AriasCreations/AVsitter
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Whitespace-only changes.

Browse source 
- Remove CR before LF to allow Git to use system-specific line terminators.
- Expand tabs to spaces.
- Remove spaces at end of line.
This commit is contained in:
Sei Lisa 2017-08-31 12:08:57 +02:00
parent eb0164ff0a
commit f97f8c5a5b
2 changed files with 577 additions and 577 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

586
AVsitter2/Utilities/Noob-detector.lsl
View file

@ -1,293 +1,293 @@
/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* Copyright (c) the AVsitter Contributors (http://avsitter.github.io)
* AVsitter™ is a trademark. For trademark use policy see:
* https://avsitter.github.io/TRADEMARK.mediawiki
*
* Please consider supporting continued development of AVsitter and
* receive automatic updates and other benefits! All details and user
* instructions can be found at http://avsitter.github.io
*/
/*
* Things not implemented:
* ~ perms of the object
* ~ creator of the object
* ~ which platform/world (OpenSim/SL)
*/
integer sendToSupport=FALSE;
integer sendItems = TRUE;
string support_avi = "";
string disclaimer = "This script will inspect your object and create a link you can share with others.\n\nClick OK to proceed.";
string start_message = "Preparing info, please wait...";
string end_message = "Inspection complete! Script removed.";
string product = "Noob Detector";
string version = "1.3";
list allowed_products = ["AVpos","[AV]menu","[AV]object"];
string out;
string next_out;
list notecards_to_read;
key notecard_query;
integer notecard_index;
integer notecard_line;
list item_types = ["TEXTURE","SOUND","LANDMARK","CLOTHING","OBJECT","NOTECARD","SCRIPT","BODYPART","ANIMATION","GESTURE","ALL TYPES"];
list item_ints = [0,1,3,5,6,7,10,13,20,21];
integer menu_channel;
string url = "https://avsitter.com/settings.php";
string cache;
string webkey;
integer webcount;
add_out(string say, integer force){
cache+=say;
if(!force){
cache+="\n";
}
if(llStringLength(llEscapeURL(cache))>1024 || force){
webcount++;
llHTTPRequest(url, [HTTP_METHOD,"POST",HTTP_MIMETYPE,"application/x-www-form-urlencoded",HTTP_VERIFY_CERT,FALSE], "w="+webkey+"&c="+(string)webcount+"&t="+llEscapeURL(cache));
cache="";
}
}
remove_script(){
llOwnerSay("Diagnostic script removed.");
llRemoveInventory(llGetScriptName());
}
default {
state_entry(){
integer i;
for(i=0;i<llGetListLength(allowed_products);i++){
if (llGetInventoryType(llList2String(allowed_products,i))!= INVENTORY_NONE){
state permission;
}
}
llOwnerSay("Sorry, could not find correct product for this script.");
remove_script();
}
}
state permission {
state_entry(){
llSetTimerEvent(120);
llListen(menu_channel=((integer)llFrand(0x7FFFFF80)+1)*-1,"","","");
llDialog(llGetOwner(),product+" "+version+"\n\n"+disclaimer,["OK"],menu_channel);//RLV
}
timer(){
remove_script();
}
listen(integer listen_channel, string name, key id, string message){
if(message=="OK"){
state running;
}
else{
remove_script();
}
}
}
state running {
http_response(key request_id, integer status, list metadata, string body){
llOwnerSay(body);
}
state_entry(){
webkey=(string)llGenerateKey();
llDialog(llGetOwner(),product+" "+version+"\n\n"+start_message,["OK"],menu_channel);
llOwnerSay(start_message);
add_out("Share this info to get help with your AVsitter build!\n",FALSE);
add_out("----START----",FALSE);
add_out("user: "+llKey2Name(llGetOwner())+" ("+(string)llGetOwner()+")",FALSE);
list object_perms_owner;
integer perms = llGetObjectPermMask(MASK_OWNER);
if (perms & PERM_COPY) object_perms_owner += "C";
if (perms & PERM_MODIFY) object_perms_owner += "M";
if (perms & PERM_TRANSFER) object_perms_owner += "T";
list object_perms_next;
perms = llGetObjectPermMask(MASK_NEXT);
if (perms & PERM_COPY) object_perms_next += "C";
if (perms & PERM_MODIFY) object_perms_next += "M";
if (perms & PERM_TRANSFER) object_perms_next += "T";
add_out("owner perms:["+llDumpList2String(object_perms_owner,"/")+"]",FALSE);
add_out("next perms:["+llDumpList2String(object_perms_next,"/")+"]",FALSE);
// Total prims
add_out("total prims: "+(string)llGetObjectPrimCount(llGetKey()),FALSE);
// Link number
add_out("my link number: "+(string)llGetLinkNumber(),FALSE);
// Read through all prims giving name and description
add_out("\n----PRIMS----",FALSE);
add_out("Prim, Name, Desc",FALSE);
integer i;
if(llGetObjectPrimCount(llGetKey())>1){
i=1;
}
while (i<=llGetObjectPrimCount(llGetKey())){
list data = llGetLinkPrimitiveParams(i,[PRIM_NAME,PRIM_DESC]);
add_out((string)i+", "+llDumpList2String(data,", "),FALSE);
i++;
if(llGetObjectPrimCount(llGetKey())==1){
jump end;
}
}
@end;
// Inventory
string line;
integer j;
for (j=0;j<llGetListLength(item_types);j++){
integer type = llList2Integer(item_ints,j);
integer type_heading_sent=FALSE;
integer count=0; // need this instead of using i because otherwise there's a gap in numbering when we skip this script
for (i=0;i<llGetInventoryNumber(type);i++){
if(!type_heading_sent){
add_out("\n----"+llList2String(item_types,j)+"S----",FALSE);
type_heading_sent=TRUE;
}
string name = llGetInventoryName(type,i);
if(name!=llGetScriptName()){
list perms_owner;
perms = llGetInventoryPermMask(name, MASK_OWNER);
if (perms & PERM_COPY){
perms_owner += "C";
if (perms & PERM_TRANSFER){
//if(name=="AVpos"){
if(sendItems && type!=INVENTORY_ANIMATION){
if(sendToSupport){
llGiveInventory(support_avi,name);
}
}
//}
}
if (type==INVENTORY_NOTECARD){
if (perms & PERM_COPY){
notecards_to_read+=name; // read notecard!
