Upload avatar in user registration application
Author
Message
45 posts
seditio.com.tr
<?PHP /* ==================== Seditio - Website engine Copyright Neocrome & Seditio Team http://www.neocrome.net [BEGIN_SED] File=users.register.inc.php Version=175 Updated=2012-dec-31 Type=Core Author=Neocrome Description=User auth [END_SED] ==================== */ if (!defined('SED_CODE')) { die('Yanlış URL.'); } $v = sed_import('v','G','ALP'); if ($cfg['maintenance'] && $usr['level'] < $cfg['maintenancelevel']) { sed_diemaintenance(); exit; } if ($cfg['disablereg']) { sed_redirect(sed_url("message", "msg=117", "", true)); exit; } /* === Hook === */ $extp = sed_getextplugins('users.register.first'); if (is_array($extp)) { foreach ($extp as $pl) { include('plugins/'.$pl['pl_code'].'/'.$pl['pl_file'].'.php'); } } /* ===== */ if ($a=='add') { $bannedreason = FALSE; sed_shield_protect(); /* === Hook for the plugins === */ $extp = sed_getextplugins('users.register.add.first'); if (is_array($extp)) { foreach ($extp as $pl) { include('plugins/'.$pl['pl_code'].'/'.$pl['pl_file'].'.php'); } } /* ===== */ $rusername = sed_import('rusername','P','TXT', 24, TRUE); $ruseremail = sed_import('ruseremail','P','TXT', 64, TRUE); $rpassword1 = sed_import('rpassword1','P','TXT', 16); $rpassword2 = sed_import('rpassword2','P','TXT',16); $rcountry = sed_import('rcountry','P','TXT'); $rlocation = sed_import('rlocation','P','TXT'); $rtimezone = sed_import('rtimezone','P','TXT',5); $rtimezone_p = sed_import('rtimezone_p','P','BOL'); $roccupation = sed_import('roccupation','P','TXT'); $rusergender = sed_import('rusergender','P','TXT'); $ryear = sed_import('ryear','P','INT'); $rmonth = sed_import('rmonth','P','INT'); $rday = sed_import('rday','P','INT'); $rusericq = sed_import('rusericq','P','TXT'); $ruserirc = sed_import('ruserirc','P','TXT'); $ruserskype = sed_import('ruserskype','P','TXT'); $ruserwebsite = sed_import('ruserwebsite','P','TXT'); $ruserextra1 = sed_import('ruserextra1','P','TXT'); $ruserextra2 = sed_import('ruserextra2','P','TXT'); $ruserextra3 = sed_import('ruserextra3','P','TXT'); $ruserextra4 = sed_import('ruserextra4','P','TXT'); $ruserextra5 = sed_import('ruserextra5','P','TXT'); $ruserextra6 = sed_import('ruserextra6','P','HTM'); $ruserextra7 = sed_import('ruserextra7','P','HTM'); $ruserextra8 = sed_import('ruserextra8','P','HTM'); $ruserextra9 = sed_import('ruserextra9','P','HTM'); $ruserextra1_p = sed_import('ruserextra1_p','P','BOL'); $ruserextra2_p = sed_import('ruserextra2_p','P','BOL'); $ruserextra3_p = sed_import('ruserextra3_p','P','BOL'); $ruserextra4_p = sed_import('ruserextra4_p','P','BOL'); $ruserextra5_p = sed_import('ruserextra5_p','P','BOL'); $ruserextra6_p = sed_import('ruserextra6_p','P','BOL'); $ruserextra7_p = sed_import('ruserextra7_p','P','BOL'); $ruserextra8_p = sed_import('ruserextra8_p','P','BOL'); $ruserextra9_p = sed_import('ruserextra9_p','P','BOL'); $ruseremail = mb_strtolower($ruseremail); $sql = sed_sql_query("SELECT banlist_reason, banlist_email FROM $db_banlist WHERE banlist_email!=''"); while ($row = sed_sql_fetchassoc($sql)) { if (mb_strpos($ruseremail, $row['banlist_email']) !