diff options
Diffstat (limited to 'pages/api')
| -rw-r--r-- | pages/api/_main.php | 30 | ||||
| -rw-r--r-- | pages/api/badger.php | 52 | ||||
| -rw-r--r-- | pages/api/disconnect.php | 37 | ||||
| -rw-r--r-- | pages/api/docs.php | 31 | ||||
| -rw-r--r-- | pages/api/emergency-real.php | 37 | ||||
| -rw-r--r-- | pages/api/emergency.php | 37 | ||||
| -rw-r--r-- | pages/api/me.php | 39 | ||||
| -rw-r--r-- | pages/api/pleasure-real.php | 50 | ||||
| -rw-r--r-- | pages/api/pleasure.php | 50 | ||||
| -rw-r--r-- | pages/api/pluralkit-integration.php | 4 | ||||
| -rw-r--r-- | pages/api/ponytown.php | 121 | ||||
| -rw-r--r-- | pages/api/reauthenticate.php | 49 | ||||
| -rw-r--r-- | pages/api/rename.php | 37 | ||||
| -rw-r--r-- | pages/api/session.php | 29 | ||||
| -rw-r--r-- | pages/api/token.php | 7 |
15 files changed, 31 insertions, 579 deletions
diff --git a/pages/api/_main.php b/pages/api/_main.php new file mode 100644 index 0000000..215c1b2 --- /dev/null +++ b/pages/api/_main.php @@ -0,0 +1,30 @@ +<?php + +if (str_ends_with($_GET['_'], "/")) { + $pagename = substr($_GET['_'], 0, strlen($_GET['_']) - 1); +} else { + $pagename = $_GET['_']; +} + +$toplevel = explode("/", $pagename)[1]; +$middlelevel = explode("/", $pagename)[2] ?? null; + +if ($toplevel === "_main" || $middlelevel === "_main") { + header("HTTP/1.1 404 Not Found"); + header("Content-Type: text/plain"); + echo("Endpoint not found"); + die(); +} + +if (isset($middlelevel) && file_exists($_SERVER['DOCUMENT_ROOT'] . "/api/" . $toplevel . "/" . $middlelevel . ".php") && is_file($_SERVER['DOCUMENT_ROOT'] . "/api/" . $toplevel . "/" . $middlelevel . ".php")) { + require_once $_SERVER['DOCUMENT_ROOT'] . "/api/" . $toplevel . "/" . $middlelevel . ".php"; +} else { + if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/api/" . $toplevel . ".php") && is_file($_SERVER['DOCUMENT_ROOT'] . "/api/" . $toplevel . ".php")) { + require_once $_SERVER['DOCUMENT_ROOT'] . "/api/" . $toplevel . ".php"; + } else { + header("HTTP/1.1 404 Not Found"); + header("Content-Type: text/plain"); + echo("Endpoint not found"); + die(); + } +} diff --git a/pages/api/badger.php b/pages/api/badger.php deleted file mode 100644 index d54e69f..0000000 --- a/pages/api/badger.php +++ /dev/null @@ -1,52 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc"; - -global $isLoggedIn; global $isLowerLoggedIn; -$isLoggedIn = false; $isLowerLoggedIn = false; - -$list = scoreOrderGlobal(); - -function getAge($metadata) { - if (!isset($metadata["birth"]["year"]) || $metadata["birth"]["age"] > 0) { - if ($metadata["birth"]["age"] === -1) { - $age = " - Eternal"; - } elseif ($metadata["birth"]["age"] <= 0) { - $age = ""; - } else { - $age = " - " . ($metadata["birth"]["age"]); - } - } else { - if ($metadata["birth"]["year"] <= 1900) { - $age = ""; - } else { - $age = " - " . ((int)date('Y') - $metadata["birth"]["year"] + (strtotime(date('Y') . "-" . $metadata["birth"]["date"]) <= time() ? 0 : -1)); - } - } - - return $age; -} - -header("Content-Type: application/json"); -die(json_encode(array_map(function ($i) { - return [ - "id" => $i["id"], - "name" => $i["display_name"] ?? $i["name"], - "system" => $i["system"], - "pronouns" => $i["pronouns"], - "species" => match ($i["_metadata"]["species"][0]) { - "earth" => $i["_metadata"]["robot"] ? "Robot earth pony" : (!$i["_metadata"]["plush"] ? "Earth pony" : "Earth pony plush"), - "alicorn" => $i["_metadata"]["robot"] ? "Robot alicorn" : (!$i["_metadata"]["plush"] ? "Alicorn" : "Alicorn plush"), - "crystal" => $i["_metadata"]["robot"] ? "Robot crystal pony" : (!$i["_metadata"]["plush"] ? "Crystal pony" : "Crystal pony plush"), - "pegasus" => $i["_metadata"]["robot"] ? "Robot pegasus" : (!$i["_metadata"]["plush"] ? "Pegasus" : "Pegasus plush"), - "batpony" => $i["_metadata"]["robot"] ? "Robot bat pony" : (!$i["_metadata"]["plush"] ? "Bat pony" : "Bat pony plush"), - "unicorn" => $i["_metadata"]["robot"] ? "Robot unicorn" : (!$i["_metadata"]["plush"] ? "Unicorn" : "Unicorn plush"), - "changeling" => "Changeling", - "human" => "Human", - "merpony" => "Merpony", - default => $i["_metadata"]["species"][0] . "_" . $i["_metadata"]["robot"] - }, - "age" => getAge($i["_metadata"]), - "avatar" => "https://ponycule.p.equestria.dev" . getAsset($i["system"], $i["id"], "heads") - ]; -}, $list), JSON_PRETTY_PRINT));
