Marketplace icons stuff

database/getMarketplaceIconData.php

@@ -0,0 +1,24 @@
+<?php
+require __DIR__ . '/../incl/util.php';
+setJsonHeader();
+checkClientDatabaseVersion();
+
+$post = getPostData();
+$birdicon = $post['birdicon'] ?? '';
+
+$conn = newConnection();
+
+$stmt = $conn->prepare("SELECT data FROM marketplaceicons WHERE birdicon = ?");
+$stmt->bind_param("s", $birdicon);
+$stmt->execute();
+$result = $stmt->get_result();
+
+if ($result->num_rows > 0) {
+    $row = $result->fetch_assoc();
+    echo encrypt(json_encode(["success" => true, "data" => $row['data']]));
+} else {
+    echo encrypt(json_encode(["success" => false, "message" => "Icon not found"]));
+}
+
+$stmt->close();
+$conn->close();

database/getMarketplaceIcons.php

@@ -0,0 +1,19 @@
+<?php
+require __DIR__ . '/../incl/util.php';
+setJsonHeader();
+checkClientDatabaseVersion();
+$conn = newConnection();
+
+$stmt = $conn->prepare("
+    SELECT c.data, u.username, u.id, c.price, c.name, c.uuid 
+    FROM marketplaceicons c 
+    JOIN users u ON c.userId = u.id 
+    WHERE u.banned = 0 AND c.state = 1 
+    ORDER BY c.id ASC
+");
+$stmt->execute();
+$result = $stmt->get_result();
+
+echo encrypt(json_encode(array_map(fn($row) => ['username' => $row['username'], 'userid' => $row['id'], 'data' => $row['data'], 'uuid' => $row['uuid'], 'price' => $row['price'], 'name' => base64_decode($row['name'])], $result->fetch_all(MYSQLI_ASSOC))));
+
+$conn->close();

database/uploadMarketplaceIcon.php

@@ -0,0 +1,60 @@
+<?php
+require __DIR__ . '/../incl/util.php';
+require __DIR__ . '/../../../../vendor/autoload.php';
+setJsonHeader();
+checkClientDatabaseVersion();
+
+use Ramsey\Uuid\Uuid;
+
+$post = getPostData();
+$token = $post['token'] ?? '';
+$username = $post['username'] ?? '';
+$price = (int)$post['price'] ?? 0;
+$name = $post['name'] ?? '';
+$name = base64_encode($name);
+$filecontent = $post['filecontent'] ?? '';
+
+if (!$filecontent) exitWithMessage(json_encode(["success" => false, "message" => "Invalid image uploaded"]));
+$decoded = base64_decode($filecontent, true);
+if (!$decoded) exitWithMessage(json_encode(["success" => false, "message" => "Invalid image uploaded"]));
+if (strlen($decoded) > 1024 * 1024) exitWithMessage(json_encode(["success" => false, "message" => "File size exceeds 1 MB limit"]));
+$info = getimagesizefromstring($decoded);
+if (!$info) exitWithMessage(json_encode(["success" => false, "message" => "Invalid image uploaded"]));
+if ($info[2] !== IMAGETYPE_PNG) exitWithMessage(json_encode(["success" => false, "message" => "Image must be a PNG"]));
+if ($info[0] !== 128 || $info[1] !== 128) exitWithMessage(json_encode(["success" => false, "message" => "Invalid has to be 128x128"]));
+
+$conn = newConnection();
+
+$stmt = $conn->prepare("SELECT * FROM users WHERE token = ? AND username = ?");
+$stmt->bind_param("ss", $token, $username);
+$stmt->execute();
+$result = $stmt->get_result();
+$row = $result->fetch_assoc();
+if (!$row) exitWithMessage(json_encode(["success" => false, "message" => "Invalid session token or username, please refresh login"]));
+$stmt->close();
+
+$id = $row["id"];
+$time = time();
+$hash = hash('sha512', base64_decode($filecontent));
+
+$stmt = $conn->prepare("SELECT id FROM marketplaceicons WHERE hash = ?");
+$stmt->bind_param("s", $hash);
+$stmt->execute();
+$result = $stmt->get_result();
+if ($result->fetch_assoc()) {
+    $stmt->close();
+    exitWithMessage(json_encode(["success" => false, "message" => "This icon already exists in the marketplace"]));
+}
+$stmt->close();
+
+$uuid = Uuid::uuid4()->toString();
+
+$stmt = $conn->prepare("INSERT INTO marketplaceicons (uuid, userId, data, hash, price, name, timestamp) VALUES (?, ?, ?, ?, ?, ?, ?)");
+$stmt->bind_param("sissisi", $uuid, $id, $filecontent, $hash, $price, $name, $time);
+$stmt->execute();
+$insertId = $conn->insert_id;
+$stmt->close();
+
+echo encrypt(json_encode(["success" => true]));
+
+$conn->close();