diff --git a/protected/humhub/components/Controller.php b/protected/humhub/components/Controller.php
index d9018e8000..5de7b7e557 100644
--- a/protected/humhub/components/Controller.php
+++ b/protected/humhub/components/Controller.php
@@ -24,7 +24,7 @@ class Controller extends \yii\web\Controller
     /**
      * @event \yii\base\Event an event raised on init a controller.
      */
-    const EVENT_INIT = 'create';
+    const EVENT_INIT = 'init';
 
     /**
      * @var null|string the name of the sub layout to be applied to this controller's views.
diff --git a/protected/humhub/docs/CHANGELOG.md b/protected/humhub/docs/CHANGELOG.md
index 8b8480c1fa..a8f1ab068a 100644
--- a/protected/humhub/docs/CHANGELOG.md
+++ b/protected/humhub/docs/CHANGELOG.md
@@ -76,6 +76,7 @@ HumHub Change Log
 - Fix: Console image converter memory limit allocation
 - Enh: Added new controller init event
 - Enh: Made admin base controller method "getAccessRules()" non static
+- Enh: Created new ImageController for user image and banner handling
 
 1.2.0-beta.2 (February 24, 2017)
 --------------------------------
diff --git a/protected/humhub/models/forms/CropProfileImage.php b/protected/humhub/models/forms/CropProfileImage.php
index 3dbeae08c0..3286c6b1e7 100644
--- a/protected/humhub/models/forms/CropProfileImage.php
+++ b/protected/humhub/models/forms/CropProfileImage.php
@@ -1,26 +1,13 @@
 <?php
 
 /**
- * HumHub
- * Copyright © 2014 The HumHub Project
- *
- * The texts of the GNU Affero General Public License with an additional
- * permission and of our proprietary license can be found at and
- * in the LICENSE file you have received along with this program.
- *
- * According to our dual licensing model, this program can be used either
- * under the terms of the GNU Affero General Public License, version 3,
- * or under a proprietary license.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
+ * @link https://www.humhub.org/
+ * @copyright Copyright (c) 2017 HumHub GmbH & Co. KG
+ * @license https://www.humhub.com/licences
  */
 
 namespace humhub\models\forms;
 
-
 use yii\base\Model;
 
 /**
@@ -54,6 +41,16 @@ class CropProfileImage extends Model
      */
     public $cropH;
 
+    /**
+     * @var int image ratio
+     */
+    public $aspectRatio = 1;
+
+    /**
+     * @var array crop default position
+     */
+    public $cropSetSelect = [0, 0, 100, 100];
+
     /**
      * Declares the validation rules.
      *
diff --git a/protected/humhub/modules/user/components/BaseAccountController.php b/protected/humhub/modules/user/components/BaseAccountController.php
index 478ee1cb7a..8215a1d8af 100644
--- a/protected/humhub/modules/user/components/BaseAccountController.php
+++ b/protected/humhub/modules/user/components/BaseAccountController.php
@@ -20,13 +20,25 @@ use humhub\components\behaviors\AccessControl;
 class BaseAccountController extends \humhub\components\Controller
 {
 
+    /**
+     * @inheritdoc
+     */
     public $subLayout = "@humhub/modules/user/views/account/_layout";
 
-    public function init() {
+    /**
+     * @var \humhub\modules\user\models\User the user
+     */
+    public $user;
+
+    /**
+     * @inheritdoc
+     */
+    public function init()
+    {
         $this->appendPageTitle(\Yii::t('UserModule.base', 'My Account'));
         return parent::init();
     }
-    
+
     /**
      * @inheritdoc
      */
@@ -46,7 +58,11 @@ class BaseAccountController extends \humhub\components\Controller
      */
     public function getUser()
     {
-        return Yii::$app->user->getIdentity();
+        if ($this->user === null) {
+            $this->user = Yii::$app->user->getIdentity();
+        }
+
+        return $this->user;
     }
 
 }
diff --git a/protected/humhub/modules/user/controllers/AccountController.php b/protected/humhub/modules/user/controllers/AccountController.php
index d3b08db204..9b91d2347b 100644
--- a/protected/humhub/modules/user/controllers/AccountController.php
+++ b/protected/humhub/modules/user/controllers/AccountController.php
@@ -13,6 +13,8 @@ use yii\web\HttpException;
 use humhub\modules\user\components\BaseAccountController;
 use humhub\modules\user\models\User;
 use humhub\modules\notification\models\forms\NotificationSettings;
+use humhub\modules\user\controllers\ImageController;
+
 /**
  * AccountController provides all standard actions for the current logged in
  * user account.
@@ -23,6 +25,9 @@ use humhub\modules\notification\models\forms\NotificationSettings;
 class AccountController extends BaseAccountController
 {
 
