FIND:
function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
{
global $board_config;
$avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")
{
return '';
}
if ( file_exists(@phpbb_realpath($board_config['avatar_gallery_path'] . '/' . $avatar_filename)) && ($mode == 'editprofile') )
{
$return = ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
}
else
{
$return = '';
}
return $return;
}
REPLACE WITH:
function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename, $avatar_category)
{
global $board_config;
$avatar_filename = phpbb_ltrim(basename($avatar_filename), "'");
$avatar_category = phpbb_ltrim(basename($avatar_category), "'");
if(!preg_match('/(\.gif$|\.png$|\.jpg|\.jpeg)$/is', $avatar_filename))
{
return '';
}
if ($avatar_filename == "" || $avatar_category == "")
{
return '';
}
if ( file_exists(@phpbb_realpath($board_config['avatar_gallery_path'] . '/' . $avatar_category . '/' . $avatar_filename)) && ($mode == 'editprofile') )
{
$return = ", user_avatar = '" . str_replace("\'", "''", $avatar_category . '/' . $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
}
else
{
$return = '';
}
return $return;
}
FIND:
if ( $avatar_mode == 'remote' && preg_match('/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/', $avatar_filename, $url_ary) )
BEFORE, ADD:
$width = $height = 0;
$type = '';
FIND:
list($width, $height) = @getimagesize($tmp_filename);
REPLACE WITH:
list($width, $height, $type) = @getimagesize($tmp_filename);
FIND:
list($width, $height) = @getimagesize($avatar_filename);
REPLACE WITH:
list($width, $height, $type) = @getimagesize($avatar_filename);
FIND:
if ( $width > 0 && $height > 0 && $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
BEFORE, ADD:
switch ($type)
{
// GIF
case 1:
if ($imgtype != '.gif')
{
@unlink($tmp_filename);
message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
}
break;
// JPG, JPC, JP2, JPX, JB2
case 2:
case 9:
case 10:
case 11:
case 12:
if ($imgtype != '.jpg' && $imgtype != '.jpeg')
{
@unlink($tmp_filename);
message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
}
break;
// PNG
case 3:
if ($imgtype != '.png')
{
@unlink($tmp_filename);
message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
}
break;
default:
@unlink($tmp_filename);
message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
}
FIND:
if ( file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $current_avatar)) )
{
@unlink('./' . $board_config['avatar_path'] . '/' . $current_avatar);
}
REPLACE WITH:
user_avatar_delete($current_type, $current_avatar);
FIND:
$avatar_images[$file][$avatar_row_count][$avatar_col_count] = $file . '/' . $sub_file;
REPLACE WITH:
$avatar_images[$file][$avatar_row_count][$avatar_col_count] = $sub_file;
FIND:
"AVATAR_IMAGE" => $board_config['avatar_gallery_path'] . '/' . $avatar_images[$category][$i][$j],
REPLACE WITH:
"AVATAR_IMAGE" => $board_config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_images[$category][$i][$j],
FIND:
<input type="hidden" name="agreed" value="true" />
IN-LINE FIND:
<input type="hidden" name="agreed" value="true" />
IN-LINE AFTER, ADD:
<input type="hidden" name="avatarcatname" value="' . $category . '" />
|
