X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fmodules%2Fimage%2Fserv_image.c;h=2c7647f3fdca996b7b7c0628b615aeaf7362e246;hb=7c9aaf224d62b53292cf736de0a4cb0c154a05d5;hp=dc7c0b14e6c8e8a9c7d7bcc056b249d29c808c04;hpb=44da3349f03e6c6f33024e6f532f624dad700403;p=citadel.git diff --git a/citadel/modules/image/serv_image.c b/citadel/modules/image/serv_image.c index dc7c0b14e..2c7647f3f 100644 --- a/citadel/modules/image/serv_image.c +++ b/citadel/modules/image/serv_image.c @@ -30,6 +30,7 @@ void cmd_dlui(char *cmdbuf) struct ctdluser ruser; char buf[SIZ]; + if (CtdlAccessCheck(ac_logged_in_or_guest)) return; extract_token(buf, cmdbuf, 0, '|', sizeof buf); if (CtdlGetUser(&ruser, buf) != 0) { cprintf("%d No such user.\n", ERROR + NO_SUCH_USER); @@ -42,7 +43,9 @@ void cmd_dlui(char *cmdbuf) struct CtdlMessage *msg = CtdlFetchMessage(ruser.msgnum_pic, 1, 1); if (msg != NULL) { - // 600 402132|-1||image/gif| FIXME update the protocol doc on the web site + // The call to CtdlOutputPreLoadedMsg() with MT_SPEW_SECTION will cause the DLUI command + // to have the same output format as the DLAT command, because it calls the same code. + // For example: 600 402132|-1||image/gif| safestrncpy(CC->download_desired_section, "1", sizeof CC->download_desired_section); CtdlOutputPreLoadedMsg(msg, MT_SPEW_SECTION, HEADERS_NONE, 1, 0, 0); CM_Free(msg); @@ -54,6 +57,68 @@ void cmd_dlui(char *cmdbuf) } +/* + * DownLoad User Image (avatar or photo or whatever) + */ +void cmd_ului(char *cmdbuf) +{ + long data_length; + char mimetype[SIZ]; + char username[USERNAME_SIZE]; + + if (CtdlAccessCheck(ac_logged_in_or_guest)) return; + + if (num_parms(cmdbuf) < 2) + { + cprintf("%d Usage error\n", ERROR + ILLEGAL_VALUE); + return; + } + + data_length = extract_long(cmdbuf, 0); + extract_token(mimetype, cmdbuf, 1, '|', sizeof mimetype); + extract_token(username, cmdbuf, 2, '|', sizeof username); + + if (data_length < 20) { + cprintf("%d That's an awfully small file. Try again.\n", ERROR + ILLEGAL_VALUE); + return; + } + + if (strncasecmp(mimetype, "image/", 6)) { + cprintf("%d Only image files are permitted.\n", ERROR + ILLEGAL_VALUE); + return; + } + + if (IsEmptyStr(username)) { + safestrncpy(username, CC->curr_user, sizeof username); + } + + // Normal users can only change their own photo + if ( (strcasecmp(username, CC->curr_user)) && (CC->user.axlevel < AxAideU) && (!CC->internal_pgm) ) { + cprintf("%d Higher access required to change another user's photo.\n", ERROR + HIGHER_ACCESS_REQUIRED); + } + + // Check to make sure the user exists + // FIXME do this + struct ctdluser usbuf; + if (CtdlGetUser(&usbuf, username) != 0) { // check for existing user, don't lock it yet + cprintf("%d %s not found.\n", ERROR + NO_SUCH_USER , username); + return; + } + + char *unencoded_data = malloc(data_length + 1); + if (!unencoded_data) { + cprintf("%d Could not allocate %ld bytes of memory\n", ERROR + INTERNAL_ERROR , data_length); + return; + } + + cprintf("%d %ld\n", SEND_BINARY, data_length); + client_read(unencoded_data, data_length); + + // We've got the data read from the client, now save it. + // FIXME do this + + free(unencoded_data); +} /* @@ -197,6 +262,7 @@ CTDL_MODULE_INIT(image) { import_old_userpic_files(); CtdlRegisterProtoHook(cmd_dlui, "DLUI", "DownLoad User Image"); + CtdlRegisterProtoHook(cmd_ului, "ULUI", "UpLoad User Image"); } /* return our module name for the log */ return "image";