if(getAssetInfo($id)->isPersonalServer)
{ {
redirect("/games/pbs/config?id=".$id); WebContextManager::Redirect("/games/pbs/config?id=".$id);
} }
//Query //Query
@ -265,7 +267,7 @@ if(isset($_GET['id']))
} }
else else
{ {
redirect("config?id={$id}"); WebContextManager::Redirect("config?id={$id}");
} }
} }
} }
@ -306,7 +308,7 @@ if(isset($_GET['id']))
setPlaceUsingCustomThumbnail($id); //set not using rendered thumb setPlaceUsingCustomThumbnail($id); //set not using rendered thumb
redirect("config?id={$id}"); WebContextManager::Redirect("config?id={$id}");
} }
else else
{ {
@ -323,7 +325,7 @@ if(isset($_GET['id']))
setPlaceUsingCustomThumbnail($id); //set not using rendered thumb setPlaceUsingCustomThumbnail($id); //set not using rendered thumb
} }
redirect("config?id={$id}"); WebContextManager::Redirect("config?id={$id}");
} }
// ... // ...
} }
@ -402,17 +404,17 @@ if(isset($_GET['id']))
} }
else else
{ {
redirect("/"); //not owner or not admin WebContextManager::Redirect("/"); //not owner or not admin
} }
} }
else else
{ {
redirect("/"); //place doesnt exist WebContextManager::Redirect("/"); //place doesnt exist
} }
} }
else else
{ {
redirect("/"); //no url parameters WebContextManager::Redirect("/"); //no url parameters
} }
$gearshtml = ""; $gearshtml = "";

6
html/games/pbs/config.php
View File

@ -1,5 +1,7 @@
<?php <?php
use Alphaland\Web\WebContextManager;
$body = ''; $body = '';
$gameid = (int)$_GET['id']; $gameid = (int)$_GET['id'];
@ -8,7 +10,7 @@ if ($gameid)
{ {
if(getAssetInfo($gameid)->isPersonalServer == 0) if(getAssetInfo($gameid)->isPersonalServer == 0)
{ {
redirect("/games/config?id=".$gameid); WebContextManager::Redirect("/games/config?id=".$gameid);
} }
if (!is_int($gameid) || getAssetInfo($gameid)->AssetTypeId != 9 || getAssetInfo($gameid)->isPersonalServer != 1) if (!is_int($gameid) || getAssetInfo($gameid)->AssetTypeId != 9 || getAssetInfo($gameid)->isPersonalServer != 1)
@ -28,7 +30,7 @@ if (isset($_POST['ConvertToRegular']))
if (setRegularGame($gameid)) if (setRegularGame($gameid))
{ {
handleRenderPlace($gameid); handleRenderPlace($gameid);
redirect("/games/config?id=".$gameid); WebContextManager::Redirect("/games/config?id=".$gameid);
} }
else else
{ {

