/**
* Used to re-econodes an image to a specifed image format
*
* - creates a copy of the file at the same location as fileName.
* - the file would have the format preferred_format if possible, otherwise the default format is jpeg.
* - the function makes sure that all non-essential image contents are disposed.
*
* @package Graphics
* @param string $fileName
* @param int $preferred_format = 0
* @return boolean true on success, false on failure.
*/
function reencodeImage($fileName, $preferred_format = 0)
{
if (!resizeImageFile($fileName, $fileName . '.tmp', null, null, $preferred_format)) {
if (file_exists($fileName . '.tmp')) {
unlink($fileName . '.tmp');
}
return false;
}
if (!unlink($fileName)) {
return false;
}
if (!rename($fileName . '.tmp', $fileName)) {
return false;
}
return true;
}
/**
* Images cache
*
* @name Images cache
* @copyright Images cache contributors
* @license BSD http://opensource.org/licenses/BSD-3-Clause
*
* @version 0.1
*
*/
function imageNeedsCache($img)
{
global $boardurl, $txt;
static $js_loaded = false;
$parseboard = parse_url($boardurl);
$parseimg = parse_url($img);
if (!($parseboard['scheme'] === 'https') || $parseboard['scheme'] === $parseimg['scheme']) {
return false;
}
if ($js_loaded === false) {
$js_loaded = true;
loadJavascriptFile('imgcache.js', array('defer' => true));
loadLanguage('imgcache');
}
require_once SUBSDIR . '/Graphics.subs.php';
$destination = CACHEDIR . '/img_cache_' . md5($img);
if (!file_exists($destination)) {
resizeImageFile($img, $destination, 200, 200, 3);
}
return $boardurl . '/imgcache.php?id=' . md5($img) . '" rel="cached" data-warn="' . Util::htmlspecialchars($txt['httpimgcache_warn_ext']) . '" data-url="' . Util::htmlspecialchars($img);
}
function reencodeImage($fileName, $preferred_format = 0)
{
// There is nothing we can do without GD, sorry!
if (!checkGD()) {
return false;
}
if (!resizeImageFile($fileName, $fileName . '.tmp', null, null, $preferred_format)) {
if (file_exists($fileName . '.tmp')) {
unlink($fileName . '.tmp');
}
return false;
}
if (!unlink($fileName)) {
return false;
}
if (!rename($fileName . '.tmp', $fileName)) {
return false;
}
return true;
}
function saveUserAttribute($userid, $attid, $data)
{
global $usertable_prefix, $tables;
# workaround for integration webbler/phplist
if (!isset($usertable_prefix)) {
$usertable_prefix = '';
}
if (!empty($tables["attribute"])) {
$att_table = $usertable_prefix . $tables["attribute"];
$user_att_table = $usertable_prefix . $tables["user_attribute"];
} else {
$att_table = $usertable_prefix . "attribute";
$user_att_table = $usertable_prefix . "user_attribute";
}
if ($data["nodbsave"]) {
dbg("Not saving {$attid}");
return;
}
if (strtolower($data) == 'invalid attribute index') {
return;
}
if ($attid == "emailcheck" || $attid == "passwordcheck") {
dbg("Not saving {$attid}");
return;
}
if (!$data["type"]) {
$data["type"] = "textline";
}
if ($data["type"] == "static" || $data["type"] == "password" || $data['type'] == 'htmlpref') {
Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid));
if ($data["type"] == "password") {
Sql_Query(sprintf('update user set passwordchanged = now() where id = %d', $userid));
}
return 1;
}
$attid_req = Sql_Fetch_Row_Query(sprintf('
select id,type,tablename from %s where id = %d', $att_table, $attid));
if (!$attid_req[0]) {
$attid_req = Sql_Fetch_Row_Query(sprintf('
select id,type,tablename from %s where name = "%s"', $att_table, $data["name"]));
if (!$attid_req[0]) {
if ($GLOBALS["config"]["autocreate_attributes"]) {
Dbg("Creating new Attribute: " . $data["name"]);
sendError("creating new attribute " . $data["name"]);
$atttable = getNewAttributeTablename($data["name"]);
Sql_Query(sprintf('insert into %s (name,type,tablename) values("%s","%s","%s")', $att_table, $data["name"], $data["type"], $atttable));
$attid = Sql_Insert_Id();
} else {
dbg("Not creating new Attribute: " . $data["name"]);
# sendError("Not creating new attribute ".$data["name"]);
}
} else {
$attid = $attid_req[0];
$atttable = $attid_req[2];
}
} else {
$attid = $attid_req[0];
$atttable = $attid_req[2];
}
if (!$atttable) {
$atttable = getNewAttributeTablename($data["name"]);
# fix attribute without tablename
Sql_Query(sprintf('update %s set tablename ="%s" where id = %d', $att_table, $atttable, $attid));
# sendError("Attribute without Tablename $attid");
}
switch ($data["type"]) {
case "static":
case "password":
Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid));
break;
case "select":
$curval = Sql_Fetch_Row_Query(sprintf('select id from phplist_listattr_%s
where name = "%s"', $atttable, $data["displayvalue"]), 1);
