diff --git a/database/getMarketplaceIconData.php b/database/getMarketplaceIconData.php new file mode 100644 index 0000000..a7effbf --- /dev/null +++ b/database/getMarketplaceIconData.php @@ -0,0 +1,24 @@ +prepare("SELECT data FROM marketplaceicons WHERE birdicon = ?"); +$stmt->bind_param("s", $birdicon); +$stmt->execute(); +$result = $stmt->get_result(); + +if ($result->num_rows > 0) { + $row = $result->fetch_assoc(); + echo encrypt(json_encode(["success" => true, "data" => $row['data']])); +} else { + echo encrypt(json_encode(["success" => false, "message" => "Icon not found"])); +} + +$stmt->close(); +$conn->close(); \ No newline at end of file diff --git a/database/getMarketplaceIcons.php b/database/getMarketplaceIcons.php new file mode 100644 index 0000000..bef31ed --- /dev/null +++ b/database/getMarketplaceIcons.php @@ -0,0 +1,19 @@ +prepare(" + SELECT c.data, u.username, u.id, c.price, c.name, c.uuid + FROM marketplaceicons c + JOIN users u ON c.userId = u.id + WHERE u.banned = 0 AND c.state = 1 + ORDER BY c.id ASC +"); +$stmt->execute(); +$result = $stmt->get_result(); + +echo encrypt(json_encode(array_map(fn($row) => ['username' => $row['username'], 'userid' => $row['id'], 'data' => $row['data'], 'uuid' => $row['uuid'], 'price' => $row['price'], 'name' => base64_decode($row['name'])], $result->fetch_all(MYSQLI_ASSOC)))); + +$conn->close(); \ No newline at end of file diff --git a/database/uploadMarketplaceIcon.php b/database/uploadMarketplaceIcon.php new file mode 100644 index 0000000..54b0e12 --- /dev/null +++ b/database/uploadMarketplaceIcon.php @@ -0,0 +1,60 @@ + false, "message" => "Invalid image uploaded"])); +$decoded = base64_decode($filecontent, true); +if (!$decoded) exitWithMessage(json_encode(["success" => false, "message" => "Invalid image uploaded"])); +if (strlen($decoded) > 1024 * 1024) exitWithMessage(json_encode(["success" => false, "message" => "File size exceeds 1 MB limit"])); +$info = getimagesizefromstring($decoded); +if (!$info) exitWithMessage(json_encode(["success" => false, "message" => "Invalid image uploaded"])); +if ($info[2] !== IMAGETYPE_PNG) exitWithMessage(json_encode(["success" => false, "message" => "Image must be a PNG"])); +if ($info[0] !== 128 || $info[1] !== 128) exitWithMessage(json_encode(["success" => false, "message" => "Invalid has to be 128x128"])); + +$conn = newConnection(); + +$stmt = $conn->prepare("SELECT * FROM users WHERE token = ? AND username = ?"); +$stmt->bind_param("ss", $token, $username); +$stmt->execute(); +$result = $stmt->get_result(); +$row = $result->fetch_assoc(); +if (!$row) exitWithMessage(json_encode(["success" => false, "message" => "Invalid session token or username, please refresh login"])); +$stmt->close(); + +$id = $row["id"]; +$time = time(); +$hash = hash('sha512', base64_decode($filecontent)); + +$stmt = $conn->prepare("SELECT id FROM marketplaceicons WHERE hash = ?"); +$stmt->bind_param("s", $hash); +$stmt->execute(); +$result = $stmt->get_result(); +if ($result->fetch_assoc()) { + $stmt->close(); + exitWithMessage(json_encode(["success" => false, "message" => "This icon already exists in the marketplace"])); +} +$stmt->close(); + +$uuid = Uuid::uuid4()->toString(); + +$stmt = $conn->prepare("INSERT INTO marketplaceicons (uuid, userId, data, hash, price, name, timestamp) VALUES (?, ?, ?, ?, ?, ?, ?)"); +$stmt->bind_param("sissisi", $uuid, $id, $filecontent, $hash, $price, $name, $time); +$stmt->execute(); +$insertId = $conn->insert_id; +$stmt->close(); + +echo encrypt(json_encode(["success" => true])); + +$conn->close(); \ No newline at end of file