680
html/games/test.php
View File

@ -1,680 +0,0 @@
<?php
$gearsportion = false;
$body = '';
function resize($newWidth, $newHeight, $targetFile, $originalFile) {
$info = getimagesize($originalFile);
$mime = $info['mime'];
switch ($mime) {
case 'image/jpeg':
$image_create_func = 'imagecreatefromjpeg';
$image_save_func = 'imagejpeg';;
break;
case 'image/png':
$image_create_func = 'imagecreatefrompng';
$image_save_func = 'imagepng';
break;
case 'image/gif':
$image_create_func = 'imagecreatefromgif';
$image_save_func = 'imagegif';
break;
default:
throw new Exception('Unknown image type.');
}
$img = $image_create_func($originalFile);
list($width, $height) = getimagesize($originalFile);
$tmp = imagecreatetruecolor($newWidth, $newHeight);
imagealphablending($tmp , false);
imagesavealpha($tmp , true);
imagecopyresampled($tmp, $img, 0, 0, 0, 0, $newWidth, $newHeight, $width, $height);
if (file_exists($targetFile)) {
unlink($targetFile);
}
$image_save_func($tmp, "$targetFile");
}
function convertToPBSPlace($placetype, $placeid)
{
$selectedPlacePath = $_SERVER['DOCUMENT_ROOT'] . "/../default_pbs_places/" . $placetype . ".rbxlx";
$assetcdn = $GLOBALS['assetCDNPath'];
//grab a new hash for the game asset
$gamehash = genAssetHash(16);
//copy template, set the game type to PBS, update the hash, delete persistence data, close all servers, start place render and redirect
if (copy($selectedPlacePath, $assetcdn . $gamehash))
{
if (gameCloseAllJobs($placeid))
{
if (setPBSGame($placeid))
{
$set = $GLOBALS['pdo']->prepare("UPDATE assets SET Hash = :hash WHERE id = :i");
$set->bindParam(":hash", $gamehash, PDO::PARAM_INT);
$set->bindParam(":i", $placeid, PDO::PARAM_INT);
$set->execute();
if ($set->rowCount() > 0)
{
//trust mysql!!
$deletepersistence = $GLOBALS['pdo']->prepare("DELETE FROM persistence WHERE placeid = :i");
$deletepersistence->bindParam(":i", $placeid, PDO::PARAM_INT);
$deletepersistence->execute();
handleRenderPlace($placeid);
redirect("/games/pbs/config?id=".$placeid);
}
}
}
setRegularGame($placeid);
}
return "Error converting to PBS";
}
$alert = "";
if(isset($_GET['id']))
{
$id = (int)$_GET['id'];
if(getAssetInfo($id)->isPersonalServer)
{
redirect("/games/pbs/config?id=".$id);
}
//Query
$q = $pdo->prepare("SELECT * FROM assets WHERE id = :i");
$q->bindParam(":i", $id, PDO::PARAM_INT);
$q->execute();
if($q->rowCount() > 0)
{
if (isOwner($id) or $user->isAdmin()) //if the user is the owner of the game, or staff
{
//item parameters
$gameinfo = getAssetInfo($id);
$gamename = cleanOutput($gameinfo->Name);
$gamedescription = cleanOutput($gameinfo->Description, false); //pass false to not replace linebreaks with html
$gamecreator = $gameinfo->CreatorId;
$gamemaxplayers = $gameinfo->MaxPlayers;
$gamerender = handleGameThumb($id);
$commentsstatus = '';
if ($gameinfo->IsCommentsEnabled == true)
{
$commentsstatus = 'checked';
}
$thumbnailstatus = '';
if (isPlaceUsingRender($id))
{
$thumbnailstatus = 'checked';
}
//...
if (isset($_POST['Submit']))
{
//some important parameters
//file parameters
$thumbnailfileExtensionsAllowed = ['png']; // These will be the only file extensions allowed
//upload parameters
$thumbnailuploadDirectory = $GLOBALS['thumbnailCDNPath']; //directory where the textures are stored
$thumbnailHash = genAssetHash(16);
//$thumbnailuploadDirectory = "../thumbnails/places/"; //directory where the games thumbnails are stored
// ...
//temp file locations
$thumbnailfileName = $_FILES['thumbnail_file']['name'];
$thumbnailfileTmpName = $_FILES['thumbnail_file']['tmp_name']; //location of the uploaded png file (temp directory)
$thumbnailfileExtension = strtolower(end(explode('.',$thumbnailfileName)));
// ...
$usedefaultthumb = false;
if(!file_exists($_FILES['thumbnail_file']['tmp_name']) || !is_uploaded_file($_FILES['thumbnail_file']['tmp_name']))
{
$usedefaultthumb = true;
}
//check dimensions
$filecheckfail = false;
$dimensionsfail = false;
//check the image if it exists
if (!$usedefaultthumb)
{
if (in_array($thumbnailfileExtension,$thumbnailfileExtensionsAllowed)) //make sure .png file extension
{
$isimage = @imagecreatefrompng($_FILES['thumbnail_file']['tmp_name']); //check if the file is actually a PNG image
if ($isimage)
{
$imagedetails = getimagesize($_FILES['thumbnail_file']['tmp_name']);
$width = $imagedetails[0];
$height = $imagedetails[1];
if ($width > 1920) //over 1920 width, too big
{
$dimensionsfail = true;
}
if ($height > 1080) //over 1080 height, too big
{
$dimensionsfail = true;
}
}
else
{
$filecheckfail = true;
}
}
else
{
$filecheckfail = true;
}
}
if ($filecheckfail)
{
$alert = "<div class='alert alert-danger' role='alert'>Invalid thumbnail file, must be .PNG</div>";
}
elseif (strlen($_POST['placename']) < 3)
