chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Feature #306 - UserManager: Some minor optimizations ( this was the initial intention :-) ). A tricky rework about the method UserManager::get_user_picture_path_by_id(). A collateral fix about uploading user photos in the platform admin tool, now it works correctly, including the case api_get_setting('split_users_upload_directory') === 'true'. Uploading photos through user profile tool is to be checked. And... fixing two unsafe getimagesize() calls. By the way, the date picker in the forms "User add" and "User edit" (platform admin) does not work, IE8.

Browse Source
skala
Ivan Tcholakov 15 years ago
parent cf200bcdee
commit 4a20a38a7c
4 changed files with 116 additions and 193 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 65
      main/admin/user_add.php
  2. 88
      main/admin/user_edit.php
  3. 5
      main/inc/lib/image.lib.php
  4. 151
      main/inc/lib/usermanager.lib.php

65
main/admin/user_add.php
Unescape View File

@ -329,12 +329,12 @@ if( $form->validate())
if($check)
{
$user = $form->exportValues();
$picture_element = & $form->getElement('picture');
$picture = $picture_element->getValue();
$picture_uri = '';
if (strlen($picture['name']) > 0 ) {
$picture_uri = uniqid('').'_'.replace_dangerous_char($picture['name']);
}
$lastname = $user['lastname'];
$firstname = $user['firstname'];
$official_code = $user['official_code'];
@ -369,43 +369,38 @@ if( $form->validate())
$user_id = UserManager::create_user($firstname,$lastname,$status,$email,$username,$password,$official_code,$language,$phone,$picture_uri,$auth_source,$expiration_date,$active, $hr_dept_id);
// picture path
if (!empty($picture['name'])) {
// picture path
if (api_get_setting('split_users_upload_directory') === 'true') {
$picture_path = api_get_path(SYS_CODE_PATH).'upload/users/'.substr((string)$user_id, 0, 1).'/'.$user_id.'/';
} else {
$picture_path = api_get_path(SYS_CODE_PATH).'upload/users/'.$user_id.'/';
}
if (strlen($picture['name']) > 0 ) {
if (!is_dir($picture_path)) {
if (mkdir($picture_path)) {
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
chmod($picture_path,$perm);
}
$picture_uri = $user_id.'_'.uniqid('').'_'.replace_dangerous_char($picture['name']);
UserManager::update_user($user_id,$firstname,$lastname,$username,$password,$auth_source,$email,$status,$official_code,$phone,$picture_uri,$expiration_date, $active, null, $hr_dept_id,null,$language);
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
if (!file_exists($picture_path)) {
@mkdir($picture_path, $perm, true);
}
$picture_infos=@getimagesize($_FILES['picture']['tmp_name']);
$type=$picture_infos[2];
$small_temp = UserManager::resize_picture($_FILES['picture']['tmp_name'], 22); //small picture
$medium_temp = UserManager::resize_picture($_FILES['picture']['tmp_name'], 85); //medium picture
$temp = UserManager::resize_picture($_FILES['picture']['tmp_name'], 200); // normal picture
$big_temp = new image($_FILES['picture']['tmp_name']); // original picture
switch (!empty($type)) {
case 2 :
$small_temp->send_image('JPG',$picture_path.'small_'.$picture_uri);
$medium_temp->send_image('JPG',$picture_path.'medium_'.$picture_uri);
$temp->send_image('JPG',$picture_path.$picture_uri);
$big_temp->send_image('JPG',$picture_path.'big_'.$picture_uri);
break;
case 3 :
$small_temp->send_image('PNG',$picture_path.'small_'.$picture_uri);
$medium_temp->send_image('PNG',$picture_path.'medium_'.$picture_uri);
$temp->send_image('PNG',$picture_path.$picture_uri);
$big_temp->send_image('PNG',$picture_path.'big_'.$picture_uri);
break;
case 1 :
$small_temp->send_image('GIF',$picture_path.'small_'.$picture_uri);
$medium_temp->send_image('GIF',$picture_path.'medium_'.$picture_uri);
$temp->send_image('GIF',$picture_path.$picture_uri);
$big_temp->send_image('GIF',$picture_path.'big_'.$picture_uri);
break;
$small_picture = UserManager::resize_picture($_FILES['picture']['tmp_name'], 22);
$medium_picture = UserManager::resize_picture($_FILES['picture']['tmp_name'], 85);
$normal_picture = UserManager::resize_picture($_FILES['picture']['tmp_name'], 200);
$big_picture = new image($_FILES['picture']['tmp_name']); // This is the original picture.
$picture_types = array(1 => 'GIF', 2 => 'JPG', 3 => 'PNG');
if (in_array($type, array_keys($picture_types))) {
$small_picture->send_image($picture_types[$type], $picture_path.'small_'.$picture_uri);
$medium_picture->send_image($picture_types[$type], $picture_path.'medium_'.$picture_uri);
$normal_picture->send_image($picture_types[$type], $picture_path.$picture_uri);
$big_picture->send_image($picture_types[$type], $picture_path.'big_'.$picture_uri);
}
}

