172 } |
175 } |
173 else |
176 else |
174 { |
177 { |
175 $to_update_users['account_active'] = "0"; |
178 $to_update_users['account_active'] = "0"; |
176 $to_update_users['activation_key'] = sha1($session->dss_rand()); |
179 $to_update_users['activation_key'] = sha1($session->dss_rand()); |
177 } |
|
178 |
|
179 // Avatar validation |
|
180 $action = ( isset($_POST['avatar_action']) ) ? $_POST['avatar_action'] : 'keep'; |
|
181 $avi_path = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $user_id . '.' . $avi_type; |
|
182 switch($action) |
|
183 { |
|
184 case 'keep': |
|
185 default: |
|
186 break; |
|
187 case 'remove': |
|
188 if ( $has_avi ) |
|
189 { |
|
190 // First switch the avatar off |
|
191 $to_update_users['user_has_avatar'] = '0'; |
|
192 @unlink($avi_path); |
|
193 } |
|
194 break; |
|
195 case 'set_http': |
|
196 case 'set_file': |
|
197 // Hackish way to preserve the UNIX philosophy of reusing as much code as possible |
|
198 if ( $action == 'set_http' ) |
|
199 { |
|
200 // Check if this action is enabled |
|
201 if ( getConfig('avatar_upload_http', 1) !== 1 ) |
|
202 { |
|
203 // non-localized, only appears on hack attempt |
|
204 $errors[] = 'Uploads over HTTP are disabled.'; |
|
205 break; |
|
206 } |
|
207 // Download the file |
|
208 require_once( ENANO_ROOT . '/includes/http.php' ); |
|
209 |
|
210 if ( !preg_match('/^http:\/\/([a-z0-9-\.]+)(:([0-9]+))?\/(.+)$/', $_POST['avatar_http_url'], $match) ) |
|
211 { |
|
212 $errors[] = $lang->get('usercp_avatar_invalid_url'); |
|
213 break; |
|
214 } |
|
215 |
|
216 $hostname = $match[1]; |
|
217 $uri = '/' . $match[4]; |
|
218 $port = ( $match[3] ) ? intval($match[3]) : 80; |
|
219 $max_size = intval(getConfig('avatar_max_size')); |
|
220 |
|
221 // Get temporary file |
|
222 $tempfile = tempnam(false, "enanoavatar_{$user_id}"); |
|
223 if ( !$tempfile ) |
|
224 $errors[] = 'Error getting temp file.'; |
|
225 |
|
226 @unlink($tempfile); |
|
227 $request = new Request_HTTP($hostname, $uri, 'GET', $port); |
|
228 $result = $request->write_response_to_file($tempfile, 50, $max_size); |
|
229 if ( !$result || $request->response_code != HTTP_OK ) |
|
230 { |
|
231 @unlink($tempfile); |
|
232 $errors[] = $lang->get('usercp_avatar_bad_write'); |
|
233 break; |
|
234 } |
|
235 |
|
236 // Response written. Proceed to validation... |
|
237 } |
|
238 else |
|
239 { |
|
240 // Check if this action is enabled |
|
241 if ( getConfig('avatar_upload_file', 1) !== 1 ) |
|
242 { |
|
243 // non-localized, only appears on hack attempt |
|
244 $errors[] = 'Uploads from the browser are disabled.'; |
|
245 break; |
|
246 } |
|
247 |
|
248 $max_size = intval(getConfig('avatar_max_size')); |
|
249 |
|
250 $file =& $_FILES['avatar_file']; |
|
251 $tempfile =& $file['tmp_name']; |
|
252 if ( filesize($tempfile) > $max_size ) |
|
253 { |
|
254 @unlink($tempfile); |
|
255 $errors[] = $lang->get('usercp_avatar_file_too_large'); |
|
256 break; |
|
257 } |
|
258 } |
|
259 $file_type = get_image_filetype($tempfile); |
|
260 if ( !$file_type ) |
|
261 { |
|
262 unlink($tempfile); |
