PageRenderTime 71ms CodeModel.GetById 30ms RepoModel.GetById 0ms app.codeStats 0ms

/php/Sources/Themes.php

https://github.com/dekoza/openshift-smf-2.0.7
PHP | 2163 lines | 1652 code | 284 blank | 227 comment | 296 complexity | a8b00936804ee3266f7516cc54c47bb2 MD5 | raw file
Possible License(s): BSD-3-Clause
  1. <?php
  2. /**
  3. * Simple Machines Forum (SMF)
  4. *
  5. * @package SMF
  6. * @author Simple Machines http://www.simplemachines.org
  7. * @copyright 2011 Simple Machines
  8. * @license http://www.simplemachines.org/about/smf/license.php BSD
  9. *
  10. * @version 2.0.4
  11. */
  12. if (!defined('SMF'))
  13. die('Hacking attempt...');
  14. /* This file concerns itself almost completely with theme administration.
  15. Its tasks include changing theme settings, installing and removing
  16. themes, choosing the current theme, and editing themes. This is done in:
  17. void ThemesMain()
  18. - manages the action and delegates control to the proper sub action.
  19. - loads both the Themes and Settings language files.
  20. - checks the session by GET or POST to verify the sent data.
  21. - requires the user not be a guest.
  22. - is accessed via ?action=admin;area=theme.
  23. void ThemeAdmin()
  24. - administrates themes and their settings, as well as global theme
  25. settings.
  26. - sets the settings theme_allow, theme_guests, and knownThemes.
  27. - loads the template Themes.
  28. - requires the admin_forum permission.
  29. - accessed with ?action=admin;area=theme;sa=admin.
  30. void ThemeList()
  31. - lists the available themes.
  32. - provides an interface to reset the paths of all the installed themes.
  33. void SetThemeOptions()
  34. // !!!
  35. void SetThemeSettings()
  36. - saves and requests global theme settings. ($settings)
  37. - loads the Admin language file.
  38. - calls ThemeAdmin() if no theme is specified. (the theme center.)
  39. - requires an administrator.
  40. - accessed with ?action=admin;area=theme;sa=settings&th=xx.
  41. void RemoveTheme()
  42. - removes an installed theme.
  43. - requires an administrator.
  44. - accessed with ?action=admin;area=theme;sa=remove.
  45. void PickTheme()
  46. - allows user or administrator to pick a new theme with an interface.
  47. - can edit everyone's (u = 0), guests' (u = -1), or a specific user's.
  48. - uses the Themes template. (pick sub template.)
  49. - accessed with ?action=admin;area=theme;sa=pick.
  50. void ThemeInstall()
  51. - installs new themes, either from a gzip or copy of the default.
  52. - requires an administrator.
  53. - puts themes in $boardurl/Themes.
  54. - assumes the gzip has a root directory in it. (ie default.)
  55. - accessed with ?action=admin;area=theme;sa=install.
  56. void WrapAction()
  57. - allows the theme to take care of actions.
  58. - happens if $settings['catch_action'] is set and action isn't found
  59. in the action array.
  60. - can use a template, layers, sub_template, filename, and/or function.
  61. void SetJavaScript()
  62. - sets a theme option without outputting anything.
  63. - can be used with javascript, via a dummy image... (which doesn't
  64. require the page to reload.)
  65. - requires someone who is logged in.
  66. - accessed via ?action=jsoption;var=variable;val=value;session_var=sess_id.
  67. - does not log access to the Who's Online log. (in index.php..)
  68. void EditTheme()
  69. - shows an interface for editing the templates.
  70. - uses the Themes template and edit_template/edit_style sub template.
  71. - accessed via ?action=admin;area=theme;sa=edit
  72. function convert_template($output_dir, $old_template = '')
  73. // !!!
  74. function phpcodefix(string string)
  75. // !!!
  76. function makeStyleChanges(&$old_template)
  77. // !!!
  78. // !!! Update this for the new package manager?
  79. Creating and distributing theme packages:
  80. ---------------------------------------------------------------------------
  81. There isn't that much required to package and distribute your own
  82. themes... just do the following:
  83. - create a theme_info.xml file, with the root element theme-info.
  84. - its name should go in a name element, just like description.
  85. - your name should go in author. (email in the email attribute.)
  86. - any support website for the theme should be in website.
  87. - layers and templates (non-default) should go in those elements ;).
  88. - if the images dir isn't images, specify in the images element.
  89. - any extra rows for themes should go in extra, serialized.
  90. (as in array(variable => value).)
  91. - tar and gzip the directory - and you're done!
  92. - please include any special license in a license.txt file.
  93. // !!! Thumbnail?
  94. */
  95. // Subaction handler.
  96. function ThemesMain()
  97. {
  98. global $txt, $context, $scripturl;
  99. // Load the important language files...
  100. loadLanguage('Themes');
  101. loadLanguage('Settings');
  102. // No funny business - guests only.
  103. is_not_guest();
  104. // Default the page title to Theme Administration by default.
  105. $context['page_title'] = $txt['themeadmin_title'];
  106. // Theme administration, removal, choice, or installation...
  107. $subActions = array(
  108. 'admin' => 'ThemeAdmin',
  109. 'list' => 'ThemeList',
  110. 'reset' => 'SetThemeOptions',
  111. 'settings' => 'SetThemeSettings',
  112. 'options' => 'SetThemeOptions',
  113. 'install' => 'ThemeInstall',
  114. 'remove' => 'RemoveTheme',
  115. 'pick' => 'PickTheme',
  116. 'edit' => 'EditTheme',
  117. 'copy' => 'CopyTemplate',
  118. );
  119. // !!! Layout Settings?
  120. if (!empty($context['admin_menu_name']))
  121. {
  122. $context[$context['admin_menu_name']]['tab_data'] = array(
  123. 'title' => $txt['themeadmin_title'],
  124. 'help' => 'themes',
  125. 'description' => $txt['themeadmin_description'],
  126. 'tabs' => array(
  127. 'admin' => array(
  128. 'description' => $txt['themeadmin_admin_desc'],
  129. ),
  130. 'list' => array(
  131. 'description' => $txt['themeadmin_list_desc'],
  132. ),
  133. 'reset' => array(
  134. 'description' => $txt['themeadmin_reset_desc'],
  135. ),
  136. 'edit' => array(
  137. 'description' => $txt['themeadmin_edit_desc'],
  138. ),
  139. ),
  140. );
  141. }
  142. // Follow the sa or just go to administration.
  143. if (isset($_GET['sa']) && !empty($subActions[$_GET['sa']]))
  144. $subActions[$_GET['sa']]();
  145. else
  146. $subActions['admin']();
  147. }
  148. function ThemeAdmin()
  149. {
  150. global $context, $boarddir, $modSettings, $smcFunc;
  151. loadLanguage('Admin');
  152. isAllowedTo('admin_forum');
  153. // If we aren't submitting - that is, if we are about to...
  154. if (!isset($_POST['submit']))
  155. {
  156. loadTemplate('Themes');
  157. // Make our known themes a little easier to work with.
  158. $knownThemes = !empty($modSettings['knownThemes']) ? explode(',',$modSettings['knownThemes']) : array();
  159. // Load up all the themes.
  160. $request = $smcFunc['db_query']('', '
  161. SELECT id_theme, value AS name
  162. FROM {db_prefix}themes
  163. WHERE variable = {string:name}
  164. AND id_member = {int:no_member}
  165. ORDER BY id_theme',
  166. array(
  167. 'no_member' => 0,
  168. 'name' => 'name',
  169. )
  170. );
  171. $context['themes'] = array();
  172. while ($row = $smcFunc['db_fetch_assoc']($request))
  173. $context['themes'][] = array(
  174. 'id' => $row['id_theme'],
  175. 'name' => $row['name'],
  176. 'known' => in_array($row['id_theme'], $knownThemes),
  177. );
  178. $smcFunc['db_free_result']($request);
  179. // Can we create a new theme?
  180. $context['can_create_new'] = is_writable($boarddir . '/Themes');
  181. $context['new_theme_dir'] = substr(realpath($boarddir . '/Themes/default'), 0, -7);
  182. // Look for a non existent theme directory. (ie theme87.)
  183. $theme_dir = $boarddir . '/Themes/theme';
  184. $i = 1;
  185. while (file_exists($theme_dir . $i))
  186. $i++;
  187. $context['new_theme_name'] = 'theme' . $i;
  188. }
  189. else
  190. {
  191. checkSession();
  192. if (isset($_POST['options']['known_themes']))
  193. foreach ($_POST['options']['known_themes'] as $key => $id)
  194. $_POST['options']['known_themes'][$key] = (int) $id;
  195. else
  196. fatal_lang_error('themes_none_selectable', false);
  197. if (!in_array($_POST['options']['theme_guests'], $_POST['options']['known_themes']))
  198. fatal_lang_error('themes_default_selectable', false);
  199. // Commit the new settings.
