if (api_get_setting('allow_social_tool') != 'true') { $url = api_get_path(WEB_CODE_PATH) . 'auth/profile.php'; header('Location: ' . $url); exit; } $userGroup = new UserGroup(); //fast upload image if (api_get_setting('profile', 'picture') == 'true') { $form = new FormValidator('profile', 'post', 'home.php', null, array()); // PICTURE $form->addElement('file', 'picture', get_lang('AddImage')); $form->add_progress_bar(); if (!empty($user_data['picture_uri'])) { $form->addElement('checkbox', 'remove_picture', null, get_lang('DelImage')); } $allowed_picture_types = api_get_supported_image_extensions(); $form->addRule('picture', get_lang('OnlyImagesAllowed') . ' (' . implode(',', $allowed_picture_types) . ')', 'filetype', $allowed_picture_types); $form->addButtonSave(get_lang('SaveSettings'), 'apply_change'); if ($form->validate()) { $user_data = $form->getSubmitValues(); // upload picture if a new one is provided if ($_FILES['picture']['size']) { if ($new_picture = UserManager::update_user_picture(api_get_user_id(), $_FILES['picture']['name'], $_FILES['picture']['tmp_name'])) { $table_user = Database::get_main_table(TABLE_MAIN_USER); $sql = "UPDATE {$table_user}\n SET picture_uri = '{$new_picture}' WHERE user_id = " . api_get_user_id(); $result = Database::query($sql); } } } } //Block Menu
/** * Creates new user photos in various sizes of a user, or deletes user photos. * Note: This method relies on configuration setting from main/inc/conf/profile.conf.php * @param int $user_id The user internal identification number. * @param string $file The common file name for the newly created photos. * It will be checked and modified for compatibility with the file system. * If full name is provided, path component is ignored. * If an empty name is provided, then old user photos are deleted only, * @see UserManager::delete_user_picture() as the prefered way for deletion. * @param string $source_file The full system name of the image from which user photos will be created. * @return string/bool Returns the resulting common file name of created images which usually should be stored in database. * When deletion is requested returns empty string. In case of internal error or negative validation returns FALSE. */ public static function update_user_picture($user_id, $file = null, $source_file = null) { if (empty($user_id)) { return false; } $delete = empty($file); if (empty($source_file)) { $source_file = $file; } // User-reserved directory where photos have to be placed. $path_info = self::get_user_picture_path_by_id($user_id, 'system'); $path = $path_info['dir']; // If this directory does not exist - we create it. if (!file_exists($path)) { mkdir($path, api_get_permissions_for_new_directories(), true); } // The old photos (if any). $old_file = $path_info['file']; // Let us delete them. if (!empty($old_file)) { if (KEEP_THE_OLD_IMAGE_AFTER_CHANGE) { $prefix = 'saved_' . date('Y_m_d_H_i_s') . '_' . uniqid('') . '_'; @rename($path . 'small_' . $old_file, $path . $prefix . 'small_' . $old_file); @rename($path . 'medium_' . $old_file, $path . $prefix . 'medium_' . $old_file); @rename($path . 'big_' . $old_file, $path . $prefix . 'big_' . $old_file); @rename($path . $old_file, $path . $prefix . $old_file); } else { @unlink($path . 'small_' . $old_file); @unlink($path . 'medium_' . $old_file); @unlink($path . 'big_' . $old_file); @unlink($path . $old_file); } } // Exit if only deletion has been requested. Return an empty picture name. if ($delete) { return ''; } // Validation 2. $allowed_types = api_get_supported_image_extensions(); $file = str_replace('\\', '/', $file); $filename = ($pos = strrpos($file, '/')) !== false ? substr($file, $pos + 1) : $file; $extension = strtolower(substr(strrchr($filename, '.'), 1)); if (!in_array($extension, $allowed_types)) { return false; } // This is the common name for the new photos. if (KEEP_THE_NAME_WHEN_CHANGE_IMAGE && !empty($old_file)) { $old_extension = strtolower(substr(strrchr($old_file, '.'), 1)); $filename = in_array($old_extension, $allowed_types) ? substr($old_file, 0, -strlen($old_extension)) : $old_file; $filename = substr($filename, -1) == '.' ? $filename . $extension : $filename . '.' . $extension; } else { $filename = api_replace_dangerous_char($filename); if (PREFIX_IMAGE_FILENAME_WITH_UID) { $filename = uniqid('') . '_' . $filename; } // We always prefix user photos with user ids, so on setting // api_get_setting('split_users_upload_directory') === 'true' // the correspondent directories to be found successfully. $filename = $user_id . '_' . $filename; } // Storing the new photos in 4 versions with various sizes. $small = self::resize_picture($source_file, 22); $medium = self::resize_picture($source_file, 85); $normal = self::resize_picture($source_file, 200); $big = new Image($source_file); // This is the original picture. $ok = $small && $small->send_image($path . 'small_' . $filename) && $medium && $medium->send_image($path . 'medium_' . $filename) && $normal && $normal->send_image($path . $filename) && $big && $big->send_image($path . 'big_' . $filename); return $ok ? $filename : false; }
/** * Send File attachment (jpg,png) * @author Anibal Copitan * @param int $userId id user * @param array $fileAttach * @param int $messageId id message (relation with main message) * @param string $fileComment description attachment file * @return bool */ public static function sendWallMessageAttachmentFile($userId, $fileAttach, $messageId, $fileComment = '') { $tbl_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT); // create directory $social = '/social/'; $pathMessageAttach = UserManager::getUserPathById($userId, 'system') . 'message_attachments' . $social; $safeFileComment = Database::escape_string($fileComment); $safeFileName = Database::escape_string($fileAttach['name']); $extension = strtolower(substr(strrchr($safeFileName, '.'), 1)); $allowedTypes = api_get_supported_image_extensions(); if (!in_array($extension, $allowedTypes)) { $flag = false; } else { $newFileName = uniqid('') . '.' . $extension; if (!file_exists($pathMessageAttach)) { @mkdir($pathMessageAttach, api_get_permissions_for_new_directories(), true); } $newPath = $pathMessageAttach . $newFileName; if (is_uploaded_file($fileAttach['tmp_name'])) { @copy($fileAttach['tmp_name'], $newPath); } $small = self::resize_picture($newPath, IMAGE_WALL_SMALL_SIZE); $medium = self::resize_picture($newPath, IMAGE_WALL_MEDIUM_SIZE); $big = new Image($newPath); $ok = $small && $small->send_image($pathMessageAttach . IMAGE_WALL_SMALL . '_' . $newFileName) && $medium && $medium->send_image($pathMessageAttach . IMAGE_WALL_MEDIUM . '_' . $newFileName) && $big && $big->send_image($pathMessageAttach . IMAGE_WALL_BIG . '_' . $newFileName); // Insert $newFileName = $social . $newFileName; $params = ['filename' => $safeFileName, 'comment' => $safeFileComment, 'path' => $newFileName, 'message_id' => $messageId, 'size' => $fileAttach['size']]; Database::insert($tbl_message_attach, $params); $flag = true; } return $flag; }