Bug #1291 ยป 1291.patch
| components/com_comprofiler/plugin/user/plug_cbcore/cb.core.php | ||
|---|---|---|
|
*/
|
||
|
function prepareFieldDataSave( &$field, &$user, &$postdata, $reason ) {
|
||
|
global $_CB_framework, $ueConfig, $_PLUGINS, $_FILES;
|
||
|
|
||
|
$this->_prepareFieldMetaSave( $field, $user, $postdata, $reason );
|
||
|
|
||
|
$col = $field->name;
|
||
|
$colapproved = $col . 'approved';
|
||
|
$col_choice = $col . '__choice';
|
||
|
$col_file = $col . '__file';
|
||
|
$col_gallery = $col . '__gallery';
|
||
|
$col = $field->name;
|
||
|
$colapproved = $col . 'approved';
|
||
|
$col_choice = $col . '__choice';
|
||
|
$col_file = $col . '__file';
|
||
|
$col_gallery = $col . '__gallery';
|
||
|
|
||
|
$choice = stripslashes( cbGetParam( $postdata, $col_choice ) );
|
||
|
$choice = stripslashes( cbGetParam( $postdata, $col_choice ) );
|
||
|
|
||
|
switch ( $choice ) {
|
||
|
case 'upload':
|
||
|
if ( ( $col == 'avatar' ) && ! $ueConfig['allowAvatarUpload'] ) {
|
||
|
$this->_setErrorMSG( _UE_NOT_AUTHORIZED );
|
||
|
return;
|
||
|
}
|
||
|
$value = ( isset( $_FILES[$col_file] ) ? $_FILES[$col_file] : null );
|
||
|
|
||
|
$isModerator = isModerator( $_CB_framework->myId() );
|
||
|
if ( $this->validate( $field, $user, $choice, $value, $postdata, $reason ) ) {
|
||
|
$_PLUGINS->loadPluginGroup( 'user' );
|
||
|
|
||
|
if ( ( ! isset( $_FILES[$col_file]['tmp_name'] ) )
|
||
|
|| empty( $_FILES[$col_file]['tmp_name'] )
|
||
|
|| ( $_FILES[$col_file]['error'] != 0 )
|
||
|
|| ( ! is_uploaded_file( $_FILES[$col_file]['tmp_name'] ) )
|
||
|
) {
|
||
|
$this->_setErrorMSG( _UE_UPLOAD_ERROR_EMPTY );
|
||
|
return;
|
||
|
}
|
||
|
$isModerator = isModerator( $_CB_framework->myId() );
|
||
|
|
||
|
$_PLUGINS->loadPluginGroup( 'user' );
|
||
|
$_PLUGINS->trigger( 'onBeforeUserAvatarUpdate', array( &$user, &$user, $isModerator, &$_FILES[$col_file]['tmp_name'] ) );
|
||
|
if ( $_PLUGINS->is_errors() ) {
|
||
|
$this->_setErrorMSG( $_PLUGINS->getErrorMSG() );
|
||
|
}
|
||
|
$_PLUGINS->trigger( 'onBeforeUserAvatarUpdate', array( &$user, &$user, $isModerator, &$value['tmp_name'] ) );
|
||
|
|
||
|
$imgToolBox = new imgToolBox();
|
||
|
$imgToolBox->_conversiontype = $ueConfig['conversiontype'];
|
||
| ... | ... | |
|
$imgToolBox->_NETPBM_path = $ueConfig['netpbm_path'];
|
||
|
$imgToolBox->_maxsize = $this->_getImageFieldParam( $field, 'avatarSize' );
|
||
|
$imgToolBox->_maxwidth = $this->_getImageFieldParam( $field, 'avatarWidth' );
|
||
|
$imgToolBox->_maxheight = $this->_getImageFieldParam( $field, 'avatarHeight' );
|
||
|
$imgToolBox->_maxheight = $this->_getImageFieldParam( $field, 'avatarHeight' );
|
||
|
$imgToolBox->_thumbwidth = $this->_getImageFieldParam( $field, 'thumbWidth' );
|
||
|
$imgToolBox->_thumbheight = $this->_getImageFieldParam( $field, 'thumbHeight' );
|
||
|
$imgToolBox->_debug = 0;
|
||
|
|
||
|
$allwaysResize = ( isset( $ueConfig['avatarResizeAlways'] ) ? $ueConfig['avatarResizeAlways'] : 1 );
|
||
|
$fileNameInDir = ( $col == 'avatar' ? '' : $col . '_' ) . uniqid( $user->id . '_' );
|
||
|
|
||
|
