MDL-23984 using standard checkdirexists for lang packs
[moodle.git] / admin / uploadpicture.php
CommitLineData
9e492db0 1<?php
b352b2e9 2
3///////////////////////////////////////////////////////////////////////////
4// //
5// Copyright (C) 2007 Inaki Arenaza //
6// //
7// Based on .../admin/uploaduser.php and .../lib/gdlib.php //
8// //
9// This program is free software; you can redistribute it and/or modify //
10// it under the terms of the GNU General Public License as published by //
11// the Free Software Foundation; either version 2 of the License, or //
12// (at your option) any later version. //
13// //
14// This program is distributed in the hope that it will be useful, //
15// but WITHOUT ANY WARRANTY; without even the implied warranty of //
16// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
17// GNU General Public License for more details: //
18// //
19// http://www.gnu.org/copyleft/gpl.html //
20// //
21///////////////////////////////////////////////////////////////////////////
22
23require_once('../config.php');
b352b2e9 24require_once($CFG->libdir.'/adminlib.php');
25require_once($CFG->libdir.'/gdlib.php');
26require_once('uploadpicture_form.php');
27
c74ca0e9 28define ('PIX_FILE_UPDATED', 0);
29define ('PIX_FILE_ERROR', 1);
20207b82
PS
30define ('PIX_FILE_SKIPPED', 2);
31
86540fcc 32admin_externalpage_setup('uploadpictures');
b352b2e9 33
34require_login();
35
957f6fc9 36require_capability('moodle/site:uploadusers', get_context_instance(CONTEXT_SYSTEM));
b352b2e9 37
2a250a0b 38$site = get_site();
b352b2e9 39
40if (!$adminuser = get_admin()) {
8e9d88f2 41 print_error('noadmins', 'error');
b352b2e9 42}
43
44$strfile = get_string('file');
45$struser = get_string('user');
6c7a5df7 46$strusersupdated = get_string('usersupdated', 'admin');
b352b2e9 47$struploadpictures = get_string('uploadpictures','admin');
b352b2e9 48
49$userfields = array (
50 0 => 'username',
51 1 => 'idnumber',
52 2 => 'id' );
53
54$userfield = optional_param('userfield', 0, PARAM_INT);
55$overwritepicture = optional_param('overwritepicture', 0, PARAM_BOOL);
56
57/// Print the header
61ef8f9f 58echo $OUTPUT->header();
9e492db0 59
6c7a5df7 60echo $OUTPUT->heading_with_help($struploadpictures, 'uploadpictures', 'admin');
b352b2e9 61
70f01544 62$mform = new admin_uploadpicture_form(null, $userfields);
294ce987 63if ($formdata = $mform->get_data()) {
b352b2e9 64 if (!array_key_exists($userfield, $userfields)) {
8fbce1c8 65 echo $OUTPUT->notification(get_string('uploadpicture_baduserfield','admin'));
b352b2e9 66 } else {
67 // Large files are likely to take their time and memory. Let PHP know
68 // that we'll take longer, and that the process should be recycled soon
69 // to free up memory.
70 @set_time_limit(0);
71 @raise_memory_limit("192M");
72 if (function_exists('apache_child_terminate')) {
73 @apache_child_terminate();
74 }
20207b82 75
b352b2e9 76 // Create a unique temporary directory, to process the zip file
77 // contents.
941c3027
RW
78 $zipdir = my_mktempdir($CFG->dataroot.'/temp/', 'usrpic');
79 $dstfile = $zipdir.'/images.zip';
669a9e56 80
941c3027 81 if (!$mform->save_file('userpicturesfile', $dstfile, true)) {
8fbce1c8 82 echo $OUTPUT->notification(get_string('uploadpicture_cannotmovezip','admin'));
b352b2e9 83 @remove_dir($zipdir);
84 } else {
172dd12c 85 if (!unzip_file($dstfile, $zipdir, false)) {
8fbce1c8 86 echo $OUTPUT->notification(get_string('uploadpicture_cannotunzip','admin'));
b352b2e9 87 @remove_dir($zipdir);
88 } else {
89 // We don't need the zip file any longer, so delete it to make
90 // it easier to process the rest of the files inside the directory.
91 @unlink($dstfile);
20207b82 92
c74ca0e9 93 $results = array ('errors' => 0,'updated' => 0);
94
95 process_directory($zipdir, $userfields[$userfield], $overwritepicture, $results);
96
20207b82 97
b352b2e9 98 // Finally remove the temporary directory with all the user images and print some stats.
99 remove_dir($zipdir);
8fbce1c8 100 echo $OUTPUT->notification(get_string('usersupdated', 'admin') . ": " . $results['updated']);
101 echo $OUTPUT->notification(get_string('errors', 'admin') . ": " . $results['errors']);
b352b2e9 102 echo '<hr />';
103 }
104 }
105 }
106}
107$mform->display();
73d6f52f 108echo $OUTPUT->footer();
b352b2e9 109exit;
110
111// ----------- Internal functions ----------------
112
c74ca0e9 113/**
114 * Create a unique temporary directory with a given prefix name,
115 * inside a given directory, with given permissions. Return the
116 * full path to the newly created temp directory.
117 *
118 * @param string $dir where to create the temp directory.
