/**
* Upload personal photo function
* Assumes all security checks have been performed by this point
*
* @access public
* @param integer [Optional] member id instead of current member
* @return array [ error (error message), status (status message [ok/fail] ) ]
*/
public function uploadPhoto($member_id = 0)
{
//-----------------------------------------
// INIT
//-----------------------------------------
$return = array('error' => '', 'status' => '', 'final_location' => '', 'final_width' => '', 'final_height' => '', 't_final_location' => '', 't_final_width' => '', 't_final_height' => '');
$member_id = $member_id ? intval($member_id) : intval($this->memberData['member_id']);
$memberData = IPSMember::load($member_id);
$real_name = '';
$upload_dir = '';
$t_real_name = '';
$p_max = $memberData['photoMaxKb'];
if (IN_ACP) {
$p_max = 10000;
}
if (!$member_id) {
return array('status' => 'cannot_find_member');
}
/* Fix up upload directory */
$paths = $this->_getProfileUploadPaths();
$upload_path = $paths['path'];
$upload_dir = $paths['dir'];
/* Check for an upload */
if ($_FILES['upload_photo']['name'] != "" and $_FILES['upload_photo']['name'] != "none") {
if (!IPSMember::canUploadPhoto($memberData)) {
$return['status'] = 'fail';
$return['error'] = 'no_photo_upload_permission';
return $return;
}
$real_name = 'photo-' . $member_id;
/* Fetch library */
require_once IPS_KERNEL_PATH . 'classUpload.php';
/*noLibHook*/
$upload = new classUpload();
/* Bit of set up */
$upload->out_file_name = 'photo-' . $member_id;
$upload->out_file_dir = $upload_path;
$upload->max_file_size = $p_max * 1024;
$upload->upload_form_field = 'upload_photo';
/* Set up our allowed types */
$upload->allowed_file_ext = array('gif', 'png', 'jpg', 'jpeg');
/* http://community.invisionpower.com/resources/bugs.html/_/ip-board/problem-change-avatar-too-large-r42679 This is not ideal but is no longer an issue in 4.x - the alternative is a lot of refactoring of classUpload */
$filename = IPSText::parseCleanValue(str_replace(array('<', '>'), '-', $_FILES['upload_photo']['name']));
$extension = $upload->_getFileExtension($filename);
if ($_FILES['upload_photo']['size'] <= $upload->max_file_size && in_array($extension, $upload->allowed_file_ext)) {
/* Remove any current photos - http://community.invisionpower.com/resources/bugs.html/_/ip-board/profile-picture-not-removed-on-replacement-r41405 */
$this->removeUploadedPhotos($member_id, $upload_path);
}
/* Upload */
$upload->process();
/* Oops, what happened? */
if ($upload->error_no) {
switch ($upload->error_no) {
case 1:
// No upload
$return['status'] = 'fail';
$return['error'] = 'upload_failed';
break;
case 2:
// Invalid file ext
$return['status'] = 'fail';
$return['error'] = 'invalid_file_extension';
break;
case 3:
// Too big...
