summaryrefslogtreecommitdiff
path: root/www-ssl/inc
diff options
context:
space:
mode:
authorcookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8>2006-12-15 17:07:27 +0000
committercookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8>2006-12-15 17:07:27 +0000
commitf446caee58e93823242b1dd76631783f198af5b1 (patch)
tree4ac4b0a497f4029bbfd07dff48317fb0f9a237cb /www-ssl/inc
parentae10c6c89592d02a2e2ab8dff4c3764cb10f99da (diff)
bilder von user koennen in db abgelegt werden
git-svn-id: svn://svn.cccv.de/engel-system@210 29ba0400-6e00-0410-a75a-ca02368028f8
Diffstat (limited to 'www-ssl/inc')
-rw-r--r--www-ssl/inc/ShowUserPicture.php52
-rwxr-xr-xwww-ssl/inc/funktion_user.php17
l---------www-ssl/inc/inc1
3 files changed, 69 insertions, 1 deletions
diff --git a/www-ssl/inc/ShowUserPicture.php b/www-ssl/inc/ShowUserPicture.php
new file mode 100644
index 00000000..218b2a24
--- /dev/null
+++ b/www-ssl/inc/ShowUserPicture.php
@@ -0,0 +1,52 @@
+<?PHP
+
+include ("./inc/config.php");
+include ("./inc/error_handler.php");
+include ("./inc/config_db.php");
+if( !isset($_SESSION)) session_start();
+include ("./inc/secure.php");
+
+
+// Parameter check
+if( !isset($_GET["UID"]) )
+ $_GET["UID"]= "-1";
+
+$SQL= "SELECT * FROM `UserPicture` WHERE `UID`='". $_GET["UID"]. "'";
+$res = mysql_query( $SQL, $con);
+
+if( mysql_num_rows($res) == 1)
+{
+ //genügend rechte
+ if( !isset($_SESSION['UID']) || $_SESSION['UID'] == -1)
+ {
+ header( "HTTP/1.0 403 Forbidden");
+ die( "403 Forbidden");
+ }
+ // ist das bild sichtbar?
+ if( mysql_result($res, 0, "show")=="N" )
+ {
+ $SQL= "SELECT * FROM `UserPicture` WHERE `UID`='-1'";
+ $res = mysql_query( $SQL, $con);
+ if( mysql_num_rows($res) != 1)
+ {
+ header( 'HTTP/1.0 404 Not Found');
+ die( "404 Not Found");
+ }
+ }
+
+ /// bild aus db auslesen
+ $bild = mysql_result($res, 0, "Bild");
+
+ // ausgabe bild
+ header( "Accept-Ranges: bytes");
+ header( "Content-Length: ". strlen($bild));
+ header( "Content-type: ". mysql_result($res, 0, "ContentType"));
+ echo $bild;
+}
+else
+{
+ header( 'HTTP/1.0 404 Not Found');
+ die( "404 Not Found");
+}
+
+?>
diff --git a/www-ssl/inc/funktion_user.php b/www-ssl/inc/funktion_user.php
index c98598f8..9a1433fd 100755
--- a/www-ssl/inc/funktion_user.php
+++ b/www-ssl/inc/funktion_user.php
@@ -57,15 +57,30 @@ function ReplaceSmilies($eckig) {
return $neueckig;
}
-function displayavatar($UID)
+
+/* Parameter:
+ <UserID>
+ [<Höhe des Bildes (wenn die höhe kleiner 1 ist wird die höhe nicht begrenzt)>] */
+function displayavatar($UID, $height="30")
{
global $con;
+
+ // ist ein foto hinterlegt?
+ $SQL= "SELECT * FROM `UserPicture` WHERE `UID`='$UID' AND `show`='Y'";
+ $res = mysql_query( $SQL, $con);
+ if( mysql_num_rows($res) == 1)
+ if( $height > 0)
+ return( "&nbsp;<img src=\"./inc/ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\">");
+ else
+ return( "&nbsp;<img src=\"./inc/ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\">");
+ // show avator
$asql = "select * from User where UID = $UID";
$aerg = mysql_query ($asql, $con);
if( mysql_num_rows($aerg) )
if( mysql_result($aerg, 0, "Avatar") > 0)
return ("&nbsp;<img src=\"./inc/avatar/avatar". mysql_result($aerg, 0, "Avatar"). ".gif\">");
+
}
function UIDgekommen($UID)
diff --git a/www-ssl/inc/inc b/www-ssl/inc/inc
new file mode 120000
index 00000000..456aecc7
--- /dev/null
+++ b/www-ssl/inc/inc
@@ -0,0 +1 @@
+../inc/ \ No newline at end of file