Updated for vBulletin 2.2.2, 5th February 2002

Since there has been so much demand for this, I wrote a hack that will allow you to store all your custom avatars as files, rather than in the mySQL database.

http://kier.3dfrontier.com/vbhacks/avatarasfile.gif

Doing this will have the following benefits:

• Avatars folder can be protected by .htaccess (Apache only) to prevent bandwidth stealing
• No SQL queries or PHP code required to display custom avatars - server load decreases
• No cacheing issues with Internet Explorer 5.5, so server bandwidth use should decrease

The install script will make the necessary modifications to your database, install a control panel option to switch the file-based avatars on, and convert your existing custom avatars from the database into files.

All avatar options that are present when using the standard mySQL avatar system are still present, and users will not notice a difference in the interface.

Full instructions for altering your PHP files are included in the zip file.

Once you have made the necessary modifications to the PHP scripts, you should run the enclosed install_favatar.php script from your admin/ folder.

Hi kier,
does your system allow admin to set max avatar size (lets say 80 x 80) and a weight (lets say 3ko) ?

This worked with mysql storing , will it work with your sysem ?

Oh, and does it allow user to upload their files, switch from one avater to the other (and have the previous one replaced and eareased ) ?

Kier, you know what ? :)
It would be GREAT to port this system to attached files to :)

Yes, All avatar options that are present when using the standard mySQL avatar system are still present

I'm not really interested in doing this for attached files, partly for security reasons, and partly because storing attachments in the database does not have the same problems/disadvantages as the avatar system. The reason I have done this for avatars is mainly to solve a problem with IE's cache which causes avatars to be downloaded again for every page, leading to increased server load and bandwidth use.

Ok, just wanted to make sure they worked with directory storing, as I thought these size and weight option were database storing specific.

Another question: do I need to set to 777 the directory storing the avatars ?

Do the instructions say you have to? Have a read. http://kier.3dfrontier.com/vbhacks/avatarasfile.php

And I quote:

1) Firstly, you will need to create a new folder in your forums directory called custom_avatars and set the permissions on the folder to 777.

Just a last question before I try to install it:

What's the security concern that attachement files folder storing involve that isn't involved by avatar folder storing ?

Avatars are always stored as xxxx.gif. Attachments can be of any file type that the administrator decides to allow. If an administrator decided to let .php files be uploaded, and they were stored as files on the system, anyone could run a php script that could destroy the server.

It's a bad idea.

Ok, got it, thanks Kier.
I didn't considered this cause I would only allow jpg,gif, txt and zip and would use it.

Anyway, good job with this hack. Gives the webmaster the final decision.

Another wonderful hack, thanks Kier.... I already have it installed and working on Me2Be's forums.

Just one small typo, in the control panel options, it says "Store Custom Avatars in Database?", but this has to be set to "yes" to use files, "no" to use the database. It should say "Store Custom Avatars as Files?". But otherwise it works great!

Thanks :)

Fixed :)

If you have this problem and want to correct it, run this query:

I just discovered that two php files that require modifications were not mentioned in the original documentation... please revisit the docs and follow the steps to modify private.php and announcement.php if you installed this hack prior to the posting of this message. :)

Kier, you are great! :)

Are all avatars stored as GIFs? Even those uploaded as JPGs? I'm asking because you said "Avatars are always stored as xxxx.gif".

Can you please make a hack for avatars that mods and admins can use custom, but any other group can't?

Or make it to where by group you turn on/off custom setting.

Under each group add

Can use custom avatar Yes/No

If you do modify for a group you'd see where it would be nice to have that setting.

Thanks

yet another fine hack well done kier btw when does your new website open to the general public ?

You can already do this, in a round-about-sort-of-way. Just set Custom Avatars to No (in Options) then go into User > Find > username > Edit > change avatar and you can set a custom avatar even if it's disabled for the board at large.

kool hack Kier

Yes, even JPG file types. Rename a .jpg file to .gif and open it in your browser. It should display just fine.

They are just RENAMED to GIFs or are they converted to GIFs?

