diff --git a/avatar.php b/avatar.php
index 70444dafcb55872b75b5b85d498e2e1268433c10..a54aad3b2a626967433ee0f8a5953ab50258a76d 100644
--- a/avatar.php
+++ b/avatar.php
@@ -12,7 +12,7 @@ if ($_SERVER['REQUEST_METHOD'] === "GET") {
//SECURITY TODO does this fully eliminate directory traversals?
$user = stripslashes($_GET['user']);
} else {
- $user = false;
+ exit();
}
if (isset($_GET['size']) && ((int)$_GET['size'] > 0)) {
@@ -28,17 +28,16 @@ if ($_SERVER['REQUEST_METHOD'] === "GET") {
if ($image instanceof \OC_Image) {
$image->show();
- } else {
- $image = \OC_Avatar::getDefaultAvatar($user, $size);
- $image->show();
+ } elseif ($image === false) {
+ OC_JSON::success(array('user' => $user, 'size' => $size));
}
} elseif ($_SERVER['REQUEST_METHOD'] === "POST") {
$user = OC_User::getUser();
// Select an image from own files
if (isset($_POST['path'])) {
- //SECURITY TODO FIXME possible directory traversal here
- $path = $_POST['path'];
+ //SECURITY TODO does this fully eliminate directory traversals?
+ $path = stripslashes($_POST['path']);
$avatar = OC::$SERVERROOT.'/data/'.$user.'/files'.$path;
}
// Upload a new image
@@ -62,7 +61,7 @@ if ($_SERVER['REQUEST_METHOD'] === "GET") {
$user = OC_User::getUser();
try {
- \OC_Avatar::set($user, false);
+ \OC_Avatar::remove($user);
OC_JSON::success();
} catch (\Exception $e) {
OC_JSON::error(array("data" => array ("message" => $e->getMessage()) ));
diff --git a/lib/avatar.php b/lib/avatar.php
index fa8fece080ce829c7dbc45063be88e3143112d68..86be0ea26356a42830e83d89986a04ebc4ad6bc3 100644
--- a/lib/avatar.php
+++ b/lib/avatar.php
@@ -12,35 +12,31 @@
class OC_Avatar {
/**
- * @brief get the users avatar
- * @param $user string which user to get the avatar for
- * @param $size integer size in px of the avatar, defaults to 64
- * @return \OC_Image containing the avatar
- */
- public static function get ($user, $size = 64) {
- if ($user === false) {
- return self::getDefaultAvatar($user, $size);
- }
-
- $view = new \OC\Files\View('/'.$user);
+ * @brief get the users avatar
+ * @param $user string which user to get the avatar for
+ * @param $size integer size in px of the avatar, defaults to 64
+ * @return mixed \OC_Image containing the avatar or false if there's no image
+ */
+ public static function get ($user, $size = 64) {
+ $view = new \OC\Files\View('/'.$user);
- if ($view->file_exists('avatar.jpg')) {
- $ext = 'jpg';
- } elseif ($view->file_exists('avatar.png')) {
- $ext = 'png';
- } else {
- return self::getDefaultAvatar($user, $size);
+ if ($view->file_exists('avatar.jpg')) {
+ $ext = 'jpg';
+ } elseif ($view->file_exists('avatar.png')) {
+ $ext = 'png';
+ } else {
+ return false;
}
- $avatar = new OC_Image($view->file_get_contents('avatar.'.$ext));
- $avatar->resize($size);
- return $avatar;
- }
+ $avatar = new OC_Image($view->file_get_contents('avatar.'.$ext));
+ $avatar->resize($size);
+ return $avatar;
+ }
/**
* @brief sets the users avatar
* @param $user string user to set the avatar for
- * @param $data mixed imagedata or path to set a new avatar, or false to delete the current avatar
+ * @param $data mixed imagedata or path to set a new avatar
* @throws Exception if the provided file is not a jpg or png image
* @throws Exception if the provided image is not valid, or not a square
* @return true on success
@@ -48,43 +44,33 @@ class OC_Avatar {
