public function onUpload(WC_Challenge $chall) { $module = Module_WeChall::instance(); $form = $this->getForm($chall); if (false === ($file = $form->getVar('image'))) { return GWF_HTML::error('Smile', array($chall->lang('err_no_image'))); } if (!GWF_Upload::isImageFile($file)) { return GWF_HTML::error('Smile', array($chall->lang('err_no_image'))); } if (false === GWF_Upload::resizeImage($file, 64, 64, 16, 16)) { return GWF_HTML::error('Smile', array($chall->lang('err_no_image'))); } $whitelist = array('.jpg', '.jpeg', '.gif', '.png'); $filename = $file['name']; $allowed = false; foreach ($whitelist as $allow) { if (Common::endsWith($filename, $allow)) { $allowed = true; break; } } if (strpos($filename, '.php') !== false) { $allowed = false; } if (!preg_match('/^[\\x00-\\x7f]+$/D', $filename)) { return GWF_HTML::error('Smile Path', array($chall->lang('err_ascii'))); } if (!$allowed) { return GWF_HTML::error('Smile', array($chall->lang('err_no_image'))); } $fullpath = "challenge/livinskull/smile/smiles/{$filename}"; $efp = htmlspecialchars($fullpath); if (false === ($file = GWF_Upload::moveTo($file, $fullpath))) { return GWF_HTML::err('ERR_WRITE_FILE', array($efp)); } $efp = htmlspecialchars($fullpath); $rule = htmlspecialchars("<img src=\"/{$efp}\" />"); return GWF_HTML::message('Smile', $chall->lang('msg_uploaded', array($rule))); }
private function saveAvatar(array $file) { if (!GWF_Upload::isImageFile($file)) { return $this->module->error('err_no_image'); } if (false === GWF_Upload::resizeImage($file, $this->module->cfgAvatarMaxWidth(), $this->module->cfgAvatarMaxHeight(), $this->module->cfgAvatarMinWidth(), $this->module->cfgAvatarMinHeight())) { return $this->module->error('err_no_image'); } $user = GWF_Session::getUser(); $uid = $user->getID(); if (false === ($file = GWF_Upload::moveTo($file, 'dbimg/avatar/' . $uid))) { return $this->module->error('err_write_avatar'); } $user->saveOption(GWF_User::HAS_AVATAR, true); $user->increase('user_avatar_v', 1); return $this->module->message('msg_avatar_saved'); }