Move profile includes into modules/profile/

[platal.git] / modules / profile.php

diff --git a/modules/profile.php b/modules/profile.php
index b4a2c2a..75ea8a3 100644 (file)
--- a/modules/profile.php
+++ b/modules/profile.php
@@ -124,16 +124,19 @@ class ProfileModule extends PLModule
                     .'/'.S::v('forlife').'.jpg';
 
         if (Env::has('upload')) {
-            if (isset($_FILES['userfile']['tmp_name']) 
-                    && !is_uploaded_file($_FILES['userfile']['tmp_name'])) {
+            if (isset($_FILES['userfile']['tmp_name']) && !is_uploaded_file($_FILES['userfile']['tmp_name'])) {
                 $page->trig('Une erreur s\'est produite lors du transfert du fichier');
-            } else {
+            } elseif (strpos(trim(mime_content_type($_FILES['userfile']['tmp_name'])), 'image/') !== 0) {
+                $page->trig('Le fichier que tu as transmis n\'est pas une image.');
+            } else {            
                 $file = is_uploaded_file($_FILES['userfile']['tmp_name'])
                         ? $_FILES['userfile']['tmp_name']
                         : Env::v('photo');
                 if ($data = file_get_contents($file)) {
                     $myphoto = new PhotoReq(S::v('uid'), $data);
-                    $myphoto->submit();
+                    if ($myphoto->isValid()) {
+                        $myphoto->submit();
+                    }
                 } else {
                     $page->trig('Fichier inexistant ou vide');
                 }
@@ -141,7 +144,7 @@ class ProfileModule extends PLModule
         } elseif (Env::has('trombi')) {
             $myphoto = new PhotoReq(S::v('uid'),
                                     file_get_contents($trombi_x));
-            if ($myphoto) {
+            if ($myphoto->isValid()) {
                 $myphoto->commit();
                 $myphoto->clean();
             }
@@ -338,11 +341,11 @@ class ProfileModule extends PLModule
 
         //doit-on faire un update ?
         if (Env::has('modifier') || Env::has('suivant')) {
-            require_once "profil/get_{$opened_tab}.inc.php";
-            require_once "profil/verif_{$opened_tab}.inc.php";
+            require_once dirname(__FILE__) . "/profile/get_{$opened_tab}.inc.php";
+            require_once dirname(__FILE__) . "/profile/verif_{$opened_tab}.inc.php";
 
             if($page->nb_errs()) {
-                require_once "profil/assign_{$opened_tab}.inc.php";
+                require_once dirname(__FILE__) . "/profile/assign_{$opened_tab}.inc.php";
                 $page->assign('onglet', $opened_tab);
                 $page->assign('onglet_tpl', "profile/$opened_tab.tpl");
                 return;
@@ -363,7 +366,7 @@ class ProfileModule extends PLModule
             }
 
             // mise a jour des champs relatifs au tab ouvert
-            require_once "profil/update_{$opened_tab}.inc.php";
+            require_once dirname(__FILE__) . "/profile/update_{$opened_tab}.inc.php";
 
             $log =& $_SESSION['log'];
             $log->log('profil', $opened_tab);
@@ -374,9 +377,9 @@ class ProfileModule extends PLModule
             pl_redirect('profile/edit/' . get_next_tab($opened_tab));
         }
 
-        require_once "profil/get_{$opened_tab}.inc.php";
-        require_once "profil/verif_{$opened_tab}.inc.php";
-        require_once "profil/assign_{$opened_tab}.inc.php";
+        require_once dirname(__FILE__) . "/profile/get_{$opened_tab}.inc.php";
+        require_once dirname(__FILE__) . "/profile/verif_{$opened_tab}.inc.php";
+        require_once dirname(__FILE__) . "/profile/assign_{$opened_tab}.inc.php";
 
         $page->assign('onglet', $opened_tab);
         $page->assign('onglet_tpl', "profile/$opened_tab.tpl");