{
$alert = "<div class='alert alert-danger' role='alert'>Place name too short, must be over 3 characters</div>";
}
elseif (strlen($_POST['placename']) > 50)
{
$alert = "<div class='alert alert-danger' role='alert'>Place name too long, must be under 50 characters</div>";
}
elseif(strlen($_POST['description']) > 1000)
{
$alert = "<div class='alert alert-danger' role='alert'>Place description too long, must be under 1k characters</div>";
}
elseif ($_POST['gdskill'][1] < 1) //cant have max players under 1
{
$alert = "<div class='alert alert-danger' role='alert'>An error occurred</div>";
}
elseif ($_POST['gdskill'][1] > 12) //cant have max players over 12
{
$alert = "<div class='alert alert-danger' role='alert'>An error occurred</div>";
}
elseif ($dimensionsfail)
{
$alert = "<div class='alert alert-danger' role='alert'>Thumbnail resolution cannot be over 1920x1080</div>";
}
else //all checks passed, do the do
{
//$
//update place name
$c = $pdo->prepare("UPDATE assets SET Name = :n WHERE id = :i");
$c->bindParam(":n", cleanInput($_POST['placename']), PDO::PARAM_STR); //item name
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
// ...
//update place description
$c = $pdo->prepare("UPDATE assets SET Description = :n WHERE id = :i");
$c->bindParam(":n", cleanInput($_POST['description']), PDO::PARAM_STR); //item description
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
// ...
//update place max players
$c = $pdo->prepare("UPDATE assets SET MaxPlayers = :n WHERE id = :i");
$c->bindParam(":n", $_POST['gdskill'][1], PDO::PARAM_INT); //item price
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
// ...
if (isset($_POST['comments_checkbox']))
{
//update IsCommentsEnabled to enabled
$comments = 1;
$c = $pdo->prepare("UPDATE assets SET IsCommentsEnabled = :n, Updated = UNIX_TIMESTAMP() WHERE id = :i");
$c->bindParam(":n", $comments, PDO::PARAM_INT); //item name
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
// ...
}
else
{
//update IsCommentsEnabled to disabled
$comments = 0;
$c = $pdo->prepare("UPDATE assets SET IsCommentsEnabled = :n, Updated = UNIX_TIMESTAMP() WHERE id = :i");
$c->bindParam(":n", $comments, PDO::PARAM_INT); //item name
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
// ...
}
if (isset($_POST['thumbnail_checkbox']))
{
if (!isPlaceUsingRender($id))
{
$placepost = handleRenderPlace($id);
if ($placepost !== true) {
$alert = "<div class='alert alert-danger' role='alert'>".$placepost."</div>";
}
else
{
redirect("config?id={$id}");
}
}
}
else
{
//grab place image hash
//files in proper places
if (!$usedefaultthumb) //if custom thumb uploaded
{
$GLOBALS['pdo']->exec("LOCK TABLES assets WRITE"); //lock since this stuff is sensitive
$b = $GLOBALS['pdo']->prepare("SELECT * FROM assets");
$b->execute();
//grab auto increment values
$autoincrement = $b->rowCount() + 1; //initial auto increment value
//add texture to assets
$assetname = $gamename . " Thumbnail";
$x = $GLOBALS['pdo']->prepare("INSERT INTO `assets`(`id`, `AssetTypeId`, `Name`, `Description`, `Created`, `Updated`, `CreatorId`, `TargetId`, `PriceInAlphabux`, `Sales`, `IsNew`, `IsForSale`, `IsPublicDomain`, `IsLimited`, `IsLimitedUnique`, `IsApproved`, `Remaining`, `MinimumMembershipLevel`, `ContentRatingTypeId`, `Favorited`, `Visited`, `MaxPlayers`, `UpVotes`, `DownVotes`, `Hash`) VALUES (:aid,1,:aname,'Place Thumbnail',UNIX_TIMESTAMP(),UNIX_TIMESTAMP(),:oid,:aid2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,:hash)");
$x->bindParam(":aid", $autoincrement, PDO::PARAM_INT);
$x->bindParam(":aname", $assetname, PDO::PARAM_STR);
$x->bindParam(":oid", $gamecreator, PDO::PARAM_INT);
$x->bindParam(":aid2", $autoincrement, PDO::PARAM_INT);
$x->bindParam(":hash", $thumbnailHash, PDO::PARAM_STR);
$x->execute();
//update place thumbhash
$c = $pdo->prepare("UPDATE assets SET IconImageAssetId = :n WHERE id = :i");
$c->bindParam(":n", $autoincrement, PDO::PARAM_INT); //item price
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
$GLOBALS['pdo']->exec("UNLOCK TABLES");
resize(768, 432, $thumbnailuploadDirectory . $thumbnailHash, $_FILES['thumbnail_file']['tmp_name']);
setPlaceUsingCustomThumbnail($id); //set not using rendered thumb
redirect("config?id={$id}");
}
else
{
if (isPlaceUsingRender($id))
{
$thumb = rand(4, 6);
//update place icon
$c = $pdo->prepare("UPDATE assets SET IconImageAssetId = :iiad WHERE id = :i");
$c->bindParam(":iiad", $thumb, PDO::PARAM_INT); //item name
$c->bindParam(":i", $id, PDO::PARAM_INT); //catalog id
$c->execute();
// ...
setPlaceUsingCustomThumbnail($id); //set not using rendered thumb
}
redirect("config?id={$id}");
}
// ...
}
}
}
if (isset($_POST['SubmitPBSSuperflat']))
{
