Updated 18 files and added 10 files (automated)

1 files changed, 117 insertions, 0 deletions

diff --git a/pages/api/ponytown.php b/pages/api/ponytown.php
new file mode 100644
index 0000000..f41ac01
--- /dev/null
+++ b/pages/api/ponytown.php
@@ -0,0 +1,117 @@
+<?php
+
+require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/session.inc"; global $isLoggedIn; global $_PROFILE; global $isLowerLoggedIn; global $app;
+if (!$isLoggedIn && !$isLowerLoggedIn) header("Location: /-/login") and die();
+
+$request_raw = file_get_contents('php://input');
+$json_object = json_decode($request_raw, true);
+
+$select = $_GET['id'] ?? null;
+
+if (!isset($select)) {
+    peh_error("System member not found", 404);
+    return;
+}
+
+if (getMemberWithoutSystem($select) === null) {
+    peh_error("System member not found", 404);
+    return;
+}
+
+$member = getMemberWithoutSystem($select);
+
+if ($isLowerLoggedIn && $member["_system"] !== $app["other"]["id"]) {
+    peh_error("System member not found", 404);
+    return;
+}
+
+if (!isset($json_object[0]) || !isset($json_object[1])) {
+    die("Missing data");
+}
+
+$errors = [];
+
+foreach ([1, 2] as $_) {
+    $input = $json_object[$_ - 1];
+
+    $mime = explode(";", substr($input, 5))[0];
+    $file = base64_decode(explode(",", explode(";", substr($input, 5))[1])[1]);
+
+    $image = @imagecreatefromstring($file);
+    $size = @getimagesizefromstring($file);
+
+    if ($image === false) {
+        $errors[] = "0x{$_}000000F: Failed to open image #" . $_ . ", it is probably not using a supported format";
+    }
+
+    if ($size === false) {
+        $errors[] = "0x{$_}000000E: Failed to get metadata for image #" . $_ . ", it is probably corrupted";
+    }
+
+    if ($image === false || $size === false) continue;
+
+    $foundColor = false;
+
+    for ($i = 0; $i < $size[0]; $i++) {
+        if (imagecolorat($image, $i, 0) !== 2130706432) {
+            $foundColor = true;
+        }
+    }
+
+    if (!$foundColor) {
+        $errors[] = "0x{$_}000001A: Image #" . $_ . " seems to contain padding (based on the first row of pixels)";
+    }
+
+    $foundColor = false;
+
+    for ($i = 0; $i < $size[1]; $i++) {
+        if (imagecolorat($image, 0, $i) !== 2130706432) {
+            $foundColor = true;
+        }
+    }
+
+    if (!$foundColor) {
+        $errors[] = "0x{$_}000001B: Image #" . $_ . " seems to contain padding (based on the first column of pixels)";
+    }
+
+    if ($_ === 1 && $size[0] > 70) {
+        $errors[] = "0x{$_}000002A: Image #" . $_ . " is wider than it should, are you sure you set zoom to 1x? Maybe you inverted the files?";
+    }
+
+    if ($_ === 1 && $size[1] > 70) {
+        $errors[] = "0x{$_}000002B: Image #" . $_ . " is higher than it should, are you sure you set zoom to 1x? Maybe you inverted the files?";
+    }
+
+    if ($_ === 2 && $size[0] > 35) {
+        $errors[] = "0x{$_}000002A: Image #" . $_ . " is wider than it should, are you sure you set zoom to 1x? Maybe you inverted the files?";
+    }
+
+    if ($_ === 2 && $size[1] > 35) {
+        $errors[] = "0x{$_}000002B: Image #" . $_ . " is higher than it should, are you sure you set zoom to 1x? Maybe you inverted the files?";
+    }
+}
+
+if (count($errors) === 0 && isset($_GET["real"])) {
+    foreach ([1, 2] as $_) {
+        $input = $json_object[$_ - 1];
+
+        $mime = explode(";", substr($input, 5))[0];
+        $file = base64_decode(explode(",", explode(";", substr($input, 5))[1])[1]);
+
+        $image = @imagecreatefromstring($file);
+
+        imagealphablending($image, false);
+        imagesavealpha($image, true);
+
+        if ($_ === 1) {
+            imagepng($image, $_SERVER['DOCUMENT_ROOT'] . "/assets/ponies/" . $member["id"] . ".png");
+        } else {
+            imagepng($image, $_SERVER['DOCUMENT_ROOT'] . "/assets/uploads/pt-" . $member["name"] . ".png");
+        }
+    }
+}
+
+die(json_encode([
+    "success" => count($errors) === 0,
+    "errors" => $errors
+]));
\ No newline at end of file