  200. updateSettings(array(
  201. 'theme_allow' => $_POST['options']['theme_allow'],
  202. 'theme_guests' => $_POST['options']['theme_guests'],
  203. 'knownThemes' => implode(',', $_POST['options']['known_themes']),
  204. ));
  205. if ((int) $_POST['theme_reset'] == 0 || in_array($_POST['theme_reset'], $_POST['options']['known_themes']))
  206. updateMemberData(null, array('id_theme' => (int) $_POST['theme_reset']));
  207. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=admin');
  208. }
  209. }
  210. function ThemeList()
  211. {
  212. global $context, $boarddir, $boardurl, $smcFunc;
  213. loadLanguage('Admin');
  214. isAllowedTo('admin_forum');
  215. if (isset($_POST['submit']))
  216. {
  217. checkSession();
  218. $request = $smcFunc['db_query']('', '
  219. SELECT id_theme, variable, value
  220. FROM {db_prefix}themes
  221. WHERE variable IN ({string:theme_dir}, {string:theme_url}, {string:images_url}, {string:base_theme_dir}, {string:base_theme_url}, {string:base_images_url})
  222. AND id_member = {int:no_member}',
  223. array(
  224. 'no_member' => 0,
  225. 'theme_dir' => 'theme_dir',
  226. 'theme_url' => 'theme_url',
  227. 'images_url' => 'images_url',
  228. 'base_theme_dir' => 'base_theme_dir',
  229. 'base_theme_url' => 'base_theme_url',
  230. 'base_images_url' => 'base_images_url',
  231. )
  232. );
  233. $themes = array();
  234. while ($row = $smcFunc['db_fetch_assoc']($request))
  235. $themes[$row['id_theme']][$row['variable']] = $row['value'];
  236. $smcFunc['db_free_result']($request);
  237. $setValues = array();
  238. foreach ($themes as $id => $theme)
  239. {
  240. if (file_exists($_POST['reset_dir'] . '/' . basename($theme['theme_dir'])))
  241. {
  242. $setValues[] = array($id, 0, 'theme_dir', realpath($_POST['reset_dir'] . '/' . basename($theme['theme_dir'])));
  243. $setValues[] = array($id, 0, 'theme_url', $_POST['reset_url'] . '/' . basename($theme['theme_dir']));
  244. $setValues[] = array($id, 0, 'images_url', $_POST['reset_url'] . '/' . basename($theme['theme_dir']) . '/' . basename($theme['images_url']));
  245. }
  246. if (isset($theme['base_theme_dir']) && file_exists($_POST['reset_dir'] . '/' . basename($theme['base_theme_dir'])))
  247. {
  248. $setValues[] = array($id, 0, 'base_theme_dir', realpath($_POST['reset_dir'] . '/' . basename($theme['base_theme_dir'])));
  249. $setValues[] = array($id, 0, 'base_theme_url', $_POST['reset_url'] . '/' . basename($theme['base_theme_dir']));
  250. $setValues[] = array($id, 0, 'base_images_url', $_POST['reset_url'] . '/' . basename($theme['base_theme_dir']) . '/' . basename($theme['base_images_url']));
  251. }
  252. cache_put_data('theme_settings-' . $id, null, 90);
  253. }
  254. if (!empty($setValues))
  255. {
  256. $smcFunc['db_insert']('replace',
  257. '{db_prefix}themes',
  258. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  259. $setValues,
  260. array('id_theme', 'variable', 'id_member')
  261. );
  262. }
  263. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id']);
  264. }
  265. loadTemplate('Themes');
  266. $request = $smcFunc['db_query']('', '
  267. SELECT id_theme, variable, value
  268. FROM {db_prefix}themes
  269. WHERE variable IN ({string:name}, {string:theme_dir}, {string:theme_url}, {string:images_url})
  270. AND id_member = {int:no_member}',
  271. array(
  272. 'no_member' => 0,
  273. 'name' => 'name',
  274. 'theme_dir' => 'theme_dir',
  275. 'theme_url' => 'theme_url',
  276. 'images_url' => 'images_url',
  277. )
  278. );
  279. $context['themes'] = array();
  280. while ($row = $smcFunc['db_fetch_assoc']($request))
  281. {
  282. if (!isset($context['themes'][$row['id_theme']]))
  283. $context['themes'][$row['id_theme']] = array(
  284. 'id' => $row['id_theme'],
  285. );
  286. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  287. }
  288. $smcFunc['db_free_result']($request);
  289. foreach ($context['themes'] as $i => $theme)
  290. {
  291. $context['themes'][$i]['theme_dir'] = realpath($context['themes'][$i]['theme_dir']);
  292. if (file_exists($context['themes'][$i]['theme_dir'] . '/index.template.php'))
  293. {
  294. // Fetch the header... a good 256 bytes should be more than enough.
  295. $fp = fopen($context['themes'][$i]['theme_dir'] . '/index.template.php', 'rb');
  296. $header = fread($fp, 256);
  297. fclose($fp);
  298. // Can we find a version comment, at all?
  299. if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
  300. $context['themes'][$i]['version'] = $match[1];
  301. }
  302. $context['themes'][$i]['valid_path'] = file_exists($context['themes'][$i]['theme_dir']) && is_dir($context['themes'][$i]['theme_dir']);
  303. }
  304. $context['reset_dir'] = realpath($boarddir . '/Themes');
  305. $context['reset_url'] = $boardurl . '/Themes';
  306. $context['sub_template'] = 'list_themes';
  307. }
  308. // Administrative global settings.
  309. function SetThemeOptions()
  310. {
  311. global $txt, $context, $settings, $modSettings, $smcFunc;
  312. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (isset($_GET['id']) ? (int) $_GET['id'] : 0);
  313. isAllowedTo('admin_forum');
  314. if (empty($_GET['th']) && empty($_GET['id']))
  315. {
  316. $request = $smcFunc['db_query']('', '
  317. SELECT id_theme, variable, value
  318. FROM {db_prefix}themes
  319. WHERE variable IN ({string:name}, {string:theme_dir})
  320. AND id_member = {int:no_member}',
  321. array(
  322. 'no_member' => 0,
  323. 'name' => 'name',
  324. 'theme_dir' => 'theme_dir',
  325. )
  326. );
  327. $context['themes'] = array();
  328. while ($row = $smcFunc['db_fetch_assoc']($request))
  329. {
  330. if (!isset($context['themes'][$row['id_theme']]))
  331. $context['themes'][$row['id_theme']] = array(
  332. 'id' => $row['id_theme'],
  333. 'num_default_options' => 0,
  334. 'num_members' => 0,
  335. );
  336. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  337. }
  338. $smcFunc['db_free_result']($request);
  339. $request = $smcFunc['db_query']('', '
  340. SELECT id_theme, COUNT(*) AS value
  341. FROM {db_prefix}themes
  342. WHERE id_member = {int:guest_member}
  343. GROUP BY id_theme',
  344. array(
  345. 'guest_member' => -1,
  346. )
  347. );
  348. while ($row = $smcFunc['db_fetch_assoc']($request))
  349. $context['themes'][$row['id_theme']]['num_default_options'] = $row['value'];
  350. $smcFunc['db_free_result']($request);
  351. // Need to make sure we don't do custom fields.
  352. $request = $smcFunc['db_query']('', '
  353. SELECT col_name
  354. FROM {db_prefix}custom_fields',
  355. array(
  356. )
  357. );
  358. $customFields = array();
  359. while ($row = $smcFunc['db_fetch_assoc']($request))
  360. $customFields[] = $row['col_name'];
  361. $smcFunc['db_free_result']($request);
  362. $customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
  363. $request = $smcFunc['db_query']('themes_count', '
  364. SELECT COUNT(DISTINCT id_member) AS value, id_theme
  365. FROM {db_prefix}themes
  366. WHERE id_member > {int:no_member}
  367. ' . $customFieldsQuery . '
  368. GROUP BY id_theme',
  369. array(
  370. 'no_member' => 0,
  371. 'custom_fields' => empty($customFields) ? array() : $customFields,
  372. )
  373. );
  374. while ($row = $smcFunc['db_fetch_assoc']($request))
  375. $context['themes'][$row['id_theme']]['num_members'] = $row['value'];
  376. $smcFunc['db_free_result']($request);
  377. // There has to be a Settings template!
  378. foreach ($context['themes'] as $k => $v)
  379. if (empty($v['theme_dir']) || (!file_exists($v['theme_dir'] . '/Settings.template.php') && empty($v['num_members'])))
  380. unset($context['themes'][$k]);
  381. loadTemplate('Themes');
  382. $context['sub_template'] = 'reset_list';
  383. return;
  384. }
  385. // Submit?
  386. if (isset($_POST['submit']) && empty($_POST['who']))
  387. {
  388. checkSession();
  389. if (empty($_POST['options']))
  390. $_POST['options'] = array();
  391. if (empty($_POST['default_options']))
  392. $_POST['default_options'] = array();
  393. // Set up the sql query.
  394. $setValues = array();
  395. foreach ($_POST['options'] as $opt => $val)
  396. $setValues[] = array(-1, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
  397. $old_settings = array();
  398. foreach ($_POST['default_options'] as $opt => $val)
  399. {
  400. $old_settings[] = $opt;
  401. $setValues[] = array(-1, 1, $opt, is_array($val) ? implode(',', $val) : $val);
  402. }
  403. // If we're actually inserting something..
  404. if (!empty($setValues))
  405. {
  406. // Are there options in non-default themes set that should be cleared?
  407. if (!empty($old_settings))
  408. $smcFunc['db_query']('', '
  409. DELETE FROM {db_prefix}themes
  410. WHERE id_theme != {int:default_theme}
  411. AND id_member = {int:guest_member}
  412. AND variable IN ({array_string:old_settings})',
  413. array(
  414. 'default_theme' => 1,
  415. 'guest_member' => -1,
  416. 'old_settings' => $old_settings,
  417. )
  418. );
  419. $smcFunc['db_insert']('replace',
  420. '{db_prefix}themes',
  421. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  422. $setValues,
  423. array('id_theme', 'variable', 'id_member')
  424. );
  425. }
  426. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  427. cache_put_data('theme_settings-1', null, 90);
  428. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  429. }
  430. elseif (isset($_POST['submit']) && $_POST['who'] == 1)
  431. {
  432. checkSession();
  433. $_POST['options'] = empty($_POST['options']) ? array() : $_POST['options'];
  434. $_POST['options_master'] = empty($_POST['options_master']) ? array() : $_POST['options_master'];
  435. $_POST['default_options'] = empty($_POST['default_options']) ? array() : $_POST['default_options'];
  436. $_POST['default_options_master'] = empty($_POST['default_options_master']) ? array() : $_POST['default_options_master'];
  437. $old_settings = array();
  438. foreach ($_POST['default_options'] as $opt => $val)
  439. {
  440. if ($_POST['default_options_master'][$opt] == 0)
  441. continue;
  442. elseif ($_POST['default_options_master'][$opt] == 1)
  443. {
  444. // Delete then insert for ease of database compatibility!
  445. $smcFunc['db_query']('substring', '
  446. DELETE FROM {db_prefix}themes
  447. WHERE id_theme = {int:default_theme}
  448. AND id_member != {int:no_member}
  449. AND variable = SUBSTRING({string:option}, 1, 255)',
  450. array(
  451. 'default_theme' => 1,
  452. 'no_member' => 0,
  453. 'option' => $opt,
  454. )
  455. );
  456. $smcFunc['db_query']('substring', '
  457. INSERT INTO {db_prefix}themes
  458. (id_member, id_theme, variable, value)
  459. SELECT id_member, 1, SUBSTRING({string:option}, 1, 255), SUBSTRING({string:value}, 1, 65534)
  460. FROM {db_prefix}members',
  461. array(
  462. 'option' => $opt,
  463. 'value' => (is_array($val) ? implode(',', $val) : $val),
  464. )
  465. );
  466. $old_settings[] = $opt;
  467. }
  468. elseif ($_POST['default_options_master'][$opt] == 2)
  469. {
  470. $smcFunc['db_query']('', '
  471. DELETE FROM {db_prefix}themes
  472. WHERE variable = {string:option_name}
  473. AND id_member > {int:no_member}',
  474. array(
  475. 'no_member' => 0,
  476. 'option_name' => $opt,
  477. )
  478. );
  479. }
  480. }
  481. // Delete options from other themes.
