} $fl = $C->TMP_DIR . 'tmp_' . md5(time() . rand(0, 9999)); file_put_contents($fl, base64_decode($_POST['image'])); list($w, $h, $tp) = @getimagesize($fl); if ($w == 0 || $h == 0) { $error = TRUE; $errmsg = 'Invalid image file.'; } elseif ($tp != IMAGETYPE_GIF && $tp != IMAGETYPE_JPEG && $tp != IMAGETYPE_PNG) { $error = TRUE; $errmsg = 'Invalid image type.'; } elseif ($w < 200 || $h < 200) { $error = TRUE; $errmsg = 'Too small image resolution.'; } else { $fn = time() . rand(100000, 999999) . '.png'; $res = copy_avatar($fl, $fn); if (!$res) { $error = TRUE; $errmsg = 'Inappropriate image file.'; } } if (!$error) { $old = $user->info->avatar; if ($old != $C->DEF_AVATAR_USER) { rm($C->IMG_DIR . 'avatars/' . $old); rm($C->IMG_DIR . 'avatars/thumbs1/' . $old); rm($C->IMG_DIR . 'avatars/thumbs2/' . $old); rm($C->IMG_DIR . 'avatars/thumbs3/' . $old); } $this->db2->query('UPDATE users SET avatar="' . $this->db2->escape($fn) . '" WHERE id="' . intval($this->db2->e($user->id)) . '" LIMIT 1'); $network->get_user_by_id($user->id, TRUE);
if (isset($_FILES['avatar']) && is_uploaded_file($_FILES['avatar']['tmp_name'])) { $D->submit = TRUE; $f = (object) $_FILES['avatar']; list($w, $h, $tp) = getimagesize($f->tmp_name); if ($w == 0 || $h == 0) { $D->error = TRUE; $D->errmsg = 'st_avatar_err_invalidfile'; } elseif ($tp != IMAGETYPE_GIF && $tp != IMAGETYPE_JPEG && $tp != IMAGETYPE_PNG && $tp != IMAGETYPE_BMP) { $D->error = TRUE; $D->errmsg = 'st_avatar_err_invalidformat'; } elseif ($w < $C->AVATAR_SIZE || $h < $C->AVATAR_SIZE) { $D->error = TRUE; $D->errmsg = 'st_avatar_err_toosmall'; } else { $fn = time() . rand(100000, 999999) . '.png'; $res = copy_avatar($f->tmp_name, $fn); if (!$res) { $D->error = TRUE; $D->errmsg = 'st_avatar_err_cantcopy'; } } if (!$D->error) { $old = $D->user->avatar; if ($old != $C->DEF_AVATAR_USER) { rm($C->IMG_DIR . 'avatars/' . $old); rm($C->IMG_DIR . 'avatars/thumbs1/' . $old); rm($C->IMG_DIR . 'avatars/thumbs2/' . $old); rm($C->IMG_DIR . 'avatars/thumbs3/' . $old); } $db2->query('UPDATE users SET avatar="' . $db2->escape($fn) . '" WHERE id="' . $D->user->id . '" LIMIT 1'); $D->user = $this->network->get_user_by_id($D->user->id, TRUE);
} if (!$D->error) { $tmplang = $db2->fetch_field('SELECT value FROM settings WHERE word="LANGUAGE" LIMIT 1'); $tmpzone = $db2->fetch_field('SELECT value FROM settings WHERE word="DEF_TIMEZONE" LIMIT 1'); $tmppass = md5($D->password); $db2->query('INSERT INTO users SET email="' . $db2->e($D->email) . '", username="******", password="******", fullname="' . $db2->e($D->fullname) . '", language="' . $tmplang . '", timezone="' . $tmpzone . '", reg_date="' . time() . '", reg_ip="' . ip2long($_SERVER['REMOTE_ADDR']) . '", active=1'); $user_id = intval($db2->insert_id()); $db1->query('DELETE FROM unconfirmed_registrations WHERE email="' . $db1->e($D->email) . '" '); $this->user->login($D->email, md5($D->password), FALSE); $gravatar_url = 'http://www.gravatar.com/avatar/' . md5($D->email) . '?s=' . $C->AVATAR_SIZE . '&d=404'; $gravatar_local = $C->TMP_DIR . 'grvtr' . time() . rand(0, 9999) . '.jpg'; if (@my_copy($gravatar_url, $gravatar_local)) { list($w, $h, $tp) = @getimagesize($gravatar_local); if ($w && $h && $tp && $w == $C->AVATAR_SIZE && $h >= $C->AVATAR_SIZE && ($tp == IMAGETYPE_JPEG || $tp == IMAGETYPE_GIF || $tp == IMAGETYPE_PNG)) { $fn = time() . rand(100000, 999999) . '.png'; $res = copy_avatar($gravatar_local, $fn); if ($res) { $db2->query('UPDATE users SET avatar="' . $db2->escape($fn) . '" WHERE id="' . $user_id . '" LIMIT 1'); $this->network->get_user_by_id($user_id, TRUE); } } rm($gravatar_local); } $invited_from = array(); $r = $db2->query('SELECT DISTINCT user_id FROM users_invitations WHERE recp_email="' . $db2->e($D->email) . '" LIMIT 1'); if ($db2->num_rows($r) > 0) { while ($tmpu = $db2->fetch_object($r)) { $db2->query('INSERT INTO users_followed SET who="' . $tmpu->user_id . '", whom="' . $user_id . '", date="' . time() . '", whom_from_postid="' . $this->network->get_last_post_id() . '" '); $db2->query('UPDATE users SET num_followers=num_followers+1 WHERE id="' . $user_id . '" LIMIT 1'); $this->network->get_user_follows($tmpu->user_id, TRUE); $invited_from[$tmpu->user_id] = TRUE;