Location: PHPKode > projects > QuickTicket > quickticket/quickticket/qti_usr_img.php
<?php

/*
 * PHP versions 4 and 5
 *
 * LICENSE: This source file is subject to version 3.0 of the PHP license
 * that is available through the world-wide-web at the following URI:
 * http://www.php.net/license. If you did not receive a copy of
 * the PHP License and are unable to obtain it through the web, please
 * send a note to hide@address.com so we can mail you a copy immediately.
 *
 * @category   Troubleticket
 * @package    QuickTicket
 * @author     Philippe Vandenberghe <hide@address.com>
 * @copyright  2008-2012 The PHP Group
 * @license    http://www.php.net/license  PHP License 3.0
 * @version    1.9.0.3 build:20081001
 * @link       http://www.qt-cute.org/doc/package/qti
 * @since      File available since Release 1.0.0
 * @deprecated File deprecated in Release 2.0.0
 *
 */

session_start();
require_once('bin/qti_init.php');
if ( $_SESSION[QT]['avatar']=='0' ) die($L['E_access']);
if ( !$oVIP->CanAccess('MU',0,true) ) die($L['R_member']);

// INITIALISE

include('bin/qt_lib_smtp.php');
include($_SESSION[QT]['language'].'/qti_lang_reg.inc');

$id = -1;
if (isset($_GET['id'])) $id = $_GET['id'];
if ( isset($_POST['id']) ) $id = intval(strip_tags($_POST['id']));
if ( $id<0 ) die('Missing parameters');

$avatar_width = 120;
$avatar_height = 120;
$avatar_size = 12;

  // get avatar parameters
  $arrParams = GetParam(false,'param like "avatar_%"');
  if ( isset($arrParams['avatar_width']) ) $avatar_width = $arrParams['avatar_width'];
  if ( isset($arrParams['avatar_height']) ) $avatar_height = $arrParams['avatar_height'];
  if ( isset($arrParams['avatar_size']) ) $avatar_size = $arrParams['avatar_size'];

$oVIP->selfurl = 'qti_usr_img.php';
$oVIP->selfname = $L['Change_avatar'];
$oVIP->exiturl = 'qti_usr.php?id='.$id;
$oVIP->exitname = $L['Profile'];

// --------
// SUBMITTED FOR DELETE
// --------

if ( isset($_POST['del']) )
{
  $oDB->Query('UPDATE '.TABUSER.' SET avatar="0" WHERE id='.$id);
  if (file_exists("avatar/$id.gif")) unlink("avatar/$id.gif");
  if (file_exists("avatar/$id.jpg")) unlink("avatar/$id.jpg");
  if (file_exists("avatar/$id.jpeg")) unlink("avatar/$id.jpeg");
  if (file_exists("avatar/$id.png")) unlink("avatar/$id.png");
  $oVIP->EndMessage(NULL,$L['S_delete'],$_SESSION[QT]['skin_dir'],2);
}

// --------
// SUBMITTED FOR UPLOAD
// --------

if ( isset($_POST['ok']) )
{
  $bUpload = false;
  // ---------
  // load picture
  // ---------
  if ( !is_uploaded_file($_FILES['title']['tmp_name']) ) $qti_error = 'You did not upload a file!';

  // ---------
  // is size (kb) ok
  // ---------
  if ( empty($qti_error) )
  {
    if ( $_FILES['title']['size'] > (intval($_SESSION[QT]['avatar_size'])*1024+16) )
    {
    $qti_error = $L['E_file_size'].' (&lt;'.$_SESSION[QT]['avatar_size'].' Kb)';
    unlink($_FILES['title']['tmp_name']);
    }
  }

  // ---------
  // check extension
  // ---------
  if ( empty($qti_error) )
  {
    $arrFileextensions = explode(',',$_SESSION[QT]['avatar']);
    $strExt = strtolower(substr(strrchr($_FILES['title']['name'],'.'),1));
    if ( in_array($strExt,$arrFileextensions) )
    {
      $bUpload=true;
    }
    else
    {
      $qti_error = 'Format ('.$strExt.') not supported... You must use '.$_SESSION[QT]['avatar'];
      unlink($_FILES['title']['tmp_name']);
      $bUpload = false;
    }
  }

