Sanitize displayname, respect data @ $element, fix routename, clean after cropping, updateAvatar with displayname

author: kondou <kondou@ts.unde.re> 2013-08-31 18:27:28 +0200
committer: kondou <kondou@ts.unde.re> 2013-08-31 18:27:28 +0200
commit: aa88eea9cf366c07b0a311adc5ee64f0ae86ff33 (patch)
tree: dd9a4a47f56e4eb688366a70f1bd0fb7dd2c5a36
parent: 5d653753bd8f6f1294dfbfa112757e5509ddc80d (diff)
download: nextcloud-server-aa88eea9cf366c07b0a311adc5ee64f0ae86ff33.tar.gz
nextcloud-server-aa88eea9cf366c07b0a311adc5ee64f0ae86ff33.zip
5 files changed, 18 insertions, 12 deletions
diff --git a/core/avatar/controller.php b/core/avatar/controller.php
index 66ee7edafbe..85ac251d094 100644
--- a/core/avatar/controller.php
+++ b/core/avatar/controller.php
@@ -25,8 +25,8 @@ class OC_Core_Avatar_Controller {
 			$size = 64;
 		}
 
-		$ava = new \OC_Avatar();
-		$image = $ava->get($user, $size);
+		$avatar = new \OC_Avatar();
+		$image = $avatar->get($user, $size);
 
 		if ($image instanceof \OC_Image) {
 			$image->show();
diff --git a/core/js/jquery.avatar.js b/core/js/jquery.avatar.js
index bd57a542fa7..b4fa524f47a 100644
--- a/core/js/jquery.avatar.js
+++ b/core/js/jquery.avatar.js
@@ -10,6 +10,8 @@
 		if (typeof(size) === 'undefined') {
 			if (this.height() > 0) {
 				size = this.height();
+			} else if (this.data('size') > 0) {
+				size = this.data('size');
 			} else {
 				size = 64;
 			}
@@ -19,10 +21,17 @@
 		this.width(size);
 
 		if (typeof(user) === 'undefined') {
-			this.placeholder('x');
-			return;
+			if (typeof(this.data('user')) !== 'undefined') {
+				user = this.data('user');
+			} else {
+				this.placeholder('x');
+				return;
+			}
 		}
 
+		// sanitize
+		user = user.replace(/\//g,'');
+
 		var $div = this;
 
 		//$.get(OC.Router.generate('core_avatar_get', {user: user, size: size}), function(result) { // TODO does not work "Uncaught TypeError: Cannot use 'in' operator to search for 'core_avatar_get' in undefined" router.js L22
diff --git a/core/routes.php b/core/routes.php
index d2ad699bd08..a0d06bf807e 100644
--- a/core/routes.php
+++ b/core/routes.php
@@ -59,8 +59,10 @@ $this->create('core_lostpassword_reset_password', '/lostpassword/reset/{token}/{
 	->action('OC_Core_LostPassword_Controller', 'resetPassword');
 
 // Avatar routes
+$this->create('core_avatar_get_tmp', '/avatar/tmp')
+        ->get()
+        ->action('OC_Core_Avatar_Controller', 'getTmpAvatar');
 $this->create('core_avatar_get', '/avatar/{user}/{size}')
-	->defaults(array('user' => '', 'size' => 64))
 	->get()
 	->action('OC_Core_Avatar_Controller', 'getAvatar');
 $this->create('core_avatar_post', '/avatar/')
@@ -69,9 +71,6 @@ $this->create('core_avatar_post', '/avatar/')
 $this->create('core_avatar_delete', '/avatar/')
 	->delete()
 	->action('OC_Core_Avatar_Controller', 'deleteAvatar');
-$this->create('core_avatar_get_tmp', '/avatartmp/') //TODO better naming, so it doesn't conflict with core_avatar_get
-	->get()
-	->action('OC_Core_Avatar_Controller', 'getTmpAvatar');
 $this->create('core_avatar_post_cropped', '/avatar/cropped')
 	->post()
 	->action('OC_Core_Avatar_Controller', 'postCroppedAvatar');
diff --git a/settings/css/settings.css b/settings/css/settings.css
index a2c3eaf6263..7b147d5b960 100644
--- a/settings/css/settings.css
+++ b/settings/css/settings.css
@@ -37,9 +37,6 @@ td.name, td.password { padding-left:.8em; }
 td.password>img,td.displayName>img, td.remove>a, td.quota>img { visibility:hidden; }
 td.password, td.quota, td.displayName { width:12em; cursor:pointer; }
 td.password>span, td.quota>span, rd.displayName>span { margin-right: 1.2em; color: #C7C7C7; }
-td.avatar img {
-	margin-top: 6px;
-}
 
 td.remove { width:1em; padding-right:1em; }
 tr:hover>td.password>span, tr:hover>td.displayName>span { margin:0; cursor:pointer; }
diff --git a/settings/js/personal.js b/settings/js/personal.js
index a62b37d8d48..e2e9c69e430 100644
--- a/settings/js/personal.js
+++ b/settings/js/personal.js
@@ -34,6 +34,7 @@ function changeDisplayName(){
                 $('#oldDisplayName').text($('#displayName').val());
                 // update displayName on the top right expand button
                 $('#expandDisplayName').text($('#displayName').val());
+		updateAvatar();
             }
             else{
                 $('#newdisplayname').val(data.data.displayName);
@@ -82,7 +83,6 @@ function showAvatarCropper() {
 }
 
 function sendCropData() {
-	$('#cropperbox').ocdialog('close');
 	var cropperdata = $('#cropper').data();
 	var data = {
 		x: cropperdata.x,
@@ -90,6 +90,7 @@ function sendCropData() {
 		w: cropperdata.w,
 		h: cropperdata.h
 	};
+	$('#cropperbox').remove();
 	$.post(OC.Router.generate('core_avatar_post_cropped'), {crop: data}, avatarResponseHandler);
 }
author	kondou <kondou@ts.unde.re>	2013-08-31 18:27:28 +0200
committer	kondou <kondou@ts.unde.re>	2013-08-31 18:27:28 +0200
commit	aa88eea9cf366c07b0a311adc5ee64f0ae86ff33 (patch)
tree	dd9a4a47f56e4eb688366a70f1bd0fb7dd2c5a36
parent	5d653753bd8f6f1294dfbfa112757e5509ddc80d (diff)
download	nextcloud-server-aa88eea9cf366c07b0a311adc5ee64f0ae86ff33.tar.gz nextcloud-server-aa88eea9cf366c07b0a311adc5ee64f0ae86ff33.zip