<?php
// Include common functions and declarations
include "../include/common.php";
// Get parameters
$path = getValue("path");
$width = getValue("width");
$height = getValue("height");
$autoCorrect = getValue("autoCorrect");
if (!empty($path)) {
// Output header
header("Content-type: image/jpeg");
// Get source file
$sourcefile = scriptPath . "/" . folderUploadedFiles . "/" . $path;
if (file_exists($sourcefile)) {
$dimensions = getImageDimensions($sourcefile);
if ($autoCorrect) {
if ($dimensions[0] < $dimensions[1]) {
if (!empty($width)) {
$height = $width;
$width = 0;
}
}
}
if (empty($width)) {
// Scale according to height
$ratio = $height / $dimensions[1];
$width = $dimensions[0] * $ratio;
}
if (empty($height)) {
// Scale according to width
/**
* Generate a thumbnail for a given image file.
* @param $cacheDir Directory file is located in.
* @param $path Path to image file relative to scriptUrl.
* @param $name Name of file.
* @param $width Desired width of thumbnail.
* @param $height Desired height of thumbnail.
* @param $returnDefault Return default image if image could not be generated.
* @param $addBackground Add background to make the image fit desired dimensions.
* @param $crop Crop image to fit desired dimensions.
* @param $blackAndWhite Black and white image.
* @return URL to thumbnail.
*/
function generateThumbnail($cacheDir, $path, $name, $width, $height = 0, $returnDefault = true, $addBackground = false, $crop = false, $blackAndWhite = false)
{
global $settings;
// Cache in news directory in cache if present
if (!is_dir(cachePath . "/" . $cacheDir)) {
$cacheDir = "";
}
// Set source file name
$sourceFile = file_exists(scriptPath . "/" . $path) ? scriptPath . "/" . $path : ($returnDefault ? iconPath . "/default.jpg" : "");
if (!empty($sourceFile)) {
if (!$settings->enableCaching) {
return scriptUrl . "/" . $path;
}
if (!empty($width) || !empty($height)) {
$dimensions = getImageDimensions($sourceFile);
if (!$addBackground && !$crop) {
if (!empty($width)) {
$ratio = $width / $dimensions[0];
$height = $dimensions[1] * $ratio;
} else {
if (!empty($height)) {
$ratio = $height / $dimensions[1];
$width = $dimensions[0] * $ratio;
}
}
}
// Round values
$width = floor($width);
$height = floor($height);
if (empty($height)) {
$height = $width;
}
// Set target file name
$targetFile = cachePath . (!empty($cacheDir) ? "/" . $cacheDir : "") . "/" . $name . "." . $width . "_" . $height . ($addBackground ? "_background" : ($crop ? "_crop" : "")) . ($blackAndWhite ? "_bw" : "") . ".jpg";
// Check if file has changed
$resize = false;
if (!file_exists($targetFile)) {
$resize = true;
} else {
if (filemtime($targetFile) < filemtime($sourceFile)) {
$resize = true;
}
}
// Resize file
if ($resize) {
resizeToFile($sourceFile, $width, $height, $targetFile, 100, $addBackground, $crop, $blackAndWhite);
}
return cacheUrl . (!empty($cacheDir) ? "/" . $cacheDir : "") . "/" . $name . "." . $width . "_" . $height . ($addBackground ? "_background" : ($crop ? "_crop" : "")) . ($blackAndWhite ? "_bw" : "") . ".jpg";
}
return iconUrl . "/picture5050.gif";
}
return "";
}
/**
* resizeImage resizes an image and writes it to the harddisk
* @param $sourcefile The filename of the picture that is going to be resized
* @param $dest_x X-Size of the target picture in pixels
* @param $dest_y Y-Size of the target picture in pixels
* @param $targetfile The name under which the resized picture will be stored
* @param $jpegqual The Compression-Rate that is to be used
* @param $addBackground Add background to image.
* @param $crop Crop image to fit desired dimensions.
* @param $blackAndWhite Black and white image.
* @return true if resize was successfull, false otherwise.
