public function onUpload(WC_Challenge $chall) { $module = Module_WeChall::instance(); $form = $this->getForm($chall); if (false === ($file = $form->getVar('image'))) { return GWF_HTML::error('Smile', array($chall->lang('err_no_image'))); } if (!GWF_Upload::isImageFile($file)) { return GWF_HTML::error('Smile', array($chall->lang('err_no_image'))); } if (false === GWF_Upload::resizeImage($file, 64, 64, 16, 16)) { return GWF_HTML::error('Smile', array($chall->lang('err_no_image'))); } $whitelist = array('.jpg', '.jpeg', '.gif', '.png'); $filename = $file['name']; $allowed = false; foreach ($whitelist as $allow) { if (Common::endsWith($filename, $allow)) { $allowed = true; break; } } if (strpos($filename, '.php') !== false) { $allowed = false; } if (!preg_match('/^[\\x00-\\x7f]+$/D', $filename)) { return GWF_HTML::error('Smile Path', array($chall->lang('err_ascii'))); } if (!$allowed) { return GWF_HTML::error('Smile', array($chall->lang('err_no_image'))); } $fullpath = "challenge/livinskull/smile/smiles/{$filename}"; $efp = htmlspecialchars($fullpath); if (false === ($file = GWF_Upload::moveTo($file, $fullpath))) { return GWF_HTML::err('ERR_WRITE_FILE', array($efp)); } $efp = htmlspecialchars($fullpath); $rule = htmlspecialchars("<img src=\"/{$efp}\" />"); return GWF_HTML::message('Smile', $chall->lang('msg_uploaded', array($rule))); }
public function onSetLogo(WC_Site $site, $is_admin) { $form = $this->getFormLogo($site, $is_admin); if (false !== ($errors = $form->validate($this->module))) { return $errors; } # Upload Icon if (false === ($file = $form->getVar('new_logo'))) { return $this->module->error('err_no_logo'); } // if (!(GWF_Upload::isImageFile($file))) { // return $this->module->error('err_no_logo'); // } if (false === GWF_Upload::resizeImage($file, 32, 32, 32, 32)) { return $this->module->error('err_no_logo'); } $sid = $site->getID(); $filename = 'dbimg/logo/' . $sid; if (false === ($file = GWF_Upload::moveTo($file, $filename))) { return $this->module->error('err_write_logo', array($filename)); } # Convert to GIF if (false === ($img = imagecreatefromstring(file_get_contents($filename)))) { return $this->module->error('err_no_logo'); } $filenamegif = 'dbimg/logo_gif/' . $sid . '.gif'; if (false === imagegif($img, $filenamegif)) { return $this->module->error('err_write_logo', array($filenamegif)); } imagedestroy($img); $site->increase('site_logo_v', 1); $site->saveOption(WC_Site::HAS_LOGO); }
private function saveAvatar(array $file) { if (!GWF_Upload::isImageFile($file)) { return $this->module->error('err_no_image'); } if (false === GWF_Upload::resizeImage($file, $this->module->cfgAvatarMaxWidth(), $this->module->cfgAvatarMaxHeight(), $this->module->cfgAvatarMinWidth(), $this->module->cfgAvatarMinHeight())) { return $this->module->error('err_no_image'); } $user = GWF_Session::getUser(); $uid = $user->getID(); if (false === ($file = GWF_Upload::moveTo($file, 'dbimg/avatar/' . $uid))) { return $this->module->error('err_write_avatar'); } $user->saveOption(GWF_User::HAS_AVATAR, true); $user->increase('user_avatar_v', 1); return $this->module->message('msg_avatar_saved'); }