} if (empty($avatar_error)) { if ($width && $height && $mybb->settings['maxavatardims'] != "") { list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims'])); if ($maxwidth && $width > $maxwidth || $maxheight && $height > $maxheight) { $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $avatar_error = $lang->error_avatartoobig; } } } if (empty($avatar_error)) { if ($width > 0 && $height > 0) { $avatar_dimensions = intval($width) . "|" . intval($height); } $extra_user_updates = array("avatar" => $db->escape_string($mybb->input['avatar_url'] . '?dateline=' . TIME_NOW), "avatardimensions" => $avatar_dimensions, "avatartype" => "remote"); remove_avatars($user['uid']); } else { $errors = array($avatar_error); } } } // Moderator "Options" (suspend signature, suspend/moderate posting) $moderator_options = array(1 => array("action" => "suspendsignature", "period" => "action_period", "time" => "action_time", "update_field" => "suspendsignature", "update_length" => "suspendsigtime"), 2 => array("action" => "moderateposting", "period" => "modpost_period", "time" => "modpost_time", "update_field" => "moderateposts", "update_length" => "moderationtime"), 3 => array("action" => "suspendposting", "period" => "suspost_period", "time" => "suspost_time", "update_field" => "suspendposting", "update_length" => "suspensiontime")); require_once MYBB_ROOT . "inc/functions_warnings.php"; foreach ($moderator_options as $option) { if (!$mybb->input[$option['action']]) { if ($user[$option['update_field']] == 1) { // We're revoking the suspension $extra_user_updates[$option['update_field']] = 0; $extra_user_updates[$option['update_length']] = 0; }
/** * Upload a new avatar in to the file system * * @param array $avatar Incoming FILE array, if we have one - otherwise takes $_FILES['avatarupload'] * @param int $uid User ID this avatar is being uploaded for, if not the current user * @return array Array of errors if any, otherwise filename of successful. */ function upload_avatar($avatar = array(), $uid = 0) { global $db, $mybb, $lang, $plugins, $cache; $ret = array(); if (!$uid) { $uid = $mybb->user['uid']; } if (!$avatar['name'] || !$avatar['tmp_name']) { $avatar = $_FILES['avatarupload']; } if (!is_uploaded_file($avatar['tmp_name'])) { $ret['error'] = $lang->error_uploadfailed; return $ret; } // Check we have a valid extension $ext = get_extension(my_strtolower($avatar['name'])); if (!preg_match("#^(gif|jpg|jpeg|jpe|bmp|png)\$#i", $ext)) { $ret['error'] = $lang->error_avatartype; return $ret; } if (defined('IN_ADMINCP')) { $avatarpath = '../' . $mybb->settings['avataruploadpath']; $lang->load("messages", true); } else { $avatarpath = $mybb->settings['avataruploadpath']; } $filename = "avatar_" . $uid . "." . $ext; $file = upload_file($avatar, $avatarpath, $filename); if ($file['error']) { delete_uploaded_file($avatarpath . "/" . $filename); $ret['error'] = $lang->error_uploadfailed; return $ret; } // Lets just double check that it exists if (!file_exists($avatarpath . "/" . $filename)) { $ret['error'] = $lang->error_uploadfailed; delete_uploaded_file($avatarpath . "/" . $filename); return $ret; } // Check if this is a valid image or not $img_dimensions = @getimagesize($avatarpath . "/" . $filename); if (!is_array($img_dimensions)) { delete_uploaded_file($avatarpath . "/" . $filename); $ret['error'] = $lang->error_uploadfailed; return $ret; } // Check avatar dimensions if ($mybb->settings['maxavatardims'] != '') { list($maxwidth, $maxheight) = @explode("x", $mybb->settings['maxavatardims']); if ($maxwidth && $img_dimensions[0] > $maxwidth || $maxheight && $img_dimensions[1] > $maxheight) { // Automatic resizing enabled? if ($mybb->settings['avatarresizing'] == "auto" || $mybb->settings['avatarresizing'] == "user" && $mybb->input['auto_resize'] == 1) { require_once MYBB_ROOT . "inc/functions_image.php"; $thumbnail = generate_thumbnail($avatarpath . "/" . $filename, $avatarpath, $filename, $maxheight, $maxwidth); if (!$thumbnail['filename']) { $ret['error'] = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $ret['error'] .= "<br /><br />" . $lang->error_avatarresizefailed; delete_uploaded_file($avatarpath . "/" . $filename); return $ret; } else { // Copy scaled image to CDN copy_file_to_cdn($avatarpath . '/' . $thumbnail['filename']); // Reset filesize $avatar['size'] = filesize($avatarpath . "/" . $filename); // Reset dimensions $img_dimensions = @getimagesize($avatarpath . "/" . $filename); } } else { $ret['error'] = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); if ($mybb->settings['avatarresizing'] == "user") { $ret['error'] .