*/
function resizeImage($sourcefile, $width, $height, $targetfile, $jpegqual, $addBackground = false, $crop = false, $blackAndWhite = false)
{
if (empty($height)) {
$height = $width;
}
// Get the dimensions of the source picture
$dimensions = getImageDimensions($sourcefile);
$source_x = $dimensions[0];
$source_y = $dimensions[1];
// Create a new image object by type (not neccessarily true colour)
$source_id = null;
$type = $dimensions["mime"];
switch ($type) {
case "image/jpeg":
$source_id = @imageCreateFromJPEG("{$sourcefile}");
break;
case "image/png":
$source_id = @imageCreateFromPNG("{$sourcefile}");
break;
case "image/gif":
$source_id = @imageCreateFromGIF("{$sourcefile}");
break;
}
// Create target image
$target_id = null;
if ($addBackground) {
$target_ratio = $width / $height;
$img_ratio = $source_x / $source_y;
if ($target_ratio > $img_ratio) {
$new_height = $height;
$new_width = $img_ratio * $height;
} else {
$new_height = $width / $img_ratio;
$new_width = $width;
}
if ($new_height > $height) {
$new_height = $height;
}
if ($new_width > $width) {
$new_height = $width;
}
$target_id = @imagecreatetruecolor($width, $height);
@imagefilledrectangle($target_id, 0, 0, $width - 1, $height - 1, 0);
// Fill the image black
@imagecopyresampled($target_id, $source_id, ($width - $new_width) / 2, ($height - $new_height) / 2, 0, 0, $new_width, $new_height, $source_x, $source_y);
} else {
if ($crop) {
// We're always going to crop from center
if ($source_x < $source_y) {
$cropx = 0;
$cropy = ($source_y - $source_x) / 2;
$source_y = $source_x;
} else {
$cropx = ($source_x - $source_y) / 2;
$cropy = 0;
$source_x = $source_y;
}
// Create image
$target_id = @imagecreatetruecolor($width, $height);
@imagefilledrectangle($target_id, 0, 0, $width - 1, $height - 1, 0);
// Fill the image black
@imagecopyresampled($target_id, $source_id, 0, 0, $cropx, $cropy, $width, $height, $source_x, $source_y);
} else {
$imageWidth = $width;
$imageHeight = $height;
// Calculate image ratio
if (!empty($imageWidth)) {
$ratio = $imageWidth / $dimensions[0];
$imageHeight = $dimensions[1] * $ratio;
} else {
if (!empty($imageHeight)) {
$ratio = $imageHeight / $dimensions[1];
$imageWidth = $dimensions[0] * $ratio;
}
}
// Round values
$imageWidth = floor($imageWidth);
$imageHeight = floor($imageHeight);
// Create true color image
$target_id = @imagecreatetruecolor($imageWidth, $imageHeight);
// Resize the original picture and copy it into the just created image object.
@imagecopyresampled($target_id, $source_id, 0, 0, 0, 0, $imageWidth, $imageHeight, $source_x, $source_y);
}
}
// Create black and white image
if ($blackAndWhite) {
if (function_exists("imagefilter")) {
imagefilter($target_id, IMG_FILTER_GRAYSCALE);
} else {
// Creates the 256 color palette
for ($c = 0; $c < 256; $c++) {
$palette[$c] = imagecolorallocate($target_id, $c, $c, $c);
}
// Reads the original colors pixel by pixel
for ($y = 0; $y < $height; $y++) {
for ($x = 0; $x < $width; $x++) {
$rgb = imagecolorat($target_id, $x, $y);
$r = $rgb >> 16 & 0xff;
$g = $rgb >> 8 & 0xff;
$b = $rgb & 0xff;
// This is where we actually use yiq to modify our rbg values, and then convert them to our grayscale palette
$gs = $this->yiq($r, $g, $b);
imagesetpixel($target_id, $x, $y, $palette[$gs]);
}
}
}
}
// Create a jpeg with the quality of "$jpegqual" out of the
// image object "$target_pic". This will be saved as $targetfile.