$fileNameInDir = ( $col == 'avatar' ? '' : $col . '_' ) . uniqid($user->id."_");
|
||
|
$newFileName = $imgToolBox->processImage( $_FILES[$col_file], $fileNameInDir, $_CB_framework->getCfg('absolute_path') . '/images/comprofiler/', 0, 0, 1, $allwaysResize );
|
||
|
if ( ! $newFileName ) {
|
||
|
$this->_setErrorMSG( $imgToolBox->_errMSG );
|
||
|
$value = $imgToolBox->processImage( $value, $fileNameInDir, $_CB_framework->getCfg( 'absolute_path' ) . '/images/comprofiler/', 0, 0, 1, $allwaysResize );
|
||
|
|
||
|
if ( ! $value ) {
|
||
|
$this->_setValidationError( $field, $user, $reason, $imgToolBox->_errMSG ); // needed if uploaded file fails in imgToolbox
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
if ( isset( $user->$col ) && ! ( ( $col == 'avatar' ) && $ueConfig['avatarUploadApproval'] == 1 && $isModerator == 0 ) ) {
|
||
|
// if auto-approved: //TBD: else need to log update on image approval !
|
||
|
$this->_logFieldUpdate( $field, $user, $reason, $user->$col, $newFileName );
|
||
|
if ( isset( $user->$col ) && ! ( ( $col == 'avatar' ) && ( $ueConfig['avatarUploadApproval'] == 1 ) && ( $isModerator == 0 ) ) ) {
|
||
|
$this->_logFieldUpdate( $field, $user, $reason, $user->$col, $value );
|
||
|
}
|
||
|
|
||
|
if ( $user->$col != '' ) {
|
||
|
deleteAvatar( $user->$col );
|
||
|
}
|
||
|
|
||
|
if ( ( $col == 'avatar' ) && $ueConfig['avatarUploadApproval'] == 1 && $isModerator == 0 ) {
|
||
|
|
||
|
if ( ( $col == 'avatar' ) && ( $ueConfig['avatarUploadApproval'] == 1 ) && ( $isModerator == 0 ) ) {
|
||
|
$cbNotification = new cbNotification();
|
||
|
|
||
|
$cbNotification->sendToModerators( _UE_IMAGE_ADMIN_SUB, _UE_IMAGE_ADMIN_MSG );
|
||
|
|
||
|
$user->$col = $newFileName;
|
||
|
$user->$col = $value;
|
||
|
$user->$colapproved = 0;
|
||
|
// $_CB_database->setQuery("UPDATE #__comprofiler SET avatar='" . $_CB_database->getEscaped($newFileName) . "', avatarapproved=0 WHERE id=" . (int) $row->id);
|
||
|
// $redMsg = _UE_UPLOAD_PEND_APPROVAL;
|
||
|
} else {
|
||
|
$user->$col = $newFileName;
|
||
|
$user->$col = $value;
|
||
|
$user->$colapproved = 1;
|
||
|
// $_CB_database->setQuery("UPDATE #__comprofiler SET avatar='" . $_CB_database->getEscaped($newFileName) . "', avatarapproved=1, lastupdatedate='".date('Y-m-d\TH:i:s')."' WHERE id=" . (int) $row->id);
|
||
|
// $redMsg = _UE_UPLOAD_SUCCESSFUL;
|
||
|
}
|
||
|
|
||
|
// $_CB_database->query();
|
||
|
|
||
|
$_PLUGINS->trigger( 'onAfterUserAvatarUpdate', array(&$user, &$user, $isModerator, $newFileName ) );
|
||
|
$_PLUGINS->trigger( 'onAfterUserAvatarUpdate', array( &$user, &$user, $isModerator, $value ) );
|
||
|
}
|
||
|
break;
|
||
|
|
||
|
case 'gallery':
|
||
|
if( ( $col == 'avatar' ) && ! $ueConfig['allowAvatarGallery'] ) {
|
||
|
$this->_setErrorMSG( _UE_NOT_AUTHORIZED );
|
||
|
return;
|
||
|
}
|
||
|
$value = stripslashes( cbGetParam( $postdata, $col_gallery ) );
|
||
|
|
||
|
$newAvatar = stripslashes( cbGetParam( $postdata, $col_gallery ) );
|
||
|
if ( ( $newAvatar == '' ) || preg_match( '/[^-_a-zA-Z0-9.]/', $newAvatar ) || ( strpos( $newAvatar, '..' ) !== false ) ) {
|
||
|