$upload = convertToPBSPlace("Superflat", $id);
if ($upload !== true)
{
$alert = "<div class='alert alert-danger' role='alert'>" . $upload . "</div>";
}
else
{
$alert = "<div class='alert alert-success' role='alert'>Created Personal Server</div>";
}
}
if (isset($_POST['SubmitPBSRugged']))
{
$upload = convertToPBSPlace("Rugged", $id);
if ($upload !== true)
{
$alert = "<div class='alert alert-danger' role='alert'>" . $upload . "</div>";
}
else
{
$alert = "<div class='alert alert-success' role='alert'>Created Personal Server</div>";
}
}
if (isset($_POST['SubmitPBSHappyHome']))
{
$upload = convertToPBSPlace("HappyHome", $id);
if ($upload !== true)
{
$alert = "<div class='alert alert-danger' role='alert'>" . $upload . "</div>";
}
else
{
$alert = "<div class='alert alert-success' role='alert'>Created Personal Server</div>";
}
}
if (isset($_POST['SubmitPBSBaseplate']))
{
$upload = convertToPBSPlace("Baseplate", $id);
if ($upload !== true)
{
$alert = "<div class='alert alert-danger' role='alert'>" . $upload . "</div>";
}
else
{
$alert = "<div class='alert alert-success' role='alert'>Created Personal Server</div>";
}
}
if (isset($_POST['PBSNoSelection']))
{
$alert = "<div class='alert alert-danger' role='alert'>Please choose a template</div>";
}
if (isset($_POST['SubmitPlace']))
{
$place = newPlace();
if ($place !== true)
{
$alert = "<div class='alert alert-danger' role='alert'>" . $place . "</div>";
}
else
{
$alert = "<div class='alert alert-success' role='alert'>Created place</div>";
}
}
}
else
{
redirect("/"); //not owner or not admin
}
}
else
{
redirect("/"); //place doesnt exist
}
}
else
{
redirect("/"); //no url parameters
}
$gearshtml = "";
if ($gearsportion)
{
$gearshtml = <<<EOT
<div class="container text-center marg-bot-15">
<h6>Allowed Gear Genres</h6>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline1">
<label class="custom-control-label" for="defaultInline1">Melee Weapon</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline2">
<label class="custom-control-label" for="defaultInline2">Ranged Weapons</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline3">
<label class="custom-control-label" for="defaultInline3">Explosive</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline4">
<label class="custom-control-label" for="defaultInline4">Power Up</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline5">
<label class="custom-control-label" for="defaultInline5">Navigation Enhancers</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline6">
<label class="custom-control-label" for="defaultInline6">Musical Instruments</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline7">
<label class="custom-control-label" for="defaultInline7">Social Items</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline8">
<label class="custom-control-label" for="defaultInline8">Building Tools</label>
</div>
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" class="custom-control-input" id="defaultInline9">
<label class="custom-control-label" for="defaultInline9">Personal Transport</label>
</div>
</div>
EOT;
}
$body = <<<EOT
<div class="container">
{$alert}
<form action="" method="post" enctype="multipart/form-data">
<div class="row">
<div class="col-sm">
<div class="card">
<div class="card-body">
<div class="row">
<div class="col-sm">
<div class="row mb-2">
<div class="col-sm">
<h5>Configure Place</h5>
</div>
<div class="col-sm-2">
<btn class="btn btn-danger w-100 float-right" data-toggle="modal" data-target="#convertpbs">Convert to PBS</btn>
</div>
</div>
<div class="text-center marg-bot-15">
<label style="float:left;">Place Name</label>
<input class="form-control" type="text" name="placename" value="{$gamename}">
</div>
<div class="text-center">
<img class="img-fluid" style="width:40rem;height:20rem;" src="{$gamerender}">
</div>
<div class="text-center marg-bot-15">
<label style="float:left;text-align:top;">Description</label>
<textarea style="min-height:10rem;max-height:10rem;" class="form-control" type="text" name="description" placeholder="Description">{$gamedescription}</textarea>
</div>
<hr>
<div class="container text-center">
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" name="comments_checkbox" {$commentsstatus} class="custom-control-input" autocomplete="off" id="comments">
<label class="custom-control-label" for="comments">Comments Enabled</label>
</div>
</div>
</hr>
<div class="container text-center marg-bot-15">
<label for="playerrange" style="float:left;text-align:top;">Max Players</label>
<input class="form-control-range custom-range" min="1" max="12" name="gdskill[1]" id="gdskill1" value="{$gamemaxplayers}" step="1" type="range" name="placemaxplayers" oninput="Output1.value = gdskill1.value">
