From e17b37edb637fccb4445fdba1ef6860e93a9c807 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Wed, 14 Dec 2016 21:58:14 +0300
Subject: [PATCH] closes #5287
---
src/socket.io/user/picture.js | 14 +++++++----
src/user/profile.js | 46 +++++++++++++++++++----------------
2 files changed, 34 insertions(+), 26 deletions(-)
diff --git a/src/socket.io/user/picture.js b/src/socket.io/user/picture.js
index fd862a475a..82404f1fe5 100644
--- a/src/socket.io/user/picture.js
+++ b/src/socket.io/user/picture.js
@@ -3,6 +3,7 @@
var async = require('async');
var winston = require('winston');
var path = require('path');
+var nconf = require('nconf');
var user = require('../../user');
var plugins = require('../../plugins');
@@ -84,11 +85,14 @@ module.exports = function (SocketUser) {
},
function (userData, next) {
if (userData.uploadedpicture && !userData.uploadedpicture.startsWith('http')) {
- require('fs').unlink(path.join(__dirname, '../../../public', userData.uploadedpicture), function (err) {
- if (err) {
- winston.error(err);
- }
- });
+ var pathToFile = path.join(nconf.get('base_dir'), 'public', userData.uploadedpicture);
+ if (pathToFile.startsWith(path.join(nconf.get('base_dir'), nconf.get('upload_path')))) {
+ require('fs').unlink(pathToFile, function (err) {
+ if (err) {
+ winston.error(err);
+ }
+ });
+ }
}
user.setUserFields(data.uid, {
diff --git a/src/user/profile.js b/src/user/profile.js
index 7ebf7cfafd..37b280612f 100644
--- a/src/user/profile.js
+++ b/src/user/profile.js
@@ -14,7 +14,7 @@ module.exports = function (User) {
User.updateProfile = function (uid, data, callback) {
var fields = ['username', 'email', 'fullname', 'website', 'location',
- 'groupTitle', 'birthday', 'signature', 'aboutme', 'picture', 'uploadedpicture'];
+ 'groupTitle', 'birthday', 'signature', 'aboutme'];
async.waterfall([
function (next) {
@@ -147,32 +147,34 @@ module.exports = function (User) {
}
function updateEmail(uid, newEmail, callback) {
- User.getUserFields(uid, ['email', 'picture', 'uploadedpicture'], function (err, userData) {
- if (err) {
- return callback(err);
- }
-
- userData.email = userData.email || '';
+ async.waterfall([
+ function (next) {
+ User.getUserField(uid, 'email', next);
+ },
+ function (oldEmail, next) {
+ oldEmail = oldEmail || '';
- if (userData.email === newEmail) {
- return callback();
- }
- async.series([
- async.apply(db.sortedSetRemove, 'email:uid', userData.email.toLowerCase()),
- async.apply(db.sortedSetRemove, 'email:sorted', userData.email.toLowerCase() + ':' + uid)
- ], function (err) {
- if (err) {
- return callback(err);
+ if (oldEmail === newEmail) {
+ return callback();
}
-
+ async.series([
+ async.apply(db.sortedSetRemove, 'email:uid', oldEmail.toLowerCase()),
+ async.apply(db.sortedSetRemove, 'email:sorted', oldEmail.toLowerCase() + ':' + uid)
+ ], function (err) {
+ next(err);
+ });
+ },
+ function (next) {
async.parallel([
function (next) {
db.sortedSetAdd('email:uid', uid, newEmail.toLowerCase(), next);
},
- async.apply(db.sortedSetAdd, 'user:' + uid + ':emails', Date.now(), newEmail + ':' + Date.now()),
function (next) {
db.sortedSetAdd('email:sorted', 0, newEmail.toLowerCase() + ':' + uid, next);
},
+ function (next) {
+ db.sortedSetAdd('user:' + uid + ':emails', Date.now(), newEmail + ':' + Date.now(), next);
+ },
function (next) {
User.setUserField(uid, 'email', newEmail, next);
},
@@ -185,9 +187,11 @@ module.exports = function (User) {
function (next) {
db.sortedSetAdd('users:notvalidated', Date.now(), uid, next);
}
- ], callback);
- });
- });
+ ], function (err) {
+ next(err);
+ });
+ }
+ ], callback);
}
function updateUsername(uid, newUsername, callback) {