function MakeGif($data)
{
global $config;
$loc = 'badgeli.php->MakeGif';
if (isset($data["UserID"])) {
$userid = intval($data["UserID"]);
} else {
$msg = 'UserID not given.';
log_error($loc, $msg);
return $msg;
}
if (!isset($data["BadgeID"])) {
$msg = 'BadgeID not given for UserID = ' . $userid;
log_error($loc, $msg);
return $msg;
}
if (!isset($data["PicID"])) {
$msg = 'PicID not given for UserID = ' . $userid;
log_error($loc, $msg);
return $msg;
}
$badgeid = $data["BadgeID"];
$picid = intval($data["PicID"]);
if (!VerifyBadgeFormat($badgeid)) {
$msg = 'Bad Badge Format. Must be in form of "A000".';
log_error($loc, $msg);
return $msg;
}
if ($picid <= 0) {
$msg = 'User ' . $userid . ' does not have a picture.';
log_error($loc, $msg);
return $msg;
}
CheckBadgeDir();
// We have a image to put on the badge!
$picfile = PicPathName($picid, 'standard');
// Standard should have more than enough resolution.
$imginfo = @getimagesize($picfile);
if ($imginfo === false) {
$msg = 'Getimagesize() failed on our image: ' . $picfile;
log_error($loc, $msg);
return $msg;
}
$picwidth = $imginfo[0];
$picheight = $imginfo[1];
$picimg = @imagecreatefromjpeg($picfile);
if ($picimg === false) {
$msg = 'imagecreatefromjpeg() failed on our image: ' . $picfile;
log_error($loc, $msg);
return $msg;
}
$scale = 260 / $picheight;
$xsize = intval($picwidth * $scale);
$ysize = intval($picheight * $scale);
$img = imagecreatetruecolor($xsize, $ysize);
$result = @imagecopyresampled($img, $picimg, 0, 0, 0, 0, $xsize, $ysize, $picwidth, $picheight);
if ($result === false) {
$msg = 'imagecopyresized() failed for PidId=' . $picid;
log_error($loc, $msg);
return $msg;
}
$outfile = $config["UploadDir"] . 'gifs/' . $badgeid . '.gif';
$result = imagegif($img, $outfile);
if ($result === false) {
$msg = 'imagegif() failed for PicID=' . $picid;
log_error($loc, $msg);
return $msg;
}
log_msg($loc, 'Image Successfully made for BadgeID= ' . $badgeid . '.');
return true;
}
function UpdateUser($param_list, $userid = 0)
{
global $config;
$loc = "userlib.php->UpdateUser";
$pwchanged = false;
$fields = array(array("LastName", "str"), array("FirstName", "str"), array("PasswordHash", "str"), array("NickName", "str"), array("Title", "str"), array("BadgeID", "str"), array("Email", "str"), array("Tags", "str"), array("Active", "bool"));
if ($userid != 0) {
$sql = "SELECT * FROM Users WHERE UserID=" . intval($userid);
$result = SqlQuery($loc, $sql);
if ($result->num_rows <= 0) {
$error_msg = "Unable to update user. UserID=" . intval($userid) . " not found.";
log_msg($loc, $error_msg);
return $error_msg;
}
} else {
if (!IsFieldInParamList("UserName", $param_list)) {
$error_msg = 'Unable to update user. No UserName or UserID Given.';
log_msg($loc, $error_msg);
return $error_msg;
}
$username = GetValueFromParamList($param_list, "UserName");
$sql = 'SELECT * FROM Users WHERE UserName="******"';
$result = SqlQuery($loc, $sql);
if ($result->num_rows <= 0) {
$error_msg = 'Unable to update user. UserName="******" not found.';
log_msg($loc, $error_msg);
return $error_msg;
}
$row = $result->fetch_assoc();
$userid = intval($row["UserID"]);
}
// If the BadgeID is being changed we need to make sure its not a duplicate.
if (IsFieldInParamList("BadgeID", $param_list)) {
$badgeid = GetValueFromParamList($param_list, "BadgeID");
if (!blank($badgeid)) {
if (!VerifyBadgeFormat($badgeid)) {
$error_msg = 'Unable to update user. Bad Format for BadgeID. Must be in form of "A000".';
log_msg($loc, $error_msg);
return $error_msg;
}
$sql = 'SELECT UserID FROM Users WHERE BadgeID="' . $badgeid . '"';
$result = SqlQuery($loc, $sql);
while ($row = $result->fetch_assoc()) {
if ($row["UserID"] != $userid) {
$error_msg = 'Unable to update user. BadgeID ' . $badgeid . ' already in use.';
log_msg($loc, $error_msg);
return $error_msg;
}
}
}
}
// At this point, move all values into a seperate array, but treat password special.
$data = array();
$c = 0;
foreach ($param_list as $param_spec) {
if (!isset($param_spec["FieldName"])) {
continue;
}
if (!isset($param_spec["Value"])) {
continue;
}
if ($param_spec["FieldName"] == "Password") {
$pw = $param_spec["Value"];
if (empty($pw)) {
continue;
}
$v = crypt($pw, $config["Salt"]);
$pwchanged = true;
$fn = "PasswordHash";
$data[$fn] = $v;
$c++;
continue;
}
$fn = $param_spec["FieldName"];
$v = $param_spec["Value"];
$data[$fn] = $v;
$c++;
}
if ($c <= 0) {
$error_msg = "Unable to update user. UserID=" . intval($userid) . ". Nothing to update.";
log_msg($loc, $error_msg);
return $error_msg;
}
// At this point, we have a userid that we can count on, and the data.
$sql = 'UPDATE Users SET ';
$sql .= GenerateSqlSet($data, $fields);
$sql .= " WHERE UserID=" . intval($userid);
SqlQuery($loc, $sql);
$msg = 'Info for User ' . $userid . ' updated by ' . GetUserName() . '. ';
if ($pwchanged) {
$msg .= '(Including a password change.)';
}
log_msg($loc, $msg);
return true;
}
