function checkRemotePic($pic, $id) { global $config, $filesystem; $avatar_data = get_remote($pic); if ($avatar_data == REMOTE_CLIENT_ERROR || $avatar_data == REMOTE_INVALID_URL) { return $avatar_data; } if (strlen($avatar_data) > $config['avfilesize']) { return REMOTE_FILESIZE_ERROR; } $filename = md5(uniqid($id)); $origfile = 'temp/' . $filename; $filesystem->file_put_contents($origfile, $avatar_data); if (filesize($origfile) > $config['avfilesize']) { return REMOTE_FILESIZE_ERROR; } $imageinfo = @getimagesize($origfile); if (is_array($imageinfo)) { list($width, $height, $type) = $imageinfo; } else { return REMOTE_IMAGE_ERROR; } if ($width > $config['avwidth']) { return REMOTE_IMAGE_WIDTH_ERROR; } if ($height > $config['avheight']) { return REMOTE_IMAGE_HEIGHT_ERROR; } $types = explode(',', strtolower($config['avfiletypes'])); $ext = image_type_to_extension($type, false); if (!in_array($ext, $types)) { return REMOTE_EXTENSION_ERROR; } $dir = 'uploads/pics/'; $pic = $dir . $id . '.' . $ext; removeOldImages($dir, $id); $filesystem->copy($origfile, $pic); return $pic; }
$did = implode(',', $delete); $result = $db->query('SELECT * FROM '.$db->pre.'user WHERE id IN ('.$did.')'); $olduserdata = file_get_contents('data/deleteduser.php'); while ($user = $gpc->prepare($db->fetch_assoc($result))) { // Step 1: Write Data to File with old Usernames $olduserdata .= "\n{$user['id']}\t{$user['name']}"; $olduserdata = trim($olduserdata); // Step 2: Delete all pms $db->query("DELETE FROM {$db->pre}pm WHERE pm_to IN ({$did})"); // Step 3: Search all old posts by an user, and update to guests post $db->query("UPDATE {$db->pre}replies SET name = '{$user['name']}', email = '{$user['mail']}', guest = '1' WHERE name = '{$user['id']}' AND guest = '0'"); // Step 4: Search all old topics by an user, and update to guests post $db->query("UPDATE {$db->pre}topics SET name = '{$user['name']}' WHERE name = '{$user['id']}'"); $db->query("UPDATE {$db->pre}topics SET last_name = '{$user['name']}' WHERE last_name = '{$user['id']}'"); // Step 5: Delete pic removeOldImages('uploads/pics/', $user['id']); } $filesystem->file_put_contents('data/deleteduser.php', $olduserdata); // Step 6: Delete all abos $db->query("DELETE FROM {$db->pre}abos WHERE mid IN ({$did})"); // Step 8: Delete as mod $db->query("DELETE FROM {$db->pre}moderators WHERE mid IN ({$did})"); $delete = $gpc->get('delete', arr_int); // Step 9: Set uploads from member to guests-group $db->query("UPDATE {$db->pre}uploads SET mid = '0' WHERE mid IN ({$did})"); // Step 10: Set post ratings from member to guests-group I $db->query("UPDATE {$db->pre}postratings SET mid = '0' WHERE mid IN ({$did})"); // Step 11: Set post ratings from member to guests-group II $db->query("UPDATE {$db->pre}postratings SET aid = '0' WHERE aid IN ({$did})"); // Step 12: Delete user himself $db->query("DELETE FROM {$db->pre}user WHERE id IN ({$did})");