88
main/admin/user_edit.php
Unescape View File

@ -39,8 +39,8 @@ $htmlHeadXtra[] = '
<script language="JavaScript" type="text/JavaScript">
<!--
function enable_expiration_date() { //v2.0
document.user_add.radio_expiration_date[0].checked=false;
document.user_add.radio_expiration_date[1].checked=true;
document.user_edit.radio_expiration_date[0].checked=false;
document.user_edit.radio_expiration_date[1].checked=true;
}
function display_drh_list(){
@ -95,7 +95,7 @@ unset($user_data['password']);
$user_data = array_merge($user_data, Usermanager :: get_extra_user_data($user_id,true));
// Create the form
$form = new FormValidator('user_add','post','','',array('style' => 'width: 60%; float: '.($text_dir=='rtl'?'right;':'left;')));
$form = new FormValidator('user_edit','post','','',array('style' => 'width: 60%; float: '.($text_dir=='rtl'?'right;':'left;')));
$form->addElement('header', '', $tool_name);
$form->addElement('hidden','user_id',$user_id);
@ -289,14 +289,14 @@ foreach($extra as $id => $field_details)
$form->addElement('select','extra_'.$field_details[1],$field_details[3],$options,array('multiple' => 'multiple'));
break;
case USER_FIELD_TYPE_DATE:
$form->addElement('datepickerdate', 'extra_'.$field_details[1], $field_details[3],array('form_name'=>'user_add'));
$form->addElement('datepickerdate', 'extra_'.$field_details[1], $field_details[3],array('form_name'=>'user_edit'));
$form->_elements[$form->_elementIndex['extra_'.$field_details[1]]]->setLocalOption('minYear',1900);
$defaults['extra_'.$field_details[1]] = date('Y-m-d 12:00:00');
$form -> setDefaults($defaults);
$form->applyFilter('theme', 'trim');
break;
case USER_FIELD_TYPE_DATETIME:
$form->addElement('datepicker', 'extra_'.$field_details[1], $field_details[3],array('form_name'=>'user_add'));
$form->addElement('datepicker', 'extra_'.$field_details[1], $field_details[3],array('form_name'=>'user_edit'));
$form->_elements[$form->_elementIndex['extra_'.$field_details[1]]]->setLocalOption('minYear',1900);
$defaults['extra_'.$field_details[1]] = date('Y-m-d 12:00:00');
$form -> setDefaults($defaults);
@ -335,57 +335,48 @@ $form->setDefaults($user_data);
if( $form->validate())
{
$user = $form->exportValues();
$picture_element = & $form->getElement('picture');
$picture = $picture_element->getValue();
$picture_uri = '';
$picture_uri = $user_data['picture_uri'];
//get the picture directory
$picture_paths = UserManager::get_user_picture_path_by_id($user_id,'system',true);
$picture_location = $picture_paths['dir'];
$big_picture_location = $picture_paths['dir'];
if (strlen($picture['name']) > 0)
{
$picture_uri = uniqid('').'_'.replace_dangerous_char($picture['name']);
if(!file_exists($picture_location))
{
mkpath($picture_location);
}
$picture_infos=@getimagesize($_FILES['picture']['tmp_name']);
$type=$picture_infos[2];
$small_temp = UserManager::resize_picture($_FILES['picture']['tmp_name'], 22); //small picture
$medium_temp = UserManager::resize_picture($_FILES['picture']['tmp_name'], 85); //medium picture
$temp = UserManager::resize_picture($_FILES['picture']['tmp_name'], 200); // normal picture
