mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Have a controller instead ofo avatar.php and fix some cropper-design

This commit is contained in:
kondou 2013-08-26 16:46:55 +02:00
parent 9a8908b643
commit 31736a1df3
7 changed files with 128 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
avatar.php
View File

@ -1,83 +0,0 @@
<?php
require_once 'lib/base.php';
if (!\OC_User::isLoggedIn()) {
header("HTTP/1.0 403 Forbidden");
\OC_Template::printErrorPage("Permission denied");
}
if ($_SERVER['REQUEST_METHOD'] === "GET") {
if (isset($_GET['user'])) {
//SECURITY TODO does this fully eliminate directory traversals?
$user = stripslashes($_GET['user']);
} else {
exit();
}
if (isset($_GET['size']) && ((int)$_GET['size'] > 0)) {
$size = (int)$_GET['size'];
if ($size > 2048) {
$size = 2048;
}
} else {
$size = 64;
}
$image = \OC_Avatar::get($user, $size);
if ($image instanceof \OC_Image) {
$image->show();
} elseif ($image === false) {
OC_JSON::success(array('user' => $user, 'size' => $size));
}
} elseif ($_SERVER['REQUEST_METHOD'] === "POST") {
$user = OC_User::getUser();
// Select an image from own files
if (isset($_POST['path'])) {
$path = stripslashes($_POST['path']);
$avatar = OC::$SERVERROOT.'/data/'.$user.'/files'.$path;
}
if (isset($_POST['crop'])) {
$crop = json_decode($_POST['crop'], true);
if (!isset($path)) {
// TODO get path to temporarily saved uploaded-avatar
}
$image = new \OC_Image($avatar);
$image->crop($x, $y, $w, $h);
$avatar = $image->data();
}
// Upload a new image
if (!empty($_FILES)) {
$files = $_FILES['files'];
if ($files['error'][0] === 0) {
$avatar = file_get_contents($files['tmp_name'][0]);
unlink($files['tmp_name'][0]);
// TODO make the tmp_name reusable, if the uploaded avatar is not square
}
}
try {
\OC_Avatar::set($user, $avatar);
OC_JSON::success();
} catch (\OC\NotSquareException $e) {
$tmpname = \OC_Util::generate_random_bytes(10);
// TODO Save the image temporarily here
// TODO add a cronjob that cleans up stale tmpimages
OC_JSON::error(array("data" => array("message" => "notsquare", "tmpname" => $tmpname) ));
} catch (\Exception $e) {
OC_JSON::error(array("data" => array("message" => $e->getMessage()) ));
}
} elseif ($_SERVER['REQUEST_METHOD'] === "DELETE") {
$user = OC_User::getUser();
try {
\OC_Avatar::remove($user);
OC_JSON::success();
} catch (\Exception $e) {
OC_JSON::error(array("data" => array ("message" => $e->getMessage()) ));
}
}

88
core/avatar/controller.php Normal file
View File

@ -0,0 +1,88 @@
<?php
/**
* Copyright (c) 2013 Christopher Schäpers <christopher@schaepers.it>
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
class CoreAvatarController {
public static function getAvatar($args) {
if (!\OC_User::isLoggedIn()) {
header("HTTP/1.0 403 Forbidden");
\OC_Template::printErrorPage("Permission denied");
return;
}
$user = stripslashes($args['user']);
$size = (int)$args['size'];
if ($size > 2048) {
$size = 2048;
}
// Undefined size
elseif ($size === 0) {
$size = 64;
}
$image = \OC_Avatar::get($user, $size);
if ($image instanceof \OC_Image) {
$image->show();
} elseif ($image === false) {
\OC_JSON::success(array('user' => $user, 'size' => $size));
}
}
public static function postAvatar($args) {
$user = \OC_User::getUser();
if (isset($_POST['path'])) {
$path = stripslashes($_POST['path']);
$avatar = OC::$SERVERROOT.'/data/'.$user.'/files'.$path;
}
if (!empty($_FILES)) {
$files = $_FILES['files'];
if ($files['error'][0] === 0) {
$avatar = file_get_contents($files['tmp_name'][0]);
unlink($files['tmp_name'][0]);
}
}
try {
\OC_Avatar::set($user, $avatar);
\OC_JSON::success();
} catch (\OC\NotSquareException $e) {
// TODO move unfitting avatar to /datadir/$user/tmpavatar{png.jpg} here
\OC_JSON::error(array("data" => array("message" => "notsquare") ));
} catch (\Exception $e) {
\OC_JSON::error(array("data" => array("message" => $e->getMessage()) ));
}
}
public static function deleteAvatar($args) {
$user = OC_User::getUser();
try {
\OC_Avatar::remove($user);
\OC_JSON::success();
} catch (\Exception $e) {
\OC_JSON::error(array("data" => array ("message" => $e->getMessage()) ));
}
}
public static function getTmpAvatar($args) {
// TODO deliver /datadir/$user/tmpavatar.{png|jpg} here, filename may include a timestamp
// TODO make a cronjob that cleans up the tmpavatar after it's older than 2 hours, should be run every hour
$user = OC_User::getUser();
}
public static function postCroppedAvatar($args) {
$user = OC_User::getUser();
$crop = json_decode($_POST['crop'], true);
$image = new \OC_Image($avatar);
$image->crop($x, $y, $w, $h);
$avatar = $image->data();
$cropped = true;
}
}

