If users choose really big avatar files, this can lead to a crash of Q&A without any error message --> just a white screen.
The reason is the php function "$inimage=@imagecreatefromstring($imagedata);" used in qa-util-imgage.php.
The image is uncompressed converted in a variable to be stored in the database.
If the image size is bigger than the php memory limit (memory_limit) this leads to a memory overflow - and a white, blank screen for the user :(
[ x_size * y_size * bpp > memory_limit ]
To avoid this a modification in qa-page-account.php to check the uncompressed (!) picture size of the uploaded avatar pic can help:
original:
if (is_array(@$_FILES['file']) && $_FILES['file']['size'])
if (!qa_set_user_avatar($qa_login_userid, file_get_contents( _
$_FILES['file']['tmp_name']), $useraccount['avatarblobid']))
$errors['avatar']=qa_lang_sub('users/avatar_not_read', implode( _
', ', qa_gd_image_formats())); |
modification:
if (is_array(@$_FILES['file']) && $_FILES['file']['size']){
//check image-size to prevent memory overrun
$t_imgsize=getimagesize($_FILES['file']['tmp_name']);
//uncompressed image larger than standard php memory_limit 128M
if (($t_imgsize[0] * $t_imgsize[1] * $t_imgsize['bits'] * $t_imgsize['channels'] / 8) _
> 100000000){
$errors['avatar']='image too big, please choose a smaller...';
}else{
if (!qa_set_user_avatar($qa_login_userid, file_get_contents( _
$_FILES['file']['tmp_name']), $useraccount['avatarblobid']))
$errors['avatar']=qa_lang_sub('users/avatar_not_read', implode( _
', ', qa_gd_image_formats()));
}
} |
You'll have to adjust the memory-limit to your individual setting of memory_limit in your php.ini ! Best way of cause is to retrieve the memory_limit online like described here: http://php.net/manual/en/function.ini-get.php
! attention: there are three line breaks due to the editor in the code which must be deleted again:
they are marked with the descender symbol " _ "