$return['status'] = 'fail';
$return['error'] = 'upload_to_big';
break;
case 4:
// Cannot move uploaded file
$return['status'] = 'fail';
$return['error'] = 'upload_failed';
break;
case 5:
// Possible XSS attack (image isn't an image)
$return['status'] = 'fail';
$return['error'] = 'upload_failed';
break;
}
return $return;
}
/* We got this far.. */
$real_name = $upload->parsed_file_name;
$t_real_name = $upload->parsed_file_name;
/* Now build sized copies */
$return = $this->buildSizedPhotos($upload->parsed_file_name, $member_id);
}
return $return;
}
/**
* Convert an image
*
* @access public
* @param integer Foreign ID number
* @param array Data to insert to table
* @param string Path to where images are stores
* @param boolean If true, loads file data from database, rather than move file
* @return boolean Success or fail
**/
public function convertImage($id, $info, $path, $db = false, $parent = false)
{
// First remap for gallery 5
foreach ($info as $k => $v) {
if (isset($this->_imageRemap[$k])) {
$info[$this->_imageRemap[$k]] = $v;
unset($info[$k]);
} else {
$info[$k] = $v;
}
}
unset($info['image_id']);
// Check we have a path
//if (!$this->settings['gallery_images_path'])
//{
// $this->logError($id, 'Your IP.Gallery uploads path has not been configured');
// return false;
//}
if (!file_exists($this->settings['gallery_images_path'] . '/gallery')) {
if (!mkdir($this->settings['gallery_images_path'] . '/gallery', 0777)) {
$this->error('"gallery" folder does not exist in the uploads directory.');
return false;
}
}
if (!is_writable($this->settings['gallery_images_path'])) {
$this->error('"gallery" folder is not writable.');
return false;
}
//-----------------------------------------
// Make sure we have everything we need
//-----------------------------------------
if (!$id) {
$this->logError($id, 'No ID number provided');
return false;
}
// Need image path if was not stored in database
if (!$path and !$db) {
$this->logError($id, 'No path provided');
return false;
}
// Be sure to have member id
if (!$info['image_member_id']) {
$this->logError($id, 'No member ID provided');
return false;
}
// Need to store in either category or album
if (!$info['image_album_id']) {
$this->logError($id, 'No album ID provided');
return false;
}
// Check if a masked name was provided. If not, just use the filename.
$info['image_masked_file_name'] = $info['image_masked_file_name'] ? $info['image_masked_file_name'] : $info['image_file_name'];
if (!$db and !$info['image_masked_file_name']) {
$this->logError($id, 'No filename provided');
return false;
}
// Make sure image data was provided if stored in database.
if ($db && !$info['image_data']) {
$this->logError($id, 'No file data provided');
return false;
}
if (isset($info['image_directory']) && $info['image_directory'] != '') {
$oldPath = $path;
$path = $path . '/' . trim($info['image_directory'], '/');
}
// Check the file actually exists
if (!$db && !file_exists($path . '/' . $info['image_masked_file_name'])) {
if (!file_exists($oldPath . '/' . $info['image_masked_file_name'])) {
$this->logError($id, 'Could not locate file ' . $path . '/' . $info['image_masked_file_name']);
return false;
}
$path = $oldPath;
}
$albumID = $this->getLink($info['image_album_id'], 'gallery_albums', true);
if ($albumID) {
if (isset($info['image_category_id'])) {
$categoryID = $this->getLink($info['image_category_id'], 'gallery_categories', true);
$info['image_category_id'] = $categoryID;
} else {
$info['image_category_id'] = ipsRegistry::$settings['gallery_members_album'];
}
$info['image_album_id'] = $albumID;
} else {
$info['image_category_id'] = $this->getLink($info['image_album_id'], 'gallery_categories');
$info['image_album_id'] = 0;
}
//-----------------------------------------
// Set up array
//-----------------------------------------