+    /**
+     * @inheritdoc
+     */
     public function init()
     {
         $this->setActionTitles([
@@ -213,7 +218,7 @@ class AccountController extends BaseAccountController
         if (!$user->isModuleEnabled($moduleId)) {
             $user->enableModule($moduleId);
         }
-        
+
         if (!Yii::$app->request->isAjax) {
             return $this->redirect(['/user/account/edit-modules']);
         } else {
@@ -233,7 +238,7 @@ class AccountController extends BaseAccountController
             $user->disableModule($moduleId);
         }
 
-         if (!Yii::$app->request->isAjax) {
+        if (!Yii::$app->request->isAjax) {
             return $this->redirect(['/user/account/edit-modules']);
         } else {
             Yii::$app->response->format = 'json';
@@ -366,129 +371,57 @@ class AccountController extends BaseAccountController
 
     /**
      * Crops the banner image of the user
+     * @deprecated since version 1.2
      */
-    public function actionCropBannerImage()
+    public function actionCropBannerImageXX()
     {
-        $model = new \humhub\models\forms\CropProfileImage();
-        $profileImage = new \humhub\libs\ProfileBannerImage($this->getUser()->guid);
-
-        if ($model->load(Yii::$app->request->post()) && $model->validate()) {
-            $profileImage->cropOriginal($model->cropX, $model->cropY, $model->cropH, $model->cropW);
-            return $this->htmlRedirect($this->getUser()->getUrl());
-        }
-
-        return $this->renderAjax('cropBannerImage', ['model' => $model, 'profileImage' => $profileImage, 'user' => $this->getUser()]);
+        return Yii::$app->runAction('/user/image/crop', ['type' => ImageController::TYPE_PROFILE_BANNER_IMAGE]);
     }
 
     /**
      * Handle the banner image upload
+     * 
+     * @deprecated since version 1.2
      */
-    public function actionBannerImageUpload()
+    public function actionBannerImageUploadXX()
     {
-        \Yii::$app->response->format = 'json';
-
-        $model = new \humhub\models\forms\UploadProfileImage();
-        $json = array();
-
-        $files = \yii\web\UploadedFile::getInstancesByName('bannerfiles');
-        $file = $files[0];
-        $model->image = $file;
-
-        if ($model->validate()) {
-            $profileImage = new \humhub\libs\ProfileBannerImage($this->getUser()->guid);
-            $profileImage->setNew($model->image);
-
-            $json['error'] = false;
-            $json['name'] = "";
-            $json['url'] = $profileImage->getUrl();
-            $json['size'] = $model->image->size;
-            $json['deleteUrl'] = "";
-            $json['deleteType'] = "";
-        } else {
-            $json['error'] = true;
-            $json['errors'] = $model->getErrors();
+        // Ensure view file backward compatibility prior 1.2
+        if (isset($_FILES['bannerfiles'])) {
+            $_FILES['images'] = $_FILES['bannerfiles'];
         }
-
-        return ['files' => $json];
+        return Yii::$app->runAction('/user/image/upload', ['type' => ImageController::TYPE_PROFILE_BANNER_IMAGE]);
     }
 
     /**
      * Handle the profile image upload
+     * 
+     * @deprecated since version 1.2
      */
-    public function actionProfileImageUpload()
+    public function actionProfileImageUploadXX()
     {
-        \Yii::$app->response->format = 'json';
-
-        $model = new \humhub\models\forms\UploadProfileImage();
-
-        $json = array();
-
-        $files = \yii\web\UploadedFile::getInstancesByName('profilefiles');
-        $file = $files[0];
-        $model->image = $file;
-
-        if ($model->validate()) {
-
-            $json['error'] = false;
-
-            $profileImage = new \humhub\libs\ProfileImage($this->getUser()->guid);
-            $profileImage->setNew($model->image);
-
-            $json['name'] = "";
-            $json['url'] = $profileImage->getUrl();
-            $json['size'] = $model->image->size;
-            $json['deleteUrl'] = "";
-            $json['deleteType'] = "";
-        } else {
-            $json['error'] = true;
-            $json['errors'] = $model->getErrors();
+        // Ensure view file backward compatibility prior 1.2
+        if (isset($_FILES['profilefiles'])) {
+            $_FILES['images'] = $_FILES['profilefiles'];
         }
-
-        return array('files' => $json);
+        return Yii::$app->runAction('/user/image/upload', ['type' => ImageController::TYPE_PROFILE_IMAGE]);
     }
 
     /**
      * Crops the profile image of the user
+     * @deprecated since version 1.2
      */
-    public function actionCropProfileImage()
+    public function actionCropProfileImageXX()
     {
-        $model = new \humhub\models\forms\CropProfileImage();
-        $profileImage = new \humhub\libs\ProfileImage($this->getUser()->guid);
-
-        if ($model->load(Yii::$app->request->post()) && $model->validate()) {
-            $profileImage->cropOriginal($model->cropX, $model->cropY, $model->cropH, $model->cropW);
-            return $this->htmlRedirect($this->getUser()->getUrl());
-        }
-
-        return $this->renderAjax('cropProfileImage', array('model' => $model, 'profileImage' => $profileImage, 'user' => $this->getUser()));
+        return Yii::$app->runAction('/user/image/crop', ['type' => ImageController::TYPE_PROFILE_IMAGE]);
     }
 
