mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-03 21:27:25 +02:00
Code Issues Releases Wiki Activity

Better avatar handling, code cleanup

Browse Source
This commit is contained in:
mcfly
2008-12-10 16:37:17 +00:00
parent abab89c39d
commit 7fe42a3b96
4 changed files with 598 additions and 585 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
e107_files/shortcode/user_avatar.sc
View File

@@ -24,5 +24,10 @@ else
{
$image = USERIMAGE;
}
require_once(e_HANDLER."avatar_handler.php");
if(!$image) { return; }
require_once(e_HANDLER.'avatar_handler.php');
$avatar = avatar($image);
if($avatar)
{
return "<div class='spacer'><img src='".avatar($image)."' alt='' /></div><br />";
}

34
e107_handlers/avatar_handler.php
View File

@@ -11,27 +11,37 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_handlers/avatar_handler.php,v $
| $Revision: 1.1.1.1 $
| $Date: 2006-12-02 04:33:42 $
| $Revision: 1.2 $
| $Date: 2008-12-10 16:37:17 $
| $Author: mcfly_e107 $
+----------------------------------------------------------------------------+
*/
if (!defined('e107_INIT')) { exit; }
if (!defined('e107_INIT'))
{
exit;
}
function avatar($avatar) {
function avatar($avatar)
{
global $tp;
if (stristr($avatar, "-upload-") !== FALSE) {
return e_FILE."public/avatars/".str_replace("-upload-", "", $avatar);
} else if (stristr($avatar, "Binary") !== FALSE) {
if (stristr($avatar, '-upload-') !== false)
{
return e_FILE.'public/avatars/'.str_replace('-upload-', '', $avatar);
}
elseif (stristr($avatar, 'Binary') !== false)
{
$sqla = new db;
preg_match("/Binary\s(.*?)\//", $avatar, $result);
$sqla->db_Select("rbinary", "*", "binary_id='".$tp -> toDB($result[1])."' ");
$sqla->db_Select('rbinary', '*', "binary_id='".$tp->toDB($result[1])."' ");
$row = $sqla->db_Fetch();
extract($row);
return $binary_data;
} else if (strpos($avatar, "http://") === FALSE) {
return $row['binary_data'];
}
elseif (strpos($avatar, 'http://') === false)
{
return e_IMAGE."avatars/".$avatar;
} else {
}
else
{
return $avatar;
}
}

6
e107_plugins/login_menu/login_menu_template.php
View File

@@ -11,9 +11,9 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_plugins/login_menu/login_menu_template.php,v $
| $Revision: 1.5 $
| $Date: 2008-06-13 20:20:22 $
| $Author: e107steved $
| $Revision: 1.6 $
| $Date: 2008-12-10 16:37:17 $
| $Author: mcfly_e107 $
+----------------------------------------------------------------------------+
*/

212
usersettings.php
View File

@@ -11,9 +11,9 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/usersettings.php,v $
| $Revision: 1.26 $
| $Date: 2008-10-19 21:13:58 $
| $Author: e107steved $
| $Revision: 1.27 $
| $Date: 2008-12-10 16:37:17 $
| $Author: mcfly_e107 $
+----------------------------------------------------------------------------+
Notes:
@@ -24,50 +24,50 @@ Admin log events:
*/
require_once("class2.php");
require_once(e_HANDLER."ren_help.php");
require_once(e_HANDLER."user_extended_class.php");
require_once(e_HANDLER."user_handler.php");
require_once ('class2.php');
require_once (e_HANDLER.'ren_help.php');
require_once (e_HANDLER.'user_extended_class.php');
require_once (e_HANDLER.'user_handler.php');
$ue = new e107_user_extended;
$user_info = new UserHandler;
//define("US_DEBUG",TRUE);
define("US_DEBUG",FALSE);
define('US_DEBUG', false);
if (!USER)
{ // Must be logged in to change settings
header("location:".e_BASE."index.php");
header('location:'.e_BASE.'index.php');
exit;
}
if (!ADMIN && e_QUERY && e_QUERY != "update")
if (!ADMIN && e_QUERY && e_QUERY != 'update')
{
header("location:".e_BASE."usersettings.php");
header('location:'.e_BASE.'usersettings.php');
exit;
}
require_once(e_HANDLER."ren_help.php");
require_once (e_HANDLER.'ren_help.php');
if(is_readable(THEME."usersettings_template.php"))
if (is_readable(THEME.'usersettings_template.php'))
{
include_once(THEME."usersettings_template.php");
include_once (THEME.'usersettings_template.php');
}
else
{
