/**
* AJAX callback for setting media ID as user avatar
*
* @since 0.1.0
*/
function wp_user_avatars_ajax_assign_media()
{
// check required information and permissions
if (empty($_POST['user_id']) || empty($_POST['media_id']) || empty($_POST['_wpnonce'])) {
die;
}
// Cast values
$media_id = (int) $_POST['media_id'];
$user_id = (int) $_POST['user_id'];
// Bail if current user cannot proceed
if (!current_user_can('edit_avatar', $user_id)) {
die;
}
// Bail if nonce verification fails
if (!wp_verify_nonce($_POST['_wpnonce'], 'assign_wp_user_avatars_nonce')) {
die;
}
// ensure the media is real is an image
if (wp_attachment_is_image($media_id)) {
wp_user_avatars_update_avatar($user_id, $media_id);
}
// Output the new avatar
if (defined('DOING_AJAX') && DOING_AJAX) {
echo get_avatar($user_id, 90);
die;
}
}
/**
* Save any changes to the user profile
*
* @param int $user_id ID of user being updated
*/
function wp_user_avatars_edit_user_profile_update($user_id = 0)
{
// Bail if nonce fails
if (empty($_POST['_wp_user_avatars_nonce']) || !wp_verify_nonce($_POST['_wp_user_avatars_nonce'], 'wp_user_avatars_nonce')) {
return;
}
// Check for upload
if (!empty($_FILES['wp-user-avatars']['name'])) {
// need to be more secure since low privelege users can upload
if (false !== strpos($_FILES['wp-user-avatars']['name'], '.php')) {
add_action('user_profile_update_errors', 'wp_user_avatars_file_extension_error');
return;
}
// front end (theme my profile etc) support
if (!function_exists('wp_handle_upload')) {
require_once ABSPATH . 'wp-admin/includes/file.php';
}
// Override avatar file-size
add_filter('upload_size_limit', 'wp_user_avatars_upload_size_limit');
// Handle upload
$avatar = wp_handle_upload($_FILES['wp-user-avatars'], array('mimes' => array('jpg|jpeg|jpe' => 'image/jpeg', 'gif' => 'image/gif', 'png' => 'image/png'), 'test_form' => false, 'unique_filename_callback' => 'wp_user_avatars_unique_filename_callback'));
remove_filter('upload_size_limit', 'wp_user_avatars_upload_size_limit');
// Failures
if (empty($avatar['file'])) {
// Error feedback
switch ($avatar['error']) {
case 'File type does not meet security guidelines. Try another.':
add_action('user_profile_update_errors', 'wp_user_avatars_file_extension_error');
return;
default:
add_action('user_profile_update_errors', 'wp_user_avatars_generic_error');
return;
}
}
// Update
wp_user_avatars_update_avatar($user_id, $avatar['url']);
}
// Rating
if (isset($avatar['url']) || ($avatar = get_user_meta($user_id, 'wp_user_avatars', true))) {
if (empty($_POST['wp_user_avatars_rating']) || !array_key_exists($_POST['wp_user_avatars_rating'], wp_user_avatars_get_ratings())) {
$_POST['wp_user_avatars_rating'] = key(wp_user_avatars_get_ratings());
}
update_user_meta($user_id, 'wp_user_avatars_rating', $_POST['wp_user_avatars_rating']);
}
}