\ No newline at end of file diff --git a/pages/api/disconnect.php b/pages/api/disconnect.php deleted file mode 100644 index ffd3f40..0000000 --- a/pages/api/disconnect.php +++ /dev/null @@ -1,37 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc"; -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; global $_PROFILE; -if (!$isLoggedIn && !$isLowerLoggedIn) { - header("Location: /-/login"); - die(); -} - -$list = array_filter([...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens"), ...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens")], function ($token) { - global $_PROFILE; - if ($token === "." || $token === "..") return false; - - $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true); - - return isset($session["id"]) && $session["id"] === ($_PROFILE["id"] ?? ""); -}); - -var_dump($list); - -foreach ($list as $token) { - $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true); - - var_dump(bin2hex(substr($token, 0, 50)), trim($_GET["id"])); - - if (bin2hex(substr($token, 0, 50)) === trim($_GET["id"])) { - if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $token)) { - unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $token); - } - - if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token)) { - unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token); - } else { - unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token); - } - } -}
\ No newline at end of file diff --git a/pages/api/docs.php b/pages/api/docs.php deleted file mode 100644 index 31cd961..0000000 --- a/pages/api/docs.php +++ /dev/null @@ -1,31 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $_PROFILE; -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc"; -if (!$isLoggedIn) header("Location: /-/login") and die(); - -$request_raw = file_get_contents('php://input'); -$json_object = json_decode($request_raw, true); - -$select = $_GET['id'] ?? null; - -if (isset($select)) { - if (ctype_alnum($select) && file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/data/docs/" . $select . ".json")) { - $id = $select; - $data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/docs/" . $select . ".json"), true); - } else { - die("Not found"); - } -} else { - die("Not set"); -} - -if (isset($json_object["content"])) $data["contents"] = $json_object["content"]; -if (isset($json_object["name"])) $data["name"] = $json_object["name"]; -if (isset($json_object["explicit"])) $data["nsfw"] = $json_object["explicit"]; -if (isset($json_object["category"])) $data["category"] = trim($json_object["category"]) !== "" && trim($json_object["category"]) !== "Unsorted" && trim($json_object["category"]) !== "unsorted" && trim($json_object["category"]) !== "/no" && trim($json_object["category"]) !== "Unsort" && trim($json_object["category"]) !== "unsort" ? $json_object["category"] : null; - -$data["last"]["date"] = time(); -$data["last"]["author"] = $_PROFILE['login']; - -file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/docs/" . $select . ".json", utf8_encode(json_encode($data)));
\ No newline at end of file diff --git a/pages/api/emergency-real.php b/pages/api/emergency-real.php deleted file mode 100644 index 04fd56e..0000000 --- a/pages/api/emergency-real.php +++ /dev/null @@ -1,37 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; global $_PROFILE; - -if (!$isLoggedIn && !