include_once(e_THEME."templates/usersettings_template.php");
include_once (e_THEME.'templates/usersettings_template.php');
}
include_once(e_FILE."shortcode/batch/usersettings_shortcodes.php");
include_once (e_FILE.'shortcode/batch/usersettings_shortcodes.php');
require_once(e_HANDLER."calendar/calendar_class.php");
require_once (e_HANDLER.'calendar/calendar_class.php');
$cal = new DHTML_Calendar(true);
$_uid = is_numeric(e_QUERY) ? intval(e_QUERY) : "";
$_uid = is_numeric(e_QUERY) ? intval(e_QUERY) : '';
$sesschange = ''; // Notice removal
$photo_to_delete = '';
$avatar_to_delete = '';
$changed_user_data = array();
$ue_fields = '';
$promptPassword = FALSE;
$promptPassword = false;
require_once (HEADERF);
@@ -76,7 +76,7 @@ require_once(HEADERF);
function addCommonClasses($udata)
{
$tmp = array();
if ($udata['user_class'] != "") $tmp = explode(",", $udata['user_class']);
if ($udata['user_class'] != '') $tmp = explode(',', $udata['user_class']);
$tmp[] = e_UC_MEMBER;
$tmp[] = e_UC_READONLY;
$tmp[] = e_UC_PUBLIC;
@@ -94,7 +94,7 @@ function addCommonClasses($udata)
// Save user settings (changes only)
//-----------------------------------
$error = "";
$error = '';
if (isset($_POST['updatesettings']) || isset($_POST['SaveValidatedInfo']))
{
@@ -102,7 +102,7 @@ if (isset($_POST['updatesettings']) || isset($_POST['SaveValidatedInfo']))
if ($_uid && ADMIN)
{ // Admin logged in and editing another user's settings - so editing a different ID
$inp = $_uid;
$remflag = TRUE;
$remflag = true;
}
else
{ // Current user logged in - use their ID
@@ -130,15 +130,26 @@ if (isset($_POST['updatesettings']))
$_POST['password2'] = '';
}
if ($_POST['image'] == '' && $udata['user_image'])
{
$changed_user_data['user_image'] = '';
}
// Check external avatar
if ($_POST['image'])
{
$_POST['image'] = str_replace(array('\'', '"', '(', ')'), '', $_POST['image']); // these are invalid anyway, so why allow them? (XSS Fix)
if ($size = getimagesize($_POST['image']))
$img = str_replace(array('\'', '"', '(', ')'), '', $_POST['image']); // these are invalid anyway, so why allow them? (XSS Fix)
if (preg_match('#[0-9\._]#', $_POST['image']))
{
$img = e_IMAGE.'avatars/'.$_POST['image'];
}
if ($size = getimagesize($img))
{
$avwidth = $size[0];
$avheight = $size[1];
$avmsg = "";
$avmsg = '';
$pref['im_width'] = varsettrue($pref['im_width'], 120);
$pref['im_height'] = varsettrue($pref['im_height'], 100);
@@ -152,7 +163,7 @@ if (isset($_POST['updatesettings']))
}
if ($avmsg)
{
$_POST['image'] = "";
$_POST['image'] = '';
$error = $avmsg;
}
else
@@ -164,13 +175,12 @@ if (isset($_POST['updatesettings']))
}
}
else
{ // Invalid image file - we could just put up a message
{
// Invalid image file - we could just put up a message
}
}
// The 'class' option doesn't really make sense to me, but left it for now
// $signup_option_title = array(LAN_308, LAN_120, LAN_121, LAN_USET_19);
// $signup_option_names = array("realname", "signature", "image", "timezone");
@@ -186,7 +196,6 @@ if (isset($_POST['updatesettings']))
}
// Login Name checks - only admin can change login name
if (isset($_POST['loginname']) && ADMIN && getperms("4"))
{ // Only check if its been edited
@@ -209,9 +218,14 @@ if (isset($_POST['updatesettings']))
unset($loginname);
}
}
if (isset($loginname)) $_POST['loginname'] = $loginname; else unset($_POST['loginname']); // Make sure no chance of the $_POST value staying set inappropriately
if (isset($loginname))
{
$_POST['loginname'] = $loginname;
}
else
{
unset($_POST['loginname']); // Make sure no chance of the $_POST value staying set inappropriately
}
// Display name checks
// If display name == login name, it has to meet the criteria for both login name and display name
@@ -230,8 +244,6 @@ if (isset($_POST['updatesettings']))
if (varsettrue($loginname)) $username = $loginname;
}
if (varsettrue($username))
{
// Impose a minimum length on display name
@@ -257,16 +269,15 @@ if (isset($_POST['updatesettings']))
}
// Display Name exists.
