function handleJSON_changeImageProfile($smarty, $module_name)
{
global $arrConf;
Header('Content-Type: application/json');
$arrCredentials = getUserCredentials($_SESSION['elastix_user']);
$pDB = new paloDB($arrConf['elastix_dsn']["elastix"]);
$pACL = new paloACL($pDB);
$jsonObject = new PaloSantoJSON();
$idUser = $arrCredentials['idUser'];
foreach ($_FILES['picture']['error'] as $key => $error) {
if ($error == UPLOAD_ERR_OK) {
$pictureUpload = $_FILES['picture']['name'][$key];
if (!preg_match("/^(\\w|-|\\.|\\(|\\)|\\s)+\\.(png|PNG|JPG|jpg|JPEG|jpeg)\$/", $pictureUpload)) {
$jsonObject->set_error(_tr("Invalid file extension.- It must be png or jpg or jpeg"));
return $jsonObject->createJSON();
} elseif (preg_match("/(\\.php)/", $pictureUpload)) {
$jsonObject->set_error(_tr("Possible file upload attack."));
return $jsonObject->createJSON();
} else {
if (is_uploaded_file($_FILES['picture']['tmp_name'][$key])) {
$ancho = 159;
$alto = 159;
redimensionarImagen($_FILES['picture']['tmp_name'][$key], $_FILES['picture']['tmp_name'][$key], $ancho, $alto);
$picture_type = $_FILES['picture']['type'][$key];
$picture_content = file_get_contents($_FILES['picture']['tmp_name'][$key]);
$Exito = $pACL->setUserPicture($idUser, $picture_type, $picture_content);
if ($Exito === false) {
$jsonObject->set_error(_tr("Image couldn't be upload."));
return $jsonObject->createJSON();
}
} else {
$jsonObject->set_error(_tr("Possible file upload attack. Filename") . " : " . $pictureUpload);
return $jsonObject->createJSON();
}
}
$url = "index.php?menu=_elastixutils&action=getImage&ID={$idUser}&rawmode=yes";
$jsonObject->set_message($url);
return $jsonObject->createJSON();
}
}
return $jsonObject->createJSON();
}
function uploadImage($idUser, $pDB, &$error)
{
$pACL = new paloACL($pDB);
$pictureUpload = $_FILES['picture']['name'];
$Exito = false;
//valido el tipo de archivo
// \w cualquier caracter, letra o guion bajo
// \s cualquier espacio en blanco
if (!preg_match("/^(\\w|-|\\.|\\(|\\)|\\s)+\\.(png|PNG|JPG|jpg|JPEG|jpeg)\$/", $pictureUpload)) {
$error = _tr("Invalid file extension.- It must be png or jpg or jpeg");
} elseif (preg_match("/(\\.php)/", $pictureUpload)) {
$error = _tr("Possible file upload attack.");
} else {
if (is_uploaded_file($_FILES['picture']['tmp_name'])) {
$ancho = 240;
$alto = 200;
redimensionarImagen($_FILES['picture']['tmp_name'], $_FILES['picture']['tmp_name'], $ancho, $alto);
$picture_type = $_FILES['picture']['type'];
$picture_content = file_get_contents($_FILES['picture']['tmp_name']);
$Exito = $pACL->setUserPicture($idUser, $picture_type, $picture_content);
if ($Exito === false) {
$error = "Image couldn't be upload";
}
} else {
$error = _tr("Possible file upload attack. Filename") . " : " . $pictureUpload;
}
}
return $Exito;
}
