Cameron-D/README

## README
This is more of just a proof-of-concept, build off it, it currently has several potential security flaws and is completely untested.

At least it should give you a rough idea of one way to handle the skin upload stuff.

## accept.php
<?php
if(!isset($_POST['username']) && !isset($_POST['image'])) {
    die("haaaaaxxx!");
}

$username = $_POST['username']; //sanity-check
$decoded = bade64_decode($_POST['image']);
$handle = fopen($username . ".png", 'wb'); //open user image in binary mode
fwrite($handle,$decoded);
fclose($handle);
echo("OK");
?>

## skinupload.php
<?php
//have a html form with a file upload named "skin"
//obviously you should sanity-check that it is a PNG file and stuff, this is just concept.

//
// IMAGE ENCODING
//

$handle = fopen($_FILES['skin']['tmp_name'], "r"); //open uploaded temp file
$imgbinary = fread(fopen($imgfile, "r"), filesize($imgfile)); //read the file contents
$encoded = base64_encode($imgbinary); //encode with base64
unset($imgbinary); //
fclose($handle); //free memory
unset($handle); //

//
//FILE TRANSFER
//
$skinscript = "http://skins.evilminecraft.tnet/accept.php";
$data = array (
    "username" => $_SESSION['username'],
    "image" => $encoded
);

$ch = curl_init ($skinscript);
curl_setopt ($ch, CURLOPT_POST, true);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
$returndata = curl_exec($ch);

if($returndata!="OK") {
    //failed
} else {
    //win!
}
?>
	This is more of just a proof-of-concept, build off it, it currently has several potential security flaws and is completely untested.

	At least it should give you a rough idea of one way to handle the skin upload stuff.
	<?php
	if(!isset($_POST['username']) && !isset($_POST['image'])) {
	die("haaaaaxxx!");
	}

	$username = $_POST['username']; //sanity-check
	$decoded = bade64_decode($_POST['image']);
	$handle = fopen($username . ".png", 'wb'); //open user image in binary mode
	fwrite($handle,$decoded);
	fclose($handle);
	echo("OK");
	?>
	<?php
	//have a html form with a file upload named "skin"
	//obviously you should sanity-check that it is a PNG file and stuff, this is just concept.

	//
	// IMAGE ENCODING
	//

	$handle = fopen($_FILES['skin']['tmp_name'], "r"); //open uploaded temp file
	$imgbinary = fread(fopen($imgfile, "r"), filesize($imgfile)); //read the file contents
	$encoded = base64_encode($imgbinary); //encode with base64
	unset($imgbinary); //
	fclose($handle); //free memory
	unset($handle); //

	//
	//FILE TRANSFER
	//
	$skinscript = "http://skins.evilminecraft.tnet/accept.php";
	$data = array (
	"username" => $_SESSION['username'],
	"image" => $encoded
	);

	$ch = curl_init ($skinscript);
	curl_setopt ($ch, CURLOPT_POST, true);
	curl_setopt ($ch, CURLOPT_POSTFIELDS, $data);
	curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
	$returndata = curl_exec($ch);

	if($returndata!="OK") {
	//failed
	} else {
	//win!
	}
	?>