$this->_setErrorMSG( _UE_UPLOAD_ERROR_CHOOSE . $newAvatar );
|
||
|
return;
|
||
|
}
|
||
|
if ( $this->validate( $field, $user, $choice, $value, $postdata, $reason ) ) {
|
||
|
$value = 'gallery/' . $value;
|
||
|
|
||
|
$newAvatar = 'gallery/' . $newAvatar;
|
||
|
if ( isset( $user->$col ) ) {
|
||
|
$this->_logFieldUpdate( $field, $user, $reason, $user->$col, $newAvatar );
|
||
|
$this->_logFieldUpdate( $field, $user, $reason, $user->$col, $value );
|
||
|
}
|
||
|
|
||
|
// delete old avatar:
|
||
|
deleteAvatar( $user->$col );
|
||
|
deleteAvatar( $user->$col ); // delete old avatar
|
||
|
|
||
|
$user->$col = $newAvatar;
|
||
|
$user->$col = $value;
|
||
|
$user->$colapproved = 1;
|
||
|
/*
|
||
|
//$_CB_database->setQuery( "UPDATE #__comprofiler SET avatar = " . $_CB_database->Quote($newAvatar)
|
||
|
// . ", avatarapproved=1, lastupdatedate = " . $_CB_database->Quote( date('Y-m-d H:i:s') )
|
||
|
// . " WHERE id = " . (int) $row->id);
|
||
|
if( ! $_CB_database->query() ) {
|
||
|
$msg = _UE_USER_PROFILE_NOT;
|
||
|
}else {
|
||
|
// delete old avatar:
|
||
|
deleteAvatar( $user->$col );
|
||
|
$msg = _UE_USER_PROFILE_UPDATED;
|
||
|
}
|
||
|
*/
|
||
|
break;
|
||
|
case 'delete':
|
||
|
if ( $user->id && $user->$col != null && $user->$col != "" ) {
|
||
|
if ( $user->id && ( $user->$col != null ) && ( $user->$col != '' ) ) {
|
||
|
global $_CB_database;
|
||
|
|
||
|
if ( isset( $user->$col ) ) {
|
||
|
$this->_logFieldUpdate( $field, $user, $reason, $user->$col, '' );
|
||
|
}
|
||
|
|
||
|
deleteAvatar( $user->$col );
|
||
|
$user->$col = null; // this will not update, so we do query below:
|
||
|
$user->$colapproved = 1;
|
||
|
$_CB_database->setQuery('UPDATE ' . $_CB_database->NameQuote( $field->table ) . ' SET ' . $_CB_database->NameQuote( $col ) . ' = NULL, ' . $_CB_database->NameQuote( $col . 'approved' ) . ' = 1, ' . $_CB_database->NameQuote( 'lastupdatedate' ) . ' = ' . $_CB_database->Quote( date('Y-m-d H:i:s') ) . ' WHERE id=' . (int) $user->id);
|
||
|
deleteAvatar( $user->$col ); // delete old avatar
|
||
|
|
||
|
$user->$col = null; // this will not update, so we do query below:
|
||
|
$user->$colapproved = 1;
|
||
|
|
||
|
$query = 'UPDATE ' . $_CB_database->NameQuote( $field->table )
|
||
|
. "\n SET " . $_CB_database->NameQuote( $col ) . " = NULL"
|
||
|
. ', ' . $_CB_database->NameQuote( $col . 'approved' ) . ' = 1'
|
||
|
. ', ' . $_CB_database->NameQuote( 'lastupdatedate' ) . ' = ' . date( 'Y-m-d H:i:s', $_CB_framework->now() )
|
||
|
. "\n WHERE " . $_CB_database->NameQuote( 'id' ) . " = " . (int) $user_id;
|
||
|
$_CB_database->setQuery( $query );
|
||
|
$_CB_database->query();
|
||
|
}
|
||
|
|
||
|
break;
|
||
|
case 'approve':
|
||
|
if ( isset( $user->$col ) && ( $_CB_framework->getUi() == 2 ) && $user->id && $user->$col != null && $user->$colapproved == 0 ) {
|
||
|
if ( isset( $user->$col ) && ( $_CB_framework->getUi() == 2 ) && $user->id && ( $user->$col != null ) && ( $user->$colapproved == 0 ) ) {
|
||
|
$this->_logFieldUpdate( $field, $user, $reason, '', $user->$col ); // here we are missing the old value, so can't give it...