if ($sql->db_Count("user", "(*)", "WHERE `user_name`='".$username."' AND `user_id` != '".intval($inp)."' "))
if ($sql->db_Count('user', '(*)', "WHERE `user_name`='".$username."' AND `user_id` != ".(int)$inp))
{
$error .= LAN_USET_17;
}
if ($username != $udata['user_name']) $changed_user_data['user_name'] = $username;
if ($username != $udata['user_name']) { $changed_user_data['user_name'] = $username; }
unset($username);
}
// Password checks
$new_pass = '';
if ($_POST['password1'] != $_POST['password2'])
@@ -296,20 +307,19 @@ if (isset($_POST['updatesettings']))
}
// Check for duplicate of email address
if ($sql->db_Select("user", "user_name, user_email", "user_email='".$tp -> toDB($_POST['email'])."' AND user_id !='".intval($inp)."' "))
if ($sql->db_Select('user', 'user_name, user_email', "user_email='".$tp->toDB($_POST['email'])."' AND user_id !=".(int)$inp))
{
$error .= LAN_408."\\n";
}
// Uploaded avatar and/or photo
if ($file_userfile['error'] != 4)
{
require_once(e_HANDLER."upload_handler.php");
require_once(e_HANDLER."resize_handler.php");
require_once (e_HANDLER.'upload_handler.php');
require_once (e_HANDLER.'resize_handler.php');
if ($uploaded = file_upload(e_FILE."public/avatars/", "avatar=".$udata['user_id']))
if ($uploaded = file_upload(e_FILE.'public/avatars/', 'avatar='.$udata['user_id']))
{
foreach ($uploaded as $upload)
{ // Needs the latest upload handler (with legacy and 'future' interfaces) to work
@@ -328,7 +338,7 @@ if (isset($_POST['updatesettings']))
{
unset($message);
$error .= RESIZE_NOT_SUPPORTED."\\n";
@unlink(e_FILE."public/avatars/".$upload['name']);
@unlink(e_FILE.'public/avatars/'.$upload['name']);
$_POST['image'] = '';
unset($changed_user_data['user_image']);
}
@@ -343,11 +353,11 @@ if (isset($_POST['updatesettings']))
$changed_user_data['user_sess'] = $upload['name'];
}
if (!resize_image(e_FILE."public/avatars/".$upload['name'], e_FILE."public/avatars/".$upload['name'], 180))
if (!resize_image(e_FILE.'public/avatars/'.$upload['name'], e_FILE.'public/avatars/'.$upload['name'], 180))
{
unset($message);
$error .= RESIZE_NOT_SUPPORTED."\\n";
@unlink(e_FILE."public/avatars/".$upload['name']);
@unlink(e_FILE.'public/avatars/'.$upload['name']);
unset($changed_user_data['user_sess']);
}
}
@@ -364,8 +374,6 @@ if (isset($_POST['updatesettings']))
}
// Validate Extended User Fields.