<output id="Output1" class="output" style="font-size:18px;">{$gamemaxplayers}</output>
<datalist id="ticks">
<option>1</option>
<option>2</option>
<option>3</option>
<option>4</option>
<option>5</option>
<option>6</option>
<option>7</option>
<option>8</option>
<option>9</option>
<option>10</option>
<option>11</option>
<option>12</option>
</datalist>
</div>
<hr>
<div class="container text-center">
<h5>Badges</h5>
<div class="card w-100 mb-2">
<div class="card-body">
<div class="row">
<div class="col-sm">
<div class="group-approval-container">
<ul id="games_badges">
<li>
<div class="card mb-1">
<div class="card-body">
<a class="red-a-nounder">
<img class="img-fluid" src="{thumbnail}">
<p>{username}</p>
</a>
<div class="row mb-1">
<div class="col-sm">
<button class="btn btn-success w-100" onclick="approveRequest({userid})">Approve</button>
</div>
</div>
<div class="row">
<div class="col-sm">
<button class="btn btn-danger w-100" onclick="denyRequest({userid})">Deny</button>
</div>
</div>
</div>
</div>
</li>
</ul>
</div>
</div>
</div>
</div>
</div>
<div class="text-center">
<div class="btn-group mb-3" id="join_requests_buttons">
</div>
</div>
</div>
<hr>
<div class="text-center">
<h6>If you'd like to use the last Studio position as the Thumbnail, check it below</h6>
<h6>When you update this place through Studio with this ticked, the Thumbnail will update with the current position</h6>
</div>
<div class="container text-center">
<div class="custom-control custom-checkbox custom-control-inline">
<input type="checkbox" name="thumbnail_checkbox" {$thumbnailstatus} class="custom-control-input" onclick="checkTick()" autocomplete="off" id="thumbnail_tick">
<label class="custom-control-label" for="thumbnail_tick">Use last Studio position</label>
</div>
</div>
<hr>
<div id="custom_thumb_container">
<div class="text-center">
<h6>Custom Game Thumbnails cannot be above 1920x1080</h6>
<h6>If no custom Thumbnail is provided, a default will be used</h6>
</div>
<div class="input-group mb-3">
<div class="custom-file">
<input type="file" name="thumbnail_file" class="custom-file-input" id="inputGthumbFile">
<label class="custom-file-label" for="inputGthumbFile">Custom Game Thumbnail</label>
</div>
</div>
</div>
<hr>
{$gearshtml}
<input type="Submit" name="Submit" value="Update Place" class="btn btn-danger w-100">
</div>
</div>
</div>
</div>
</div>
</div>
<div class="modal fade" id="convertpbs" tabindex="-1" role="dialog" aria-labelledby="convertpbsLabel" aria-hidden="true">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="exampleModalLabel">Convert to PBS</h5>
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">&times;</span>
</button>
</div>
<div class="modal-body">
<h5>WARNING:</h5>
<p>Selecting a template then pressing <b>Confirm</b> will convert your game to a Personal Build Server (PBS), and all game data will be lost including Data Stores. Please take any backups before proceeding. All running Servers will also shutdown in the process.</p>
<div class="converpbsopcontainer">
<ul>
<li>
<div id="PBSIDSuperflat" class="converpbsopcard" onclick="setPBSType('Superflat')">
<a class="text-center">
<img class="img-fluid" src="/alphaland/cdn/imgs/Previews/Superflat.png">
<span><p>Superflat</p></span>
</a>
</div>
</li>
<li>
<div id="PBSIDRugged" class="converpbsopcard" onclick="setPBSType('Rugged')">
<a class="text-center">
<img class="img-fluid" src="/alphaland/cdn/imgs/Previews/Rugged.png">
<span><p>Rugged</p></span>
</a>
</div>
</li>
<li>
<div id="PBSIDHappyHome" class="converpbsopcard" onclick="setPBSType('HappyHome')">
<a class="text-center">
<img class="img-fluid" src="/alphaland/cdn/imgs/Previews/Happy%20Home.png">
<span><p>Happy Home</p></span>
</a>
</div>
</li>
<li>
<div id="PBSIDBaseplate" class="converpbsopcard" onclick="setPBSType('Baseplate')">
<a class="text-center">
<img class="img-fluid" src="/alphaland/cdn/imgs/Previews/Baseplate.png">
<span><p>Baseplate</p></span>
</a>
</div>
</li>
</ul>
</div>
</div>
<div class="modal-footer">
<form action="" method="post">
<button id="PBSSubmitButton" name="PBSNoSelection" class="btn btn-danger"><b>Confirm</b></button>
</form>
</div>
</div>
</div>
</div>
</form>
</div>
<script>
var currentTypeId = "";
function setPBSType(type) {
if (currentTypeId) {
$(currentTypeId).removeClass("selected-my-group");
}
currentTypeId = "#PBSID"+type;
$(currentTypeId).addClass("selected-my-group");
$("#PBSSubmitButton").prop('name','SubmitPBS'+type);
}
function checkTick()
{
if ($('#thumbnail_tick').is(':checked'))
$("#custom_thumb_container").hide();
else
$("#custom_thumb_container").show();
}
checkTick()
</script>
EOT;
pageHandler();
$ph->body = $body;
$ph->pageTitle("Config");
$ph->output();