$big_temp = new image($_FILES['picture']['tmp_name']); // original picture
switch (!empty($type)) {
case 2 :
$small_temp->send_image('JPG',$picture_location.'small_'.$picture_uri);
$medium_temp->send_image('JPG',$picture_location.'medium_'.$picture_uri);
$temp->send_image('JPG',$picture_location.$picture_uri);
$big_temp->send_image('JPG',$picture_location.'big_'.$picture_uri);
break;
case 3 :
$small_temp->send_image('PNG',$picture_location.'small_'.$picture_uri);
$medium_temp->send_image('PNG',$picture_location.'medium_'.$picture_uri);
$temp->send_image('PNG',$picture_location.$picture_uri);
$big_temp->send_image('PNG',$picture_location.'big_'.$picture_uri);
break;
case 1 :
$small_temp->send_image('GIF',$picture_location.'small_'.$picture_uri);
$medium_temp->send_image('GIF',$picture_location.'medium_'.$picture_uri);
$temp->send_image('GIF',$picture_location.$picture_uri);
$big_temp->send_image('GIF',$picture_location.'big_'.$picture_uri);
break;
}
$picture_path_info = UserManager::get_user_picture_path_by_id($user_id, 'system', true);
$picture_path = $picture_path_info['dir'];
}
elseif(isset($user['delete_picture']))
if ($user['delete_picture'] || !empty($picture['name']))
{
@unlink($picture_location.$user_data['picture_uri']);
@unlink($picture_path.'small_'.$picture_uri);
@unlink($picture_path.'medium_'.$picture_uri);
@unlink($picture_path.'big_'.$picture_uri);
@unlink($picture_path.$picture_uri);
$picture_uri = '';
}
if (strlen($picture['name']) == 0){
$picture_uri = $user_data['picture_uri'];
if (!empty($picture['name']))
{
$picture_uri = $user_id.'_'.uniqid('').'_'.replace_dangerous_char($picture['name']);
$perm = api_get_setting('permissions_for_new_directories');
$perm = octdec(!empty($perm)?$perm:'0770');
if(!file_exists($picture_path))
{
@mkdir($picture_path, $perm, true);
}
$picture_info = @getimagesize($_FILES['picture']['tmp_name']);
$type = $picture_info[2];
$small_picture = UserManager::resize_picture($_FILES['picture']['tmp_name'], 22);
$medium_picture = UserManager::resize_picture($_FILES['picture']['tmp_name'], 85);
$normal_picture = UserManager::resize_picture($_FILES['picture']['tmp_name'], 200);
$big_picture = new image($_FILES['picture']['tmp_name']); // This is the original picture.
$picture_types = array(1 => 'GIF', 2 => 'JPG', 3 => 'PNG');
if (in_array($type, array_keys($picture_types))) {
$small_picture->send_image($picture_types[$type], $picture_path.'small_'.$picture_uri);
$medium_picture->send_image($picture_types[$type], $picture_path.'medium_'.$picture_uri);
$normal_picture->send_image($picture_types[$type], $picture_path.$picture_uri);
$big_picture->send_image($picture_types[$type], $picture_path.'big_'.$picture_uri);
}
}
$lastname = $user['lastname'];
@ -395,7 +386,6 @@ if( $form->validate())
$phone = $user['phone'];
$username = $user['username'];
$status = intval($user['status']);
$picture = $_FILES['picture'];
$platform_admin = intval($user['platform_admin']);
$send_mail = intval($user['send_mail']);
$reset_password = intval($user['reset_password']);

