Location: PHPKode > projects > QuickTalk Forum > quicktalk/qtf_user_img.php
<?php

/**
* PHP versions 4 and 5
*
* LICENSE: This source file is subject to version 3.0 of the PHP license
* that is available through the world-wide-web at the following URI:
* http://www.php.net/license.  If you did not receive a copy of
* the PHP License and are unable to obtain it through the web, please
* send a note to hide@address.com so we can mail you a copy immediately.
*
* @category   Forum
* @package    QuickTalk
* @author     Philippe Vandenberghe <hide@address.com>
* @copyright  2008-2012 The PHP Group
* @license    http://www.php.net/license  PHP License 3.0
* @version    2.5 build:20100924
* @since      File available since Release 1.0.0
* @deprecated File deprecated in Release 3.0.0
*/

session_start();
require_once('bin/qtf_init.php');
if ( $_SESSION[QT]['avatar']=='0' ) HtmlPage(0);
if ( !$oVIP->CanView('U') ) die(Error(11));

// --------
// INITIALISE
// --------

include('bin/qt_lib_smtp.php');
include(Translate('qtf_reg.php'));

$id = -1;
if ( isset($_GET['id']) ) $id = intval(strip_tags($_GET['id']));
if ( isset($_POST['id']) ) $id = intval(strip_tags($_POST['id']));
if ( $id<0 ) die('Missing parameters');

$oVIP->selfurl = 'qtf_user_img.php';
$oVIP->selfname = $L['Change_picture'];
$oVIP->exiturl = 'qtf_user.php?id='.$id;
$oVIP->exitname = '&laquo; '.$L['Profile'];

$oDB->Query('SELECT * FROM '.TABUSER.' WHERE id='.$id);

$row = $oDB->Getrow();

  // staff cannot edit other staff
  if ( $row['role']=='M' && $oVIP->role=='M' && $oVIP->id!=$id ) die(Error(13));

// check folder

$b=false;
if ( is_dir(QTF_DIR_PIC) ) {
if ( is_readable(QTF_DIR_PIC) ) {
if ( is_writable(QTF_DIR_PIC) ) {
  $b=true;
}}}
if ( !$b ) $oVIP->EndMessage(NULL,'The directory ['.QTF_DIR_PIC.'] is not writable (or missing). Please, contact the webmaster to fix the problem.',$_SESSION[QT]['skin_dir'],0);

// --------
// SUBMITTED FOR DELETE
// --------

if ( isset($_POST['del']) )
{
  if ( file_exists(QTF_DIR_PIC.$row['picture']) ) unlink(QTF_DIR_PIC.$row['picture']);
  $oDB->Query('UPDATE '.TABUSER.' SET picture="0" WHERE id='.$id);
  $oVIP->EndMessage(NULL,$L['S_delete'],$_SESSION[QT]['skin_dir'],2);
}

// --------
// SUBMITTED FOR UPLOAD
// --------

if ( isset($_POST['ok']) )
{
  // Check uploaded document

  if ( !isset($_SESSION[QT]['avatar_width']) ) $_SESSION[QT]['avatar_width']=120;
  if ( !isset($_SESSION[QT]['avatar_height']) ) $_SESSION[QT]['avatar_height']=120;
  if ( !isset($_SESSION[QT]['avatar_size']) ) $_SESSION[QT]['avatar_size']=20;
  
  $error = InvalidUpload($_FILES['title'],$_SESSION[QT]['avatar'],'',intval($_SESSION[QT]['avatar_size']),intval($_SESSION[QT]['avatar_width']),intval($_SESSION[QT]['avatar_height']));

