Cameron-D · May 31, 2011 13:35
diff --git a/README b/README
 This is more of just a proof-of-concept, build off it, it currently has several potential security flaws and is completely untested.

 At least it should give you a rough idea of one way to handle the skin upload stuff.
diff --git a/accept.php b/accept.php
 <?php
 if(!isset($_POST['username']) && !isset($_POST['image'])) {
    die("haaaaaxxx!");
 }

 $username = $_POST['username']; //sanity-check
 $decoded = bade64_decode($_POST['image']);
 $handle = fopen($username . ".png", 'wb'); //open user image in binary mode
 fwrite($handle,$decoded);
 fclose($handle);
 echo("OK");
 ?>
diff --git a/skinupload.php b/skinupload.php
 <?php
 //have a html form with a file upload named "skin"
 //obviously you should sanity-check that it is a PNG file and stuff, this is just concept.

 //
 // IMAGE ENCODING
 //

 $handle = fopen($_FILES['skin']['tmp_name'], "r"); //open uploaded temp file
 $imgbinary = fread(fopen($imgfile, "r"), filesize($imgfile)); //read the file contents
 $encoded = base64_encode($imgbinary); //encode with base64
 unset($imgbinary); //
 fclose($handle); //free memory
 unset($handle); //

 //
 //FILE TRANSFER
 //
 $skinscript = "http://skins.evilminecraft.tnet/accept.php";
 $data = array (
    "username" => $_SESSION['username'],
    "image" => $encoded
 );

 $ch = curl_init ($skinscript);
 curl_setopt ($ch, CURLOPT_POST, true);
 curl_setopt ($ch, CURLOPT_POSTFIELDS, $data);
 curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
 $returndata = curl_exec($ch);

 if($returndata!="OK") {
    //failed
 } else {
    //win!
 }
 ?>
	This is more of just a proof-of-concept, build off it, it currently has several potential security flaws and is completely untested.

	At least it should give you a rough idea of one way to handle the skin upload stuff.
	<?php
	if(!isset($_POST['username']) && !isset($_POST['image'])) {
	die("haaaaaxxx!");
	}

	$username = $_POST['username']; //sanity-check
	$decoded = bade64_decode($_POST['image']);
	$handle = fopen($username . ".png", 'wb'); //open user image in binary mode
	fwrite($handle,$decoded);
	fclose($handle);
	echo("OK");
	?>
	<?php
	//have a html form with a file upload named "skin"
	//obviously you should sanity-check that it is a PNG file and stuff, this is just concept.

	//
	// IMAGE ENCODING
	//

	$handle = fopen($_FILES['skin']['tmp_name'], "r"); //open uploaded temp file
	$imgbinary = fread(fopen($imgfile, "r"), filesize($imgfile)); //read the file contents
	$encoded = base64_encode($imgbinary); //encode with base64
	unset($imgbinary); //
	fclose($handle); //free memory
	unset($handle); //

	//
	//FILE TRANSFER
	//
	$skinscript = "http://skins.evilminecraft.tnet/accept.php";
	$data = array (
	"username" => $_SESSION['username'],
	"image" => $encoded
	);

	$ch = curl_init ($skinscript);
	curl_setopt ($ch, CURLOPT_POST, true);
	curl_setopt ($ch, CURLOPT_POSTFIELDS, $data);
	curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
	$returndata = curl_exec($ch);

	if($returndata!="OK") {
	//failed
	} else {
	//win!
	}
	?>