= "<br /><br />" . $lang->error_avataruserresize; } delete_uploaded_file($avatarpath . "/" . $filename); return $ret; } } } // Next check the file size if ($avatar['size'] > $mybb->settings['avatarsize'] * 1024 && $mybb->settings['avatarsize'] > 0) { delete_uploaded_file($avatarpath . "/" . $filename); $ret['error'] = $lang->error_uploadsize; return $ret; } // Check a list of known MIME types to establish what kind of avatar we're uploading switch (my_strtolower($avatar['type'])) { case "image/gif": $img_type = 1; break; case "image/jpeg": case "image/x-jpg": case "image/x-jpeg": case "image/pjpeg": case "image/jpg": $img_type = 2; break; case "image/png": case "image/x-png": $img_type = 3; break; default: $img_type = 0; } // Check if the uploaded file type matches the correct image type (returned by getimagesize) if ($img_dimensions[2] != $img_type || $img_type == 0) { $ret['error'] = $lang->error_uploadfailed; delete_uploaded_file($avatarpath . "/" . $filename); return $ret; } // Everything is okay so lets delete old avatars for this user remove_avatars($uid, $filename); $ret = array("avatar" => $mybb->settings['avataruploadpath'] . "/" . $filename, "width" => (int) $img_dimensions[0], "height" => (int) $img_dimensions[1]); $ret = $plugins->run_hooks("upload_avatar_end", $ret); return $ret; }
if (empty($avatar_error)) { if ($width && $height && $mybb->settings['maxavatardims'] != "") { list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims'])); if ($maxwidth && $width > $maxwidth || $maxheight && $height > $maxheight) { $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $avatar_error = $lang->error_avatartoobig; } } } if (empty($avatar_error)) { if ($width > 0 && $height > 0) { $avatar_dimensions = (int) $width . "|" . (int) $height; } $updated_avatar = array("avatar" => $db->escape_string($mybb->input['avatarurl'] . '?dateline=' . TIME_NOW), "avatardimensions" => $avatar_dimensions, "avatartype" => "remote"); $db->update_query("users", $updated_avatar, "uid='" . $mybb->user['uid'] . "'"); remove_avatars($mybb->user['uid']); } } } if (empty($avatar_error)) { $plugins->run_hooks("usercp_do_avatar_end"); redirect("usercp.php?action=avatar", $lang->redirect_avatarupdated); } else { $mybb->input['action'] = "avatar"; $avatar_error = inline_error($avatar_error); } } if ($mybb->input['action'] == "avatar") { $plugins->run_hooks("usercp_avatar_start"); $avatarmsg = $avatarurl = ''; if ($mybb->user['avatartype'] == "upload" || stristr($mybb->user['avatar'], $mybb->settings['avataruploadpath'])) {
/** * Provides a method to clear an users profile * * @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function) * @param int $gid The new usergroup if the users should be moved (additional usergroups are always removed) */ function clear_profile($delete_uids = false, $gid = 0) { global $db, $plugins, $mybb; // delete_uids isn't a nice name, but it's used as the functions above use the same if ($delete_uids != false) { $this->delete_uids = array_map('intval', (array) $delete_uids); foreach ($this->delete_uids as $key => $uid) { if (!$uid || is_super_admin($uid) || $uid == $mybb->user['uid']) { // Remove super admins unset($this->delete_uids[$key]); } } $this->delete_uids = implode(',', $this->delete_uids); } $update = array("website" => "", "birthday" => "", "icq" => "", "aim" => "", "yahoo" => "", "skype" => "", "google" => "", "usertitle" => "", "away" => 0, "awaydate" => 0, "returndate" => "", "awayreason" => "", "additionalgroups" => "", "displaygroup" => 0, "signature" => "", "avatar" => "", 'avatardimensions' => '', 'avatartype' => ''); if ($gid > 0) { $update["usergroup"] = (int) $gid; } $plugins->run_hooks('datahandler_user_clear_profile', $this); if (empty($this->delete_uids)) { return; } $db->update_query("users", $update, "uid IN({$this->delete_uids})"); $db->delete_query('userfields', "ufid IN({$this->delete_uids})"); // Remove any of the user(s) uploaded avatars require_once MYBB_ROOT . 'inc/functions_upload.php'; foreach (explode(',', $this->delete_uids) as $uid) { remove_avatars($uid); } }