@imagejpeg($target_id, $targetfile, $jpegqual);
// If file exists return path to file
if (file_exists($targetfile)) {
return $targetfile;
}
return $targetfile;
}
<?php printSubsectionHeader($lEditUser["Profile"], "", 1, 1, "profile"); ?> <p><?php echo !$profile && !$register ? $lEditUser["ProfileText"] : $lEditProfile["ProfileText"]; ?> </p> <div id="profile" class="formIndent"> <table width="95%" cellspacing="0" cellpadding="2" border="0" summary="Pictures"> <tr> <td width="35"> <?php $imageUrl = $user->getUserImage(50); $dimensions = getImageDimensions($imageUrl); ?> <img name="img_0_preview" src="<?php echo $imageUrl; ?> " width="<?php echo $dimensions[0]; ?> " height="<?php echo $dimensions[1]; ?> " border="0" alt="" title="" class="border" /> </td> <td width="100%"> <?php
/**
* Save user in database.
* @param $readPost Read values from post.
* @param $validate Validate input values.
* @return ErrorList object if there were errors.
*/
function saveUser($readPost = true, $validate = true)
{
global $dbi, $errors, $group, $log, $login, $module, $settings;
// Include language
include scriptPath . "/include/language/" . pageLanguage . "/admin.php";
include scriptPath . "/include/language/" . pageLanguage . "/general.php";
// Save values into this user object
if ($readPost) {
if (empty($this->id)) {
$this->username = getValue("u_username");
}
if ($login->isWebmaster()) {
$this->activated = getValue("u_activated");
$this->activated = !$this->activated;
}
$this->groupId = getValue("u_groupId");
$this->name = getValue("u_name");
$this->email = getValue("u_email");
$this->phone = getValue("u_phone");
$this->mobile = getValue("u_mobile");
$this->facebook = getValue("u_facebook");
$this->twitter = getValue("u_twitter");
$this->linkurl = getValue("u_linkurl");
$this->linkname = getValue("u_linkname");
$this->location = getValue("u_location");
$this->department = getValue("u_department");
$this->position = getValue("u_position");
$this->profileText = parseHtml(getValue("u_profileText"), 2);
$this->signature = getValue("u_signature");
$this->hideEmail = getValue("u_hideEmail");
$this->hideTelephone = getValue("u_hideTelephone");
$this->hideInUserlist = getValue("u_hideInUserlist");
$this->hideOnlineStatus = getValue("u_hideOnlineStatus");
$this->notifyAboutChanges = getValue("u_notifyAboutChanges");
$this->categoryId = getValue("categoryId");
if (empty($this->id)) {
$this->password = getValue("u_passwd");
$repeatedPassword = getValue("u_repeated_passwd");
}
$groups = getValue("u_groups");
$profile = getValue("profile");
}
if ($validate) {
// Check submitter
checkSubmitter(scriptUrl);
if ($this->hasAdministerPermission() && !$profile) {
$userType = getValue("userType");
$this->administrator = 0;
$this->webmaster = 0;
if (!empty($userType)) {
switch ($userType) {
case 1:
// Webmaster
$this->webmaster = 1;
break;
case 2:
// Administrator
$this->administrator = 1;
break;
}
}
}
// Validate username
$this->validateUsername($this->username);
// Validate full name
if (empty($this->name)) {
$errors->addError("name", $lEditUser["MissingFullName"]);
}
// Validate email
if (!$login->isWebmaster()) {
if (empty($this->email)) {
$errors->addError("email", $lEditUser["MissingEmail"]);
}
}
// Validate email is valid and not already registered
if (!empty($this->email)) {
if (!checkEmail($this->email)) {
$errors->addError("email", $lEditUser["InvalidEmail"]);
} else {