$isLowerLoggedIn) { - header("Location: /-/login"); - die(); -} - -global $_PROFILE; - -$ntfy = $GLOBALS["ColdHazeApp"]["ntfy"]; -$channels = []; - -if (isset($_GET["raindrops"])) $channels[] = "emergency-raindrops"; -if (isset($_GET["moonglow"])) $channels[] = "emergency-moonglow"; -if (isset($_GET["hailstorm"])) $channels[] = "emergency-hailstorm"; -if (isset($_GET[$GLOBALS["ColdHazeApp"]["other"]["slug"]])) $channels[] = "emergency"; - -$context = stream_context_create([ - 'http' => [ - 'method' => 'POST', - 'header' => - "Content-Type: text/plain\r\n" . - "Title: " . formatPonypush("⚠️ Emergency alert") . "\r\n" . - "Priority: urgent\r\n" . - "Tags: emergency\r\n" . - "Authorization: Basic " . base64_encode($ntfy["user"] . ":" . $ntfy["password"]), - 'content' => formatPonypush("This is an emergency, " . $_PROFILE['name'] . " is in need of immediate help. Please act now!") - ] -]); - -foreach ($channels as $channel) { - file_get_contents('https://' . $ntfy["server"] . '/' . $channel, false, $context); -} - -die();
\ No newline at end of file diff --git a/pages/api/emergency.php b/pages/api/emergency.php deleted file mode 100644 index e682598..0000000 --- a/pages/api/emergency.php +++ /dev/null @@ -1,37 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; global $_PROFILE; - -if (!$isLoggedIn && !$isLowerLoggedIn) { - header("Location: /-/login"); - die(); -} - -global $_PROFILE; - -$ntfy = $GLOBALS["ColdHazeApp"]["ntfy"]; -$channels = []; - -if (isset($_GET["raindrops"])) $channels[] = "emergency-raindrops"; -if (isset($_GET["moonglow"])) $channels[] = "emergency-moonglow"; -if (isset($_GET["hailstorm"])) $channels[] = "emergency-hailstorm"; -if (isset($_GET[$GLOBALS["ColdHazeApp"]["other"]["slug"]])) $channels[] = "emergency"; - -$context = stream_context_create([ - 'http' => [ - 'method' => 'POST', - 'header' => - "Content-Type: text/plain\r\n" . - "Title: " . formatPonypush("[Test] ⚠️ Emergency alert") . "\r\n" . - "Priority: urgent\r\n" . - "Tags: emergency\r\n" . - "Authorization: Basic " . base64_encode($ntfy["user"] . ":" . $ntfy["password"]), - 'content' => formatPonypush("[This notification is test] This is an emergency, " . $_PROFILE['name'] . " is in need of immediate help. Please act now! [This notification is test]") - ] -]); - -foreach ($channels as $channel) { - file_get_contents('https://' . $ntfy["server"] . '/' . $channel, false, $context); -} - -die();
\ No newline at end of file diff --git a/pages/api/me.php b/pages/api/me.php deleted file mode 100644 index 0e91189..0000000 --- a/pages/api/me.php +++ /dev/null @@ -1,39 +0,0 @@ -<?php - -$app = $GLOBALS["ColdHazeApp"]; - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; - -header("Content-Type: application/json"); - -if (!$isLoggedIn && !$isLowerLoggedIn) die('{"valid": false}'); -global $_PROFILE; - -if ($_PROFILE['login'] === "raindrops") { - die(json_encode([ - "valid" => true, - "name" => "Raindrops System", - "id" => "raindrops", - "pluralkit" => "gdapd", - "avatar" => getAsset("gdapd"), - "email" => $_PROFILE["profile"]["email"]["email"] - ])); -} else if ($_PROFILE["login"] === "Moonglow") { - die(json_encode([ - "valid" => true, - "name" => "Moonglow", - "id" => "moonglow", - "pluralkit" => "hrbom", - "avatar" => getAsset("hrbom"), - "email" => $_PROFILE["profile"]["email"]["email"] - ])); -} else { - die(json_encode([ - "valid" => true, - "name" => $app["other"]["name"], - "id" => $app["other"]["slug"], - "pluralkit" => $app["other"]["id"], - "avatar" => getAsset($app["other"]["id"]), - "email" => $_PROFILE["profile"]["email"]["email"] - ])); -}
\ No newline at end of file diff --git a/pages/api/pleasure-real.php b/pages/api/pleasure-real.php deleted file mode 100644 index c1cbd59..0000000 --- a/pages/api/pleasure-real.php +++ /dev/null @@ -1,50 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; global $_PROFILE; - -if (!$isLoggedIn && !$isLowerLoggedIn) { - header("Location: /-/login"); - die(); -} - -global $_PROFILE; - -$frontRaindrops = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/gdapd/fronters.json"), true)["members"]; -$frontOther = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/other/fronters.json"), true)["members"]; -$frontMoonglow = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/hrbom/fronters.json"), true)["members"]; - -if ($_PROFILE["login"] === "raindrops" && isset($frontRaindrops[0])) { - $pony = $frontRaindrops[0]["display_name"] ?? $frontRaindrops[0]["name"]; -} else if ($_PROFILE["login"] === "Moonglow" && isset($frontMoonglow[0])) { - $pony = $frontMoonglow[0]["display_name"] ?? $frontMoonglow[0]["name"]; -} else if ($_PROFILE["login"] !