3 ///////////////////////////////////////////////////////////////////////////
5 // Copyright (C) 2007 Inaki Arenaza //
7 // Based on .../admin/uploaduser.php and .../lib/gdlib.php //
9 // This program is free software; you can redistribute it and/or modify //
10 // it under the terms of the GNU General Public License as published by //
11 // the Free Software Foundation; either version 2 of the License, or //
12 // (at your option) any later version. //
14 // This program is distributed in the hope that it will be useful, //
15 // but WITHOUT ANY WARRANTY; without even the implied warranty of //
16 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
17 // GNU General Public License for more details: //
19 // http://www.gnu.org/copyleft/gpl.html //
21 ///////////////////////////////////////////////////////////////////////////
23 require_once('../config.php');
24 require_once($CFG->libdir
.'/adminlib.php');
25 require_once($CFG->libdir
.'/gdlib.php');
26 require_once('uploadpicture_form.php');
28 define ('PIX_FILE_UPDATED', 0);
29 define ('PIX_FILE_ERROR', 1);
30 define ('PIX_FILE_SKIPPED', 2);
32 admin_externalpage_setup('uploadpictures');
36 require_capability('moodle/site:uploadusers', get_context_instance(CONTEXT_SYSTEM
));
40 if (!$adminuser = get_admin()) {
41 print_error('noadmins', 'error');
44 $strfile = get_string('file');
45 $struser = get_string('user');
46 $strusersupdated = get_string('usersupdated', 'admin');
47 $struploadpictures = get_string('uploadpictures','admin');
54 $userfield = optional_param('userfield', 0, PARAM_INT
);
55 $overwritepicture = optional_param('overwritepicture', 0, PARAM_BOOL
);
58 echo $OUTPUT->header();
60 echo $OUTPUT->heading_with_help($struploadpictures, 'uploadpictures', 'admin');
62 $mform = new admin_uploadpicture_form(null, $userfields);
63 if ($formdata = $mform->get_data()) {
64 if (!array_key_exists($userfield, $userfields)) {
65 echo $OUTPUT->notification(get_string('uploadpicture_baduserfield','admin'));
67 // Large files are likely to take their time and memory. Let PHP know
68 // that we'll take longer, and that the process should be recycled soon
71 raise_memory_limit(MEMORY_EXTRA
);
73 // Create a unique temporary directory, to process the zip file
75 $zipdir = my_mktempdir($CFG->dataroot
.'/temp/', 'usrpic');
76 $dstfile = $zipdir.'/images.zip';
78 if (!$mform->save_file('userpicturesfile', $dstfile, true)) {
79 echo $OUTPUT->notification(get_string('uploadpicture_cannotmovezip','admin'));
82 $fp = get_file_packer('application/zip');
83 $unzipresult = $fp->extract_to_pathname($dstfile, $zipdir);
85 echo $OUTPUT->notification(get_string('uploadpicture_cannotunzip','admin'));
88 // We don't need the zip file any longer, so delete it to make
89 // it easier to process the rest of the files inside the directory.
92 $results = array ('errors' => 0,'updated' => 0);
94 process_directory($zipdir, $userfields[$userfield], $overwritepicture, $results);
97 // Finally remove the temporary directory with all the user images and print some stats.
99 echo $OUTPUT->notification(get_string('usersupdated', 'admin') . ": " . $results['updated']);
100 echo $OUTPUT->notification(get_string('errors', 'admin') . ": " . $results['errors']);
107 echo $OUTPUT->footer();
110 // ----------- Internal functions ----------------
113 * Create a unique temporary directory with a given prefix name,
114 * inside a given directory, with given permissions. Return the
115 * full path to the newly created temp directory.
117 * @param string $dir where to create the temp directory.
118 * @param string $prefix prefix for the temp directory name (default '')
120 * @return string The full path to the temp directory.
