/** * Used to re-econodes an image to a specifed image format * * - creates a copy of the file at the same location as fileName. * - the file would have the format preferred_format if possible, otherwise the default format is jpeg. * - the function makes sure that all non-essential image contents are disposed. * * @package Graphics * @param string $fileName * @param int $preferred_format = 0 * @return boolean true on success, false on failure. */ function reencodeImage($fileName, $preferred_format = 0) { if (!resizeImageFile($fileName, $fileName . '.tmp', null, null, $preferred_format)) { if (file_exists($fileName . '.tmp')) { unlink($fileName . '.tmp'); } return false; } if (!unlink($fileName)) { return false; } if (!rename($fileName . '.tmp', $fileName)) { return false; } return true; }
/** * Images cache * * @name Images cache * @copyright Images cache contributors * @license BSD http://opensource.org/licenses/BSD-3-Clause * * @version 0.1 * */ function imageNeedsCache($img) { global $boardurl, $txt; static $js_loaded = false; $parseboard = parse_url($boardurl); $parseimg = parse_url($img); if (!($parseboard['scheme'] === 'https') || $parseboard['scheme'] === $parseimg['scheme']) { return false; } if ($js_loaded === false) { $js_loaded = true; loadJavascriptFile('imgcache.js', array('defer' => true)); loadLanguage('imgcache'); } require_once SUBSDIR . '/Graphics.subs.php'; $destination = CACHEDIR . '/img_cache_' . md5($img); if (!file_exists($destination)) { resizeImageFile($img, $destination, 200, 200, 3); } return $boardurl . '/imgcache.php?id=' . md5($img) . '" rel="cached" data-warn="' . Util::htmlspecialchars($txt['httpimgcache_warn_ext']) . '" data-url="' . Util::htmlspecialchars($img); }
function reencodeImage($fileName, $preferred_format = 0) { // There is nothing we can do without GD, sorry! if (!checkGD()) { return false; } if (!resizeImageFile($fileName, $fileName . '.tmp', null, null, $preferred_format)) { if (file_exists($fileName . '.tmp')) { unlink($fileName . '.tmp'); } return false; } if (!unlink($fileName)) { return false; } if (!rename($fileName . '.tmp', $fileName)) { return false; } return true; }
function saveUserAttribute($userid, $attid, $data) { global $usertable_prefix, $tables; # workaround for integration webbler/phplist if (!isset($usertable_prefix)) { $usertable_prefix = ''; } if (!empty($tables["attribute"])) { $att_table = $usertable_prefix . $tables["attribute"]; $user_att_table = $usertable_prefix . $tables["user_attribute"]; } else { $att_table = $usertable_prefix . "attribute"; $user_att_table = $usertable_prefix . "user_attribute"; } if ($data["nodbsave"]) { dbg("Not saving {$attid}"); return; } if (strtolower($data) == 'invalid attribute index') { return; } if ($attid == "emailcheck" || $attid == "passwordcheck") { dbg("Not saving {$attid}"); return; } if (!$data["type"]) { $data["type"] = "textline"; } if ($data["type"] == "static" || $data["type"] == "password" || $data['type'] == 'htmlpref') { Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid)); if ($data["type"] == "password") { Sql_Query(sprintf('update user set passwordchanged = now() where id = %d', $userid)); } return 1; } $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from %s where id = %d', $att_table, $attid)); if (!$attid_req[0]) { $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from %s where name = "%s"', $att_table, $data["name"])); if (!$attid_req[0]) { if ($GLOBALS["config"]["autocreate_attributes"]) { Dbg("Creating new Attribute: " . $data["name"]); sendError("creating new attribute " . $data["name"]); $atttable = getNewAttributeTablename($data["name"]); Sql_Query(sprintf('insert into %s (name,type,tablename) values("%s","%s","%s")', $att_table, $data["name"], $data["type"], $atttable)); $attid = Sql_Insert_Id(); } else { dbg("Not creating new Attribute: " . $data["name"]); # sendError("Not creating new attribute ".$data["name"]); } } else { $attid = $attid_req[0]; $atttable = $attid_req[2]; } } else { $attid = $attid_req[0]; $atttable = $attid_req[2]; } if (!