6
html/games/view.php
View File

@ -4,6 +4,8 @@
Alphaland 2021 Alphaland 2021
*/ */
use Alphaland\Web\WebContextManager;
$gameID = $_GET['id']; $gameID = $_GET['id'];
$gInfo = getAssetInfo($gameID); $gInfo = getAssetInfo($gameID);
@ -12,12 +14,12 @@ if($gInfo !== false)
$gameName = $gInfo->Name; $gameName = $gInfo->Name;
if ($gInfo->AssetTypeId != 9) //make sure its actually a place if ($gInfo->AssetTypeId != 9) //make sure its actually a place
{ {
redirect("/404"); WebContextManager::Redirect("/404");
} }
} }
else else
{ {
redirect("/404"); WebContextManager::Redirect("/404");
} }
checkForDeadJobs($gameID); checkForDeadJobs($gameID);

4
html/login/forgotpassword.php
View File

@ -1,8 +1,10 @@
<?php <?php
use Alphaland\Web\WebContextManager;
if (isLoggedIn()) if (isLoggedIn())
{ {
redirect("/"); WebContextManager::Redirect("/");
} }
$alert = ''; $alert = '';

5
html/login/index.php
View File

@ -1,9 +1,12 @@
<?php <?php
use Alphaland\Web\WebContextManager;
$error = ""; $error = "";
if (isLoggedIn()) if (isLoggedIn())
{ {
redirect("/"); WebContextManager::Redirect("/");
} }
if(isset($_POST['lg'])) if(isset($_POST['lg']))

5
html/logout.php
View File

@ -1,3 +1,6 @@
<?php <?php
use Alphaland\Web\WebContextManager;
$user->logout(); $user->logout();
redirect("/"); WebContextManager::Redirect("/");

2
html/maintenance.php
View File

@ -4,7 +4,7 @@ use Alphaland\Web\WebContextManager;
if (!WebContextManager::IsUnderMaintenance()) if (!WebContextManager::IsUnderMaintenance())
{ {
redirect("/"); WebContextManager::Redirect("/");
} }
$websettings = $pdo->prepare("SELECT * FROM websettings"); $websettings = $pdo->prepare("SELECT * FROM websettings");

5
html/profile/view.php
View File

@ -1,6 +1,7 @@
<?php <?php
use Alphaland\Moderation\UserModerationManager; use Alphaland\Moderation\UserModerationManager;
use Alphaland\Web\WebContextManager;
$alert = ""; $alert = "";
@ -27,7 +28,7 @@ if(isset($_GET['id']))
if (UserModerationManager::IsBanned($id)) if (UserModerationManager::IsBanned($id))
{ {
redirect("/404"); WebContextManager::Redirect("/404");
} }
$body = <<<EOT $body = <<<EOT
@ -457,7 +458,7 @@ EOT;
} }
else else
{ {
redirect('/404'); WebContextManager::Redirect('/404');
} }
} }
else else

3
html/register.php
View File

@ -6,6 +6,7 @@
*/ */
use Alphaland\Users\Activation; use Alphaland\Users\Activation;
use Alphaland\Web\WebContextManager;
$body = ''; $body = '';
$error = ''; $error = '';
@ -136,7 +137,7 @@ else
//send verification email //send verification email
sendVerificationEmail("info@alphaland.cc", $email); sendVerificationEmail("info@alphaland.cc", $email);
redirect("/"); WebContextManager::Redirect("/");
} }
else else
{ {

10
html/settings/resetpassword.php
View File

@ -1,8 +1,10 @@
<?php <?php
use Alphaland\Web\WebContextManager;
if (isLoggedIn()) if (isLoggedIn())
{ {
redirect('/'); WebContextManager::Redirect('/');
} }
$alert = ''; $alert = '';
@ -38,7 +40,7 @@ if(isset($_GET['token']))
} }
else else
{ {
redirect("/forgotpassword"); WebContextManager::Redirect("/forgotpassword");
} }
} }
} }
@ -50,12 +52,12 @@ if(isset($_GET['token']))
} }
else else
{ {
redirect("/"); WebContextManager::Redirect("/");
} }
} }
else else
{ {
redirect("/"); WebContextManager::Redirect("/");
} }
$body = <<<EOT $body = <<<EOT