}
}
}
if (perms & PERM_MODIFY) perms_owner += "M";
if (perms & PERM_TRANSFER) perms_owner += "T";
list perms_next;
perms = llGetInventoryPermMask(name, MASK_NEXT);
if (perms & PERM_COPY) perms_next += "C";
if (perms & PERM_MODIFY) perms_next += "M";
if (perms & PERM_TRANSFER) perms_next += "T";
string warnings;
integer index = llSubStringIndex(name," ");
if(index!=-1){
warnings+="~DOUBLE-SPACE IN NAME!~";
}
if(type==INVENTORY_SCRIPT){
if(llGetScriptState(name)==FALSE){
warnings+="~NOT RUNNING!~";
}
}
count++;
add_out((string)count+"."+name+" ["+llDumpList2String(perms_owner,"/")+"]["+llDumpList2String(perms_next,"/")+"]"+warnings,FALSE);
}
}
}
state read_notecards;
}
}
state read_notecards{
state_entry(){
if(llList2String(notecards_to_read,notecard_index)!=""){
add_out("\n"+llList2String(notecards_to_read,notecard_index)+" (notecard)\n-----------",FALSE);
notecard_query=llGetNotecardLine(llList2String(notecards_to_read,notecard_index),notecard_line);
}
else{
state end;
}
}
dataserver(key query_id, string body){
if(query_id == notecard_query){
if (body != EOF){
add_out(body,FALSE);
notecard_query=llGetNotecardLine(llList2String(notecards_to_read,notecard_index),++notecard_line);
}
else{
notecard_index++;
if(llList2String(notecards_to_read,notecard_index)!=""){
notecard_line=0;
string line = "\n"+llList2String(notecards_to_read,notecard_index)+"\n-----------";
add_out(line,FALSE);
notecard_query=llGetNotecardLine(llList2String(notecards_to_read,notecard_index),notecard_line);
}
else{
state end;
}
}
}
}
}
state end{
state_entry(){
add_out("\nSummary created by the \"Noob-detector script\" from the AVsitter2 utilities box (https://avsitter.github.io/avsitter2_utilities.html)",FALSE);
add_out("\n\n----END----\n\nend",TRUE);
string url_final = url+"?q="+webkey;
llOwnerSay(end_message);
llOwnerSay("Your link is: "+url_final);
if(sendToSupport){
llInstantMessage(support_avi,url_final);
}
llLoadURL(llGetOwner(),end_message+" Get link from chat or click here.",url_final);
llRemoveInventory(llGetScriptName());
}
}
/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* Copyright (c) the AVsitter Contributors (http://avsitter.github.io)
* AVsitter™ is a trademark. For trademark use policy see:
* https://avsitter.github.io/TRADEMARK.mediawiki
*
* Please consider supporting continued development of AVsitter and
* receive automatic updates and other benefits! All details and user
* instructions can be found at http://avsitter.github.io
*/
/*
* Things not implemented:
* ~ perms of the object
* ~ creator of the object
* ~ which platform/world (OpenSim/SL)
*/
integer sendToSupport=FALSE;
integer sendItems = TRUE;
string support_avi = "";
string disclaimer = "This script will inspect your object and create a link you can share with others.\n\nClick OK to proceed.";
string start_message = "Preparing info, please wait...";
string end_message = "Inspection complete! Script removed.";
string product = "Noob Detector";
string version = "1.3";
list allowed_products = ["AVpos","[AV]menu","[AV]object"];
string out;
string next_out;
list notecards_to_read;
key notecard_query;
integer notecard_index;
integer notecard_line;
list item_types = ["TEXTURE","SOUND","LANDMARK","CLOTHING","OBJECT","NOTECARD","SCRIPT","BODYPART","ANIMATION","GESTURE","ALL TYPES"];
list item_ints = [0,1,3,5,6,7,10,13,20,21];
integer menu_channel;
string url = "https://avsitter.com/settings.php";
string cache;
string webkey;
integer webcount;
add_out(string say, integer force){
cache+=say;
if(!force){
cache+="\n";
