avatar.inc.php at WH Social

<?php

    echo '<h1 class="p_space">' . $lang['manage_avatars'] . '</h1>';

    if($_SERVER['REQUEST_METHOD'] != 'POST') {

    echo '<form action="" method="post" enctype="multipart/form-data">
    <input type="file" name="ifile" size="30" required>
    <input type="hidden" name="MAX_FILE_SIZE" value="500000">
    <br><br>
    <input type="submit" name="upload" id="upload" value="' . $lang['upload_avatar'] . '" class="buttons">
    </form>';

    echo '<p class="p_space"><span class="blue_span">Max. 500 KB - ' . $lang['only'] . 'JPEG/PNG - max. 500 x 500 px</span></p>';

    }else{

    if(isset($_POST['upload'])) {

    $id = (int)$_SESSION['id'];

    if(!empty($_FILES['ifile']['tmp_name'])) {

        include_once('framework/thumbnails/ThumbLib.inc.php');

    if(!getimagesize($_FILES['ifile']['tmp_name'])) {

        $errors[] = $lang['invalid_pic_format'];
        }

        $imgtype = array('1' => '.gif', '2' => '.jpg' , '3' => '.png');

        list($width, $height, $type, $attr) = getimagesize($_FILES['ifile']['tmp_name']);

    switch($type) {

        case 1: $ext='.gif'; break;
        case 2: $ext = '.jpg';break;
        case 3: $ext='.png'; break;
        }

    if($ext == '.gif') {

        $errors[] = $lang['only_format'];
        }

    if($width > 500 || $height > 500) {

        $errors[] = $lang['max_mass'];
        }

    if($_FILES['ifile']['size'] > 500000 ) {

        $errors[] = $lang['max_size'];
        }

    if(!empty($errors)) {

    echo '<p class="false">' . $lang['an_error_occurred'] . ' - <a href="javascript:history.back();" class="false_link">' . $lang['back'] . '</a></p>';
    echo '<ul>';

    foreach($errors as $key => $value) {
    echo '<li>&#8226; ' . $value . '</li>';
    }
    echo '</ul>';

        }else{

        $uploaddir = 'uploads/avatars/';
        $secondname = rand(100,99);
        $uploadfile =  $uploaddir . "img-$id-$secondname". $ext;

        if(!move_uploaded_file($_FILES['ifile']['tmp_name'], $uploadfile )) {

            echo '<p class="false">' . $lang['avatar_couldnot'] . '</p>';
            }

        $thumb = PhpThumbFactory::create($uploadfile);
        $thumb->resize(40,40);
        $thumb->save($uploadfile);
        

    $sql = "UPDATE members SET avatar='" . $uploadfile . "' WHERE id='" . $id . "'";

    $result = mysql_query($sql) OR die(mysql_error());

    if(!$result) {

	echo '<p class="false">' . $lang['avatar_couldnot'] . '</p>';

		}else{

		echo '<p class="success">' . $lang['avatar_success'] . '!</p>';
		}
	}
    }

    }else{

    echo '<p class="false">' . $lang['choose_avatar'] . ' - <a href="javascript:history.back();" class="false_link">' . $lang['back'] . '</a></p>';
    }
    }

?>