4
html/verifyemail.php
View File

@ -1,5 +1,7 @@
<?php <?php
use Alphaland\Web\WebContextManager;
$token = (int)$_GET['token']; $token = (int)$_GET['token'];
verifyEmail($token); verifyEmail($token);
redirect("/settings"); WebContextManager::Redirect("/settings");

2
html_admin/client-deployer-upload.php
View File

@ -7,7 +7,7 @@ WebContextManager::ForceHttpsCloudflare();
//permissions //permissions
if(!($user->isOwner())) { if(!($user->isOwner())) {
if ($user->isAdmin()) { if ($user->isAdmin()) {
redirect("/"); WebContextManager::Redirect("/");
} }
die('bababooey'); die('bababooey');
} }

2
html_admin/client-deployer.php
View File

@ -6,7 +6,7 @@ WebContextManager::ForceHttpsCloudflare();
if(!($user->isOwner())) { if(!($user->isOwner())) {
if ($user->isAdmin()) { if ($user->isAdmin()) {
redirect("/"); WebContextManager::Redirect("/");
} }
die('bababooey'); die('bababooey');
} }

20
html_admin/configuration.php
View File

@ -6,7 +6,7 @@ WebContextManager::ForceHttpsCloudflare();
if(!($user->isOwner())) { if(!($user->isOwner())) {
if ($user->isAdmin()) { if ($user->isAdmin()) {
redirect("/"); WebContextManager::Redirect("/");
} }
die('bababooey'); die('bababooey');
} }
@ -53,13 +53,13 @@ else
if(isset($_POST['maintenanceon'])) if(isset($_POST['maintenanceon']))
{ {
enableMaintenance($_POST['optionalmaintenancetext']); enableMaintenance($_POST['optionalmaintenancetext']);
redirect("configuration"); WebContextManager::Redirect("configuration");
} }
if(isset($_POST['maintenanceoff'])) if(isset($_POST['maintenanceoff']))
{ {
disableMaintenance(); disableMaintenance();
redirect("configuration"); WebContextManager::Redirect("configuration");
} }
if(isset($_POST['devmodeon'])) if(isset($_POST['devmodeon']))
@ -80,7 +80,7 @@ if(isset($_POST['devmodeon']))
$curl_response = curl_exec($soap_do); $curl_response = curl_exec($soap_do);
redirect("configuration"); WebContextManager::Redirect("configuration");
} }
if(isset($_POST['devmodeoff'])) if(isset($_POST['devmodeoff']))
@ -101,7 +101,7 @@ if(isset($_POST['devmodeoff']))
$curl_response = curl_exec($soap_do); $curl_response = curl_exec($soap_do);
redirect("configuration"); WebContextManager::Redirect("configuration");
} }
if (isset($_POST['clearcachesubmit'])) if (isset($_POST['clearcachesubmit']))
@ -121,7 +121,7 @@ if (isset($_POST['clearcachesubmit']))
$curl_response = curl_exec($soap_do); $curl_response = curl_exec($soap_do);
redirect("configuration"); WebContextManager::Redirect("configuration");
} }
if (isset($_POST['submitwskey'])) if (isset($_POST['submitwskey']))
@ -130,7 +130,7 @@ if (isset($_POST['submitwskey']))
$setwskey = $pdo->prepare("UPDATE websettings SET webservice_key = :k"); $setwskey = $pdo->prepare("UPDATE websettings SET webservice_key = :k");
$setwskey->bindParam(":k", $key, PDO::PARAM_STR); $setwskey->bindParam(":k", $key, PDO::PARAM_STR);
$setwskey->execute(); $setwskey->execute();
redirect("configuration"); WebContextManager::Redirect("configuration");
} }
if (isset($_POST['setwsipwhitelist'])) if (isset($_POST['setwsipwhitelist']))
@ -138,21 +138,21 @@ if (isset($_POST['setwsipwhitelist']))
$setwsip = $pdo->prepare("UPDATE websettings SET webservice_whitelist = :w"); $setwsip = $pdo->prepare("UPDATE websettings SET webservice_whitelist = :w");
$setwsip->bindParam(":w", $_POST['setwsipwhitelist'], PDO::PARAM_STR); $setwsip->bindParam(":w", $_POST['setwsipwhitelist'], PDO::PARAM_STR);
$setwsip->execute(); $setwsip->execute();
redirect("configuration"); WebContextManager::Redirect("configuration");
} }
if (isset($_POST['cachingon'])) if (isset($_POST['cachingon']))
{ {
$setapprovals = $pdo->prepare("UPDATE websettings SET avatarCaching = 1"); $setapprovals = $pdo->prepare("UPDATE websettings SET avatarCaching = 1");
$setapprovals->execute(); $setapprovals->execute();
redirect("configuration"); WebContextManager::Redirect("configuration");
} }
if (isset($_POST['cachingoff'])) if (isset($_POST['cachingoff']))
{ {
$setapprovals = $pdo->prepare("UPDATE websettings SET avatarCaching = 0"); $setapprovals = $pdo->prepare("UPDATE websettings SET avatarCaching = 0");
$setapprovals->execute(); $setapprovals->execute();
redirect("configuration"); WebContextManager::Redirect("configuration");
} }
$maintenancestatus = ""; $maintenancestatus = "";

