public function isAdmin() { if (self::$me == null) { self::$me = new beuser($_SESSION['beuser_id']); } if ($this->get('is_admin') == 1) { return true; } else { return false; } }
<?php switch ($_POST['action']) { case 'verifyLogin': $user = new Beuser(); $login = $user->verifyPassword($_POST['values']['mail'], $_POST['values']['password'], $_POST['values']['storeLogin']); if ($login === true) { $status = 'correct'; } else { $status = $login; } echo json_encode(array('status' => $status)); break; }
function __construct() { switch ($_POST['action']) { case 'beprofilepic': $target_dir = '../data/img/_users/'; break; case 'userimage': case 'profilepic': default: $target_dir = 'data/img/_users/'; break; } $imageFileType = pathinfo($_FILES['file']['name'][0], PATHINFO_EXTENSION); switch ($_POST['action']) { case 'userimage': $uniqueFilename = $this->getRandomUniqueFilename($imageFileType, $_SESSION['user_id']); break; case 'profilepic': $uniqueFilename = $this->getRandomUniqueFilename($imageFileType, $_SESSION['user_id']); break; case 'beprofilepic': $uniqueFilename = $this->getRandomUniqueFilename($imageFileType, $_SESSION['beuser_id']); break; } $filename = $uniqueFilename . '.' . $imageFileType; $target_file = $target_dir . $filename; $uploadOk = 1; // Check if image file is a actual image or fake image $check = getimagesize($_FILES['file']['tmp_name'][0]); if ($check !== false) { $uploadOk = 1; } else { $errormsg = Texter::get('upload|wrongFiletype'); $uploadOk = 0; } // Check if file already exists if (file_exists($target_file)) { $errormsg = 'Sorry, file already exists.'; $uploadOk = 0; } // Check file size if ($_FILES['file']['size'][0] > 5000000) { $errormsg = Texter::get('upload|fileTooBig'); $uploadOk = 0; } // Allow certain file formats if ($imageFileType != 'jpg' && $imageFileType != 'png' && $imageFileType != 'jpeg' && $imageFileType != 'gif') { $errormsg = Texter::get('upload|wrongFiletype'); $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { echo json_encode(array('status' => 0, 'error' => $errormsg)); // if everything is ok, try to upload file } else { if (move_uploaded_file($_FILES['file']['tmp_name'][0], $target_file)) { $uploadtime = date('U'); $imageid = null; switch ($_POST['action']) { case 'userimage': database::Query('INSERT INTO files SET filename=:var1, user_id=:var2, comment=:var3, `date`=:var4', array('var1' => $filename, 'var2' => $_SESSION['user_id'], 'var3' => '', 'var4' => $uploadtime), $imageid); Logging::log(5, $_SESSION['user']); break; case 'profilepic': // Delete old profilepic $RS = database::Query('SELECT profilepic FROM users WHERE id =' . $_SESSION['user_id'] . ';', array()); if ($RS[0]['profilepic'] != '' && file_exists($target_dir . $RS[0]['profilepic']) && strpos($RS[0]['profilepic'], '_default') === false) { unlink($target_dir . $RS[0]['profilepic']); } database::Query('UPDATE users SET profilepic=:var1 WHERE id=' . $_SESSION['user_id'] . ';', array('var1' => $filename)); Logging::log(6, $_SESSION['user']); break; case 'beprofilepic': $user = new Beuser($_SESSION['beuser_id']); // Delete old profilepic if (file_exists($target_dir . $user->get('profilepic')) && strpos($user->get('profilepic'), '_default') === false) { unlink($target_dir . $user->get('profilepic')); if (file_exists($target_dir . '_thumbs/' . $user->get('profilepic'))) { unlink($target_dir . '_thumbs/' . $user->get('profilepic')); } } $user->set('profilepic', $filename); $user->createThumbnail(); $user->save(); break; } //end switch echo json_encode(array('status' => 1, 'file' => array('id' => $imageid, 'filename' => $target_file, 'date' => date('d.m.Y H:i', $uploadtime)))); } else { echo json_encode(array('status' => 0, 'error' => 'Fehler beim Upload')); } //end if } //end if }