  482. if (!empty($old_settings))
  483. $smcFunc['db_query']('', '
  484. DELETE FROM {db_prefix}themes
  485. WHERE id_theme != {int:default_theme}
  486. AND id_member > {int:no_member}
  487. AND variable IN ({array_string:old_settings})',
  488. array(
  489. 'default_theme' => 1,
  490. 'no_member' => 0,
  491. 'old_settings' => $old_settings,
  492. )
  493. );
  494. foreach ($_POST['options'] as $opt => $val)
  495. {
  496. if ($_POST['options_master'][$opt] == 0)
  497. continue;
  498. elseif ($_POST['options_master'][$opt] == 1)
  499. {
  500. // Delete then insert for ease of database compatibility - again!
  501. $smcFunc['db_query']('substring', '
  502. DELETE FROM {db_prefix}themes
  503. WHERE id_theme = {int:current_theme}
  504. AND id_member != {int:no_member}
  505. AND variable = SUBSTRING({string:option}, 1, 255)',
  506. array(
  507. 'current_theme' => $_GET['th'],
  508. 'no_member' => 0,
  509. 'option' => $opt,
  510. )
  511. );
  512. $smcFunc['db_query']('substring', '
  513. INSERT INTO {db_prefix}themes
  514. (id_member, id_theme, variable, value)
  515. SELECT id_member, {int:current_theme}, SUBSTRING({string:option}, 1, 255), SUBSTRING({string:value}, 1, 65534)
  516. FROM {db_prefix}members',
  517. array(
  518. 'current_theme' => $_GET['th'],
  519. 'option' => $opt,
  520. 'value' => (is_array($val) ? implode(',', $val) : $val),
  521. )
  522. );
  523. }
  524. elseif ($_POST['options_master'][$opt] == 2)
  525. {
  526. $smcFunc['db_query']('', '
  527. DELETE FROM {db_prefix}themes
  528. WHERE variable = {string:option}
  529. AND id_member > {int:no_member}
  530. AND id_theme = {int:current_theme}',
  531. array(
  532. 'no_member' => 0,
  533. 'current_theme' => $_GET['th'],
  534. 'option' => $opt,
  535. )
  536. );
  537. }
  538. }
  539. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  540. }
  541. elseif (!empty($_GET['who']) && $_GET['who'] == 2)
  542. {
  543. checkSession('get');
  544. // Don't delete custom fields!!
  545. if ($_GET['th'] == 1)
  546. {
  547. $request = $smcFunc['db_query']('', '
  548. SELECT col_name
  549. FROM {db_prefix}custom_fields',
  550. array(
  551. )
  552. );
  553. $customFields = array();
  554. while ($row = $smcFunc['db_fetch_assoc']($request))
  555. $customFields[] = $row['col_name'];
  556. $smcFunc['db_free_result']($request);
  557. }
  558. $customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
  559. $smcFunc['db_query']('', '
  560. DELETE FROM {db_prefix}themes
  561. WHERE id_member > {int:no_member}
  562. AND id_theme = {int:current_theme}
  563. ' . $customFieldsQuery,
  564. array(
  565. 'no_member' => 0,
  566. 'current_theme' => $_GET['th'],
  567. 'custom_fields' => empty($customFields) ? array() : $customFields,
  568. )
  569. );
  570. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  571. }
  572. $old_id = $settings['theme_id'];
  573. $old_settings = $settings;
  574. loadTheme($_GET['th'], false);
  575. loadLanguage('Profile');
  576. //!!! Should we just move these options so they are no longer theme dependant?
  577. loadLanguage('PersonalMessage');
  578. // Let the theme take care of the settings.
  579. loadTemplate('Settings');
  580. loadSubTemplate('options');
  581. $context['sub_template'] = 'set_options';
  582. $context['page_title'] = $txt['theme_settings'];
  583. $context['options'] = $context['theme_options'];
  584. $context['theme_settings'] = $settings;
  585. if (empty($_REQUEST['who']))
  586. {
  587. $request = $smcFunc['db_query']('', '
  588. SELECT variable, value
  589. FROM {db_prefix}themes
  590. WHERE id_theme IN (1, {int:current_theme})
  591. AND id_member = {int:guest_member}',
  592. array(
  593. 'current_theme' => $_GET['th'],
  594. 'guest_member' => -1,
  595. )
  596. );
  597. $context['theme_options'] = array();
  598. while ($row = $smcFunc['db_fetch_assoc']($request))
  599. $context['theme_options'][$row['variable']] = $row['value'];
  600. $smcFunc['db_free_result']($request);
  601. $context['theme_options_reset'] = false;
  602. }
  603. else
  604. {
  605. $context['theme_options'] = array();
  606. $context['theme_options_reset'] = true;
  607. }
  608. foreach ($context['options'] as $i => $setting)
  609. {
  610. // Is this disabled?
  611. if ($setting['id'] == 'calendar_start_day' && empty($modSettings['cal_enabled']))
  612. {
  613. unset($context['options'][$i]);
  614. continue;
  615. }
  616. elseif (($setting['id'] == 'topics_per_page' || $setting['id'] == 'messages_per_page') && !empty($modSettings['disableCustomPerPage']))
  617. {
  618. unset($context['options'][$i]);
  619. continue;
  620. }
  621. if (!isset($setting['type']) || $setting['type'] == 'bool')
  622. $context['options'][$i]['type'] = 'checkbox';
  623. elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
  624. $context['options'][$i]['type'] = 'number';
  625. elseif ($setting['type'] == 'string')
  626. $context['options'][$i]['type'] = 'text';
  627. if (isset($setting['options']))
  628. $context['options'][$i]['type'] = 'list';
  629. $context['options'][$i]['value'] = !isset($context['theme_options'][$setting['id']]) ? '' : $context['theme_options'][$setting['id']];
  630. }
  631. // Restore the existing theme.
  632. loadTheme($old_id, false);
  633. $settings = $old_settings;
  634. loadTemplate('Themes');
  635. }
  636. // Administrative global settings.
  637. function SetThemeSettings()
  638. {
  639. global $txt, $context, $settings, $modSettings, $sourcedir, $smcFunc;
  640. if (empty($_GET['th']) && empty($_GET['id']))
  641. return ThemeAdmin();
  642. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  643. // Select the best fitting tab.
  644. $context[$context['admin_menu_name']]['current_subsection'] = 'list';
  645. loadLanguage('Admin');
  646. isAllowedTo('admin_forum');
  647. // Validate inputs/user.
  648. if (empty($_GET['th']))
  649. fatal_lang_error('no_theme', false);
  650. // Fetch the smiley sets...
  651. $sets = explode(',', 'none,' . $modSettings['smiley_sets_known']);
  652. $set_names = explode("\n", $txt['smileys_none'] . "\n" . $modSettings['smiley_sets_names']);
  653. $context['smiley_sets'] = array(
  654. '' => $txt['smileys_no_default']
  655. );
  656. foreach ($sets as $i => $set)
  657. $context['smiley_sets'][$set] = htmlspecialchars($set_names[$i]);
  658. $old_id = $settings['theme_id'];
  659. $old_settings = $settings;
  660. loadTheme($_GET['th'], false);
  661. // Sadly we really do need to init the template.
  662. loadSubTemplate('init', 'ignore');
  663. // Also load the actual themes language file - in case of special settings.
  664. loadLanguage('Settings', '', true, true);
  665. // And the custom language strings...
  666. loadLanguage('ThemeStrings', '', false, true);
  667. // Let the theme take care of the settings.
  668. loadTemplate('Settings');
  669. loadSubTemplate('settings');
  670. // Load the variants separately...
  671. $settings['theme_variants'] = array();
  672. if (file_exists($settings['theme_dir'] . '/index.template.php'))
  673. {
  674. $file_contents = implode('', file($settings['theme_dir'] . '/index.template.php'));
  675. if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
  676. eval('global $settings;' . $matches[0]);
  677. }
  678. // Submitting!
  679. if (isset($_POST['submit']))
  680. {
  681. checkSession();
  682. if (empty($_POST['options']))
  683. $_POST['options'] = array();
  684. if (empty($_POST['default_options']))
  685. $_POST['default_options'] = array();
  686. // Make sure items are cast correctly.
  687. foreach ($context['theme_settings'] as $item)
  688. {
  689. // Disregard this item if this is just a separator.
  690. if (!is_array($item))
  691. continue;
  692. foreach (array('options', 'default_options') as $option)
  693. {
  694. if (!isset($_POST[$option][$item['id']]))
  695. continue;
  696. // Checkbox.
  697. elseif (empty($item['type']))
  698. $_POST[$option][$item['id']] = $_POST[$option][$item['id']] ? 1 : 0;
  699. // Number
  700. elseif ($item['type'] == 'number')
  701. $_POST[$option][$item['id']] = (int) $_POST[$option][$item['id']];
  702. }
  703. }
  704. // Set up the sql query.
  705. $inserts = array();
  706. foreach ($_POST['options'] as $opt => $val)
  707. $inserts[] = array(0, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
  708. foreach ($_POST['default_options'] as $opt => $val)
  709. $inserts[] = array(0, 1, $opt, is_array($val) ? implode(',', $val) : $val);
  710. // If we're actually inserting something..
  711. if (!empty($inserts))
  712. {
  713. $smcFunc['db_insert']('replace',
  714. '{db_prefix}themes',
  715. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  716. $inserts,
  717. array('id_member', 'id_theme', 'variable')
  718. );
  719. }
  720. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  721. cache_put_data('theme_settings-1', null, 90);
  722. // Invalidate the cache.
  723. updateSettings(array('settings_updated' => time()));
  724. redirectexit('action=admin;area=theme;sa=settings;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id']);
  725. }
  726. $context['sub_template'] = 'set_settings';
  727. $context['page_title'] = $txt['theme_settings'];
  728. foreach ($settings as $setting => $dummy)
  729. {
  730. if (!in_array($setting, array('theme_url', 'theme_dir', 'images_url', 'template_dirs')))
  731. $settings[$setting] = htmlspecialchars__recursive($settings[$setting]);
  732. }
  733. $context['settings'] = $context['theme_settings'];
  734. $context['theme_settings'] = $settings;
  735. foreach ($context['settings'] as $i => $setting)
  736. {
  737. // Separators are dummies, so leave them alone.
  738. if (!is_array($setting))
  739. continue;
  740. if (!isset($setting['type']) || $setting['type'] == 'bool')
  741. $context['settings'][$i]['type'] = 'checkbox';
  742. elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
  743. $context['settings'][$i]['type'] = 'number';
  744. elseif ($setting['type'] == 'string')
  745. $context['settings'][$i]['type'] = 'text';
  746. if (isset($setting['options']))
  747. $context['settings'][$i]['type'] = 'list';
  748. $context['settings'][$i]['value'] = !isset($settings[$setting['id']]) ? '' : $settings[$setting['id']];
  749. }
  750. // Do we support variants?