if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') {
Sql_Query(sprintf('insert into phplist_listattr_%s (name) values("%s")', $atttable, $data["displayvalue"]));
sendError("Added " . $data["displayvalue"] . " to {$atttable}");
$valid = Sql_Insert_id();
} else {
$valid = $curval[0];
}
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, $valid));
break;
case 'avatar':
if (is_array($_FILES)) {
## only avatars are files
$formfield = 'attribute' . $attid . '_file';
## the name of the fileupload element
if (!empty($_FILES[$formfield]['name'])) {
$tmpnam = $_FILES[$formfield]['tmp_name'];
move_uploaded_file($tmpnam, '/tmp/avatar' . $userid . '.jpg');
if (function_exists('resizeImageFile')) {
resizeImageFile('/tmp/avatar' . $userid . '.jpg', 250, 1);
}
$size = filesize('/tmp/avatar' . $userid . '.jpg');
# dbg('New size: '.$size);
if ($size < MAX_AVATAR_SIZE) {
$avatar = file_get_contents('/tmp/avatar' . $userid . '.jpg');
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, base64_encode($avatar)));
unlink('/tmp/avatar' . $userid . '.jpg');
}
}
}
break;
default:
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, $data["value"]));
break;
}
return 1;
}
function saveUserAttribute($userid, $attid, $data)
{
global $usertable_prefix, $table_prefix, $tables;
# workaround for integration webbler/phplist
if (!isset($usertable_prefix)) {
$usertable_prefix = '';
}
if (!isset($table_prefix)) {
$table_prefix = 'phplist_';
}
if (!empty($tables["attribute"])) {
$att_table = $usertable_prefix . $tables["attribute"];
$user_att_table = $usertable_prefix . $tables["user_attribute"];
} else {
$att_table = $usertable_prefix . "attribute";
$user_att_table = $usertable_prefix . "user_attribute";
}
if (!is_array($data)) {
$tmp = $data;
$data = Sql_Fetch_Assoc_Query(sprintf('select * from %s where id = %d', $att_table, $attid));
$data['value'] = $tmp;
$data['displayvalue'] = $tmp;
}
# dbg($data,'$data to store for '.$userid.' '.$attid);
if ($data["nodbsave"]) {
# dbg($attid, "Not saving, nodbsave");
return;
}
if ($attid == "emailcheck" || $attid == "passwordcheck") {
# dbg($attid, "Not saving, emailcheck/passwordcheck");
return;
}
if (!$data["type"]) {
$data["type"] = "textline";
}
if ($data["type"] == "static" || $data["type"] == "password" || $data['type'] == 'htmlpref') {
if (!empty($GLOBALS['config']['dontsave_userpassword']) && $data['type'] == 'password') {
$data["value"] = 'not authoritative';
}
Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid));
dbg('Saving', $data['value'], DBG_TRACE);
if ($data["type"] == "password") {
Sql_Query(sprintf('update user set passwordchanged = now(),password="******" where id = %d', hash('sha256', $data['value']), $userid));
}
return 1;
}
$attributetype = $data['type'];
$attid_req = Sql_Fetch_Row_Query(sprintf('
select id,type,tablename from %s where id = %d', $att_table, $attid));
if (!$attid_req[0]) {
$attid_req = Sql_Fetch_Row_Query(sprintf('
select id,type,tablename from %s where name = "%s"', $att_table, $data["name"]));
if (!$attid_req[0]) {
if (!empty($data["name"]) && $GLOBALS["config"]["autocreate_attributes"]) {
# Dbg("Creating new Attribute: ".$data["name"]);
sendError("creating new attribute " . $data["name"]);
$atttable = getNewAttributeTablename($data["name"]);
Sql_Query(sprintf('insert into %s (name,type,tablename) values("%s","%s","%s")', $att_table, $data["name"], $data["type"], $atttable));
$attid = Sql_Insert_Id();
} else {
# dbg("Not creating new Attribute: ".$data["name"]);
# sendError("Not creating new attribute ".$data["name"]);
}
} else {
$attid = $attid_req[0];
if (empty($attributetype)) {
$attributetype = $attid_req[1];
}
$atttable = $attid_req[2];
}
} else {
$attid = $attid_req[0];
if (empty($attributetype)) {
$attributetype = $attid_req[1];
}
$atttable = $attid_req[2];
}
if (!$atttable && !empty($data['name'])) {
$atttable = getNewAttributeTablename($data["name"]);
# fix attribute without tablename
Sql_Query(sprintf('update %s set tablename ="%s" where id = %d', $att_table, $atttable, $attid));
# sendError("Attribute without Tablename $attid");
}
switch ($attributetype) {
case "static":
case "password":
# dbg('SAVING STATIC OR PASSWORD');
if (!empty($GLOBALS['config']['dontsave_userpassword']) && $data['type'] == 'password') {
$data["value"] = 'not authoritative';
}
Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid));
break;
case "select":
$curval = Sql_Fetch_Row_Query(sprintf('select id from ' . $table_prefix . 'listattr_%s
where name = "%s"', $atttable, $data["displayvalue"]), 1);
if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') {