There is no "conversion" from one type to another. The data is stored as binary, and when "displayed" using avatar.php, it adds so your browser will believe it's a gif file. The contents of your jpg are unchanged, just sent to the browser as image/gif so it can be displayed.

They are just renamed to GIF. This also happens (in a roundabout sort of way) with custom avatars stored in the database (they send a content header which describes their content to the browser as 'image/gif')

problem with showthread.php, private.php, announcement.php, admin/functions.php logic.

If there exists a customavatar record for the poster, it works great. But if you deleted all the customavatar table records, there's a problem.

hascustomavatar is false because customavatar.avatardata is null, therefore, it can never check to see if $usefileavatar is true or not. There needs to be a way of determining if a customavatar that's saved as a file exists for that user. Maybe checking avatarrevision > 0.

member.php - Also, when a customavatar is deleted or changed to a predefined avatar, the user record needs to be updated to change avatarrevision=0.

Let me know if I am way off base here.

You're right. I'll look into it.

I know you can already do this, but this isn't the way it should be done. Its a pain if users want to change all the time or test new ones out.

As Pfunk pointed out, there was a logic error which occurred if you deleted the contents of your customavatar table...

I did sat in the instructions and in the install script that I did not recommend that you empty the custom avatar table unless you really (really) had a good reason to do so.

In any case, the code is now fixed. Visit the instructions page and make the necessary modifications to member.php - the other files do not need to be altered if you have already hacked them.

If any of your members' avatars are not showing up, simply get them to re-upload their avatar and it will fix itself.

Thank you Kier!

not yet ;)

Another great hack Kier!
Thanks a lot

Another stunning effort. Just one question. I know you have been in close connection with the developers on this issue, so do you know if this hack will be in Beta 4? I just don't want to install it then re-install when beat 4 comes out.

Ok, this is the final thorn I will use today.

How about one last modification to avatar.php to prevent bandwidth stealers from circumventing the security measures people may put on the custom_avatars folder. Only bring this up because now there is a customavatar record again.

Either returning nothing, or the clear.gif image.

Ok, that's it... I promise. =) No, really! heheheh

Great work on the hack, and responding so quickly with a fix to the previous post of mine.

one more kier
you are the best of the best!

Easy, if you use avatars-as-files, just edit avatar.php and at the top of the file, under <?php just put

exit;

I'm not going to do anything more fancy than that, as it would add extra queries to avatar.php, which I am not prepared to do.

If you installed the hack previous to this message, please revisit the instructions and follow the steps to modify admin/user.php... I completely forgot to hack that file before :rolleyes:

<< removed >>

Oh my god do you not want to add that!!!!

If you use require("./global.php") in avatar.php, you will be executing huge numbers of queries every time an avatar is displayed...

This code should really (really) not be added!

Kier,

Great hack! This should speed up my forum a lot.

One thing before I install this hack. Will the database change that this hack does cause any problems when I upgrade to beta4? (Other than changing the php files of course)

Thanks again!

Hello Kier,

Would I be able to use this hack in conjunction with upgrading my 1.13 forum.

See, right now the current VB 2.0 upgrade1.php script does not upgrade my "custom_avatar" table from freddies VB 1.13 "Custom Avatar HAck"...which means my users will have to all re-upload their custom avatars.

You seem to be a hack master around here lately...do you think you could figure it out?

If so here is the information:
Here is my old 1.13 "custom_avatar" table:
And here is the new VB 2.0 "customavatar" table:
Anything you could do to help me salvage my current user's custom avaatrs would be fantastic. Even if it means upgrading the custom avatars into your hack...which I want to store them outside the database anyway.

Thanks for your time. :)

drop the new customavatar table.

rename custom_avatar to customavatar.

Drop the fields id, filename,filesize, & filetype

rename bin_data to avatardata, change the type to mediumtext.

Drop the second index userid_2

p.s. now watch your avatars blow up in size as my hack made no checks on image height/width, only filesize. It used img tags to force all images to be the same size when displayed.