clockwerk-www – Rev 44
?pathlinks?
<?php
///////////////////////////////////////////////////////////////////////////
// Copyright (C) Wizardry and Steamworks 2014 - License: MIT //
///////////////////////////////////////////////////////////////////////////
// Hostname or IP of your OpenSim MySQL server.
$MYSQL_HOSTNAME='localhost';
// Username of the OpenSim MySQL user.
$MYSQL_USERNAME='opensim';
// Password of the OpenSim MySQL user.
$MYSQL_PASSWORD='***';
// Name of the OpenSim database on the MySQL server.
$MYSQL_DATABASE='opensim';
require_once 'lib/recaptchalib.php';
require_once 'lib/wasRemoteAdmin.php';
define('RECAPTCHA_PRIVATE_KEY', '6Lcz9ukSAAAAAC3u90rcOIdnNnaK_JgMjrOsSzZr');
$first = $_GET["first"];
$last = $_GET["last"];
$region = $_GET["region"];
$password = $_GET["password"];
$resp = recaptcha_check_answer(RECAPTCHA_PRIVATE_KEY,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if ($resp->is_valid) {
$req = new wasRemoteAdmin('http://127.0.0.1:10000', 'opensim');
$ret = $req->admin_authenticate_user($first, $last, MD5($password), '1');
$rep = new SimpleXMLElement($ret);
foreach($rep->params->param->value->struct->member as $member) {
if ($member->name == "success" && $member->value->boolean == "0") {
echo 'Sorry, wrong password.';
exit;
}
}
try {
$mysql = new PDO('mysql:host='.$MYSQL_HOSTNAME.';dbname='.$MYSQL_DATABASE.';', $MYSQL_USERNAME, $MYSQL_PASSWORD);
$mysql->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$query = $mysql->prepare("SELECT RegionName FROM regions WHERE owner_uuid=(SELECT PrincipalID FROM UserAccounts WHERE FirstName=:first AND LastName=:last)");
$query->bindParam(':first', $first);
$query->bindParam(':last', $last);
$query->execute();
}
catch(PDOException $e) {
print 'The given agent is not the owner of the region to download.';
return 1;
}
while ($result = $query->fetchObject()) {
if ($result->RegionName == $region) {
$oar_path = '/var/lib/oar/'.$region.'/'.$region.'.oar';
if (file_exists($oar_path)) {
header('Content-Description: File Transfer');
header('Content-Type: application/x-gzip-compressed');
header('Content-Disposition: attachment; filename='.basename($oar_path));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: '.filesize($oar_path));
readfile($oar_path);
exit;
}
}
}
}
echo '<p>Sorry, incorrect CAPTCHA. Please try again.</p>';