  751. if (!empty($settings['theme_variants']))
  752. {
  753. $context['theme_variants'] = array();
  754. foreach ($settings['theme_variants'] as $variant)
  755. {
  756. // Have any text, old chap?
  757. $context['theme_variants'][$variant] = array(
  758. 'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
  759. 'thumbnail' => !file_exists($settings['theme_dir'] . '/images/thumbnail.gif') || file_exists($settings['theme_dir'] . '/images/thumbnail_' . $variant . '.gif') ? $settings['images_url'] . '/thumbnail_' . $variant . '.gif' : ($settings['images_url'] . '/thumbnail.gif'),
  760. );
  761. }
  762. $context['default_variant'] = !empty($settings['default_variant']) && isset($context['theme_variants'][$settings['default_variant']]) ? $settings['default_variant'] : $settings['theme_variants'][0];
  763. }
  764. // Restore the current theme.
  765. loadTheme($old_id, false);
  766. // Reinit just incase.
  767. loadSubTemplate('init', 'ignore');
  768. $settings = $old_settings;
  769. loadTemplate('Themes');
  770. }
  771. // Remove a theme from the database.
  772. function RemoveTheme()
  773. {
  774. global $modSettings, $context, $smcFunc;
  775. checkSession('get');
  776. isAllowedTo('admin_forum');
  777. // The theme's ID must be an integer.
  778. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  779. // You can't delete the default theme!
  780. if ($_GET['th'] == 1)
  781. fatal_lang_error('no_access', false);
  782. $known = explode(',', $modSettings['knownThemes']);
  783. for ($i = 0, $n = count($known); $i < $n; $i++)
  784. {
  785. if ($known[$i] == $_GET['th'])
  786. unset($known[$i]);
  787. }
  788. $smcFunc['db_query']('', '
  789. DELETE FROM {db_prefix}themes
  790. WHERE id_theme = {int:current_theme}',
  791. array(
  792. 'current_theme' => $_GET['th'],
  793. )
  794. );
  795. $smcFunc['db_query']('', '
  796. UPDATE {db_prefix}members
  797. SET id_theme = {int:default_theme}
  798. WHERE id_theme = {int:current_theme}',
  799. array(
  800. 'default_theme' => 0,
  801. 'current_theme' => $_GET['th'],
  802. )
  803. );
  804. $smcFunc['db_query']('', '
  805. UPDATE {db_prefix}boards
  806. SET id_theme = {int:default_theme}
  807. WHERE id_theme = {int:current_theme}',
  808. array(
  809. 'default_theme' => 0,
  810. 'current_theme' => $_GET['th'],
  811. )
  812. );
  813. $known = strtr(implode(',', $known), array(',,' => ','));
  814. // Fix it if the theme was the overall default theme.
  815. if ($modSettings['theme_guests'] == $_GET['th'])
  816. updateSettings(array('theme_guests' => '1', 'knownThemes' => $known));
  817. else
  818. updateSettings(array('knownThemes' => $known));
  819. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id']);
  820. }
  821. // Choose a theme from a list.
  822. function PickTheme()
  823. {
  824. global $txt, $context, $modSettings, $user_info, $language, $smcFunc, $settings, $scripturl;
  825. loadLanguage('Profile');
  826. loadTemplate('Themes');
  827. // Build the link tree.
  828. $context['linktree'][] = array(
  829. 'url' => $scripturl . '?action=theme;sa=pick;u=' . (!empty($_REQUEST['u']) ? (int) $_REQUEST['u'] : 0),
  830. 'name' => $txt['theme_pick'],
  831. );
  832. $_SESSION['id_theme'] = 0;
  833. if (isset($_GET['id']))
  834. $_GET['th'] = $_GET['id'];
  835. // Saving a variant cause JS doesn't work - pretend it did ;)
  836. if (isset($_POST['save']))
  837. {
  838. // Which theme?
  839. foreach ($_POST['save'] as $k => $v)
  840. $_GET['th'] = (int) $k;
  841. if (isset($_POST['vrt'][$k]))
  842. $_GET['vrt'] = $_POST['vrt'][$k];
  843. }
  844. // Have we made a desicion, or are we just browsing?
  845. if (isset($_GET['th']))
  846. {
  847. checkSession('get');
  848. $_GET['th'] = (int) $_GET['th'];
  849. // Save for this user.
  850. if (!isset($_REQUEST['u']) || !allowedTo('admin_forum'))
  851. {
  852. updateMemberData($user_info['id'], array('id_theme' => (int) $_GET['th']));
  853. // A variants to save for the user?
  854. if (!empty($_GET['vrt']))
  855. {
  856. $smcFunc['db_insert']('replace',
  857. '{db_prefix}themes',
  858. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  859. array($_GET['th'], $user_info['id'], 'theme_variant', $_GET['vrt']),
  860. array('id_theme', 'id_member', 'variable')
  861. );
  862. cache_put_data('theme_settings-' . $_GET['th'] . ':' . $user_info['id'], null, 90);
  863. $_SESSION['id_variant'] = 0;
  864. }
  865. redirectexit('action=profile;area=theme');
  866. }
  867. // If changing members or guests - and there's a variant - assume changing default variant.
  868. if (!empty($_GET['vrt']) && ($_REQUEST['u'] == '0' || $_REQUEST['u'] == '-1'))
  869. {
  870. $smcFunc['db_insert']('replace',
  871. '{db_prefix}themes',
  872. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  873. array($_GET['th'], 0, 'default_variant', $_GET['vrt']),
  874. array('id_theme', 'id_member', 'variable')
  875. );
  876. // Make it obvious that it's changed
  877. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  878. }
  879. // For everyone.
  880. if ($_REQUEST['u'] == '0')
  881. {
  882. updateMemberData(null, array('id_theme' => (int) $_GET['th']));
  883. // Remove any custom variants.
  884. if (!empty($_GET['vrt']))
  885. {
  886. $smcFunc['db_query']('', '
  887. DELETE FROM {db_prefix}themes
  888. WHERE id_theme = {int:current_theme}
  889. AND variable = {string:theme_variant}',
  890. array(
  891. 'current_theme' => (int) $_GET['th'],
  892. 'theme_variant' => 'theme_variant',
  893. )
  894. );
  895. }
  896. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  897. }
  898. // Change the default/guest theme.
  899. elseif ($_REQUEST['u'] == '-1')
  900. {
  901. updateSettings(array('theme_guests' => (int) $_GET['th']));
  902. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  903. }
  904. // Change a specific member's theme.
  905. else
  906. {
  907. updateMemberData((int) $_REQUEST['u'], array('id_theme' => (int) $_GET['th']));
  908. if (!empty($_GET['vrt']))
  909. {
  910. $smcFunc['db_insert']('replace',
  911. '{db_prefix}themes',
  912. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  913. array($_GET['th'], (int) $_REQUEST['u'], 'theme_variant', $_GET['vrt']),
  914. array('id_theme', 'id_member', 'variable')
  915. );
  916. cache_put_data('theme_settings-' . $_GET['th'] . ':' . (int) $_REQUEST['u'], null, 90);
  917. if ($user_info['id'] == $_REQUEST['u'])
  918. $_SESSION['id_variant'] = 0;
  919. }
  920. redirectexit('action=profile;u=' . (int) $_REQUEST['u'] . ';area=theme');
  921. }
  922. }
  923. // Figure out who the member of the minute is, and what theme they've chosen.
  924. if (!isset($_REQUEST['u']) || !allowedTo('admin_forum'))
  925. {
  926. $context['current_member'] = $user_info['id'];
  927. $context['current_theme'] = $user_info['theme'];
  928. }
  929. // Everyone can't chose just one.
  930. elseif ($_REQUEST['u'] == '0')
  931. {
  932. $context['current_member'] = 0;
  933. $context['current_theme'] = 0;
  934. }
  935. // Guests and such...
  936. elseif ($_REQUEST['u'] == '-1')
  937. {
  938. $context['current_member'] = -1;
  939. $context['current_theme'] = $modSettings['theme_guests'];
  940. }
  941. // Someones else :P.
  942. else
  943. {
  944. $context['current_member'] = (int) $_REQUEST['u'];
  945. $request = $smcFunc['db_query']('', '
  946. SELECT id_theme
  947. FROM {db_prefix}members
  948. WHERE id_member = {int:current_member}
  949. LIMIT 1',
  950. array(
  951. 'current_member' => $context['current_member'],
  952. )
  953. );
  954. list ($context['current_theme']) = $smcFunc['db_fetch_row']($request);
  955. $smcFunc['db_free_result']($request);
  956. }
  957. // Get the theme name and descriptions.
  958. $context['available_themes'] = array();
  959. if (!empty($modSettings['knownThemes']))
  960. {
  961. $request = $smcFunc['db_query']('', '
  962. SELECT id_theme, variable, value
  963. FROM {db_prefix}themes
  964. WHERE variable IN ({string:name}, {string:theme_url}, {string:theme_dir}, {string:images_url}, {string:disable_user_variant})' . (!allowedTo('admin_forum') ? '
  965. AND id_theme IN ({array_string:known_themes})' : '') . '
  966. AND id_theme != {int:default_theme}
  967. AND id_member = {int:no_member}',
  968. array(
  969. 'default_theme' => 0,
  970. 'name' => 'name',
  971. 'no_member' => 0,
  972. 'theme_url' => 'theme_url',
  973. 'theme_dir' => 'theme_dir',
  974. 'images_url' => 'images_url',
  975. 'disable_user_variant' => 'disable_user_variant',
  976. 'known_themes' => explode(',', $modSettings['knownThemes']),
  977. )
  978. );
  979. while ($row = $smcFunc['db_fetch_assoc']($request))
  980. {
  981. if (!isset($context['available_themes'][$row['id_theme']]))
  982. $context['available_themes'][$row['id_theme']] = array(
  983. 'id' => $row['id_theme'],
  984. 'selected' => $context['current_theme'] == $row['id_theme'],
  985. 'num_users' => 0
  986. );
  987. $context['available_themes'][$row['id_theme']][$row['variable']] = $row['value'];
  988. }
  989. $smcFunc['db_free_result']($request);
  990. }
  991. // Okay, this is a complicated problem: the default theme is 1, but they aren't allowed to access 1!