2
html_admin/give-asset.php
View File

@ -6,7 +6,7 @@ WebContextManager::ForceHttpsCloudflare();
if(!($user->isOwner())) { if(!($user->isOwner())) {
if ($user->isAdmin()) { if ($user->isAdmin()) {
redirect("/"); WebContextManager::Redirect("/");
} }
die('bababooey'); die('bababooey');
} }

2
html_admin/rank-management.php
View File

@ -6,7 +6,7 @@ WebContextManager::ForceHttpsCloudflare();
if(!($user->isOwner())) { if(!($user->isOwner())) {
if ($user->isAdmin()) { if ($user->isAdmin()) {
redirect("/"); WebContextManager::Redirect("/");
} }
die('bababooey'); die('bababooey');
} }

4
html_api/logo.php
View File

@ -1,3 +1,5 @@
<?php <?php
redirect(getCurrentThemeLogo()); use Alphaland\Web\WebContextManager;
WebContextManager::Redirect(getCurrentThemeLogo());

4
html_api/marketplace/productinfo.php
View File

@ -1,5 +1,7 @@
<?php <?php
use Alphaland\Web\WebContextManager;
header('Content-Type: application/json'); header('Content-Type: application/json');
$assetid = $_GET['assetId']; $assetid = $_GET['assetId'];
@ -12,7 +14,7 @@ if (!$assetid)
if ($useroblox == "true") if ($useroblox == "true")
{ {
redirect("https://api.roblox.com/marketplace/productinfo?assetId=" . $assetid); WebContextManager::Redirect("https://api.roblox.com/marketplace/productinfo?assetId=" . $assetid);
} }
else else
{ {

5
html_api/users/thumbnail.php
View File

@ -5,6 +5,9 @@ Alphaland 2021
*/ */
//headers //headers
use Alphaland\Web\WebContextManager;
header("Access-Control-Allow-Origin: https://www.alphaland.cc"); header("Access-Control-Allow-Origin: https://www.alphaland.cc");
header("access-control-allow-credentials: true"); header("access-control-allow-credentials: true");
@ -15,4 +18,4 @@ if (!$userid) {
$userid = $user->id; $userid = $user->id;
} }
redirect(getPlayerRender($userid, $headshot)); //cachebuster WebContextManager::Redirect(getPlayerRender($userid, $headshot)); //cachebuster

4
html_assetgame/Asset/index.php
View File

@ -2,6 +2,8 @@
//we dont want duplicates of the asset fetching so we will just make this endpoint internally redirect //we dont want duplicates of the asset fetching so we will just make this endpoint internally redirect
use Alphaland\Web\WebContextManager;
$id = (int)$_GET["id"]; $id = (int)$_GET["id"];
$assetversionid = (int)$_GET["assetversionid"]; $assetversionid = (int)$_GET["assetversionid"];
$version = (int)$_GET["version"]; $version = (int)$_GET["version"];
@ -16,4 +18,4 @@ else if ($version)
$assetversion = $version; $assetversion = $version;
} }
redirect("https://www.alphaland.cc/asset/?id=" . $id . "&version=" . $assetversion); WebContextManager::Redirect("https://www.alphaland.cc/asset/?id=" . $id . "&version=" . $assetversion);

4
ratelimit.php
View File

@ -1,9 +1,11 @@
<?php <?php
use Alphaland\Web\WebContextManager;
$url = $_SERVER['REQUEST_URI']; $url = $_SERVER['REQUEST_URI'];
if (strpos($url, '/ratelimit') !== false || strpos($url, '/ratelimit.php') !== false) { if (strpos($url, '/ratelimit') !== false || strpos($url, '/ratelimit.php') !== false) {
redirect("/404"); //why not WebContextManager::Redirect("/404"); //why not
} }
echo "Rate limit exceeded, slow down!"; echo "Rate limit exceeded, slow down!";