public static function set ($user, $data) {
$view = new \OC\Files\View('/'.$user);
- if ($data === false) {
- $view->unlink('avatar.jpg');
- $view->unlink('avatar.png');
- return true;
- } else {
- $img = new OC_Image($data);
- $type = substr($img->mimeType(), -3);
- if ($type === 'peg') { $type = 'jpg'; }
- if ($type !== 'jpg' && $type !== 'png') {
- $l = \OC_L10N::get('lib');
- throw new \Exception($l->t("Unknown filetype"));
- }
-
- if (!( $img->valid() && ($img->height() === $img->width()) )) {
- $l = \OC_L10N::get('lib');
- throw new \Exception($l->t("Invalid image, or the provided image is not square"));
- }
+ $img = new OC_Image($data);
+ $type = substr($img->mimeType(), -3);
+ if ($type === 'peg') { $type = 'jpg'; }
+ if ($type !== 'jpg' && $type !== 'png') {
+ $l = \OC_L10N::get('lib');
+ throw new \Exception($l->t("Unknown filetype"));
+ }
- $view->unlink('avatar.jpg');
- $view->unlink('avatar.png');
- $view->file_put_contents('avatar.'.$type, $data);
- return true;
+ if (!( $img->valid() && ($img->height() === $img->width()) )) {
+ $l = \OC_L10N::get('lib');
+ throw new \Exception($l->t("Invalid image, or the provided image is not square"));
}
+
+ $view->unlink('avatar.jpg');
+ $view->unlink('avatar.png');
+ $view->file_put_contents('avatar.'.$type, $data);
+ return true;
}
/**
- * @brief gets the default avatar
- * @brief $user string which user to get the avatar for
- * @param $size integer size of the avatar in px, defaults to 64
- * @return \OC_Image containing the default avatar
- * @todo use custom default images, when they arive
+ * @brief remove the users avatar
+ * @param $user string user to delete the avatar from
+ * @return void
*/
- public static function getDefaultAvatar ($user, $size = 64) {
- // TODO
- /*$default = new OC_Image(OC::$SERVERROOT."/core/img/defaultavatar.png");
- $default->resize($size);
- return $default;*/
- return;
+ public static function remove ($user) {
+ $view = new \OC\Files\View('/'.$user);
+ $view->unlink('avatar.jpg');
+ $view->unlink('avatar.png');
}
}
diff --git a/tests/lib/avatar.php b/tests/lib/avatar.php
index 42b06f8bccb553fd6fd1e9db673ca8e47478d5dd..adb6a5102b172bbb564b110e2ee88ac1cd224d8d 100644
--- a/tests/lib/avatar.php
+++ b/tests/lib/avatar.php
@@ -9,22 +9,14 @@
class Test_Avatar extends PHPUnit_Framework_TestCase {
public function testAvatar() {
- $expected = \OC_Avatar::getDefaultAvatar()->data();
- $this->assertEquals($expected, \OC_Avatar::get(\OC_User::getUser())->data());
+ $this->assertEquals(false, \OC_Avatar::get(\OC_User::getUser())->data());
$expected = new OC_Image(\OC::$SERVERROOT.'/tests/data/testavatar.png');
\OC_Avatar::set(\OC_User::getUser(), $expected->data());
$expected->resize(64);
$this->assertEquals($expected->data(), \OC_Avatar::get(\OC_User::getUser())->data());
- \OC_Avatar::set(\OC_User::getUser(), false);
- $expected = \OC_Avatar::getDefaultAvatar()->data();
- $this->assertEquals($expected, \OC_Avatar::get(\OC_User::getUser())->data());
+ \OC_Avatar::remove(\OC_User::getUser());
+ $this->assertEquals(false, \OC_Avatar::get(\OC_User::getUser())->data());
}
-
- /*public function testDefaultAvatar() {
- $img = new \OC_Image(OC::$SERVERROOT.'/core/img/defaultavatar.png');
- $img->resize(128);
- $this->assertEquals($img->data(), \OC_Avatar::getDefaultAvatar(\OC_User::getUser(), 128)->data());
- }*/
}