$imageArray = array('image_member_id' => $this->getLink($info['image_member_id'], 'members', false, $this->useLocalLink), 'image_album_id' => $info['image_album_id'], 'image_category_id' => $info['image_category_id'], 'image_caption' => $info['image_caption'] ? $info['image_caption'] : 'No caption', 'image_description' => $info['image_description'], 'image_directory' => '', 'image_file_name' => $info['image_file_name'], 'image_approved' => $info['image_approved'], 'image_thumbnail' => 0, 'image_views' => intval($info['image_views']), 'image_comments' => intval($info['image_comments']), 'image_date' => intval($info['image_date']), 'image_ratings_total' => intval($info['image_ratings_total']), 'image_ratings_count' => intval($info['image_ratings_count']), 'image_caption_seo' => IPSText::makeSeoTitle($info['image_caption']), 'image_notes' => $info['image_notes'], 'image_rating' => intval($info['image_ratings_total']) > 0 ? intval($info['image_ratings_total']) / intval($info['image_ratings_count']) : 0, 'image_privacy' => $info['image_privacy']);
if (!isset($info['image_file_size'])) {
$imageArray['image_file_size'] = @filesize($path . '/' . $info['image_masked_file_name']);
} else {
$imageArray['image_file_size'] = $info['image_file_size'];
}
// Fields still required = array( 'file_name', 'file_type', 'masked_file_name', 'medium_file_name');
// Fields optional = array( 'file_size', 'pinned', 'media', 'credit_info', 'metadata', 'media_thumb');
$_file = IPSLib::getAppDir('gallery') . '/app_class_gallery.php';
$_name = 'app_class_gallery';
$galleryLibObject = null;
if (file_exists($_file)) {
$classToLoad = IPSLib::loadLibrary($_file, $_name);
$galleryLibObject = new $classToLoad($this->registry);
}
require_once IPS_KERNEL_PATH . 'classUpload.php';
$upload = new classUpload();
$dir = $this->registry->gallery->helper('upload')->createDirectoryName($imageArray['image_album_id'], $imageArray['image_category_id']);
if (!is_dir($this->settings['gallery_images_path'] . DIRECTORY_SEPARATOR . $dir)) {
$this->error('Could not create directory to store images, please check <b>permissions (0777)</b> and <b>ownership</b> on "' . $this->settings['gallery_images_path'] . '/gallery/"');
}
$ext = $upload->_getFileExtension($info['image_file_name']);
$container = $imageArray['image_category_id'];
if ($imageArray['image_album_id']) {
$container = $imageArray['image_album_id'];
}
$new_name = "gallery_{$info['image_member_id']}_" . $container . "_" . time() . '_' . $id . '.' . $ext;
$imageArray['image_masked_file_name'] = $new_name;
$new_file = $this->settings['gallery_images_path'] . '/' . $dir . '/' . $new_name;
// stop image_directory being category_ and album_
if (($imageArray['image_album_id'] != 0 || isset($imageArray['image_album_id']) || !empty($imageArray['image_album_id'])) && ($imageArray['image_category_id'] != 0 || isset($imageArray['image_category_id']) || !empty($imageArray['image_category_id']))) {
// Set directory
$imageArray['image_directory'] = $imageArray['image_album_id'] ? 'gallery/album_' . $imageArray['image_album_id'] : 'gallery/category_' . $imageArray['image_category_id'];
} else {
$imageArray['image_directory'] = '';
}
if ($imageArray['image_directory'] == 'gallery/category_' || $imageArray['image_directory'] == 'gallery/album_') {
$imageArray['image_directory'] = '';
}
// Create the file from the db if that's the case
if ($db) {
$this->createFile($new_name, $info['image_data'], $info['image_file_size'], $this->settings['gallery_images_path'] . '/' . substr($dir, 0, -1));
} else {
// Copy the file to its end IP.Gallery location
if (!@copy($path . '/' . $info['image_masked_file_name'], $new_file)) {
$e = error_get_last();
$this->logError($id, 'Could not move file - attempted to move ' . $path . '/' . $info['image_masked_file_name'] . ' to ' . $new_file . '<br />' . $e['message'] . '<br /><br />');
return false;
}
}
@chmod($new_file, 0777);
if (method_exists($upload, 'check_xss_infile')) {
$upload->saved_upload_name = $new_file;
$upload->check_xss_infile();
if ($upload->error_no == 5) {
$this->logError($id, 'Invalid XSS file: ' . $info['image_file_name'] . '<br /><br />');
return false;
}
}
//-------------------------------------------------------------
// Exif/IPTC support?