}
if(llStringLength(llEscapeURL(cache))>1024 || force){
webcount++;
llHTTPRequest(url, [HTTP_METHOD,"POST",HTTP_MIMETYPE,"application/x-www-form-urlencoded",HTTP_VERIFY_CERT,FALSE], "w="+webkey+"&c="+(string)webcount+"&t="+llEscapeURL(cache));
cache="";
}
}
remove_script(){
llOwnerSay("Diagnostic script removed.");
llRemoveInventory(llGetScriptName());
}
default {
state_entry(){
integer i;
for(i=0;i<llGetListLength(allowed_products);i++){
if (llGetInventoryType(llList2String(allowed_products,i))!= INVENTORY_NONE){
state permission;
}
}
llOwnerSay("Sorry, could not find correct product for this script.");
remove_script();
}
}
state permission {
state_entry(){
llSetTimerEvent(120);
llListen(menu_channel=((integer)llFrand(0x7FFFFF80)+1)*-1,"","","");
llDialog(llGetOwner(),product+" "+version+"\n\n"+disclaimer,["OK"],menu_channel);//RLV
}
timer(){
remove_script();
}
listen(integer listen_channel, string name, key id, string message){
if(message=="OK"){
state running;
}
else{
remove_script();
}
}
}
state running {
http_response(key request_id, integer status, list metadata, string body){
llOwnerSay(body);
}
state_entry(){
webkey=(string)llGenerateKey();
llDialog(llGetOwner(),product+" "+version+"\n\n"+start_message,["OK"],menu_channel);
llOwnerSay(start_message);
add_out("Share this info to get help with your AVsitter build!\n",FALSE);
add_out("----START----",FALSE);
add_out("user: "+llKey2Name(llGetOwner())+" ("+(string)llGetOwner()+")",FALSE);
list object_perms_owner;
integer perms = llGetObjectPermMask(MASK_OWNER);
if (perms & PERM_COPY) object_perms_owner += "C";
if (perms & PERM_MODIFY) object_perms_owner += "M";
if (perms & PERM_TRANSFER) object_perms_owner += "T";
list object_perms_next;
perms = llGetObjectPermMask(MASK_NEXT);
if (perms & PERM_COPY) object_perms_next += "C";
if (perms & PERM_MODIFY) object_perms_next += "M";
if (perms & PERM_TRANSFER) object_perms_next += "T";
add_out("owner perms:["+llDumpList2String(object_perms_owner,"/")+"]",FALSE);
add_out("next perms:["+llDumpList2String(object_perms_next,"/")+"]",FALSE);
// Total prims
add_out("total prims: "+(string)llGetObjectPrimCount(llGetKey()),FALSE);
// Link number
add_out("my link number: "+(string)llGetLinkNumber(),FALSE);
// Read through all prims giving name and description
add_out("\n----PRIMS----",FALSE);
add_out("Prim, Name, Desc",FALSE);
integer i;
if(llGetObjectPrimCount(llGetKey())>1){
i=1;
}
while (i<=llGetObjectPrimCount(llGetKey())){
list data = llGetLinkPrimitiveParams(i,[PRIM_NAME,PRIM_DESC]);
add_out((string)i+", "+llDumpList2String(data,", "),FALSE);
i++;
if(llGetObjectPrimCount(llGetKey())==1){
jump end;
}
}
@end;
// Inventory
string line;
integer j;
for (j=0;j<llGetListLength(item_types);j++){
integer type = llList2Integer(item_ints,j);
integer type_heading_sent=FALSE;
integer count=0; // need this instead of using i because otherwise there's a gap in numbering when we skip this script
for (i=0;i<llGetInventoryNumber(type);i++){
if(!type_heading_sent){
add_out("\n----"+llList2String(item_types,j)+"S----",FALSE);
type_heading_sent=TRUE;
}
string name = llGetInventoryName(type,i);
if(name!=llGetScriptName()){
list perms_owner;
perms = llGetInventoryPermMask(name, MASK_OWNER);
if (perms & PERM_COPY){
perms_owner += "C";
if (perms & PERM_TRANSFER){
//if(name=="AVpos"){
if(sendItems && type!=INVENTORY_ANIMATION){
if(sendToSupport){
llGiveInventory(support_avi,name);
}
}
//}
}
if (type==INVENTORY_NOTECARD){
if (perms & PERM_COPY){
notecards_to_read+=name; // read notecard!
