public function update_by_admin($id = null)
{
//turn access
$this->ACL->turn(array('users', 'edit_users'));
$id = (int) $id;
// ID зарегистрированного пользователя не может быть меньше
// единицы - значит функция вызвана по ошибке
if ($id < 1) {
redirect('/users/');
}
// Если профиль пытается редактировать не зарегистрированный
// пользователь - функция вызвана по ошибке
if (!isset($_SESSION['user'])) {
redirect('/');
}
// Получаем данные о пользователе из БД
$user = $this->Model->getById($id);
if (!$user) {
return $this->showInfoMessage(__('Can not find user'), '/users/');
}
if (is_object($this->AddFields) && $user) {
$user = $this->AddFields->mergeRecords(array($user), true);
$user = $user[0];
}
$fields = array('name', 'email', 'oldEmail', 'icq', 'jabber', 'pol', 'city', 'telephone', 'byear', 'bmonth', 'bday', 'url', 'about', 'signature');
$fields_settings = (array) Config::read('fields', 'users');
$fields_settings = array_merge($fields_settings, array('email'));
foreach ($fields as $field) {
${$field} = isset($_POST[$field]) ? trim($_POST[$field]) : '';
}
if ('1' === $pol) {
$pol = 'm';
} else {
if ('2' === $pol) {
$pol = 'f';
} else {
$pol = '';
}
}
// Обрезаем лишние пробелы
$newpassword = !empty($_POST['newpassword']) ? trim($_POST['newpassword']) : '';
$confirm = !empty($_POST['confirm']) ? trim($_POST['confirm']) : '';
// Обрезаем переменные до длины, указанной в параметре maxlength тега input
$newpassword = mb_substr($newpassword, 0, 30);
$confirm = mb_substr($confirm, 0, 30);
$email = mb_substr($email, 0, 60);
$oldEmail = mb_substr($user->getEmail(), 0, 60);
$icq = mb_substr($icq, 0, 12);
$jabber = mb_substr($jabber, 0, 100);
$city = mb_substr($city, 0, 50);
$telephone = number_format(mb_substr((int) $telephone, 0, 20), 0, '', '');
$byear = intval(mb_substr($byear, 0, 4));
$bmonth = intval(mb_substr($bmonth, 0, 2));
$bday = intval(mb_substr($bday, 0, 2));
$url = mb_substr($url, 0, 60);
$about = mb_substr($about, 0, 1000);
$signature = mb_substr($signature, 0, 500);
$errors = $this->Register['Validate']->check($this->Register['action']);
// Additional fields
if (is_object($this->AddFields)) {
try {
$_addFields = $this->AddFields->checkFields();
} catch (Exception $e) {
$errors[] = $this->AddFields->getErrors();
}
}
// Если заполнено поле "Текущий пароль" - значит пользователь
// хочет изменить его или поменять свой e-mail
$changePassword = false;
$changeEmail = false;
// want to change password
if (!empty($newpassword)) {
$changePassword = true;
}
// user want to change email
if ($email != $oldEmail) {
$changeEmail = true;
}
// if new and old emails are equal, we needn't check password
if ($email == $oldEmail) {
$this->Register['Validate']->disableFieldCheck('password');
}
$tmp_key = rand(0, 9999999);
if (!empty($_FILES['avatar']['name'])) {
touchDir(ROOT . '/sys/tmp/images/', 0777);
$path = ROOT . '/sys/tmp/images/' . $tmp_key . '.jpg';
if (!isset($check_image) && move_uploaded_file($_FILES['avatar']['tmp_name'], $path)) {
chmod($path, 0644);
@($sizes = resampleImage($path, $path, 100));
if (!$sizes) {
@unlink($path);
$errors[] = __('Some error in avatar');
}
} else {
$errors[] = __('Some error in avatar');
}
}
$status = (int) $_POST['status'];
$timezone = (int) $_POST['timezone'];
if ($timezone < -12 or $timezone > 12) {
$timezone = 0;
}
// Errors
if (!empty($errors)) {
$_SESSION['FpsForm'] = array_merge(array('name' => null, 'status' => null, 'email' => null, 'timezone' => null, 'icq' => null, 'url' => null, 'about' => null, 'signature' => null, 'pol' => $pol, 'telephone' => null, 'city' => null, 'jabber' => null, 'byear' => null, 'bmonth' => null, 'bday' => null), $_POST);
$_SESSION['FpsForm']['errors'] = $errors;
redirect('/users/edit_form_by_admin/' . $id);
}
// Если выставлен флажок "Удалить загруженный ранее файл"
if (isset($_POST['unlink']) and is_file(ROOT . '/sys/avatars/' . $id . '.jpg')) {
unlink(ROOT . '/sys/avatars/' . $id . '.jpg');
}
if (file_exists(ROOT . '/sys/tmp/images/' . $tmp_key . '.jpg')) {