$result = $dbi->query("SELECT id FROM " . userDataTableName . " WHERE " . (!empty($this->id) ? "id!=" . $dbi->quote($this->id) . " AND " : "") . "email=" . $dbi->quote($this->email));
if ($result->rows()) {
$errors->addError("email", $lEditUser["EmailExists"]);
}
}
}
// Validate password
if (empty($this->id)) {
$this->validatePassword($this->password, $repeatedPassword);
}
// Validate code
if (empty($this->id) && !$this->hasAdministerPermission() && $settings->requireValidation) {
if (!audit()) {
$errors->addError("validation", $lEditUser["WrongValidation"]);
}
}
}
// If no errors save user data
if (!$errors->hasErrors()) {
// Check if user category exists
if (!empty($this->categoryId)) {
$result = $dbi->query("SELECT Id FROM " . userCategoryTableName . " WHERE Id=" . $dbi->quote($this->categoryId) . " OR Title=" . $dbi->quote($this->categoryId));
if ($result->rows()) {
list($this->categoryId) = $result->fetchrow_array();
} else {
// Get max position
$position = 0;
$result = $dbi->query("SELECT MAX(Position) FROM " . userCategoryTableName);
if ($result->rows()) {
list($maxPosition) = $result->fetchrow_array();
$position = $maxPosition + 1;
}
// Insert the new category
$dbi->query("INSERT INTO " . userCategoryTableName . "(Title,Position) VALUES(" . $dbi->quote($this->categoryId) . "," . $dbi->quote($position) . ")");
$this->categoryId = $dbi->getInsertId();
}
}
if (!empty($this->id)) {
// Update basic user information
$dbi->query("UPDATE " . userTableName . " SET " . (!empty($this->username) ? "username="******"," : "") . "groupId=" . $dbi->quote($this->groupId) . ",registered=registered,lastLogged=lastLogged,lastUpdated=NOW()" . (!empty($this->password) ? ",password="******"") . ",administrator=" . $dbi->quote($this->administrator) . ",webmaster=" . $dbi->quote($this->webmaster) . ",activated=" . $dbi->quote($this->activated) . " WHERE id=" . $this->id);
// Update information about user
$dbi->query("UPDATE " . userDataTableName . " SET categoryId=" . $dbi->quote($this->categoryId) . ",name=" . $dbi->quote($this->name) . ",email=" . $dbi->quote($this->email) . ",phone=" . $dbi->quote($this->phone) . ",mobile=" . $dbi->quote($this->mobile) . ",linkurl=" . $dbi->quote($this->linkurl) . ",linkname=" . $dbi->quote($this->linkname) . ",facebook=" . $dbi->quote($this->facebook) . ",twitter=" . $dbi->quote($this->twitter) . ",location=" . $dbi->quote($this->location) . ",department=" . $dbi->quote($this->department) . ",position=" . $dbi->quote($this->position) . ",profileText=" . $dbi->quote($this->profileText) . ",signature=" . $dbi->quote($this->signature) . ",hideEmail=" . $dbi->quote($this->hideEmail) . ",hideTelephone=" . $dbi->quote($this->hideTelephone) . ",hideInUserlist=" . $dbi->quote($this->hideInUserlist) . ",hideOnlineStatus=" . $dbi->quote($this->hideOnlineStatus) . ",notifyAboutChanges=" . $dbi->quote($this->notifyAboutChanges) . " WHERE id=" . $this->id);
} else {
// Generate cookie
$cookie = $login->generateCookie();
if (!$login->isLoggedIn()) {
// Generate random string
if ($settings->activateWithEmail) {
$activationKey = generateRandomString(32);
}
// Insert data into database
$dbi->query("INSERT INTO " . userTableName . " (username,password,groupId,cookie,webmaster,administrator,activated,activationKey) VALUES(" . $dbi->quote(trim($this->username)) . "," . $dbi->quote(md5(trim($this->password))) . "," . $dbi->quote($this->groupId) . "," . $dbi->quote($cookie) . ",0,0," . ($settings->activateWithEmail && !$this->activated ? 0 : 1) . "," . ($settings->activateWithEmail ? $dbi->quote($activationKey) : "''") . ")");