== "raindrops" && $_PROFILE["login"] !== "Moonglow" && isset($frontOther[0])) { - $pony = $frontOther[0]["display_name"] ?? $frontOther[0]["name"]; -} else { - $pony = "somepony"; -} - -$ntfy = $GLOBALS["ColdHazeApp"]["ntfy"]; -$channels = []; - -if (isset($_GET["raindrops"])) $channels[] = "emergency-raindrops"; -if (isset($_GET["moonglow"])) $channels[] = "emergency-moonglow"; -if (isset($_GET[$GLOBALS["ColdHazeApp"]["other"]["slug"]])) $channels[] = "pleasure"; - -$context = stream_context_create([ - 'http' => [ - 'method' => 'POST', - 'header' => - "Content-Type: text/plain\r\n" . - "Title: " . formatPonypush("🏩 $pony wants to play for a bit") . "\r\n" . - "Priority: high\r\n" . - "Tags: pleasure\r\n" . - "Authorization: Basic " . base64_encode($ntfy["user"] . ":" . $ntfy["password"]), - 'content' => formatPonypush("Hey, $pony wants to play and have fun with you, get up!") - ] -]); - -foreach ($channels as $channel) { - file_get_contents('https://' . $ntfy["server"] . '/' . $channel, false, $context); -} - -die();
\ No newline at end of file diff --git a/pages/api/pleasure.php b/pages/api/pleasure.php deleted file mode 100644 index 7b268cb..0000000 --- a/pages/api/pleasure.php +++ /dev/null @@ -1,50 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; global $_PROFILE; - -if (!$isLoggedIn && !$isLowerLoggedIn) { - header("Location: /-/login"); - die(); -} - -global $_PROFILE; - -$frontRaindrops = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/gdapd/fronters.json"), true)["members"]; -$frontOther = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/other/fronters.json"), true)["members"]; -$frontMoonglow = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/hrbom/fronters.json"), true)["members"]; - -if ($_PROFILE["login"] === "raindrops" && isset($frontRaindrops[0])) { - $pony = $frontRaindrops[0]["display_name"] ?? $frontRaindrops[0]["name"]; -} else if ($_PROFILE["login"] === "Moonglow" && isset($frontMoonglow[0])) { - $pony = $frontMoonglow[0]["display_name"] ?? $frontMoonglow[0]["name"]; -} else if ($_PROFILE["login"] !== "raindrops" && $_PROFILE["login"] !== "Moonglow" && isset($frontOther[0])) { - $pony = $frontOther[0]["display_name"] ?? $frontOther[0]["name"]; -} else { - $pony = "somepony"; -} - -$ntfy = $GLOBALS["ColdHazeApp"]["ntfy"]; -$channels = []; - -if (isset($_GET["raindrops"])) $channels[] = "emergency-raindrops"; -if (isset($_GET["moonglow"])) $channels[] = "emergency-moonglow"; -if (isset($_GET[$GLOBALS["ColdHazeApp"]["other"]["slug"]])) $channels[] = "pleasure"; - -$context = stream_context_create([ - 'http' => [ - 'method' => 'POST', - 'header' => - "Content-Type: text/plain\r\n" . - "Title: " . formatPonypush("[Test] 🏩 $pony wants to play for a bit") . "\r\n" . - "Priority: high\r\n" . - "Tags: pleasure\r\n" . - "Authorization: Basic " . base64_encode($ntfy["user"] . ":" . $ntfy["password"]), - 'content' => formatPonypush("[This notification is a test] Hey, $pony wants to play and have fun with you, get up! [This notification is a test]") - ] -]); - -foreach ($channels as $channel) { - file_get_contents('https://' . $ntfy["server"] . '/' . $channel, false, $context); -} - -die();
\ No newline at end of file diff --git a/pages/api/pluralkit-integration.php b/pages/api/pluralkit-integration.php index a3faa6f..9b0033d 100644 --- a/pages/api/pluralkit-integration.php +++ b/pages/api/pluralkit-integration.php @@ -1,7 +1,5 @@ <?php -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/agewarning.inc"; - $app = $GLOBALS["ColdHazeApp"]; $user = $_GET['user'] ?? null; $inputJSON = file_get_contents('php://input'); @@ -63,4 +61,4 @@ if ($input["type"] === "CREATE_SWITCH" || $input["type"] === "UPDATE_SWITCH" || createJob("FrontersNotification", [ "system" => $system ]); -}