5
main/inc/lib/image.lib.php
Unescape View File

@ -20,7 +20,7 @@ class image {
}
function createimagefromtype($file,$handler) {
$size = @getimagesize($file);
$size = @getimagesize(api_url_to_local_path($file));
$type=$size[2];
switch ($type) {
@ -91,7 +91,7 @@ class image {
function addlogo($file) {
$this->logo = image::createimagefromtype($file,'logo');
@imagealphablending( $this->logo ,TRUE );
$size = getimagesize($file);
$size = @getimagesize(api_url_to_local_path($file));
$this->logox=$size[0];
$this->logoy=$size[1];
@ -155,6 +155,7 @@ class image {
default: return 0;
}
// TODO: Occupied memory is not released, because the following fragment of code is actually dead.
@imagedestroy($this->bg);
@imagedestroy($this->logo);

151
main/inc/lib/usermanager.lib.php
Unescape View File

@ -199,6 +199,7 @@ class UserManager {
Database::query($sql, __FILE__, __LINE__);
// Delete user picture
// TODO: Logic about api_get_setting('split_users_upload_directory') === 'true' , a user has 4 differnt sized photos to be deleted.
$user_info = api_get_user_info($user_id);
if (strlen($user_info['picture_uri']) > 0) {
$img_path = api_get_path(SYS_CODE_PATH).'upload/users/'.$user_id.'/'.$user_info['picture_uri'];
@ -510,11 +511,9 @@ class UserManager {
$sql = "SELECT * FROM $user_table WHERE username='".$username."'";
$res = Database::query($sql, __FILE__, __LINE__);
if (Database::num_rows($res) > 0) {
$user = Database::fetch_array($res);
} else {
$user = false;
return Database::fetch_array($res);
}
return $user;
return false;
}
/**
@ -547,10 +546,9 @@ class UserManager {
}
}
}
} else {
$user = false;
return $user;
}
return $user;
return false;
}
/** Get the teacher list
@ -582,116 +580,59 @@ class UserManager {
* @param string Type of path to return (can be 'none', 'system', 'rel', 'web')
* @param bool Whether we want to have the directory name returned 'as if' there was a file or not (in the case we want to know which directory to create - otherwise no file means no split subdir)
* @param bool If we want that the function returns the /main/img/unknown.jpg image set it at true
* @return array Array of 2 elements: 'dir' and 'file' which contain the dir and file as the name implies if image does not exist it will return the unknow image if anonymous parameter is true if not it returns an empty array
* @return array Array of 2 elements: 'dir' and 'file' which contain the dir and file as the name implies if image does not exist it will return the unknow image if anonymous parameter is true if not it returns an empty er's
*/
public static function get_user_picture_path_by_id($id, $type = 'none', $preview = false, $anonymous = false) {
if (empty($id) or empty($type)) {
if ($anonymous) {
$dir = '';
switch ($type) {
case 'system': //return the complete path to the file, from root
$dir = api_get_path(SYS_CODE_PATH).'img/';
break;
case 'rel': //return the relative path to the file, from the Dokeos base dir
$dir = api_get_path(REL_CODE_PATH).'img/';
break;
case 'web': //return the complete web URL to the file
$dir = api_get_path(WEB_CODE_PATH).'img/';
break;
case 'none': //return only the picture_uri (as is, without subdir)
default:
break;
}
$file_anonymous = 'unknown.jpg';
return array('dir' => $dir, 'file' => $file_anonymous);
} else {
return array('dir' => '', 'file' => '');
}
switch ($type) {
case 'system': // Base: absolute system path.
$base = api_get_path(SYS_CODE_PATH);
break;
case 'rel': // Base: semi-absolute web path (no server base).
$base = api_get_path(REL_CODE_PATH);
break;
case 'web': // Base: absolute web path.
$base = api_get_path(WEB_CODE_PATH);
break;
case 'none':
default: // Base: empty, the result path below will be relative.
$base = '';
}
if (empty($id) || empty($type)) {
return $anonymous ? array('dir' => $base.'img/', 'file' => 'unknown.jpg') : array('dir' => '', 'file' => '');
}