//-------------------------------------------------------------
$meta_data = array();
if ($this->settings['gallery_exif']) {
$meta_data = array_merge($meta_data, $this->registry->gallery->helper('image')->extractExif($new_file));
}
if ($this->settings['gallery_iptc']) {
$meta_data = array_merge($meta_data, $this->registry->gallery->helper('image')->extractIptc($new_file));
}
$imageArray['image_metadata'] = serialize($meta_data);
//-------------------------------------------------------------
// Pass to library
//-------------------------------------------------------------
$media = 0;
$imageArray['image_media'] = $this->_isImage($ext) ? 0 : 1;
$imageArray['image_medium_file_name'] = 'med_' . $new_name;
$imageArray['image_file_type'] = $this->registry->gallery->helper('image')->getImageType($new_file);
// Go
$this->DB->insert('gallery_images', $imageArray);
$inserted_id = $this->DB->getInsertId();
// Permissions
$prefix = ipsRegistry::dbFunctions()->getPrefix();
$this->DB->query("UPDATE {$prefix}gallery_images i, {$prefix}permission_index p SET i.image_parent_permission=p.perm_view WHERE p.app='gallery' AND p.perm_type='categories' AND p.perm_type_id=i.image_category_id");
//-----------------------------------------
// Add link
//-----------------------------------------
$this->addLink($inserted_id, $id, 'gallery_images');
return true;
}
/**
* Convert an image
*
* @access public
* @param integer Foreign ID number
* @param array Data to insert to table
* @param string Path to where images are stores
* @param array Custom field data to insert to table
* @param boolean If true, loads file data from database, rather than move file
* @return boolean Success or fail
**/
public function convertImage($id, $info, $path, $custom_fields, $db = false)
{
// Check we have a path
if (!$this->settings['gallery_images_path']) {
$this->logError($id, 'Your IP.Gallery uploads path has not been configured');
return false;
}
//-----------------------------------------
// Make sure we have everything we need
//-----------------------------------------
if (!$id) {
$this->logError($id, 'No ID number provided');
return false;
}
// Need image path if was not stored in database
if (!$path and !$db) {
$this->logError($id, 'No path provided');
return false;
}
// Be sure to have member id
if (!$info['member_id']) {
$this->logError($id, 'No member ID provided');
return false;
}
// Need to store in either category or album
if (!$info['category_id'] and !$info['album_id']) {
$this->logError($id, 'No category or album ID provided');
return false;
}
// Check if a masked name was provided. If not, just use the filename.
$info['masked_file_name'] = $info['masked_file_name'] ? $info['masked_file_name'] : $info['file_name'];
if (!$db and !$info['masked_file_name']) {
$this->logError($id, 'No filename provided');
return false;
}
// Make sure image data was provided if stored in database.
if ($db && !$info['data']) {
$this->logError($id, 'No file data provided');
return false;
}
if (isset($info['directory']) && $info['directory'] != '') {
$path = $path . '/' . trim($info['directory'], '/');
}
// Check the file actually exists
if (!$db && !file_exists($path . '/' . $info['masked_file_name'])) {
$this->logError($id, 'Could not locate file ' . $path . '/' . $info['masked_file_name']);
return false;
}
//-----------------------------------------
// Set up array
//-----------------------------------------
