Integrate newavatar.php into avatar.php by using GET, POST & DELETE

4 files changed, 9 insertions, 39 deletions

diff --git a/settings/ajax/newavatar.php b/settings/ajax/newavatar.php
deleted file mode 100644
index 126f3283fb3..00000000000
--- a/settings/ajax/newavatar.php
+++ /dev/null
@@ -1,33 +0,0 @@
-<?php
-
-OC_JSON::checkLoggedIn();
-OC_JSON::callCheck();
-$user = OC_User::getUser();
-
-// Delete avatar
-if (isset($_POST['path']) && $_POST['path'] === "false") {
-	$avatar = false;
-}
-// Select an image from own files
-elseif (isset($_POST['path'])) {
-	//SECURITY TODO FIXME possible directory traversal here
-	$path = $_POST['path'];
-	$avatar = OC::$SERVERROOT.'/data/'.$user.'/files'.$path;
-}
-// Upload a new image
-elseif (!empty($_FILES)) {
-	$files = $_FILES['files'];
-	if ($files['error'][0] === 0) {
-		$avatar = file_get_contents($files['tmp_name'][0]);
-		unlink($files['tmp_name'][0]);
-	}
-} else {
-	OC_JSON::error();
-}
-
-try {
-	\OC_Avatar::setLocalAvatar($user, $avatar);
-	OC_JSON::success();
-} catch (\Exception $e) {
-	OC_JSON::error(array("data" => array ("message" => $e->getMessage()) ));
-}
diff --git a/settings/js/personal.js b/settings/js/personal.js
index 74ea7f26ebf..dd2d15052d1 100644
--- a/settings/js/personal.js
+++ b/settings/js/personal.js
@@ -45,7 +45,7 @@ function changeDisplayName(){
 }
 
 function selectAvatar (path) {
-	$.post(OC.filePath('settings', 'ajax', 'newavatar.php'), {path: path}, function(data) {
+	$.post(OC.filePath('', '', 'avatar.php'), {path: path}, function(data) {
 		if (data.status === "success") {
 			updateAvatar();
 		} else {
@@ -168,8 +168,13 @@ $(document).ready(function(){
 	});
 
 	$('#removeavatar').click(function(){
-		$.post(OC.filePath('settings', 'ajax', 'newavatar.php'), {path: false});
-		updateAvatar();
+		$.ajax({
+			type:	'DELETE',
+			url:	OC.filePath('', '', 'avatar.php'),
+			success: function(msg) {
+				updateAvatar();
+			}
+		});
 	});
 } );
 
diff --git a/settings/routes.php b/settings/routes.php
index 7d323008419..9a27c3e439b 100644
--- a/settings/routes.php
+++ b/settings/routes.php
@@ -72,5 +72,3 @@ $this->create('isadmin', '/settings/js/isadmin.js')
 	->actionInclude('settings/js/isadmin.php');
 $this->create('settings_ajax_setavatarmode', '/settings/ajax/setavatarmode.php')
 	->actionInclude('settings/ajax/setavatarmode.php');
-$this->create('settings_ajax_newavatar', '/settings/ajax/newavatar.php')
-	->actionInclude('settings/ajax/newavatar.php');
diff --git a/settings/templates/personal.php b/settings/templates/personal.php
index 8d0667f9564..7832c79894b 100644
--- a/settings/templates/personal.php
+++ b/settings/templates/personal.php
@@ -84,7 +84,7 @@ if($_['passwordChangeSupported']) {
 ?>
 
 <?php if ($_['avatar'] !== "none"): ?>
-<form id="avatar" method="post" action="<?php p(\OC_Helper::linkToRoute('settings_ajax_newavatar')); ?>">
+<form id="avatar" method="post" action="<?php p(\OC_Helper::linkTo('', 'avatar.php')); ?>">
 	<fieldset class="personalblock">
 		<legend><strong><?php p($l->t('Profile Image')); ?></strong></legend>
 		<img src="<?php print_unescaped(link_to('', 'avatar.php').'?user='.OC_User::getUser().'&size=128'); ?>"><br>