== FALSE) { $bannedreason = $row['banlist_reason']; } } $sql = sed_sql_query("SELECT COUNT(*) FROM $db_users WHERE user_name='".sed_sql_prep($rusername)."'"); $res1 = sed_sql_result($sql,0,"COUNT(*)"); $sql = sed_sql_query("SELECT COUNT(*) FROM $db_users WHERE user_email='".sed_sql_prep($ruseremail)."'"); $res2 = sed_sql_result($sql,0,"COUNT(*)"); $rusername = str_replace(' ', '', $rusername); $error_string .= (!empty($bannedreason)) ? $L['aut_emailbanned'].$bannedreason."<br />" : ''; $error_string .= (mb_strlen($rusername)<2) ? $L['aut_usernametooshort']."<br />" : ''; $error_string .= (mb_strlen($rpassword1)<4) ? $L['aut_passwordtooshort']."<br />" : ''; $error_string .= (mb_strlen($ruseremail)<4) ? $L['aut_emailtooshort']."<br />" : ''; $error_string .= ($res1>0) ? $L['aut_usernamealreadyindb']."<br />" : ''; $error_string .= ($res2>0) ? $L['aut_emailalreadyindb']."<br />" : ''; $error_string .= ($rpassword1!=$rpassword2) ? $L['aut_passwordmismatch']."<br />" : ''; if (empty($error_string)) { if (sed_sql_rowcount($db_users)==0) { $defgroup = 5; } else { $defgroup = ($cfg['regnoactivation']) ? 4 : 2; } $mdsalt = sed_unique(16); // New sed172 $mdpass = sed_hash($rpassword1, 1, $mdsalt); // New sed172 $mdpass_secret = md5(sed_unique(16)); // New sed172 for generate cookies $ruserbirthdate = ($rmonth=='x' || $rday=='x' || $ryear=='x' || $rmonth==0 || $rday==0 || $ryear==0) ? 0 : sed_mktime(1, 0, 0, $rmonth, $rday, $ryear); $ruserextra1 = ($ruserextra1_p) ? mb_substr($ruserextra1,0,$cfg['extra1tsetting']) : ''; $ruserextra2 = ($ruserextra2_p) ? mb_substr($ruserextra2,0,$cfg['extra2tsetting']) : ''; $ruserextra3 = ($ruserextra3_p) ? mb_substr($ruserextra3,0,$cfg['extra3tsetting']) : ''; $ruserextra4 = ($ruserextra4_p) ? mb_substr($ruserextra4,0,$cfg['extra4tsetting']) : ''; $ruserextra5 = ($ruserextra5_p) ? mb_substr($ruserextra5,0,$cfg['extra5tsetting']) : ''; $ruserextra6 = ($ruserextra6_p) ? $ruserextra6 : ''; $ruserextra7 = ($ruserextra7_p) ? $ruserextra7 : ''; $ruserextra8 = ($ruserextra8_p) ? $ruserextra8 : ''; $ruserextra9 = ($ruserextra9_p) ? $ruserextra9 : ''; $rtimezone = ($rtimezone_p) ? $rtimezone : $cfg['defaulttimezone']; $validationkey = md5(microtime()); sed_shield_update(20, "Registration"); $sql = sed_sql_query("INSERT into $db_users (user_name, user_password, user_salt, user_secret, user_passtype, user_maingrp, user_country, user_location, user_timezone, user_occupation, user_text, user_text_ishtml, user_email, user_hideemail, user_pmnotify, user_skin, user_lang, user_regdate, user_logcount, user_lostpass, user_gender, user_birthdate, user_icq, user_irc, user_skype, user_website, user_extra1, user_extra2, user_extra3, user_extra4, user_extra5, user_extra6, user_extra7, user_extra8, user_extra9, user_lastip) VALUES ('".sed_sql_prep($rusername)."', '$mdpass', '$mdsalt', '$mdpass_secret', 1, ".(int)$defgroup.", '".sed_sql_prep($rcountry)."', '".sed_sql_prep($rlocation)."', '".sed_sql_prep($rtimezone)."', '".sed_sql_prep($roccupation)."', '', ".(int)$ishtml.", '".sed_sql_prep($ruseremail)."', 1, 1, '".$cfg['defaultskin']."', '".$cfg['defaultlang']."', ".(int)$sys['now_offset'].", 0, '$validationkey', '".sed_sql_prep($rusergender)."', ".