| [ Index ] |
PHP Cross Reference of Moodle 1.9.3 [Build 15-Oct-2008] |
[Summary view] [Print] [Text view]
1 <?php // $Id: uploadpicture.php,v 1.1.2.5 2008/08/17 22:52:52 skodak Exp $ 2 3 /////////////////////////////////////////////////////////////////////////// 4 // // 5 // Copyright (C) 2007 Inaki Arenaza // 6 // // 7 // Based on .../admin/uploaduser.php and .../lib/gdlib.php // 8 // // 9 // This program is free software; you can redistribute it and/or modify // 10 // it under the terms of the GNU General Public License as published by // 11 // the Free Software Foundation; either version 2 of the License, or // 12 // (at your option) any later version. // 13 // // 14 // This program is distributed in the hope that it will be useful, // 15 // but WITHOUT ANY WARRANTY; without even the implied warranty of // 16 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // 17 // GNU General Public License for more details: // 18 // // 19 // http://www.gnu.org/copyleft/gpl.html // 20 // // 21 /////////////////////////////////////////////////////////////////////////// 22 23 require_once ('../config.php'); 24 require_once($CFG->libdir.'/uploadlib.php'); 25 require_once($CFG->libdir.'/adminlib.php'); 26 require_once($CFG->libdir.'/gdlib.php'); 27 require_once ('uploadpicture_form.php'); 28 29 define ('PIX_FILE_UPDATED', 0); 30 define ('PIX_FILE_ERROR', 1); 31 define ('PIX_FILE_SKIPPED', 2); 32 33 admin_externalpage_setup('uploadpictures'); 34 35 require_login(); 36 37 require_capability('moodle/site:uploadusers', get_context_instance(CONTEXT_SYSTEM)); 38 39 if (!$site = get_site()) { 40 error("Could not find site-level course"); 41 } 42 43 if (!$adminuser = get_admin()) { 44 error("Could not find site admin"); 45 } 46 47 $strfile = get_string('file'); 48 $struser = get_string('user'); 49 $strusersupdated = get_string('usersupdated'); 50 $struploadpictures = get_string('uploadpictures','admin'); 51 52 $userfields = array ( 53 0 => 'username', 54 1 => 'idnumber', 55 2 => 'id' ); 56 57 $userfield = optional_param('userfield', 0, PARAM_INT); 58 $overwritepicture = optional_param('overwritepicture', 0, PARAM_BOOL); 59 60 /// Print the header 61 admin_externalpage_print_header(); 62 print_heading_with_help($struploadpictures, 'uploadpictures'); 63 64 $mform = new admin_uploadpicture_form(); 65 if ($formdata = $mform->get_data()) { 66 if (!array_key_exists($userfield, $userfields)) { 67 notify(get_string('uploadpicture_baduserfield','admin')); 68 } else { 69 // Large files are likely to take their time and memory. Let PHP know 70 // that we'll take longer, and that the process should be recycled soon 71 // to free up memory. 72 @set_time_limit(0); 73 @raise_memory_limit("192M"); 74 if (function_exists('apache_child_terminate')) { 75 @apache_child_terminate(); 76 } 77 78 // Create a unique temporary directory, to process the zip file 79 // contents. 80 $zipdir = my_mktempdir($CFG->dataroot.'/temp/', 'usrpic'); 81 82 if (!$mform->save_files($zipdir)) { 83 notify(get_string('uploadpicture_cannotmovezip','admin')); 84 @remove_dir($zipdir); 85 } else { 86 $dstfile = $zipdir.'/'.$mform->get_new_filename(); 87 if(!unzip_file($dstfile, $zipdir, false)) { 88 notify(get_string('uploadpicture_cannotunzip','admin')); 89 @remove_dir($zipdir); 90 } else { 91 // We don't need the zip file any longer, so delete it to make 92 // it easier to process the rest of the files inside the directory. 93 @unlink($dstfile); 94 95 $results = array ('errors' => 0,'updated' => 0); 96 97 process_directory($zipdir, $userfields[$userfield], $overwritepicture, $results); 98 99 // Finally remove the temporary directory with all the user images and print some stats. 100 remove_dir($zipdir); 101 notify(get_string('usersupdated', 'admin') . ": " . $results['updated']); 102 notify(get_string('errors', 'admin') . ": " . $results['errors']); 103 echo '<hr />'; 104 } 105 } 106 } 107 } 108 $mform->display(); 109 admin_externalpage_print_footer(); 110 exit; 111 112 // ----------- Internal functions ---------------- 113 114 /** 115 * Create a unique temporary directory with a given prefix name, 116 * inside a given directory, with given permissions. Return the 117 * full path to the newly created temp directory. 118 * 119 * @param string $dir where to create the temp directory. 120 * @param string $prefix prefix for the temp directory name (default '') 121 * @param string $mode permissions for the temp directory (default 700) 122 * 123 * @return string The full path to the temp directory. 