$imageArray = array('member_id' => $this->getLink($info['member_id'], 'members', false, $this->useLocalLink), 'category_id' => $info['category_id'] ? $this->getLink($info['category_id'], 'gallery_categories') : 0, 'album_id' => $info['album_id'] ? $this->getLink($info['album_id'], 'gallery_albums') : 0, 'caption' => $info['caption'] ? $info['caption'] : 'No caption', 'file_size' => $info['file_size'] ? $info['file_size'] : 2, 'description' => $info['description'], 'directory' => '', 'file_name' => $info['file_name'], 'approved' => $info['approved'], 'thumbnail' => $info['thumbnail'], 'views' => intval($info['views']), 'comments' => intval($info['comments']), 'idate' => intval($info['idate']), 'ratings_total' => intval($info['ratings_total']), 'ratings_count' => intval($info['ratings_count']), 'caption_seo' => IPSText::makeSeoTitle($info['caption']), 'image_notes' => $info['image_notes'], 'rating' => intval($info['ratings_total']) > 0 ? intval($info['ratings_total']) / intval($info['ratings_count']) : 0);
// Fields still required = array( 'file_name', 'file_type', 'masked_file_name', 'medium_file_name');
// Fields optional = array( 'file_size', 'pinned', 'media', 'credit_info', 'metadata', 'media_thumb');
$_file = IPSLib::getAppDir('gallery') . '/app_class_gallery.php';
$_name = 'app_class_gallery';
$galleryLibObject;
if (file_exists($_file)) {
$classToLoad = IPSLib::loadLibrary($_file, $_name);
$galleryLibObject = new $classToLoad($this->registry);
}
$this->_loadMediaCache();
require_once IPS_KERNEL_PATH . 'classUpload.php';
$upload = new classUpload();
$allowed_ext = array();
foreach ($this->media_thumb_cache as $k => $v) {
if (!$v['allowed']) {
continue;
}
if ($v['default_type'] == 0 and !$allow_media) {
continue;
}
$allowed_ext[] = str_replace(".", "", $k);
}
$dir = "";
if ($this->settings['gallery_dir_images']) {
$dir = $this->DB->buildAndFetch(array('select' => 'directory', 'from' => 'gallery_images', 'order' => "id DESC", 'limit' => array(0, 1)));
$dir = $dir['directory'];
if (!is_dir($this->settings['gallery_images_path'] . '/' . $dir)) {
$dir = '';
}
$total = $this->DB->buildAndFetch(array('select' => 'COUNT(directory) AS files', 'from' => 'gallery_images', 'where' => "directory='{$dir}'"));
if ($total['files'] >= $this->settings['gallery_dir_images'] || !$total['files']) {
$dir = time();
@mkdir($this->settings['gallery_images_path'] . '/' . $dir, 0777);
@chmod($this->settings['gallery_images_path'] . '/' . $dir, 0777);
@touch($this->settings['gallery_images_path'] . '/' . $dir . '/index.html');
}
$dir = $dir ? "{$dir}/" : "";
$imageArray['directory'] = str_replace("/", "", $dir);
}
$ext = $upload->_getFileExtension($info['file_name']);
if (!in_array($ext, $allowed_ext)) {
$this->logError($id, "Invalid_mime_type for file name: {$info['file_name']}");
return false;
}
$new_name = "gallery_{$info['member_id']}_" . ($info['album_id'] > 0 ? $info['album_id'] : $info['category_id']) . "_" . time() % $imageArray['file_size'] . '.' . $ext;
$imageArray['masked_file_name'] = $new_name;
$new_file = $this->settings['gallery_images_path'] . '/' . $dir . $new_name;
// Create the file from the db if that's the case
if ($db) {
$this->createFile($new_name, $info['data'], $info['file_size'], $this->settings['gallery_images_path'] . '/' . substr($dir, 0, -1));
} else {
// Copy the file to its end IP.Gallery location
if (!@copy($path . '/' . $info['masked_file_name'], $new_file)) {
$e = error_get_last();
$this->logError($id, 'Could not move file - attempted to move ' . $path . '/' . $info['masked_file_name'] . ' to ' . $new_file . '<br />' . $e['message'] . '<br /><br />');
return false;
}
}
@chmod($new_file, 0777);
if (method_exists($upload, 'check_xss_infile')) {
$upload->saved_upload_name = $new_file;
$upload->check_xss_infile();
if ($upload->error_no == 5) {
$this->logError($id, 'Invalid XSS file: ' . $info['file_name'] . '<br /><br />');
return false;
}
}
//-------------------------------------------------------------
// Exif/IPTC support?