(int)$ruserbirthdate.", '".sed_sql_prep($rusericq)."', '".sed_sql_prep($ruserirc)."', '".sed_sql_prep($ruserskype)."', '".sed_sql_prep($ruserwebsite)."', '".sed_sql_prep($ruserextra1)."', '".sed_sql_prep($ruserextra2)."', '".sed_sql_prep($ruserextra3)."', '".sed_sql_prep($ruserextra4)."', '".sed_sql_prep($ruserextra5)."', '".sed_sql_prep($ruserextra6)."', '".sed_sql_prep($ruserextra7)."', '".sed_sql_prep($ruserextra8)."', '".sed_sql_prep($ruserextra9)."', '".$usr['ip']."')"); $userid = sed_sql_insertid(); $sql = sed_sql_query("INSERT INTO $db_groups_users (gru_userid, gru_groupid) VALUES (".(int)$userid.", ".(int)$defgroup.")"); $uav_tmp_name = $_FILES['userfile']['tmp_name']; $uav_type = $_FILES['userfile']['type']; $uav_name = $_FILES['userfile']['name']; $uav_size = $_FILES['userfile']['size']; if (!empty($uav_tmp_name)) { @clearstatcache(); } if (!empty($uav_tmp_name) && $uav_size>0) { $dotpos = mb_strrpos($uav_name,".")+1; $f_extension = mb_strtolower(mb_substr($uav_name, $dotpos, 5)); if (is_uploaded_file($uav_tmp_name) && $uav_size>0 && $uav_size<=$cfg['av_maxsize'] && ($f_extension=='jpeg' || $f_extension=='jpg' || $f_extension=='gif' || $f_extension=='png')) { list($w, $h) = @getimagesize($uav_tmp_name); if ($w<=$cfg['av_maxx'] && $h<=$cfg['av_maxy'] ) { $avatar = (int)$userid."-avatar.".$f_extension; $avatarpath = $cfg['av_dir'].$avatar; if (file_exists($avatarpath)) { unlink($avatarpath); } move_uploaded_file($uav_tmp_name, $avatarpath); $uav_size = filesize($avatarpath); $sql = sed_sql_query("UPDATE $db_users SET user_avatar='$avatarpath' WHERE user_id='".(int)$userid."'"); /* === Hook for the plugins === */ $extp = sed_getextplugins('users.register.add.done'); if (is_array($extp)) { foreach ($extp as $pl) { include('plugins/'.$pl['pl_code'].'/'.$pl['pl_file'].'.php'); } } } } } /* ===== */ if ($cfg['regnoactivation'] || $defgroup==5) { sed_redirect(sed_url("message", "msg=106", "", true)); exit; } if ($cfg['regrequireadmin']) { $rsubject = $cfg['maintitle']." - ".$L['aut_regrequesttitle']; $rbody = sprintf($L['aut_regrequest'], $rusername, $rpassword1); $rbody .= "\n\n".$L['aut_contactadmin']; sed_mail ($ruseremail, $rsubject, $rbody); $rsubject = $cfg['maintitle']." - ".$L['aut_regreqnoticetitle']; $rinactive = $cfg['mainurl']."/".sed_url("users", "gm=2&s=regdate&w=desc", "", false, false); $rbody = sprintf($L['aut_regreqnotice'], $rusername, $rinactive); sed_mail ($cfg['adminemail'], $rsubject, $rbody); sed_redirect(sed_url("message", "msg=118", "", true)); exit; } else { $rsubject = $cfg['maintitle']." - ".$L['Registration']; $ractivate = $cfg['mainurl']."/".sed_url("users", "m=register&a=validate&v=".$validationkey, "", false, false); $rbody = sprintf($L['aut_emailreg'], $rusername, $rpassword1, $ractivate); $rbody .= "\n\n".$L['aut_contactadmin']; sed_mail ($ruseremail, $rsubject, $rbody); sed_redirect(sed_url("message", "msg=105", "", true)); exit; } } } elseif ($a=='validate' && mb_strlen($v)==32) { sed_shield_protect(); $sql = sed_sql_query("SELECT user_id FROM $db_users WHERE user_lostpass='$v' AND user_maingrp=2"); if ($row = sed_sql_fetchassoc($sql)) { $sql = sed_sql_query("UPDATE $db_users SET user_maingrp=4 WHERE user_id='".