     /**
      * Deletes the profile image or profile banner
+     * @deprecated since version 1.2
      */
-    public function actionDeleteProfileImage()
+    public function actionDeleteProfileImageXX()
     {
-        \Yii::$app->response->format = 'json';
-
-        $this->forcePostRequest();
-
-        $type = Yii::$app->request->get('type', 'profile');
-
-        $json = array('type' => $type);
-
-        $image = null;
-        if ($type == 'profile') {
-            $image = new \humhub\libs\ProfileImage($this->getUser()->guid);
-        } elseif ($type == 'banner') {
-            $image = new \humhub\libs\ProfileBannerImage($this->getUser()->guid);
-        }
-
-        if ($image) {
-            $image->delete();
-            $json['defaultUrl'] = $image->getUrl();
-        }
-
-        return $json;
+        return Yii::$app->runAction('/user/image/delete', ['type' => (Yii::$app->request->get('type', 'profile') == 'profile') ? ImageController::TYPE_PROFILE_IMAGE : ImageController::TYPE_PROFILE_BANNER_IMAGE]);
     }
 
     /**
diff --git a/protected/humhub/modules/user/controllers/ImageController.php b/protected/humhub/modules/user/controllers/ImageController.php
new file mode 100644
index 0000000000..36e30d9917
--- /dev/null
+++ b/protected/humhub/modules/user/controllers/ImageController.php
@@ -0,0 +1,198 @@
+<?php
+
+/**
+ * @link https://www.humhub.org/
+ * @copyright Copyright (c) 2017 HumHub GmbH & Co. KG
+ * @license https://www.humhub.com/licences
+ */
+
+namespace humhub\modules\user\controllers;
+
+use Yii;
+use yii\web\HttpException;
+use humhub\models\forms\CropProfileImage;
+use humhub\modules\user\models\User;
+use humhub\models\forms\UploadProfileImage;
+use humhub\libs\ProfileImage;
+use humhub\libs\ProfileBannerImage;
+use yii\web\UploadedFile;
+use humhub\modules\user\components\BaseAccountController;
+
+/**
+ * ImageController handles user profile or user banner image modifications
+ * 
+ * @since 1.2
+ * @author Luke
+ */
+class ImageController extends BaseAccountController
+{
+
+    const TYPE_PROFILE_IMAGE = 'image';
+    const TYPE_PROFILE_BANNER_IMAGE = 'banner';
+
+    /**
+     * @var boolean allow modification of profile image
+     * Note: this value may be changed via events (e.g. block auto synced images)
+     */
+    public $allowModifyProfileImage = false;
+
+    /**
+     * @var boolean allow modification of profile banner
+     * Note: this value may be changed via events (e.g. block auto synced images)
+     */
+    public $allowModifyProfileBanner = false;
+
+    /**
+     * @inheritdoc
+     */
+    public function init()
+    {
+        if (!Yii::$app->user->isGuest) {
+            if (Yii::$app->user->getIdentity()->isSystemAdmin() && Yii::$app->getModule('user')->adminCanChangeUserProfileImages) {
+                $this->allowModifyProfileBanner = true;
+                $this->allowModifyProfileImage = true;
+            } elseif (Yii::$app->user->getIdentity()->id == $this->getUser()->id) {
+                $this->allowModifyProfileBanner = true;
+                $this->allowModifyProfileImage = true;
+            }
+        }
+
+        // Make sure to execute this on the end of initialization, to allow events
+        // to modify the attributes (e.g. allowModifyProfileImage)
+        parent::init();
+    }
+
+    /**
+     * Uploads a new image
+     * 
+     * @param string $type
+     * @return \yii\web\Response the response
+     */
+    public function actionUpload($type)
+    {
+        $model = new UploadProfileImage();
+
+        $files = UploadedFile::getInstancesByName('images');
+        if (isset($files[0])) {
+            $model->image = $files[0];
+        }
+
+        if (!$model->validate()) {
+            return $this->asJson(['files' => [
+                            'error' => true,
+                            'errors' => $model->getErrors()
+            ]]);
+        }
+
+        $image = $this->getProfileImage($type);
+        $image->setNew($model->image);
+
+        return $this->asJson(['files' => [
+                        'name' => '',
+                        'deleteUrl' => '',
+                        'deleteType' => '',
+                        'size' => $model->image->size,
+                        'url' => $image->getUrl(),
+        ]]);
+    }
+
+    /**
+     * Crops a image
+     * 
+     * @param string $type
+     * @return \yii\web\Response the response
+     */
+    public function actionCrop($type)
+    {
+        $model = new CropProfileImage();
+
+        if ($type == static::TYPE_PROFILE_IMAGE) {
+            $title = Yii::t('UserModule.account', '<strong>Modify</strong> your profile image');
+        } elseif ($type == static::TYPE_PROFILE_BANNER_IMAGE) {
+            $title = Yii::t('UserModule.account', '<strong>Modify</strong> your title image');
+            $model->aspectRatio = '6.3';
+            $model->cropSetSelect = [0, 0, 267, 48];
+        }
+
+        $image = $this->getProfileImage($type);
+        if ($model->load(Yii::$app->request->post()) && $model->validate()) {
+            $image->cropOriginal($model->cropX, $model->cropY, $model->cropH, $model->cropW);
+            return $this->htmlRedirect($this->getUser()->getUrl());
+        }
+
+        return $this->renderAjax('crop', [
+                    'model' => $model,
+                    'profileImage' => $image,
+                    'user' => $this->getUser(),
+                    'type' => $type,
+                    'title' => $title,
+        ]);
+    }
+
+    /**
+     * Delete an image
+     * 
+     * @param string $type
+     * @return \yii\web\Response the response
+     */
+    public function actionDelete($type)
+    {
+        Yii::$app->response->format = 'json';
+
+        $this->forcePostRequest();
+
+        $image = $this->getProfileImage($type);
+        $image->delete();
+
+        return $this->asJson([
+                    'type' => $type,
+                    'defaultUrl' => $image->getUrl()
+        ]);
+    }
+
+    /**
+     * Returns the Profile Image
+     * 
+     * @param string $type
+     * @return ProfileImage|ProfileBannerImage
+     * @throws HttpException
+     */
