X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fprofile_photo.php;h=378353f65377db0e4d9609914c83d29700ac3ca0;hb=49ad9b355c352211375247e6fcacdfd1970599ed;hp=47f0f8d8e59ef76da33a14664c2d525899a034a4;hpb=da416e0181663b33304eadc0b1db228e6f1f5b7d;p=friendica.git

diff --git a/mod/profile_photo.php b/mod/profile_photo.php
index 47f0f8d8e5..378353f653 100644
--- a/mod/profile_photo.php
+++ b/mod/profile_photo.php
@@ -15,11 +15,13 @@ function profile_photo_init(&$a) {
 
 function profile_photo_post(&$a) {
 
-        if(! local_user()) {
-                notice ( t('Permission denied.') . EOL );
-                return;
-        }
-
+	if(! local_user()) {
+		notice ( t('Permission denied.') . EOL );
+		return;
+	}
+	
+	check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
+        
 	if((x($_POST,'cropfinal')) && ($_POST['cropfinal'] == 1)) {
 
 		// phase 2 - we have finished cropping
@@ -51,7 +53,7 @@ function profile_photo_post(&$a) {
 
 			$base_image = $r[0];
 
-			$im = new Photo($base_image['data']);
+			$im = new Photo($base_image['data'], $base_image['type']);
 			if($im->is_valid()) {
 				$im->cropImage(175,$srcX,$srcY,$srcW,$srcH);
 
@@ -86,6 +88,7 @@ function profile_photo_post(&$a) {
 					intval(local_user())
 				);
 
+				info( t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL);
 				// Update global directory in background
 				$url = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
 				if($url && strlen(get_config('system','directory_submit_url')))
@@ -105,7 +108,9 @@ function profile_photo_post(&$a) {
 	$src      = $_FILES['userfile']['tmp_name'];
 	$filename = basename($_FILES['userfile']['name']);
 	$filesize = intval($_FILES['userfile']['size']);
-
+	$filetype = $_FILES['userfile']['type'];
+    if ($filetype=="") $filetype=guess_image_type($filename);
+    
 	$maximagesize = get_config('system','maximagesize');
 
 	if(($maximagesize) && ($filesize > $maximagesize)) {
@@ -115,7 +120,7 @@ function profile_photo_post(&$a) {
 	}
 
 	$imagedata = @file_get_contents($src);
-	$ph = new Photo($imagedata);
+	$ph = new Photo($imagedata, $filetype);
 
 	if(! $ph->is_valid()) {
 		notice( t('Unable to process image.') . EOL );
@@ -123,6 +128,7 @@ function profile_photo_post(&$a) {
 		return;
 	}
 
+	$ph->orient($src);
 	@unlink($src);
 	return profile_photo_crop_ui_head($a, $ph);
 	
@@ -147,7 +153,9 @@ function profile_photo_content(&$a) {
 			notice( t('Permission denied.') . EOL );
 			return;
 		};
-			
+		
+//		check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
+        
 		$resource_id = $a->argv[2];
 		//die(":".local_user());
 		$r=q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' ORDER BY `scale` ASC",
@@ -188,7 +196,7 @@ function profile_photo_content(&$a) {
 			goaway($a->get_baseurl() . '/profiles');
 			return; // NOTREACHED
 		}
-		$ph = new Photo($r[0]['data']);
+		$ph = new Photo($r[0]['data'], $r[0]['type']);
 		profile_photo_crop_ui_head($a, $ph);
 		// go ahead as we have jus uploaded a new photo to crop
 	}
@@ -202,13 +210,14 @@ function profile_photo_content(&$a) {
 			'$lbl_upfile' => t('Upload File:'),
 			'$title' => t('Upload Profile Photo'),
 			'$submit' => t('Upload'),
+			'$form_security_token' => get_form_security_token("profile_photo"),
 			'$select' => sprintf('%s %s', t('or'), ($newuser) ? '<a href="' . $a->get_baseurl() . '">' . t('skip this step') . '</a>' : '<a href="'. $a->get_baseurl() . '/photos/' . $a->user['nickname'] . '">' . t('select a photo from your photo albums') . '</a>')
 		));
 
 		return $o;
 	}
 	else {
-		$filename = $a->config['imagecrop'] . '-' . $a->config['imagecrop_resolution'] . '.jpg';
+		$filename = $a->config['imagecrop'] . '-' . $a->config['imagecrop_resolution'] . '.'.$a->config['imagecrop_ext'];
 		$resolution = $a->config['imagecrop_resolution'];
 		$tpl = get_markup_template("cropbody.tpl");
 		$o .= replace_macros($tpl,array(
@@ -217,6 +226,7 @@ function profile_photo_content(&$a) {
 			'$image_url' => $a->get_baseurl() . '/photo/' . $filename,
 			'$title' => t('Crop Image'),
 			'$desc' => t('Please adjust the image cropping for optimum viewing.'),
+			'$form_security_token' => get_form_security_token("profile_photo"),
 			'$done' => t('Done Editing')
 		));
 		return $o;
@@ -228,6 +238,12 @@ function profile_photo_content(&$a) {
 
 if(! function_exists('_crop_ui_head')) {
 function profile_photo_crop_ui_head(&$a, $ph){
+	$max_length = get_config('system','max_image_length');
+	if(! $max_length)
+		$max_length = MAX_IMAGE_LENGTH;
+	if($max_length > 0)
+		$ph->scaleImage($max_length);
+
 	$width = $ph->getWidth();
 	$height = $ph->getHeight();
 
@@ -261,7 +277,9 @@ function profile_photo_crop_ui_head(&$a, $ph){
 
 	$a->config['imagecrop'] = $hash;
 	$a->config['imagecrop_resolution'] = $smallest;
+	$a->config['imagecrop_ext'] = $ph->getExt();
 	$a->page['htmlhead'] .= get_markup_template("crophead.tpl");
+	$a->page['end'] .= get_markup_template("cropend.tpl");
 	return;
 }}