diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2013-07-14 11:57:53 -0400 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2013-07-14 11:57:53 -0400 |
| commit | d7a85ebc245e76038b8ccd56524f045cc92a6c13 (patch) | |
| tree | 66aa645c4d86636f0bce04a7125a7757a466b224 /phpBB/phpbb/avatar/driver/upload.php | |
| parent | fa3cdb6bf2cfdca9c26168bd258752718bc8a43f (diff) | |
| parent | f6865dc33a8cedb7d21a64401ed80d2edbac36bd (diff) | |
| download | forums-d7a85ebc245e76038b8ccd56524f045cc92a6c13.tar forums-d7a85ebc245e76038b8ccd56524f045cc92a6c13.tar.gz forums-d7a85ebc245e76038b8ccd56524f045cc92a6c13.tar.bz2 forums-d7a85ebc245e76038b8ccd56524f045cc92a6c13.tar.xz forums-d7a85ebc245e76038b8ccd56524f045cc92a6c13.zip | |
Merge remote-tracking branch 'igorw/ticket/11574' into ticket/11574
* igorw/ticket/11574: (575 commits)
[ticket/11702] Fix forum_posts left over for link-click counts in viewforum.php
[ticket/11696] Move file to new directory
[ticket/11696] Rename constructor to __construct()
[ticket/11696] Remove manual loading of db_tools in extension controller test
[ticket/11696] Rename db_tools.php so it can be autoloaded
[ticket/11698] Moving all autoloadable files to phpbb/
[ticket/11694] Do not locate assets with root path
[ticket/11692] Don't update search_type in dev migration if already appended
[ticket/11675] Fix template loop
[ticket/11690] Old module class names may get autoloaded by class_exists
[ticket/9649] Display information on index for moderators on unapproved posts
[ticket/10999] Fix assets_version in ACP
[prep-release-3.0.12] More changelog items for the 3.0.12 release.
[ticket/11687] Add assets_version to phpbb_config
[ticket/11686] Not checking for phpBB Debug errors on functional tests
[ticket/11670] Consistency with logo: Replace "phpBB(tm)" with "phpBB(R)".
[ticket/11674] Do not include vendor folder if there are no dependencies.
[ticket/11685] Remove logout confirmation page
[ticket/11684] Remove useless confirmation page after login and admin login
[ticket/9657] Define user before injecting
...
Diffstat (limited to 'phpBB/phpbb/avatar/driver/upload.php')
| -rw-r--r-- | phpBB/phpbb/avatar/driver/upload.php | 185 |
1 files changed, 185 insertions, 0 deletions
diff --git a/phpBB/phpbb/avatar/driver/upload.php b/phpBB/phpbb/avatar/driver/upload.php new file mode 100644 index 0000000000..685ac4f349 --- /dev/null +++ b/phpBB/phpbb/avatar/driver/upload.php @@ -0,0 +1,185 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2011 phpBB Group +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Handles avatars uploaded to the board +* @package phpBB3 +*/ +class phpbb_avatar_driver_upload extends phpbb_avatar_driver +{ + /** + * @inheritdoc + */ + public function get_data($row, $ignore_config = false) + { + return array( + 'src' => $this->phpbb_root_path . 'download/file.' . $this->php_ext . '?avatar=' . $row['avatar'], + 'width' => $row['avatar_width'], + 'height' => $row['avatar_height'], + ); + } + + /** + * @inheritdoc + */ + public function prepare_form($request, $template, $user, $row, &$error) + { + if (!$this->can_upload()) + { + return false; + } + + $template->assign_vars(array( + 'S_UPLOAD_AVATAR_URL' => ($this->config['allow_avatar_remote_upload']) ? true : false, + 'AVATAR_UPLOAD_SIZE' => $this->config['avatar_filesize'], + )); + + return true; + } + + /** + * @inheritdoc + */ + public function process_form($request, $template, $user, $row, &$error) + { + if (!$this->can_upload()) + { + return false; + } + + if (!class_exists('fileupload')) + { + include($this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext); + } + + $upload = new fileupload('AVATAR_', $this->allowed_extensions, $this->config['avatar_filesize'], $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], (isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false)); + + $url = $request->variable('avatar_upload_url', ''); + $upload_file = $request->file('avatar_upload_file'); + + if (!empty($upload_file['name'])) + { + $file = $upload->form_upload('avatar_upload_file'); + } + elseif (!empty($this->config['allow_avatar_remote_upload']) && !empty($url)) + { + if (!preg_match('#^(http|https|ftp)://#i', $url)) + { + $url = 'http://' . $url; + } + + if (!function_exists('validate_data')) + { + require($this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext); + } + + $validate_array = validate_data( + array( + 'url' => $url, + ), + array( + 'url' => array('string', true, 5, 255), + ) + ); + + $error = array_merge($error, $validate_array); + + if (!empty($error)) + { + return false; + } + + $file = $upload->remote_upload($url); + } + else + { + $error[] = 'NO_AVATAR_SELECTED'; + return false; + } + + $prefix = $this->config['avatar_salt'] . '_'; + $file->clean_filename('avatar', $prefix, $row['id']); + + $destination = $this->config['avatar_path']; + + // Adjust destination path (no trailing slash) + if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') + { + $destination = substr($destination, 0, -1); + } + + $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination); + if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) + { + $destination = ''; + } + + // Move file and overwrite any existing image + $file->move_file($destination, true); + + if (sizeof($file->error)) + { + $file->remove(); + $error = array_merge($error, $file->error); + return false; + } + + return array( + 'avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'), + 'avatar_width' => $file->get('width'), + 'avatar_height' => $file->get('height'), + ); + } + + /** + * @inheritdoc + */ + public function prepare_form_acp($user) + { + return array( + 'allow_avatar_remote_upload'=> array('lang' => 'ALLOW_REMOTE_UPLOAD', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), + 'avatar_filesize' => array('lang' => 'MAX_FILESIZE', 'validate' => 'int:0', 'type' => 'number:0', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), + 'avatar_path' => array('lang' => 'AVATAR_STORAGE_PATH', 'validate' => 'rwpath', 'type' => 'text:20:255', 'explain' => true), + ); + } + + /** + * @inheritdoc + */ + public function delete($row) + { + $ext = substr(strrchr($row['avatar'], '.'), 1); + $filename = $this->phpbb_root_path . $this->config['avatar_path'] . '/' . $this->config['avatar_salt'] . '_' . $row['id'] . '.' . $ext; + + if (file_exists($filename)) + { + @unlink($filename); + } + + return true; + } + + /** + * Check if user is able to upload an avatar + * + * @return bool True if user can upload, false if not + */ + protected function can_upload() + { + return (file_exists($this->phpbb_root_path . $this->config['avatar_path']) && phpbb_is_writable($this->phpbb_root_path . $this->config['avatar_path']) && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')); + } +} |