Sql_Query(sprintf('insert into ' . $table_prefix . 'listattr_%s (name) values("%s")', $atttable, $data["displayvalue"]));
sendError("Added " . $data["displayvalue"] . " to {$atttable}");
$valid = Sql_Insert_id();
} else {
$valid = $curval[0];
}
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, $valid));
break;
case 'avatar':
if (is_array($_FILES)) {
## only avatars are files, for now
if (!defined('MAX_AVATAR_SIZE')) {
define('MAX_AVATAR_SIZE', 100000);
}
$formfield = 'attribute' . $attid . '_file';
## the name of the fileupload element
if (!empty($_FILES[$formfield]['name']) && !empty($_FILES[$formfield]['tmp_name'])) {
$tmpnam = $_FILES[$formfield]['tmp_name'];
move_uploaded_file($tmpnam, '/tmp/avatar' . $userid . '.jpg');
if (function_exists('resizeImageFile')) {
resizeImageFile('/tmp/avatar' . $userid . '.jpg', 250, 1);
}
$size = filesize('/tmp/avatar' . $userid . '.jpg');
# dbg('New size: '.$size);
if ($size < MAX_AVATAR_SIZE) {
$avatar = file_get_contents('/tmp/avatar' . $userid . '.jpg');
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, base64_encode($avatar)));
unlink('/tmp/avatar' . $userid . '.jpg');
}
}
}
break;
default:
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, $data["value"]));
break;
}
return 1;
}
/**
* Saves a file and stores it locally for avatar use by id_member.
*
* What it does:
* - supports GIF, JPG, PNG, BMP and WBMP formats.
* - detects if GD2 is available.
* - uses resizeImageFile() to resize to max_width by max_height, and saves the result to a file.
* - updates the database info for the member's avatar.
* - returns whether the download and resize was successful.
*
* @uses subs/Graphics.subs.php
* @package Attachments
* @param string $temporary_path the full path to the temporary file
* @param int $memID member ID
* @param int $max_width
* @param int $max_height
* @return boolean whether the download and resize was successful.
*
*/
function saveAvatar($temporary_path, $memID, $max_width, $max_height)
{
global $modSettings;
$db = database();
$ext = !empty($modSettings['avatar_download_png']) ? 'png' : 'jpeg';
$destName = 'avatar_' . $memID . '_' . time() . '.' . $ext;
// Just making sure there is a non-zero member.
if (empty($memID)) {
return false;
}
require_once SUBSDIR . '/ManageAttachments.subs.php';
removeAttachments(array('id_member' => $memID));
$id_folder = getAttachmentPathID();
$avatar_hash = empty($modSettings['custom_avatar_enabled']) ? getAttachmentFilename($destName, 0, null, true) : '';
$db->insert('', '{db_prefix}attachments', array('id_member' => 'int', 'attachment_type' => 'int', 'filename' => 'string-255', 'file_hash' => 'string-255', 'fileext' => 'string-8', 'size' => 'int', 'id_folder' => 'int'), array($memID, empty($modSettings['custom_avatar_enabled']) ? 0 : 1, $destName, $avatar_hash, $ext, 1, $id_folder), array('id_attach'));
$attachID = $db->insert_id('{db_prefix}attachments', 'id_attach');
// First, the temporary file will have the .tmp extension.
$tempName = getAvatarPath() . '/' . $destName . '.tmp';
// The destination filename will depend on whether custom dir for avatars has been set
$destName = getAvatarPath() . '/' . $destName;
$path = getAttachmentPath();
$destName = empty($avatar_hash) ? $destName : $path . '/' . $attachID . '_' . $avatar_hash . '.elk';
// Resize it.
require_once SUBSDIR . '/Graphics.subs.php';
if (!empty($modSettings['avatar_download_png'])) {
$success = resizeImageFile($temporary_path, $tempName, $max_width, $max_height, 3);
} else {
$success = resizeImageFile($temporary_path, $tempName, $max_width, $max_height);
}
if ($success) {
// Remove the .tmp extension from the attachment.
if (rename($tempName, $destName)) {
list($width, $height) = getimagesize($destName);
$mime_type = 'image/' . $ext;
// Write filesize in the database.
$db->query('', '
UPDATE {db_prefix}attachments
SET size = {int:filesize}, width = {int:width}, height = {int:height},
mime_type = {string:mime_type}
WHERE id_attach = {int:current_attachment}', array('filesize' => filesize($destName), 'width' => (int) $width, 'height' => (int) $height, 'current_attachment' => $attachID, 'mime_type' => $mime_type));
// Retain this globally in case the script wants it.
$modSettings['new_avatar_data'] = array('id' => $attachID, 'filename' => $destName, 'type' => empty($modSettings['custom_avatar_enabled']) ? 0 : 1);
return true;
} else {
return false;
}
} else {
$db->query('', '
DELETE FROM {db_prefix}attachments
WHERE id_attach = {int:current_attachment}', array('current_attachment' => $attachID));
@unlink($tempName);
return false;
}
}
