-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathchangephoto.php
121 lines (101 loc) · 3.51 KB
/
changephoto.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<?php
session_start();
include 'inc/checker.php';
include 'inc/config.php';
?>
<!DOCTYPE html>
<html>
<head>
<title><?php echo $appname." - "; ?>Change Profile Photo</title>
<?php include 'inc/styles.html'; ?>
</head>
<body class="mainbody">
<main style="border-top: 5px solid #cfcfcf;">
<?php include 'header.php'; ?>
<div align="center">
<?php
if($_SESSION['polluserid'] && $_SESSION['polllog']==true){
?>
<br><br>
<form action="" method="POST" enctype="multipart/form-data" id="installform">
<h3>Change Photo</h3><br>
<input type='file' name="image" required/>
<br><br>
<button type="submit" class="submitbutton">Change</button>
</form>
<br><br>
<a href="removephoto.php">Remove Photo</a>   <button class="removebutton"><a href='index.php'>Home</a></button>
<?php
if($_FILES['image']['tmp_name'])
{
$filename=explode('.',basename($_FILES['image']['name']));
$extension=$filename[1];
$filename=$filename[0];
$target_file=uniqid();
$target_file=crypt($target_file,$salt);
$target_file=md5($target_file);
$target_file='files/'.$target_file.$filename.'.'.$extension;
// Generating a completely random filename. UNBREAKABLE!!!
$target_file=str_replace(' ','_',$target_file);
// Replace all white spaces with an underscore to remove errors.
$uploadOk = 1;
$imageFileType = strtolower($extension);
if(isset($_POST["submit"])) { // If user actually uploaded file.
$check = getimagesize($_FILES["image"]["tmp_name"]);
if($check !== false) {
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
}
if (file_exists($target_file)) {
$target_file=crypt($target_file,$salt);
$target_file=md5($target_file);
$target_file="files/".$target_file.".".$extension;
// Recycle hashing.
}
if ($_FILES["image"]["size"] > 2000000) { // File Greater than 2 MB.
echo "Sorry, your file is too large.";
$uploadOk = 0;
}
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
}
else {
if (move_uploaded_file($_FILES["image"]["tmp_name"], $target_file)) {
echo "";
$user = $db->fetch($db->query("SELECT * FROM ".$subscript."users WHERE id='".$_SESSION['polluserid']."'"));
$oldphoto = $user['photo'];
// Updating the Photo URL for the user.
if($db->query("UPDATE ".$subscript."users SET photo='".$target_file."' WHERE id='".$_SESSION['polluserid']."'")){
echo "<br><br>Profile Picture Successfully updated!";
if(strcmp("files/default.png",$oldphoto)!=0){
unlink($oldphoto); // Deleted previous photo.
}
header("refresh:2;url=index.php");
exit();
}
else{
echo "<br><br>There was a problem in uploading the file.";
}
} else {
echo "Sorry, there was an error uploading your file. Kindly Try Again.";
}
}
}
}
else{
header("refresh:0;url=login.php");
exit();
}
?>
</div>
</main>
</body>
</html>