diff options
author | cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8> | 2006-12-15 17:07:27 +0000 |
---|---|---|
committer | cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8> | 2006-12-15 17:07:27 +0000 |
commit | f446caee58e93823242b1dd76631783f198af5b1 (patch) | |
tree | 4ac4b0a497f4029bbfd07dff48317fb0f9a237cb /www-ssl/inc | |
parent | ae10c6c89592d02a2e2ab8dff4c3764cb10f99da (diff) |
bilder von user koennen in db abgelegt werden
git-svn-id: svn://svn.cccv.de/engel-system@210 29ba0400-6e00-0410-a75a-ca02368028f8
Diffstat (limited to 'www-ssl/inc')
-rw-r--r-- | www-ssl/inc/ShowUserPicture.php | 52 | ||||
-rwxr-xr-x | www-ssl/inc/funktion_user.php | 17 | ||||
l--------- | www-ssl/inc/inc | 1 |
3 files changed, 69 insertions, 1 deletions
diff --git a/www-ssl/inc/ShowUserPicture.php b/www-ssl/inc/ShowUserPicture.php new file mode 100644 index 00000000..218b2a24 --- /dev/null +++ b/www-ssl/inc/ShowUserPicture.php @@ -0,0 +1,52 @@ +<?PHP + +include ("./inc/config.php"); +include ("./inc/error_handler.php"); +include ("./inc/config_db.php"); +if( !isset($_SESSION)) session_start(); +include ("./inc/secure.php"); + + +// Parameter check +if( !isset($_GET["UID"]) ) + $_GET["UID"]= "-1"; + +$SQL= "SELECT * FROM `UserPicture` WHERE `UID`='". $_GET["UID"]. "'"; +$res = mysql_query( $SQL, $con); + +if( mysql_num_rows($res) == 1) +{ + //genügend rechte + if( !isset($_SESSION['UID']) || $_SESSION['UID'] == -1) + { + header( "HTTP/1.0 403 Forbidden"); + die( "403 Forbidden"); + } + // ist das bild sichtbar? + if( mysql_result($res, 0, "show")=="N" ) + { + $SQL= "SELECT * FROM `UserPicture` WHERE `UID`='-1'"; + $res = mysql_query( $SQL, $con); + if( mysql_num_rows($res) != 1) + { + header( 'HTTP/1.0 404 Not Found'); + die( "404 Not Found"); + } + } + + /// bild aus db auslesen + $bild = mysql_result($res, 0, "Bild"); + + // ausgabe bild + header( "Accept-Ranges: bytes"); + header( "Content-Length: ". strlen($bild)); + header( "Content-type: ". mysql_result($res, 0, "ContentType")); + echo $bild; +} +else +{ + header( 'HTTP/1.0 404 Not Found'); + die( "404 Not Found"); +} + +?> diff --git a/www-ssl/inc/funktion_user.php b/www-ssl/inc/funktion_user.php index c98598f8..9a1433fd 100755 --- a/www-ssl/inc/funktion_user.php +++ b/www-ssl/inc/funktion_user.php @@ -57,15 +57,30 @@ function ReplaceSmilies($eckig) { return $neueckig; } -function displayavatar($UID) + +/* Parameter: + <UserID> + [<Höhe des Bildes (wenn die höhe kleiner 1 ist wird die höhe nicht begrenzt)>] */ +function displayavatar($UID, $height="30") { global $con; + + // ist ein foto hinterlegt? + $SQL= "SELECT * FROM `UserPicture` WHERE `UID`='$UID' AND `show`='Y'"; + $res = mysql_query( $SQL, $con); + if( mysql_num_rows($res) == 1) + if( $height > 0) + return( " <img src=\"./inc/ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\">"); + else + return( " <img src=\"./inc/ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\">"); + // show avator $asql = "select * from User where UID = $UID"; $aerg = mysql_query ($asql, $con); if( mysql_num_rows($aerg) ) if( mysql_result($aerg, 0, "Avatar") > 0) return (" <img src=\"./inc/avatar/avatar". mysql_result($aerg, 0, "Avatar"). ".gif\">"); + } function UIDgekommen($UID) diff --git a/www-ssl/inc/inc b/www-ssl/inc/inc new file mode 120000 index 00000000..456aecc7 --- /dev/null +++ b/www-ssl/inc/inc @@ -0,0 +1 @@ +../inc/
\ No newline at end of file |