if ($my_uploader->upload('upload', explode('|', $config['avfiletypes']))) { $my_uploader->save_file('uploads/pics/', '2'); } if ($my_uploader->return_error()) { error($my_uploader->return_error(), 'editprofile.php?action=pic'); } else { if (file_exists($my->pic)) { @unlink($my->pic); } $ext = $my_uploader->rename_file('uploads/pics/', $my_uploader->file['name'], $my->id); } $my->pic = 'uploads/pics/' . $my->id . $ext; } elseif (!empty($pic) && preg_match('/^(http:\\/\\/|www.)([\\wהצ�ִײ�@\\-_\\.]+)\\:?([0-9]*)\\/(.*)$/', $pic, $url_ary)) { $my->pic = checkRemotePic($pic, $url_ary, $my->id); } else { removeOldImages('uploads/pics/', $my->id); } $db->query("UPDATE {$db->pre}user SET pic = '{$my->pic}' WHERE id = '{$my->id}' LIMIT 1", __LINE__, __FILE__); ok($lang->phrase('editprofile_pic_success'), "editprofile.php?action=pic" . SID2URL_x); } elseif ($_GET['action'] == "pic") { if ($my->p['usepic'] == 0) { errorLogin($lang->phrase('not_allowed'), "editprofile.php"); } $breadcrumb->Add($lang->phrase('editprofile_pic')); echo $tpl->parse("header"); echo $tpl->parse("menu"); $filetypes = str_replace("|", ", ", $config['avfiletypes']); $filesize = formatFilesize($config['avfilesize']); $size = ''; if ($config['avwidth'] > 0) { $size .= $lang->phrase('editprofile_pic_w1');
function checkRemotePic($pic, $url_ary, $id, $redir = "editprofile.php?action=pic") { global $lang, $config, $filesystem; $redir .= SID2URL_x; if (empty($url_ary[4])) { error($lang->phrase('editprofile_pic_error1'), $redir); } $base_get = '/' . $url_ary[4]; $port = !empty($url_ary[3]) ? $url_ary[3] : 80; if (!($fsock = @fsockopen($url_ary[2], $port, $errno, $errstr, 10))) { error($lang->phrase('editprofile_pic_error2'), $redir); } @fputs($fsock, "GET {$base_get} HTTP/1.1\r\n"); @fputs($fsock, "HOST: " . $url_ary[2] . "\r\n"); @fputs($fsock, "Connection: close\r\n\r\n"); $avatar_data = ''; while (!@feof($fsock)) { $avatar_data .= @fread($fsock, $config['avfilesize']); } @fclose($fsock); if (!preg_match('#Content-Length\\: ([0-9]+)[^ /][\\s]+#i', $avatar_data, $file_data1) || !preg_match('#Content-Type\\: image/[x\\-]*([a-z]+)[\\s]+#i', $avatar_data, $file_data2)) { error($lang->phrase('editprofile_pic_error4'), $redír); } list(, $avatar_data) = explode("\r\n\r\n", $avatar_data, 2); $ext = get_extension($pic); $filename = md5(uniqid($id)); $origfile = 'temp/' . $filename . $ext; file_put_contents($origfile, $avatar_data); $filesize = filesize($origfile); list($width, $height, $type) = @getimagesize($origfile); $types = explode('|', $config['avfiletypes']); if ($width > 0 && $height > 0 && $width <= $config['avwidth'] && $height <= $config['avheight'] && $filesize <= $config['avfilesize'] && in_array($ext, $types)) { $pic = 'uploads/pics/' . $id . $ext; removeOldImages('uploads/pics/', $id); @$filesystem->copy($origfile, $pic); } else { error($lang->phrase('editprofile_pic_error3'), $redir); } return $pic; }
function checkRemotePic($pic, $url_ary, $id) { global $config, $filesystem; if ($config['avwidth'] == 0) { $config['avwidth'] = 2048; } if ($config['avheight'] == 0) { $config['avheight'] = 2048; } if (empty($url_ary[4])) { error("admin.php?action=members&job=edit&id=" . $id, 'No valid URL indicated.'); } $base_get = '/' . $url_ary[4]; $port = !empty($url_ary[3]) ? $url_ary[3] : 80; if (!($fsock = @fsockopen($url_ary[2], $port, $errno, $errstr, 15))) { error("admin.php?action=members&job=edit&id=" . $id, "The server does not respond to your request:<br />{errno}: {$errstr}"); } @fputs($fsock, "GET {$base_get} HTTP/1.1\r\n"); @fputs($fsock, "HOST: " . $url_ary[2] . "\r\n"); @fputs($fsock, "Connection: close\r\n\r\n"); $avatar_data = ''; while (!