}
}
}
if (perms & PERM_MODIFY) perms_owner += "M";
if (perms & PERM_TRANSFER) perms_owner += "T";
list perms_next;
perms = llGetInventoryPermMask(name, MASK_NEXT);
if (perms & PERM_COPY) perms_next += "C";
if (perms & PERM_MODIFY) perms_next += "M";
if (perms & PERM_TRANSFER) perms_next += "T";
string warnings;
integer index = llSubStringIndex(name," ");
if(index!=-1){
warnings+="~DOUBLE-SPACE IN NAME!~";
}
if(type==INVENTORY_SCRIPT){
if(llGetScriptState(name)==FALSE){
warnings+="~NOT RUNNING!~";
}
}
count++;
add_out((string)count+"."+name+" ["+llDumpList2String(perms_owner,"/")+"]["+llDumpList2String(perms_next,"/")+"]"+warnings,FALSE);
}
}
}
state read_notecards;
}
}
state read_notecards{
state_entry(){
if(llList2String(notecards_to_read,notecard_index)!=""){
add_out("\n"+llList2String(notecards_to_read,notecard_index)+" (notecard)\n-----------",FALSE);
notecard_query=llGetNotecardLine(llList2String(notecards_to_read,notecard_index),notecard_line);
}
else{
state end;
}
}
dataserver(key query_id, string body){
if(query_id == notecard_query){
if (body != EOF){
add_out(body,FALSE);
notecard_query=llGetNotecardLine(llList2String(notecards_to_read,notecard_index),++notecard_line);
}
else{
notecard_index++;
if(llList2String(notecards_to_read,notecard_index)!=""){
notecard_line=0;
string line = "\n"+llList2String(notecards_to_read,notecard_index)+"\n-----------";
add_out(line,FALSE);
notecard_query=llGetNotecardLine(llList2String(notecards_to_read,notecard_index),notecard_line);
}
else{
state end;
}
}
}
}
}
state end{
state_entry(){
add_out("\nSummary created by the \"Noob-detector script\" from the AVsitter2 utilities box (https://avsitter.github.io/avsitter2_utilities.html)",FALSE);
add_out("\n\n----END----\n\nend",TRUE);
string url_final = url+"?q="+webkey;
llOwnerSay(end_message);
llOwnerSay("Your link is: "+url_final);
if(sendToSupport){
llInstantMessage(support_avi,url_final);
}
llLoadURL(llGetOwner(),end_message+" Get link from chat or click here.",url_final);
llRemoveInventory(llGetScriptName());
}
}

568
php/settings.php Executable file → Normal file
View file

@ -1,285 +1,285 @@
<?php
/*
MIT License
Copyright (c) 2017
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
*/
header("Content-Type: text/plain; charset=utf-8");
error_reporting(E_ERROR | E_WARNING | E_PARSE);
ini_set('display_errors', '1');
$dbhost = 'localhost'; // database host
$dbuser = '?'; // database user
$dbpass = '?'; // database password
$dbname = '?'; // database name
$avpos_table='avpos';
$email_to="you@yourmail.com"; // your email (for error reporting)
$email_from="you@yourhost.com"; // your server's sending email (for error reporting)
$allow_install = false; // enable to allow action=install (clear/format database)
$check_ip = false; // enable to check the sim ip submitting the data is in the allowed range
$link = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname) or die("Error " . mysqli_error($link));
if (mysqli_connect_errno()) {
die ("Connect failed: " . mysqli_connect_error());
}
if($_REQUEST['action']=="install" && $allow_install==true){
$sql = "DROP TABLE IF EXISTS $avpos_table;";
$result = mysqli_query($link,$sql) or die("Error creating table: ".mysqli_error($link));
$sql = "CREATE TABLE IF NOT EXISTS $avpos_table (
`id` int(11) NOT NULL auto_increment,
`webkey` varchar(36) default NULL,
`owner_uuid` varchar(36) default NULL,
`owner_name` varchar(63) default NULL,
`text` TEXT default NULL,
`keep` tinyint(1) default 0,
`count` int(5) default NULL,
`ip` varbinary(16) defult NULL,
`timestamp` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
PRIMARY KEY (`id`),
UNIQUE (`webkey`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1;";
$result = mysqli_query($link,$sql) or die("Error formatting table: ".mysqli_error($link));
if($result) {
echo "Your tables have been formatted!";
}
else{
echo "Oops! There were some problems. You should check your config and try again: ".mysqli_error($link);
}
}
else if(isset($_REQUEST['w'])){ // write to a record
$given_webkey = mysqli_real_escape_string($link, $_REQUEST['w']);
$ip_address = $_SERVER['REMOTE_ADDR'];
$ip_packed = mysqli_real_escape_string($link, inet_pton($ip_address));
