diff --git a/CHANGELOG.md b/CHANGELOG.md index a36e8d0cf..9a976fc2d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ **Merged pull requests:** - Release 2.4.4 🦩 ([belomaxorka](https://github.com/belomaxorka)) +- Resize avatar image if too large 🌆 [\#1512](https://github.com/torrentpier/torrentpier/pull/1512) ([belomaxorka](https://github.com/belomaxorka)) - Increased PASSWORD_MAX_LENGTH [\#1510](https://github.com/torrentpier/torrentpier/pull/1510) ([belomaxorka](https://github.com/belomaxorka)) - Some security improvements 🔑 [\#1503](https://github.com/torrentpier/torrentpier/pull/1503) ([belomaxorka](https://github.com/belomaxorka)) - Some security enhancements (Part 2) [\#1505](https://github.com/torrentpier/torrentpier/pull/1505) ([belomaxorka](https://github.com/belomaxorka)) diff --git a/src/Legacy/Common/Upload.php b/src/Legacy/Common/Upload.php index 3e123b1f2..c6834fbae 100644 --- a/src/Legacy/Common/Upload.php +++ b/src/Legacy/Common/Upload.php @@ -161,8 +161,22 @@ class Upload // width & height if (($this->cfg['max_width'] && $width > $this->cfg['max_width']) || ($this->cfg['max_height'] && $height > $this->cfg['max_height'])) { - $this->errors[] = sprintf($lang['UPLOAD_ERROR_DIMENSIONS'], $this->cfg['max_width'], $this->cfg['max_height']); - return false; + for ($i = 0, $max_try = 3; $i <= $max_try; $i++) { + try { + $image = new \claviska\SimpleImage(); + $image + ->fromFile($this->file['tmp_name']) + ->autoOrient() + ->resize($this->cfg['max_width'], $this->cfg['max_height']) + ->toFile($this->file['tmp_name']); + break; + } catch (\Exception $e) { + if ($i == $max_try) { + $this->errors[] = sprintf($lang['UPLOAD_ERROR_DIMENSIONS'], $this->cfg['max_width'], $this->cfg['max_height']); + return false; + } + } + } } } else { $this->errors[] = $lang['UPLOAD_ERROR_NOT_IMAGE'];