  992. if (!isset($context['available_themes'][$modSettings['theme_guests']]))
  993. {
  994. $context['available_themes'][0] = array(
  995. 'num_users' => 0
  996. );
  997. $guest_theme = 0;
  998. }
  999. else
  1000. $guest_theme = $modSettings['theme_guests'];
  1001. $request = $smcFunc['db_query']('', '
  1002. SELECT id_theme, COUNT(*) AS the_count
  1003. FROM {db_prefix}members
  1004. GROUP BY id_theme
  1005. ORDER BY id_theme DESC',
  1006. array(
  1007. )
  1008. );
  1009. while ($row = $smcFunc['db_fetch_assoc']($request))
  1010. {
  1011. // Figure out which theme it is they are REALLY using.
  1012. if (!empty($modSettings['knownThemes']) && !in_array($row['id_theme'], explode(',',$modSettings['knownThemes'])))
  1013. $row['id_theme'] = $guest_theme;
  1014. elseif (empty($modSettings['theme_allow']))
  1015. $row['id_theme'] = $guest_theme;
  1016. if (isset($context['available_themes'][$row['id_theme']]))
  1017. $context['available_themes'][$row['id_theme']]['num_users'] += $row['the_count'];
  1018. else
  1019. $context['available_themes'][$guest_theme]['num_users'] += $row['the_count'];
  1020. }
  1021. $smcFunc['db_free_result']($request);
  1022. // Get any member variant preferences.
  1023. $variant_preferences = array();
  1024. if ($context['current_member'] > 0)
  1025. {
  1026. $request = $smcFunc['db_query']('', '
  1027. SELECT id_theme, value
  1028. FROM {db_prefix}themes
  1029. WHERE variable = {string:theme_variant}',
  1030. array(
  1031. 'theme_variant' => 'theme_variant',
  1032. )
  1033. );
  1034. while ($row = $smcFunc['db_fetch_assoc']($request))
  1035. $variant_preferences[$row['id_theme']] = $row['value'];
  1036. $smcFunc['db_free_result']($request);
  1037. }
  1038. // Save the setting first.
  1039. $current_images_url = $settings['images_url'];
  1040. $current_theme_variants = !empty($settings['theme_variants']) ? $settings['theme_variants'] : array();
  1041. foreach ($context['available_themes'] as $id_theme => $theme_data)
  1042. {
  1043. // Don't try to load the forum or board default theme's data... it doesn't have any!
  1044. if ($id_theme == 0)
  1045. continue;
  1046. // The thumbnail needs the correct path.
  1047. $settings['images_url'] = &$theme_data['images_url'];
  1048. if (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php'))
  1049. include($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php');
  1050. elseif (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php'))
  1051. include($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php');
  1052. else
  1053. {
  1054. $txt['theme_thumbnail_href'] = $theme_data['images_url'] . '/thumbnail.gif';
  1055. $txt['theme_description'] = '';
  1056. }
  1057. $context['available_themes'][$id_theme]['thumbnail_href'] = $txt['theme_thumbnail_href'];
  1058. $context['available_themes'][$id_theme]['description'] = $txt['theme_description'];
  1059. // Are there any variants?
  1060. if (file_exists($theme_data['theme_dir'] . '/index.template.php') && empty($theme_data['disable_user_variant']))
  1061. {
  1062. $file_contents = implode('', file($theme_data['theme_dir'] . '/index.template.php'));
  1063. if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
  1064. {
  1065. $settings['theme_variants'] = array();
  1066. // Fill settings up.
  1067. eval('global $settings;' . $matches[0]);
  1068. if (!empty($settings['theme_variants']))
  1069. {
  1070. loadLanguage('Settings');
  1071. $context['available_themes'][$id_theme]['variants'] = array();
  1072. foreach ($settings['theme_variants'] as $variant)
  1073. $context['available_themes'][$id_theme]['variants'][$variant] = array(
  1074. 'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
  1075. 'thumbnail' => !file_exists($theme_data['theme_dir'] . '/images/thumbnail.gif') || file_exists($theme_data['theme_dir'] . '/images/thumbnail_' . $variant . '.gif') ? $theme_data['images_url'] . '/thumbnail_' . $variant . '.gif' : ($theme_data['images_url'] . '/thumbnail.gif'),
  1076. );
  1077. $context['available_themes'][$id_theme]['selected_variant'] = isset($_GET['vrt']) ? $_GET['vrt'] : (!empty($variant_preferences[$id_theme]) ? $variant_preferences[$id_theme] : (!empty($settings['default_variant']) ? $settings['default_variant'] : $settings['theme_variants'][0]));
  1078. if (!isset($context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail']))
  1079. $context['available_themes'][$id_theme]['selected_variant'] = $settings['theme_variants'][0];
  1080. $context['available_themes'][$id_theme]['thumbnail_href'] = $context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail'];
  1081. // Allow themes to override the text.
  1082. $context['available_themes'][$id_theme]['pick_label'] = isset($txt['variant_pick']) ? $txt['variant_pick'] : $txt['theme_pick_variant'];
  1083. }
  1084. }
  1085. }
  1086. }
  1087. // Then return it.
  1088. $settings['images_url'] = $current_images_url;
  1089. $settings['theme_variants'] = $current_theme_variants;
  1090. // As long as we're not doing the default theme...
  1091. if (!isset($_REQUEST['u']) || $_REQUEST['u'] >= 0)
  1092. {
  1093. if ($guest_theme != 0)
  1094. $context['available_themes'][0] = $context['available_themes'][$guest_theme];
  1095. $context['available_themes'][0]['id'] = 0;
  1096. $context['available_themes'][0]['name'] = $txt['theme_forum_default'];
  1097. $context['available_themes'][0]['selected'] = $context['current_theme'] == 0;
  1098. $context['available_themes'][0]['description'] = $txt['theme_global_description'];
  1099. }
  1100. ksort($context['available_themes']);
  1101. $context['page_title'] = $txt['theme_pick'];
  1102. $context['sub_template'] = 'pick';
  1103. }
  1104. function ThemeInstall()
  1105. {
  1106. global $sourcedir, $boarddir, $boardurl, $txt, $context, $settings, $modSettings, $smcFunc;
  1107. checkSession('request');
  1108. isAllowedTo('admin_forum');
  1109. checkSession('request');
  1110. require_once($sourcedir . '/Subs-Package.php');
  1111. loadTemplate('Themes');
  1112. if (isset($_GET['theme_id']))
  1113. {
  1114. $result = $smcFunc['db_query']('', '
  1115. SELECT value
  1116. FROM {db_prefix}themes
  1117. WHERE id_theme = {int:current_theme}
  1118. AND id_member = {int:no_member}
  1119. AND variable = {string:name}
  1120. LIMIT 1',
  1121. array(
  1122. 'current_theme' => (int) $_GET['theme_id'],
  1123. 'no_member' => 0,
  1124. 'name' => 'name',
  1125. )
  1126. );
  1127. list ($theme_name) = $smcFunc['db_fetch_row']($result);
  1128. $smcFunc['db_free_result']($result);
  1129. $context['sub_template'] = 'installed';
  1130. $context['page_title'] = $txt['theme_installed'];
  1131. $context['installed_theme'] = array(
  1132. 'id' => (int) $_GET['theme_id'],
  1133. 'name' => $theme_name,
  1134. );
  1135. return;
  1136. }
  1137. if ((!empty($_FILES['theme_gz']) && (!isset($_FILES['theme_gz']['error']) || $_FILES['theme_gz']['error'] != 4)) || !empty($_REQUEST['theme_gz']))
  1138. $method = 'upload';
  1139. elseif (isset($_REQUEST['theme_dir']) && rtrim(realpath($_REQUEST['theme_dir']), '/\\') != realpath($boarddir . '/Themes') && file_exists($_REQUEST['theme_dir']))
  1140. $method = 'path';
  1141. else
  1142. $method = 'copy';
  1143. if (!empty($_REQUEST['copy']) && $method == 'copy')
  1144. {
  1145. // Hopefully the themes directory is writable, or we might have a problem.
  1146. if (!is_writable($boarddir . '/Themes'))
  1147. fatal_lang_error('theme_install_write_error', 'critical');
  1148. $theme_dir = $boarddir . '/Themes/' . preg_replace('~[^A-Za-z0-9_\- ]~', '', $_REQUEST['copy']);
  1149. umask(0);
  1150. mkdir($theme_dir, 0777);
  1151. @set_time_limit(600);
  1152. if (function_exists('apache_reset_timeout'))
  1153. @apache_reset_timeout();
  1154. // Create subdirectories for css and javascript files.
  1155. mkdir($theme_dir . '/css', 0777);
  1156. mkdir($theme_dir . '/scripts', 0777);
  1157. // Copy over the default non-theme files.
  1158. $to_copy = array('/index.php', '/index.template.php', '/css/index.css', '/css/rtl.css', '/scripts/theme.js');
  1159. foreach ($to_copy as $file)
  1160. {
  1161. copy($settings['default_theme_dir'] . $file, $theme_dir . $file);
  1162. @chmod($theme_dir . $file, 0777);
  1163. }
  1164. // And now the entire images directory!
  1165. copytree($settings['default_theme_dir'] . '/images', $theme_dir . '/images');
  1166. package_flush_cache();
  1167. $theme_name = $_REQUEST['copy'];
  1168. $images_url = $boardurl . '/Themes/' . basename($theme_dir) . '/images';
  1169. $theme_dir = realpath($theme_dir);
  1170. // Lets get some data for the new theme.
  1171. $request = $smcFunc['db_query']('', '
  1172. SELECT variable, value
  1173. FROM {db_prefix}themes
  1174. WHERE variable IN ({string:theme_templates}, {string:theme_layers})
  1175. AND id_member = {int:no_member}
  1176. AND id_theme = {int:default_theme}',
  1177. array(
  1178. 'no_member' => 0,
  1179. 'default_theme' => 1,
  1180. 'theme_templates' => 'theme_templates',
  1181. 'theme_layers' => 'theme_layers',
  1182. )
  1183. );
  1184. while ($row = $smcFunc['db_fetch_assoc']($request))
  1185. {
  1186. if ($row['variable'] == 'theme_templates')
  1187. $theme_templates = $row['value'];
  1188. elseif ($row['variable'] == 'theme_layers')
  1189. $theme_layers = $row['value'];
  1190. else
  1191. continue;
  1192. }
  1193. $smcFunc['db_free_result']($request);
  1194. // Lets add a theme_info.xml to this theme.
