API tools faq
paste
Guest User

Untitled

a guest
Apr 15th, 2017
75
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.57 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. $games = array(
  4. 'td',
  5. 'ra',
  6. 'ts',
  7. 'dta',
  8. 'yr',
  9. 'd2',
  10. );
  11.  
  12. header('Content-type: text/plain');
  13.  
  14. $game = isset($_POST['game']) ? $_POST['game'] : false;
  15.  
  16. if (!in_array($game, $games)) {
  17. header('400 Bad Request');
  18. echo 'Game not supported';
  19. exit;
  20. }
  21.  
  22. if (count($_FILES) == 0) {
  23. header('400 Bad Request');
  24. echo 'Zip file missing.';
  25. exit;
  26. }
  27.  
  28. $upload = array_pop($_FILES);
  29.  
  30. if ($upload['error']) {
  31. header('500 Internal Server Error');
  32. echo 'Something went wrong on server side while processing upload. The uploaded file could have been too big.';
  33. exit;
  34. }
  35.  
  36. if ($upload['size'] > 1024 * 1024) {
  37. header('400 Bad Request');
  38. echo 'Uploaded file over size limit.';
  39. exit;
  40. }
  41.  
  42. if (!preg_match('/^([a-z0-9]+).zip$/i', $upload['name'], $m)) {
  43. header('400 Bad Request');
  44. echo 'Zip file name not a valid hex value.';
  45. exit;
  46. }
  47.  
  48. $sha1 = strtolower($m[1]);
  49. $zipName = $game . '/' . $sha1 . '.zip';
  50.  
  51. if (file_exists($zipName)) {
  52. echo 'Map already uploaded, but thanks anyway.<br>';
  53. //exit;
  54. }
  55.  
  56. // Creates new variable of zip archive type and opens .zip file of uploader.
  57. $zip = new ZipArchive();
  58. $res = $zip->open($upload['tmp_name']);
  59.  
  60. if ($res !== true) {
  61. header('400 Bad Request');
  62. echo 'Uploaded file not a valid Zip.';
  63. exit;
  64. }
  65.  
  66. if ($game == 'd2') {
  67.  
  68. // Extraction of temporary files to check validity.
  69. $tempDir = "$game/tmp/";
  70. $zip->extractTo($tempDir);
  71. $tempZipName = $tempDir . "/" . $sha1;
  72. $map = "$tempZipName.map";
  73. $ini = "$tempZipName.ini";
  74. $tempZipMisName = $tempDir . "/_" . $sha1;
  75. $mis = "$tempZipMisName.mis";
  76. $handle = fopen($map, "rb");
  77.  
  78. $height = unpack('s', fread($handle, 2))[1];
  79. $width = unpack('s', fread($handle, 2))[1];
  80.  
  81. $returnVal = 1;
  82.  
  83. // Check if height is valid.
  84. if ($height > 128)
  85. {
  86. $returnVal = 0;
  87. }
  88.  
  89. // Check if width is valid.
  90. if ($width > 128)
  91. {
  92. $returnVal = 0;
  93. }
  94.  
  95. // Check if file size is valid.
  96. if (($height * $width * 4) + 4 != filesize($map))
  97. {
  98. $returnVal = 0;
  99. }
  100.  
  101. $cellCount = $height * $width;
  102.  
  103. if ($returnVal == 1)
  104. {
  105. // Check if all cells are valid.
  106. for ($iter = 1; $iter<= $cellCount; $iter++)
  107. {
  108. $tile = unpack('s', fread($handle, 2))[1];
  109.  
  110. //Check tile index value of the cell.
  111. if ($tile >= 800)
  112. {
  113. //$returnVal = 0;
  114. }
  115.  
  116. $special = unpack('s', fread($handle, 2))[1];
  117.  
  118. //Check special index value of the cell.
  119. if ($special >= 1000)
  120. {
  121. //$returnVal = 0;
  122. }
  123. }
  124. }
  125.  
  126. // Check if the .ini file is of text type.
  127. if (strcmp(mime_content_type($ini),"text/plain") != 0) {
  128. //$returnVal = 0;
  129. }
  130.  
  131. //echo $returnVal;
  132.  
  133. // Check if .mis file size is 68066.
  134. if (filesize($mis) != 68066 ) {
  135. //$returnVal = 0;
  136. }
  137.  
  138. // Removal of temporary files for file checks
  139. fclose($handle);
  140. unlink ($map);
  141. unlink ($mis);
  142. unlink ($ini);
  143. rmdir($tempDir);
  144.  
  145. $mapData = null;
  146. $iniData = null;
  147. $misData = null;
  148.  
  149. for ($i = 0; $i < 3; $i++) {
  150. $tmp = $zip->statIndex($i);
  151.  
  152. if ($tmp['size'] > 128 * 128 * 8) {
  153. header('400 Bad Request');
  154. echo 'Map file larger than expected.';
  155. exit;
  156. }
  157. // Loads file content into variable.
  158. if (is_array($tmp) && preg_match('/\.map$/i', $tmp['name'])) {
  159. $mapData = $zip->getFromIndex($i);
  160. } else if (is_array($tmp) && preg_match('/\.ini$/i', $tmp['name'])) {
  161. $iniData = $zip->getFromIndex($i);
  162. } else if (is_array($tmp) && preg_match('/\.mis$/i', $tmp['name'])) {
  163. $misData = $zip->getFromIndex($i);
  164. }
  165. }
  166.  
  167. if ($mapData === null) {
  168. header('400 Bad Request');
  169. echo 'Map file not found in Zip.';
  170. exit;
  171. }
  172.  
  173. if ($iniData === null) {
  174. header('400 Bad Request');
  175. echo 'Map ini file not found in Zip.';
  176. exit;
  177. }
  178.  
  179. $res = $zip->open($zipName, ZipArchive::CREATE);
  180. if ($res !== true) {
  181. header('500 Internal Server Error');
  182. echo 'Server failed to save map zip, sorry.';
  183. exit;
  184. }
  185.  
  186. // Adds files to zip file and saves them.
  187. $zip->addFromString($sha1 . '.map', $mapData);
  188.  
  189. $zip->addFromString($sha1 . '.ini', $iniData);
  190.  
  191.  
  192. if ($misData)
  193. $zip->addFromString('_' . $sha1 . '.mis', $misData);
  194.  
  195.  
  196. $zip->close();
  197.  
  198. echo 'Upload succeeded!';
  199.  
  200.  
  201. exit;
  202. }
  203.  
  204. header('500 Internal Server Error');
  205. echo 'Request not handled for some reason';
  206. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!