+    protected function getProfileImage($type)
+    {
+        if ($type == static::TYPE_PROFILE_IMAGE) {
+            if (!$this->allowModifyProfileImage) {
+                throw new HttpException(403, 'Access denied!');
+            }
+            return new ProfileImage($this->getUser()->guid);
+        } elseif ($type == static::TYPE_PROFILE_BANNER_IMAGE) {
+            if (!$this->allowModifyProfileBanner) {
+                throw new HttpException(403, 'Access denied!');
+            }
+            return new ProfileBannerImage($this->getUser()->guid);
+        } else {
+            throw new HttpException(400, 'Invalid image type given!');
+        }
+    }
+
+    /**
+     * Returns the current user of this account
+     *
+     * An administration can also pass a user id via GET parameter to change users
+     * accounts settings.
+     *
+     * @return User the user
+     */
+    public function getUser()
+    {
+        if ($this->user === null && Yii::$app->request->get('userGuid') != '' && Yii::$app->user->getIdentity()->isSystemAdmin()) {
+            $user = User::findOne(['guid' => Yii::$app->request->get('userGuid')]);
+            if ($user === null) {
+                throw new HttpException(404, 'Could not find user!');
+            }
+            $this->user = $user;
+        }
+
+        return parent::getUser();
+    }
+
+}
diff --git a/protected/humhub/modules/user/views/account/cropProfileImage.php b/protected/humhub/modules/user/views/account/cropProfileImage.php
deleted file mode 100644
index 5c3f62e7fb..0000000000
--- a/protected/humhub/modules/user/views/account/cropProfileImage.php
+++ /dev/null
@@ -1,88 +0,0 @@
-<?php
-
-use humhub\compat\CActiveForm;
-use yii\helpers\Url;
-?>
-
-<div class="modal-dialog modal-dialog-small animated fadeIn">
-    <div class="modal-content">
-        <?php $form = CActiveForm::begin(['id' => 'profile-crop-image-form']); ?>
-        <?php echo $form->errorSummary($model); ?>
-        <?php echo $form->hiddenField($model, 'cropX', ['id' => 'cropX']); ?>
-        <?php echo $form->hiddenField($model, 'cropY', ['id' => 'cropY']); ?>
-        <?php echo $form->hiddenField($model, 'cropW', ['id' => 'cropW']); ?>
-        <?php echo $form->hiddenField($model, 'cropH', ['id' => 'cropH']); ?>
-
-        <div class="modal-header">
-            <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
-            <h4 class="modal-title"
-                id="myModalLabel"><?php echo Yii::t('UserModule.views_profile_cropProfileImage', '<strong>Modify</strong> your profile image'); ?></h4>
-        </div>
-        <div class="modal-body">
-
-            <style>
-                /* Dirty Workaround against bootstrap and jcrop */
-                img {
-                    max-width: none;
-                }
-
-                .jcrop-keymgr {
-                    display: none !important;
-                }
-
-            </style>
-
-            <div id="cropimage">
-                <?php
-                echo \yii\helpers\Html::img($profileImage->getUrl('_org'), ['id' => 'foobar']);
-
-                echo raoul2000\jcrop\JCropWidget::widget([
-                    'selector' => '#foobar',
-                    'pluginOptions' => [
-                        'aspectRatio' => 1,
-                        'minSize' => [50, 50],
-                        //'maxSize' => [200, 200],
-                        'setSelect' => [0, 0, 100, 100],
-                        'bgColor' => 'black',
-                        'bgOpacity' => '0.5',
-                        'boxWidth' => '440',
-                        'onChange' => new yii\web\JsExpression('function(c){ $("#cropX").val(c.x);$("#cropY").val(c.y);$("#cropW").val(c.w);$("#cropH").val(c.h); }')
-                    ]
-                ]);
-                ?>
-            </div>
-        </div>
-        <div class="modal-footer">
-
-            <?php
-            echo \humhub\widgets\AjaxButton::widget([
-                'label' => Yii::t('UserModule.views_profile_cropProfileImage', 'Save'),
-                'ajaxOptions' => [
-                    'type' => 'POST',
-                    'id' => 'blabla',
-                    'beforeSend' => new yii\web\JsExpression('function(){ setModalLoader(); }'),
-                    'success' => new yii\web\JsExpression('function(html){ $("#globalModal").html(html); }'),
-                    'url' => Url::toRoute(['/user/account/crop-profile-image', 'userGuid' => $user->guid]),
-                ],
-                'htmlOptions' => [
-                    'class' => 'btn btn-primary'
-                ]
-            ]);
-            ?>
-
-            <button type="button" class="btn btn-primary"
-                    data-dismiss="modal"><?php echo Yii::t('UserModule.views_profile_cropProfileImage', 'Close'); ?></button>
-
-            <?php echo \humhub\widgets\LoaderWidget::widget(['id' => 'crop-loader', 'cssClass' => 'loader-modal hidden']); ?>
-        </div>
-
-        <?php echo \humhub\widgets\DataSaved::widget(); ?>
-        <?php CActiveForm::end(); ?>
-    </div>
-
-</div>
-
-
-
-
-
diff --git a/protected/humhub/modules/user/views/account/cropBannerImage.php b/protected/humhub/modules/user/views/image/crop.php
similarity index 86%
rename from protected/humhub/modules/user/views/account/cropBannerImage.php
rename to protected/humhub/modules/user/views/image/crop.php
index 8b9512698b..813c1b0afc 100644
--- a/protected/humhub/modules/user/views/account/cropBannerImage.php
+++ b/protected/humhub/modules/user/views/image/crop.php
@@ -14,19 +14,14 @@ use yii\helpers\Url;
         <div class="modal-header">
             <button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
             <h4 class="modal-title"
-                id="myModalLabel"><?php echo Yii::t('UserModule.views_profile_cropBannerImage', '<strong>Modify</strong> your title image'); ?></h4>
+                id="myModalLabel"><?= $title; ?></h4>
         </div>
         <div class="modal-body">
-
             <style>
                 /* Dirty Workaround against bootstrap and jcrop */
-
                 img {
                     max-width: none;
                 }
-
-
-
             </style>
 
