Have /avatar.php as a central avatar-point

avatar.php

@@ -0,0 +1,36 @@
+<?php
+
+require_once 'lib/base.php';
+
+$mode = \OC_Avatar::getMode();
+if ($mode === "none") {
+	exit();
+}
+
+if (isset($_GET['user'])) {
+	//SECURITY TODO does this fully eliminate directory traversals?
+	$user = stripslashes($_GET['user']);
+} else {
+	$user = false;
+}
+
+if (isset($_GET['size']) && ((int)$_GET['size'] > 0)) {
+	$size = (int)$_GET['size'];
+	if ($size > 2048) {
+		$size = 2048;
+	}
+} else {
+	$size = 64;
+}
+
+
+$image = \OC_Avatar::get($user, $size);
+
+if ($image instanceof \OC_Image) {
+	$image->show();
+} elseif (is_string($image)) { // Gravatar alike services
+	header("Location: ".$image);
+} else {
+	$image = \OC_Avatar::getDefaultAvatar($size);
+	$image->show();
+}

core/ajax/getavatar.php

@@ -1,14 +0,0 @@
-<?php
-
-OC_JSON::checkLoggedIn();
-OC_JSON::callCheck();
-
-if(isset($_POST['user'])) {
-	if(isset($_POST['size'])) {
-		OC_JSON::success(array('data' => \OC_Avatar::get($_POST['user'], $_POST['size'])));
-	} else {
-		OC_JSON::success(array('data' => \OC_Avatar::get($_POST['user'])));
-	}
-} else {
-	OC_JSON::error();
-}

core/routes.php

@@ -36,9 +36,6 @@ $this->create('core_ajax_vcategories_favorites', '/core/ajax/vcategories/favorit
 	->actionInclude('core/ajax/vcategories/favorites.php');
 $this->create('core_ajax_vcategories_edit', '/core/ajax/vcategories/edit.php')
 	->actionInclude('core/ajax/vcategories/edit.php');
-// Avatars
-$this->create('core_ajax_getavatar', '/core/ajax/getavatar.php')
-	->actionInclude('core/ajax/getavatar.php');
 // oC JS config
 $this->create('js_config', '/core/js/config.js')
 	->actionInclude('core/js/config.php');

lib/avatar.php

@@ -14,20 +14,26 @@
 
 class OC_Avatar {
 	/**
-	 * @brief gets a link to the users avatar
+	 * @brief gets the users avatar
-	 * @param $user string username
+	 * @param $user string username, if not provided, the default avatar will be returned
 	 * @param $size integer size in px of the avatar, defaults to 64
-	 * @return mixed link to the avatar, false if avatars are disabled
+	 * @return mixed \OC_Image containing the avatar, a link to the avatar, false if avatars are disabled
 	*/
-	public static function get ($user, $size = 64) {
+	public static function get ($user = false, $size = 64) {
-		$mode = OC_Config::getValue("avatar", "local");
+		$mode = self::getMode();
 		if ($mode === "none") {
 			// avatars are disabled
 			return false;
-		} elseif ($mode === "gravatar") {
+		} else {
-			return \OC_Avatar::getGravatar($user, $size);
+			if ($user === false) {
-		} elseif ($mode === "local") {
+				return self::getDefaultAvatar($size);
-			return \OC_Avatar::getLocalAvatar($user, $size);
+			} elseif ($mode === "gravatar") {
+				return self::getGravatar($user, $size);
+			} elseif ($mode === "local") {
+				return self::getLocalAvatar($user, $size);
+			} elseif ($mode === "custom") {
+				return self::getCustomAvatar($user, $size);
+			}
 		}
 	}
 
@@ -36,7 +42,7 @@ class OC_Avatar {
 	 * @return string active avatar mode
 	*/
 	public static function getMode () {
-		return OC_Config::getValue("avatar", "local");
+		return \OC_Config::getValue("avatar", "local");
 	}
 
