add avatar upload limits

2 files changed, 44 insertions, 27 deletions

diff --git a/src/site.clj b/src/site.clj
index ef6640f..7c34372 100644
--- a/src/site.clj
+++ b/src/site.clj
@@ -915,22 +915,21 @@ FROM   users u
 
 ;; Upload
 
-(def *max-image-dimensions* [2000 2000])
-(def *max-avatar-dimensions* [2000 2000])
-(def *vip-max-file-size* (mbytes 5)) ; don't be nuts guys
-(def *max-file-size* (mbytes 1))
-(def *ignore-size-limit-for-vip* true)
-(def *avatar-dimensions* [50 50])
+(def max-upload-dimensions [2000 2000])
+(def max-avatar-dimensions [800 800])
+(def max-vip-file-size (mbytes 5)) ; don't be nuts guys
+(def max-file-size (mbytes 1))
+(def max-avatar-size (kbytes 500))
+(def ignore-size-limit-for-vip true)
 
 (defn file-size-limit [vip]
-  (if (and *ignore-size-limit-for-vip* vip)
-    *vip-max-file-size*
-    *max-file-size*))
+  (if (and ignore-size-limit-for-vip vip)
+    max-vip-file-size
+    max-file-size))
 
-(defn is-file-too-big? [f vip]
-  (let [limit (file-size-limit vip)]
-    (if (> (.length f) limit)
-      (str "FILE_TOO_BIG " limit))))
+(defn is-file-too-big? [f limit]
+  (if (> (.length f) limit)
+    (str "FILE_TOO_BIG " limit)))
 
 (defn invalid-image-dimensions? [f [max-width max-height]]
   (try 
@@ -952,8 +951,15 @@ FROM   users u
   (str-join "/" [*server-url* dir date (.getName file)]))
 
 (defn validate-upload-file [f vip]
-  (or (is-file-too-big? f vip)
-      (invalid-image-dimensions? f *max-image-dimensions*)))
+  (let [file-limit (if vip
+		     max-vip-file-size
+		     max-file-size)]
+    (or (is-file-too-big? f file-limit)
+	(invalid-image-dimensions? f max-upload-dimensions))))
+
+(defn validate-avatar-file [f]
+  (or (is-file-too-big? f max-avatar-size)
+      (invalid-image-dimensions? f max-avatar-dimensions)))
 
 
 ; Upload notes:
@@ -1007,8 +1013,9 @@ FROM   users u
   (let [image (params :image)]
     (cond (not image)           [200 "INVALID_REQUEST"]
           (not (session :nick)) [200 "NOT_LOGGED_IN"]
-          :else (do-upload-avatar session image))))
-
+          :else (if-let [err (validate-avatar-file (:tempfile image))]
+		  [200 err]
+		  (do-upload-avatar session image)))))
 
 ;; Compojure Routes
 
@@ -1176,6 +1183,7 @@ FROM   users u
 (Thread/sleep 3000)
 (start-user-flusher!)
 (start-session-pruner!)
-(start! feed-downloader)
-(start! feed-inserter)
 
+(if (= *server-url* "http://dump.fm")
+  (do (start! feed-downloader)
+      (start! feed-inserter)))
diff --git a/static/js/pichat.js b/static/js/pichat.js
index 3981d7e..1f64c20 100644
--- a/static/js/pichat.js
+++ b/static/js/pichat.js
@@ -705,7 +705,8 @@ function setupUploadAvatar(elementId) {
     };
     var onComplete = function(file, resp) {
         $('#spinner').hide();
-	    var r = $.trim(resp);
+	var r = $.trim(resp);
+
         if (r == 'INVALID_REQUEST') {
             location.reload();
         } else if (r == 'NOT_LOGGED_IN') {
@@ -714,13 +715,21 @@ function setupUploadAvatar(elementId) {
             alert("Sorry, dump.fm can't deal with your image. Pick another :(");
             return;
         } else if (r.match(/FILE_TOO_BIG/)) {
-			    var maxSize = r.split(" ")[1] / 1024;
-			    alert("Sorry. Your file is just too fucking big. "
-			          + maxSize + "KB or less please.");
-			return;
-		}
-        var s = '<img id="dashavatarPic" src="' + r + ' />';        
-        $('#dashavatarPic').replaceWith(s).show();
+	    var maxSize = r.split(" ")[1] / 1024;
+	    alert("Sorry. Your avatar is just too fucking big. "
+		  + maxSize + "KB or less please.");
+	    return;
+	} else if (r.match(/INVALID_RESOLUTION/)) {
+            var maxWidth = r.split(" ")[1];
+            var maxHeight = r.split(" ")[2];
+            alert("Sorry, the maximum avatar resolution is "
+                  + maxWidth + "x" + maxHeight);
+            return;
+        }
+	
+        var s = '<img id="dashavatarPic" src="' + r + '" />';
+	console.log('setting avatar img to ' + s);
+        $('#dashavatar').html(s).show();
     };
     new AjaxUpload(elementId, {
         action: '/upload/avatar',