Context Navigation

← Previous Changeset
Next Changeset →

Changeset 253

Timestamp:

03/18/09 13:45:04 (3 years ago)

Author:

aarkerio

Message:

Avtars update

Location:

trunk

Files:

: 3 edited

controllers/images_controller.php (modified) (7 diffs)
controllers/users_controller.php (modified) (2 diffs)
webroot/img/avatars/aarkerio_avatar.jpg (modified) (previous)

Legend:

: Unmodified
: Added
: Removed

trunk/controllers/images_controller.php

-                      r245
+                      r253
+ {
   $this->layout    = 'admin';
+  if (!empty($this->data) && is_uploaded_file($this->data['Image']['file']['tmp_name']))
+  {
+    // echo "tmp_name : ". $this->data['Image']['file']['tmp_name'] . "<br />"; // usefull print
+    $this->data['Image'] = Sanitize::clean($this->data['Image']);
+  if ($this->data['Image']['file']['error'] == 1):
+      $this->flash('Error uploading image, please contact the support team', '/admin/images/listing');
+  endif;
+  $this->data['Image'] = Sanitize::clean($this->data['Image']);
     /** SUBMITTED INFORMATION - use what you need
 …
     *  mime-type of uploaded file  : $imgfile_type
     */
     /** uploaddir:  directory relative to where script is running */
 …
     /** Security: checks to see if file is an image, if not do not allow upload ==*/
     if ( $type != "image/jpeg" && $type != "image/pjpeg" && $type != "image/png" && $type != "image/gif")
     {   /** is this a valid file? */
+    if ( $type != "image/jpeg" && $type != "image/pjpeg" && $type != "image/png" && $type != "image/gif"):
+        /** is this a valid file? */
         $msg   = "ERROR the file $imgfile_name $imgfile is not valid. Only .jpg, .gif or .png files Current type file: " . $type ;
         /** delete uploaded file  */
 …
         $this->flash($msg,'/admin/images/listing/');
         exit();
+    }
+    endif;
     if ( $imgfile_size > $maxfilesize):
 …
     endif;
     $current_id  = (int) $this->Image->field('Image.id', null, 'id DESC');
+    $next_id     = ($current_id + 1);
+    $next_id     = ($current_id + 1);
     $extension   = $this->Adds->get_extension($type);
     $name        = $this->Auth->user('username') . "_" . $next_id . $extension;
 …
     if (is_uploaded_file($imgfile)):
        /** move file to proper directory ==*/
+        if (!copy($imgfile, $newfile)):
+          /** if an error occurs the file could not
+               be written, read or possibly does not exist ==*/
+         $this->flash('Error Uploading File.', '/admin/images/listing/');
+        if (!move_uploaded_file($imgfile, $newfile)):
+            /** if an error occurs the file could not  be written, read or possibly does not exist ==*/
+            $this->flash('Error moving uploaded File.', '/admin/images/listing/');
         endif;
         endif;
+   endif;
    /*** Create thumb***/
 …
     /** delete the temporary uploaded file **/
     unlink($imgfile);
+   }
+ }