 	/**
@@ -56,15 +62,14 @@ class OC_Avatar {
 			return true;
 		} else {
 			$img = new OC_Image($data);
-			// FIXME this always says "image/png", when loading from data
 			$type = substr($img->mimeType(), -3);
 			if ($type === 'peg') { $type = 'jpg'; }
 			if ($type !== 'jpg' && $type !== 'png') {
-				throw new Exception();
+				throw new Exception("Unknown filetype for avatar");
 			}
 
 			if (!( $img->valid() && ($img->height() === $img->width()) )) {
-				throw new Exception();
+				throw new Exception("Invalid image, or the provided image is not square");
 			}
 
 			$view->unlink('avatar.jpg');
@@ -78,16 +83,16 @@ class OC_Avatar {
 	 * @brief get the users gravatar
 	 * @param $user string which user to get the gravatar for
 	 * @param size integer size in px of the avatar, defaults to 64
-	 * @return string link to the gravatar, or base64encoded, html-ready image
+	 * @return string link to the gravatar, or \OC_Image with the default avatar
 	*/
 	public static function getGravatar ($user, $size = 64) {
-		$email = OC_Preferences::getValue($user, 'settings', 'email');
+		$email = \OC_Preferences::getValue($user, 'settings', 'email');
 		if ($email !== null) {
 			$emailhash = md5(strtolower(trim($email)));
 			$url = "http://www.gravatar.com/avatar/".$emailhash."?s=".$size;
 			return $url;
 		} else {
-			return \OC_Avatar::wrapIntoImg(\OC_Avatar::getDefaultAvatar($size), 'png');
+			return self::getDefaultAvatar($size);
 		}
 	}
 
@@ -95,42 +100,39 @@ class OC_Avatar {
 	 * @brief get the local avatar
 	 * @param $user string which user to get the avatar for
 	 * @param $size integer size in px of the avatar, defaults to 64
-	 * @return string base64encoded encoded, html-ready image
+	 * @return string \OC_Image containing the avatar
 	*/
 	public static function getLocalAvatar ($user, $size = 64) {
 		$view = new \OC\Files\View('/'.$user);
 
 		if ($view->file_exists('avatar.jpg')) {
-			$type = 'jpg';
+			$ext = 'jpg';
 		} elseif ($view->file_exists('avatar.png')) {
-			$type = 'png';
+			$ext = 'png';
 		} else {
-			return \OC_Avatar::wrapIntoImg(\OC_Avatar::getDefaultAvatar($size), 'png');
+			return self::getDefaultAvatar($size);
 		}
 
-		$avatar = new OC_Image($view->file_get_contents('avatar.'.$type));
+		$avatar = new OC_Image($view->file_get_contents('avatar.'.$ext));
 		$avatar->resize($size);
-		return \OC_Avatar::wrapIntoImg((string)$avatar, $type);
+		return $avatar;
+	}
+
+	/**
+	 *
+	*/
+	public static function getCustomAvatar($user, $size) {
+		// TODO
 	}
 
 	/**
 	 * @brief gets the default avatar
 	 * @param $size integer size of the avatar in px, defaults to 64
-	 * @return string base64 encoded default avatar
+	 * @return \OC_Image containing the default avatar
 	*/
 	public static function getDefaultAvatar ($size = 64) {
 		$default = new OC_Image(OC::$SERVERROOT."/core/img/defaultavatar.png");
 		$default->resize($size);
-		return (string)$default;
+		return $default;
-	}
-
-	/**
-	 * @brief wrap a base64encoded image, so it can be used in html
-	 * @param $img string base64encoded image
-	 * @param $type string imagetype
-	 * @return string wrapped image
-	*/
-	public static function wrapIntoImg($img, $type) {
-		return 'data:image/'.$type.';base64,'.$img;
 	}
 }

settings/js/personal.js

@@ -50,9 +50,7 @@ function selectAvatar (path) {
 }
 
 function updateAvatar () {
-	$.post(OC.filePath('core', 'ajax', 'getavatar.php'), {user: OC.currentUser, size: 128}, function(data){
+	$('#avatar img').attr('src', OC.filePath('', '', 'avatar.php?user='+OC.currentUser+'&size=128'));
-		$('#avatar img').attr('src', data.data);
-	});
 }
 