$row['user_id']."' AND user_lostpass='$v'"); $sql = sed_sql_query("UPDATE $db_groups_users SET gru_groupid=4 WHERE gru_groupid=2 AND gru_userid='".$row['user_id']."'"); sed_auth_clear($row['user_id']); sed_redirect(sed_url("message", "msg=106", "", true)); exit; } else { sed_shield_update(7, "Account validation"); sed_log("Wrong validation URL", 'sec'); sed_redirect(sed_url("message", "msg=157", "", true)); exit; } } $form_usergender = sed_selectbox_gender($rusergender,'rusergender'); $form_birthdate = sed_selectbox_date(sed_mktime(1, 0, 0, $rmonth, $rday, $ryear), 'short'); $form_extra1 = "<input type=\"text\" class=\"text\" name=\"ruserextra1\" value=\"".sed_cc($ruserextra1)."\" size=\"32\" maxlength=\"".$cfg['extra1tsetting']."\" /><input type=\"hidden\" name=\"ruserextra1_p\" value=\"1\" />"; $form_extra2 = "<input type=\"text\" class=\"text\" name=\"ruserextra2\" value=\"".sed_cc($ruserextra2)."\" size=\"32\" maxlength=\"".$cfg['extra2tsetting']."\" /><input type=\"hidden\" name=\"ruserextra2_p\" value=\"1\" />"; $form_extra3 = "<input type=\"text\" class=\"text\" name=\"ruserextra3\" value=\"".sed_cc($ruserextra3)."\" size=\"32\" maxlength=\"".$cfg['extra3tsetting']."\" /><input type=\"hidden\" name=\"ruserextra3_p\" value=\"1\" />"; $form_extra4 .= $L['pro_avatarsupload']." (".$cfg['av_maxx']."x".$cfg['av_maxy']."x".$cfg['av_maxsize'].$L['b'].")<br />"; $form_extra4 .= "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"".($cfg['av_maxsize']*1024)."\" />"; $form_extra4 .= "<input name=\"userfile\" type=\"file\" class=\"file\" size=\"24\" /><br />"; $form_extra5 = "<input type=\"text\" class=\"text\" name=\"ruserextra5\" value=\"".sed_cc($ruserextra5)."\" size=\"32\" maxlength=\"".$cfg['extra5tsetting']."\" /><input type=\"hidden\" name=\"ruserextra5_p\" value=\"1\" />"; $form_extra6 = sed_selectbox($ruserextra6,'ruserextra6',$cfg['extra6tsetting'])."<input type=\"hidden\" name=\"ruserextra6_p\" value=\"1\" />"; $form_extra7 = sed_selectbox($ruserextra7,'ruserextra7',$cfg['extra7tsetting'])."<input type=\"hidden\" name=\"ruserextra7_p\" value=\"1\" />"; $form_extra8 = sed_selectbox($ruserextra8,'ruserextra8',$cfg['extra8tsetting'])."<input type=\"hidden\" name=\"ruserextra8_p\" value=\"1\" />"; $form_extra9 = "<textarea name=\"ruserextra9\" rows=\"4\" cols=\"56\">".sed_cc($ruserextra9)."</textarea><input type=\"hidden\" name=\"ruserextra9_p\" value=\"1\" />"; $rtimezone = (empty($rtimezone)) ? $cfg['defaulttimezone'] : $rtimezone; $rcountry = (empty($rcountry)) ? $cfg['defaultcountry'] : $rcountry; $timezonelist = array ('-12', '-11', '-10', '-09', '-08', '-07', '-06', '-05', '-04', '-03', '-03.5', '-02', '-01', '+00', '+01', '+02', '+03', '+03.5', '+04', '+04.5', '+05', '+05.5', '+06', '+07', '+08', '+09', '+09.5', '+10', '+11', '+12'); $form_timezone ="<input type=\"hidden\" name=\"rtimezone_p\" value=\"1\" /><select name=\"rtimezone\" size=\"1\">"; while( list($i,$x) = each($timezonelist) ) { $selected = ($x==$rtimezone) ? "selected=\"selected\"" : ''; $form_timezone .= "<option value=\"$x\" $selected>GMT".$x."</option>"; } $form_timezone .= "</select> ".$usr['gmttime']." / ".sed_build_date($cfg['dateformat'], $sys['now_offset'])." ".