$atttable) { $atttable = getNewAttributeTablename($data["name"]); # fix attribute without tablename Sql_Query(sprintf('update %s set tablename ="%s" where id = %d', $att_table, $atttable, $attid)); # sendError("Attribute without Tablename $attid"); } switch ($data["type"]) { case "static": case "password": Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid)); break; case "select": $curval = Sql_Fetch_Row_Query(sprintf('select id from phplist_listattr_%s where name = "%s"', $atttable, $data["displayvalue"]), 1); if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') { Sql_Query(sprintf('insert into phplist_listattr_%s (name) values("%s")', $atttable, $data["displayvalue"])); sendError("Added " . $data["displayvalue"] . " to {$atttable}"); $valid = Sql_Insert_id(); } else { $valid = $curval[0]; } Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, $valid)); break; case 'avatar': if (is_array($_FILES)) { ## only avatars are files $formfield = 'attribute' . $attid . '_file'; ## the name of the fileupload element if (!empty($_FILES[$formfield]['name'])) { $tmpnam = $_FILES[$formfield]['tmp_name']; move_uploaded_file($tmpnam, '/tmp/avatar' . $userid . '.jpg'); if (function_exists('resizeImageFile')) { resizeImageFile('/tmp/avatar' . $userid . '.jpg', 250, 1); } $size = filesize('/tmp/avatar' . $userid . '.jpg'); # dbg('New size: '.$size); if ($size < MAX_AVATAR_SIZE) { $avatar = file_get_contents('/tmp/avatar' . $userid . '.jpg'); Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, base64_encode($avatar))); unlink('/tmp/avatar' . $userid . '.jpg'); } } } break; default: Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, $data["value"])); break; } return 1; }
function saveUserAttribute($userid, $attid, $data) { global $usertable_prefix, $table_prefix, $tables; # workaround for integration webbler/phplist if (!isset($usertable_prefix)) { $usertable_prefix = ''; } if (!isset($table_prefix)) { $table_prefix = 'phplist_'; } if (!empty($tables["attribute"])) { $att_table = $usertable_prefix . $tables["attribute"]; $user_att_table = $usertable_prefix . $tables["user_attribute"]; } else { $att_table = $usertable_prefix . "attribute"; $user_att_table = $usertable_prefix . "user_attribute"; } if (!is_array($data)) { $tmp = $data; $data = Sql_Fetch_Assoc_Query(sprintf('select * from %s where id = %d', $att_table, $attid)); $data['value'] = $tmp; $data['displayvalue'] = $tmp; } # dbg($data,'$data to store for '.$userid.' '.$attid); if ($data["nodbsave"]) { # dbg($attid, "Not saving, nodbsave"); return; } if ($attid == "emailcheck" || $attid == "passwordcheck") { # dbg($attid, "Not saving, emailcheck/passwordcheck"); return; } if (!$data["type"]) { $data["type"] = "textline"; } if ($data["type"] == "static" || $data["type"] == "password" || $data['type'] == 'htmlpref') { if (!empty($GLOBALS['config']['dontsave_userpassword']) && $data['type'] == 'password') { $data["value"] = 'not authoritative'; } Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid)); dbg('Saving', $data['value'], DBG_TRACE); if ($data["type"] == "password") { Sql_Query(sprintf('update user set passwordchanged = now(),password="******" where id = %d', hash('sha256', $data['value']), $userid)); } return 1; } $attributetype = $data['type']; $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from %s where id = %d', $att_table, $attid)); if (!$attid_req[0]) { $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from %s where name = "%s"', $att_table, $data["name"])); if (!$attid_req[0]) { if (!empty($data["name"]) && $GLOBALS["config"]["autocreate_attributes"]) { # Dbg("Creating new Attribute: ".$data["name"]); sendError("creating new attribute " . $data["name"]); $atttable = getNewAttributeTablename($data["name"]); Sql_Query(sprintf('insert into %s (name,type,tablename) values("%s","%s","%s")', $att_table, $data["name"], $data["type"], $atttable)); $attid = Sql_Insert_Id(); } else { # dbg("Not creating new Attribute: ".$data["name"]); # sendError("Not creating new attribute ".$data["name"]); } } else { $attid = $attid_req[0]; if (empty($attributetype)) { $attributetype = $attid_req[1]; } $atttable = $attid_req[2]; } } else { $attid = $attid_req[0]; if (empty($attributetype)) { $attributetype = $attid_req[1]; } $atttable = $attid_req[2]; } if (!$atttable && !empty($data['name'])) { $atttable = getNewAttributeTablename($data["name"]); # fix attribute without tablename Sql_Query(sprintf('update %s set tablename ="%s" where id = %d', $att_table, $atttable, $attid)); # sendError("Attribute without Tablename $attid"); } switch ($attributetype) { case "static": case "password": # dbg('SAVING STATIC OR PASSWORD'); if (!empty($GLOBALS['config']['dontsave_userpassword']) && $data['type'] == 'password') { $data["value"] = 'not authoritative'; } Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid)); break; case "select": $curval = Sql_Fetch_Row_Query(sprintf('select id from ' . $table_prefix . 'listattr_%s where name = "%s"', $atttable, $data["displayvalue"]), 1); if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') { Sql_Query(sprintf('insert into ' . $table_prefix . 