diff -r c2f4c900c507 -r dc838fd61a06 plugins/SpecialUserPrefs.php
--- a/plugins/SpecialUserPrefs.php	Wed Dec 19 23:04:17 2007 -0500
+++ b/plugins/SpecialUserPrefs.php	Thu Dec 20 22:23:07 2007 -0500
@@ -103,6 +103,10 @@
   userprefs_menu_add('Profile/membership', 'Edit e-mail address and password', makeUrlNS('Special', 'Preferences/EmailPassword') . '" onclick="ajaxLoginNavTo(\'Special\', \'Preferences/EmailPassword\', '.USER_LEVEL_CHPREF.'); return false;');
   userprefs_menu_add('Profile/membership', 'Edit signature', makeUrlNS('Special', 'Preferences/Signature'));
   userprefs_menu_add('Profile/membership', 'Edit public profile', makeUrlNS('Special', 'Preferences/Profile'));
+  if ( getConfig('avatar_enable') == '1' )
+  {
+    userprefs_menu_add('Profile/membership', 'Avatar settings', makeUrlNS('Special', 'Preferences/Avatar'));
+  }
   userprefs_menu_add('Private messages', 'Inbox', makeUrlNS('Special', 'PrivateMessages/Folder/Inbox'));
   userprefs_menu_add('Private messages', 'Outbox', makeUrlNS('Special', 'PrivateMessages/Folder/Outbox'));
   userprefs_menu_add('Private messages', 'Sent items', makeUrlNS('Special', 'PrivateMessages/Folder/Sent'));
@@ -124,6 +128,7 @@
 function page_Special_Preferences()
 {
   global $db, $session, $paths, $template, $plugins; // Common objects
+  global $lang;
   
   // We need a login to continue
   if ( !$session->user_logged_in )
@@ -594,6 +599,273 @@
       <?php
       echo '</form>';
       break;
+    case 'Avatar':
+      if ( getConfig('avatar_enable') != '1' )
+      {
+        echo '<div class="error-box"><b>' . $lang->get('usercp_avatar_err_disabled_title') . '</b><br />' . $lang->get('usercp_avatar_err_disabled_body') . '</div>';
+      }
+      
+      // Determine current avatar
+      $q = $db->sql_query('SELECT user_has_avatar, avatar_type FROM ' . table_prefix . 'users WHERE user_id = ' . $session->user_id . ';');
+      if ( !$q )
+        $db->_die('Avatar CP selecting user\'s avatar data');
+      
+      list($has_avi, $avi_type) = $db->fetchrow_num();
+      
+      if ( isset($_POST['submit']) )
+      {
+        $action = ( isset($_POST['avatar_action']) ) ? $_POST['avatar_action'] : 'keep';
+        $avi_path = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $session->user_id . '.' . $avi_type;
+        switch($action)
+        {
+          case 'keep':
+          default:
+            break;
+          case 'remove':
+            if ( $has_avi )
+            {
+              // First switch the avatar off
+              $q = $db->sql_query('UPDATE ' . table_prefix . 'users SET user_has_avatar = 0 WHERE user_id = ' . $session->user_id . ';');
+              if ( !$q )
+                $db->_die('Avatar CP switching user avatar off');
+              
+              if ( @unlink($avi_path) )
+              {
+                echo '<div class="info-box">' . $lang->get('usercp_avatar_delete_success') . '</div>';
+              }
+              $has_avi = 0;
+            }
+            break;
+          case 'set_http':
+          case 'set_file':
+            // Hackish way to preserve the UNIX philosophy of reusing as much code as possible
+            if ( $action == 'set_http' )
+            {
+              // Check if this action is enabled
+              if ( getConfig('avatar_upload_http') !== '1' )
+              {
+                // non-localized, only appears on hack attempt
+                echo '<div class="error-box">Uploads over HTTP are disabled.</div>';
+                break;
+              }
+              // Download the file
+              require_once( ENANO_ROOT . '/includes/http.php' );
+              
+              if ( !preg_match('/^http:\/\/([a-z0-9-\.]+)(:([0-9]+))?\/(.+)$/', $_POST['avatar_http_url'], $match) )
+              {
+                echo '<div class="error-box">' . $lang->get('usercp_avatar_invalid_url') . '</div>';
+                break;
+              }
+              
+              $hostname = $match[1];
+              $uri = '/' . $match[4];
+              $port = ( $match[3] ) ? intval($match[3]) : 80;
+              $max_size = intval(getConfig('avatar_max_size'));
+              
+              // Get temporary file
+              $tempfile = tempnam(false, "enanoavatar_{$session->user_id}");
+              if ( !$tempfile )
+                echo '<div class="error-box">Error getting temp file.</div>';
+              
+              @unlink($tempfile);
+              $request = new Request_HTTP($hostname, $uri, 'GET', $port);
+              $result = $request->write_response_to_file($tempfile, 50, $max_size);
+              if ( !$result || $request->response_code != HTTP_OK )
+              {
+                @unlink($tempfile);
+                echo '<div class="error-box">' . $lang->get('usercp_avatar_bad_write') . '</div>';
+                break;
+              }
+              
+              // Response written. Proceed to validation...