if (copy(ROOT . '/sys/tmp/images/' . $tmp_key . '.jpg', ROOT . '/sys/avatars/' . $id . '.jpg')) {
chmod(ROOT . '/sys/avatars/' . $id . '.jpg', 0644);
}
unlink(ROOT . '/sys/tmp/images/' . $tmp_key . '.jpg');
}
// Все поля заполнены правильно - записываем изменения в БД
if ($changePassword) {
$user->setPassw(md5($newpassword));
}
if ($changeEmail) {
$user->setEmail($email);
}
if (isset($_POST['activation'])) {
$user->setActivation('');
}
$user->setName($name);
$user->setStatus($status);
$user->setTimezone($timezone);
$user->setUrl($url);
$user->setIcq($icq);
$user->setJabber($jabber);
$user->setCity($city);
$user->setTelephone($telephone);
$user->setPol($pol);
$user->setByear($byear);
$user->setBmonth($bmonth);
$user->setBday($bday);
$user->setAbout($about);
$user->setSignature($signature);
$user->save();
// Additional fields saving
if (is_object($this->AddFields)) {
$this->AddFields->save($id, $_addFields);
}
if ($this->Log) {
$this->Log->write('editing user by adm', 'user id(' . $id . ') adm id(' . $_SESSION['user']['id'] . ')');
}
return $this->showInfoMessage(__('Operation is successful'), getProfileUrl($id));
}
die;
}
if ($params[0] == 'loads') {
$attach = $FpsDB->select('loads_attaches', DB_FIRST, array('cond' => array('filename' => $params[1])));
if (count($attach) < 1) {
die;
}
}
// Size of future image
if (!empty($params[2])) {
$sample_size = (int) $params[2];
} else {
$sample_size = $Register['Config']->read('img_preview_size');
}
// Min allowed size
if ($sample_size < 50) {
$sample_size = 50;
}
// New path
$tmpdir = ROOT . '/sys/tmp/img_cache/' . $sample_size . '/' . $params[0] . '/';
if (!file_exists($tmpdir)) {
mkdir($tmpdir, 0777, true);
}
if (!file_exists($tmpdir . $params[1])) {
$dest_path = ROOT . '/sys/files/' . $params[0] . '/' . $params[1];
resampleImage($dest_path, $tmpdir . $params[1], $sample_size);
}
header('Content-type: image/' . substr($ext, 1, 3));
echo file_get_contents($tmpdir . $params[1]);
}
die;
function imageUpload($flag_flow)
{
global $cfg, $db;
authenticate('access_admin', false, true);
if (ini_get('file_uploads') == false) {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]File uploads disabled in the php.ini.');
}
if ($_FILES['image_front']['error'] == UPLOAD_ERR_NO_FILE && $_FILES['image_back']['error'] == UPLOAD_ERR_NO_FILE) {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]There is no file uploaded');
}
if ($_FILES['image_front']['error'] != UPLOAD_ERR_OK && $_FILES['image_front']['error'] != UPLOAD_ERR_NO_FILE) {
if ($_FILES['image_front']['error'] == UPLOAD_ERR_INI_SIZE) {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]The file is larger than the value set in php.ini for upload_max_file');
} elseif ($_FILES['image_front']['error'] == UPLOAD_ERR_PARTIAL) {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]The file is not fully uploaded');
} elseif ($_FILES['image_front']['error'] == UPLOAD_ERR_NO_TMP_DIR) {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]PHP, the directory for the temporary file not found');
} elseif ($_FILES['image_front']['error'] == UPLOAD_ERR_CANT_WRITE) {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]PHP could not write the temporary file');
} else {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]Error code: ' . $_FILES['image_front']['error']);
}
}
if ($_FILES['image_back']['error'] != UPLOAD_ERR_OK && $_FILES['image_back']['error'] != UPLOAD_ERR_NO_FILE) {
if ($_FILES['image_back']['error'] == UPLOAD_ERR_INI_SIZE) {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]The file is larger than the value set in php.ini for upload_max_file');
} elseif ($_FILES['image_back']['error'] == UPLOAD_ERR_PARTIAL) {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]The file is not fully uploaded');
} elseif ($_FILES['image_back']['error'] == UPLOAD_ERR_NO_TMP_DIR) {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]PHP, the directory for the temporary file not found');
