From ce6a42482a37d63e83b14bb7e203e672c0c76b58 Mon Sep 17 00:00:00 2001
From: Carson Fleming <cflems@cflems.net>
Date: Wed, 25 Oct 2017 13:34:10 -0400
Subject: Fixed profile pictures glitch

---
 dash/dash_functions.php |  6 +++++-
 dash/profile.php        | 15 ++++++---------
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/dash/dash_functions.php b/dash/dash_functions.php
index 56785a5..9aaa78f 100644
--- a/dash/dash_functions.php
+++ b/dash/dash_functions.php
@@ -19,8 +19,12 @@ function typestr ($type) {
 function rating_format ($rating = null, $typestr = 'Employer') {
   return '<span class="ratingdata" data-rating="'.(is_null($rating) ? 'undef' : number_format($rating, 1)).'"></span>';
 }
+function genpicstr () {
+  global $b_user;
+  return 'uimg/'.uniqid($b_user['id'].'_', true).'.png';
+}
 function picture_format ($picstr = null) {
-  return is_null($picstr) ? 'uimg/default.png' : 'uimg/'.htmlentities($picstr).'.png';
+  return is_null($picstr) ? 'uimg/default.png' : htmlentities($picstr);
 } 
 function draw_norate_p () {
 ?>
diff --git a/dash/profile.php b/dash/profile.php
index d730dc9..fa3ee8e 100644
--- a/dash/profile.php
+++ b/dash/profile.php
@@ -57,7 +57,7 @@ while ($row = $result->fetch_assoc()) {
           <div class="review">
             <div class="reviewleft">
               <p class="revname"><a href="profile.php?id=<?=$row['uid'];?>"><?=htmlentities($row['name']);?></a></p>
-              <p class="revpic"><img src="uimg/<?=is_null($row['picture']) ? 'default.png' : intval($row['picture']).'.png';?>" alt="Profile Picture" /></p>
+              <p class="revpic"><img src="<?=picture_format($row['picture']);?>" alt="Profile Picture" /></p>
               <p class="revjob">Based on <a href="ads.php?id=<?=$row['adid'];?>"><?=htmlentities($row['title']);?></a></p>
             </div>
             <div class="reviewright">
@@ -97,11 +97,13 @@ $result->free();
     ), 'changed.tpl')) or dash_fatal('We couldn\'t send mail to your new email address, so your profile has not been updated.');
   }
   if (!empty($_FILES['picture']['tmp_name'])) {
-    $usepropic = ', picture = id';
+    $picstr = genpicstr();
+    $usepropic = ', picture = \''.$db->escape_string($picstr).'\'';
     $tmpfile = $_FILES['picture']['tmp_name'];
     if (getimagesize($tmpfile) === false) dash_fatal('Your uploaded file is not an image.');
     @$img = imagecreatefromstring(file_get_contents($tmpfile));
-    @imagepng($img, 'uimg/'.$b_user['id'].'.png');
+    @imagepng($img, $picstr) or dash_fatal('Your new profile picture could not be saved to the server.');
+    @unlink($b_user['picture']);
     @imagedestroy($img);
   }
   $db->query('UPDATE users SET email = \''.$db->escape_string($_POST['email']).'\', zipcode = \''.$db->escape_string($_POST['zip']).'\', phone = \''.$db->escape_string($_POST['phone']).'\', address = '.$addr.', bio = '.$bio.$usepropic.$deactivate.' WHERE id = '.$b_user['id']) or dash_fatal($db->error);
@@ -121,12 +123,7 @@ $result->free();
           <div id="proleft">
             <h4>Profile Picture</h4>
             <div id="propic">
-<?php
-  if (is_null($user['picture']))
-    echo '              <img src="uimg/default.png" alt="Profile Picture" />'.PHP_EOL;
-  else
-    echo '              <img src="uimg/'.$user['picture'].'.png" alt="Profile Picture" />'.PHP_EOL;
-?>
+              <img src="<?=picture_format($user['picture']);?>" alt="Profile Picture" />
               <p id="hoverupload">Upload New</p>
             </div>
             <p class="hidden"><input id="chpic" type="file" name="picture" type="image/*" value="Upload New" /></p>
-- 
cgit v1.2.3