+            }
+            else
+            {
+              // Check if this action is enabled
+              if ( getConfig('avatar_upload_file') !== '1' )
+              {
+                // non-localized, only appears on hack attempt
+                echo '<div class="error-box">Uploads from the browser are disabled.</div>';
+                break;
+              }
+              
+              $max_size = intval(getConfig('avatar_max_size'));
+              
+              $file =& $_FILES['avatar_file'];
+              $tempfile =& $file['tmp_name'];
+              if ( filesize($tempfile) > $max_size )
+              {
+                @unlink($tempfile);
+                echo '<div class="error-box">' . $lang->get('usercp_avatar_file_too_large') . '</div>';
+                break;
+              }
+            }
+            $file_type = get_image_filetype($tempfile);
+            if ( !$file_type )
+            {
+              unlink($tempfile);
+              echo '<div class="error-box">' . $lang->get('usercp_avatar_bad_filetype') . '</div>';
+              break;
+            }
+            
+            // The file type is good - validate dimensions and animation
+            switch($file_type)
+            {
+              case 'png':
+                $is_animated = is_png_animated($tempfile);
+                $dimensions = png_get_dimensions($tempfile);
+                break;
+              case 'gif':
+                $is_animated = is_gif_animated($tempfile);
+                $dimensions = gif_get_dimensions($tempfile);
+                break;
+              case 'jpg':
+                $is_animated = false;
+                $dimensions = jpg_get_dimensions($tempfile);
+                break;
+              default:
+                echo '<div class="error-box">API mismatch</div>';
+                break 2;
+            }
+            // Did we get invalid size data? If so the image is probably corrupt.
+            if ( !$dimensions )
+            {
+              @unlink($tempfile);
+              echo '<div class="error-box">' . $lang->get('usercp_avatar_corrupt_image') . '</div>';
+              break;
+            }
+            // Is the image animated?
+            if ( $is_animated && getConfig('avatar_enable_anim') !== '1' )
+            {
+              @unlink($tempfile);
+              echo '<div class="error-box">' . $lang->get('usercp_avatar_disallowed_animation') . '</div>';
+              break;
+            }
+            // Check image dimensions
+            list($image_x, $image_y) = $dimensions;
+            $max_x = intval(getConfig('avatar_max_width'));
+            $max_y = intval(getConfig('avatar_max_height'));
+            if ( $image_x > $max_x || $image_y > $max_y )
+            {
+              @unlink($tempfile);
+              echo '<div class="error-box">' . $lang->get('usercp_avatar_too_large') . '</div>';
+              break;
+            }
+            // All good!
