1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn;
require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/random.inc";
if (!$isLoggedIn || !isset($_GET["type"]) || !isset($_GET["member"])) die("Not logged in or missing operand");
if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/assets/ponies/" . $_GET["member"] . ".png")) die("No initial Pony Town character");
$designs = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/designs/" . $_GET["member"] . ".json"), true);
$inputJSON = file_get_contents('php://input');
$input = json_decode($inputJSON, true);
switch ($_GET["type"]) {
case "name":
$designs[$_GET["id"]]["name"] = trim(strip_tags(substr(base64_decode($_GET["value"]), 0, 100)));
if (trim(strip_tags(substr(base64_decode($_GET["value"]), 0, 100))) === "" && $_GET["id"] !== "_main") {
unset($designs[$_GET["id"]]);
echo("&");
}
break;
case "note":
$designs[$_GET["id"]]["note"] = trim(strip_tags(substr(base64_decode($_GET["value"]), 0, 100)));
break;
case "upload":
$id = random();
$file = base64_decode($input["file"]);
$image = @imagecreatefromstring($file);
imagealphablending($image, false);
imagesavealpha($image, true);
imagepng($image, "/tmp/temp-" . $id . ".png");
$text = base64_encode(file_get_contents("/tmp/temp-" . $id . ".png"));
unlink("/tmp/temp-" . $id . ".png");
$designs[$id] = [
"name" => "Untitled",
"note" => "ID: " . $id,
"image" => $text
];
break;
default:
die("Invalid type");
}
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/designs/" . $_GET["member"] . ".json", json_encode($designs));
|
