-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathhandle_pin.php
81 lines (68 loc) · 2.83 KB
/
handle_pin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
<?php
require_once($_SERVER['DOCUMENT_ROOT'] . DIRECTORY_SEPARATOR . "_constants.php");
require_once($_SERVER['DOCUMENT_ROOT'] . DIRECTORY_SEPARATOR . "scripts/catalog_handler.php");
require_once($_SERVER['DOCUMENT_ROOT'] . DIRECTORY_SEPARATOR . "scripts/logger.php");
class Pin_Handler {
public $txid = null;
function handle_pin() {
Logger::lg("Starting a PIN check");
$pin = strtoupper($this->clean_text($_POST['pin']));
if (empty($pin)) {
echo json_encode(['error' => 'No PIN was submitted!']);
die();
}
$this->validate_ip();
$catalog_handler = new Catalog_Handler();
$map = $catalog_handler->get_map($pin);
if (!$map) {
echo json_encode(['error' => 'Sorry, I couldn\'t find a map with that PIN']);
die();
}
$locked = $catalog_handler->is_map_locked($pin);
if ($locked) {
echo json_encode(['error' => 'This map is locked for edits! Contact the project owner if you need to update it.']);
die();
}
$jumpcrouch = isset($map['jumpcrouch']) ? $map['jumpcrouch'] : 0;
$wip = isset($map['wip']) ? $map['wip'] : 0;
$category = $map['category'] ?? 0;
$length = $map['length'] ?? 0;
$difficulty = $map['difficulty'] ?? 0;
$monsters = $map['monsters'] ?? 0;
echo json_encode([
"mapname" => $map['map_name'],
"author" => $map['author'],
"musiccredit" => (isset($map['music_credit']) ? $map['music_credit'] : ''),
"jumpcrouch" => $jumpcrouch,
"wip" => $wip,
"category" => $category,
"length" => $length,
"difficulty" => $difficulty,
"monsters" => $monsters
]);
}
function clean_text($string, $length = 0) {
$string = trim($string);
$string = preg_replace('/[^A-Za-z0-9\-\'! ]/', '', $string); // Removes special chars.
if ($length) {
$string = substr($string, 0, $length);
}
return $string;
}
function validate_ip() {
$ip = $_SERVER['REMOTE_ADDR'];
$filename = 'p' . str_replace(".", "", $ip) . 'p';
$ip_check_file = IPS_FOLDER . $filename;
@mkdir(IPS_FOLDER);
if (file_exists($ip_check_file) && (time() - filemtime($ip_check_file)) < get_setting("PIN_ATTEMPT_GAP")) {
Logger::lg("IP " . $ip . " is trying PINs too fast");
echo json_encode(['error' => 'Hold on a minute before you try another PIN']);
die();
}
file_put_contents($ip_check_file, ":)");
}
}
//Let's make it look like we're working (quick spam discourager)
sleep(2);
$handler = new Pin_Handler();
$handler->handle_pin();