Index: includes/common.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/common.inc,v
retrieving revision 1.420
diff -u -r1.420 common.inc
--- includes/common.inc	22 Jan 2005 11:15:24 -0000	1.420
+++ includes/common.inc	28 Jan 2005 20:48:40 -0000
@@ -1789,6 +1789,7 @@
 include_once 'includes/tablesort.inc';
 include_once 'includes/file.inc';
 include_once 'includes/xmlrpc.inc';
+include_once 'includes/image.inc';
 
 // Set the Drupal custom error handler.
 set_error_handler('error_handler');
Index: modules/system.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/system.module,v
retrieving revision 1.192
diff -u -r1.192 system.module
--- modules/system.module	24 Jan 2005 21:20:16 -0000	1.192
+++ modules/system.module	28 Jan 2005 20:48:41 -0000
@@ -239,6 +239,17 @@
   $group .= form_radios(t('Download method'), 'file_downloads', variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC), array(FILE_DOWNLOADS_PUBLIC => t('Public - files are available using http directly.'), FILE_DOWNLOADS_PRIVATE => t('Private - files are transferred by Drupal.')), t('If you want any sort of access control on the downloading of files, this needs to be set to <em>private</em>. You can change this at any time, however all download URLs will change and there may be unexpected problems so it is not recommended.'));
   $output .= form_group(t('File system settings'), $group);
 
+  // image handling:
+  $group = '';
+  $toolkits_available = image_get_available_toolkits();
+  if (count($toolkits_available) > 1) {
+    $group .= form_radios(t('Select an image processing toolkit'), 'image_toolkit', variable_get('image_toolkit', image_get_toolkit()), $toolkits_available);
+  }
+  $group .= image_toolkit_invoke('settings');
+  $group .= form_textfield(t('Default thumbnail dimensions'), 'image_thumbnail_res', variable_get('image_thumbnail_res', '100x100'), 10, 10, t('The maximum thumbnail dimensions as WIDTHxHEIGHT (e.g. 100x100). Aspect ratio will be maintained.'));
+  $group .= form_textfield(t('Maximum image dimensions'), 'image_max_res', variable_get('image_max_res', 0), 10, 10, t('The maximum allowed image size expressed as WIDTHxHEIGHT (e.g. 640x480). Set to 0 for no restriction.'));
+  $output .= form_group(t('Image handling'), $group);
+      
   // date settings:
   $zones = _system_zonelist();
 
@@ -612,7 +623,7 @@
 
   // Check for a new uploaded logo, and use that instead.
   if ($file = file_check_upload('logo_upload')) {
-    if (in_array($file->filemime, array('image/jpeg', 'image/gif', 'image/png'))) {
+    if ($info = image_get_info($file->filepath)) {
       $parts = pathinfo($file->filename);
       $filename = ($key) ? str_replace('/', '_', $key) . '_logo.' . $parts['extension'] : 'logo.' . $parts['extension'];
 
Index: modules/upload.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/upload.module,v
retrieving revision 1.20
diff -u -r1.20 upload.module
--- modules/upload.module	24 Jan 2005 21:20:16 -0000	1.20
+++ modules/upload.module	28 Jan 2005 20:48:41 -0000
@@ -138,7 +138,9 @@
       if (($file = file_check_upload('upload')) && user_access('upload files')) {
         global $user;
 
-        $max_size = variable_get("upload_maxsize_total", 0);
+        $file = _upload_image($file);
+        
+        $maxsize = variable_get("upload_maxsize_total", 0);
         $total_size = upload_count_size() + $filesize;
         $total_usersize = upload_count_size($user->uid) + $filesize;
 
@@ -353,6 +355,24 @@
   }
 
   return $files;
+}
+
+/**
+ * check an upload, if it is an image, make sure it fits within the
+ * maximum dimensions allowed
+ */
+function _upload_image($file) {
+  $info = image_get_info($file->filepath);
+
+  if ($info) {
+    list($width, $height) = explode('x', variable_get('image_max_res', 0));
+    if ($width && $height) {
+      image_scale($file->filepath, $file->filepath, $width, $height);
+      $file->filesize = filesize($file->filepath);
+    }
+  }
+
+  return $file;
 }
 
