From 323cc165b663a078c50da10ca9d79c48feddd4a4 Mon Sep 17 00:00:00 2001 From: barisusakli Date: Sat, 7 Nov 2015 18:34:40 -0500 Subject: [PATCH] closes #3851 dont use post file upload for cover uploads check cover upload file size against new setting store cover uploads in profile folder use `uid-profilecover` filename for cover uploads --- install/data/defaults.json | 1 + public/src/client/account/header.js | 2 +- src/controllers/accounts/edit.js | 4 +-- src/controllers/uploads.js | 4 --- src/user/picture.js | 50 ++++++++++++++++++++--------- src/views/admin/settings/user.tpl | 7 +++- 6 files changed, 44 insertions(+), 24 deletions(-) diff --git a/install/data/defaults.json b/install/data/defaults.json index 6d81fdbc82..39a2226c5a 100644 --- a/install/data/defaults.json +++ b/install/data/defaults.json @@ -25,6 +25,7 @@ "maximumSignatureLength": 255, "maximumAboutMeLength": 1000, "maximumProfileImageSize": 256, + "maximumCoverImageSize": 2048, "profileImageDimension": 128, "requireEmailConfirmation": 0, "profile:allowProfileImageUploads": 1, diff --git a/public/src/client/account/header.js b/public/src/client/account/header.js index bf64c92f9d..b67f9dd4a9 100644 --- a/public/src/client/account/header.js +++ b/public/src/client/account/header.js @@ -66,7 +66,7 @@ define('forum/account/header', [ }, function() { uploader.open(RELATIVE_PATH + '/api/user/' + ajaxify.data.userslug + '/uploadcover', { uid: yourid }, 0, function(imageUrlOnServer) { - components.get('account/cover').css('background-image', 'url(' + imageUrlOnServer + ')'); + components.get('account/cover').css('background-image', 'url(' + imageUrlOnServer + '?v=' + Date.now() + ')'); }); }, removeCover diff --git a/src/controllers/accounts/edit.js b/src/controllers/accounts/edit.js index 349a6c856e..a6b2f7ad55 100644 --- a/src/controllers/accounts/edit.js +++ b/src/controllers/accounts/edit.js @@ -122,9 +122,9 @@ editController.uploadPicture = function (req, res, next) { editController.uploadCoverPicture = function(req, res, next) { var params = JSON.parse(req.body.params); - + user.updateCoverPicture({ - file: req.files.files[0].path, + file: req.files.files[0], uid: params.uid }, function(err, image) { if (err) { diff --git a/src/controllers/uploads.js b/src/controllers/uploads.js index d798524f3e..3ee0c97c8e 100644 --- a/src/controllers/uploads.js +++ b/src/controllers/uploads.js @@ -96,10 +96,6 @@ uploadsController.uploadGroupCover = function(data, next) { uploadImage(0, data, next); }; -uploadsController.uploadUserCover = function(data, next) { - uploadImage(data.uid, data, next); -}; - function uploadImage(uid, image, callback) { if (plugins.hasListeners('filter:uploadImage')) { return plugins.fireHook('filter:uploadImage', {image: image, uid: uid}, callback); diff --git a/src/user/picture.js b/src/user/picture.js index 503efd8845..96612ee14c 100644 --- a/src/user/picture.js +++ b/src/user/picture.js @@ -9,7 +9,6 @@ var async = require('async'), request = require('request'), mime = require('mime'), - uploadsController = require('../controllers/uploads'), plugins = require('../plugins'), file = require('../file'), image = require('../image'), @@ -141,8 +140,18 @@ module.exports = function(User) { return User.updateCoverPosition(data.uid, data.position, callback); } - async.series([ + if (!data.imageData && !data.file) { + return callback(new Error('[[error:invalid-data]]')); + } + + async.waterfall([ function(next) { + var size = data.file ? data.file.size : data.imageData.length; + meta.config.maximumCoverImageSize = meta.config.maximumCoverImageSize || 2048; + if (size > parseInt(meta.config.maximumCoverImageSize, 10) * 1024) { + return next(new Error('[[error:file-too-big, ' + meta.config.maximumCoverImageSize + ']]')); + } + if (data.file) { return next(); } @@ -150,12 +159,6 @@ module.exports = function(User) { md5sum = crypto.createHash('md5'); md5sum.update(data.imageData); md5sum = md5sum.digest('hex'); - next(); - }, - function(next) { - if (data.file) { - return next(); - } tempPath = path.join(nconf.get('base_dir'), nconf.get('upload_path'), md5sum); var buffer = new Buffer(data.imageData.slice(data.imageData.indexOf('base64') + 7), 'base64'); @@ -165,24 +168,39 @@ module.exports = function(User) { }, next); }, function(next) { - uploadsController.uploadUserCover({ + var image = { name: 'profileCover', - path: data.file ? data.file : tempPath, + path: data.file ? data.file.path : tempPath, uid: data.uid - }, function(err, uploadData) { + }; + + if (plugins.hasListeners('filter:uploadImage')) { + return plugins.fireHook('filter:uploadImage', {image: image, uid: data.uid}, next); + } + + var filename = data.uid + '-profilecover'; + file.saveFileToLocal(filename, 'profile', image.path, function(err, upload) { if (err) { return next(err); } - url = uploadData.url; - next(); + next(null, { + url: nconf.get('relative_path') + upload.url, + name: image.name + }); }); }, - function(next) { - User.setUserField(data.uid, 'cover:url', url, next); + function(uploadData, next) { + url = uploadData.url; + User.setUserField(data.uid, 'cover:url', uploadData.url, next); }, function(next) { - require('fs').unlink(data.file ? data.file : tempPath, next); + require('fs').unlink(data.file ? data.file.path : tempPath, function(err) { + if (err) { + winston.error(err); + } + next(); + }); } ], function(err) { if (err) { diff --git a/src/views/admin/settings/user.tpl b/src/views/admin/settings/user.tpl index d361a92cc0..0b27b24175 100644 --- a/src/views/admin/settings/user.tpl +++ b/src/views/admin/settings/user.tpl @@ -100,9 +100,14 @@
- +
+ +
+ + +