bilder von user koennen in db abgelegt werden

git-svn-id: svn://svn.cccv.de/engel-system@210 29ba0400-6e00-0410-a75a-ca02368028f8

4 files changed, 75 insertions, 3 deletions

diff --git a/www-ssl/admin/user.php b/www-ssl/admin/user.php
index 52482992..4a58a8b5 100755
--- a/www-ssl/admin/user.php
+++ b/www-ssl/admin/user.php
@@ -143,6 +143,8 @@ else
 				") wurde in der Liste nicht gefunden.</td></tr>";
 		else
 		{
+			echo "<tr><td>\n";
+			echo "<table>\n";
 			echo "  <tr><td>Nick</td><td>".
 				"<input type=\"text\" size=\"40\" name=\"eNick\" value=\"".
 				mysql_result($Erg, 0, "Nick")."\"></td></tr>\n";
@@ -236,8 +238,10 @@ else
 			echo "  <tr><td>Hometown</td><td>".
 				"<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"".
 				mysql_result($Erg, 0, "Hometown")."\"></td></tr>\n";
-		} //IF TYPE
-	}
+			
+			echo "</table>\n</td><td valign=\"top\">". displayavatar($_GET["enterUID"], FALSE). "</td></tr>";
+		}
+	}//IF TYPE Normal
 	if( $_GET["Type"] == "Secure" )
 	{
 		// CVS-Rechte
diff --git a/www-ssl/inc/ShowUserPicture.php b/www-ssl/inc/ShowUserPicture.php
new file mode 100644
index 00000000..218b2a24
--- /dev/null
+++ b/www-ssl/inc/ShowUserPicture.php
@@ -0,0 +1,52 @@
+<?PHP
+
+include ("./inc/config.php");
+include ("./inc/error_handler.php");
+include ("./inc/config_db.php");
+if( !isset($_SESSION))	session_start();
+include ("./inc/secure.php");
+
+
+// Parameter check
+if( !isset($_GET["UID"]) )
+	$_GET["UID"]= "-1";
+
+$SQL= "SELECT * FROM `UserPicture` WHERE `UID`='". $_GET["UID"]. "'";
+$res = mysql_query( $SQL, $con);
+
+if( mysql_num_rows($res) == 1)
+{
+	//genügend rechte
+	if( !isset($_SESSION['UID']) || $_SESSION['UID'] == -1)
+	{
+		header( "HTTP/1.0 403 Forbidden");
+		die( "403 Forbidden");
+	}
+	// ist das bild sichtbar?
+	if( mysql_result($res, 0, "show")=="N" )
+	{
+		$SQL= "SELECT * FROM `UserPicture` WHERE `UID`='-1'";
+		$res = mysql_query( $SQL, $con);
+		if( mysql_num_rows($res) != 1)
+		{
+			header( 'HTTP/1.0 404 Not Found');
+			die( "404 Not Found");
+		}
+	}
+
+	/// bild aus db auslesen
+	$bild = mysql_result($res, 0, "Bild");
+	
+	// ausgabe bild
+	header( "Accept-Ranges: bytes");
+	header( "Content-Length: ". strlen($bild));
+	header( "Content-type: ". mysql_result($res, 0, "ContentType"));
+	echo $bild;
+}
+else
+{
+	header( 'HTTP/1.0 404 Not Found');
+	die( "404 Not Found");
+}
+
+?>
diff --git a/www-ssl/inc/funktion_user.php b/www-ssl/inc/funktion_user.php
index c98598f8..9a1433fd 100755
--- a/www-ssl/inc/funktion_user.php
+++ b/www-ssl/inc/funktion_user.php
@@ -57,15 +57,30 @@ function ReplaceSmilies($eckig) {
 	return $neueckig;
 }
 
-function displayavatar($UID) 
+
+/* Parameter: 
+	<UserID>
+	[<Höhe des Bildes (wenn die höhe kleiner 1 ist wird die höhe nicht begrenzt)>] */
+function displayavatar($UID, $height="30") 
 {
 	global $con;
+
+	// ist ein foto hinterlegt?
+	$SQL= "SELECT * FROM `UserPicture` WHERE `UID`='$UID' AND `show`='Y'";
+	$res = mysql_query( $SQL, $con);
+	if( mysql_num_rows($res) == 1)
+		if( $height > 0)
+			return( "&nbsp;<img src=\"./inc/ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\">");
+		else
+			return( "&nbsp;<img src=\"./inc/ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\">");
         
+	// show avator
 	$asql = "select * from User where UID = $UID";
 	$aerg = mysql_query ($asql, $con);
 	if( mysql_num_rows($aerg) )
 		if( mysql_result($aerg, 0, "Avatar") > 0)
           		return ("&nbsp;<img src=\"./inc/avatar/avatar". mysql_result($aerg, 0, "Avatar"). ".gif\">");
+
 }
 
 function UIDgekommen($UID) 
diff --git a/www-ssl/inc/inc b/www-ssl/inc/inc
new file mode 120000
index 00000000..456aecc7
--- /dev/null
+++ b/www-ssl/inc/inc
@@ -0,0 +1 @@
+../inc/
\ No newline at end of file