if ($_POST['ue'])
{
@@ -373,7 +381,7 @@ if (isset($_POST['updatesettings']))
{
while ($row = $sql->db_Fetch())
{
$extList["user_".$row['user_extended_struct_name']] = $row;
$extList['user_'.$row['user_extended_struct_name']] = $row;
}
}
@@ -382,14 +390,13 @@ if (isset($_POST['updatesettings']))
if (isset($extList[$key]))
{ // Only allow valid keys
$err = $ue->user_extended_validate_entry($val, $extList[$key]);
if($err === TRUE && !$_uid)
if ($err === true && !$_uid)
{ // General error - usually empty field; could be unacceptable value, or regex fail and no error message defined
$error .= LAN_SIGNUP_6.($tp->toHtml($extList[$key]['user_extended_struct_text'],FALSE,"defs"))." ".LAN_SIGNUP_7."\\n";
}
elseif ($err)
$error .= LAN_SIGNUP_6.($tp->toHtml($extList[$key]['user_extended_struct_text'], false, "defs"))." ".LAN_SIGNUP_7."\\n";
} elseif ($err)
{ // Specific error message returned - usually regex fail
$error .= $err."\\n";
$err = TRUE;
$err = true;
}
if (!$err)
{
@@ -413,8 +420,6 @@ if (isset($_POST['updatesettings']))
if (!$error)
{
$_POST['user_id'] = intval($inp);
$ret = $e_event->trigger("preuserset", $_POST);
if ($ret == '')
@@ -422,9 +427,11 @@ if (isset($_POST['updatesettings']))
if (isset($_POST['customtitle']) && ($pref['signup_option_customtitle']))
{
$new_customtitle = $tp->toDB($_POST['customtitle']);
if ($new_customtitle != $udata['user_customtitle']) $changed_user_data['user_customtitle'] = $new_customtitle;
if ($new_customtitle != $udata['user_customtitle'])
{
$changed_user_data['user_customtitle'] = $new_customtitle;
}
}
// Extended fields - handle any hidden fields
if ($ue_fields)
@@ -439,16 +446,10 @@ if (isset($_POST['updatesettings']))
// Handle fields which are just transferred without vetting (but are subject to toDB() for exploit restriction)
$copy_list = array('user_signature' => 'signature',
'user_login' => 'realname',
'user_email' => 'email',
'user_hideemail' =>'hideemail',
'user_xup' => 'user_xup');
$copy_list = array('user_signature' => 'signature', 'user_login' => 'realname', 'user_email' => 'email', 'user_hideemail' => 'hideemail', 'user_xup' => 'user_xup');
// Next list identifies numerics which might take a value of 0
$non_text_list = array(
'user_hideemail' =>'hideemail'
);
$non_text_list = array('user_hideemail' => 'hideemail');
foreach ($copy_list as $k => $v)
{
if (isset($_POST[$v]) && (trim($_POST[$v]) || isset($non_text_list[$k])))
@@ -466,11 +467,17 @@ if (isset($_POST['updatesettings']))
// Update Userclass - only if its the user changing their own data (admins can do it another way)
if (!$_uid)
{
if (!is_object($e_userclass)) $e_userclass = new user_class;
if (!is_object($e_userclass))
{
$e_userclass = new user_class;
}
$ucList = explode(',', $e_userclass->get_editable_classes()); // List of classes which this user can edit
if (count($ucList))
{
if (US_DEBUG) $admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Usersettings test","Read editable list. Current user classes: ".$udata['user_class'],FALSE,LOG_TO_ROLLING);
if (US_DEBUG)
{
$admin_log->e_log_event(10, debug_backtrace(), "DEBUG", "Usersettings test", "Read editable list. Current user classes: ".$udata['user_class'], false, LOG_TO_ROLLING);
}
$cur_classes = explode(",", $udata['user_class']); // Current class membership
$newclist = array_flip($cur_classes); // Array keys are now the class IDs
@@ -492,16 +499,17 @@ if (isset($_POST['updatesettings']))
// echo "Userclass data - new: {$nid}, old: {$udata['user_class']}<br />";