  1195. $xml_info = '<' . '?xml version="1.0"?' . '>
  1196. <theme-info xmlns="http://www.simplemachines.org/xml/theme-info" xmlns:smf="http://www.simplemachines.org/">
  1197. <!-- For the id, always use something unique - put your name, a colon, and then the package name. -->
  1198. <id>smf:' . $smcFunc['strtolower'](str_replace(array(' '), '_', $_REQUEST['copy'])) . '</id>
  1199. <version>' . $modSettings['smfVersion'] . '</version>
  1200. <!-- Theme name, used purely for aesthetics. -->
  1201. <name>' . $_REQUEST['copy'] . '</name>
  1202. <!-- Author: your email address or contact information. The name attribute is optional. -->
  1203. <author name="Simple Machines">info@simplemachines.org</author>
  1204. <!-- Website... where to get updates and more information. -->
  1205. <website>http://www.simplemachines.org/</website>
  1206. <!-- Template layers to use, defaults to "html,body". -->
  1207. <layers>' . (empty($theme_layers) ? 'html,body' : $theme_layers) . '</layers>
  1208. <!-- Templates to load on startup. Default is "index". -->
  1209. <templates>' . (empty($theme_templates) ? 'index' : $theme_templates) . '</templates>
  1210. <!-- Base this theme off another? Default is blank, or no. It could be "default". -->
  1211. <based-on></based-on>
  1212. </theme-info>';
  1213. // Now write it.
  1214. $fp = @fopen($theme_dir . '/theme_info.xml', 'w+');
  1215. if ($fp)
  1216. {
  1217. fwrite($fp, $xml_info);
  1218. fclose($fp);
  1219. }
  1220. }
  1221. elseif (isset($_REQUEST['theme_dir']) && $method == 'path')
  1222. {
  1223. if (!is_dir($_REQUEST['theme_dir']) || !file_exists($_REQUEST['theme_dir'] . '/theme_info.xml'))
  1224. fatal_lang_error('theme_install_error', false);
  1225. $theme_name = basename($_REQUEST['theme_dir']);
  1226. $theme_dir = $_REQUEST['theme_dir'];
  1227. }
  1228. elseif ($method = 'upload')
  1229. {
  1230. // Hopefully the themes directory is writable, or we might have a problem.
  1231. if (!is_writable($boarddir . '/Themes'))
  1232. fatal_lang_error('theme_install_write_error', 'critical');
  1233. require_once($sourcedir . '/Subs-Package.php');
  1234. // Set the default settings...
  1235. $theme_name = strtok(basename(isset($_FILES['theme_gz']) ? $_FILES['theme_gz']['name'] : $_REQUEST['theme_gz']), '.');
  1236. $theme_name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $theme_name);
  1237. $theme_dir = $boarddir . '/Themes/' . $theme_name;
  1238. if (isset($_FILES['theme_gz']) && is_uploaded_file($_FILES['theme_gz']['tmp_name']) && (@ini_get('open_basedir') != '' || file_exists($_FILES['theme_gz']['tmp_name'])))
  1239. $extracted = read_tgz_file($_FILES['theme_gz']['tmp_name'], $boarddir . '/Themes/' . $theme_name, false, true);
  1240. elseif (isset($_REQUEST['theme_gz']))
  1241. {
  1242. // Check that the theme is from simplemachines.org, for now... maybe add mirroring later.
  1243. if (preg_match('~^http://[\w_\-]+\.simplemachines\.org/~', $_REQUEST['theme_gz']) == 0 || strpos($_REQUEST['theme_gz'], 'dlattach') !== false)
  1244. fatal_lang_error('not_on_simplemachines');
  1245. $extracted = read_tgz_file($_REQUEST['theme_gz'], $boarddir . '/Themes/' . $theme_name, false, true);
  1246. }
  1247. else
  1248. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  1249. }
  1250. // Something go wrong?
  1251. if ($theme_dir != '' && basename($theme_dir) != 'Themes')
  1252. {
  1253. // Defaults.
  1254. $install_info = array(
  1255. 'theme_url' => $boardurl . '/Themes/' . basename($theme_dir),
  1256. 'images_url' => isset($images_url) ? $images_url : $boardurl . '/Themes/' . basename($theme_dir) . '/images',
  1257. 'theme_dir' => $theme_dir,
  1258. 'name' => $theme_name
  1259. );
  1260. if (file_exists($theme_dir . '/theme_info.xml'))
  1261. {
  1262. $theme_info = file_get_contents($theme_dir . '/theme_info.xml');
  1263. $xml_elements = array(
  1264. 'name' => 'name',
  1265. 'theme_layers' => 'layers',
  1266. 'theme_templates' => 'templates',
  1267. 'based_on' => 'based-on',
  1268. );
  1269. foreach ($xml_elements as $var => $name)
  1270. {
  1271. if (preg_match('~<' . $name . '>(?:<!\[CDATA\[)?(.+?)(?:\]\]>)?</' . $name . '>~', $theme_info, $match) == 1)
  1272. $install_info[$var] = $match[1];
  1273. }
  1274. if (preg_match('~<images>(?:<!\[CDATA\[)?(.+?)(?:\]\]>)?</images>~', $theme_info, $match) == 1)
  1275. {
  1276. $install_info['images_url'] = $install_info['theme_url'] . '/' . $match[1];
  1277. $explicit_images = true;
  1278. }
  1279. if (preg_match('~<extra>(?:<!\[CDATA\[)?(.+?)(?:\]\]>)?</extra>~', $theme_info, $match) == 1)
  1280. $install_info += unserialize($match[1]);
  1281. }
  1282. if (isset($install_info['based_on']))
  1283. {
  1284. if ($install_info['based_on'] == 'default')
  1285. {
  1286. $install_info['theme_url'] = $settings['default_theme_url'];
  1287. $install_info['images_url'] = $settings['default_images_url'];
  1288. }
  1289. elseif ($install_info['based_on'] != '')
  1290. {
  1291. $install_info['based_on'] = preg_replace('~[^A-Za-z0-9\-_ ]~', '', $install_info['based_on']);
  1292. $request = $smcFunc['db_query']('', '
  1293. SELECT th.value AS base_theme_dir, th2.value AS base_theme_url' . (!empty($explicit_images) ? '' : ', th3.value AS images_url') . '
  1294. FROM {db_prefix}themes AS th
  1295. INNER JOIN {db_prefix}themes AS th2 ON (th2.id_theme = th.id_theme
  1296. AND th2.id_member = {int:no_member}
  1297. AND th2.variable = {string:theme_url})' . (!empty($explicit_images) ? '' : '
  1298. INNER JOIN {db_prefix}themes AS th3 ON (th3.id_theme = th.id_theme
  1299. AND th3.id_member = {int:no_member}
  1300. AND th3.variable = {string:images_url})') . '
  1301. WHERE th.id_member = {int:no_member}
  1302. AND (th.value LIKE {string:based_on} OR th.value LIKE {string:based_on_path})
  1303. AND th.variable = {string:theme_dir}
  1304. LIMIT 1',
  1305. array(
  1306. 'no_member' => 0,
  1307. 'theme_url' => 'theme_url',
  1308. 'images_url' => 'images_url',
  1309. 'theme_dir' => 'theme_dir',
  1310. 'based_on' => '%/' . $install_info['based_on'],
  1311. 'based_on_path' => '%' . "\\" . $install_info['based_on'],
  1312. )
  1313. );
  1314. $temp = $smcFunc['db_fetch_assoc']($request);
  1315. $smcFunc['db_free_result']($request);
  1316. // !!! An error otherwise?
  1317. if (is_array($temp))
  1318. {
  1319. $install_info = $temp + $install_info;
  1320. if (empty($explicit_images) && !empty($install_info['base_theme_url']))
  1321. $install_info['theme_url'] = $install_info['base_theme_url'];
  1322. }
  1323. }
  1324. unset($install_info['based_on']);
  1325. }
  1326. // Find the newest id_theme.
  1327. $result = $smcFunc['db_query']('', '
  1328. SELECT MAX(id_theme)
  1329. FROM {db_prefix}themes',
  1330. array(
  1331. )
  1332. );
  1333. list ($id_theme) = $smcFunc['db_fetch_row']($result);
  1334. $smcFunc['db_free_result']($result);
  1335. // This will be theme number...
  1336. $id_theme++;
  1337. $inserts = array();
  1338. foreach ($install_info as $var => $val)
  1339. $inserts[] = array($id_theme, $var, $val);
  1340. if (!empty($inserts))
  1341. $smcFunc['db_insert']('insert',
  1342. '{db_prefix}themes',
  1343. array('id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  1344. $inserts,
  1345. array('id_theme', 'variable')
  1346. );
  1347. updateSettings(array('knownThemes' => strtr($modSettings['knownThemes'] . ',' . $id_theme, array(',,' => ','))));
  1348. }
  1349. redirectexit('action=admin;area=theme;sa=install;theme_id=' . $id_theme . ';' . $context['session_var'] . '=' . $context['session_id']);
  1350. }
  1351. // Possibly the simplest and best example of how to ues the template system.
  1352. function WrapAction()
  1353. {
  1354. global $context, $settings, $sourcedir;
  1355. // Load any necessary template(s)?
  1356. if (isset($settings['catch_action']['template']))
  1357. {
  1358. // Load both the template and language file. (but don't fret if the language file isn't there...)
  1359. loadTemplate($settings['catch_action']['template']);
  1360. loadLanguage($settings['catch_action']['template'], '', false);
  1361. }
  1362. // Any special layers?
  1363. if (isset($settings['catch_action']['layers']))
  1364. $context['template_layers'] = $settings['catch_action']['layers'];
  1365. // Just call a function?
  1366. if (isset($settings['catch_action']['function']))
  1367. {
  1368. if (isset($settings['catch_action']['filename']))
  1369. template_include($sourcedir . '/' . $settings['catch_action']['filename'], true);
  1370. $settings['catch_action']['function']();
  1371. }
  1372. // And finally, the main sub template ;).
  1373. elseif (isset($settings['catch_action']['sub_template']))
  1374. $context['sub_template'] = $settings['catch_action']['sub_template'];
  1375. }
  1376. // Set an option via javascript.
  1377. function SetJavaScript()
  1378. {
  1379. global $settings, $user_info, $smcFunc, $options;
  1380. // Check the session id.
  1381. checkSession('get');
  1382. // This good-for-nothing pixel is being used to keep the session alive.
  1383. if (empty($_GET['var']) || !isset($_GET['val']))
  1384. redirectexit($settings['images_url'] . '/blank.gif');
  1385. // Sorry, guests can't go any further than this..
  1386. if ($user_info['is_guest'] || $user_info['id'] == 0)
  1387. obExit(false);
  1388. $reservedVars = array(
  1389. 'actual_theme_url',
  1390. 'actual_images_url',
  1391. 'base_theme_dir',
  1392. 'base_theme_url',
  1393. 'default_images_url',
  1394. 'default_theme_dir',
  1395. 'default_theme_url',
  1396. 'default_template',
  1397. 'images_url',
  1398. 'number_recent_posts',
  1399. 'smiley_sets_default',
  1400. 'theme_dir',
  1401. 'theme_id',
  1402. 'theme_layers',
  1403. 'theme_templates',
  1404. 'theme_url',
  1405. 'name',
  1406. );
  1407. // Can't change reserved vars.
