diff options
Diffstat (limited to 'phpBB/phpbb/avatar/driver/remote.php')
-rw-r--r-- | phpBB/phpbb/avatar/driver/remote.php | 60 |
1 files changed, 36 insertions, 24 deletions
diff --git a/phpBB/phpbb/avatar/driver/remote.php b/phpBB/phpbb/avatar/driver/remote.php index 2811cc2389..b16549ffb7 100644 --- a/phpBB/phpbb/avatar/driver/remote.php +++ b/phpBB/phpbb/avatar/driver/remote.php @@ -49,6 +49,8 @@ class remote extends \phpbb\avatar\driver\driver */ public function process_form($request, $template, $user, $row, &$error) { + global $phpbb_dispatcher; + $url = $request->variable('avatar_remote_url', ''); $width = $request->variable('avatar_remote_width', 0); $height = $request->variable('avatar_remote_height', 0); @@ -84,6 +86,24 @@ class remote extends \phpbb\avatar\driver\driver return false; } + /** + * Event to make custom validation of avatar upload + * + * @event core.ucp_profile_avatar_upload_validation + * @var string url Image url + * @var string width Image width + * @var string height Image height + * @var array error Error message array + * @since 3.2.9-RC1 + */ + $vars = array('url', 'width', 'height', 'error'); + extract($phpbb_dispatcher->trigger_event('core.ucp_profile_avatar_upload_validation', compact($vars))); + + if (!empty($error)) + { + return false; + } + // Check if this url looks alright // Do not allow specifying the port (see RFC 3986) or IP addresses if (!preg_match('#^(http|https|ftp)://(?:(.*?\.)*?[a-z0-9\-]+?\.[a-z]{2,4}|(?:\d{1,3}\.){3,5}\d{1,3}):?([0-9]*?).*?\.('. implode('|', $this->allowed_extensions) . ')$#i', $url) || @@ -95,38 +115,30 @@ class remote extends \phpbb\avatar\driver\driver return false; } - // Make sure getimagesize works... - if (function_exists('getimagesize')) + // Get image dimensions + if (($width <= 0 || $height <= 0) && (($image_data = $this->imagesize->getImageSize($url)) === false)) { - if (($width <= 0 || $height <= 0) && (($image_data = @getimagesize($url)) === false)) - { - $error[] = 'UNABLE_GET_IMAGE_SIZE'; - return false; - } - - if (!empty($image_data) && ($image_data[0] <= 0 || $image_data[1] <= 0)) - { - $error[] = 'AVATAR_NO_SIZE'; - return false; - } - - $width = ($width && $height) ? $width : $image_data[0]; - $height = ($width && $height) ? $height : $image_data[1]; + $error[] = 'UNABLE_GET_IMAGE_SIZE'; + return false; } - if ($width <= 0 || $height <= 0) + if (!empty($image_data) && ($image_data['width'] <= 0 || $image_data['height'] <= 0)) { $error[] = 'AVATAR_NO_SIZE'; return false; } - if (!class_exists('fileupload')) + $width = ($width && $height) ? $width : $image_data['width']; + $height = ($width && $height) ? $height : $image_data['height']; + + if ($width <= 0 || $height <= 0) { - include($this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext); + $error[] = 'AVATAR_NO_SIZE'; + return false; } - $types = \fileupload::image_types(); - $extension = strtolower(\filespec::get_extension($url)); + $types = \phpbb\files\upload::image_types(); + $extension = strtolower(\phpbb\files\filespec::get_extension($url)); // Check if this is actually an image if ($file_stream = @fopen($url, 'r')) @@ -175,15 +187,15 @@ class remote extends \phpbb\avatar\driver\driver return false; } - if (!empty($image_data) && (!isset($types[$image_data[2]]) || !in_array($extension, $types[$image_data[2]]))) + if (!empty($image_data) && (!isset($types[$image_data['type']]) || !in_array($extension, $types[$image_data['type']]))) { - if (!isset($types[$image_data[2]])) + if (!isset($types[$image_data['type']])) { $error[] = 'UNABLE_GET_IMAGE_SIZE'; } else { - $error[] = array('IMAGE_FILETYPE_MISMATCH', $types[$image_data[2]][0], $extension); + $error[] = array('IMAGE_FILETYPE_MISMATCH', $types[$image_data['type']][0], $extension); } return false; |