Файл: adultscript-2.0.3-pro/files/modules/user/components/avatar.php
Строк: 58
<?php
defined('_VALID') or die('Restricted Access!');
class VComponent_user_avatar extends VModule_user
{
public function __construct()
{
parent::__construct();
}
public function render()
{
VAuth::check('Registered');
$user_id = (int) $_SESSION['user_id'];
$unique = time().'0'.mt_rand();
$locked = $this->is_locked($user_id);
$errors = array();
$messages = array();
$uploaded = false;
$awidth = VCfg::get('user.avatar_width');
$aheight = VCfg::get('user.avatar_height');
if ($locked) {
$errors[] = __('account-locked');
}
if (isset($_POST['submit-upload-avatar']) && !$locked) {
$filter = VF::factory('filter');
$upload_id = $filter->get('unique_id');
if (!ctype_digit($upload_id)) {
$errors[] = 'Invalid upload identifier!';
}
if (!$errors) {
if (!$file = $this->process_file($upload_id, VCfg::get('user.avatar_max_size'), VCfg::get('user.avatar_allowed_ext'))) {
$errors = array_merge($errors, $this->errors);
}
}
if (!$errors) {
$photo = $user_id.'.'.$file['ext'];
$dst_orig = MEDIA_DIR.'/users/orig/'.$photo;
if (rename($file['path'], $dst_orig)) {
$image = VF::factory('image');
if (!$image->load($dst_orig)) {
$errors[] = $image->get_error();
}
$width = $image->src['width'];
$height = $image->src['height'];
if ($width <= $awidth or $height <= $aheight) {
$dst_thumb = MEDIA_DIR.'/users/'.$photo;
if ($image->canvas($awidth, $aheight, '000000') &&
$image->resize($awidth, $aheight, 'ASPECT_RATIO', $dst_tmp)) {
if ($image->load($dst_tmp) &&
$image->crop_from_center($awidth, $aheight, $dst_thumb)) {
$processed = TRUE;
} else {
$errors[] = $image->get_error();
}
} else {
$errors[] = $image->get_error();
}
}
$uploaded = basename($dst_orig); $_SESSION['uploaded'] = $uploaded;
VFile::delete($file['path']);
if (isset($processed) && $processed) {
$this->db->query("
UPDATE #__user
SET avatar = '".$this->db->escape($file['ext'])."'
WHERE user_id = ".$user_id."
LIMIT 1
");
$_SESSION['avatar'] = $avatar['ext'];
$messages[] = __('avatar-success');
} else {
$messages[] = __('avatar-success-crop');
}
} else {
$errors[] = __('avatar-failed');
}
}
}
if (isset($_POST['scale']) && !$locked) {
$scale = (float) $_POST['scale'];
$x = (int) $_POST['x'];
$y = (int) $_POST['y'];
$w = (int) $_POST['w'];
$h = (int) $_POST['h'];
$avatar = $_SESSION['uploaded'];
$orig = MEDIA_DIR.'/users/orig/'.$avatar;
$dst = MEDIA_DIR.'/users/'.$avatar;
$image = VF::factory('image');
if ($image->load($orig) &&
$image->zoom($scale) &&
$image->crop($x, $y, $w, $h, $dst)) {
$ext = VFile::ext($avatar);
$this->db->query("
UPDATE #__user
SET avatar = '".$this->db->escape($ext)."'
WHERE user_id = ".$user_id."
LIMIT 1
");
$_SESSION['avatar'] = $ext;
$messages[] = __('avatar-success');
} else {
$errors[] = $image->get_error();
}
}
if (isset($_SESSION['avatar']) && $_SESSION['avatar'] != '') {
$uploaded = $user_id.'.'.$_SESSION['avatar']; $_SESSION['uploaded'] = $uploaded;
}
$this->tpl->menu = 'home';
$this->tpl->colmenu = 'account';
$this->tpl->submenu = 'user-avatar';
$this->tpl->title = __('avatar-meta-title');
$this->tpl->meta_title = __('avatar-meta-title');
$this->tpl->errors = $errors;
$this->tpl->messages = $messages;
$this->tpl->uploaded = $uploaded;
$this->tpl->unique = $unique;
$this->tpl->load(array('header', 'user_avatar', 'footer'));
$this->tpl->display();
}
private function is_locked($user_id)
{
$this->db->query("SELECT locked FROM #__user WHERE user_id = ".$user_id." LIMIT 1");
if ($this->db->affected_rows()) {
return (bool) $this->db->fetch_field('locked');
}
VModule::load('error', true);
}
private function process_file($upload_id, $max_size, $allowed_ext)
{
VLanguage::load('frontend.upload');
$sec = substr(md5(VF::cfg_item('secret')), -5);
$finfo = TMP_DIR.'/uploads/'.$upload_id.'_'.$sec;
if (file_exists($finfo) && is_file($finfo)) {
$info = file($finfo);
$name = trim($info['0']);
$ext = trim($info['1']);
$path = TMP_DIR.'/uploads/'.$upload_id.'_'.$sec.'.'.$ext;
if (file_exists($path) && is_file($path)) {
$size = filesize($path);
if ($max_size !== 0 && $size > ($max_size*1024*1024)) {
$this->errors[] = __('file-limit', array($max_size));
} else {
if (in_array($ext, $allowed_ext)) {
VFile::delete($finfo);
return array(
'path' => $path,
'name' => $name,
'size' => $size,
'ext' => $ext
);
} else {
$this->errors[] = __('file-invalid', array(implode(', ', $allowed_ext)));
}
}
} else {
$this->errors[] = __('file-select');
}
} else {
$this->errors[] = __('file-select').'*';
}
VFile::delete($finfo);
if (isset($path)) {
VFile::delete($path);
}
return FALSE;
}
}