} elseif ($_FILES['image_back']['error'] == UPLOAD_ERR_CANT_WRITE) {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]PHP could not write the temporary file');
} else {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]Error code: ' . $_FILES['image_back']['error']);
}
}
$album_id = post('album_id');
$query = mysql_query('SELECT relative_file FROM track WHERE album_id = "' . mysql_real_escape_string($album_id) . '"');
$track = mysql_fetch_assoc($query);
$image_dir = $cfg['media_dir'] . $track['relative_file'];
$image_dir = substr($image_dir, 0, strrpos($image_dir, '/') + 1);
if ($track == false) {
message(__FILE__, __LINE__, 'error', '[b]Error[/b][br]album_id not found in database');
}
if ($_FILES['image_front']['error'] == UPLOAD_ERR_OK) {
$imagesize = @getimagesize($_FILES['image_front']['tmp_name']) or message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]Unsupported file.');
if ($imagesize[2] == IMAGETYPE_JPEG) {
$image = $image_dir . $cfg['image_front'] . '.jpg';
$delete = $image_dir . $cfg['image_front'] . '.png';
} elseif ($imagesize[2] == IMAGETYPE_PNG) {
$image = $image_dir . $cfg['image_front'] . '.png';
$delete = $image_dir . $cfg['image_front'] . '.jpg';
} else {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]Unsupported file.');
}
if (copy($_FILES['image_front']['tmp_name'], $image) == false) {
message(__FILE__, __LINE__, 'error', '[b]Failed to copy[/b][br]from: ' . $_FILES['image_front']['tmp_name'] . '[br]to: ' . $image);
}
if (is_file($delete) && @unlink($delete) == false) {
message(__FILE__, __LINE__, 'error', '[b]Failed to delete file:[/b][br]' . $delete);
}
$flag = 3;
// stored
$filemtime = filemtime($image);
$filesize = filesize($image);
$image_id = $album_id . '_' . base_convert(NJB_IMAGE_SIZE * 100 + NJB_IMAGE_QUALITY, 10, 36) . base_convert($filemtime, 10, 36) . base_convert($filesize, 10, 36);
$relative_image = substr($image, strlen($cfg['media_dir']));
mysql_query('UPDATE bitmap SET
image = "' . mysql_real_escape_string(resampleImage($image)) . '",
filesize = ' . (int) $filesize . ',
filemtime = ' . (int) $filemtime . ',
flag = ' . (int) $flag . ',
image_front = "' . mysql_real_escape_string($relative_image) . '",
image_front_width = ' . (int) $imagesize[0] . ',
image_front_height = ' . (int) $imagesize[1] . ',
image_id = "' . mysql_real_escape_string($image_id) . '"
WHERE album_id = "' . mysql_real_escape_string($album_id) . '"');
mysql_query('UPDATE album SET
image_id = "' . mysql_real_escape_string($image_id) . '"
WHERE album_id = "' . mysql_real_escape_string($album_id) . '"');
}
if ($_FILES['image_back']['error'] == UPLOAD_ERR_OK) {
$imagesize = @getimagesize($_FILES['image_back']['tmp_name']) or message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]Unsupported file.');
if ($imagesize[2] == IMAGETYPE_JPEG) {
$image = $image_dir . $cfg['image_back'] . '.jpg';
$delete = $image_dir . $cfg['image_back'] . '.png';
} elseif ($imagesize[2] == IMAGETYPE_PNG) {
$image = $image_dir . $cfg['image_back'] . '.png';
$delete = $image_dir . $cfg['image_back'] . '.jpg';
} else {
message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]Unsupported file.');
}
if (copy($_FILES['image_back']['tmp_name'], $image) == false) {
message(__FILE__, __LINE__, 'error', '[b]Failed to copy[/b][br]from: ' . $_FILES['image_back']['tmp_name'] . '[br]to: ' . $image);
}
if (is_file($delete) && @unlink($delete) == false) {
message(__FILE__, __LINE__, 'error', '[b]Failed to delete file:[/b][br]' . $delete);
}
$relative_image = substr($image, strlen($cfg['media_dir']));
mysql_query('UPDATE bitmap SET
image_back = "' . mysql_real_escape_string($relative_image) . '"
WHERE album_id = "' . mysql_real_escape_string($album_id) . '"');
}
if ($flag_flow == 9) {
header('Location: ' . NJB_HOME_URL . 'index.php?action=view3&album_id=' . $album_id);
exit;
} else {
imageUpdate($flag_flow);
}
}
//ini_set('display_errors', 'On');
require_once 'include/initialize.inc.php';
require_once 'include/stream.inc.php';
