authorize(auth::getCurrentUserId(), auth::getAccessToken())) { header('Location: /'); } $groupId = $helper->getUserId($request[0]); $group = new group($dbo, $groupId); $group->setRequestFrom(auth::getCurrentUserId()); $groupInfo = $group->get(); if ($groupInfo['accountAuthor'] != auth::getCurrentUserId()) { header("Location: /"); exit; } if (!empty($_FILES['userfile']['tmp_name'])) { $result = array("error" => true); if ($_FILES["userfile"]["size"] < 20 * 1024 * 1024) { $time = time(); $uploaded_file = $_FILES['userfile']['tmp_name']; $uploaded_file_name = basename($_FILES['userfile']['name']); $uploaded_file_ext = pathinfo($_FILES['userfile']['name'], PATHINFO_EXTENSION); if (!move_uploaded_file($_FILES['userfile']['tmp_name'], TEMP_PATH."{$time}.".$uploaded_file_ext)) { // make error flag true $response['error'] = true; $response['message'] = 'Could not move the file!'; } $imglib = new imglib($dbo); $result = $imglib->createPhoto(TEMP_PATH."{$time}.".$uploaded_file_ext); unset($imglib); if ($result['error'] === false) { $account = new account($dbo, $groupId); $account->setPhoto($result); unset($account); } } echo json_encode($result); exit; } if (isset($_GET['action'])) { $act = isset($_GET['action']) ? $_GET['action'] : ''; switch ($act) { case "get-box": { ?>