  // ---------
  // is size ok
  // ---------
  if ( empty($qti_error) )
  {
    $size = getimagesize($_FILES['title']['tmp_name']);
    $width = $size[0];
    $height = $size[1];
    if (($width-2 > $_SESSION[QT]['avatar_width']) or ($height-2 > $_SESSION[QT]['avatar_height']))
    {
      $qti_error = $_SESSION[QT]['avatar_width'].'x'.$_SESSION[QT]['avatar_height'].S.$L['E_pixels_max'];
      unlink($_FILES['title']['tmp_name']);
    }
  }

  // ---------
  // define target name
  // ---------
  if ( empty($qti_error) && $bUpload )
  {
    //File has passed all validation, copy it to the final destination and remove the temporary file:
    copy($_FILES['title']['tmp_name'],"avatar/$id.$strExt");
    $oDB->Query('UPDATE '.TABUSER.' SET avatar="'.$strExt.'" WHERE id='.$id);
    unlink($_FILES['title']['tmp_name']);

    // SEND PARENT EMAIL (IF COPPA)
    if ( $_POST['child']!='0' ) {
    if ( QTI_USE_COPPA ) {
      $strSubject='Profile updated';
      $strMessage="Your children (login: %s) has modified his/her avatar on the board {$_SESSION[QT]['site_name']}.";
      $strFile = $_SESSION[QT]['language'].'/mail_profile_coppa.inc';
      if ( file_exists($strFile) ) include($strFile);
      $strMessage = sprintf($strMessage, $_POST['name']);
      QTmail($row['parentmail'],QTconv($strSubject,'-4'),QTconv($strMessage,'-4'),QTI_HTML_CHAR);
    }}

    // exit
    $oVIP->EndMessage(NULL,$L['S_update'],$_SESSION[QT]['skin_dir'],2);
  }
}

// --------
// HTML START
// --------

if ( $id<0 ) die('Missing parameters');
if ( $oVIP->role!='A' ) { if ($oVIP->id!=$id) die($L['R_member']); }

include('qti_p_header.php');

$oDB->Query('SELECT name, avatar, children, parentmail FROM '.TABUSER.' WHERE id='.$id);
$row = $oDB->Getrow();

echo '<br/>',N;
echo '<table class="ta_hidden" cellspacing="0">',N;
echo '<tr class="tr_hidden">',N;
echo '<td class="td_hidden" style="width:175px;">',AsImgBox(AsImg( (!empty($row['avatar']) ? 'avatar/'.$id.'.'.$row['avatar'] : ''),null,$row['name']),'div_pic_box',null,$row['name']),'</td>',N;
echo '<td class="td_hidden">',N;

HtmlMsg(0,'350px','',$oVIP->selfname);

echo '
<script type="text/javascript">
<!--
function ValidateForm(theForm)
{
  if (theForm.title.value.length==0) { alert(html_entity_decode("',$L['E_mandatory'],': File")); return false; }
  return null;
}
-->
</script>
';

echo '<form method="post" action="',$oVIP->selfurl,'" enctype="multipart/form-data" onsubmit="return ValidateForm(this);">',N;

if ( !empty($qti_error) ) echo '<span class="error">',$qti_error,'</span>',N;
echo '<p class="small" style="text-align:right">',$L['H_Change_avatar'],'</p>',N;
echo '<p style="text-align:right">',N;
echo '<input type="hidden" name="max_file_size" value="',($avatar_size*1024),'"/>',N;
echo '<input type="hidden" name="name" value="',$row['name'],'"/>',N;
echo '<input type="hidden" name="id" value="',$id,'"/>',N;
echo '<input type="hidden" name="child" value="',$row['children'],'"/>',N;
echo '<input type="hidden" name="parentmail" value="',$row['parentmail'],'"/>',N;
echo '<input type="file" id="title" name="title" size="32"/>',N;
echo '<input type="submit" name="ok" value="',$L['Save'],'"/></p>',N;
echo '</form><br/>',N;
echo '<form method="post" action="',$oVIP->selfurl,'">',N;
echo '<p style="text-align:right">',N;
echo $L['Delete_avatar'],S,N;
echo '<input type="hidden" name="id" value="',$id,'"/>',N;
echo '<input type="submit" name="ok" value="',$L['Delete'],'"/></p>',N;
echo '</form>',N;
echo '&laquo;&nbsp;<a href="',$oVIP->exiturl,'">',$oVIP->exitname,'</a>',N;

HtmlMsg(1);

echo '
</td>
</tr>
</table>
';

// HTML END

include('qti_p_footer.php');

?>
Return current item: QuickTicket