More skeleton code

[citadel.git] / citadel / modules / image / serv_image.c

diff --git a/citadel/modules/image/serv_image.c b/citadel/modules/image/serv_image.c
index dc7c0b14e6c8e8a9c7d7bcc056b249d29c808c04..a6a3728bbb54b3ee44ad70deeb1f4ebf46fdb10a 100644 (file)
--- a/citadel/modules/image/serv_image.c
+++ b/citadel/modules/image/serv_image.c
@@ -30,6 +30,7 @@ void cmd_dlui(char *cmdbuf)
        struct ctdluser ruser;
        char buf[SIZ];
 
+       if (CtdlAccessCheck(ac_logged_in_or_guest)) return;
        extract_token(buf, cmdbuf, 0, '|', sizeof buf);
        if (CtdlGetUser(&ruser, buf) != 0) {
                cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
@@ -42,7 +43,9 @@ void cmd_dlui(char *cmdbuf)
 
        struct CtdlMessage *msg = CtdlFetchMessage(ruser.msgnum_pic, 1, 1);
        if (msg != NULL) {
-               // 600 402132|-1||image/gif|            FIXME update the protocol doc on the web site
+               // The call to CtdlOutputPreLoadedMsg() with MT_SPEW_SECTION will cause the DLUI command
+               // to have the same output format as the DLAT command, because it calls the same code.
+               // For example: 600 402132|-1||image/gif|
                safestrncpy(CC->download_desired_section, "1", sizeof CC->download_desired_section);
                CtdlOutputPreLoadedMsg(msg, MT_SPEW_SECTION, HEADERS_NONE, 1, 0, 0);
                CM_Free(msg);
@@ -54,6 +57,48 @@ void cmd_dlui(char *cmdbuf)
 }
 
 
+/*
+ * DownLoad User Image (avatar or photo or whatever)
+ */
+void cmd_ului(char *cmdbuf)
+{
+       long data_length;
+       char mimetype[SIZ];
+       char username[USERNAME_SIZE];
+
+       if (CtdlAccessCheck(ac_logged_in_or_guest)) return;
+
+       if ( (num_parms(cmdbuf) < 2) || (num_parms(cmdbuf) > 3) )
+       {
+               cprintf("%d Usage error.\n", ERROR + ILLEGAL_VALUE);
+               return;
+       }
+
+       data_length = extract_long(cmdbuf, 0);
+       extract_token(mimetype, cmdbuf, 1, '|', sizeof mimetype);
+       extract_token(username, cmdbuf, 2, '|', sizeof username);
+
+       if (data_length < 20) {
+               cprintf("%d That's an awfully small file.  Try again.\n", ERROR + ILLEGAL_VALUE);
+               return;
+       }
+
+       if (strncasecmp(mimetype, "image/", 6)) {
+               cprintf("%d Only image files are permitted.\n", ERROR + ILLEGAL_VALUE);
+               return;
+       }
+
+       if (IsEmptyStr(username)) {
+               safestrncpy(username, CC->curr_user, sizeof username);
+       }
+
+       // Normal users can only change their own photo
+       if ( (strcasecmp(username, CC->curr_user)) && (CC->user.axlevel < AxAideU) && (!CC->internal_pgm) ) {
+               cprintf("%d Higher access required to change another user's photo.\n", ERROR + HIGHER_ACCESS_REQUIRED);
+       }
+
+       cprintf("500 nope not yet, I am %s , modifying %s , data length is %ld\n", CC->curr_user, username, data_length);
+}
 
 
 /*
@@ -197,6 +242,7 @@ CTDL_MODULE_INIT(image)
        {
                import_old_userpic_files();
                CtdlRegisterProtoHook(cmd_dlui, "DLUI", "DownLoad User Image");
+               CtdlRegisterProtoHook(cmd_ului, "ULUI", "UpLoad User Image");
        }
        /* return our module name for the log */
         return "image";