20
core/routes.php
View File

@ -57,6 +57,26 @@ $this->create('core_lostpassword_reset_password', '/lostpassword/reset/{token}/{
->post() ->post()
->action('OC_Core_LostPassword_Controller', 'resetPassword'); ->action('OC_Core_LostPassword_Controller', 'resetPassword');
// Avatar routes
OC::$CLASSPATH['CoreAvatarController'] = 'core/avatar/controller.php';
$this->create('core_avatar_get', '/avatar/{user}/{size}')
->defaults(array('user' => '', 'size' => 64))
->get()
->action('CoreAvatarController', 'getAvatar');
$this->create('core_avatar_post', '/avatar/')
->post()
->action('CoreAvatarController', 'postAvatar');
$this->create('core_avatar_delete', '/avatar/')
->delete()
->action('CoreAvatarController', 'deleteAvatar');
$this->create('core_avatar_get_tmp', '/avatar/tmp/{size}')
->defaults(array('size' => 64))
->get()
->action('CoreAvatarController', 'getTmpAvatar');
$this->create('core_avatar_post_cropped', '/avatar/cropped')
->post()
->action('CoreAvatarController', 'postCroppedAvatar');
// Not specifically routed // Not specifically routed
$this->create('app_css', '/apps/{app}/{file}') $this->create('app_css', '/apps/{app}/{file}')
->requirements(array('file' => '.*.css')) ->requirements(array('file' => '.*.css'))

2
lib/templatelayout.php
View File

@ -20,7 +20,7 @@ class OC_TemplateLayout extends OC_Template {
// display avatars if they are enabled // display avatars if they are enabled
if (OC_Config::getValue('avatar') === 'gravatar' || OC_Config::getValue('avatar', 'local') === 'local') { if (OC_Config::getValue('avatar') === 'gravatar' || OC_Config::getValue('avatar', 'local') === 'local') {
$this->assign('avatar', '<img class="avatar" src="'.link_to('', 'avatar.php').'?user='.OC_User::getUser().'&size=32">'); $this->assign('avatar', '<img class="avatar" src="'.\OC_Helper::linkToRoute('core_avatar_get').'/'.OC_User::getUser().'/32">');
} }
// Update notification // Update notification

