From 5786f69ba483677bff6881665ead83ee7ef0274f Mon Sep 17 00:00:00 2001
From: John Mizerek <mizerek@gmail.com>
Date: Fri, 6 Feb 2026 18:49:38 -0800
Subject: [PATCH] Add AvatarUrl to profile API and update ImageExtension on
 upload

- profile.cfm now returns AvatarUrl in USER object
- avatar.cfm now updates Users.ImageExtension after successful upload

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 api/auth/avatar.cfm  |  5 +++++
 api/auth/profile.cfm | 24 ++++++++++++++++++++----
 2 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/api/auth/avatar.cfm b/api/auth/avatar.cfm
index 4b15e31..0a83224 100644
--- a/api/auth/avatar.cfm
+++ b/api/auth/avatar.cfm
@@ -160,6 +160,11 @@ if (cgi.REQUEST_METHOD == "POST") {
       }
     }
 
+    // Update user's ImageExtension in database
+    queryTimed("
+      UPDATE Users SET ImageExtension = 'jpg' WHERE ID = :userId
+    ", { userId: { value = userId, cfsqltype = "cf_sql_integer" } }, { datasource = "payfrit" });
+
     writeOutput(serializeJSON({
       "OK": true,
       "MESSAGE": "Avatar uploaded successfully",
diff --git a/api/auth/profile.cfm b/api/auth/profile.cfm
index 29f1d41..1734684 100644
--- a/api/auth/profile.cfm
+++ b/api/auth/profile.cfm
@@ -63,7 +63,8 @@ if (cgi.REQUEST_METHOD == "GET") {
         FirstName,
         LastName,
         EmailAddress,
-        ContactNumber
+        ContactNumber,
+        ImageExtension
       FROM Users
       WHERE ID = :userId
       LIMIT 1
@@ -73,6 +74,12 @@ if (cgi.REQUEST_METHOD == "GET") {
       apiAbort({ "OK": false, "ERROR": "user_not_found", "MESSAGE": "User not found" });
     }
 
+    // Build avatar URL if user has an image
+    avatarUrl = "";
+    if (len(trim(qUser.ImageExtension))) {
+      avatarUrl = application.baseUrl & "/uploads/users/" & qUser.ID & "." & qUser.ImageExtension & "?t=" & getTickCount();
+    }
+
     writeOutput(serializeJSON({
       "OK": true,
       "USER": {
@@ -80,7 +87,8 @@ if (cgi.REQUEST_METHOD == "GET") {
         "FirstName": qUser.FirstName ?: "",
         "LastName": qUser.LastName ?: "",
         "Email": qUser.EmailAddress ?: "",
-        "Phone": qUser.ContactNumber ?: ""
+        "Phone": qUser.ContactNumber ?: "",
+        "AvatarUrl": avatarUrl
       }
     }));
     abort;
@@ -137,12 +145,19 @@ if (cgi.REQUEST_METHOD == "POST") {
         FirstName,
         LastName,
         EmailAddress,
-        ContactNumber
+        ContactNumber,
+        ImageExtension
       FROM Users
       WHERE ID = :userId
       LIMIT 1
     ", { userId: { value = userId, cfsqltype = "cf_sql_integer" } });
 
+    // Build avatar URL if user has an image
+    avatarUrl = "";
+    if (len(trim(qUser.ImageExtension))) {
+      avatarUrl = application.baseUrl & "/uploads/users/" & qUser.ID & "." & qUser.ImageExtension & "?t=" & getTickCount();
+    }
+
     writeOutput(serializeJSON({
       "OK": true,
       "MESSAGE": "Profile updated",
@@ -151,7 +166,8 @@ if (cgi.REQUEST_METHOD == "POST") {
         "FirstName": qUser.FirstName ?: "",
         "LastName": qUser.LastName ?: "",
         "Email": qUser.EmailAddress ?: "",
-        "Phone": qUser.ContactNumber ?: ""
+        "Phone": qUser.ContactNumber ?: "",
+        "AvatarUrl": avatarUrl
       }
     }));
     abort;