@feof($fsock)) { $avatar_data .= @fread($fsock, $config['avfilesize']); } @fclose($fsock); if (!preg_match('#Content-Length\\: ([0-9]+)[^ /][\\s]+#i', $avatar_data, $file_data1) || !preg_match('#Content-Type\\: image/[x\\-]*([a-z]+)[\\s]+#i', $avatar_data, $file_data2)) { error("admin.php?action=members&job=edit&id=" . $id, 'The server does not return a valid response!'); } list(, $avatar_data) = explode("\r\n\r\n", $avatar_data, 2); $ext = get_extension($pic); $filename = md5(uniqid($id)); $origfile = 'temp/' . $filename . $ext; $filesystem->file_put_contents($origfile, $avatar_data); $filesize = filesize($origfile); list($width, $height, $type) = @getimagesize($origfile); $types = explode('|', $config['avfiletypes']); if ($width > 0 && $height > 0 && $width <= $config['avwidth'] && $height <= $config['avheight'] && $filesize <= $config['avfilesize'] && in_array($ext, $types)) { $pic = 'uploads/pics/' . $id . $ext; removeOldImages('uploads/pics/', $id); $filesystem->copy($origfile, $pic); } else { error("admin.php?action=members&job=edit&id=" . $id, 'Image does not match the criteria!'); } return $pic; }
function checkRemotePic($pic, $url_ary, $id) { global $config, $filesystem; if ($config['avwidth'] == 0) { $config['avwidth'] = 2048; } if ($config['avheight'] == 0) { $config['avheight'] = 2048; } if (empty($url_ary[4])) { error("admin.php?action=members&job=edit&id=" . $id, 'Keine gültige URL angegeben.'); } $base_get = '/' . $url_ary[4]; $port = !empty($url_ary[3]) ? $url_ary[3] : 80; if (!($fsock = @fsockopen($url_ary[2], $port, $errno, $errstr, 15))) { error("admin.php?action=members&job=edit&id=" . $id, "Konnte keine Verbindung zum Avatar-Server herstellen:<br />{errno}: {$errstr}"); } @fputs($fsock, "GET {$base_get} HTTP/1.1\r\n"); @fputs($fsock, "HOST: " . $url_ary[2] . "\r\n"); @fputs($fsock, "Connection: close\r\n\r\n"); $avatar_data = ''; while (!@feof($fsock)) { $avatar_data .= @fread($fsock, $config['avfilesize']); } @fclose($fsock); if (!preg_match('#Content-Length\\: ([0-9]+)[^ /][\\s]+#i', $avatar_data, $file_data1) || !preg_match('#Content-Type\\: image/[x\\-]*([a-z]+)[\\s]+#i', $avatar_data, $file_data2)) { error("admin.php?action=members&job=edit&id=" . $id, 'Es wurden keine gültige Rückgabe vom Avatar-Server empfangen.'); } list(, $avatar_data) = explode("\r\n\r\n", $avatar_data, 2); $ext = get_extension($pic); $filename = md5(uniqid($id)); $origfile = 'temp/' . $filename . $ext; $filesystem->file_put_contents($origfile, $avatar_data); $filesize = filesize($origfile); list($width, $height, $type) = @getimagesize($origfile); $types = explode('|', $config['avfiletypes']); if ($width > 0 && $height > 0 && $width <= $config['avwidth'] && $height <= $config['avheight'] && $filesize <= $config['avfilesize'] && in_array($ext, $types)) { $pic = 'uploads/pics/' . $id . $ext; removeOldImages('uploads/pics/', $id); $filesystem->copy($origfile, $pic); } else { error("admin.php?action=members&job=edit&id=" . $id, 'Bild entspricht nicht den Vorgaben!'); $filesystem->unlink($origfile); } return $pic; }