if (api_get_setting('allow_social_tool') != 'true') {
$url = api_get_path(WEB_CODE_PATH) . 'auth/profile.php';
header('Location: ' . $url);
exit;
}
$userGroup = new UserGroup();
//fast upload image
if (api_get_setting('profile', 'picture') == 'true') {
$form = new FormValidator('profile', 'post', 'home.php', null, array());
// PICTURE
$form->addElement('file', 'picture', get_lang('AddImage'));
$form->add_progress_bar();
if (!empty($user_data['picture_uri'])) {
$form->addElement('checkbox', 'remove_picture', null, get_lang('DelImage'));
}
$allowed_picture_types = api_get_supported_image_extensions();
$form->addRule('picture', get_lang('OnlyImagesAllowed') . ' (' . implode(',', $allowed_picture_types) . ')', 'filetype', $allowed_picture_types);
$form->addButtonSave(get_lang('SaveSettings'), 'apply_change');
if ($form->validate()) {
$user_data = $form->getSubmitValues();
// upload picture if a new one is provided
if ($_FILES['picture']['size']) {
if ($new_picture = UserManager::update_user_picture(api_get_user_id(), $_FILES['picture']['name'], $_FILES['picture']['tmp_name'])) {
$table_user = Database::get_main_table(TABLE_MAIN_USER);
$sql = "UPDATE {$table_user}\n SET picture_uri = '{$new_picture}' WHERE user_id = " . api_get_user_id();
$result = Database::query($sql);
}
}
}
}
//Block Menu
/**
* Creates new user photos in various sizes of a user, or deletes user photos.
* Note: This method relies on configuration setting from main/inc/conf/profile.conf.php
* @param int $user_id The user internal identification number.
* @param string $file The common file name for the newly created photos.
* It will be checked and modified for compatibility with the file system.
* If full name is provided, path component is ignored.
* If an empty name is provided, then old user photos are deleted only,
* @see UserManager::delete_user_picture() as the prefered way for deletion.
* @param string $source_file The full system name of the image from which user photos will be created.
* @return string/bool Returns the resulting common file name of created images which usually should be stored in database.
* When deletion is requested returns empty string. In case of internal error or negative validation returns FALSE.
*/
public static function update_user_picture($user_id, $file = null, $source_file = null)
{
if (empty($user_id)) {
return false;
}
$delete = empty($file);
if (empty($source_file)) {
$source_file = $file;
}
// User-reserved directory where photos have to be placed.
$path_info = self::get_user_picture_path_by_id($user_id, 'system');
$path = $path_info['dir'];
// If this directory does not exist - we create it.
if (!file_exists($path)) {
mkdir($path, api_get_permissions_for_new_directories(), true);
}
// The old photos (if any).
$old_file = $path_info['file'];
// Let us delete them.
if (!empty($old_file)) {
if (KEEP_THE_OLD_IMAGE_AFTER_CHANGE) {
$prefix = 'saved_' . date('Y_m_d_H_i_s') . '_' . uniqid('') . '_';
@rename($path . 'small_' . $old_file, $path . $prefix . 'small_' . $old_file);
@rename($path . 'medium_' . $old_file, $path . $prefix . 'medium_' . $old_file);
@rename($path . 'big_' . $old_file, $path . $prefix . 'big_' . $old_file);
@rename($path . $old_file, $path . $prefix . $old_file);
} else {
@unlink($path . 'small_' . $old_file);
@unlink($path . 'medium_' . $old_file);
@unlink($path . 'big_' . $old_file);
@unlink($path . $old_file);
}
}
// Exit if only deletion has been requested. Return an empty picture name.
if ($delete) {
return '';
}
// Validation 2.
$allowed_types = api_get_supported_image_extensions();
$file = str_replace('\\', '/', $file);
$filename = ($pos = strrpos($file, '/')) !== false ? substr($file, $pos + 1) : $file;
$extension = strtolower(substr(strrchr($filename, '.'), 1));
if (!in_array($extension, $allowed_types)) {
return false;
}
// This is the common name for the new photos.
if (KEEP_THE_NAME_WHEN_CHANGE_IMAGE && !empty($old_file)) {
$old_extension = strtolower(substr(strrchr($old_file, '.'), 1));
$filename = in_array($old_extension, $allowed_types) ? substr($old_file, 0, -strlen($old_extension)) : $old_file;
$filename = substr($filename, -1) == '.' ? $filename . $extension : $filename . '.' . $extension;
} else {
$filename = api_replace_dangerous_char($filename);
if (PREFIX_IMAGE_FILENAME_WITH_UID) {
$filename = uniqid('') . '_' . $filename;
}
// We always prefix user photos with user ids, so on setting
// api_get_setting('split_users_upload_directory') === 'true'
// the correspondent directories to be found successfully.
$filename = $user_id . '_' . $filename;
}
// Storing the new photos in 4 versions with various sizes.
$small = self::resize_picture($source_file, 22);
$medium = self::resize_picture($source_file, 85);
$normal = self::resize_picture($source_file, 200);
$big = new Image($source_file);
// This is the original picture.
$ok = $small && $small->send_image($path . 'small_' . $filename) && $medium && $medium->send_image($path . 'medium_' . $filename) && $normal && $normal->send_image($path . $filename) && $big && $big->send_image($path . 'big_' . $filename);
return $ok ? $filename : false;
}
/**
* Send File attachment (jpg,png)
* @author Anibal Copitan
* @param int $userId id user
* @param array $fileAttach
* @param int $messageId id message (relation with main message)
* @param string $fileComment description attachment file
* @return bool
*/
public static function sendWallMessageAttachmentFile($userId, $fileAttach, $messageId, $fileComment = '')
{
$tbl_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT);
// create directory
$social = '/social/';
$pathMessageAttach = UserManager::getUserPathById($userId, 'system') . 'message_attachments' . $social;
$safeFileComment = Database::escape_string($fileComment);
$safeFileName = Database::escape_string($fileAttach['name']);
$extension = strtolower(substr(strrchr($safeFileName, '.'), 1));
$allowedTypes = api_get_supported_image_extensions();
if (!in_array($extension, $allowedTypes)) {
$flag = false;
} else {
$newFileName = uniqid('') . '.' . $extension;
if (!file_exists($pathMessageAttach)) {
@mkdir($pathMessageAttach, api_get_permissions_for_new_directories(), true);
}
$newPath = $pathMessageAttach . $newFileName;
if (is_uploaded_file($fileAttach['tmp_name'])) {
@copy($fileAttach['tmp_name'], $newPath);
}
$small = self::resize_picture($newPath, IMAGE_WALL_SMALL_SIZE);
$medium = self::resize_picture($newPath, IMAGE_WALL_MEDIUM_SIZE);
$big = new Image($newPath);
$ok = $small && $small->send_image($pathMessageAttach . IMAGE_WALL_SMALL . '_' . $newFileName) && $medium && $medium->send_image($pathMessageAttach . IMAGE_WALL_MEDIUM . '_' . $newFileName) && $big && $big->send_image($pathMessageAttach . IMAGE_WALL_BIG . '_' . $newFileName);
// Insert
$newFileName = $social . $newFileName;
$params = ['filename' => $safeFileName, 'comment' => $safeFileComment, 'path' => $newFileName, 'message_id' => $messageId, 'size' => $fileAttach['size']];
Database::insert($tbl_message_attach, $params);
$flag = true;
}
return $flag;
}