|
263 $errors[] = $lang->get('usercp_avatar_bad_filetype'); |
|
264 break; |
|
265 } |
|
266 |
|
267 $avi_path_new = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $user_id . '.' . $file_type; |
|
268 |
|
269 // The file type is good - validate dimensions and animation |
|
270 switch($file_type) |
|
271 { |
|
272 case 'png': |
|
273 $is_animated = is_png_animated($tempfile); |
|
274 $dimensions = png_get_dimensions($tempfile); |
|
275 break; |
|
276 case 'gif': |
|
277 $is_animated = is_gif_animated($tempfile); |
|
278 $dimensions = gif_get_dimensions($tempfile); |
|
279 break; |
|
280 case 'jpg': |
|
281 $is_animated = false; |
|
282 $dimensions = jpg_get_dimensions($tempfile); |
|
283 break; |
|
284 default: |
|
285 $errors[] = 'API mismatch'; |
|
286 break 2; |
|
287 } |
|
288 // Did we get invalid size data? If so the image is probably corrupt. |
|
289 if ( !$dimensions ) |
|
290 { |
|
291 @unlink($tempfile); |
|
292 $errors[] = $lang->get('usercp_avatar_corrupt_image'); |
|
293 break; |
|
294 } |
|
295 // Is the image animated? |
|
296 if ( $is_animated && getConfig('avatar_enable_anim') !== '1' ) |
|
297 { |
|
298 @unlink($tempfile); |
|
299 $errors[] = $lang->get('usercp_avatar_disallowed_animation'); |
|
300 break; |
|
301 } |
|
302 // Check image dimensions |
|
303 list($image_x, $image_y) = $dimensions; |
|
304 $max_x = intval(getConfig('avatar_max_width')); |
|
305 $max_y = intval(getConfig('avatar_max_height')); |
|
306 if ( $image_x > $max_x || $image_y > $max_y ) |
|
307 { |
|
308 @unlink($tempfile); |
|
309 $errors[] = $lang->get('usercp_avatar_too_large'); |
|
310 break; |
|
311 } |
|
312 // All good! |
|
313 @unlink($avi_path); |
|
314 if ( rename($tempfile, $avi_path_new) ) |
|
315 { |
|
316 $to_update_users['user_has_avatar'] = '1'; |
|
317 $to_update_users['avatar_type'] = $file_type; |
|
318 } |
|
319 else |
|
320 { |
|
321 // move failed - turn avatar off |
|
322 $to_update_users['user_has_avatar'] = '0'; |
|
323 } |
|
324 break; |
|
325 case 'set_gravatar': |
|
326 // set avatar to use Gravatar |
|
327 // first, remove old image |
|
328 if ( $has_avi ) |
|
329 { |
|
330 @unlink($avi_path); |
|
331 } |
|
332 // set to gravatar mode |
|
333 $to_update_users['user_has_avatar'] = '1'; |
|
334 $to_update_users['avatar_type'] = 'grv'; |
|
335 |
|
336 $has_avi = 1; |
|
337 break; |
|
338 } |
180 } |
339 |
181 |
340 if ( count($errors) < 1 ) |
182 if ( count($errors) < 1 ) |
341 { |
183 { |
342 $to_update_users_extra = array(); |
184 $to_update_users_extra = array(); |
420 echo '<div class="info-box">' . $lang->get('acpum_msg_save_success') . '</div>'; |
262 echo '<div class="info-box">' . $lang->get('acpum_msg_save_success') . '</div>'; |
421 } |
263 } |
422 } |
264 } |
423 } |
265 } |
424 |
266 |
425 if ( count($errors) > 0 ) |
267 if ( count($errors) > 0 || $avatar_post_fail ) |
426 { |
268 { |
427 echo '<div class="error-box"> |
269 if ( count($errors) > 0 ) |
428 <b>' . $lang->get('acpum_err_validation_fail') . '</b> |
270 { |
429 <ul> |
271 echo '<div class="error-box"> |
