Bugtracker #3958 - option to delete user photo without replacement, plus a bit of a tidy up

2025-01-17 12:48:24 +01:00 · 2007-07-23 20:06:05 +00:00 · 2007-07-23 20:06:05 +00:00 · 7af3514375
commit 7af3514375
parent af598909ab
6 changed files with 108 additions and 35 deletions
--- a/e107_files/shortcode/batch/usersettings_shortcodes.php
+++ b/e107_files/shortcode/batch/usersettings_shortcodes.php
@ -11,9 +11,9 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_files/shortcode/batch/usersettings_shortcodes.php,v $
-|     $Revision: 1.5 $
-|     $Date: 2007-06-13 22:13:58 $
-|     $Author: e107coders $
+|     $Revision: 1.6 $
+|     $Date: 2007-07-23 20:05:46 $
+|     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
 if (!defined('e107_INIT')) { exit; }
@ -172,7 +172,7 @@ SC_BEGIN AVATAR_UPLOAD
 global $pref;
 if ($pref['avatar_upload'] && FILE_UPLOADS)
 {
-		return "<input class='tbox' name='file_userfile[]' type='file' size='47' />";
+		return "<input class='tbox' name='file_userfile[avatar]' type='file' size='47' />";
 }
 SC_END

@ -212,7 +212,8 @@ SC_BEGIN PHOTO_UPLOAD
 global $pref;
 if ($pref['photo_upload'] && FILE_UPLOADS)
 {
-		return "<input class='tbox' name='file_userfile[]' type='file' size='47' />";
+	return "<input type='checkbox' name='user_delete_photo' value='1' />".LAN_USET_16."<br />\n
+	        <input class='tbox' name='file_userfile[photo]' type='file' size='47' />";
 }
 SC_END

@ -245,7 +246,7 @@ foreach($catList as $cat)
 	cachevars("extendedcat_{$cat['user_extended_struct_id']}", $cat);
  	$ret .= $tp->parseTemplate("{USEREXTENDED_CAT={$cat['user_extended_struct_id']}}", TRUE, $usersettings_shortcodes);
 }
-return $ret;
+ return $ret;
 SC_END

 SC_BEGIN USEREXTENDED_CAT
--- a/e107_handlers/upload_handler.php
+++ b/e107_handlers/upload_handler.php
@ -12,8 +12,8 @@
 |        GNU General Public License (http://gnu.org).
 |
 |   $Source: /cvs_backup/e107_0.8/e107_handlers/upload_handler.php,v $
-|   $Revision: 1.6 $
-|   $Date: 2007-07-13 21:21:58 $
+|   $Revision: 1.7 $
+|   $Date: 2007-07-23 20:05:54 $
 |   $Author: e107steved $
 +---------------------------------------------------------------+
 */
@ -55,6 +55,7 @@ function file_upload($uploaddir, $avatar = FALSE, $fileinfo = "", $overwrite = "
 				$uploaded[$c]['name'] = "Binary ".mysql_insert_id()."/".$file_name;
 				$uploaded[$c]['type'] = $file_userfile['type'][$c];
 				$uploaded[$c]['size'] = $file_userfile['size'][$c];
+				$uploaded[$c]['index'] = $key;			// Store the actual index from the file_userfile array
 			}
 		}
 		return $uploaded;
@ -118,6 +119,7 @@ function file_upload($uploaddir, $avatar = FALSE, $fileinfo = "", $overwrite = "
 				$uploaded[$c]['rawname'] = $raw_name;
 				$uploaded[$c]['type'] = $files['type'][$key];
 				$uploaded[$c]['size'] = 0;
+				$uploaded[$c]['index'] = $key;			// Store the actual index from the file_userfile array

 				$method = (OPEN_BASEDIR == FALSE ? "copy" : "move_uploaded_file");

--- a/e107_languages/English/lan_upload_handler.php
+++ b/e107_languages/English/lan_upload_handler.php
@ -4,8 +4,8 @@
 |     e107 website system - Language File.
 |
 |     $Source: /cvs_backup/e107_0.8/e107_languages/English/lan_upload_handler.php,v $
-|     $Revision: 1.2 $
-|     $Date: 2007-07-11 20:23:10 $
+|     $Revision: 1.3 $
+|     $Date: 2007-07-23 20:06:00 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@ -21,5 +21,13 @@ define("LANUPLOAD_9", "Uploaded file size 0 bytes");
 define("LANUPLOAD_10", "Upload failed [Duplicate filename] - A file with the same name already exists.");
 define("LANUPLOAD_11", "The file did not upload. Filename: ");
 define("LANUPLOAD_12", "Error");
+define("LANUPLOAD_13", "Missing temporary folder");
+define("LANUPLOAD_14", "File write failed");
+define("LANUPLOAD_15", "Upload not allowed");
+define("LANUPLOAD_16", "Unknown Error");
+define("LANUPLOAD_17", "Invalid name for uploaded file");
+define("LANUPLOAD_18", "The uploaded file exceeds allowable limits.");
+define("LANUPLOAD_19", "Too many files uploaded - excess deleted.");
+