} else {
// Insert data into database
$dbi->query("INSERT INTO " . userTableName . " (username,password,groupId,cookie,webmaster,administrator,activated) VALUES(" . $dbi->quote(trim($this->username)) . "," . $dbi->quote(md5(trim($this->password))) . "," . $dbi->quote($this->groupId) . "," . $dbi->quote($cookie) . "," . $dbi->quote($this->webmaster) . "," . $dbi->quote($this->administrator) . ",1)");
}
// Get new id of user
$this->id = $dbi->getInsertId();
// Insert user information
$dbi->query("INSERT INTO " . userDataTableName . "(id,categoryId,name,email,phone,mobile,linkurl,linkname,facebook,twitter,location,department,position,profileText,signature,hideEmail,hideTelephone,hideOnlineStatus,notifyAboutChanges) VALUES(" . $this->id . "," . $dbi->quote($this->categoryId) . "," . $dbi->quote($this->name) . "," . $dbi->quote($this->email) . "," . $dbi->quote($this->phone) . "," . $dbi->quote($this->mobile) . "," . $dbi->quote($this->linkurl) . "," . $dbi->quote($this->linkname) . "," . $dbi->quote($this->facebook) . "," . $dbi->quote($this->twitter) . "," . $dbi->quote($this->location) . "," . $dbi->quote($this->department) . "," . $dbi->quote($this->position) . "," . $dbi->quote($this->profileText) . "," . $dbi->quote($this->signature) . "," . $dbi->quote($this->hideEmail) . "," . $dbi->quote($this->hideTelephone) . "," . $dbi->quote($this->hideOnlineStatus) . "," . $dbi->quote($this->notifyAboutChanges) . ")");
// Send mail to registered user
if (!$login->isLoggedIn() && $settings->activateWithEmail) {
// Send registration email
$mail = new phpmailer();
$mail->CharSet = "UTF-8";
$mail->From = pageAdminMail;
$mail->Sender = pageAdminMail;
$mail->FromName = pageTitle;
$mail->Subject = sprintf($lEditUser["WelcomeEmailSubject"], pageTitle);
$mail->Body = sprintf($lEditUser["WelcomeEmailText"], $this->name, scriptUrl . "/" . fileProfileActivate . "?id=" . $this->id . "&activate=1&activationKey=" . $activationKey);
$mail->IsHTML(false);
$mail->AddAddress($this->email);
$mail->Send();
}
// Notify listeners that user was inserted
if (function_exists("userInserted")) {
userInserted($this->id);
}
}
// Set permissions for user
if ($this->hasAdministerPermission() && !$profile) {
if (!empty($userType)) {
// Remove permissions if any
$dbi->query("DELETE FROM " . permissionTableName . " WHERE moduleContentTypeId='' AND moduleContentId='' AND type='User' AND typeId=" . $dbi->quote($this->id));
// If module administrator set permissions
if ($userType == 3) {
$permissions = getValue("permissions");
$result = $dbi->query("SELECT Id FROM " . moduleTableName);
if ($result->rows()) {
for ($i = 0; list($moduleId) = $result->fetchrow_array(); $i++) {
if (!empty($permissions[$moduleId])) {
// Initialize values
$administrator = 0;
$comment = 0;
$create = 0;
$delete = 0;
$edit = 0;
$grant = 0;
$publish = 0;
$read = 0;
// Get permission type
switch ($permissions[$moduleId]) {
case 1:
$read = 1;
break;
case 2:
$read = 1;
$comment = 1;
break;
case 3:
$read = 1;
$comment = 1;
$create = 1;
$edit = 1;
break;
case 4:
$read = 1;
$comment = 1;
$create = 1;
$edit = 1;
$publish = 1;
break;
case 5:
$read = 1;
$comment = 1;
$create = 1;
$edit = 1;
$publish = 1;
$delete = 1;
break;
case 6:
$read = 1;
$comment = 1;
$create = 1;
$edit = 2;
$publish = 1;
$delete = 2;
break;
case 7:
