From f446caee58e93823242b1dd76631783f198af5b1 Mon Sep 17 00:00:00 2001
From: cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8>
Date: Fri, 15 Dec 2006 17:07:27 +0000
Subject: bilder von user koennen in db abgelegt werden

git-svn-id: svn://svn.cccv.de/engel-system@210 29ba0400-6e00-0410-a75a-ca02368028f8
---
 www-ssl/inc/ShowUserPicture.php | 52 +++++++++++++++++++++++++++++++++++++++++
 www-ssl/inc/funktion_user.php   | 17 +++++++++++++-
 www-ssl/inc/inc                 |  1 +
 3 files changed, 69 insertions(+), 1 deletion(-)
 create mode 100644 www-ssl/inc/ShowUserPicture.php
 create mode 120000 www-ssl/inc/inc

(limited to 'www-ssl/inc')

diff --git a/www-ssl/inc/ShowUserPicture.php b/www-ssl/inc/ShowUserPicture.php
new file mode 100644
index 00000000..218b2a24
--- /dev/null
+++ b/www-ssl/inc/ShowUserPicture.php
@@ -0,0 +1,52 @@
+<?PHP
+
+include ("./inc/config.php");
+include ("./inc/error_handler.php");
+include ("./inc/config_db.php");
+if( !isset($_SESSION))	session_start();
+include ("./inc/secure.php");
+
+
+// Parameter check
+if( !isset($_GET["UID"]) )
+	$_GET["UID"]= "-1";
+
+$SQL= "SELECT * FROM `UserPicture` WHERE `UID`='". $_GET["UID"]. "'";
+$res = mysql_query( $SQL, $con);
+
+if( mysql_num_rows($res) == 1)
+{
+	//genügend rechte
+	if( !isset($_SESSION['UID']) || $_SESSION['UID'] == -1)
+	{
+		header( "HTTP/1.0 403 Forbidden");
+		die( "403 Forbidden");
+	}
+	// ist das bild sichtbar?
+	if( mysql_result($res, 0, "show")=="N" )
+	{
+		$SQL= "SELECT * FROM `UserPicture` WHERE `UID`='-1'";
+		$res = mysql_query( $SQL, $con);
+		if( mysql_num_rows($res) != 1)
+		{
+			header( 'HTTP/1.0 404 Not Found');
+			die( "404 Not Found");
+		}
+	}
+
+	/// bild aus db auslesen
+	$bild = mysql_result($res, 0, "Bild");
+	
+	// ausgabe bild
+	header( "Accept-Ranges: bytes");
+	header( "Content-Length: ". strlen($bild));
+	header( "Content-type: ". mysql_result($res, 0, "ContentType"));
+	echo $bild;
+}
+else
+{
+	header( 'HTTP/1.0 404 Not Found');
+	die( "404 Not Found");
+}
+
+?>
diff --git a/www-ssl/inc/funktion_user.php b/www-ssl/inc/funktion_user.php
index c98598f8..9a1433fd 100755
--- a/www-ssl/inc/funktion_user.php
+++ b/www-ssl/inc/funktion_user.php
@@ -57,15 +57,30 @@ function ReplaceSmilies($eckig) {
 	return $neueckig;
 }
 
-function displayavatar($UID) 
+
+/* Parameter: 
+	<UserID>
+	[<Höhe des Bildes (wenn die höhe kleiner 1 ist wird die höhe nicht begrenzt)>] */
+function displayavatar($UID, $height="30") 
 {
 	global $con;
+
+	// ist ein foto hinterlegt?
+	$SQL= "SELECT * FROM `UserPicture` WHERE `UID`='$UID' AND `show`='Y'";
+	$res = mysql_query( $SQL, $con);
+	if( mysql_num_rows($res) == 1)
+		if( $height > 0)
+			return( "&nbsp;<img src=\"./inc/ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\">");
+		else
+			return( "&nbsp;<img src=\"./inc/ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\">");
         
+	// show avator
 	$asql = "select * from User where UID = $UID";
 	$aerg = mysql_query ($asql, $con);
 	if( mysql_num_rows($aerg) )
 		if( mysql_result($aerg, 0, "Avatar") > 0)
           		return ("&nbsp;<img src=\"./inc/avatar/avatar". mysql_result($aerg, 0, "Avatar"). ".gif\">");
+
 }
 
 function UIDgekommen($UID) 
diff --git a/www-ssl/inc/inc b/www-ssl/inc/inc
new file mode 120000
index 00000000..456aecc7
--- /dev/null
+++ b/www-ssl/inc/inc
@@ -0,0 +1 @@
+../inc/
\ No newline at end of file
-- 
cgit v1.2.3-54-g00ecf