 ?>
Index: modules/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user.module,v
retrieving revision 1.434
diff -u -r1.434 user.module
--- modules/user.module	27 Jan 2005 21:34:38 -0000	1.434
+++ modules/user.module	28 Jan 2005 20:48:41 -0000
@@ -227,20 +227,19 @@
 
   // Check that uploaded file is an image, with a maximum file size
   // and maximum height/width.
-  $extension = strtolower(strrchr($file->filename, '.'));
-  $size = @getimagesize($file->filepath);
+  $info = image_get_info($file->filepath);
   list($maxwidth, $maxheight) = explode('x', variable_get('user_picture_dimensions', '85x85'));
 
-  if ((!in_array($size[2], array(1, 2, 3))) || (!in_array($extension, array('.gif', '.jpg', '.png', '.jpeg')))) {
+  if (!$info || !$info['type']) {
     form_set_error('picture', t('The uploaded file was not an image.'));
   }
-  else if ($file->size > (variable_get('user_picture_file_size', '30') * 1000)) {
-    form_set_error('picture', t('The uploaded image is too large; the maximum file size is %size kB.', array('%size' => variable_get('user_picture_file_size', '30'))));
-  }
-  else if ($size[0] > $maxwidth || $size[1] > $maxheight) {
+  else if (!image_scale($file->filepath, $file->filepath, $maxwidth, $maxheight)) {
     form_set_error('picture', t('The uploaded image is too large; the maximum dimensions are %dimensions pixels.', array('%dimensions' => variable_get('user_picture_dimensions', '85x85'))));
   }
-  else if ($file = file_save_upload('picture', variable_get('user_picture_path', 'pictures') .'/picture-'. $user->uid . $extension, 1)) {
+  else if (filesize($file->filepath) > (variable_get('user_picture_file_size', '30') * 1000)) {
+    form_set_error('picture', t('The uploaded image is too large; the maximum file size is %size kB.', array('%size' => variable_get('user_picture_file_size', '30'))));
+  }
+  else if ($file = file_save_upload('picture', variable_get('user_picture_path', 'pictures') .'/picture-'. $user->uid . '.' . $info['ext'], 1)) {
     $edit['picture'] = $file->filepath;
   }
   else {
@@ -403,26 +402,8 @@
  */
 function user_file_download($file) {
   if (strpos($file, variable_get('user_picture_path', 'pictures') .'/picture-') === 0) {
-    list($width, $height, $type, $attr) = @getimagesize(file_create_path($file));
-    $types = array(
-      IMAGETYPE_GIF => 'image/gif',
-      IMAGETYPE_JPEG => 'image/jpeg',
-      IMAGETYPE_PNG => 'image/png',
-      IMAGETYPE_SWF => 'application/x-shockwave-flash',
-      IMAGETYPE_PSD => 'image/psd',
-      IMAGETYPE_BMP => 'image/bmp',
-      IMAGETYPE_TIFF_II => 'image/tiff',
-      IMAGETYPE_TIFF_MM  => 'image/tiff',
-      IMAGETYPE_JPC => 'application/octet-stream',
-      IMAGETYPE_JP2 => 'image/jp2',
-      IMAGETYPE_JPX => 'application/octet-stream',
-      IMAGETYPE_JB2 => 'application/octet-stream',
-      IMAGETYPE_SWC => 'application/x-shockwave-flash',
-      IMAGETYPE_IFF => 'image/iff',
-      IMAGETYPE_WBMP => 'image/vnd.wap.wbmp',
-      IMAGETYPE_XBM => 'image/xbm'
-    );
-    return array('Content-type: '. $types[$type]);
+    $info = image_get_info(file_create_path($file));
+    return array('Content-type: '. $info['type']);
   }
 }