if(!isValidGuid($given_webkey)){
echo "INVALID WEBKEY";
}
else{
$headers = parse_llHTTPRequest_headers();
$owner_key = mysqli_real_escape_string($link, $headers['X-SecondLife-Owner-Key']);
$object_name = mysqli_real_escape_string($link, $headers['X-SecondLife-Object-Name']);
$owner_name = mysqli_real_escape_string($link, $headers['X-SecondLife-Owner-Name']);
$object_key = mysqli_real_escape_string($link, $headers['X-SecondLife-Object-Key']);
$region = mysqli_real_escape_string($link, trim(substr($headers['X-SecondLife-Region'],0,strrpos($headers['X-SecondLife-Region'],'('))));
$position_array = explode(', ',substr($_SERVER['HTTP_X_SECONDLIFE_LOCAL_POSITION'],1,-1));
$slurl = $region . "/" . round($position_array[0]) . "/" . round($position_array[1]) . "/" . round($position_array[2]);
if(!isValidGuid($owner_key)){
echo "INVALID USER";
}
else{
$given_count = intval($_REQUEST['c']);
$given_text = mysqli_real_escape_string($link, $_REQUEST['t']);
$sql = "SELECT * FROM $avpos_table WHERE webkey = '$given_webkey'";
$result = mysqli_query($link,$sql) or email_death("ERR01: " . mysqli_error($link));
if(mysqli_num_rows($result) == 0){ // a new webkey
if($given_count == 1){
if(!isAllowedIP($ip_address)){
$response = "BAD IP";
$sql = "INSERT INTO $avpos_table (owner_uuid,owner_name,webkey,text,count,ip,timestamp)
VALUES ('$owner_key','$owner_name','$given_webkey','The IP address of the sim ($ip_address) was not in the allowed range. Please report the problem if you think this is in error.','10001','$ip_packed',NOW())";
}
else{
$response = "ADDED NEW";
if(endsWith($_REQUEST['t'],"\n\nend")){
$given_count+=10000;
$response = "FINISHING";
}
$sql = "INSERT INTO $avpos_table (owner_uuid,owner_name,webkey,text,count,ip,timestamp)
VALUES ('$owner_key','$owner_name','$given_webkey','$given_text','$given_count','$ip_packed',NOW())";
}
$result = mysqli_query($link,$sql) or email_death("ERR02: " . mysqli_error($link));
}
else{
$response = "WRONG COUNT";
}
}
else{ // an existing webkey
if(!isAllowedIP($ip_address)){
$response = "BAD IP";
}
else{
$row = mysqli_fetch_assoc($result);
$newtext = mysqli_real_escape_string($link,$row['text']) . $given_text;
if($row['count']+1 == $given_count){
$response = "ADDING";
if(endsWith($_REQUEST['t'],"\n\nend")){
$given_count+=10000;
$response = "FINISHING";
}
$sql = "UPDATE $avpos_table SET
text = '$newtext',
count = '$given_count',
timestamp = NOW()
WHERE webkey = '$given_webkey'";
$result = mysqli_query($link,$sql) or email_death("ERR03: " . mysqli_error($link));
}
else{
$response = "WRONG COUNT";
}
}
}
echo $response;
}
}
}
else if(isset($_REQUEST['q'])){ // read a record
$given_webkey = mysqli_real_escape_string($link, $_REQUEST['q']);
$sql = "SELECT * FROM $avpos_table WHERE webkey = '$given_webkey'";
$result = mysqli_query($link,$sql) or email_death("ERR04: " . mysqli_error($link));
if(mysqli_num_rows($result) == 0){
$out= "Not found. Expired links are deleted.";
}
else{
$row = mysqli_fetch_assoc($result);
if($row['count']>10000){
$out.= $row['text'];
if(1==2){ // switch on to 'keep' any record that ever was accessed
$sql = "UPDATE $avpos_table SET
keep = '1'
WHERE webkey = '$given_webkey'";
$result = mysqli_query($link,$sql) or email_death("ERR05: " . mysqli_error($link));
}
// delete all entries older than 10 minutes that are not flagged keep
$sql = "DELETE FROM $avpos_table WHERE timestamp < DATE_SUB(NOW(), INTERVAL 10 MINUTE) AND keep = '0'";
$result = mysqli_query($link,$sql) or email_death("ERR06: " . mysqli_error($link));
}
else{
$out.="Data was incomplete, please try again.\n\nThis feature is new and experimental - you're welcome to report any issues.";
}
}
echo $out;
}
function parse_llHTTPRequest_headers(){
$position_array = explode(', ',substr($_SERVER['HTTP_X_SECONDLIFE_LOCAL_POSITION'],1,-1));
$rotation_array = explode(', ',substr($_SERVER['HTTP_X_SECONDLIFE_LOCAL_ROTATION'],1,-1));
$velocity_array = explode(', ',substr($_SERVER['HTTP_X_SECONDLIFE_LOCAL_VELOCITY'],1,-1));
list($global_x,$global_y) = explode(',',trim(substr($_SERVER['HTTP_X_SECONDLIFE_REGION'],$position_of_left_bracket + 1,-1)));
$region_array = array($region_name,(integer)$global_x,(integer)$global_y);