 ?>
--- a/e107_languages/English/lan_usersettings.php
+++ b/e107_languages/English/lan_usersettings.php
@ -4,8 +4,8 @@
 |     e107 website system - Language File.
 |
 |     $Source: /cvs_backup/e107_0.8/e107_languages/English/lan_usersettings.php,v $
-|     $Revision: 1.6 $
-|     $Date: 2007-05-28 09:37:35 $
+|     $Revision: 1.7 $
+|     $Date: 2007-07-23 20:06:00 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@ -110,5 +110,6 @@ define("LAN_USET_12", "That display name is too short. Please choose another");
 define("LAN_USET_13", "Invalid characters in Username. Please choose another");
 define("LAN_USET_14", "Login name too long. Please choose another");
 define("LAN_USET_15", "Display name too long. Please choose another");
+define("LAN_USET_16", "Tick box to delete existing photo without uploading another");

 ?>
--- a/e107_themes/templates/usersettings_template.php
+++ b/e107_themes/templates/usersettings_template.php
@ -11,9 +11,9 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_themes/templates/usersettings_template.php,v $
-|     $Revision: 1.2 $
-|     $Date: 2007-01-17 13:48:50 $
-|     $Author: mrpete $
+|     $Revision: 1.3 $
+|     $Date: 2007-07-23 20:06:05 $
+|     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */

@ -71,9 +71,9 @@ $sc_style['PHOTO_UPLOAD']['pre'] = "

 <tr>
 <td style='width:40%; vertical-align:top' class='forumheader3'>".LAN_414."<br /><span class='smalltext'>".LAN_426."</span></td>
-<td style='width:60%' class='forumheader2'>
+<td style='width:60%' class='forumheader2'><span class='smalltext'>
 ";
-$sc_style['PHOTO_UPLOAD']['post'] = "</td></tr>";
+$sc_style['PHOTO_UPLOAD']['post'] = "</span></td></tr>";


 $sc_style['XUP']['pre'] = "
@ -122,7 +122,7 @@ $USERSETTINGS_EDIT = "
 	</tr>

 	<tr>
-	<td style='width:40%' class='forumheader3'>".LAN_308.req($pref['signup_option_realname'])."<br /><span class='smalltext'>".LAN_310."</span>"."</td>
+	<td style='width:40%' class='forumheader3'>".LAN_308.req($pref['signup_option_realname'])."</td>
 	<td style='width:60%' class='forumheader2'>
 	{REALNAME}
 	</td>
--- a/usersettings.php
+++ b/usersettings.php
@ -11,8 +11,8 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/usersettings.php,v $
-|     $Revision: 1.10 $
-|     $Date: 2007-06-25 20:09:30 $
+|     $Revision: 1.11 $
+|     $Date: 2007-07-23 20:05:46 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@ -73,6 +73,9 @@ include_once(e_FILE."shortcode/batch/usersettings_shortcodes.php");
 require_once(e_HANDLER."calendar/calendar_class.php");
 $cal = new DHTML_Calendar(true);
 $_uid = is_numeric(e_QUERY) ? intval(e_QUERY) : "";
+$sesschange = '';						// Notice removal
+$photo_to_delete = '';
+$avatar_to_delete = '';

 require_once(HEADERF);

@ -102,10 +105,10 @@ if (isset($_POST['updatesettings']))
 	{	// Current user logged in - use their ID
 		$inp = USERID;
 	}
+
+
+	// Check external avatar
 	$_POST['image'] = str_replace(array('\'', '"', '(', ')'), '', $_POST['image']);   // these are invalid anyway, so why allow them? (XSS Fix)
-
-	// check prefs for required fields =================================.
-
 	if ($_POST['image'] && $size = getimagesize($_POST['image'])) {
 		$avwidth = $size[0];
 		$avheight = $size[1];
@ -184,6 +187,7 @@ if (isset($_POST['updatesettings']))
 		$password2 = "";
 	}

+
 	if (isset($pref['disable_emailcheck']) && $pref['disable_emailcheck']==1)
 	{
 	} else {
@ -216,6 +220,7 @@ if (isset($_POST['updatesettings']))
 	}


+// Uploaded avatar and/or photo
 	$user_sess = "";
 	if ($file_userfile['error'] != 4)
 	{
@ -224,21 +229,29 @@ if (isset($_POST['updatesettings']))