  1408. if (in_array(strtolower($_GET['var']), $reservedVars))
  1409. redirectexit($settings['images_url'] . '/blank.gif');
  1410. // Use a specific theme?
  1411. if (isset($_GET['th']) || isset($_GET['id']))
  1412. {
  1413. // Invalidate the current themes cache too.
  1414. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 60);
  1415. $settings['theme_id'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  1416. }
  1417. // If this is the admin preferences the passed value will just be an element of it.
  1418. if ($_GET['var'] == 'admin_preferences')
  1419. {
  1420. $options['admin_preferences'] = !empty($options['admin_preferences']) ? unserialize($options['admin_preferences']) : array();
  1421. // New thingy...
  1422. if (isset($_GET['admin_key']) && strlen($_GET['admin_key']) < 5)
  1423. $options['admin_preferences'][$_GET['admin_key']] = $_GET['val'];
  1424. // Change the value to be something nice,
  1425. $_GET['val'] = serialize($options['admin_preferences']);
  1426. }
  1427. // Update the option.
  1428. $smcFunc['db_insert']('replace',
  1429. '{db_prefix}themes',
  1430. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  1431. array($settings['theme_id'], $user_info['id'], $_GET['var'], is_array($_GET['val']) ? implode(',', $_GET['val']) : $_GET['val']),
  1432. array('id_theme', 'id_member', 'variable')
  1433. );
  1434. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 60);
  1435. // Don't output anything...
  1436. redirectexit($settings['images_url'] . '/blank.gif');
  1437. }
  1438. function EditTheme()
  1439. {
  1440. global $context, $settings, $scripturl, $boarddir, $smcFunc;
  1441. if (isset($_REQUEST['preview']))
  1442. {
  1443. // !!! Should this be removed?
  1444. die;
  1445. }
  1446. isAllowedTo('admin_forum');
  1447. loadTemplate('Themes');
  1448. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) @$_GET['id'];
  1449. if (empty($_GET['th']))
  1450. {
  1451. $request = $smcFunc['db_query']('', '
  1452. SELECT id_theme, variable, value
  1453. FROM {db_prefix}themes
  1454. WHERE variable IN ({string:name}, {string:theme_dir}, {string:theme_templates}, {string:theme_layers})
  1455. AND id_member = {int:no_member}',
  1456. array(
  1457. 'name' => 'name',
  1458. 'theme_dir' => 'theme_dir',
  1459. 'theme_templates' => 'theme_templates',
  1460. 'theme_layers' => 'theme_layers',
  1461. 'no_member' => 0,
  1462. )
  1463. );
  1464. $context['themes'] = array();
  1465. while ($row = $smcFunc['db_fetch_assoc']($request))
  1466. {
  1467. if (!isset($context['themes'][$row['id_theme']]))
  1468. $context['themes'][$row['id_theme']] = array(
  1469. 'id' => $row['id_theme'],
  1470. 'num_default_options' => 0,
  1471. 'num_members' => 0,
  1472. );
  1473. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  1474. }
  1475. $smcFunc['db_free_result']($request);
  1476. foreach ($context['themes'] as $key => $theme)
  1477. {
  1478. // There has to be a Settings template!
  1479. if (!file_exists($theme['theme_dir'] . '/index.template.php') && !file_exists($theme['theme_dir'] . '/css/index.css'))
  1480. unset($context['themes'][$key]);
  1481. else
  1482. {
  1483. if (!isset($theme['theme_templates']))
  1484. $templates = array('index');
  1485. else
  1486. $templates = explode(',', $theme['theme_templates']);
  1487. foreach ($templates as $template)
  1488. if (file_exists($theme['theme_dir'] . '/' . $template . '.template.php'))
  1489. {
  1490. // Fetch the header... a good 256 bytes should be more than enough.
  1491. $fp = fopen($theme['theme_dir'] . '/' . $template . '.template.php', 'rb');
  1492. $header = fread($fp, 256);
  1493. fclose($fp);
  1494. // Can we find a version comment, at all?
  1495. if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
  1496. {
  1497. $ver = $match[1];
  1498. if (!isset($context['themes'][$key]['version']) || $context['themes'][$key]['version'] > $ver)
  1499. $context['themes'][$key]['version'] = $ver;
  1500. }
  1501. }
  1502. $context['themes'][$key]['can_edit_style'] = file_exists($theme['theme_dir'] . '/css/index.css');
  1503. }
  1504. }
  1505. $context['sub_template'] = 'edit_list';
  1506. return 'no_themes';
  1507. }
  1508. $context['session_error'] = false;
  1509. // Get the directory of the theme we are editing.
  1510. $request = $smcFunc['db_query']('', '
  1511. SELECT value, id_theme
  1512. FROM {db_prefix}themes
  1513. WHERE variable = {string:theme_dir}
  1514. AND id_theme = {int:current_theme}
  1515. LIMIT 1',
  1516. array(
  1517. 'current_theme' => $_GET['th'],
  1518. 'theme_dir' => 'theme_dir',
  1519. )
  1520. );
  1521. list ($theme_dir, $context['theme_id']) = $smcFunc['db_fetch_row']($request);
  1522. $smcFunc['db_free_result']($request);
  1523. if (!file_exists($theme_dir . '/index.template.php') && !file_exists($theme_dir . '/css/index.css'))
  1524. fatal_lang_error('theme_edit_missing', false);
  1525. if (!isset($_REQUEST['filename']))
  1526. {
  1527. if (isset($_GET['directory']))
  1528. {
  1529. if (substr($_GET['directory'], 0, 1) == '.')
  1530. $_GET['directory'] = '';
  1531. else
  1532. {
  1533. $_GET['directory'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_GET['directory']);
  1534. $temp = realpath($theme_dir . '/' . $_GET['directory']);
  1535. if (empty($temp) || substr($temp, 0, strlen(realpath($theme_dir))) != realpath($theme_dir))
  1536. $_GET['directory'] = '';
  1537. }
  1538. }
  1539. if (isset($_GET['directory']) && $_GET['directory'] != '')
  1540. {
  1541. $context['theme_files'] = get_file_listing($theme_dir . '/' . $_GET['directory'], $_GET['directory'] . '/');
  1542. $temp = dirname($_GET['directory']);
  1543. array_unshift($context['theme_files'], array(
  1544. 'filename' => $temp == '.' || $temp == '' ? '/ (..)' : $temp . ' (..)',
  1545. 'is_writable' => is_writable($theme_dir . '/' . $temp),
  1546. 'is_directory' => true,
  1547. 'is_template' => false,
  1548. 'is_image' => false,
  1549. 'is_editable' => false,
  1550. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $temp,
  1551. 'size' => '',
  1552. ));
  1553. }
  1554. else
  1555. $context['theme_files'] = get_file_listing($theme_dir, '');
  1556. $context['sub_template'] = 'edit_browse';
  1557. return;
  1558. }
  1559. else
  1560. {
  1561. if (substr($_REQUEST['filename'], 0, 1) == '.')
  1562. $_REQUEST['filename'] = '';
  1563. else
  1564. {
  1565. $_REQUEST['filename'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_REQUEST['filename']);
  1566. $temp = realpath($theme_dir . '/' . $_REQUEST['filename']);
  1567. if (empty($temp) || substr($temp, 0, strlen(realpath($theme_dir))) != realpath($theme_dir))
  1568. $_REQUEST['filename'] = '';
  1569. }
  1570. if (empty($_REQUEST['filename']))
  1571. fatal_lang_error('theme_edit_missing', false);
  1572. }
  1573. if (isset($_POST['submit']))
  1574. {
  1575. if (checkSession('post', '', false) == '')
  1576. {
  1577. if (is_array($_POST['entire_file']))
  1578. $_POST['entire_file'] = implode("\n", $_POST['entire_file']);
  1579. $_POST['entire_file'] = rtrim(strtr($_POST['entire_file'], array("\r" => '', ' ' => "\t")));
  1580. // Check for a parse error!
  1581. if (substr($_REQUEST['filename'], -13) == '.template.php' && is_writable($theme_dir) && @ini_get('display_errors'))
  1582. {
  1583. $request = $smcFunc['db_query']('', '
  1584. SELECT value
  1585. FROM {db_prefix}themes
  1586. WHERE variable = {string:theme_url}
  1587. AND id_theme = {int:current_theme}
  1588. LIMIT 1',
  1589. array(
  1590. 'current_theme' => $_GET['th'],
  1591. 'theme_url' => 'theme_url',
  1592. )
  1593. );
  1594. list ($theme_url) = $smcFunc['db_fetch_row']($request);
  1595. $smcFunc['db_free_result']($request);
  1596. $fp = fopen($theme_dir . '/tmp_' . session_id() . '.php', 'w');
  1597. fwrite($fp, $_POST['entire_file']);
  1598. fclose($fp);
  1599. // !!! Use fetch_web_data()?
  1600. $error = @file_get_contents($theme_url . '/tmp_' . session_id() . '.php');
  1601. if (preg_match('~ <b>(\d+)</b><br( /)?' . '>$~i', $error) != 0)
  1602. $error_file = $theme_dir . '/tmp_' . session_id() . '.php';
  1603. else
  1604. unlink($theme_dir . '/tmp_' . session_id() . '.php');
  1605. }
  1606. if (!isset($error_file))
  1607. {
  1608. $fp = fopen($theme_dir . '/' . $_REQUEST['filename'], 'w');
  1609. fwrite($fp, $_POST['entire_file']);
  1610. fclose($fp);
  1611. redirectexit('action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . dirname($_REQUEST['filename']));
  1612. }
  1613. }
  1614. // Session timed out.
  1615. else
  1616. {
  1617. loadLanguage('Errors');
  1618. $context['session_error'] = true;
  1619. $context['sub_template'] = 'edit_file';
  1620. // Recycle the submitted data.
  1621. $context['entire_file'] = htmlspecialchars($_POST['entire_file']);
  1622. // You were able to submit it, so it's reasonable to assume you are allowed to save.