//-------------------------------------------------------------
$meta_data = array();
if ($this->settings['gallery_exif']) {
$meta_data = array_merge($meta_data, $this->registry->glib->extractExif($new_file));
}
if ($this->settings['gallery_iptc']) {
$meta_data = array_merge($meta_data, $this->registry->glib->extractIptc($new_file));
}
$imageArray['metadata'] = serialize($meta_data);
//-------------------------------------------------------------
// Pass to library
//-------------------------------------------------------------
$media = 0;
$ext = '.' . $ext;
$imageArray['media'] = $this->media_thumb_cache[$ext]['default_type'] ? 0 : 1;
$image = array('media' => $imageArray['media'], 'directory' => $dir, 'masked_file_name' => $new_name);
if (!$imageArray['media']) {
$this->registry->glib->rebuildImage($image, FALSE, TRUE);
}
$imageArray['medium_file_name'] = $this->registry->glib->did_medium ? 'med_' . $new_name : '';
$imageArray['file_type'] = $this->registry->glib->getImageType($new_file);
$imageArray['thumbnail'] = $this->registry->glib->did_thumb ? $this->registry->glib->did_thumb : 0;
//-----------------------------------------
// Insert
//-----------------------------------------
foreach ($custom_fields as $key => $value) {
if (preg_match('/field_(.+)/', $key, $matches)) {
$newKey = $this->getLink($matches[1], 'gallery_form_fields');
if ($newKey) {
$imageArray['field_' . $newKey] = $value;
}
}
}
// Go
$this->DB->insert('gallery_images', $imageArray);
$inserted_id = $this->DB->getInsertId();
//-----------------------------------------
// Add link
//-----------------------------------------
$this->addLink($inserted_id, $id, 'gallery_images');
return true;
}
/**
* Rebuild Attachment Data
*
* @access public
* @return void
*/
public function rebuildAttachdata()
{
/* Upload Class */
require_once IPS_KERNEL_PATH . 'classUpload.php';
$upload = new classUpload();
//-----------------------------------------
// Set up
//-----------------------------------------
$done = 0;
$start = intval($this->request['st']) >= 0 ? intval($this->request['st']) : 0;
$end = intval($this->request['pergo']) ? intval($this->request['pergo']) : 100;
$dis = $end + $start;
$output = array();
//-----------------------------------------
// Got any more?
//-----------------------------------------
$tmp = $this->DB->buildAndFetch(array('select' => 'attach_id', 'from' => 'attachments', 'limit' => array($dis, 1)));
$max = intval($tmp['attach_id']);
//-----------------------------------------
// Avoid limit...
//-----------------------------------------
$this->DB->build(array('select' => '*', 'from' => 'attachments', 'order' => 'attach_id ASC', 'limit' => array($start, $end)));
$outer = $this->DB->execute();
//-----------------------------------------
// Process...
//-----------------------------------------
while ($r = $this->DB->fetch($outer)) {
//-----------------------------------------
// Get ext
//-----------------------------------------
$update = array();
$update['attach_ext'] = $upload->_getFileExtension($r['attach_file']);
if ($r['attach_location']) {
if (file_exists($this->settings['upload_dir'] . '/' . $r['attach_location'])) {
$update['attach_filesize'] = @filesize($this->settings['upload_dir'] . '/' . $r['attach_location']);
if ($r['attach_is_image']) {
$dims = @getimagesize($this->settings['upload_dir'] . '/' . $r['attach_location']);
if ($dims[0] and $dims[1]) {
$update['attach_img_width'] = $dims[0];
$update['attach_img_height'] = $dims[1];
}
}
}
}
if (count($update)) {
$this->DB->update('attachments', $update, 'attach_id=' . $r['attach_id']);
}
$done++;
}
//-----------------------------------------
// Finish - or more?...
//-----------------------------------------
if (!$done and !$max) {
//-----------------------------------------
// Done..
//-----------------------------------------
$text = $this->lang->words['re_rebuildcomp'] . implode("<br />", $output);
$url = "{$this->settings['base_url']}{$this->form_code}";
$time = 2;
} else {
//-----------------------------------------
// More..
//-----------------------------------------
$thisgoeshere = sprintf($this->lang->words['re_thisgoeshere'], $dis);
$text = $thisgoeshere . implode("<br />", $output);
$url = "{$this->settings['base_url']}{$this->form_code}&do={$this->request['do']}&pergo={$this->request['pergo']}&st={$dis}";
$time = 0;
}
//-----------------------------------------
// Bye....
//-----------------------------------------
$this->registry->output->redirect($url, $text, $time);
}
