function validateAvatar($avatar_path)
{
if (!$GLOBALS['conf']['avatar']['allow_avatars'] || !$avatar_path) {
return false;
}
preg_match('/^(http|vfs):\\/\\/(.*)\\/(gallery|uploaded|.*)\\/(.*\\..*)/i', $avatar_path, $matches);
switch ($matches[1]) {
case 'http':
if (!$GLOBALS['conf']['avatar']['enable_external']) {
/* Avatar is external and external avatars have been
* disabled. */
return false;
}
$dimensions = @getimagesize($avatar_path);
if ($dimensions === false || $dimensions[0] > $GLOBALS['conf']['avatar']['max_width'] || $dimensions[1] > $GLOBALS['conf']['avatar']['max_height']) {
/* Avatar is external and external avatars are
* enabled, but the image is too wide or high. */
return false;
} else {
$avatar = null;
$flock = fopen($avatar_path, 'r');
while (!feof($flock)) {
$avatar .= fread($flock, 2048);
}
fclose($flock);
if (strlen($avatar) > $GLOBALS['conf']['avatar']['max_size'] * 1024) {
/* Avatar is external and external avatars have
* been enabled, but the file is too large. */
return false;
}
}
return true;
case 'vfs':
switch ($matches[3]) {
case 'gallery':
/* Avatar is within the gallery. */
return $GLOBALS['conf']['avatar']['enable_gallery'];
case 'uploaded':
/* Avatar is within the uploaded avatar collection. */
return $GLOBALS['conf']['avatar']['enable_uploads'];
default:
/* Malformed URL. */
return false;
}
break;
default:
/* Malformed URL. */
return false;
}
return false;
}