$user_id = intval($id);
$user_table = Database :: get_main_table(TABLE_MAIN_USER);
$sql = "SELECT picture_uri FROM $user_table WHERE user_id=".$user_id;
$res = Database::query($sql, __FILE__, __LINE__);
$user = array();
if (Database::num_rows($res) > 0) {
$user = Database::fetch_array($res);
} else {
if ($anonymous) {
$dir = '';
switch ($type) {
case 'system': //return the complete path to the file, from root
$dir = api_get_path(SYS_CODE_PATH).'img/';
break;
case 'rel': //return the relative path to the file, from the Dokeos base dir
$dir = api_get_path(REL_CODE_PATH).'img/';
break;
case 'web': //return the complete web URL to the file
$dir = api_get_path(WEB_CODE_PATH).'img/';
break;
case 'none': //return only the picture_uri (as is, without subdir)
default:
break;
}
$file_anonymous = 'unknown.jpg';
return array('dir' => $dir, 'file' => $file_anonymous);
} else {
return array('dir'=>'','file'=>'');
}
}
$path = trim($user['picture_uri']);
if (empty($path)) {
if ($anonymous) {
switch ($type) {
case 'system': //return the complete path to the file, from root
$dir = api_get_path(SYS_CODE_PATH).'img/';
break;
case 'rel': //return the relative path to the file, from the Dokeos base dir
$dir = api_get_path(REL_CODE_PATH).'img/';
break;
case 'web': //return the complete web URL to the file
$dir = api_get_path(WEB_CODE_PATH).'img/';
break;
case 'none': //return only the picture_uri (as is, without subdir)
default:
break;
}
$file_anonymous = 'unknown.jpg';
return array('dir' => $dir, 'file' => $file_anonymous);
}
if (!Database::num_rows($res)) {
return $anonymous ? array('dir' => $base.'img/', 'file' => 'unknown.jpg') : array('dir' => '', 'file' => '');
}
$dir = '';
$first = '';
$user = Database::fetch_array($res);
$picture_filename = trim($user['picture_uri']);
if (api_get_setting('split_users_upload_directory') === 'true') {
if (!empty($path)) {
$first = substr($path, 0, 1).'/';
} elseif($preview == true) {
$first = substr(''.$user_id, 0, 1).'/';
if (!empty($picture_filename)) {
$dir = $base.'upload/users/'.substr($picture_filename, 0, 1).'/'.$user_id.'/';
} elseif ($preview) {
$dir = $base.'upload/users/'.substr((string)$user_id, 0, 1).'/'.$user_id.'/';
} else {
$dir = $base.'upload/users/'.$user_id.'/';
}
} else {
$dir = $base.'upload/users/'.$user_id.'/';
}
$first .= $user_id.'/';
switch ($type) {
case 'system': //return the complete path to the file, from root
$dir = api_get_path(SYS_CODE_PATH).'upload/users/'.$first;
break;
case 'rel': //return the relative path to the file, from the Dokeos base dir
$dir = api_get_path(REL_CODE_PATH).'upload/users/'.$first;
break;
case 'web': //return the complete web URL to the file
$dir = api_get_path(WEB_CODE_PATH).'upload/users/'.$first;
break;
case 'none': //return only the picture_uri (as is, without subdir)
default:
break;
if (empty($picture_filename) && $anonymous) {
return array('dir' => $base.'img/', 'file' => 'unknown.jpg');
}
return array('dir' => $dir, 'file' => $path);
return array('dir' => $dir, 'file' => $picture_filename);
}
/*
@ -1043,7 +984,7 @@ class UserManager {
$result = Database::query($sql);
if ($result) {
//echo "id returned";
$return=Database::get_last_insert_id();
$return = Database::get_last_insert_id();
} else {
//echo "false - failed" ;
return false;
@ -1682,8 +1623,7 @@ class UserManager {
$res = Database::query($sql, __FILE__, __LINE__);
if ($res === false) return false; //error during query
$num = Database::insert_id();
if ($num == 0) return false;
return $num;
return ($num == 0) ? false : $num;
}
/**
@ -1847,10 +1787,7 @@ class UserManager {
$admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
$sql = "SELECT * FROM $admin_table WHERE user_id = $user_id";
$res = Database::query($sql);
if (Database::num_rows($res) === 1) {
return true;
}
return false;
return Database::num_rows($res) === 1;
}
/**

Write Preview
Loading…
Cancel
Save