if ($nid != $udata['user_class'])
{
if (US_DEBUG) $admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Usersettings test","Write back classes; old list: {$udata['user_class']}; new list: ".$nid,FALSE,LOG_TO_ROLLING);
if (US_DEBUG)
{
$admin_log->e_log_event(10, debug_backtrace(), "DEBUG", "Usersettings test", "Write back classes; old list: {$udata['user_class']}; new list: ".$nid, false, LOG_TO_ROLLING);
}
$changed_user_data['user_class'] = $nid;
}
}
}
// Only admins can update login name - do this just in case one of the event triggers has mucked it about
if (!(ADMIN && getperms("4")))
if (!(ADMIN && getperms('4')))
{
unset($changed_user_data['user_loginname']);
}
@@ -534,7 +542,8 @@ elseif (isset($_POST['SaveValidatedInfo']))
}
}
if ($user_info->CheckPassword($_POST['currentpassword'],$udata['user_loginname'], $udata['user_password']) === FALSE) // Use old data to validate
if ($user_info->CheckPassword($_POST['currentpassword'], $udata['user_loginname'], $udata['user_password']) === false) // Use old data to validate
{ // Invalid password
echo "<br />".LAN_USET_22."<br />";
require_once (FOOTERF);
@@ -560,7 +569,7 @@ if (!$error && (count($changed_user_data) || $new_pass))
{
if (empty($loginname)) $loginname = $udata['user_loginname'];
$email = $changed_user_data['user_email'] ? $changed_user_data['user_email'] : $udata['user_email'];
$changed_user_data['user_password'] = $sql->escape($user_info->HashPassword($new_pass, $loginname), FALSE);
$changed_user_data['user_password'] = $sql->escape($user_info->HashPassword($new_pass, $loginname), false);
if (varsettrue($pref['allowEmailLogin']))
{
$user_prefs = unserialize($udata['user_prefs']);
@@ -570,8 +579,7 @@ if (!$error && (count($changed_user_data) || $new_pass))
}
else
{
if ((isset($changed_user_data['user_loginname']) && $user_info->isPasswordRequired('user_loginname'))
|| (isset($changed_user_data['user_email']) && $user_info->isPasswordRequired('user_email')))
if ((isset($changed_user_data['user_loginname']) && $user_info->isPasswordRequired('user_loginname')) || (isset($changed_user_data['user_email']) && $user_info->isPasswordRequired('user_email')))
{
if ($_uid)
{ // Admin is changing it
@@ -579,7 +587,7 @@ if (!$error && (count($changed_user_data) || $new_pass))
}
else
{ // User is changing their own info
$promptPassword = TRUE;
$promptPassword = true;
}
}
}
@@ -588,7 +596,7 @@ if (!$error && (count($changed_user_data) || $new_pass))
if ((!$error && !$promptPassword) && (count($changed_user_data) || $ue_fields))
{
// We can update the basic user record now - can just update fields from $changed_user_data
if (US_DEBUG) $admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Usersettings test","Changed data:<br> ".var_export($changed_user_data,TRUE),FALSE,LOG_TO_ROLLING);
if (US_DEBUG) { $admin_log->e_log_event(10, debug_backtrace(), "DEBUG", "Usersettings test", "Changed data:<br> ".var_export($changed_user_data, true), false, LOG_TO_ROLLING); }
$sql->db_UpdateArray("user", $changed_user_data, " WHERE user_id='".intval($inp)."' ");
// Now see if we need to log anything. First check the options and class membership
@@ -600,11 +608,11 @@ if ((!$error && !$promptPassword) && (count($changed_user_data) || $ue_fields))
{ // Its an admin changing someone elses data - make an admin log entry here
$admin_log->log_event('USET_01', "UID: {$udata['user_id']}. UName: {$udata['user_name']}", E_LOG_INFORMATIVE);
// Check against the class of the target user, not the admin!
