function sc_ascii2dec($str)
{
$return = '';
$str = stripNonAscii($str);
$arr = str_split($str, 1);
foreach ($arr as $char) {
$return .= str_pad(ord($char), 3, '0', STR_PAD_LEFT) . ' ';
}
if (!isempty($return)) {
return substr($return, 0, -1);
}
return $return;
}
public function uploadreplay($dispatcher, &$reqData, &$out)
{
global $db;
function stripNonAscii($str)
{
return preg_replace('/[^(\\x20-\\x7F)]+/', '', $str);
}
header('Content-Type: text/plain; charset=utf-8');
if (!isset($_POST['id'])) {
die('ID needed');
}
$id = $_POST['id'];
$res = $db->query("SELECT * FROM `ntbb_replays` WHERE `id` = '" . $db->escape($id) . "'");
$replay = $db->fetch_assoc($res);
if (!$replay) {
if (!preg_match('/^[a-z0-9]+-[a-z0-9]+-[0-9]+$/', $reqData['id'])) {
die('invalid id');
}
die('not found');
}
if (md5(stripNonAscii($_POST['log'])) !== $replay['loghash']) {
$_POST['log'] = str_replace("\r", '', $_POST['log']);
if (md5(stripNonAscii($_POST['log'])) !== $replay['loghash']) {
// Hashes don't match.
// Someone else tried to upload a replay of the same battle,
// while we were uploading this
if ($replay['log']) {
// A log already exists; good enough
die('success');
}
die('hash mismatch');
}
}
$db->query("UPDATE `ntbb_replays` SET `log` = '" . $db->escape($_POST['log']) . "', `loghash` = '' WHERE `id` = '" . $db->escape($id) . "'");
die('success');
}