122 function my_mktempdir($dir, $prefix='') {
125 if (substr($dir, -1) != '/') {
130 $path = $dir.$prefix.mt_rand(0, 9999999);
131 } while (file_exists($path));
133 check_dir_exists($path);
139 * Recursively process a directory, picking regular files and feeding
140 * them to process_file().
142 * @param string $dir the full path of the directory to process
143 * @param string $userfield the prefix_user table field to use to
144 * match picture files to users.
145 * @param bool $overwrite overwrite existing picture or not.
146 * @param array $results (by reference) accumulated statistics of
147 * users updated and errors.
151 function process_directory ($dir, $userfield, $overwrite, &$results) {
153 if(!($handle = opendir($dir))) {
154 echo $OUTPUT->notification(get_string('uploadpicture_cannotprocessdir','admin'));
158 while (false !== ($item = readdir($handle))) {
159 if ($item != '.' && $item != '..') {
160 if (is_dir($dir.'/'.$item)) {
161 process_directory($dir.'/'.$item, $userfield, $overwrite, $results);
162 } else if (is_file($dir.'/'.$item)) {
163 $result = process_file($dir.'/'.$item, $userfield, $overwrite);
166 $results['errors']++
;
168 case PIX_FILE_UPDATED
:
169 $results['updated']++
;
173 // Ignore anything else that is not a directory or a file (e.g.,
174 // symbolic links, sockets, pipes, etc.)
181 * Given the full path of a file, try to find the user the file
182 * corresponds to and assign him/her this file as his/her picture.
183 * Make extensive checks to make sure we don't open any security holes
184 * and report back any success/error.
186 * @param string $file the full path of the file to process
187 * @param string $userfield the prefix_user table field to use to
188 * match picture files to users.
189 * @param bool $overwrite overwrite existing picture or not.
191 * @return integer either PIX_FILE_UPDATED, PIX_FILE_ERROR or
194 function process_file ($file, $userfield, $overwrite) {
197 // Add additional checks on the filenames, as they are user
198 // controlled and we don't want to open any security holes.
199 $path_parts = pathinfo(cleardoubleslashes($file));
200 $basename = $path_parts['basename'];
201 $extension = $path_parts['extension'];
203 // The picture file name (without extension) must match the
204 // userfield attribute.
205 $uservalue = substr($basename, 0,
207 strlen($extension) - 1);
209 // userfield names are safe, so don't quote them.
210 if (!($user = $DB->get_record('user', array ($userfield => $uservalue, 'deleted' => 0)))) {
212 $a->userfield
= clean_param($userfield, PARAM_CLEANHTML
);
213 $a->uservalue
= clean_param($uservalue, PARAM_CLEANHTML
);
214 echo $OUTPUT->notification(get_string('uploadpicture_usernotfound', 'admin', $a));
215 return PIX_FILE_ERROR
;
218 $haspicture = $DB->get_field('user', 'picture', array('id'=>$user->id
));
219 if ($haspicture && !$overwrite) {
220 echo $OUTPUT->notification(get_string('uploadpicture_userskipped', 'admin', $user->username
));
221 return PIX_FILE_SKIPPED
;
224 if (my_save_profile_image($user->id
, $file)) {
225 $DB->set_field('user', 'picture', 1, array('id'=>$user->id
));
226 echo $OUTPUT->notification(get_string('uploadpicture_userupdated', 'admin', $user->username
));
227 return PIX_FILE_UPDATED
;
229 echo $OUTPUT->notification(get_string('uploadpicture_cannotsave', 'admin', $user->username
));
230 return PIX_FILE_ERROR
;
235 * Try to save the given file (specified by its full path) as the
236 * picture for the user with the given id.
238 * @param integer $id the internal id of the user to assign the
240 * @param string $originalfile the full path of the picture file.
244 function my_save_profile_image($id, $originalfile) {
245 $context = get_context_instance(CONTEXT_USER
, $id);
246 return process_new_icon($context, 'user', 'icon', 0, $originalfile);