124 */ 125 function my_mktempdir($dir, $prefix='', $mode=0700) { 126 if (substr($dir, -1) != '/') { 127 $dir .= '/'; 128 } 129 130 do { 131 $path = $dir.$prefix.mt_rand(0, 9999999); 132 } while (!mkdir($path, $mode)); 133 134 return $path; 135 } 136 137 /** 138 * Recursively process a directory, picking regular files and feeding 139 * them to process_file(). 140 * 141 * @param string $dir the full path of the directory to process 142 * @param string $userfield the prefix_user table field to use to 143 * match picture files to users. 144 * @param bool $overwrite overwrite existing picture or not. 145 * @param array $results (by reference) accumulated statistics of 146 * users updated and errors. 147 * 148 * @return nothing 149 */ 150 function process_directory ($dir, $userfield, $overwrite, &$results) { 151 if(!($handle = opendir($dir))) { 152 notify(get_string('uploadpicture_cannotprocessdir','admin')); 153 return; 154 } 155 156 while (false !== ($item = readdir($handle))) { 157 if ($item != '.' && $item != '..') { 158 if (is_dir($dir.'/'.$item)) { 159 process_directory($dir.'/'.$item, $userfield, $overwrite, $results); 160 } else if (is_file($dir.'/'.$item)) { 161 $result = process_file($dir.'/'.$item, $userfield, $overwrite); 162 switch ($result) { 163 case PIX_FILE_ERROR: 164 $results['errors']++; 165 break; 166 case PIX_FILE_UPDATED: 167 $results['updated']++; 168 break; 169 } 170 } 171 // Ignore anything else that is not a directory or a file (e.g., 172 // symbolic links, sockets, pipes, etc.) 173 } 174 } 175 closedir($handle); 176 } 177 178 /** 179 * Given the full path of a file, try to find the user the file 180 * corresponds to and assign him/her this file as his/her picture. 181 * Make extensive checks to make sure we don't open any security holes 182 * and report back any success/error. 183 * 184 * @param string $file the full path of the file to process 185 * @param string $userfield the prefix_user table field to use to 186 * match picture files to users. 187 * @param bool $overwrite overwrite existing picture or not. 188 * 189 * @return integer either PIX_FILE_UPDATED, PIX_FILE_ERROR or 190 * PIX_FILE_SKIPPED 191 */ 192 function process_file ($file, $userfield, $overwrite) { 193 // Add additional checks on the filenames, as they are user 194 // controlled and we don't want to open any security holes. 195 $path_parts = pathinfo(cleardoubleslashes($file)); 196 $basename = $path_parts['basename']; 197 $extension = $path_parts['extension']; 198 if ($basename != clean_param($basename, PARAM_CLEANFILE)) { 199 // The original picture file name has invalid characters 200 notify(get_string('uploadpicture_invalidfilename', 'admin', 201 clean_param($basename, PARAM_CLEANHTML))); 202 return PIX_FILE_ERROR; 203 } 204 205 // The picture file name (without extension) must match the 206 // userfield attribute. 207 $uservalue = substr($basename, 0, 208 strlen($basename) - 209 strlen($extension) - 1); 210 211 // userfield names are safe, so don't quote them. 212 if (!($user = get_record('user', $userfield, addslashes($uservalue)))) { 213 $a = new Object(); 214 $a->userfield = clean_param($userfield, PARAM_CLEANHTML); 215 $a->uservalue = clean_param($uservalue, PARAM_CLEANHTML); 216 notify(get_string('uploadpicture_usernotfound', 'admin', $a)); 217 return PIX_FILE_ERROR; 218 } 219 220 $haspicture = get_field('user', 'picture', 'id', $user->id); 221 if ($haspicture && !$overwrite) { 222 notify(get_string('uploadpicture_userskipped', 'admin', $user->username)); 223 return PIX_FILE_SKIPPED; 224 } 225 226 if (my_save_profile_image($user->id, $file)) { 227 set_field('user', 'picture', 1, 'id', $user->id); 228 notify(get_string('uploadpicture_userupdated', 'admin', $user->username)); 229 return PIX_FILE_UPDATED; 230 } else { 231 notify(get_string('uploadpicture_cannotsave', 'admin', $user->username)); 232 return PIX_FILE_ERROR; 233 } 234 } 235 236 /** 237 * Try to save the given file (specified by its full path) as the 238 * picture for the user with the given id. 239 * 240 * @param integer $id the internal id of the user to assign the 241 * picture file to. 242 * @param string $originalfile the full path of the picture file. 243 * 244 * @return bool 245 */ 246 function my_save_profile_image($id, $originalfile) { 247 $destination = create_profile_image_destination($id, 'user'); 248 if ($destination === false) { 249 return false; 250 } 251 252 return process_profile_image($originalfile, $destination); 253 } 254 255 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Jan 14 11:33:29 2009 | Cross-referenced by PHPXref 0.7 |