ob_start();
require_once 'MySQL_funcs.php';
include 'MySQL_config.php';
include 'MySQL_access.php';
ob_end_clean();
session_start();
if (isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
} else {
$userid = '-guest-';
}
$loggedin = false;
if (strcmp($userid, '-guest-')) {
$loggedin = true;
}
$content = getStandaloneFile('dynmap_config.json');
header('Content-type: application/json; charset=utf-8');
if (!$loginenabled) {
echo $content;
} else {
if ($json->loginrequired && !$loggedin) {
echo "{ \"error\": \"login-required\" }";
} else {
$json = json_decode($content);
$uid = '[' . strtolower($userid) . ']';
$json->loggedin = $loggedin;
$wcnt = count($json->worlds);
$newworlds = array();
for ($i = 0; $i < $wcnt; $i++) {
$w = $json->worlds[$i];
if ($w->protected) {
$ctx = hash_init('sha256');
hash_update($ctx, $pwdsalt);
hash_update($ctx, $password);
$hash = hash_final($ctx);
$useridlc = strtolower($userid);
if (strcasecmp($hash, $pwdhash[$useridlc]) == 0) {
$_SESSION['userid'] = $userid;
$good = true;
} else {
$_SESSION['userid'] = '-guest-';
}
} else {
$_SESSION['userid'] = '-guest-';
$good = true;
}
$content = getStandaloneFile('dynmap_reg.php');
/* Prune pending registrations, if needed */
$lines = explode('\\n', $content);
$newlines[] = array();
if (!empty($lines)) {
$cnt = count($lines) - 1;
$changed = false;
for ($i = 1; $i < $cnt; $i++) {
list($uid, $pc, $hsh) = split('=', rtrim($lines[$i]));
if ($uid == $useridlc) {
continue;
}
if (array_key_exists($uid, $pendingreg)) {
$newlines[] = $uid . '=' . $pc . '=' . $hsh;
} else {
$changed = true;
$fname = 'updates_' . $world . '.json';
}
$useridlc = strtolower($userid);
$uid = '[' . $useridlc . ']';
if (isset($worldaccess[$world])) {
$ss = stristr($worldaccess[$world], $uid);
if ($ss === false) {
echo "{ \"error\": \"access-denied\" }";
return;
}
}
$serverid = 0;
if (isset($_REQUEST['serverid'])) {
$serverid = $_REQUEST['serverid'];
}
$content = getStandaloneFile('dynmap_' . $world . '.json');
if (!isset($content)) {
header('HTTP/1.0 503 Database Unavailable');
echo "<h1>503 Database Unavailable</h1>";
echo 'Error reading database - ' . $fname . ' #' . $serverid;
cleanupDb();
exit;
}
if (!$loginenabled) {
echo $content;
} else {
if (isset($json->loginrequired) && $json->loginrequired && !$loggedin) {
echo "{ \"error\": \"login-required\" }";
} else {
$json = json_decode($content);
$json->loggedin = $loggedin;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && $lastchat < time()) {
$micro = microtime(true);
$timestamp = round($micro * 1000.0);
$data = json_decode(trim(file_get_contents('php://input')));
$data->timestamp = $timestamp;
$data->ip = $_SERVER['REMOTE_ADDR'];
if (isset($_SESSION['userid'])) {
$uid = $_SESSION['userid'];
if (strcmp($uid, '-guest-')) {
$data->userid = $uid;
}
}
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$data->ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
$content = getStandaloneFile('dynmap_webchat.json');
$gotold = false;
if (isset($content)) {
$old_messages = json_decode($content, true);
$gotold = true;
}
if (!empty($old_messages)) {
foreach ($old_messages as $message) {
if ($timestamp - $config['updaterate'] - 10000 < $message['timestamp']) {
$new_messages[] = $message;
}
}
}
$new_messages[] = $data;
if ($gotold) {
updateStandaloneFile('dynmap_webchat.json', json_encode($new_messages));
<?php
require_once 'MySQL_funcs.php';
if ($loginenabled) {
$rslt = getStandaloneFile('dynmap_access.php');
eval($rslt);
}