 $(document).ready(function(){

settings/templates/personal.php

@@ -84,12 +84,12 @@ if($_['passwordChangeSupported']) {
 ?>
 
 <?php if ($_['avatar'] === "local"): ?>
-<form id="avatar">
+<form id="avatar" method="post" action="<?php p(\OC_Helper::linkToRoute('settings_ajax_newavatar')); ?>">
 	<fieldset class="personalblock">
 		<legend><strong><?php p($l->t('Avatar')); ?></strong></legend>
 		<img src="<?php print_unescaped(link_to('', 'avatar.php').'?user='.OC_User::getUser().'&size=128'); ?>"><br>
 		<em><?php p($l->t('Your avatar has to be a square and either a PNG or JPG image')); ?></em><br>
-		<div class="inlineblock button" id="uploadavatar"><?php p($l->t('Upload a new avatar')); ?></div>
+		<input type="file" class="inlineblock button" name="files[]" id="uploadavatar" value="<?php p($l->t('Upload a new avatar')); ?>">
 		<div class="inlineblock button" id="selectavatar"><?php p($l->t('Select a new avatar from your files')); ?></div>
 		<div class="inlineblock button" id="removeavatar"><?php p($l->t('Remove my avatar')); ?></div>
 	</fieldset>

tests/lib/avatar.php

@@ -29,15 +29,17 @@ class Test_Avatar extends PHPUnit_Framework_TestCase {
 
 	public function testLocalAvatar() {
 		\OC_Config::setValue('avatar', 'local');
-		$this->assertEquals(\OC_Avatar::get(\OC_User::getUser()), \OC_Avatar::wrapIntoImg(\OC_Avatar::getDefaultAvatar(), 'png'));
+		$expected = \OC_Avatar::getDefaultAvatar()->data();
+		$this->assertEquals($expected, \OC_Avatar::get(\OC_User::getUser())->data());
 
 		$expected = new OC_Image(\OC::$SERVERROOT.'/tests/data/testavatar.png');
 		\OC_Avatar::setLocalAvatar(\OC_User::getUser(), $expected->data());
-		$expected->resize(32);
+		$expected->resize(64);
-		$this->assertEquals($expected, \OC_Avatar::get(\OC_User::getUser()));
+		$this->assertEquals($expected->data(), \OC_Avatar::get(\OC_User::getUser())->data());
 
 		\OC_Avatar::setLocalAvatar(\OC_User::getUser(), false);
-		$this->assertEquals(\OC_Avatar::get(\OC_User::getUser()), \OC_Avatar::wrapIntoImg(\OC_Avatar::getDefaultAvatar(), 'png'));
+		$expected = \OC_Avatar::getDefaultAvatar()->data();
+		$this->assertEquals($expected, \OC_Avatar::get(\OC_User::getUser())->data());
 	}
 
 	public function testGravatar() {
@@ -51,11 +53,6 @@ class Test_Avatar extends PHPUnit_Framework_TestCase {
 	public function testDefaultAvatar() {
 		$img = new \OC_Image(OC::$SERVERROOT.'/core/img/defaultavatar.png');
 		$img->resize(128);
-		$this->assertEquals((string)$img, \OC_Avatar::getDefaultAvatar(128));
+		$this->assertEquals($img->data(), \OC_Avatar::getDefaultAvatar(128)->data());
-	}
-
-	public function testWrapIntoImg() {
-		$expected = "data:image/test;base64,DUMMY==123==";
-		$this->assertEquals($expected, \OC_Avatar::wrapIntoImg("DUMMY==123==", "test"));
 	}
 }