  1623. $context['allow_save'] = true;
  1624. return;
  1625. }
  1626. }
  1627. $context['allow_save'] = is_writable($theme_dir . '/' . $_REQUEST['filename']);
  1628. $context['allow_save_filename'] = strtr($theme_dir . '/' . $_REQUEST['filename'], array($boarddir => '...'));
  1629. $context['edit_filename'] = htmlspecialchars($_REQUEST['filename']);
  1630. if (substr($_REQUEST['filename'], -4) == '.css')
  1631. {
  1632. $context['sub_template'] = 'edit_style';
  1633. $context['entire_file'] = htmlspecialchars(strtr(file_get_contents($theme_dir . '/' . $_REQUEST['filename']), array("\t" => ' ')));
  1634. }
  1635. elseif (substr($_REQUEST['filename'], -13) == '.template.php')
  1636. {
  1637. $context['sub_template'] = 'edit_template';
  1638. if (!isset($error_file))
  1639. $file_data = file($theme_dir . '/' . $_REQUEST['filename']);
  1640. else
  1641. {
  1642. if (preg_match('~(<b>.+?</b>:.+?<b>).+?(</b>.+?<b>\d+</b>)<br( /)?' . '>$~i', $error, $match) != 0)
  1643. $context['parse_error'] = $match[1] . $_REQUEST['filename'] . $match[2];
  1644. $file_data = file($error_file);
  1645. unlink($error_file);
  1646. }
  1647. $j = 0;
  1648. $context['file_parts'] = array(array('lines' => 0, 'line' => 1, 'data' => ''));
  1649. for ($i = 0, $n = count($file_data); $i < $n; $i++)
  1650. {
  1651. if (isset($file_data[$i + 1]) && substr($file_data[$i + 1], 0, 9) == 'function ')
  1652. {
  1653. // Try to format the functions a little nicer...
  1654. $context['file_parts'][$j]['data'] = trim($context['file_parts'][$j]['data']) . "\n";
  1655. if (empty($context['file_parts'][$j]['lines']))
  1656. unset($context['file_parts'][$j]);
  1657. $context['file_parts'][++$j] = array('lines' => 0, 'line' => $i + 1, 'data' => '');
  1658. }
  1659. $context['file_parts'][$j]['lines']++;
  1660. $context['file_parts'][$j]['data'] .= htmlspecialchars(strtr($file_data[$i], array("\t" => ' ')));
  1661. }
  1662. $context['entire_file'] = htmlspecialchars(strtr(implode('', $file_data), array("\t" => ' ')));
  1663. }
  1664. else
  1665. {
  1666. $context['sub_template'] = 'edit_file';
  1667. $context['entire_file'] = htmlspecialchars(strtr(file_get_contents($theme_dir . '/' . $_REQUEST['filename']), array("\t" => ' ')));
  1668. }
  1669. }
  1670. function get_file_listing($path, $relative)
  1671. {
  1672. global $scripturl, $txt, $context;
  1673. // Is it even a directory?
  1674. if (!is_dir($path))
  1675. fatal_lang_error('error_invalid_dir', 'critical');
  1676. $dir = dir($path);
  1677. $entries = array();
  1678. while ($entry = $dir->read())
  1679. $entries[] = $entry;
  1680. $dir->close();
  1681. natcasesort($entries);
  1682. $listing1 = array();
  1683. $listing2 = array();
  1684. foreach ($entries as $entry)
  1685. {
  1686. // Skip all dot files, including .htaccess.
  1687. if (substr($entry, 0, 1) == '.' || $entry == 'CVS')
  1688. continue;
  1689. if (is_dir($path . '/' . $entry))
  1690. $listing1[] = array(
  1691. 'filename' => $entry,
  1692. 'is_writable' => is_writable($path . '/' . $entry),
  1693. 'is_directory' => true,
  1694. 'is_template' => false,
  1695. 'is_image' => false,
  1696. 'is_editable' => false,
  1697. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $relative . $entry,
  1698. 'size' => '',
  1699. );
  1700. else
  1701. {
  1702. $size = filesize($path . '/' . $entry);
  1703. if ($size > 2048 || $size == 1024)
  1704. $size = comma_format($size / 1024) . ' ' . $txt['themeadmin_edit_kilobytes'];
  1705. else
  1706. $size = comma_format($size) . ' ' . $txt['themeadmin_edit_bytes'];
  1707. $listing2[] = array(
  1708. 'filename' => $entry,
  1709. 'is_writable' => is_writable($path . '/' . $entry),
  1710. 'is_directory' => false,
  1711. 'is_template' => preg_match('~\.template\.php$~', $entry) != 0,
  1712. 'is_image' => preg_match('~\.(jpg|jpeg|gif|bmp|png)$~', $entry) != 0,
  1713. 'is_editable' => is_writable($path . '/' . $entry) && preg_match('~\.(php|pl|css|js|vbs|xml|xslt|txt|xsl|html|htm|shtm|shtml|asp|aspx|cgi|py)$~', $entry) != 0,
  1714. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;filename=' . $relative . $entry,
  1715. 'size' => $size,
  1716. 'last_modified' => timeformat(filemtime($path . '/' . $entry)),
  1717. );
  1718. }
  1719. }
  1720. return array_merge($listing1, $listing2);
  1721. }
  1722. function CopyTemplate()
  1723. {
  1724. global $context, $settings, $smcFunc;
  1725. isAllowedTo('admin_forum');
  1726. loadTemplate('Themes');
  1727. $context[$context['admin_menu_name']]['current_subsection'] = 'edit';
  1728. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  1729. $request = $smcFunc['db_query']('', '
  1730. SELECT th1.value, th1.id_theme, th2.value
  1731. FROM {db_prefix}themes AS th1
  1732. LEFT JOIN {db_prefix}themes AS th2 ON (th2.variable = {string:base_theme_dir} AND th2.id_theme = {int:current_theme})
  1733. WHERE th1.variable = {string:theme_dir}
  1734. AND th1.id_theme = {int:current_theme}
  1735. LIMIT 1',
  1736. array(
  1737. 'current_theme' => $_GET['th'],
  1738. 'base_theme_dir' => 'base_theme_dir',
  1739. 'theme_dir' => 'theme_dir',
  1740. )
  1741. );
  1742. list ($theme_dir, $context['theme_id'], $base_theme_dir) = $smcFunc['db_fetch_row']($request);
  1743. $smcFunc['db_free_result']($request);
  1744. if (isset($_REQUEST['template']) && preg_match('~[\./\\\\:\0]~', $_REQUEST['template']) == 0)
  1745. {
  1746. if (!empty($base_theme_dir) && file_exists($base_theme_dir . '/' . $_REQUEST['template'] . '.template.php'))
  1747. $filename = $base_theme_dir . '/' . $_REQUEST['template'] . '.template.php';
  1748. elseif (file_exists($settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php'))
  1749. $filename = $settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php';
  1750. else
  1751. fatal_lang_error('no_access', false);
  1752. $fp = fopen($theme_dir . '/' . $_REQUEST['template'] . '.template.php', 'w');
  1753. fwrite($fp, file_get_contents($filename));
  1754. fclose($fp);
  1755. redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
  1756. }
  1757. elseif (isset($_REQUEST['lang_file']) && preg_match('~^[^\./\\\\:\0]\.[^\./\\\\:\0]$~', $_REQUEST['lang_file']) != 0)
  1758. {
  1759. if (!empty($base_theme_dir) && file_exists($base_theme_dir . '/languages/' . $_REQUEST['lang_file'] . '.php'))
  1760. $filename = $base_theme_dir . '/languages/' . $_REQUEST['template'] . '.php';
  1761. elseif (file_exists($settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php'))
  1762. $filename = $settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php';
  1763. else
  1764. fatal_lang_error('no_access', false);
  1765. $fp = fopen($theme_dir . '/languages/' . $_REQUEST['lang_file'] . '.php', 'w');
  1766. fwrite($fp, file_get_contents($filename));
  1767. fclose($fp);
  1768. redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
  1769. }
  1770. $templates = array();
  1771. $lang_files = array();
  1772. $dir = dir($settings['default_theme_dir']);
  1773. while ($entry = $dir->read())
  1774. {
  1775. if (substr($entry, -13) == '.template.php')
  1776. $templates[] = substr($entry, 0, -13);
  1777. }
  1778. $dir->close();
  1779. $dir = dir($settings['default_theme_dir'] . '/languages');
  1780. while ($entry = $dir->read())
  1781. {
  1782. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches))
  1783. $lang_files[] = $matches[1];
  1784. }
  1785. $dir->close();
  1786. if (!empty($base_theme_dir))
  1787. {
  1788. $dir = dir($base_theme_dir);
  1789. while ($entry = $dir->read())
  1790. {
  1791. if (substr($entry, -13) == '.template.php' && !in_array(substr($entry, 0, -13), $templates))
  1792. $templates[] = substr($entry, 0, -13);
  1793. }
  1794. $dir->close();
  1795. if (file_exists($base_theme_dir . '/languages'))
  1796. {
  1797. $dir = dir($base_theme_dir . '/languages');
  1798. while ($entry = $dir->read())
  1799. {
  1800. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches) && !in_array($matches[1], $lang_files))
  1801. $lang_files[] = $matches[1];
  1802. }
  1803. $dir->close();
  1804. }
  1805. }
  1806. natcasesort($templates);
  1807. natcasesort($lang_files);
  1808. $context['available_templates'] = array();
  1809. foreach ($templates as $template)
  1810. $context['available_templates'][$template] = array(
  1811. 'filename' => $template . '.template.php',
  1812. 'value' => $template,
  1813. 'already_exists' => false,
  1814. 'can_copy' => is_writable($theme_dir),
  1815. );
  1816. $context['available_language_files'] = array();
  1817. foreach ($lang_files as $file)
  1818. $context['available_language_files'][$file] = array(
  1819. 'filename' => $file . '.php',
  1820. 'value' => $file,
  1821. 'already_exists' => false,
  1822. 'can_copy' => file_exists($theme_dir . '/languages') ? is_writable($theme_dir . '/languages') : is_writable($theme_dir),
  1823. );
  1824. $dir = dir($theme_dir);
  1825. while ($entry = $dir->read())
  1826. {
  1827. if (substr($entry, -13) == '.template.php' && isset($context['available_templates'][substr($entry, 0, -13)]))
  1828. {
  1829. $context['available_templates'][substr($entry, 0, -13)]['already_exists'] = true;
  1830. $context['available_templates'][substr($entry, 0, -13)]['can_copy'] = is_writable($theme_dir . '/' . $entry);
  1831. }
  1832. }
  1833. $dir->close();
  1834. if (file_exists($theme_dir . '/languages'))
  1835. {
  1836. $dir = dir($theme_dir . '/languages');
  1837. while ($entry = $dir->read())
  1838. {
  1839. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches) && isset($context['available_language_files'][$matches[1]]))
  1840. {
  1841. $context['available_language_files'][$matches[1]]['already_exists'] = true;
  1842. $context['available_language_files'][$matches[1]]['can_copy'] = is_writable($theme_dir . '/languages/' . $entry);
  1843. }
  1844. }
  1845. $dir->close();
  1846. }
  1847. $context['sub_template'] = 'copy_template';
  1848. }
  1849. ?>