\ No newline at end of file +} diff --git a/pages/api/ponytown.php b/pages/api/ponytown.php deleted file mode 100644 index bc40975..0000000 --- a/pages/api/ponytown.php +++ /dev/null @@ -1,121 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $_PROFILE; global $isLowerLoggedIn; global $app; -if (!$isLoggedIn && !$isLowerLoggedIn) header("Location: /-/login") and die(); - -$request_raw = file_get_contents('php://input'); -$json_object = json_decode($request_raw, true); - -$select = $_GET['id'] ?? null; - -if (!isset($select)) { - peh_error("System member not found", 404); - return; -} - -if (getMemberWithoutSystem($select) === null) { - peh_error("System member not found", 404); - return; -} - -$member = getMemberWithoutSystem($select); - -if ($isLowerLoggedIn && $member["_system"] !== $app["other"]["id"] && $member["_system"] !== "hrbom") { - peh_error("System member not found", 404); - return; -} - -if (!isset($json_object[0]) || !isset($json_object[1])) { - die("Missing data"); -} - -$errors = []; - -foreach ([1, 2] as $_) { - $input = $json_object[$_ - 1]; - - $mime = explode(";", substr($input, 5))[0]; - $file = base64_decode(explode(",", explode(";", substr($input, 5))[1])[1]); - - $image = @imagecreatefromstring($file); - $size = @getimagesizefromstring($file); - - if ($image === false) { - $errors[] = "0x{$_}000000F: Failed to open image #" . $_ . ", it is probably not using a supported format"; - } - - if ($size === false) { - $errors[] = "0x{$_}000000E: Failed to get metadata for image #" . $_ . ", it is probably corrupted"; - } - - if ($image === false || $size === false) continue; - - $foundColor = false; - - for ($i = 0; $i < $size[0]; $i++) { - if (imagecolorat($image, $i, 0) !== 2130706432) { - $foundColor = true; - } - } - - if (!$foundColor) { - $errors[] = "0x{$_}000001A: Image #" . $_ . " seems to contain padding (based on the first row of pixels)"; - } - - $foundColor = false; - - for ($i = 0; $i < $size[1]; $i++) { - if (imagecolorat($image, 0, $i) !== 2130706432) { - $foundColor = true; - } - } - - if (!$foundColor) { - $errors[] = "0x{$_}000001B: Image #" . $_ . " seems to contain padding (based on the first column of pixels)"; - } - - if ($_ === 1 && $size[0] > 70) { - $errors[] = "0x{$_}000002A: Image #" . $_ . " is wider than it should, are you sure you set zoom to 1x? Maybe you inverted the files?"; - } - - if ($_ === 1 && $size[1] > 70) { - $errors[] = "0x{$_}000002B: Image #" . $_ . " is higher than it should, are you sure you set zoom to 1x? Maybe you inverted the files?"; - } - - if ($_ === 2 && $size[0] > 40) { - $errors[] = "0x{$_}000002A: Image #" . $_ . " is wider than it should, are you sure you set zoom to 1x? Maybe you inverted the files?"; - } - - if ($_ === 2 && $size[1] > 35) { - $errors[] = "0x{$_}000002B: Image #" . $_ . " is higher than it should, are you sure you set zoom to 1x? Maybe you inverted the files?"; - } -} - -if (count($errors) === 0 && isset($_GET["real"])) { - foreach ([1, 2] as $_) { - $input = $json_object[$_ - 1]; - - $mime = explode(";", substr($input, 5))[0]; - $file = base64_decode(explode(",", explode(";", substr($input, 5))[1])[1]); - - $image = @imagecreatefromstring($file); - - imagealphablending($image, false); - imagesavealpha($image, true); - - if ($_ === 1) { - imagepng($image, $_SERVER['DOCUMENT_ROOT'] . "/assets/ponies/" . $member["id"] . ".png"); - } else { - imagepng($image, $_SERVER['DOCUMENT_ROOT'] . "/assets/uploads/pt-" . $member["name"] . ".png"); - } - } -} - -createJob("UpdateAssets", [ - "type" => "ponytown" -]); - -die(json_encode([ - "success" => count($errors) === 0, - "errors" => $errors -]));