  // Copy file

  if ( empty($error) )
  {
    $strDir = TargetDir(QTF_DIR_PIC,$id); if ( !is_writable(QTF_DIR_PIC.$strDir) ) $oVIP->EndMessage(NULL,'The directory ['.QTF_DIR_PIC.$strDir.'] is not writable (or missing). Please, contact the webmaster to fix the problem.',$_SESSION[QT]['skin_dir'],0);
    $strExt = strtolower(substr(strrchr($_FILES['title']['name'],'.'),1));
    if ( !copy($_FILES['title']['tmp_name'],QTF_DIR_PIC.$strDir.$id.'.'.$strExt) ) $error = 'Cannot copy the file ['.QTF_DIR_PIC.$strDir.$id.'.'.$strExt.']. Possible cause: this directory is readonly.';
    unlink($_FILES['title']['tmp_name']);
  }

  // Save and notify (if coppa)
    
  if ( empty($error) )
  {
    $oDB->Query('UPDATE '.TABUSER.' SET picture="'.$strDir.$id.'.'.$strExt.'" WHERE id='.$id);

    if ( $row['children']=='1' ) {
    if ( $_SESSION[QT]['register_coppa']=='1') {
      $oDB->Query('SELECT parentmail FROM '.TABCHILD.' WHERE id='.$id);
      $row = $oDB->Getrow();
      $strSubject = $_SESSION[QT]['site_name'].' - New picture';
      $strMessage = "We inform you that your children has changed his/her picture on the board {$_SESSION[QT]['site_name']}.\nLogin: %s\nPassword: %s";
      $strFile = GetLang().'mail_img_coppa.php';
      if ( file_exists($strFile) ) include($strFile);
      $strMessage = sprintf($strMessage,$_POST['username']);
      QTmail($row['parentmail'],QTconv($strSubject,'-4'),QTconv($strMessage,'-4'),QTF_HTML_CHAR);
    }}

    // Exit

    $oVIP->EndMessage(NULL,$L['S_update'],$_SESSION[QT]['skin_dir'],2);
  }
}

// --------
// HTML START
// --------

if ( $oVIP->role!='A' ) { if ($oVIP->id!=$id) die($L['R_user']); }

$bJava=true;
include('qtf_p_header.php');

echo '<table class="hidden" cellspacing="0" summary="user image">',N;
echo '<tr class="hidden">',N;
echo '<td class="hidden" style="width:175px;"><br/>',AsImgBox( (empty($row['picture']) ? '' : AsImg(QTF_DIR_PIC.$row['picture']) ),'picbox','',$row['name']),'</td>',N;
echo '<td class="hidden">',N;

HtmlMsg(0,'350px','',$L['Add']);

echo '
<script type="text/javascript">
<!--
function ValidateForm(theForm)
{
  if (theForm.title.value.length==0) { alert(qtHtmldecode("',$L['E_mandatory'],': File")); return false; }
  return null;
}
-->
</script>
';

echo '<form method="post" action="',$oVIP->selfurl,'" enctype="multipart/form-data" onsubmit="return ValidateForm(this);">',N;
if ( !empty($error) ) echo '<span class="error">',$error,'</span>',N;
echo '<p class="small" style="text-align:right">',$L['H_Change_picture'],'</p>
<p style="text-align:right">
<input type="file" id="title" name="title" size="32"/>
<input type="hidden" name="max_file_size" value="10000"/>
<input type="hidden" name="username" value="',$row['name'],'"/>
<input type="hidden" name="id" value="',$id,'"/>
<input type="hidden" name="children" value="',$row['coppa'],'"/>
<input type="submit" name="ok" value="',$L['Save'],'"/></p>
</form>
';

HtmlMsg(1);

if ( !empty($row['picture']) )
{
HtmlMsg(0,'350px','',$L['Remove']);
echo '<br/>
<form method="post" action="',$oVIP->selfurl,'">
<p style="text-align:right">
<input type="hidden" name="id" value="',$id,'"/>
<input type="submit" name="del" value="',$L['Delete'],'"/></p>
</form>
';
HtmlMsg(1);
}

echo '</td>
</tr>
</table>
<p><a href="',Href($oVIP->exiturl),'">',$oVIP->exitname,'</a></p>
';

// --------
// HTML END
// --------

include('qtf_p_footer.php');

?>
Return current item: QuickTalk Forum