X-Git-Url: https://code.citadel.org/?p=citadel.git;a=blobdiff_plain;f=citadel%2Fmodules%2Fimage%2Fserv_image.c;fp=citadel%2Fmodules%2Fimage%2Fserv_image.c;h=a6a3728bbb54b3ee44ad70deeb1f4ebf46fdb10a;hp=00615a06ca2ccf22a46c84262e10bd6114fe5fe6;hb=28440382d35fe8c81e5c881f50b339dd4c1e5d75;hpb=17bba3334ee25b4297391b2dd47ad924231e33e2

diff --git a/citadel/modules/image/serv_image.c b/citadel/modules/image/serv_image.c
index 00615a06c..a6a3728bb 100644
--- a/citadel/modules/image/serv_image.c
+++ b/citadel/modules/image/serv_image.c
@@ -62,9 +62,42 @@ void cmd_dlui(char *cmdbuf)
  */
 void cmd_ului(char *cmdbuf)
 {
+	long data_length;
+	char mimetype[SIZ];
+	char username[USERNAME_SIZE];
+
 	if (CtdlAccessCheck(ac_logged_in_or_guest)) return;
 
-	cprintf("500 FIXME not finished\n");
+	if ( (num_parms(cmdbuf) < 2) || (num_parms(cmdbuf) > 3) )
+	{
+		cprintf("%d Usage error.\n", ERROR + ILLEGAL_VALUE);
+		return;
+	}
+
+	data_length = extract_long(cmdbuf, 0);
+	extract_token(mimetype, cmdbuf, 1, '|', sizeof mimetype);
+	extract_token(username, cmdbuf, 2, '|', sizeof username);
+
+	if (data_length < 20) {
+		cprintf("%d That's an awfully small file.  Try again.\n", ERROR + ILLEGAL_VALUE);
+		return;
+	}
+
+	if (strncasecmp(mimetype, "image/", 6)) {
+		cprintf("%d Only image files are permitted.\n", ERROR + ILLEGAL_VALUE);
+		return;
+	}
+
+	if (IsEmptyStr(username)) {
+		safestrncpy(username, CC->curr_user, sizeof username);
+	}
+
+	// Normal users can only change their own photo
+	if ( (strcasecmp(username, CC->curr_user)) && (CC->user.axlevel < AxAideU) && (!CC->internal_pgm) ) {
+		cprintf("%d Higher access required to change another user's photo.\n", ERROR + HIGHER_ACCESS_REQUIRED);
+	}
+
+	cprintf("500 nope not yet, I am %s , modifying %s , data length is %ld\n", CC->curr_user, username, data_length);
 }