$administrator = 1;
break;
}
// Check if any permissions have been set
if ($administrator || $comment != 0 || $create != 0 || $delete != 0 || $edit != 0 || $grant != 0 || $publish != 0 || $read != 0) {
// Set permissions for module content
$login->setModulePermissions($moduleId, "User", $this->id, $administrator, $comment, $create, $delete, $edit, $publish, $read);
}
}
}
}
}
}
// Add to groups
$group->deleteGroupRefs($this->id);
if (!empty($groups)) {
for ($i = 0; $i < sizeof($groups); $i++) {
$group->addToGroup($groups[$i], $this->id);
}
}
}
// Upload index picture
if (!empty($_FILES["img_0"]["tmp_name"])) {
$size = getImageDimensions($_FILES["img_0"]["tmp_name"]);
$height = $size[1] * (150 / $size[0]);
resizeToFile($_FILES["img_0"]["tmp_name"], 150, $height, scriptPath . "/" . folderUploadedFiles . "/user_" . $this->id . ".jpg", 100);
}
// Call any custom sections
global $site;
if (!empty($site->editUserSections)) {
for ($i = 0; $i < sizeof($site->editUserSections); $i++) {
if (function_exists($site->editUserSections[$i]["saveFunction"])) {
$site->editUserSections[$i]["saveFunction"]($this->id);
}
}
}
// Log transaction
$log->logTransaction(userContentTypeId, $this->id);
} else {
if (!empty($this->password)) {
$errors->addError("reenterPassword", $lEditUser["ReenterPasswords"]);
}
if (!empty($_FILES["img_0"]["tmp_name"])) {
$errors->addError("upload", $lErrors["ReUploadImages"]);
}
}
// Return list of errors
return $errors;
}
?>
;
<?php
$dimensions = array();
if (!file_exists(scriptPath . "/" . folderUploadedFiles . "/themeHeader.jpg")) {
?>
background-image: url(<?php
echo imgUrl;
?>
/menu_background.<?php
echo !empty($settings->subtheme) ? $settings->subtheme : "Blue";
?>
.jpg);
<?php
} else {
$dimensions = getImageDimensions(scriptPath . "/" . folderUploadedFiles . "/themeHeader.jpg");
?>
background-image: url(<?php
echo scriptUrl . "/" . folderUploadedFiles;
?>
/themeHeader.jpg);
<?php
}
?>
background-repeat: repeat-x;
border: 8px #ffffff solid;
color: #ffffff;
<?php
if (sizeof($dimensions) > 0) {
?>
height: <?php
exit;
}
// Initialize variables
$imageFile = "";
$imageText = "";
// Upload picture
if (!empty($_FILES["file"]["name"])) {
$extension = substr(strrchr($_FILES["file"]["name"], "."), 1);
if ($extension == "gif" || $extension == "jpg" || $extension == "jpeg" || $extension == "JPEG" || $extension == "GIF" || $extension == "JPG" || $extension == "PNG" || $extension == "png") {
if ($extension == "jpeg" || $extension == "JPEG") {
$extension = "jpg";
}
$extension = convertToLowercase($extension);
// Resize file if not webmaster
if (!$login->isWebmaster()) {
$dimensions = getImageDimensions($_FILES["file"]["tmp_name"]);
$width = 600;
$ratio = $width / $dimensions[0];
$height = $dimensions[1] * $ratio;
if ($dimensions[0] > $width) {
resizeToFile($_FILES["file"]["tmp_name"], $width, $height, $_FILES["file"]["tmp_name"], 100);
}
}
// Insert into file database
$dbi->query("INSERT INTO " . fileTableName . "(folderId,name,type,size) VALUES('" . (!empty($_POST["imageTargetFolder"]) ? $_POST["imageTargetFolder"] : pageUploadFolder) . "'," . $dbi->quote($_FILES["file"]["name"]) . "," . $dbi->quote($_FILES["file"]["type"]) . "," . $dbi->quote($_FILES["file"]["size"]) . ")");
$id = $dbi->getInsertId();
if (!empty($id)) {
// Get thumbnail width
$thumbnailWidth = getPostValue("uploadImageThumbnailWidth");
$thumbnailLink = getPostValue("uploadImageThumbnailLink");
// Move uploaded file