$image_id = get('image_id');
$track_id = get('track_id');
$quality = get('quality') == 'hq' ? 'hq' : 'lq';
//$quality = 'hq';
$image = get('image');
$album_id = get('album_id');
$action = get('action');
if ($action == 'viewall' && $album_id) {
viewall($album_id);
} elseif (isset($image_id)) {
image($image_id, $quality, $track_id);
} elseif (isset($image)) {
resampleImage($image);
} elseif ($cfg['image_share']) {
shareImage();
}
exit;
function viewall($album_id)
{
$res = mysql_query('SELECT image_id FROM bitmap WHERE album_id="' . mysql_real_escape_string($album_id) . '"');
if (mysql_num_rows($res) < 2) {
exit;
}
while ($rec = mysql_fetch_assoc($res)) {
echo '<img width="50" height="50" src="image.php?image_id=' . $rec['image_id'] . '&quality=hq" />';
}
exit;
}
function fetchAlbumImages($albumDir, $album_id)
{
global $cfg, $db, $getID3;
$fallBackImage = NJB_HOME_DIR . 'image/no_image.png';
if (is_dir($albumDir) == FALSE) {
return array($fallBackImage);
}
$musicFiles = array();
$imageFiles = array();
$flag = 0;
// No image
if ($cfg['image_read_embedded'] === TRUE) {
// get all files music files of directory
$handle = opendir($albumDir);
while ($file = readdir($handle)) {
$ext = strtolower(preg_replace('/^.*\\./', '', $file));
if (is_file($albumDir . $file) && in_array($ext, $cfg['media_extension']) !== FALSE) {
$musicFiles[] = $albumDir . $file;
}
}
closedir($handle);
foreach ($musicFiles as $i) {
$coverBinary = writeEmbeddedCoverToTempfile($i);
if ($coverBinary !== FALSE) {
// md5() of extracted images of same album files seems to be different - lets use filesize
$imageFiles[filesize($coverBinary)] = $coverBinary;
}
}
}
if ($cfg['image_look_current_directory'] === TRUE) {
$imageFiles = array_merge($imageFiles, getImages($albumDir));
}
if ($cfg['image_look_cover_directory'] === TRUE) {
// get all image files of album directory
$handle = opendir($albumDir);
while ($dirname = readdir($handle)) {
if (is_dir($albumDir . $dirname)) {
if (in_array(az09($dirname), $cfg['common_artwork_dir_names'])) {
$imageFiles = array_merge($imageFiles, getImages($albumDir . $dirname));
}
}
}
closedir($handle);
}
if ($cfg['image_look_parent_directory'] === TRUE && count($imageFiles) === 0) {
$imageFiles = getImages(dirname($albumDir));
}
if (count($imageFiles) === 0) {
$imageFiles = array($fallBackImage);
}
$albumUpdated = FALSE;
// insert all images into database...
foreach ($imageFiles as $image) {
$filesize = filesize($image);
$filemtime = filemtime($image);
$flag = 0;
$image_front = '';
$image_back = '';
if (stripos($image, NJB_HOME_DIR) !== FALSE && $image !== $fallBackImage) {
$flag = 3;
$image_front = str_replace($cfg['media_dir'], '', $image);
}
$imagesize = @getimagesize($image);
if (!$imagesize) {
//TODO: logging
#message(__FILE__, __LINE__, 'error', '[b]Failed to read image information from:[/b][br]' . $image);
error_log('OMPD-import-image error for: ' . $image);
}
$image_id = $flag == 3 ? $album_id : 'no_image';
$image_id .= '_' . base_convert(NJB_IMAGE_SIZE * 100 + NJB_IMAGE_QUALITY, 10, 36) . base_convert($filemtime, 10, 36) . base_convert($filesize, 10, 36);
mysql_query('INSERT INTO bitmap (image, filesize, filemtime, flag, image_front, image_back, image_front_width, image_front_height, image_id, album_id, updated)
VALUES ("' . mysql_real_escape_string(resampleImage($image)) . '",
' . (int) $filesize . ',
' . (int) $filemtime . ',
' . (int) $flag . ',
"' . mysql_real_escape_string($image_front) . '",
"' . mysql_real_escape_string($image_back) . '",
' . ($flag == 3 ? $imagesize[0] : 0) . ',
' . ($flag == 3 ? $imagesize[1] : 0) . ',
"' . mysql_real_escape_string($image_id) . '",
"' . mysql_real_escape_string($album_id) . '",
1)');
if ($albumUpdated === FALSE) {
mysql_query('UPDATE album
SET image_id = "' . mysql_real_escape_string($image_id) . '"
WHERE album_id = "' . mysql_real_escape_string($album_id) . '"
LIMIT 1');
$albumUpdated = TRUE;
}
if (stripos($image, NJB_HOME_DIR . 'tmp/') === 0) {
@unlink($image);
}
}
}