$headers = array('Accept'=>$_SERVER['HTTP_ACCEPT'],
'User-Agent'=>$_SERVER['HTTP_USER_AGENT'],
'X-SecondLife-Shard'=>$_SERVER['HTTP_X_SECONDLIFE_SHARD'],
'X-SecondLife-Object-Name'=>$_SERVER['HTTP_X_SECONDLIFE_OBJECT_NAME'],
'X-SecondLife-Object-Key'=>$_SERVER['HTTP_X_SECONDLIFE_OBJECT_KEY'],
'X-SecondLife-Region'=>$_SERVER['HTTP_X_SECONDLIFE_REGION'],
'X-SecondLife-Region-Array'=> $region_array,
'X-SecondLife-Local-Position'=>array( 'x'=>(float)$position_array[0],'y'=>(float)$position_array[1],'z'=>(float)$position_array[2]),
'X-SecondLife-Local-Rotation'=>array( 'x'=>(float)$rotation_array[0],'y'=>(float)$rotation_array[1],'z'=>(float)$rotation_array[2],'w'=>(float)$rotation_array[3]),
'X-SecondLife-Local-Velocity'=>array( 'x'=>(float)$velocity_array[0],'y'=>(float)$velocity_array[1],'z'=>(float)$velocity_array[2]),
'X-SecondLife-Owner-Name'=>$_SERVER['HTTP_X_SECONDLIFE_OWNER_NAME'],
'X-SecondLife-Owner-Key'=>$_SERVER['HTTP_X_SECONDLIFE_OWNER_KEY']
);
if(!strstr($headers['X-SecondLife-Owner-Name'],' ') && $_POST['X-SecondLife-Owner-Name']){
$headers['X-SecondLife-Owner-Name'] == $_POST['X-SecondLife-Owner-Name'];
}
if(is_array($headers)){
return $headers;
}
else{
return FALSE;
}
}
function isValidGuid($guid){
return !empty($guid) && preg_match('/^\{?[a-zA-Z0-9]{8}-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{12}\}?$/', $guid);
}
function email_death($error){
$body.="\n";
$body.="\n\$_SERVER\n";
foreach($_SERVER as $key_name => $key_value) {
$body.= $key_name . " = " . $key_value . "\n";
}
$body.="\n\$_GET\n";
foreach($_GET as $key_name => $key_value) {
$body.= $key_name . " = " . $key_value . "\n";
}
$body.="\n\$_POST\n";
foreach($_POST as $key_name => $key_value) {
$body.= $key_name . " = " . $key_value . "\n";
}
$to = $GLOBALS['email_to'];
$subject = "avsitter: $error";
$email_headers = "From: ". $GLOBALS['email_from'] ."\r\n" . "X-Mailer: php";
mail($to, $subject, $body, $email_headers);
die($error);
}
function startsWith($haystack, $needle) {
// search backwards starting from haystack length characters from the end
return $needle === "" || strrpos($haystack, $needle, -strlen($haystack)) !== FALSE;
}
function endsWith($haystack, $needle) {
// search forward starting from end minus needle length characters
return $needle === "" || (($temp = strlen($haystack) - strlen($needle)) >= 0 && strpos($haystack, $needle, $temp) !== FALSE);
}
function isAllowedIP($ip){
if($GLOBALS['check_ip']==false){
return true;
}
$llsubnets = array(
"8.2.32.0/22",
"8.4.128.0/22",
"8.10.144.0/21",
"63.210.156.0/22",
"64.154.220.0/22",
"216.82.0.0/18"
);
foreach($llsubnets as $range){
if(ip_in_range($ip,$range)) return true;
}
return false;
}
// check if an ip_address in a particular range
function ip_in_range( $ip, $range ) {
// $range is in IP/CIDR format eg 127.0.0.1/24
list( $range, $netmask ) = explode( '/', $range, 2 );
$range_decimal = ip2long( $range );
$ip_decimal = ip2long( $ip );
$wildcard_decimal = pow( 2, ( 32 - $netmask ) ) - 1;
$netmask_decimal = ~ $wildcard_decimal;
return ( ( $ip_decimal & $netmask_decimal ) == ( $range_decimal & $netmask_decimal ) );
}
<?php
/*
MIT License
Copyright (c) 2017
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
*/
header("Content-Type: text/plain; charset=utf-8");
error_reporting(E_ERROR | E_WARNING | E_PARSE);
ini_set('display_errors', '1');
$dbhost = 'localhost'; // database host
$dbuser = '?'; // database user
$dbpass = '?'; // database password
$dbname = '?'; // database name
$avpos_table='avpos';
$email_to="you@yourmail.com"; // your email (for error reporting)
$email_from="you@yourhost.com"; // your server's sending email (for error reporting)
$allow_install = false; // enable to allow action=install (clear/format database)
$check_ip = false; // enable to check the sim ip submitting the data is in the allowed range
$link = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname) or die("Error " . mysqli_error($link));
if (mysqli_connect_errno()) {
die ("Connect failed: " . mysqli_connect_error());
}
if($_REQUEST['action']=="install" && $allow_install==true){
$sql = "DROP TABLE IF EXISTS $avpos_table;";