119 * @param string $prefix prefix for the temp directory name (default '')
120 * @param string $mode permissions for the temp directory (default 700)
121 *
122 * @return string The full path to the temp directory.
123 */
b352b2e9 124function my_mktempdir($dir, $prefix='', $mode=0700) {
125 if (substr($dir, -1) != '/') {
126 $dir .= '/';
127 }
128
129 do {
130 $path = $dir.$prefix.mt_rand(0, 9999999);
131 } while (!mkdir($path, $mode));
132
133 return $path;
134}
135
c74ca0e9 136/**
137 * Recursively process a directory, picking regular files and feeding
138 * them to process_file().
139 *
140 * @param string $dir the full path of the directory to process
141 * @param string $userfield the prefix_user table field to use to
142 * match picture files to users.
143 * @param bool $overwrite overwrite existing picture or not.
144 * @param array $results (by reference) accumulated statistics of
145 * users updated and errors.
146 *
147 * @return nothing
148 */
149function process_directory ($dir, $userfield, $overwrite, &$results) {
8fbce1c8 150 global $OUTPUT;
c74ca0e9 151 if(!($handle = opendir($dir))) {
8fbce1c8 152 echo $OUTPUT->notification(get_string('uploadpicture_cannotprocessdir','admin'));
c74ca0e9 153 return;
154 }
155
156 while (false !== ($item = readdir($handle))) {
157 if ($item != '.' && $item != '..') {
158 if (is_dir($dir.'/'.$item)) {
159 process_directory($dir.'/'.$item, $userfield, $overwrite, $results);
160 } else if (is_file($dir.'/'.$item)) {
161 $result = process_file($dir.'/'.$item, $userfield, $overwrite);
162 switch ($result) {
163 case PIX_FILE_ERROR:
164 $results['errors']++;
165 break;
166 case PIX_FILE_UPDATED:
167 $results['updated']++;
168 break;
169 }
170 }
171 // Ignore anything else that is not a directory or a file (e.g.,
172 // symbolic links, sockets, pipes, etc.)
173 }
174 }
175 closedir($handle);
176}
177
178/**
179 * Given the full path of a file, try to find the user the file
180 * corresponds to and assign him/her this file as his/her picture.
181 * Make extensive checks to make sure we don't open any security holes
182 * and report back any success/error.
183 *
184 * @param string $file the full path of the file to process
185 * @param string $userfield the prefix_user table field to use to
186 * match picture files to users.
187 * @param bool $overwrite overwrite existing picture or not.
188 *
189 * @return integer either PIX_FILE_UPDATED, PIX_FILE_ERROR or
190 * PIX_FILE_SKIPPED
191 */
192function process_file ($file, $userfield, $overwrite) {
8fbce1c8 193 global $DB, $OUTPUT;
20207b82 194
c74ca0e9 195 // Add additional checks on the filenames, as they are user
196 // controlled and we don't want to open any security holes.
197 $path_parts = pathinfo(cleardoubleslashes($file));
198 $basename = $path_parts['basename'];
199 $extension = $path_parts['extension'];
669a9e56 200
c74ca0e9 201 // The picture file name (without extension) must match the
202 // userfield attribute.
203 $uservalue = substr($basename, 0,
204 strlen($basename) -
205 strlen($extension) - 1);
206
207 // userfield names are safe, so don't quote them.
086f0e6f 208 if (!($user = $DB->get_record('user', array ($userfield => $uservalue, 'deleted' => 0)))) {
c74ca0e9 209 $a = new Object();
210 $a->userfield = clean_param($userfield, PARAM_CLEANHTML);
211 $a->uservalue = clean_param($uservalue, PARAM_CLEANHTML);
8fbce1c8 212 echo $OUTPUT->notification(get_string('uploadpicture_usernotfound', 'admin', $a));
c74ca0e9 213 return PIX_FILE_ERROR;
214 }
215
216 $haspicture = $DB->get_field('user', 'picture', array('id'=>$user->id));
217 if ($haspicture && !$overwrite) {
8fbce1c8 218 echo $OUTPUT->notification(get_string('uploadpicture_userskipped', 'admin', $user->username));
c74ca0e9 219 return PIX_FILE_SKIPPED;
220 }
221
222 if (my_save_profile_image($user->id, $file)) {
223 $DB->set_field('user', 'picture', 1, array('id'=>$user->id));
8fbce1c8 224 echo $OUTPUT->notification(get_string('uploadpicture_userupdated', 'admin', $user->username));
c74ca0e9 225 return PIX_FILE_UPDATED;
226 } else {
8fbce1c8 227 echo $OUTPUT->notification(get_string('uploadpicture_cannotsave', 'admin', $user->username));
c74ca0e9 228 return PIX_FILE_ERROR;
229 }
230}
231
232/**
233 * Try to save the given file (specified by its full path) as the
234 * picture for the user with the given id.
235 *
236 * @param integer $id the internal id of the user to assign the
237 * picture file to.
238 * @param string $originalfile the full path of the picture file.
239 *
20207b82 240 * @return bool
c74ca0e9 241 */
b352b2e9 242function my_save_profile_image($id, $originalfile) {
edfd6a5e
PS
243 $context = get_context_instance(CONTEXT_USER, $id);
244 return process_new_icon($context, 'user', 'icon', 0, $originalfile);
b352b2e9 245}
246
0df0df23 247