|
||
|
|
||
|
$user->$colapproved = 1;
|
||
|
$user->lastupdatedate = date('Y-m-d H:i:s');
|
||
|
$cbNotification = new cbNotification();
|
||
|
$user->$colapproved = 1;
|
||
|
$user->lastupdatedate = date( 'Y-m-d H:i:s', $_CB_framework->now() );
|
||
|
|
||
|
$cbNotification = new cbNotification();
|
||
|
|
||
|
$cbNotification->sendFromSystem( $user, _UE_IMAGEAPPROVED_SUB, _UE_IMAGEAPPROVED_MSG );
|
||
|
}
|
||
|
break;
|
||
|
case '':
|
||
|
default:
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Validator:
|
||
|
* Validates $value for $field->required and other rules
|
||
|
* Override
|
||
|
*
|
||
|
* @param moscomprofilerFields $field
|
||
|
* @param moscomprofilerUser $user RETURNED populated: touch only variables related to saving this field (also when not validating for showing re-edit)
|
||
|
* @param string $columnName Column to validate
|
||
|
* @param string $value (RETURNED:) Value to validate, Returned Modified if needed !
|
||
|
* @param array $postdata Typically $_POST (but not necessarily), filtering required.
|
||
|
* @param string $reason 'edit' for save user edit, 'register' for save registration
|
||
|
* @return boolean True if validate, $this->_setErrorMSG if False
|
||
|
*/
|
||
|
function validate( &$field, &$user, $columnName, &$value, &$postdata, $reason ) {
|
||
|
global $_CB_framework, $ueConfig, $_FILES;
|
||
|
|
||
|
$isRequired = $this->_isRequired( $field, $user, $reason );
|
||
|
|
||
|
switch ( $columnName ) {
|
||
|
case 'upload':
|
||
|
if ( ( $field->name == 'avatar' ) && ! $ueConfig['allowAvatarUpload'] ) {
|
||
|
$this->_setValidationError( $field, $user, $reason, _UE_NOT_AUTHORIZED );
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
if ( ! isset( $value['tmp_name'] ) || empty( $value['tmp_name'] ) || ( $value['error'] != 0 ) || ! is_uploaded_file( $value['tmp_name'] ) ) {
|
||
|
if ( $isRequired ) {
|
||
|
$this->_setValidationError( $field, $user, $reason, _UE_UPLOAD_ERROR_EMPTY );
|
||
|
}
|
||
|
|
||
|
return false;
|
||
|
}
|
||
|
break;
|
||
|
case 'gallery':
|
||
|
if ( ( $field->name == 'avatar' ) && ! $ueConfig['allowAvatarGallery'] ) {
|
||
|
$this->_setValidationError( $field, $user, $reason, _UE_NOT_AUTHORIZED );
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
if ( ( $value == '' ) || preg_match( '/[^-_a-zA-Z0-9.]/', $value ) || ( strpos( $value, '..' ) !== false ) ) {
|
||
|
$this->_setValidationError( $field, $user, $reason, _UE_UPLOAD_ERROR_CHOOSE . $value );
|
||
|
return false;
|
||
|
}
|
||
|
break;
|
||
|
}
|
||
|
|
||
|
return true;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Finder:
|
||
|
* Prepares field data for saving to database (safe transfer from $postdata to $user)
|
||
|
* Override
|
||