             <div id="cropimage">
@@ -36,10 +31,9 @@ use yii\helpers\Url;
                 echo raoul2000\jcrop\JCropWidget::widget([
                     'selector' => '#foobar',
                     'pluginOptions' => [
-                        'aspectRatio' => '6.3',
+                        'aspectRatio' => $model->aspectRatio,
                         'minSize' => [50, 50],
-                        //'maxSize' => [200, 200],
-                        'setSelect' => [0, 0, 267, 48],
+                        'setSelect' => $model->cropSetSelect,
                         'bgColor' => 'black',
                         'boxWidth' => '440',
                         'bgOpacity' => '0.5',
@@ -59,7 +53,7 @@ use yii\helpers\Url;
                     'type' => 'POST',
                     'beforeSend' => new yii\web\JsExpression('function(){ setModalLoader(); }'),
                     'success' => new yii\web\JsExpression('function(html){ $("#globalModal").html(html); }'),
-                    'url' => Url::to(['/user/account/crop-banner-image', 'userGuid' => $user->guid]),
+                    'url' => Url::to(['/user/image/crop', 'userGuid' => $user->guid, 'type' => $type]),
                 ],
                 'htmlOptions' => [
                     'class' => 'btn btn-primary'
diff --git a/protected/humhub/modules/user/widgets/ProfileHeader.php b/protected/humhub/modules/user/widgets/ProfileHeader.php
index 58ce3f0bc3..25a56264f4 100644
--- a/protected/humhub/modules/user/widgets/ProfileHeader.php
+++ b/protected/humhub/modules/user/widgets/ProfileHeader.php
@@ -2,7 +2,7 @@
 
 /**
  * @link https://www.humhub.org/
- * @copyright Copyright (c) 2016 HumHub GmbH & Co. KG
+ * @copyright Copyright (c) 2017 HumHub GmbH & Co. KG
  * @license https://www.humhub.com/licences
  */
 
@@ -13,6 +13,7 @@ use humhub\modules\space\models\Space;
 use humhub\modules\user\models\User;
 use humhub\modules\space\models\Membership;
 use humhub\modules\friendship\models\Friendship;
+use humhub\modules\user\controllers\ImageController;
 