$usr['timetext']; $out['subtitle'] = $L['aut_registertitle']; $title_tags[] = array('{MAINTITLE}', '{TITLE}', '{SUBTITLE}'); $title_tags[] = array('%1$s', '%2$s', '%3$s'); $title_data = array($cfg['maintitle'], $out['subtitle'], $cfg['subtitle']); $out['subtitle'] = sed_title('userstitle', $title_tags, $title_data); /* === Hook === */ $extp = sed_getextplugins('users.register.main'); if (is_array($extp)) { foreach ($extp as $pl) { include('plugins/'.$pl['pl_code'].'/'.$pl['pl_file'].'.php'); } } /* ===== */ require("system/header.php"); $t = new XTemplate("skins/".$skin."/users.register.tpl"); if (!empty($error_string)) { $t->assign("USERS_REGISTER_ERROR_BODY",$error_string); $t->parse("MAIN.USERS_REGISTER_ERROR"); } $t->assign(array( "USERS_REGISTER_TITLE" => $L['aut_registertitle'], "USERS_REGISTER_SUBTITLE" => $L['aut_registersubtitle'], "USERS_REGISTER_ADMINEMAIL" => "$sed_adminemail", "USERS_REGISTER_SEND" => sed_url("users", "m=register&a=add"), "USERS_REGISTER_USER" => "<input type=\"text\" class=\"text\" name=\"rusername\" value=\"".sed_cc($rusername)."\" size=\"24\" maxlength=\"24\" />", "USERS_REGISTER_EMAIL" => "<input type=\"text\" class=\"text\" name=\"ruseremail\" value=\"".sed_cc($ruseremail)."\" size=\"24\" maxlength=\"64\" />", "USERS_REGISTER_PASSWORD" => "<input type=\"password\" class=\"password\" name=\"rpassword1\" size=\"8\" maxlength=\"16\" />", "USERS_REGISTER_PASSWORDREPEAT" => "<input type=\"password\" class=\"password\" name=\"rpassword2\" size=\"8\" maxlength=\"16\" />", "USERS_REGISTER_COUNTRY" => sed_selectbox_countries($rcountry, 'rcountry'), "USERS_REGISTER_LOCATION" => "<input type=\"text\" class=\"text\" name=\"rlocation\" value=\"".sed_cc($rlocation)."\" size=\"24\" maxlength=\"64\" />", "USERS_REGISTER_TIMEZONE" => $form_timezone, "USERS_REGISTER_OCCUPATION" => "<input type=\"text\" class=\"text\" name=\"roccupation\" value=\"".sed_cc($roccupation)."\" size=\"24\" maxlength=\"64\" />", "USERS_REGISTER_GENDER" => $form_usergender, "USERS_REGISTER_BIRTHDATE" => $form_birthdate, "USERS_REGISTER_WEBSITE" => "<input type=\"text\" class=\"text\" name=\"ruserwebsite\" value=\"".sed_cc($ruserwebsite)."\" size=\"56\" maxlength=\"128\" />", "USERS_REGISTER_ICQ" => "<input type=\"text\" class=\"text\" name=\"rusericq\" value=\"".sed_cc($rusericq)."\" size=\"32\" maxlength=\"16\" />", "USERS_REGISTER_IRC" => "<input type=\"text\" class=\"text\" name=\"ruserirc\" value=\"".sed_cc($ruserirc)."\" size=\"56\" maxlength=\"128\" />", "USERS_REGISTER_SKYPE" => "<input type=\"text\" class=\"text\" name=\"ruserskype\" value=\"".sed_cc($ruserskype)."\" size=\"32\" maxlength=\"64\" />", "USERS_REGISTER_EXTRA1" => $form_extra1, "USERS_REGISTER_EXTRA2" => $form_extra2, "USERS_REGISTER_EXTRA3" => $form_extra3, "USERS_REGISTER_EXTRA4" => $form_extra4, "USERS_REGISTER_EXTRA5" => $form_extra5, "USERS_REGISTER_EXTRA6" => $form_extra6, "USERS_REGISTER_EXTRA7" => $form_extra7, "USERS_REGISTER_EXTRA8" => $form_extra8, "USERS_REGISTER_EXTRA9" => $form_extra9, )); /* === Hook === */ $extp = sed_getextplugins('users.register.tags'); if (is_array($extp)) { foreach ($extp as $pl) { include('plugins/'.$pl['pl_code'].'/'.$pl['pl_file'].'.php'); } } /* ===== */ $t->parse("MAIN"); $t->out("MAIN"); require("system/footer.php"); ?>