function MakeGif($data) { global $config; $loc = 'badgeli.php->MakeGif'; if (isset($data["UserID"])) { $userid = intval($data["UserID"]); } else { $msg = 'UserID not given.'; log_error($loc, $msg); return $msg; } if (!isset($data["BadgeID"])) { $msg = 'BadgeID not given for UserID = ' . $userid; log_error($loc, $msg); return $msg; } if (!isset($data["PicID"])) { $msg = 'PicID not given for UserID = ' . $userid; log_error($loc, $msg); return $msg; } $badgeid = $data["BadgeID"]; $picid = intval($data["PicID"]); if (!VerifyBadgeFormat($badgeid)) { $msg = 'Bad Badge Format. Must be in form of "A000".'; log_error($loc, $msg); return $msg; } if ($picid <= 0) { $msg = 'User ' . $userid . ' does not have a picture.'; log_error($loc, $msg); return $msg; } CheckBadgeDir(); // We have a image to put on the badge! $picfile = PicPathName($picid, 'standard'); // Standard should have more than enough resolution. $imginfo = @getimagesize($picfile); if ($imginfo === false) { $msg = 'Getimagesize() failed on our image: ' . $picfile; log_error($loc, $msg); return $msg; } $picwidth = $imginfo[0]; $picheight = $imginfo[1]; $picimg = @imagecreatefromjpeg($picfile); if ($picimg === false) { $msg = 'imagecreatefromjpeg() failed on our image: ' . $picfile; log_error($loc, $msg); return $msg; } $scale = 260 / $picheight; $xsize = intval($picwidth * $scale); $ysize = intval($picheight * $scale); $img = imagecreatetruecolor($xsize, $ysize); $result = @imagecopyresampled($img, $picimg, 0, 0, 0, 0, $xsize, $ysize, $picwidth, $picheight); if ($result === false) { $msg = 'imagecopyresized() failed for PidId=' . $picid; log_error($loc, $msg); return $msg; } $outfile = $config["UploadDir"] . 'gifs/' . $badgeid . '.gif'; $result = imagegif($img, $outfile); if ($result === false) { $msg = 'imagegif() failed for PicID=' . $picid; log_error($loc, $msg); return $msg; } log_msg($loc, 'Image Successfully made for BadgeID= ' . $badgeid . '.'); return true; }
function UpdateUser($param_list, $userid = 0) { global $config; $loc = "userlib.php->UpdateUser"; $pwchanged = false; $fields = array(array("LastName", "str"), array("FirstName", "str"), array("PasswordHash", "str"), array("NickName", "str"), array("Title", "str"), array("BadgeID", "str"), array("Email", "str"), array("Tags", "str"), array("Active", "bool")); if ($userid != 0) { $sql = "SELECT * FROM Users WHERE UserID=" . intval($userid); $result = SqlQuery($loc, $sql); if ($result->num_rows <= 0) { $error_msg = "Unable to update user. UserID=" . intval($userid) . " not found."; log_msg($loc, $error_msg); return $error_msg; } } else { if (!IsFieldInParamList("UserName", $param_list)) { $error_msg = 'Unable to update user. No UserName or UserID Given.'; log_msg($loc, $error_msg); return $error_msg; } $username = GetValueFromParamList($param_list, "UserName"); $sql = 'SELECT * FROM Users WHERE UserName="******"'; $result = SqlQuery($loc, $sql); if ($result->num_rows <= 0) { $error_msg = 'Unable to update user. UserName="******" not found.'; log_msg($loc, $error_msg); return $error_msg; } $row = $result->fetch_assoc(); $userid = intval($row["UserID"]); } // If the BadgeID is being changed we need to make sure its not a duplicate. if (IsFieldInParamList("BadgeID", $param_list)) { $badgeid = GetValueFromParamList($param_list, "BadgeID"); if (!blank($badgeid)) { if (!VerifyBadgeFormat($badgeid)) { $error_msg = 'Unable to update user. Bad Format for BadgeID. Must be in form of "A000".'; log_msg($loc, $error_msg); return $error_msg; } $sql = 'SELECT UserID FROM Users WHERE BadgeID="' . $badgeid . '"'; $result = SqlQuery($loc, $sql); while ($row = $result->fetch_assoc()) { if ($row["UserID"] != $userid) { $error_msg = 'Unable to update user. BadgeID ' . $badgeid . ' already in use.'; log_msg($loc, $error_msg); return $error_msg; } } } } // At this point, move all values into a seperate array, but treat password special. $data = array(); $c = 0; foreach ($param_list as $param_spec) { if (!isset($param_spec["FieldName"])) { continue; } if (!isset($param_spec["Value"])) { continue; } if ($param_spec["FieldName"] == "Password") { $pw = $param_spec["Value"]; if (empty($pw)) { continue; } $v = crypt($pw, $config["Salt"]); $pwchanged = true; $fn = "PasswordHash"; $data[$fn] = $v; $c++; continue; } $fn = $param_spec["FieldName"]; $v = $param_spec["Value"]; $data[$fn] = $v; $c++; } if ($c <= 0) { $error_msg = "Unable to update user. UserID=" . intval($userid) . ". Nothing to update."; log_msg($loc, $error_msg); return $error_msg; } // At this point, we have a userid that we can count on, and the data. $sql = 'UPDATE Users SET '; $sql .= GenerateSqlSet($data, $fields); $sql .= " WHERE UserID=" . intval($userid); SqlQuery($loc, $sql); $msg = 'Info for User ' . $userid . ' updated by ' . GetUserName() . '. '; if ($pwchanged) { $msg .= '(Including a password change.)'; } log_msg($loc, $msg); return true; }