 /**
  * Displays the profile header of a user
@@ -45,13 +46,8 @@ class ProfileHeader extends \yii\base\Widget
             $this->user = $this->getController()->getUser();
         }
 
-        // Check if profile header can be edited
-        if (!Yii::$app->user->isGuest) {
-            if (Yii::$app->user->getIdentity()->isSystemAdmin() && Yii::$app->getModule('user')->adminCanChangeUserProfileImages) {
-                $this->isProfileOwner = true;
-            } elseif (Yii::$app->user->id == $this->user->id) {
-                $this->isProfileOwner = true;
-            }
+        if (!Yii::$app->user->isGuest && Yii::$app->user->id == $this->user->id) {
+            $this->isProfileOwner = true;
         }
 
         parent::init();
@@ -71,10 +67,8 @@ class ProfileHeader extends \yii\base\Widget
 
         $countFollowing = $this->user->getFollowingCount(User::className());
 
-        $countUserSpaces = Membership::getUserSpaceQuery($this->user)
-                ->andWhere(['!=', 'space.visibility', Space::VISIBILITY_NONE])
-                ->andWhere(['space.status' => Space::STATUS_ENABLED])
-                ->count();
+        /* @var $imageController ImageController  */
+        $imageController = new ImageController('image-controller', null, ['user' => $this->user]);
 
         return $this->render('profileHeader', array(
                     'user' => $this->user,
@@ -83,10 +77,25 @@ class ProfileHeader extends \yii\base\Widget
                     'countFriends' => $countFriends,
                     'countFollowers' => $this->user->getFollowerCount(),
                     'countFollowing' => $countFollowing,
-                    'countSpaces' => $countUserSpaces,
+                    'countSpaces' => $this->getFollowingSpaceCount(),
+                    'allowModifyProfileImage' => $imageController->allowModifyProfileImage,
+                    'allowModifyProfileBanner' => $imageController->allowModifyProfileBanner,
         ));
     }
 
+    /**
+     * Returns the number of followed public space
+     * 
+     * @return int the follow count
+     */
+    protected function getFollowingSpaceCount()
+    {
+        return Membership::getUserSpaceQuery($this->user)
+                        ->andWhere(['!=', 'space.visibility', Space::VISIBILITY_NONE])
+                        ->andWhere(['space.status' => Space::STATUS_ENABLED])
+                        ->count();
+    }
+
 }
 
 ?>
diff --git a/protected/humhub/modules/user/widgets/views/profileHeader.php b/protected/humhub/modules/user/widgets/views/profileHeader.php
index 48062c1935..e1c252baea 100644
--- a/protected/humhub/modules/user/widgets/views/profileHeader.php
+++ b/protected/humhub/modules/user/widgets/views/profileHeader.php
@@ -2,13 +2,14 @@
 
 use yii\helpers\Html;
 use yii\helpers\Url;
+use humhub\modules\user\controllers\ImageController;
 
-if ($isProfileOwner) {
+if ($allowModifyProfileBanner || $allowModifyProfileImage) {
     $this->registerJsFile('@web-static/resources/user/profileHeaderImageUpload.js');
     $this->registerJs("var profileImageUploaderUserGuid='" . $user->guid . "';", \yii\web\View::POS_BEGIN);
     $this->registerJs("var profileImageUploaderCurrentUserGuid='" . Yii::$app->user->getIdentity()->guid . "';", \yii\web\View::POS_BEGIN);
-    $this->registerJs("var profileImageUploaderUrl='" . Url::to(['/user/account/profile-image-upload', 'userGuid' => $user->guid]) . "';", \yii\web\View::POS_BEGIN);
-    $this->registerJs("var profileHeaderUploaderUrl='" . Url::to(['/user/account/banner-image-upload', 'userGuid' => $user->guid]) . "';", \yii\web\View::POS_BEGIN);
+    $this->registerJs("var profileImageUploaderUrl='" . Url::to(['/user/image/upload', 'userGuid' => $user->guid, 'type' => ImageController::TYPE_PROFILE_IMAGE]) . "';", \yii\web\View::POS_BEGIN);
+    $this->registerJs("var profileHeaderUploaderUrl='" . Url::to(['/user/image/upload', 'userGuid' => $user->guid, 'type' => ImageController::TYPE_PROFILE_BANNER_IMAGE]) . "';", \yii\web\View::POS_BEGIN);
 }
 ?>
 <div class="panel panel-default panel-profile">
@@ -22,10 +23,10 @@ if ($isProfileOwner) {
                  width="100%" style="width: 100%; max-height: 192px;">
 