25
settings/js/personal.js
View File

@ -45,7 +45,7 @@ function changeDisplayName(){
} }
function selectAvatar (path) { function selectAvatar (path) {
$.post(OC.filePath('', '', 'avatar.php'), {path: path}, avatarResponseHandler); $.post(OC.router_base_url+'/avatar/', {path: path}, avatarResponseHandler);
} }
function updateAvatar () { function updateAvatar () {
@ -54,22 +54,30 @@ function updateAvatar () {
} }
function showAvatarCropper() { function showAvatarCropper() {
OC.dialogs.message('', t('settings', 'Crop'), undefined, OCdialogs.OK_BUTTON, sendCropData); var $dlg = $('<div id="cropperbox" title="'+t('settings', 'Crop')+'"></div>');
var $dialog = $('#oc-dialog-'+(OC.dialogs.dialogs_counter-1)+'-content'); $('body').append($dlg);
$('#cropperbox').ocdialog({
width: '600px',
height: '600px',
buttons: [{
text: t('settings', 'Crop'),
click: sendCropData,
defaultButton: true
}]
});
var cropper = new Image(); var cropper = new Image();
$(cropper).load(function() { $(cropper).load(function() {
$(this).attr('id', 'cropper'); $(this).attr('id', 'cropper');
$('#oc-dialog-'+(OC.dialogs.dialogs_counter-1)+'-content').html(this); $('#cropperbox').html(this);
$(this).Jcrop({ $(this).Jcrop({
onChange: saveCoords, onChange: saveCoords,
onSelect: saveCoords, onSelect: saveCoords,
aspectRatio: 1 aspectRatio: 1
}); });
}).attr('src', OC.filePath('', '', 'avatar.php')+"?user="+OC.currentUser+"&size=512&tmp="+$('#avatar').data('tmpname')); }).attr('src', OC.router_base_url+'/avatar/tmp/512');
} }
function sendCropData() { function sendCropData() {
var tmp = $('#avatar').data('tmpname');
var cropperdata = $('#cropper').data(); var cropperdata = $('#cropper').data();
var data = { var data = {
x: cropperdata.x, x: cropperdata.x,
@ -77,7 +85,7 @@ function sendCropData() {
w: cropperdata.w, w: cropperdata.w,
h: cropperdata.h h: cropperdata.h
}; };
$.post(OC.filePath('', '', 'avatar.php'), {tmp:tmp, crop: data}, avatarResponseHandler); $.post(OC.router_base_url+'/avatar/', {crop: data}, avatarResponseHandler);
} }
function saveCoords(c) { function saveCoords(c) {
@ -90,7 +98,6 @@ function avatarResponseHandler(data) {
if (data.status === "success") { if (data.status === "success") {
updateAvatar(); updateAvatar();
} else if (data.data.message === "notsquare") { } else if (data.data.message === "notsquare") {
$('#avatar').data('tmpname', data.data.tmpname);
showAvatarCropper(); showAvatarCropper();
} else { } else {
$warning.show(); $warning.show();
@ -206,7 +213,7 @@ $(document).ready(function(){
$('#removeavatar').click(function(){ $('#removeavatar').click(function(){
$.ajax({ $.ajax({
type: 'DELETE', type: 'DELETE',
url: OC.filePath('', '', 'avatar.php'), url: OC.router_base_url+'/avatar/',
success: function(msg) { success: function(msg) {
updateAvatar(); updateAvatar();
} }

4
settings/templates/personal.php
View File

@ -83,10 +83,10 @@ if($_['passwordChangeSupported']) {
} }
?> ?>
<form id="avatar" method="post" action="<?php p(\OC_Helper::linkTo('', 'avatar.php')); ?>"> <form id="avatar" method="post" action="<?php p(\OC_Helper::linkToRoute('core_avatar_post')); ?>">
<fieldset class="personalblock"> <fieldset class="personalblock">
<legend><strong><?php p($l->t('Profile Image')); ?></strong></legend> <legend><strong><?php p($l->t('Profile Image')); ?></strong></legend>
<img src="<?php print_unescaped(link_to('', 'avatar.php').'?user='.OC_User::getUser().'&size=128'); ?>"><br> <img src="<?php print_unescaped(\OC_Helper::linkToRoute('core_avatar_get').'/'.OC_User::getUser().'/128'); ?>"><br>
<em><?php p($l->t('Has to be square and either PNG or JPG')); ?></em><br> <em><?php p($l->t('Has to be square and either PNG or JPG')); ?></em><br>
<div class="warning hidden"></div> <div class="warning hidden"></div>
<div class="inlineblock button" id="uploadavatarbutton"><?php p($l->t('Upload new')); ?></div> <div class="inlineblock button" id="uploadavatarbutton"><?php p($l->t('Upload new')); ?></div>

2
settings/templates/users.php
View File

@ -97,7 +97,7 @@ $_['subadmingroups'] = array_flip($items);
<?php foreach($_["users"] as $user): ?> <?php foreach($_["users"] as $user): ?>
<tr data-uid="<?php p($user["name"]) ?>" <tr data-uid="<?php p($user["name"]) ?>"
data-displayName="<?php p($user["displayName"]) ?>"> data-displayName="<?php p($user["displayName"]) ?>">
<td class="avatar"><img src="<?php print_unescaped(link_to('', 'avatar.php')); ?>?user=<?php p($user['name']); ?>&size=32"></td> <td class="avatar"><img src="<?php print_unescaped(\OC_Helper::linkToRoute('core_avatar_get')); ?>/<?php p($user['name']); ?>/32"></td>
<td class="name"><?php p($user["name"]); ?></td> <td class="name"><?php p($user["name"]); ?></td>
<td class="displayName"><span><?php p($user["displayName"]); ?></span> <img class="svg action" <td class="displayName"><span><?php p($user["displayName"]); ?></span> <img class="svg action"
src="<?php p(image_path('core', 'actions/rename.svg'))?>" src="<?php p(image_path('core', 'actions/rename.svg'))?>"