if (!check_class(varset($pref['user_audit_class'],''),$udata['user_class'])) $user_logging_opts = array();
if (!check_class(varset($pref['user_audit_class'], ''), $udata['user_class'])) { $user_logging_opts = array(); }
}
else
{
if (!check_class(varset($pref['user_audit_class'],''))) $user_logging_opts = array();
if (!check_class(varset($pref['user_audit_class'], ''))) { $user_logging_opts = array(); }
}
// Now log changes if required
@@ -659,7 +667,7 @@ if ((!$error && !$promptPassword) && (count($changed_user_data) || $ue_fields))
}
else
{
if (count($do_log) > 1) $log_action = USER_AUDIT_NEW_SET; // Log multiple entries to one record
if (count($do_log) > 1) { $log_action = USER_AUDIT_NEW_SET; } // Log multiple entries to one record
$admin_log->user_audit($log_action, $do_log);
}
}
@@ -680,7 +688,7 @@ if ((!$error && !$promptPassword) && (count($changed_user_data) || $ue_fields))
// If user has changed display name, update the record in the online table
if (isset($changed_user_data['user_name']) && !$_uid)
{
$sql->db_Update("online", "online_user_id = '".USERID.".".$changed_user_data['user_name']."' WHERE online_user_id = '".USERID.".".USERNAME."'");
$sql->db_Update('online', "online_user_id = '".USERID.".".$changed_user_data['user_name']."' WHERE online_user_id = '".USERID.".".USERNAME."'");
}
@@ -689,7 +697,7 @@ if ((!$error && !$promptPassword) && (count($changed_user_data) || $ue_fields))
{
// ***** Next line creates a record which presumably should be there anyway, so could generate an error
$sql->db_Select_gen("INSERT INTO #user_extended (user_extended_id, user_hidden_fields) values ('".intval($inp)."', '')");
$sql->db_Update("user_extended", $ue_fields." WHERE user_extended_id = '".intval($inp)."'");
$sql->db_Update('user_extended', $ue_fields." WHERE user_extended_id = ".intval($inp));
}
@@ -701,33 +709,29 @@ if ((!$error && !$promptPassword) && (count($changed_user_data) || $ue_fields))
}
$e_event->trigger("postuserset", $_POST);
$e_event->trigger('postuserset', $_POST);
if(e_QUERY == "update")
if (e_QUERY == 'update')
{
header("Location: index.php");
header('Location: index.php');
}
$message = "<div style='text-align:center'>".LAN_150."</div>";
$message = "<div style='text-align:center'>".LAN_150.'</div>';
$caption = LAN_151;
} // End - if (!$error)...
if (!$error && !$promptPassword) unset($_POST);
if (!$error && !$promptPassword) { unset($_POST); }
if ($error)
{
require_once(e_HANDLER."message_handler.php");
message_handler("P_ALERT", $error);
require_once (e_HANDLER.'message_handler.php');
message_handler('P_ALERT', $error);
$adref = $_POST['adminreturn'];
}
// --- User data has been updated here if appropriate ---
if (isset($message))
@@ -736,10 +740,7 @@ if(isset($message))
}
$uuid = ($_uid) ? $_uid : USERID; // If $_uid is set, its an admin changing another user's data
$uuid = ($_uid ? $_uid : USERID); // If $_uid is set, its an admin changing another user's data
if ($promptPassword)
@@ -780,7 +781,6 @@ if ($promptPassword)
}
//--------------------------------------------------------
// Re-read the user data into curVal (ready for display)
//--------------------------------------------------------
@@ -801,7 +801,7 @@ if($_POST)
// (Password fields have intentionally been cleared). If no error, there's an unset($_POST) to disable this block
foreach ($_POST as $key => $val)
{
$curVal["user_".$key] = $val;
$curVal['user_'.$key] = $val;
}
foreach ($_POST['ue'] as $key => $val)
{
@@ -819,7 +819,7 @@ if(e_QUERY == "update")
$text .= "<div class='fborder' style='text-align:center'><br />".str_replace("*", "<span style='color:red'>*</span>", LAN_USET_9)."<br />".LAN_USET_10."<br /><br /></div>";
}
$text .= $tp->parseTemplate($USERSETTINGS_EDIT, TRUE, $usersettings_shortcodes);
$text .= $tp->parseTemplate($USERSETTINGS_EDIT, true, $usersettings_shortcodes);
$text .= "<div>";
$text .= "
@@ -848,24 +848,22 @@ function req($field)
}
// Delete a file from the public directories. Return TRUE on success, FALSE on failure.
// Also deletes from database if appropriate.
function delete_file($fname, $dir = 'avatars/')
{
global $sql;
if (!$fname) return FALSE;
if (!$fname) return false;
if (preg_match("#Binary (.*?)/#", $fname, $match))
{
return $sql->db_Delete("rbinary", "binary_id='".$tp->toDB($match[1])."'");
}
elseif (file_exists(e_FILE."public/".$dir.$fname))
} elseif (file_exists(e_FILE."public/".$dir.$fname))
{
unlink(e_FILE."public/".$dir.$fname);
return TRUE;
return true;
}
return FALSE;
return false;
}