+            if ( rename($tempfile, $avi_path) )
+            {
+              $q = $db->sql_query('UPDATE ' . table_prefix . "users SET user_has_avatar = 1, avatar_type = '$file_type' WHERE user_id = {$session->user_id};");
+              if ( !$q )
+                $db->_die('Avatar CP updating users table after successful avatar upload');
+              $has_avi = 1;
+              $avi_type = $file_type;
+              echo '<div class="info-box">' . $lang->get('usercp_avatar_upload_success') . '</div>';
+            }
+            else
+            {
+              echo '<div class="error-box">' . $lang->get('usercp_avatar_move_failed') . '</div>';
+            }
+            break;
+        }
+      }
+      
+      ?>
+      <script type="text/javascript">
+      
+        function avatar_select_field(elParent)
+        {
+          switch(elParent.value)
+          {
+            case 'keep':
+            case 'remove':
+              $('avatar_upload_http').object.style.display = 'none';
+              $('avatar_upload_file').object.style.display = 'none';
+              break;
+            case 'set_http':
+              $('avatar_upload_http').object.style.display = 'block';
+              $('avatar_upload_file').object.style.display = 'none';
+              break;
+            case 'set_file':
+              $('avatar_upload_http').object.style.display = 'none';
+              $('avatar_upload_file').object.style.display = 'block';
+              break;
+          }
+        }
+      
+      </script>
+      <?php
+      
+      echo '<form action="' . makeUrl($paths->fullpage) . '" method="post" enctype="multipart/form-data">';
+      echo '<div class="tblholder">';
+      echo '<table border="0" cellspacing="1" cellpadding="4">';
+      echo '<tr>
+              <th colspan="2">
+                ' . $lang->get('usercp_avatar_table_title') . '
+              </th>
+            </tr>';
+            
+      echo '<tr>
+              <td class="row2" style="width: 50%;">
+                ' . $lang->get('usercp_avatar_label_current') . '
+              </td>
+              <td class="row1" style="text-align: center;">';
+              
+      if ( $has_avi == 1 )
+      {
+        echo '<img alt="' . $lang->get('usercp_avatar_image_alt', array('username' => $session->username)) . '" src="' . make_avatar_url($session->user_id, $avi_type) . '" />';
+      }
+      else
+      {
+        echo $lang->get('usercp_avatar_image_none');
+      }
+      
+      echo '    </td>
+              </tr>';
+              
+      echo '  <tr>
+                <td class="row2">
+                  ' . $lang->get('usercp_avatar_lbl_change') . '
+                </td>
+                <td class="row1">
+                  <label><input type="radio" name="avatar_action" value="keep" onclick="avatar_select_field(this);" checked="checked" /> ' . $lang->get('usercp_avatar_lbl_keep') . '</label><br />
+                  <label><input type="radio" name="avatar_action" value="remove" onclick="avatar_select_field(this);" /> ' . $lang->get('usercp_avatar_lbl_remove') . '</label><br />';
+      if ( getConfig('avatar_upload_http') == '1' )
+      {
+        echo '    <label><input type="radio" name="avatar_action" value="set_http" onclick="avatar_select_field(this);" /> ' . $lang->get('usercp_avatar_lbl_set_http') . '</label><br />
+                  <div id="avatar_upload_http" style="display: none; margin: 10px 0 0 2.2em;">
+                    ' . $lang->get('usercp_avatar_lbl_url') . ' <input type="text" name="avatar_http_url" size="40" value="http://" /><br />
+                    <small>' . $lang->get('usercp_avatar_lbl_url_desc') . ' ' . $lang->get('usercp_avatar_limits') . '</small>
+                  </div>';
+      }
+      else
+      {
+        echo '    <div id="avatar_upload_http" style="display: none;"></div>';
+      }
+      if ( getConfig('avatar_upload_file') == '1' )
+      {
+        echo '    <label><input type="radio" name="avatar_action" value="set_file" onclick="avatar_select_field(this);" /> ' . $lang->get('usercp_avatar_lbl_set_file') . '</label>
+                  <div id="avatar_upload_file" style="display: none; margin: 10px 0 0 2.2em;">
+                    ' . $lang->get('usercp_avatar_lbl_file') . ' <input type="file" name="avatar_file" size="40" /><br />
+                    <small>' . $lang->get('usercp_avatar_lbl_file_desc') . ' ' . $lang->get('usercp_avatar_limits') . '</small>
+                  </div>';
+      }
+      else
+      {
+        echo '    <div id="avatar_upload_file" style="display: none;"></div>';
+      }
+      echo '    </td>
+              </tr>';
+              
+      echo '  <tr>
+                <th class="subhead" colspan="2">
+                  <input type="submit" name="submit" value="' . $lang->get('etc_save_changes') . '" />
+                </th>
+              </tr>';
+              
+      echo '</table>
+            </div>';
+      
+      break;
     default:
       $good = false;
       $code = $plugins->setHook('userprefs_body');