diff options
author | Steve Clay <steve@mrclay.org> | 2013-05-29 13:13:16 -0400 |
---|---|---|
committer | Steve Clay <steve@mrclay.org> | 2013-05-29 13:13:16 -0400 |
commit | dd9df95001f5293e7a3a93a365c64842fe3650e4 (patch) | |
tree | 8f31359b90940a73349f668dd33efd9d5059f0fa /actions/avatar | |
parent | 28c43f6c615fba77d81f59e73ef29ba9d58049ea (diff) | |
download | elgg-dd9df95001f5293e7a3a93a365c64842fe3650e4.tar.gz elgg-dd9df95001f5293e7a3a93a365c64842fe3650e4.tar.bz2 |
Fix avatar edit permissions (by Jerôme Bakker)
Diffstat (limited to 'actions/avatar')
-rw-r--r-- | actions/avatar/remove.php | 52 |
1 files changed, 27 insertions, 25 deletions
diff --git a/actions/avatar/remove.php b/actions/avatar/remove.php index cd38e456a..9cb40a760 100644 --- a/actions/avatar/remove.php +++ b/actions/avatar/remove.php @@ -3,32 +3,34 @@ * Avatar remove action */ -$guid = get_input('guid'); -$user = get_entity($guid); -if ($user) { - // Delete all icons from diskspace - $icon_sizes = elgg_get_config('icon_sizes'); - foreach ($icon_sizes as $name => $size_info) { - $file = new ElggFile(); - $file->owner_guid = $guid; - $file->setFilename("profile/{$guid}{$name}.jpg"); - $filepath = $file->getFilenameOnFilestore(); - if (!$file->delete()) { - elgg_log("Avatar file remove failed. Remove $filepath manually, please.", 'WARNING'); - } - } - - // Remove crop coords - unset($user->x1); - unset($user->x2); - unset($user->y1); - unset($user->y2); - - // Remove icon - unset($user->icontime); - system_message(elgg_echo('avatar:remove:success')); -} else { +$user_guid = get_input('guid'); +$user = get_user($user_guid); + +if (!$user || !$user->canEdit()) { register_error(elgg_echo('avatar:remove:fail')); + forward(REFERER); } +// Delete all icons from diskspace +$icon_sizes = elgg_get_config('icon_sizes'); +foreach ($icon_sizes as $name => $size_info) { + $file = new ElggFile(); + $file->owner_guid = $user_guid; + $file->setFilename("profile/{$user_guid}{$name}.jpg"); + $filepath = $file->getFilenameOnFilestore(); + if (!$file->delete()) { + elgg_log("Avatar file remove failed. Remove $filepath manually, please.", 'WARNING'); + } +} + +// Remove crop coords +unset($user->x1); +unset($user->x2); +unset($user->y1); +unset($user->y2); + +// Remove icon +unset($user->icontime); + +system_message(elgg_echo('avatar:remove:success')); forward(REFERER); |