function validateAvatar($avatar_path)
{
if (!$GLOBALS['conf']['avatar']['allow_avatars'] || !$avatar_path) {
return false;
}
preg_match('/^(http|vfs):\\/\\/(.*)\\/(gallery|uploaded|.*)\\/(.*\\..*)/i', $avatar_path, $matches);
switch ($matches[1]) {
case 'http':
if (!$GLOBALS['conf']['avatar']['enable_external']) {
/* Avatar is external and external avatars have been
* disabled. */
return false;
}
$dimensions = @getimagesize($avatar_path);
if ($dimensions === false || $dimensions[0] > $GLOBALS['conf']['avatar']['max_width'] || $dimensions[1] > $GLOBALS['conf']['avatar']['max_height']) {
/* Avatar is external and external avatars are
* enabled, but the image is too wide or high. */
return false;
} else {
$avatar = null;
$flock = fopen($avatar_path, 'r');
while (!feof($flock)) {
$avatar .= fread($flock, 2048);
}
fclose($flock);
if (strlen($avatar) > $GLOBALS['conf']['avatar']['max_size'] * 1024) {
/* Avatar is external and external avatars have
* been enabled, but the file is too large. */
return false;
}
}
return true;
case 'vfs':
switch ($matches[3]) {
case 'gallery':
/* Avatar is within the gallery. */
return $GLOBALS['conf']['avatar']['enable_gallery'];
case 'uploaded':
/* Avatar is within the uploaded avatar collection. */
return $GLOBALS['conf']['avatar']['enable_uploads'];
default:
/* Malformed URL. */
return false;
}
break;
default:
/* Malformed URL. */
return false;
}
return false;
}/**
* Copyright 2005-2007 Andrew Hosie <*****@*****.**>
*
* See the enclosed file COPYING for license information (GPL). If you
* did not receive this file, see http://www.horde.org/licenses/gpl.
*/
function handle_avatarselect($updated)
{
if ($GLOBALS['conf']['avatar']['allow_avatars']) {
$avatar_path = Horde_Util::getFormData('avatar_path');
$avatar_path = Agora::validateAvatar($avatar_path) ? $avatar_path : null;
if ($avatar_path) {
$GLOBALS['prefs']->setValue('avatar_path', $avatar_path);
$updated = true;
}
}
return $updated;
}