$result = mysqli_query($link,$sql) or die("Error creating table: ".mysqli_error($link));
$sql = "CREATE TABLE IF NOT EXISTS $avpos_table (
`id` int(11) NOT NULL auto_increment,
`webkey` varchar(36) default NULL,
`owner_uuid` varchar(36) default NULL,
`owner_name` varchar(63) default NULL,
`text` TEXT default NULL,
`keep` tinyint(1) default 0,
`count` int(5) default NULL,
`ip` varbinary(16) defult NULL,
`timestamp` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
PRIMARY KEY (`id`),
UNIQUE (`webkey`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1;";
$result = mysqli_query($link,$sql) or die("Error formatting table: ".mysqli_error($link));
if($result) {
echo "Your tables have been formatted!";
}
else{
echo "Oops! There were some problems. You should check your config and try again: ".mysqli_error($link);
}
}
else if(isset($_REQUEST['w'])){ // write to a record
$given_webkey = mysqli_real_escape_string($link, $_REQUEST['w']);
$ip_address = $_SERVER['REMOTE_ADDR'];
$ip_packed = mysqli_real_escape_string($link, inet_pton($ip_address));
if(!isValidGuid($given_webkey)){
echo "INVALID WEBKEY";
}
else{
$headers = parse_llHTTPRequest_headers();
$owner_key = mysqli_real_escape_string($link, $headers['X-SecondLife-Owner-Key']);
$object_name = mysqli_real_escape_string($link, $headers['X-SecondLife-Object-Name']);
$owner_name = mysqli_real_escape_string($link, $headers['X-SecondLife-Owner-Name']);
$object_key = mysqli_real_escape_string($link, $headers['X-SecondLife-Object-Key']);
$region = mysqli_real_escape_string($link, trim(substr($headers['X-SecondLife-Region'],0,strrpos($headers['X-SecondLife-Region'],'('))));
$position_array = explode(', ',substr($_SERVER['HTTP_X_SECONDLIFE_LOCAL_POSITION'],1,-1));
$slurl = $region . "/" . round($position_array[0]) . "/" . round($position_array[1]) . "/" . round($position_array[2]);
if(!isValidGuid($owner_key)){
echo "INVALID USER";
}
else{
$given_count = intval($_REQUEST['c']);
$given_text = mysqli_real_escape_string($link, $_REQUEST['t']);
$sql = "SELECT * FROM $avpos_table WHERE webkey = '$given_webkey'";
$result = mysqli_query($link,$sql) or email_death("ERR01: " . mysqli_error($link));
if(mysqli_num_rows($result) == 0){ // a new webkey
if($given_count == 1){
if(!isAllowedIP($ip_address)){
$response = "BAD IP";
$sql = "INSERT INTO $avpos_table (owner_uuid,owner_name,webkey,text,count,ip,timestamp)
VALUES ('$owner_key','$owner_name','$given_webkey','The IP address of the sim ($ip_address) was not in the allowed range. Please report the problem if you think this is in error.','10001','$ip_packed',NOW())";
}
else{
$response = "ADDED NEW";
if(endsWith($_REQUEST['t'],"\n\nend")){
$given_count+=10000;
$response = "FINISHING";
}
$sql = "INSERT INTO $avpos_table (owner_uuid,owner_name,webkey,text,count,ip,timestamp)
VALUES ('$owner_key','$owner_name','$given_webkey','$given_text','$given_count','$ip_packed',NOW())";
}
$result = mysqli_query($link,$sql) or email_death("ERR02: " . mysqli_error($link));
}
else{
$response = "WRONG COUNT";
}
}
else{ // an existing webkey
if(!isAllowedIP($ip_address)){
$response = "BAD IP";
}
else{
$row = mysqli_fetch_assoc($result);
$newtext = mysqli_real_escape_string($link,$row['text']) . $given_text;
if($row['count']+1 == $given_count){
$response = "ADDING";
if(endsWith($_REQUEST['t'],"\n\nend")){
$given_count+=10000;
$response = "FINISHING";
}
$sql = "UPDATE $avpos_table SET
text = '$newtext',
count = '$given_count',
timestamp = NOW()
WHERE webkey = '$given_webkey'";
$result = mysqli_query($link,$sql) or email_death("ERR03: " . mysqli_error($link));
}
else{
$response = "WRONG COUNT";
}
}
}
echo $response;
}
}
}
else if(isset($_REQUEST['q'])){ // read a record
$given_webkey = mysqli_real_escape_string($link, $_REQUEST['q']);
$sql = "SELECT * FROM $avpos_table WHERE webkey = '$given_webkey'";
$result = mysqli_query($link,$sql) or email_death("ERR04: " . mysqli_error($link));
if(mysqli_num_rows($result) == 0){
$out= "Not found. Expired links are deleted.";
}
else{
$row = mysqli_fetch_assoc($result);
if($row['count']>10000){
$out.= $row['text'];
if(1==2){ // switch on to 'keep' any record that ever was accessed
$sql = "UPDATE $avpos_table SET