             <!-- check if the current user is the profile owner and can change the images -->
-            <?php if ($isProfileOwner) : ?>
+            <?php if ($allowModifyProfileBanner) : ?>
                 <form class="fileupload" id="bannerfileupload" action="" method="POST" enctype="multipart/form-data"
                       style="position: absolute; top: 0; left: 0; opacity: 0; width: 100%; height: 100%;">
-                    <input type="file" name="bannerfiles[]">
+                    <input type="file" name="images[]">
                 </form>
 
                 <?php
@@ -59,7 +60,7 @@ if ($isProfileOwner) {
             </div>
 
             <!-- check if the current user is the profile owner and can change the images -->
-            <?php if ($isProfileOwner): ?>
+            <?php if ($allowModifyProfileBanner): ?>
                 <div class="image-upload-buttons" id="banner-image-upload-buttons">
                     <a href="#" onclick="javascript:$('#bannerfileupload input').click();"
                        class="btn btn-info btn-sm"><i
@@ -70,7 +71,7 @@ if ($isProfileOwner) {
                            echo 'display: none;';
                        }
                        ?>"
-                       href="<?php echo Url::to(['/user/account/crop-banner-image', 'userGuid' => $user->guid]); ?>"
+                       href="<?php echo Url::to(['/user/image/crop', 'userGuid' => $user->guid, 'type' => ImageController::TYPE_PROFILE_BANNER_IMAGE]); ?>"
                        class="btn btn-info btn-sm" data-target="#globalModal" data-backdrop="static"><i
                             class="fa fa-edit"></i></a>
                         <?php
@@ -84,7 +85,7 @@ if ($isProfileOwner) {
                             'linkContent' => '<i class="fa fa-times"></i>',
                             'cssClass' => 'btn btn-danger btn-sm',
                             'style' => $user->getProfileBannerImage()->hasImage() ? '' : 'display: none;',
-                            'linkHref' => Url::to(["/user/account/delete-profile-image", 'type' => 'banner', 'userGuid' => $user->guid]),
+                            'linkHref' => Url::to(['/user/image/delete', 'userGuid' => $user->guid, 'type' => ImageController::TYPE_PROFILE_BANNER_IMAGE]),
                             'confirmJS' => 'function(jsonResp) { resetProfileImage(jsonResp); }'
                         ));
                         ?>
@@ -107,10 +108,10 @@ if ($isProfileOwner) {
                  <?php endif; ?>
 
             <!-- check if the current user is the profile owner and can change the images -->
-            <?php if ($isProfileOwner) : ?>
+            <?php if ($allowModifyProfileImage) : ?>
                 <form class="fileupload" id="profilefileupload" action="" method="POST" enctype="multipart/form-data"
                       style="position: absolute; top: 0; left: 0; opacity: 0; height: 140px; width: 140px;">
-                    <input type="file" name="profilefiles[]">
+                    <input type="file" name="images[]">
                 </form>
 
                 <div class="image-upload-loader" id="profile-image-upload-loader" style="padding-top: 60px;">
@@ -131,7 +132,7 @@ if ($isProfileOwner) {
                            echo 'display: none;';
                        }
                        ?>"
-                       href="<?php echo Url::to(['/user/account/crop-profile-image', 'userGuid' => $user->guid]); ?>"
+                       href="<?php echo Url::to(['/user/image/crop', 'userGuid' => $user->guid, 'type' => ImageController::TYPE_PROFILE_IMAGE]); ?>"
                        class="btn btn-info btn-sm" data-target="#globalModal" data-backdrop="static"><i
                             class="fa fa-edit"></i></a>
                         <?php
@@ -145,7 +146,7 @@ if ($isProfileOwner) {
                             'linkContent' => '<i class="fa fa-times"></i>',
                             'cssClass' => 'btn btn-danger btn-sm',
                             'style' => $user->getProfileImage()->hasImage() ? '' : 'display: none;',
-                            'linkHref' => Url::to(["/user/account/delete-profile-image", 'type' => 'profile', 'userGuid' => $user->guid]),
+                            'linkHref' => Url::to(["/user/image/delete", 'type' => ImageController::TYPE_PROFILE_IMAGE, 'userGuid' => $user->guid]),
                             'confirmJS' => 'function(jsonResp) { resetProfileImage(jsonResp); }'
                         ));
                         ?>
diff --git a/static/resources/user/profileHeaderImageUpload.js b/static/resources/user/profileHeaderImageUpload.js
index f3958e11c2..b670207e0c 100644
--- a/static/resources/user/profileHeaderImageUpload.js
+++ b/static/resources/user/profileHeaderImageUpload.js
@@ -1,10 +1,10 @@
 /**
  * Handle Image Upload
  */
-$(document).on('ready pjax:success', function() {
+$(document).on('ready pjax:success', function () {
     'use strict';
-    
-    $('.fileupload').each(function() {
+
+    $('.fileupload').each(function () {
 