430 <li>' . implode("</li>\n <li>", $errors) . '</li> |
272 <b>' . $lang->get('acpum_err_validation_fail') . '</b> |
431 </ul> |
273 <ul> |
432 </div>'; |
274 <li>' . implode("</li>\n <li>", $errors) . '</li> |
|
275 </ul> |
|
276 </div>'; |
|
277 } |
433 $form = new Admin_UserManager_SmartForm(); |
278 $form = new Admin_UserManager_SmartForm(); |
434 $form->user_id = $user_id; |
279 $form->user_id = $user_id; |
435 $form->username = $username; |
280 $form->username = $username; |
436 $form->email = $email; |
281 $form->email = $email; |
437 $form->real_name = $real_name; |
282 $form->real_name = $real_name; |
1088 |
933 |
1089 <tr> |
934 <tr> |
1090 <td class="row2"> |
935 <td class="row2"> |
1091 {lang:acpum_avatar_lbl_change} |
936 {lang:acpum_avatar_lbl_change} |
1092 </td> |
937 </td> |
1093 <td class="row1"> |
938 <td class="row1" id="avatar_upload_btns_{UUID}"> |
1094 <script type="text/javascript"> |
939 <script type="text/javascript"> |
1095 function admincp_users_avatar_set_{UUID}(elParent) |
940 function admincp_users_avatar_set_{UUID}(elParent) |
1096 { |
941 { |
|
942 $('td#avatar_upload_btns_{UUID} > div:visible').hide('blind'); |
1097 switch(elParent.value) |
943 switch(elParent.value) |
1098 { |
944 { |
1099 case 'keep': |
|
1100 case 'remove': |
|
1101 \$dynano('avatar_upload_http_{UUID}').object.style.display = 'none'; |
|
1102 \$dynano('avatar_upload_file_{UUID}').object.style.display = 'none'; |
|
1103 \$dynano('avatar_upload_gravatar_{UUID}').object.style.display = 'none'; |
|
1104 break; |
|
1105 case 'set_http': |
945 case 'set_http': |
1106 \$dynano('avatar_upload_http_{UUID}').object.style.display = 'block'; |
946 $('#avatar_upload_http_{UUID}').show('blind'); |
1107 \$dynano('avatar_upload_file_{UUID}').object.style.display = 'none'; |
|
1108 \$dynano('avatar_upload_gravatar_{UUID}').object.style.display = 'none'; |
|
1109 break; |
947 break; |
1110 case 'set_file': |
948 case 'set_file': |
1111 \$dynano('avatar_upload_http_{UUID}').object.style.display = 'none'; |
949 $('#avatar_upload_file_{UUID}').show('blind'); |
1112 \$dynano('avatar_upload_file_{UUID}').object.style.display = 'block'; |
|
1113 \$dynano('avatar_upload_gravatar_{UUID}').object.style.display = 'none'; |
|
1114 break; |
950 break; |
1115 case 'set_gravatar': |
951 case 'set_gravatar': |
1116 \$dynano('avatar_upload_gravatar_{UUID}').object.style.display = 'block'; |
952 $('#avatar_upload_gravatar_{UUID}').show('blind'); |
1117 \$dynano('avatar_upload_http_{UUID}').object.style.display = 'none'; |
|
1118 \$dynano('avatar_upload_file_{UUID}').object.style.display = 'none'; |
|
1119 break; |
953 break; |
1120 } |
954 } |
1121 } |
955 } |
1122 </script> |
956 </script> |
1123 <label><input onclick="admincp_users_avatar_set_{UUID}(this);" type="radio" name="avatar_action" value="keep" checked="checked" /> {lang:acpum_avatar_lbl_keep}</label><br /> |
957 <label><input onclick="admincp_users_avatar_set_{UUID}(this);" type="radio" name="avatar_action" value="keep" checked="checked" /> {lang:acpum_avatar_lbl_keep}</label><br /> |