Ucenter storage rules for user avatar

The reason for this concern is because a forum opens a page MSE on the report poison, and each time is the same picture file: Xx_avatar_middle.jpg (xx is a number), it was strange, but has no solution also has no tube. A few months later, just a few days ago, I wanted to figure this out (because I joined the Forum team and was interested and qualified).
Wordy process (a little digress), because after a relatively long time, can't remember which member's Avatar, only remember the avatar file name, so go to the UC Avatar directory, execute

<textarea class="crayon-plain print-no" style="-moz-tab-size: 4; font-size: 14px ! important; line-height: 15px ! important; z-index: 0; opacity: 0;" readonly="" data-settings="dblclick">find./-name "xx_avatar_middle.jpg" >avatar.txt</textarea>

1	Find . / -name "xx_avatar_middle.jpg" >avatar.txt

Get a lot of xx_avatar_middle.jpg files, this under the dumbfounded, at first thought the Avatar file name is unique.
Fortunately MSE recognized this file, so with the help of notepad++, the above avatar.txt./xx/xx/xx_avatar_middle.jpg replaced by Wget-x Urlofavatardir/xx/xx/xx_avatar_ Middle.jpg, get a bash script:

<textarea class= "Crayon-plain print-no" style= "-moz-tab-size:4"; Font-size:14px! Important line-height:15px! Important z-index:0; opacity:0, "readonly data-settings=" DblClick ">#!/bin/bashwget-x url/xx/xx/xx_avatar_middle.jpg .... </textarea>

123	#!/bin/bash wget -x url/xx/xx/xx_avatar_middle. jpg .. . .

The-x option is to set up the same directory as the server locally, or it is unclear where the file is to download a bunch of files of the same name.
And then execute, sure enough MSE also reported poison:

MSE Picture Report Poison

The specific contents are as follows:

<textarea class="crayon-plain print-no" style="-moz-tab-size: 4; font-size: 14px ! important; line-height: 15px ! important; z-index: 0; opacity: 0;" readonly="" data-settings="dblclick">Category: Trojan Horse Description: This program is dangerous and executes commands from attackers. Recommended action: Delete this software now. Project: File:d:\xx\xx\data\avatar\000\0x\xx\xx_avatar_middle.jpg</textarea>

12345678

Category: Trojan Horse Describe: This program is dangerous and executes commands from attackers. Recommended actions: Delete this software now. Project:file:D:\xx\xx\data\Avatar\0x\ xx\xx_avatar_middle. JPG

Find the picture position, the next is to analyze this picture, at first did not think directly open, directly on the server to the image Base64 encoding and decoding, found that the end of the picture was inserted a piece of code, but looked at the code after seemingly nothing, is the ordinary Web page but with some ads just. After you open the picture with a text editor, you can actually see that a page code is inserted at the end of the file.
Next, is curious about this user is who, why he should go to the head of the code, but the face of the UC avatar storage, no clue, have to help degrees Niang, quickly found, in the Discuz official website someone shared the Ucenter avatar storage rules:

<textarea class="crayon-plain print-no" style="-moz-tab-size: 4; font-size: 14px ! important; line-height: 15px ! important; z-index: 0; opacity: 0;" readonly="" data-settings="dblclick">function Get_avatar ($uid, $size = ' middle ') {$size = In_array ($size, Array (' Big ', ' middle ', ' small '))? $size : ' Middle '; $uid = ABS (Intval ($UID)); The UID takes an integer absolute value $uid = sprintf ("%09d", $uid); The front plus 0 is padded with 9 bits, for example the user with UID 31 becomes 000000031 $dir 1 = substr ($uid, 0, 3); Take the left 3 bits, that is $dir 2 = substr ($uid, 3, 2); Take 4-5 bits, which is $dir 3 = substr ($uid, 5, 2); Take 6-7 bits, that is, 00//under the user picture path, that is, 000/00/00/31_avatar_middle.jpg return $dir 1. ' /'. $dir 2. ' /'. $dir 3. ' /'. substr ($uid,-2). " _avatar_$size.jpg ";}</textarea>

12345678910

function get_avatar($uid, $size = ' middle ') { $size = in_array $size array ( ' big ' , ' Middle ' , ' small ' ) ) ? $size : ' Middle '          $uid = abs (intval ( $uid ) ; //uid take integer absolute value          $uid = sprintf ( "%09d" , $uid ) ; //front plus 0 padded 9 bits, for example UID 31 user becomes 000000031          $dir 1 = substr ( $uid , 0, 3 ;   //take the left 3 bits, that is, the          $dir 2 = substr ( $uid , 3, 2 ;   //take 4-5 bits, that is, xx $dir 3 = substr($uid, 5, 2); //Take 6-7-bit, i.e. xx //The user's avatar path is spelled below, i.e. 000/00/00/31_avatar_middle.jpg return $dir 1.' /'. $dir 2.' /'. $dir 3.' /'. substr($uid, -2)." _avatar_$size.jpg "; }

This quickly found the problem of the owner of the Avatar, but there is no harvest, the end of the hand.
Finally posted this post, the code has been posted on the withheld, the content is very practical:

Since the DZ0606 version, the user avatar has been merged with UC, and new storage rules have been adopted.
In order to thoroughly understand the storage mode of UC system avatar, the avatar.php of DZ's avatar resolution program is analyzed briefly.
Take a look at the program section below (here is the above):
So, the user with UID 31, the correct path to the avatar file is:
Uc/data/avatar/000/00/00/31_avatar_small.jpg
Uc/data/avatar/000/00/00/31_avatar_middle.jpg
Uc/data/avatar/000/00/00/31_avatar_big.jpg
If the corresponding file cannot be found in the above location, it is automatically redirected to:
Location:images/noavatar_$size.gif
That is
Uc/images/noavatar_small.gif
Uc/images/noavatar_middle.gif
Uc/images/noavatar_big.gif
One of the displays is called based on the arguments submitted.
============================
Understand the above, the actual application if the user's avatar display problem, you can take the following workarounds:
1. Directly call the avatar in the template:

<textarea class="crayon-plain print-no" style="-moz-tab-size: 4; font-size: 14px ! important; line-height: 15px ! important; z-index: 0; opacity: 0;" readonly="" data-settings="dblclick"></textarea>

1	<img src=http://your domain name/UC directory name/avatar.php?uid= $post [authorid]&size= "Small" border=0/ >

2. After the upgrade, self-organizing upload user picture:
If some of the user's avatar is not displayed after the upgrade, you can create the directory directly according to the above rules, upload the user's custom avatar under customavatars/to the corresponding directory and rename it.
Example: A user uid is 12345, the original avatar is saved in customavatars/12345.jpg, according to the above algorithm, the upgraded Avatar directory is:
uc/data/avatar/000/01/23/
Then you can copy the user's original avatar file-renamed: 45_avatar_middle.jpg,45_avatar_small.jpg,45_avatar_big.jpg
Upload it to this directory.
Of course, you can also write a program to complete the process yourself.

Ucenter storage rules for user avatar