 
         if ($(this).attr('id') == "profilefileupload") {
@@ -19,18 +19,18 @@ $(document).on('ready pjax:success', function() {
                 singleFileUploads: true,
                 //formData: {'CSRF_TOKEN': csrfValue},
                 limitMultiFileUploads: 1,
-                progressall: function(e, data) {
+                progressall: function (e, data) {
                     var progress = parseInt(data.loaded / data.total * 100, 10);
                     $('#profile-image-upload-bar .progress-bar').css('width', progress + '%');
                 },
-                done: function(e, data) {
+                done: function (e, data) {
 
                     if (data.result.files.error == true) {
                         handleUploadError(data.result);
                     } else {
                         if (profileImageUploaderUserGuid === profileImageUploaderCurrentUserGuid) {
                             $('#user-account-image').attr('src', data.result.files.url + '&c=' + Math.random());
-                        } 
+                        }
                         $('#user-profile-image').attr('src', data.result.files.url + '&c=' + Math.random());
                         $('.user-' + profileImageUploaderUserGuid).attr('src', data.result.files.url + '&c=' + Math.random());
                         $('#user-profile-image').addClass('animated bounceIn');
@@ -43,9 +43,9 @@ $(document).on('ready pjax:success', function() {
 
 
                 }
-            }).bind('fileuploadstart', function(e) {
+            }).bind('fileuploadstart', function (e) {
                 $('#profile-image-upload-loader').show();
-            }).bind('fileuploadstart', function(e) {
+            }).bind('fileuploadstart', function (e) {
                 $('#user-profile-image').removeClass('animated bounceIn');
             })
 
@@ -61,11 +61,11 @@ $(document).on('ready pjax:success', function() {
                 singleFileUploads: true,
                 //formData: {'CSRF_TOKEN': csrfValue},
                 limitMultiFileUploads: 1,
-                progressall: function(e, data) {
+                progressall: function (e, data) {
                     var progress = parseInt(data.loaded / data.total * 100, 10);
                     $('#banner-image-upload-bar .progress-bar').css('width', progress + '%');
                 },
-                done: function(e, data) {
+                done: function (e, data) {
 
                     if (data.result.files.error == true) {
                         handleUploadError(data.result);
@@ -79,9 +79,9 @@ $(document).on('ready pjax:success', function() {
                     $('#banner-image-upload-loader').hide();
                     $('#banner-image-upload-bar .progress-bar').css('width', '0%');
                 }
-            }).bind('fileuploadstart', function(e) {
+            }).bind('fileuploadstart', function (e) {
                 $('#banner-image-upload-loader').show();
-            }).bind('fileuploadstart', function(e) {
+            }).bind('fileuploadstart', function (e) {
                 $('#user-banner-image').removeClass('animated bounceIn');
             })
 
@@ -107,7 +107,7 @@ function handleUploadError(json) {
 
 function resetProfileImage(json) {
 
-    if (json.type == 'profile') {
+    if (json.type == 'image') {
         $('#user-profile-image img').attr('src', json.defaultUrl);
         $('#user-profile-image').attr('src', json.defaultUrl);
         $('#deleteLinkPost_modal_profileimagedelete').hide();
@@ -121,41 +121,41 @@ function resetProfileImage(json) {
     $('.image-upload-buttons').hide();
 }
 
-$(document).on('ready pjax:success', function() {
+$(document).on('ready pjax:success', function () {
 
     // override standard drag and drop behavior
-    $(document).off('drop.humhub dragover.humhub').on('drop.humhub dragover.humhub', function(e) {
+    $(document).off('drop.humhub dragover.humhub').on('drop.humhub dragover.humhub', function (e) {
         e.preventDefault();
     });
 
     // show buttons at image rollover
-    $('#profilefileupload').mouseover(function() {
+    $('#profilefileupload').mouseover(function () {
         $('#profile-image-upload-buttons').show();
     })
 
     // show buttons also at buttons rollover (better: prevent the mouseleave event)
-    $('#profile-image-upload-buttons').mouseover(function() {
+    $('#profile-image-upload-buttons').mouseover(function () {
         $('#profile-image-upload-buttons').show();
     });
 
     // hide buttons at image mouse leave
-    $('#profilefileupload').mouseleave(function() {
+    $('#profilefileupload').mouseleave(function () {
         $('#profile-image-upload-buttons').hide();
     })
 
 
     // show buttons at image rollover
-    $('#bannerfileupload, .img-profile-data').mouseover(function() {
+    $('#bannerfileupload, .img-profile-data').mouseover(function () {
         $('#banner-image-upload-buttons').show();
     })
 
     // show buttons also at buttons rollover (better: prevent the mouseleave event)
-    $('#banner-image-upload-buttons').mouseover(function() {
+    $('#banner-image-upload-buttons').mouseover(function () {
         $('#banner-image-upload-buttons').show();
     })
 
     // hide buttons at image mouse leave
-    $('#bannerfileupload, .img-profile-data').mouseleave(function() {
+    $('#bannerfileupload, .img-profile-data').mouseleave(function () {
         $('#banner-image-upload-buttons').hide();
     })