keep = '1'
WHERE webkey = '$given_webkey'";
$result = mysqli_query($link,$sql) or email_death("ERR05: " . mysqli_error($link));
}
// delete all entries older than 10 minutes that are not flagged keep
$sql = "DELETE FROM $avpos_table WHERE timestamp < DATE_SUB(NOW(), INTERVAL 10 MINUTE) AND keep = '0'";
$result = mysqli_query($link,$sql) or email_death("ERR06: " . mysqli_error($link));
}
else{
$out.="Data was incomplete, please try again.\n\nThis feature is new and experimental - you're welcome to report any issues.";
}
}
echo $out;
}
function parse_llHTTPRequest_headers(){
$position_array = explode(', ',substr($_SERVER['HTTP_X_SECONDLIFE_LOCAL_POSITION'],1,-1));
$rotation_array = explode(', ',substr($_SERVER['HTTP_X_SECONDLIFE_LOCAL_ROTATION'],1,-1));
$velocity_array = explode(', ',substr($_SERVER['HTTP_X_SECONDLIFE_LOCAL_VELOCITY'],1,-1));
list($global_x,$global_y) = explode(',',trim(substr($_SERVER['HTTP_X_SECONDLIFE_REGION'],$position_of_left_bracket + 1,-1)));
$region_array = array($region_name,(integer)$global_x,(integer)$global_y);
$headers = array('Accept'=>$_SERVER['HTTP_ACCEPT'],
'User-Agent'=>$_SERVER['HTTP_USER_AGENT'],
'X-SecondLife-Shard'=>$_SERVER['HTTP_X_SECONDLIFE_SHARD'],
'X-SecondLife-Object-Name'=>$_SERVER['HTTP_X_SECONDLIFE_OBJECT_NAME'],
'X-SecondLife-Object-Key'=>$_SERVER['HTTP_X_SECONDLIFE_OBJECT_KEY'],
'X-SecondLife-Region'=>$_SERVER['HTTP_X_SECONDLIFE_REGION'],
'X-SecondLife-Region-Array'=> $region_array,
'X-SecondLife-Local-Position'=>array( 'x'=>(float)$position_array[0],'y'=>(float)$position_array[1],'z'=>(float)$position_array[2]),
'X-SecondLife-Local-Rotation'=>array( 'x'=>(float)$rotation_array[0],'y'=>(float)$rotation_array[1],'z'=>(float)$rotation_array[2],'w'=>(float)$rotation_array[3]),
'X-SecondLife-Local-Velocity'=>array( 'x'=>(float)$velocity_array[0],'y'=>(float)$velocity_array[1],'z'=>(float)$velocity_array[2]),
'X-SecondLife-Owner-Name'=>$_SERVER['HTTP_X_SECONDLIFE_OWNER_NAME'],
'X-SecondLife-Owner-Key'=>$_SERVER['HTTP_X_SECONDLIFE_OWNER_KEY']
);
if(!strstr($headers['X-SecondLife-Owner-Name'],' ') && $_POST['X-SecondLife-Owner-Name']){
$headers['X-SecondLife-Owner-Name'] == $_POST['X-SecondLife-Owner-Name'];
}
if(is_array($headers)){
return $headers;
}
else{
return FALSE;
}
}
function isValidGuid($guid){
return !empty($guid) && preg_match('/^\{?[a-zA-Z0-9]{8}-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{12}\}?$/', $guid);
}
function email_death($error){
$body.="\n";
$body.="\n\$_SERVER\n";
foreach($_SERVER as $key_name => $key_value) {
$body.= $key_name . " = " . $key_value . "\n";
}
$body.="\n\$_GET\n";
foreach($_GET as $key_name => $key_value) {
$body.= $key_name . " = " . $key_value . "\n";
}
$body.="\n\$_POST\n";
foreach($_POST as $key_name => $key_value) {
$body.= $key_name . " = " . $key_value . "\n";
}
$to = $GLOBALS['email_to'];
$subject = "avsitter: $error";
$email_headers = "From: ". $GLOBALS['email_from'] ."\r\n" . "X-Mailer: php";
mail($to, $subject, $body, $email_headers);
die($error);
}
function startsWith($haystack, $needle) {
// search backwards starting from haystack length characters from the end
return $needle === "" || strrpos($haystack, $needle, -strlen($haystack)) !== FALSE;
}
function endsWith($haystack, $needle) {
// search forward starting from end minus needle length characters
return $needle === "" || (($temp = strlen($haystack) - strlen($needle)) >= 0 && strpos($haystack, $needle, $temp) !== FALSE);
}
function isAllowedIP($ip){
if($GLOBALS['check_ip']==false){
return true;
}
$llsubnets = array(
"8.2.32.0/22",
"8.4.128.0/22",
"8.10.144.0/21",
"63.210.156.0/22",
"64.154.220.0/22",
"216.82.0.0/18"
);
foreach($llsubnets as $range){
if(ip_in_range($ip,$range)) return true;
}
return false;
}
// check if an ip_address in a particular range
function ip_in_range( $ip, $range ) {
// $range is in IP/CIDR format eg 127.0.0.1/24
list( $range, $netmask ) = explode( '/', $range, 2 );
$range_decimal = ip2long( $range );
$ip_decimal = ip2long( $ip );
$wildcard_decimal = pow( 2, ( 32 - $netmask ) ) - 1;
$netmask_decimal = ~ $wildcard_decimal;
return ( ( $ip_decimal & $netmask_decimal ) == ( $range_decimal & $netmask_decimal ) );
}
?>