 		if ($uploaded = file_upload(e_FILE."public/avatars/", "avatar"))
 		{
-			if ($uploaded[0]['name'] && $pref['avatar_upload'])
+		  foreach ($uploaded as $upload)
+		  {	// Needs the latest upload handler (with legacy and 'future' interfaces) to work
+			if ($upload['name'] && ($upload['index'] == 'avatar') && $pref['avatar_upload'])
 			{
-				// avatar uploaded
-				$_POST['image'] = "-upload-".$uploaded[0]['name'];
-				if (!resize_image(e_FILE."public/avatars/".$uploaded[0]['name'], e_FILE."public/avatars/".$uploaded[0]['name'], "avatar"))
+				// avatar uploaded - give it a reference which identifies it as server-stored
+				$_POST['image'] = "-upload-".$upload['name'];
+				if ($_POST['image'] != $currentUser['user_image'])
+				{
+				  $avatar_to_delete = str_replace("-upload-", "", $currentUser['user_image']);
+//				  echo "Avatar change; deleting {$avatar_to_delete}<br />";
+				}
+				if (!resize_image(e_FILE."public/avatars/".$upload['name'], e_FILE."public/avatars/".$upload['name'], "avatar"))
 				{
 					unset($message);
 					$error .= RESIZE_NOT_SUPPORTED."\\n";
-					@unlink(e_FILE."public/avatars/".$uploaded[0]['name']);
+					@unlink(e_FILE."public/avatars/".$upload['name']);
 				}
 			}
-			if ($uploaded[1]['name'] || (!$pref['avatar_upload'] && $uploaded[0]['name']))
+
+			if ($upload['name'] && ($upload['index'] == 'photo') && $pref['photo_upload'] )
 			{
 				// photograph uploaded
-				$user_sess = ($pref['avatar_upload'] ? $uploaded[1]['name'] : $uploaded[0]['name']);
+				$user_sess = $upload['name'];
 				if (!resize_image(e_FILE."public/avatars/".$user_sess, e_FILE."public/avatars/".$user_sess, 180))
 				{
 					unset($message);
@ -246,13 +259,32 @@ if (isset($_POST['updatesettings']))
 					@unlink(e_FILE."public/avatars/".$user_sess);
 				}
 			}
+		  }
 		}
 	}

-	if ($user_sess != "")
+// See if user just wants to delete existing photo
+	if (isset($_POST['user_delete_photo']))
 	{
-		$sesschange = "user_sess = '".$tp->toDB($user_sess)."', ";
+	  $photo_to_delete = $currentUser['user_sess'];
+	  $sesschange = "user_sess = '', ";
+//	  echo "Just delete old photo: {$photo_to_delete}<br />";
 	}
+	elseif ($user_sess != "")
+	{	// Update DB with photo
+	  $sesschange = "user_sess = '".$tp->toDB($user_sess)."', ";
+	  if ($currentUser['user_sess'] == $sesschange)
+	  {
+		$sesschange = '';			// Same photo - do nothing
+//		echo "Photo not changed<br />";
+	  }
+	  else
+	  {
+		$photo_to_delete = $currentUser['user_sess'];
+//		echo "Delete old photo: {$photo_to_delete}<br />";
+	  }
+	}
+

    // Validate Extended User Fields.
 	if($_POST['ue'])
@ -300,7 +332,7 @@ if (isset($_POST['updatesettings']))
 	{
 		unset($_POST['password1']);
 		unset($_POST['password2']);
-
+        $_POST['user_id'] = intval($inp);
 		$ret = $e_event->trigger("preuserset", $_POST);
 		if(trim($_POST['user_xup']) != "")
 		{
@ -362,6 +394,15 @@ if (isset($_POST['updatesettings']))
 			}

 			$sql->db_Update("user", "{$new_username} {$pwreset} {$sesschange} user_email='".$tp -> toDB($_POST['email'])."', user_signature='".$_POST['signature']."', user_image='".$tp -> toDB($_POST['image'])."', user_timezone='".$tp -> toDB($_POST['timezone'])."', user_hideemail='".$tp -> toDB($_POST['hideemail'])."', user_login='".$_POST['realname']."' {$new_customtitle}, user_xup='".$tp -> toDB($_POST['user_xup'])."' WHERE user_id='".intval($inp)."' ");
+			if ($photo_to_delete)
+			{	// Photo may be a flat file, or in the database
+			  delete_file($photo_to_delete);
+			}
+			if ($avatar_to_delete)
+			{	// Avatar may be a flat file, or in the database
+			  delete_file($avatar_to_delete);
+			}
+
 			// If user has changed display name, update the record in the online table
 			if(isset($username) && ($username != USERNAME) && !$_uid)
 			{
@ -491,7 +532,7 @@ $text .= $tp->parseTemplate($USERSETTINGS_EDIT, TRUE, $usersettings_shortcodes);
 $text .= "<div>";

 $text .= "
-	<input type='hidden' name='_uid' value='$_uid' />
+	<input type='hidden' name='_uid' value='$uuid' />
 	</div>
 	</form>
 	";
@ -513,7 +554,27 @@ function req($field) {
 	}
 	return $ret;
 }
-//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
+//---------------------------------------------------------------------------------
+
+// Delete a file from the public directories. Return TRUE on success, FALSE on failure.
+// Also deletes from database if appropriate.
+function delete_file($fname, $dir = 'avatars/')
+{
+  global $sql;
+  if (!$fname) return FALSE;
+  
+  if (preg_match("#Binary (.*?)/#", $fname, $match)) 
+  {
+	return $sql -> db_Delete("rbinary", "binary_id='".$tp -> toDB($match[1])."'");
+  }
+  elseif (file_exists(e_FILE."public/".$dir.$fname)) 
+  {
+	unlink(e_FILE."public/".$dir.$fname);
+	return TRUE;
+  }
+  return FALSE;
+}
+

 function headerjs() {
 	global $cal;