\ No newline at end of file diff --git a/pages/api/reauthenticate.php b/pages/api/reauthenticate.php deleted file mode 100644 index b194098..0000000 --- a/pages/api/reauthenticate.php +++ /dev/null @@ -1,49 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc"; -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; global $_PROFILE; - -header("Content-Type: text/plain"); - -if (!$isLoggedIn || $isLowerLoggedIn) { - header("Location: /-/login"); - die(); -} - -$newToken = generateToken(); - -if (isset($_COOKIE['PEH2_SESSION_TOKEN']) && $isLoggedIn) { - $old = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $_COOKIE['PEH2_SESSION_TOKEN']), true); - - if (!isset($_GET["plain"])) { - $old["name"] = base64_decode($_GET["name"] ?? "LQo="); - } else { - $old["name"] = $_GET["name"] ?? "-"; - } - - $old["created"] = time(); - $old["addresses"] = []; - $old["last"] = time(); - $old["profile"] = $_PROFILE; - - file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $newToken, json_encode($old)); - file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $newToken, json_encode($_PROFILE)); -} else if (isset($_COOKIE['PEH2_SESSION_TOKEN']) && $isLowerLoggedIn) { - $old = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $_COOKIE['PEH2_SESSION_TOKEN']), true); - - if (!isset($_GET["plain"])) { - $old["name"] = base64_decode($_GET["name"] ?? "LQo="); - } else { - $old["name"] = $_GET["name"] ?? "-"; - } - - $old["created"] = time(); - $old["addresses"] = []; - $old["last"] = time(); - $old["profile"] = $_PROFILE; - - file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $newToken, json_encode($old)); - file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $newToken, json_encode($_PROFILE)); -} - -die($newToken);
\ No newline at end of file diff --git a/pages/api/rename.php b/pages/api/rename.php deleted file mode 100644 index 4e01b06..0000000 --- a/pages/api/rename.php +++ /dev/null @@ -1,37 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc"; -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; - -header("Content-Type: application/json"); - -if (!$isLoggedIn || $isLowerLoggedIn) { - header("Location: /-/login"); - die(); -} - -$obj = [ - "success" => true -]; - -global $token; -$data = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token))), true); - -$data["name"] = $_POST["name"] ?? $_GET["name"] ?? $data["name"]; -$obj["pre_name"] = $data["name"]; - -$request_raw = file_get_contents('php://input'); -$json_object = json_decode($request_raw, true); - -if (json_last_error() === JSON_ERROR_NONE) { - $obj["json_error"] = [ json_last_error(), json_last_error_msg() ]; - if (isset($json_object["name"])) { - $data["name"] = $json_object["name"]; - $obj["json_name"] = $json_object["name"]; - } -} - -$obj["new_name"] = $data["name"]; - -file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token), pf_utf8_encode(json_encode($data))); -die(json_encode($obj));
\ No newline at end of file diff --git a/pages/api/session.php b/pages/api/session.php deleted file mode 100644 index 25d833d..0000000 --- a/pages/api/session.php +++ /dev/null @@ -1,29 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc"; -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; - -header("Content-Type: application/json"); -global $token; - -if (isset($_GET["raw"])) { - die(json_encode(json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)), true), JSON_PRETTY_PRINT)); -} else { - if (!$isLoggedIn || $isLowerLoggedIn) { - die(json_encode([ - "name" => null, - "created" => null, - "last_seen" => null, - "seen_at" => null - ], JSON_PRETTY_PRINT)); - } - - $data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . str_replace("/", "", $token)), true); - - die(json_encode([ - "name" => $data["name"], - "created" => date('c', $data["created"]), - "last_seen" => date('c', $data["last"]), - "seen_at" => array_keys($data["addresses"] ?? []) - ], JSON_PRETTY_PRINT)); -}
\ No newline at end of file diff --git a/pages/api/token.php b/pages/api/token.php deleted file mode 100644 index 5c80ca3..0000000 --- a/pages/api/token.php +++ /dev/null @@ -1,7 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; -if (!$isLoggedIn) header("Location: /-/login") and die(); - -header("Content-Type: text/plain"); -die($_COOKIE['PEH2_SESSION_TOKEN']);
\ No newline at end of file |