Navigation

← Previous Changeset
Next Changeset →

Changeset 437

Timestamp:

06/02/07 17:29:33 (2 years ago)

Author:

louisedade

Message:

avatar-upload: committing version 0.4 with several improvements/fixes

Files:

avatar-upload/trunk/avatar-upload.php (modified) (6 diffs)
avatar-upload/trunk/my-plugins/bb-avatar-upload.php (modified) (5 diffs)
avatar-upload/trunk/my-templates/avatar.php (modified) (2 diffs)
avatar-upload/trunk/readme.txt (modified) (6 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

avatar-upload/trunk/avatar-upload.php

r395	r437
3	3	Plugin Name: Avatar Upload
4	4	Plugin URI: http://bbpress.org/plugins/topic/46
5		Version: 0.3
	5	Version: 0.4
6	6	Description: Allows users to upload an avatar (gif, jpeg/jpg or png) image to bbPress.
7	7	Author: Louise Dade
…	…
11	11	require_once('./bb-load.php'); // load bbPress config
12	12	bb_auth(); // logged in?
	13	bb_repermalink(); // Fix pretty-permalinks
13	14
14		// Grab user id
15		if ( isset($_GET['id']) ) {
16		$user_id = (int) $_GET['id'];
17		} else {
18		$user_id = intval( 0 );
19		}
20
21		// This user may NOT be the user who's avatar is being uploaded,
22		// this allows an Admin/Moderator to update another user's avatar
23		// (in the event that the user's avatar is objectionable!)
	15	// The current user may NOT be the user who's avatar is being uploaded,
	16	// so we need to allow an Admin/Moderator to update another user's
	17	// avatar (in the event that the user's avatar is objectionable!)
24	18	$current_user = bb_get_user(bb_get_current_user_info('id'));
25	19
26		// User who's profile is ~~being updated~~
27		$user = bb_get_user( $user_id ); ~~// user info~~
	20	// User who's profile is actually being updated (not necessarily the current user!)
	21	$user = bb_get_user( $user_id );
28	22
29	23	// No user found with that ID
…	…
32	26	}
33	27
34		// Only allow the correct User or an Admin/Moderator to upload
35		// but not if they are a bozo!
	28	// Only allow the correct User or an Admin/Moderator to upload but not if they are a bozo!
36	29	if ( ($user->ID != $current_user->ID && !bb_current_user_can( 'moderate' )) \|\| $current_user->is_bozo )
37	30	{
…	…
39	32	}
40	33
41		// Get config variables
42		$av_opts = avatarupload_config();
43		$av_opts['mime_types']['jpeg'] = $av_opts['mime_types']['jpg'];
44		$av_opts['max_kbytes'] = round($av_opts['max_bytes']/1024, 2); // Just a pretty value for output use
	34	/* --- Start Avatar Upload --- */
45	35
46		// Some potential error messages in human readable form
47		$errorcodes = array(
48		"- no error (this message will never be shown) -",
49		"The image file is too big, the maximum file size allowed is {$av_opts['max_kbytes']} KB.",
50		"The image file is too big, the maximum file size allowed is {$av_opts['max_kbytes']} KB.",
51		"The file was only partially uploaded - the connection may have been interrupted.",
52		"The image file does not appear to have been uploaded - did you select an image?",
53		"The file does not appear to be a valid GIF, JPG/JPEG or PNG image type.",
54		"The image file could not be saved to the avatars folder.",
55		"Image dimensions must not be greater than {$av_opts['max_width']} x {$av_opts['max_height']} pixels.",
56		"The avatar filename may only contain upper/lower case letters, numbers, underscores or dashes."
57		);
58
59		/* --- Start Avatar Upload --- */
	36	// Get Configuration Settings
	37	$config = new avatarupload_config();
60	38
61	39	if (!empty($_FILES['p_browse']))
…	…
63	41	$current_avatar = avatarupload_get_avatar($user_id, 0, 1); // for comparison later
64	42
65		$img_errs = 0;
66		$error = 0;
67
68		$img = $_FILES['p_browse']; // grab image upload
	43	// Grab the uploaded image
	44	$img = $_FILES['p_browse'];
69	45	$img_name = $img['name'];
70	46	$img_type = $img['type'];
…	…
73	49	$img_errs = $img['error'];
74	50
75		$img_ext = substr($img_name, strrpos($img_name, ".")+1); // file extension
	51	// Grab file extension
	52	$img_ext = substr($img_name, strrpos($img_name, ".")+1);
76	53
77		$user_filename = strtolower($user->user_login) . "." . $img_ext; // build filename
	54	// Build the user's avatar filename
	55	$user_filename = strtolower($user->user_login) . "." . $img_ext;
78	56
79		if (!eregi("^([-a-z0-9_]+)\.([a-z]+)$", $img_name)) { // filename not valid [A-Z/a-z, 0-9, _, -]
80		// we don't worry about file extension here, this is to stop things like: 'nasty.exe?.jpg'
81		$img_errs = 8;
82		$error++;
	57	// Manual checks - some manual checks duplicate the PHP error codes where
	58	// they were introduced in later versions (e.g. PHP 5.x).
	59
	60	// Does filesize exceeds max_bytes? You can't trust MAX_FILE_SIZE form field.
	61	if ($img_errs == 0 && $img_size > $config->max_bytes)
	62	{
	63	$img_errs = 2;
83	64	}
84	65
85		if ($img_errs == 4) { // No image was uploaded
86		$error++;
	66	// Is file uploaded to temp folder?
	67	if ($img_errs == 0 && (!file_exists($img_temp) \|\| !is_uploaded_file($img_temp)) )
	68	{
	69	$img_errs = 4;
87	70	}
88	71
89		if ($error == 0 && $img_errs == 3) { // The image was partially uploaded
90		$error++;
	72	// Is file extension valid and does it match the mime-type?
	73	if ($img_errs == 0 && (!in_array($img_type, $config->mime_types[$img_ext]) \|\| !in_array($img_ext, $config->file_extns)) )
	74	{
	75	$img_errs = 8;
91	76	}
92	77
93		~~if ($error == 0 && ($img_errs == 1 \|\| $img_errs == 2) \|\| $img_size > $av_opts['max_bytes']) {~~
94		~~// File size exceeds max_bytes~~
95		~~$img_errs = 1;~~
96		$~~error++~~;
	78	// Is it a valid filename? Stops things like 'nasty.exe?.jpg'
	79	if ($img_errs == 0 && !eregi("^([-a-z0-9_]+)\.([a-z]+)$", $img_name))
	80	{
	81	$img_errs = 9;
97	82	}
98
99		if ($error == 0 && (!in_array($img_type, $av_opts['mime_types'][$img_ext]) \|\|
100		!in_array($img_ext, $av_opts['file_extns'])) ) {
101		// Check for invalid and/or mismatched mime-type and file extensions
102		$img_errs = 5;
103		$error++;
104		}
105
106		if ($error == 0 && !file_exists($img_temp)) { // File not saved to temp folder
107		$img_errs = 4;
108		$error++;
109		}
110
111		if ($error == 0 && !is_uploaded_file($img_temp)) { // File not saved to temp folder
112		$img_errs = 4;
113		$error++;
114		}
115
116		if ($error == 0)
	83
	84	// Are file dimensions greater than max_width/max_height allowed?
	85	if ($img_errs == 0)
117	86	{
118		// Get the dim~~s and file type~~
	87	// Get the dimensions
119	88	$dims = getimagesize($img_temp);
120	89	$img_w = $dims[0];
121	90	$img_h = $dims[1];
122	91
123		if ($img_w > $av_opts['max_width'] \|\| $img_h > $av_opts['max_height']) {
124		// File dims greater than max_width/max_height
125		$img_errs = 7;
126		$error++;
	92	if ($img_w > $config->max_width \|\| $img_h > $config->max_height)
	93	{
	94	$img_errs = 10;
127	95	}
128	96	}
129	97
130		~~if ($error == 0 && !move_uploaded_file($img_temp, BBPATH . $av_opts['avatar_dir'] . $user_filename))~~
131		~~{ // Can save to avatars folder (does it exist?~~)
132		~~$img_errs = 6;~~
133		$~~error++~~;
	98	// Did we move the image to the avatar folder successfully?
	99	if ($img_errs == 0 && !move_uploaded_file($img_temp, BBPATH . $config->avatar_dir . $user_filename) )
	100	{
	101	$img_errs = 11;
134	102	}
135	103
136		if ($img_errs > 0) {
137		bb_die(__($errorcodes[$img_errs])); // Display appropriate error message
138		} else {
	104
	105	// If we still have no errors add avatar to database, else show errors
	106	if ($img_errs == 0)
	107	{
	108	// Compare 'new' and 'current' avatar filenames
139	109	if (!empty($current_avatar[0]) && $user_filename != $current_avatar[0])
140		{ // compare 'new' and 'current' avatar filenames - if different, delete 'current'
141		// this will most likely only happen when the new avatar has a different extension
142		unlink(BBPATH . $av_opts['avatar_dir'] . $current_avatar[0]);
	110	{
	111	// If different, delete 'current' - this will only occur when
	112	// the new and current avatars have different file extensions.
	113	unlink(BBPATH . $config->avatar_dir . $current_avatar[0]);
143	114	}
144	115
	116	// Add avatar to database as usermeta data.
145	117	$meta_avatar = $user_filename . "\|" . $img_w . "\|" . $img_h . "\|avatar-upload";
146	118	bb_update_usermeta( $user_id, 'avatar_file', $meta_avatar );
147	119	$success_message = "Your avatar has been uploaded.";
148	120	}
	121	else
	122	{
	123	// Display an appropriate error message
	124	switch ($img_errs)
	125	{
	126	case 0: // UPLOAD_ERR_OK (no error)
	127	break;
	128	case 1: // UPLOAD_ERR_INI_SIZE
	129	bb_die(__("The file exceeds the maximum filesize of {$config->max_kbytes} KB"));
	130	break;
	131	case 2: // UPLOAD_ERR_FORM_SIZE
	132	bb_die(__("The file exceeds the maximum filesize of {$config->max_kbytes} KB"));
	133	break;
	134	case 3: // UPLOAD_ERR_PARTIAL
	135	bb_die(__("The file was only partially uploaded. Please try again."));
	136	break;
	137	case 4: // UPLOAD_ERR_NO_FILE
	138	bb_die(__("No file was uploaded - did you select an image to upload?"));
	139	break;
	140	case 6: // UPLOAD_ERR_NO_TMP_DIR (since PHP 4.3.10 and PHP 5.0.3)
	141	bb_die(__("Could not upload the file - there is no temporary folder."));
	142	break;
	143	case 7: // UPLOAD_ERR_CANT_WRITE (since PHP 5.1.0)
	144	bb_die(__("Failed to write file to disk - the server settings may not be correct."));
	145	break;
	146	case 8: // UPLOAD_ERR_EXTENSION (since PHP 5.2.0)
	147	bb_die(__("The file is not a valid GIF, JPG/JPEG or PNG image-type."));
	148	break;
	149	case 9: // custom error code
	150	bb_die(__("Filenames may only contain upper/lower case letters, numbers, underscores or dashes."));
	151	break;
	152	case 10: // custom error code
	153	bb_die(__("Image dimensions must not be greater than {$config->max_width} x {$config->max_height} pixels."));
	154	break;
	155	case 11: // custom error code
	156	bb_die(__("The file could not be saved to the 'avatars' folder."));
	157	break;
	158	default: // unknown error (this probably won't ever happen)
	159	bb_die(__("An unknown error has occurred."));
	160	break;
	161	}
	162	}
149	163	}
150	164
151		bb_load_template( 'avatar.php', array('success_message', '~~av_opts~~') );
	165	bb_load_template( 'avatar.php', array('success_message', 'config') );
152	166	?>

avatar-upload/trunk/my-plugins/bb-avatar-upload.php

r395	r437
3	3	Plugin Name: Avatar Upload
4	4	Plugin URI: http://bbpress.org/plugins/topic/46
5		Version: 0.3
	5	Version: 0.4
6	6	Description: Allows users to upload an avatar (gif, jpeg/jpg or png) image to bbPress.
7	7	Author: Louise Dade
…	…
10	10
11	11	// Configuration Settings
12		function avatarupload_config()
	12	class avatarupload_config
13	13	{
14		~~return array(~~
15
	14	function avatarupload_config()
	15	{
16	16	// Avatar folder location (default is 'avatars' in the bbPress root folder)
17	17	// You must create the folder before you install this plugin.
18		~~'avatar_dir' => "avatars/",~~ // remember to include trailing slash
	18	$this->avatar_dir = "avatars/"; // remember to include trailing slash
19	19
20	20	// Define maximum values allowed
21		~~'max_width' => 150, // (pixels)~~
22		~~'max_height' => 150, // (pixels)~~
23		~~'max_bytes' => 51200, // filesize (bytes;~~ 1024 bytes = 1 KB)
	21	$this->max_width = 150; // pixels
	22	$this->max_height = 150; // pixels
	23	$this->max_bytes = 51200; // filesize (1024 bytes = 1 KB)
24	24
25	25	// Default avatar - set 'use_default' to '0' to display no image instead of default
26		'default_avatar' => array(
	26	// The default URI is in the '$this->avatar_dir' folder.
	27	$this->default_avatar = array(
27	28	'use_default' => 1,
28		'uri' => ~~bb_get_option('uri').'avatars/default.png', // full uri of image~~
	29	'uri' => bb_get_option('uri') . $this->avatar_dir . 'default.png',
29	30	'width' => 80,
30	31	'height' => 80,
31	32	'alt' => "User has not uploaded an avatar"
32		),
	33	);
33	34
34	35	// Allowed file extensions
35		~~'file_extns' => array("gif", "jpg", "jpeg", "png"),~~
	36	$this->file_extns = array("gif", "jpg", "jpeg", "png");
36	37
37	38	// Mime-Types (list thanks to SamBauers) - you probably want to leave this alone.
38		~~'mime_types' =>~~ array(
	39	$this->mime_types = array(
39	40	'gif' => array(
40	41	'image/gif',
…	…
57	58	'application/x-png'
58	59	)
59		)
60		);
	60	);
	61
	62	// JPEG == JPG
	63	$this->mime_types['jpeg'] = $this->mime_types['jpg'];
	64
	65	// Just a pretty value (Kilobytes) for output use
	66	$this->max_kbytes = round($this->max_bytes / 1024, 2);
	67	}
61	68	}
62	69
…	…
70	77	echo'" width="'.$a[1].'" height="'.$a[2].'" alt="Avatar" />';
71	78	} else {
72		$config = avatarupload_config();
73		$default = $config['default_avatar'];
74		if ($~~default~~['use_default'] == 1)
	79	$config = new avatarupload_config();
	80
	81	if ($config->default_avatar['use_default'] == 1)
75	82	{
76		echo '<img src="'.$~~default['uri'].'" width="'.$default['width'].'" height="'.$default['height~~']
77		.'" ~~alt="'.$d~~['alt'].'" />';
	83	echo '<img src="'.$config->default_avatar['uri'].'" width="'.$config->default_avatar['width']
	84	.'" height="'.$config->default_avatar['height'].'" alt="'.$config->default_avatar['alt'].'" />';
78	85	}
79	86	}
80	87	}
81	88
82		// Get the avatar URI
	89	// Get the avatar URI ($id = user->ID, $fulluri = full url to image,
	90	// $force_db = get avatar from database where 'usermeta' not already available)
83	91	function avatarupload_get_avatar($id, $fulluri=1, $force_db=0)
84	92	{
…	…
107	115	if ($fulluri == 1)
108	116	{
109		$config = avatarupload_config();
110		$a[0] = bb_get_option('uri') . $config~~['avatar_dir']~~ . $a[0];
	117	$config = new avatarupload_config();
	118	$a[0] = bb_get_option('uri') . $config->avatar_dir . $a[0];
111	119	}
112	120	return $a;

avatar-upload/trunk/my-templates/avatar.php

r395	r437
12	12
13	13	<ul>
14		<li><?php _e('The following image formats are allowed: <strong>' . implode($~~av_opts['file_extns']~~, ", ") . '</strong>.'); ?></li>
15		<li><?php _e('Dimensions must be no greater than <strong>' .$~~av_opts['max_width']. ' x ' .$av_opts['max_height']~~. ' pixels</strong> (your image does not have to be square).'); ?></li>
16		<li><?php _e('File size must be no greater than <strong>' . $~~av_opts['max_kbytes']~~ . '<abbr title="kilobytes">KB</abbr></strong>'); ?></li>
	14	<li><?php _e('The following image formats are allowed: <strong>' . implode($config->file_extns, ", ") . '</strong>.'); ?></li>
	15	<li><?php _e('Dimensions must be no greater than <strong>' .$config->max_width. ' x ' .$config->max_height. ' pixels</strong> (your image does not have to be square).'); ?></li>
	16	<li><?php _e('File size must be no greater than <strong>' . $config->max_kbytes . '<abbr title="kilobytes">KB</abbr></strong>'); ?></li>
17	17	<li><?php _e('File names must be <strong>alpha-numeric</strong> and may contain <strong>underscores or dashes</strong> (a-z/A-Z, 0-9, _ or -).'); ?></li>
18	18	</ul>
…	…
20	20	<form enctype="multipart/form-data" method="POST" action="<?php profile_tab_link($user->ID, 'avatar'); ?>">
21	21	<p><label for="p_browse"><?php _e('Locate Image'); ?>:</label><br />
22		<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $~~av_opts['max_bytes']~~; ?>" />
	22	<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $config->max_bytes; ?>" />
23	23	<input type="file" name="p_browse" id="p_browse" size="80" /></p>
24	24

avatar-upload/trunk/readme.txt

r395	r437
4	4	Requires at least: 0.8
5	5	Tested up to: 0.8.1
6		Stable Tag: 0.3
	6	Stable Tag: 0.4
7	7
8	8	Allows users to upload an avatar (gif, jpeg/jpg or png) image to bbPress. Admins can configure maximum allowed file size and image dimensions.
…	…
24	24	- there is no "delete avatar" function at this time, but an inappropriate image can be removed by uploading a 'safe' image (e.g. a blank 1x1 pixel image) to replace it (you could them manually set that user as a bozo to stop them re-uploading inappropriate images).
25	25	* Option to display a default avatar for users who do not upload their own.
26		* Can be extended with fel64's "Identicons" plugin to give users the option of display an identicon instead of uploading an image (becomes their 'default' avatar). http://bbpress.org/forums/topic/1027?replies=25#post-6759
	26	* Can be extended with fel64's "Identicons" plugin to give users the option of displaying an identicon instead of uploading an image (becomes their 'default' avatar). http://bbpress.org/forums/topic/1027?replies=25#post-6759
27	27
28	28	== Installation ==
29	29
30		UPGRADING? If you are using an older version of this plugin, you need to follow these installation instructions because the template functions are incompatible with ~~the older version~~.
	30	UPGRADING? If you are using an older version of this plugin, you need to follow these installation instructions because the template functions are incompatible with older versions.
31	31
32		1. Open up the 'my-plugins/bb-avatar-upload.php' file and configure the "configuration Setting" (if desired). At least make sure the '$avatar_dir' variable is correct. Other configurable variables include the maximum allowed width and height of uploaded images and the maximum file size (in bytes).
	32	1. Open up the 'my-plugins/bb-avatar-upload.php' file and configure the "Configuration Settings". At least make sure the '$avatar_dir' variable is correct.
33	33
34		2. The avatar upload page should appear as a tab ("Avatar") on the ~~Profile menu on the user's profile pages. If you like the link elsewhere, then~~ insert the following "Upload Avatar" link wherever you wish:
	34	2. The avatar upload page should appear as a tab ("Avatar") on the user's Profile menu. If you'd prefer the link to be elsewhere, insert the following "Upload Avatar" link wherever you wish:
35	35
36	36	<a href="<?php profile_tab_link($user->ID, 'avatar'); ?>"><?php _e("Upload Avatar"); ?></a>
…	…
38	38	Use the available $user->ID for the page you place the link on.
39	39
40		3. To display an uploaded avatar, ~~just~~ insert the following template function.
	40	3. To display an uploaded avatar, insert the following template function.
41	41
42	42	a) On the user's profile page ('profile.php' template).
…	…
50	50	<?php avatarupload_display(get_post_author_id()); ?>
51	51
52		You can include the avatar anywhere else you like, just be sure to have ~~either the current or any~~ user's ID available.
	52	You can include the avatar anywhere else you like, just be sure to have the user's ID available.
53	53
54	54	c) If you just want the URI of the avatar (for your own plugins for example):
…	…
58	58	Where ID is a user ID. Returns false if no avatar exists for that user.
59	59
60		4. ~~This is optional, but you can~~ open up 'my-templates/avatar.php' and edit the template if you wish, but be sure not to mess with the upload form.
	60	4. OPTIONAL: open up 'my-templates/avatar.php' and edit the template if you wish, but be sure not to mess with the upload form.
61	61
62	62	5. Upload the plugin files to the following locations.
…	…
81	81	However, one can never 100% sure and there is always some security risks when allowing users to upload to your server. USE THIS PLUGIN AT YOUR OWN RISK!
82	82
	83	= I get the following error (or similar): move_uploaded_file(/path/to/bbpress/avatars/username.jpg) [function.move-uploaded-file]: failed to open stream: Permission denied in /path/to/bbpress/avatar-upload.php on line XXX =
	84
	85	You need to set the file permissions (chmod) of the 'avatars' folder to 666 to allow the plugin to write to the folder. You can do this using SHH or alternatively (and more easily) many FTP applications allow permissions setting. Please refer to your web host for their advice if you do not know how to do this.
	86
	87
83	88	== Change Log ==
84	89
	90	2007-06-02 Ver. 0.4 made config vars into a class, totally overhauled upload script (streamlined),
	91	amended readme instructions and fixed problem with pretty permalinks.
85	92	2007-05-02 Ver. 0.3 rewritten, config vars moved to plugin script, enabled default avatar,
86	93	added profile tab and made it possible to use plugin with other plugins.

Download in other formats: