$uploaddir = PATH . '/images/users/photos/';
$realfile = $inDB->escape_string($_FILES['Filedata']['name']);
$path_parts = pathinfo($realfile);
$ext = mb_strtolower($path_parts['extension']);
if (!$ext || !in_array($ext, array('jpg', 'jpeg', 'gif', 'png', 'bmp'))) {
exit(0);
}
$lid = $inDB->get_fields('cms_user_photos', ' id > 0 ', 'id', 'id DESC');
$lastid = $lid['id'] + 1;
$filename = md5($lastid . $realfile) . '.' . $ext;
$uploadphoto = $uploaddir . $filename;
$small = $uploaddir . 'small/' . $filename;
$medium = $uploaddir . 'medium/' . $filename;
$source = $_FILES['Filedata']['tmp_name'];
$errorCode = $_FILES['Filedata']['error'];
if ($inCore->moveUploadedFile($source, $uploadphoto, $errorCode)) {
@img_resize($uploadphoto, $small, 96, 96, true);
@img_resize($uploadphoto, $medium, 600, 600, false, false);
if ($model->config['watermark']) {
@img_add_watermark($uploadthumb['medium']);
}
@unlink($uploadphoto);
$model->addUploadedPhoto($user_id, array('filename' => $realfile, 'imageurl' => $filename));
echo "FILEID:" . $lastid;
if (cmsCore::inRequest('upload')) {
cmsCore::redirect('/users/' . $inUser->login . '/photos/submit');
}
} else {
header("HTTP/1.1 500 Internal Server Error");
echo cmsCore::uploadError();
}