'listattr_%s (name) values("%s")', $atttable, $data["displayvalue"])); sendError("Added " . $data["displayvalue"] . " to {$atttable}"); $valid = Sql_Insert_id(); } else { $valid = $curval[0]; } Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, $valid)); break; case 'avatar': if (is_array($_FILES)) { ## only avatars are files, for now if (!defined('MAX_AVATAR_SIZE')) { define('MAX_AVATAR_SIZE', 100000); } $formfield = 'attribute' . $attid . '_file'; ## the name of the fileupload element if (!empty($_FILES[$formfield]['name']) && !empty($_FILES[$formfield]['tmp_name'])) { $tmpnam = $_FILES[$formfield]['tmp_name']; move_uploaded_file($tmpnam, '/tmp/avatar' . $userid . '.jpg'); if (function_exists('resizeImageFile')) { resizeImageFile('/tmp/avatar' . $userid . '.jpg', 250, 1); } $size = filesize('/tmp/avatar' . $userid . '.jpg'); # dbg('New size: '.$size); if ($size < MAX_AVATAR_SIZE) { $avatar = file_get_contents('/tmp/avatar' . $userid . '.jpg'); Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, base64_encode($avatar))); unlink('/tmp/avatar' . $userid . '.jpg'); } } } break; default: Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, $data["value"])); break; } return 1; }
/** * Saves a file and stores it locally for avatar use by id_member. * * What it does: * - supports GIF, JPG, PNG, BMP and WBMP formats. * - detects if GD2 is available. * - uses resizeImageFile() to resize to max_width by max_height, and saves the result to a file. * - updates the database info for the member's avatar. * - returns whether the download and resize was successful. * * @uses subs/Graphics.subs.php * @package Attachments * @param string $temporary_path the full path to the temporary file * @param int $memID member ID * @param int $max_width * @param int $max_height * @return boolean whether the download and resize was successful. * */ function saveAvatar($temporary_path, $memID, $max_width, $max_height) { global $modSettings; $db = database(); $ext = !empty($modSettings['avatar_download_png']) ? 'png' : 'jpeg'; $destName = 'avatar_' . $memID . '_' . time() . '.' . $ext; // Just making sure there is a non-zero member. if (empty($memID)) { return false; } require_once SUBSDIR . '/ManageAttachments.subs.php'; removeAttachments(array('id_member' => $memID)); $id_folder = getAttachmentPathID(); $avatar_hash = empty($modSettings['custom_avatar_enabled']) ? getAttachmentFilename($destName, 0, null, true) : ''; $db->insert('', '{db_prefix}attachments', array('id_member' => 'int', 'attachment_type' => 'int', 'filename' => 'string-255', 'file_hash' => 'string-255', 'fileext' => 'string-8', 'size' => 'int', 'id_folder' => 'int'), array($memID, empty($modSettings['custom_avatar_enabled']) ? 0 : 1, $destName, $avatar_hash, $ext, 1, $id_folder), array('id_attach')); $attachID = $db->insert_id('{db_prefix}attachments', 'id_attach'); // First, the temporary file will have the .tmp extension. $tempName = getAvatarPath() . '/' . $destName . '.tmp'; // The destination filename will depend on whether custom dir for avatars has been set $destName = getAvatarPath() . '/' . $destName; $path = getAttachmentPath(); $destName = empty($avatar_hash) ? $destName : $path . '/' . $attachID . '_' . $avatar_hash . '.elk'; // Resize it. require_once SUBSDIR . '/Graphics.subs.php'; if (!empty($modSettings['avatar_download_png'])) { $success = resizeImageFile($temporary_path, $tempName, $max_width, $max_height, 3); } else { $success = resizeImageFile($temporary_path, $tempName, $max_width, $max_height); } if ($success) { // Remove the .tmp extension from the attachment. if (rename($tempName, $destName)) { list($width, $height) = getimagesize($destName); $mime_type = 'image/' . $ext; // Write filesize in the database. $db->query('', ' UPDATE {db_prefix}attachments SET size = {int:filesize}, width = {int:width}, height = {int:height}, mime_type = {string:mime_type} WHERE id_attach = {int:current_attachment}', array('filesize' => filesize($destName), 'width' => (int) $width, 'height' => (int) $height, 'current_attachment' => $attachID, 'mime_type' => $mime_type)); // Retain this globally in case the script wants it. $modSettings['new_avatar_data'] = array('id' => $attachID, 'filename' => $destName, 'type' => empty($modSettings['custom_avatar_enabled']) ? 0 : 1); return true; } else { return false; } } else { $db->query('', ' DELETE FROM {db_prefix}attachments WHERE id_attach = {int:current_attachment}', array('current_attachment' => $attachID)); @unlink($tempName); return false; } }