trunk/controllers/users_controller.php

-                      r242
+                      r253
  public function admin_avatar()
+ {
+    //die(print_r($this->params));
+    $this->layout    = 'admin';
+    if (!empty($this->data) && is_uploaded_file($this->data['User']['file']['tmp_name']))
+    {
+    // echo "tmp_name : ". $this->data['User']['file']['tmp_name'] . "<br />"; // usefull print
+   Sanitize::clean($this->data); //Hopefully this is enough
+  //die(print_r($this->data));
+  $this->layout    = 'admin';
+  if (!empty($this->data) && is_uploaded_file($this->data['User']['file']['tmp_name'])):
+      $this->flash('Error uploading image, please contact the support team', '/admin/users/edit');
+  endif;
+  #Sanitize::clean($this->data); //Hopefully this is enough
     /** SUBMITTED INFORMATION - use what you need
 …
     /** uploaddir:  directory relative to where script is running */
+    $uploaddir    = "../webroot/img/avatars";
+    $uploaddir    = '../webroot/img/avatars';
     $maxfilesize  = 2097152; /** 2MB max size */
     $imgfile_name = $this->data['User']['file']['name'];
     $imgfile_size = $this->data['User']['file']['size'];
     $imgfile      = $this->data['User']['file']['tmp_name'];
     $type         = $this->data['User']['file']['type'];
     /** Security: checks to see if file is an image, if not do not allow upload ==*/
+    if ( $type != "image/jpeg" && $type != "image/pjpeg" && $type != "image/png" && $type != "image/gif")
+    {   /** is this a valid file? */
+        $ErrMsg   = "<h1>ERROR</h1> the file $imgfile_name $imgfile is not valid.<br>";
+        $ErrMsg  .= "<p>Only .jpg, .gif or .png files<br><br>";
+        $ErrMsg  .= "Current type file: " . $type . "</p>\n";
+    if ( $type != "image/jpeg" && $type != "image/pjpeg" && $type != "image/png" && $type != "image/gif"):
+         /** is this a valid file? */
+        $msg   = "ERROR the file is not valid. Only .jpg, .gif or .png files Current type file: " . $type;
         /** delete uploaded file  */
         unlink($imgfile);
+        die($this->flash($ErrMsg, '/users/edit/'. $this->Auth->user('id')) );
+    }
+    if ( $imgfile_size > $maxfilesize)
+    {
+             $ErrMsg  = "<h1>ERROR</h1> The image is too big.<br>";
+         $ErrMsg .= "<p>Bigger than 2.0 MB <br><br>";
+         $ErrMsg .= "Current size: " . $imgfile_size ."</p>\n";
+        die($this->flash($msg, '/users/edit/'. $this->Auth->user('id')) );
+    endif;
+    if ( $imgfile_size > $maxfilesize):
+             $msg  = "ERROR The image is too big. Bigger than 2.0 MB Current size: " . $imgfile_size;
          /** delete uploaded file */
          unlink($imgfile);
          die( $this->flash($ErrMsg,'/users/edit/'.$this->Auth->user('id')) );
+    }
     $extension   = $this->get_extension($type);
          $Name        = $this->Auth->user('username') . "_avatar" . $extension;
+         die( $this->flash($msg,'/users/edit/'.$this->Auth->user('id')) );
+    endif;
+    $extension   = $this->Adds->get_extension($type);
+        $name        = $this->Auth->user('username') . "_avatar" . $extension;
     /** setup final file location and name */
     /** change spaces to underscores in filename  */
     $final_filename = str_replace(" ", "_", $Name);
+    $final_filename = str_replace(" ", "_", $name);
     //die($final_filename);
     $newfile = $uploaddir . "/" . $final_filename;
     /** do extra security check to prevent malicious abuse */
+    if (is_uploaded_file($imgfile))
+    {
+       /** move file to proper directory ==*/
+       if (!copy($imgfile, $newfile))
+       {
+          /** if an error occurs the file could not be written, read or possibly does not exist */
+          die($this->flash('Error Uploading File.', '/users/edit/'.$this->Auth->user('id')));
+       }
+   }
+   /** Database stuff  **/
+   $this->data['User']['avatar'] = $final_filename;
+   if ($this->User->save($this->data)):
+    if (is_uploaded_file($imgfile)):
+        /** move file to proper directory ==*/
+        if ( !move_uploaded_file($imgfile, $newfile) ):
+            /** if an error occurs the file could not be written, read or possibly does not exist */
+            die($this->flash('Error Uploading File.', '/users/edit/'.$this->Auth->user('id')));
+        endif;
+   endif;
+   /** Now the database stuff  **/
+   if ($this->User->saveField('avatar',  $final_filename)):
             $this->msgFlash('Data saved', '/admin/users/edit/');
    endif;
          /** delete the temporary uploaded file **/
+   /** delete the temporary uploaded file **/
    unlink($imgfile);
+   }
+}
+  }
+}
 ?>

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 253

Legend:

trunk/controllers/images_controller.php

trunk/controllers/users_controller.php

Download in other formats: