diff -r faef5e62e1e0 -r 90225c988124 plugins/admin/UserManager.php --- a/plugins/admin/UserManager.php Tue Aug 25 01:43:11 2009 -0400 +++ b/plugins/admin/UserManager.php Tue Aug 25 01:43:40 2009 -0400 @@ -2,8 +2,7 @@ /* * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between - * Version 1.1.6 (Caoineag beta 1) - * Copyright (C) 2006-2008 Dan Fuhry + * Copyright (C) 2006-2009 Dan Fuhry * * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. @@ -60,6 +59,24 @@ if ( !$q ) $db->_die(); echo '

' . $lang->get('acpum_msg_delete_success') . '

'; + + // deleting own account? + if ( $user_id === $session->user_id ) + { + // cute little hack to boot them out of the admin panel + echo ''; + } } else { @@ -89,7 +106,7 @@ $real_name = $_POST['real_name']; } - $signature = RenderMan::preprocess_text($_POST['signature'], true, true); + $signature = RenderMan::preprocess_text($_POST['signature'], true, false); $user_level = intval($_POST['user_level']); if ( $user_level < USER_LEVEL_MEMBER || $user_level > USER_LEVEL_ADMIN ) @@ -129,7 +146,10 @@ $homepage = ''; } - if ( count($errors) < 1 ) + // true for quiet operation + list(, , $avatar_post_fail) = avatar_post($user_id, true); + + if ( count($errors) < 1 && !$avatar_post_fail ) { $q = $db->sql_query('SELECT u.user_level, u.user_has_avatar, u.avatar_type FROM '.table_prefix.'users AS u WHERE u.user_id = ' . $user_id . ';'); if ( !$q ) @@ -177,167 +197,6 @@ $to_update_users['activation_key'] = sha1($session->dss_rand()); } - // Avatar validation - $action = ( isset($_POST['avatar_action']) ) ? $_POST['avatar_action'] : 'keep'; - $avi_path = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $user_id . '.' . $avi_type; - switch($action) - { - case 'keep': - default: - break; - case 'remove': - if ( $has_avi ) - { - // First switch the avatar off - $to_update_users['user_has_avatar'] = '0'; - @unlink($avi_path); - } - break; - case 'set_http': - case 'set_file': - // Hackish way to preserve the UNIX philosophy of reusing as much code as possible - if ( $action == 'set_http' ) - { - // Check if this action is enabled - if ( getConfig('avatar_upload_http', 1) !== 1 ) - { - // non-localized, only appears on hack attempt - $errors[] = 'Uploads over HTTP are disabled.'; - break; - } - // Download the file - require_once( ENANO_ROOT . '/includes/http.php' ); - - if ( !preg_match('/^http:\/\/([a-z0-9-\.]+)(:([0-9]+))?\/(.+)$/', $_POST['avatar_http_url'], $match) ) - { - $errors[] = $lang->get('usercp_avatar_invalid_url'); - break; - } - - $hostname = $match[1]; - $uri = '/' . $match[4]; - $port = ( $match[3] ) ? intval($match[3]) : 80; - $max_size = intval(getConfig('avatar_max_size')); - - // Get temporary file - $tempfile = tempnam(false, "enanoavatar_{$user_id}"); - if ( !$tempfile ) - $errors[] = 'Error getting temp file.'; - - @unlink($tempfile); - $request = new Request_HTTP($hostname, $uri, 'GET', $port); - $result = $request->write_response_to_file($tempfile, 50, $max_size); - if ( !$result || $request->response_code != HTTP_OK ) - { - @unlink($tempfile); - $errors[] = $lang->get('usercp_avatar_bad_write'); - break; - } - - // Response written. Proceed to validation... - } - else - { - // Check if this action is enabled - if ( getConfig('avatar_upload_file', 1) !== 1 ) - { - // non-localized, only appears on hack attempt - $errors[] = 'Uploads from the browser are disabled.'; - break; - } - - $max_size = intval(getConfig('avatar_max_size')); - - $file =& $_FILES['avatar_file']; - $tempfile =& $file['tmp_name']; - if ( filesize($tempfile) > $max_size ) - { - @unlink($tempfile); - $errors[] = $lang->get('usercp_avatar_file_too_large'); - break; - } - } - $file_type = get_image_filetype($tempfile); - if ( !$file_type ) - { - unlink($tempfile); - $errors[] = $lang->get('usercp_avatar_bad_filetype'); - break; - } - - $avi_path_new = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $user_id . '.' . $file_type; - - // The file type is good - validate dimensions and animation - switch($file_type) - { - case 'png': - $is_animated = is_png_animated($tempfile); - $dimensions = png_get_dimensions($tempfile); - break; - case 'gif': - $is_animated = is_gif_animated($tempfile); - $dimensions = gif_get_dimensions($tempfile); - break; - case 'jpg': - $is_animated = false; - $dimensions = jpg_get_dimensions($tempfile); - break; - default: - $errors[] = 'API mismatch'; - break 2; - } - // Did we get invalid size data? If so the image is probably corrupt. - if ( !$dimensions ) - { - @unlink($tempfile); - $errors[] = $lang->get('usercp_avatar_corrupt_image'); - break; - } - // Is the image animated? - if ( $is_animated && getConfig('avatar_enable_anim') !== '1' ) - { - @unlink($tempfile); - $errors[] = $lang->get('usercp_avatar_disallowed_animation'); - break; - } - // Check image dimensions - list($image_x, $image_y) = $dimensions; - $max_x = intval(getConfig('avatar_max_width')); - $max_y = intval(getConfig('avatar_max_height')); - if ( $image_x > $max_x || $image_y > $max_y ) - { - @unlink($tempfile); - $errors[] = $lang->get('usercp_avatar_too_large'); - break; - } - // All good! - @unlink($avi_path); - if ( rename($tempfile, $avi_path_new) ) - { - $to_update_users['user_has_avatar'] = '1'; - $to_update_users['avatar_type'] = $file_type; - } - else - { - // move failed - turn avatar off - $to_update_users['user_has_avatar'] = '0'; - } - break; - case 'set_gravatar': - // set avatar to use Gravatar - // first, remove old image - if ( $has_avi ) - { - @unlink($avi_path); - } - // set to gravatar mode - $to_update_users['user_has_avatar'] = '1'; - $to_update_users['avatar_type'] = 'grv'; - - $has_avi = 1; - break; - } - if ( count($errors) < 1 ) { $to_update_users_extra = array(); @@ -423,14 +282,17 @@ } } - if ( count($errors) > 0 ) + if ( count($errors) > 0 || @$avatar_post_fail ) { - echo '

- ' . $lang->get('acpum_err_validation_fail') . ' -

' . implode("
", $errors) . '

'; + if ( count($errors) > 0 ) + { + echo '

+ ' . $lang->get('acpum_err_validation_fail') . ' +

' . implode("
", $errors) . '

'; + } $form = new Admin_UserManager_SmartForm(); $form->user_id = $user_id; $form->username = $username; @@ -466,7 +328,7 @@ # END VALIDATION # } - else if ( isset($_POST['action']['go']) || ( isset($_GET['src']) && $_GET['src'] == 'get' ) ) + else if ( isset($_POST['action']['go']) || ( isset($_GET['src']) && $_GET['src'] == 'get' ) || ($pathsuser = $paths->getParam(0)) ) { if ( isset($_GET['user']) ) { @@ -480,6 +342,10 @@ { $username =& $_POST['username']; } + else if ( $pathsuser ) + { + $username = str_replace('_', ' ', dirtify_page_id($pathsuser)); + } else { echo 'No username provided'; @@ -680,7 +546,7 @@ else $cls = 'row2'; $coppa = ( $row['user_coppa'] == '1' ) ? '' . $lang->get('acpum_coppauser_yes') . '' : $lang->get('acpum_coppauser_no'); echo ' - '.enano_date('F d, Y h:i a', $row['time_id']).' + '.enano_date(ED_DATE | ED_TIME, $row['time_id']).' '.$row['author'].' '.$row['edit_summary'].' ' . $coppa . ' @@ -1091,32 +957,21 @@ {lang:acpum_avatar_lbl_change} - +