Themes.php 71 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195
  1. <?php
  2. /**
  3. * This file concerns itself almost completely with theme administration.
  4. * Its tasks include changing theme settings, installing and removing
  5. * themes, choosing the current theme, and editing themes.
  6. *
  7. * @todo Update this for the new package manager?
  8. *
  9. * Creating and distributing theme packages:
  10. * There isn't that much required to package and distribute your own themes...
  11. * just do the following:
  12. * - create a theme_info.xml file, with the root element theme-info.
  13. * - its name should go in a name element, just like description.
  14. * - your name should go in author. (email in the email attribute.)
  15. * - any support website for the theme should be in website.
  16. * - layers and templates (non-default) should go in those elements ;).
  17. * - if the images dir isn't images, specify in the images element.
  18. * - any extra rows for themes should go in extra, serialized.
  19. * (as in array(variable => value).)
  20. * - tar and gzip the directory - and you're done!
  21. * - please include any special license in a license.txt file.
  22. *
  23. * Simple Machines Forum (SMF)
  24. *
  25. * @package SMF
  26. * @author Simple Machines http://www.simplemachines.org
  27. * @copyright 2012 Simple Machines Forum contributors
  28. * @license http://www.simplemachines.org/about/smf/license.php BSD
  29. *
  30. * @version 2.1 Alpha 1
  31. */
  32. if (!defined('SMF'))
  33. die('Hacking attempt...');
  34. /**
  35. * Subaction handler - manages the action and delegates control to the proper
  36. * sub-action.
  37. * It loads both the Themes and Settings language files.
  38. * Checks the session by GET or POST to verify the sent data.
  39. * Requires the user not be a guest. (@todo what?)
  40. * Accessed via ?action=admin;area=theme.
  41. */
  42. function ThemesMain()
  43. {
  44. global $txt, $context, $scripturl;
  45. // Load the important language files...
  46. loadLanguage('Themes');
  47. loadLanguage('Settings');
  48. // No funny business - guests only.
  49. is_not_guest();
  50. // Default the page title to Theme Administration by default.
  51. $context['page_title'] = $txt['themeadmin_title'];
  52. // Theme administration, removal, choice, or installation...
  53. $subActions = array(
  54. 'admin' => 'ThemeAdmin',
  55. 'list' => 'ThemeList',
  56. 'reset' => 'SetThemeOptions',
  57. 'options' => 'SetThemeOptions',
  58. 'install' => 'ThemeInstall',
  59. 'remove' => 'RemoveTheme',
  60. 'pick' => 'PickTheme',
  61. 'edit' => 'EditTheme',
  62. 'copy' => 'CopyTemplate',
  63. );
  64. // @todo Layout Settings?
  65. if (!empty($context['admin_menu_name']))
  66. {
  67. $context[$context['admin_menu_name']]['tab_data'] = array(
  68. 'title' => $txt['themeadmin_title'],
  69. 'help' => 'themes',
  70. 'description' => $txt['themeadmin_description'],
  71. 'tabs' => array(
  72. 'admin' => array(
  73. 'description' => $txt['themeadmin_admin_desc'],
  74. ),
  75. 'list' => array(
  76. 'description' => $txt['themeadmin_list_desc'],
  77. ),
  78. 'reset' => array(
  79. 'description' => $txt['themeadmin_reset_desc'],
  80. ),
  81. 'edit' => array(
  82. 'description' => $txt['themeadmin_edit_desc'],
  83. ),
  84. ),
  85. );
  86. }
  87. // Follow the sa or just go to administration.
  88. if (isset($_GET['sa']) && !empty($subActions[$_GET['sa']]))
  89. $subActions[$_GET['sa']]();
  90. else
  91. $subActions['admin']();
  92. }
  93. /**
  94. * This function allows administration of themes and their settings,
  95. * as well as global theme settings.
  96. * - sets the settings theme_allow, theme_guests, and knownThemes.
  97. * - requires the admin_forum permission.
  98. * - accessed with ?action=admin;area=theme;sa=admin.
  99. *
  100. * @uses Themes template
  101. * @uses Admin language file
  102. */
  103. function ThemeAdmin()
  104. {
  105. global $context, $boarddir, $modSettings, $smcFunc;
  106. loadLanguage('Admin');
  107. isAllowedTo('admin_forum');
  108. // If we aren't submitting - that is, if we are about to...
  109. if (!isset($_POST['save']))
  110. {
  111. loadTemplate('Themes');
  112. // Make our known themes a little easier to work with.
  113. $knownThemes = !empty($modSettings['knownThemes']) ? explode(',',$modSettings['knownThemes']) : array();
  114. // Load up all the themes.
  115. $request = $smcFunc['db_query']('', '
  116. SELECT id_theme, value AS name
  117. FROM {db_prefix}themes
  118. WHERE variable = {string:name}
  119. AND id_member = {int:no_member}
  120. ORDER BY id_theme',
  121. array(
  122. 'no_member' => 0,
  123. 'name' => 'name',
  124. )
  125. );
  126. $context['themes'] = array();
  127. while ($row = $smcFunc['db_fetch_assoc']($request))
  128. $context['themes'][] = array(
  129. 'id' => $row['id_theme'],
  130. 'name' => $row['name'],
  131. 'known' => in_array($row['id_theme'], $knownThemes),
  132. );
  133. $smcFunc['db_free_result']($request);
  134. // Can we create a new theme?
  135. $context['can_create_new'] = is_writable($boarddir . '/Themes');
  136. $context['new_theme_dir'] = substr(realpath($boarddir . '/Themes/default'), 0, -7);
  137. // Look for a non existent theme directory. (ie theme87.)
  138. $theme_dir = $boarddir . '/Themes/theme';
  139. $i = 1;
  140. while (file_exists($theme_dir . $i))
  141. $i++;
  142. $context['new_theme_name'] = 'theme' . $i;
  143. createToken('admin-tm');
  144. }
  145. else
  146. {
  147. checkSession();
  148. validateToken('admin-tm');
  149. if (isset($_POST['options']['known_themes']))
  150. foreach ($_POST['options']['known_themes'] as $key => $id)
  151. $_POST['options']['known_themes'][$key] = (int) $id;
  152. else
  153. fatal_lang_error('themes_none_selectable', false);
  154. if (!in_array($_POST['options']['theme_guests'], $_POST['options']['known_themes']))
  155. fatal_lang_error('themes_default_selectable', false);
  156. // Commit the new settings.
  157. updateSettings(array(
  158. 'theme_allow' => $_POST['options']['theme_allow'],
  159. 'theme_guests' => $_POST['options']['theme_guests'],
  160. 'knownThemes' => implode(',', $_POST['options']['known_themes']),
  161. ));
  162. if ((int) $_POST['theme_reset'] == 0 || in_array($_POST['theme_reset'], $_POST['options']['known_themes']))
  163. updateMemberData(null, array('id_theme' => (int) $_POST['theme_reset']));
  164. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=admin');
  165. }
  166. }
  167. /**
  168. * This function lists the available themes and provides an interface to reset
  169. * the paths of all the installed themes.
  170. */
  171. function ThemeList()
  172. {
  173. global $context, $boarddir, $boardurl, $smcFunc;
  174. loadLanguage('Admin');
  175. isAllowedTo('admin_forum');
  176. if (isset($_REQUEST['th']))
  177. return SetThemeSettings();
  178. if (isset($_POST['save']))
  179. {
  180. checkSession();
  181. validateToken('admin-tl');
  182. $request = $smcFunc['db_query']('', '
  183. SELECT id_theme, variable, value
  184. FROM {db_prefix}themes
  185. WHERE variable IN ({string:theme_dir}, {string:theme_url}, {string:images_url}, {string:base_theme_dir}, {string:base_theme_url}, {string:base_images_url})
  186. AND id_member = {int:no_member}',
  187. array(
  188. 'no_member' => 0,
  189. 'theme_dir' => 'theme_dir',
  190. 'theme_url' => 'theme_url',
  191. 'images_url' => 'images_url',
  192. 'base_theme_dir' => 'base_theme_dir',
  193. 'base_theme_url' => 'base_theme_url',
  194. 'base_images_url' => 'base_images_url',
  195. )
  196. );
  197. $themes = array();
  198. while ($row = $smcFunc['db_fetch_assoc']($request))
  199. $themes[$row['id_theme']][$row['variable']] = $row['value'];
  200. $smcFunc['db_free_result']($request);
  201. $setValues = array();
  202. foreach ($themes as $id => $theme)
  203. {
  204. if (file_exists($_POST['reset_dir'] . '/' . basename($theme['theme_dir'])))
  205. {
  206. $setValues[] = array($id, 0, 'theme_dir', realpath($_POST['reset_dir'] . '/' . basename($theme['theme_dir'])));
  207. $setValues[] = array($id, 0, 'theme_url', $_POST['reset_url'] . '/' . basename($theme['theme_dir']));
  208. $setValues[] = array($id, 0, 'images_url', $_POST['reset_url'] . '/' . basename($theme['theme_dir']) . '/' . basename($theme['images_url']));
  209. }
  210. if (isset($theme['base_theme_dir']) && file_exists($_POST['reset_dir'] . '/' . basename($theme['base_theme_dir'])))
  211. {
  212. $setValues[] = array($id, 0, 'base_theme_dir', realpath($_POST['reset_dir'] . '/' . basename($theme['base_theme_dir'])));
  213. $setValues[] = array($id, 0, 'base_theme_url', $_POST['reset_url'] . '/' . basename($theme['base_theme_dir']));
  214. $setValues[] = array($id, 0, 'base_images_url', $_POST['reset_url'] . '/' . basename($theme['base_theme_dir']) . '/' . basename($theme['base_images_url']));
  215. }
  216. cache_put_data('theme_settings-' . $id, null, 90);
  217. }
  218. if (!empty($setValues))
  219. {
  220. $smcFunc['db_insert']('replace',
  221. '{db_prefix}themes',
  222. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  223. $setValues,
  224. array('id_theme', 'variable', 'id_member')
  225. );
  226. }
  227. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id']);
  228. }
  229. loadTemplate('Themes');
  230. $request = $smcFunc['db_query']('', '
  231. SELECT id_theme, variable, value
  232. FROM {db_prefix}themes
  233. WHERE variable IN ({string:name}, {string:theme_dir}, {string:theme_url}, {string:images_url})
  234. AND id_member = {int:no_member}',
  235. array(
  236. 'no_member' => 0,
  237. 'name' => 'name',
  238. 'theme_dir' => 'theme_dir',
  239. 'theme_url' => 'theme_url',
  240. 'images_url' => 'images_url',
  241. )
  242. );
  243. $context['themes'] = array();
  244. while ($row = $smcFunc['db_fetch_assoc']($request))
  245. {
  246. if (!isset($context['themes'][$row['id_theme']]))
  247. $context['themes'][$row['id_theme']] = array(
  248. 'id' => $row['id_theme'],
  249. );
  250. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  251. }
  252. $smcFunc['db_free_result']($request);
  253. foreach ($context['themes'] as $i => $theme)
  254. {
  255. $context['themes'][$i]['theme_dir'] = realpath($context['themes'][$i]['theme_dir']);
  256. if (file_exists($context['themes'][$i]['theme_dir'] . '/index.template.php'))
  257. {
  258. // Fetch the header... a good 256 bytes should be more than enough.
  259. $fp = fopen($context['themes'][$i]['theme_dir'] . '/index.template.php', 'rb');
  260. $header = fread($fp, 256);
  261. fclose($fp);
  262. // Can we find a version comment, at all?
  263. if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
  264. $context['themes'][$i]['version'] = $match[1];
  265. }
  266. $context['themes'][$i]['valid_path'] = file_exists($context['themes'][$i]['theme_dir']) && is_dir($context['themes'][$i]['theme_dir']);
  267. }
  268. $context['reset_dir'] = realpath($boarddir . '/Themes');
  269. $context['reset_url'] = $boardurl . '/Themes';
  270. $context['sub_template'] = 'list_themes';
  271. createToken('admin-tl');
  272. createToken('admin-tr', 'request');
  273. }
  274. /**
  275. * Administrative global settings.
  276. */
  277. function SetThemeOptions()
  278. {
  279. global $txt, $context, $settings, $modSettings, $smcFunc;
  280. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (isset($_GET['id']) ? (int) $_GET['id'] : 0);
  281. isAllowedTo('admin_forum');
  282. if (empty($_GET['th']) && empty($_GET['id']))
  283. {
  284. $request = $smcFunc['db_query']('', '
  285. SELECT id_theme, variable, value
  286. FROM {db_prefix}themes
  287. WHERE variable IN ({string:name}, {string:theme_dir})
  288. AND id_member = {int:no_member}',
  289. array(
  290. 'no_member' => 0,
  291. 'name' => 'name',
  292. 'theme_dir' => 'theme_dir',
  293. )
  294. );
  295. $context['themes'] = array();
  296. while ($row = $smcFunc['db_fetch_assoc']($request))
  297. {
  298. if (!isset($context['themes'][$row['id_theme']]))
  299. $context['themes'][$row['id_theme']] = array(
  300. 'id' => $row['id_theme'],
  301. 'num_default_options' => 0,
  302. 'num_members' => 0,
  303. );
  304. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  305. }
  306. $smcFunc['db_free_result']($request);
  307. $request = $smcFunc['db_query']('', '
  308. SELECT id_theme, COUNT(*) AS value
  309. FROM {db_prefix}themes
  310. WHERE id_member = {int:guest_member}
  311. GROUP BY id_theme',
  312. array(
  313. 'guest_member' => -1,
  314. )
  315. );
  316. while ($row = $smcFunc['db_fetch_assoc']($request))
  317. $context['themes'][$row['id_theme']]['num_default_options'] = $row['value'];
  318. $smcFunc['db_free_result']($request);
  319. // Need to make sure we don't do custom fields.
  320. $request = $smcFunc['db_query']('', '
  321. SELECT col_name
  322. FROM {db_prefix}custom_fields',
  323. array(
  324. )
  325. );
  326. $customFields = array();
  327. while ($row = $smcFunc['db_fetch_assoc']($request))
  328. $customFields[] = $row['col_name'];
  329. $smcFunc['db_free_result']($request);
  330. $customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
  331. $request = $smcFunc['db_query']('themes_count', '
  332. SELECT COUNT(DISTINCT id_member) AS value, id_theme
  333. FROM {db_prefix}themes
  334. WHERE id_member > {int:no_member}
  335. ' . $customFieldsQuery . '
  336. GROUP BY id_theme',
  337. array(
  338. 'no_member' => 0,
  339. 'custom_fields' => empty($customFields) ? array() : $customFields,
  340. )
  341. );
  342. while ($row = $smcFunc['db_fetch_assoc']($request))
  343. $context['themes'][$row['id_theme']]['num_members'] = $row['value'];
  344. $smcFunc['db_free_result']($request);
  345. // There has to be a Settings template!
  346. foreach ($context['themes'] as $k => $v)
  347. if (empty($v['theme_dir']) || (!file_exists($v['theme_dir'] . '/Settings.template.php') && empty($v['num_members'])))
  348. unset($context['themes'][$k]);
  349. loadTemplate('Themes');
  350. $context['sub_template'] = 'reset_list';
  351. createToken('admin-stor', 'request');
  352. return;
  353. }
  354. // Submit?
  355. if (isset($_POST['submit']) && empty($_POST['who']))
  356. {
  357. checkSession();
  358. validateToken('admin-sto');
  359. if (empty($_POST['options']))
  360. $_POST['options'] = array();
  361. if (empty($_POST['default_options']))
  362. $_POST['default_options'] = array();
  363. // Set up the sql query.
  364. $setValues = array();
  365. foreach ($_POST['options'] as $opt => $val)
  366. $setValues[] = array(-1, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
  367. $old_settings = array();
  368. foreach ($_POST['default_options'] as $opt => $val)
  369. {
  370. $old_settings[] = $opt;
  371. $setValues[] = array(-1, 1, $opt, is_array($val) ? implode(',', $val) : $val);
  372. }
  373. // If we're actually inserting something..
  374. if (!empty($setValues))
  375. {
  376. // Are there options in non-default themes set that should be cleared?
  377. if (!empty($old_settings))
  378. $smcFunc['db_query']('', '
  379. DELETE FROM {db_prefix}themes
  380. WHERE id_theme != {int:default_theme}
  381. AND id_member = {int:guest_member}
  382. AND variable IN ({array_string:old_settings})',
  383. array(
  384. 'default_theme' => 1,
  385. 'guest_member' => -1,
  386. 'old_settings' => $old_settings,
  387. )
  388. );
  389. $smcFunc['db_insert']('replace',
  390. '{db_prefix}themes',
  391. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  392. $setValues,
  393. array('id_theme', 'variable', 'id_member')
  394. );
  395. }
  396. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  397. cache_put_data('theme_settings-1', null, 90);
  398. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  399. }
  400. elseif (isset($_POST['submit']) && $_POST['who'] == 1)
  401. {
  402. checkSession();
  403. validateToken('admin-sto');
  404. $_POST['options'] = empty($_POST['options']) ? array() : $_POST['options'];
  405. $_POST['options_master'] = empty($_POST['options_master']) ? array() : $_POST['options_master'];
  406. $_POST['default_options'] = empty($_POST['default_options']) ? array() : $_POST['default_options'];
  407. $_POST['default_options_master'] = empty($_POST['default_options_master']) ? array() : $_POST['default_options_master'];
  408. $old_settings = array();
  409. foreach ($_POST['default_options'] as $opt => $val)
  410. {
  411. if ($_POST['default_options_master'][$opt] == 0)
  412. continue;
  413. elseif ($_POST['default_options_master'][$opt] == 1)
  414. {
  415. // Delete then insert for ease of database compatibility!
  416. $smcFunc['db_query']('substring', '
  417. DELETE FROM {db_prefix}themes
  418. WHERE id_theme = {int:default_theme}
  419. AND id_member != {int:no_member}
  420. AND variable = SUBSTRING({string:option}, 1, 255)',
  421. array(
  422. 'default_theme' => 1,
  423. 'no_member' => 0,
  424. 'option' => $opt,
  425. )
  426. );
  427. $smcFunc['db_query']('substring', '
  428. INSERT INTO {db_prefix}themes
  429. (id_member, id_theme, variable, value)
  430. SELECT id_member, 1, SUBSTRING({string:option}, 1, 255), SUBSTRING({string:value}, 1, 65534)
  431. FROM {db_prefix}members',
  432. array(
  433. 'option' => $opt,
  434. 'value' => (is_array($val) ? implode(',', $val) : $val),
  435. )
  436. );
  437. $old_settings[] = $opt;
  438. }
  439. elseif ($_POST['default_options_master'][$opt] == 2)
  440. {
  441. $smcFunc['db_query']('', '
  442. DELETE FROM {db_prefix}themes
  443. WHERE variable = {string:option_name}
  444. AND id_member > {int:no_member}',
  445. array(
  446. 'no_member' => 0,
  447. 'option_name' => $opt,
  448. )
  449. );
  450. }
  451. }
  452. // Delete options from other themes.
  453. if (!empty($old_settings))
  454. $smcFunc['db_query']('', '
  455. DELETE FROM {db_prefix}themes
  456. WHERE id_theme != {int:default_theme}
  457. AND id_member > {int:no_member}
  458. AND variable IN ({array_string:old_settings})',
  459. array(
  460. 'default_theme' => 1,
  461. 'no_member' => 0,
  462. 'old_settings' => $old_settings,
  463. )
  464. );
  465. foreach ($_POST['options'] as $opt => $val)
  466. {
  467. if ($_POST['options_master'][$opt] == 0)
  468. continue;
  469. elseif ($_POST['options_master'][$opt] == 1)
  470. {
  471. // Delete then insert for ease of database compatibility - again!
  472. $smcFunc['db_query']('substring', '
  473. DELETE FROM {db_prefix}themes
  474. WHERE id_theme = {int:current_theme}
  475. AND id_member != {int:no_member}
  476. AND variable = SUBSTRING({string:option}, 1, 255)',
  477. array(
  478. 'current_theme' => $_GET['th'],
  479. 'no_member' => 0,
  480. 'option' => $opt,
  481. )
  482. );
  483. $smcFunc['db_query']('substring', '
  484. INSERT INTO {db_prefix}themes
  485. (id_member, id_theme, variable, value)
  486. SELECT id_member, {int:current_theme}, SUBSTRING({string:option}, 1, 255), SUBSTRING({string:value}, 1, 65534)
  487. FROM {db_prefix}members',
  488. array(
  489. 'current_theme' => $_GET['th'],
  490. 'option' => $opt,
  491. 'value' => (is_array($val) ? implode(',', $val) : $val),
  492. )
  493. );
  494. }
  495. elseif ($_POST['options_master'][$opt] == 2)
  496. {
  497. $smcFunc['db_query']('', '
  498. DELETE FROM {db_prefix}themes
  499. WHERE variable = {string:option}
  500. AND id_member > {int:no_member}
  501. AND id_theme = {int:current_theme}',
  502. array(
  503. 'no_member' => 0,
  504. 'current_theme' => $_GET['th'],
  505. 'option' => $opt,
  506. )
  507. );
  508. }
  509. }
  510. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  511. }
  512. elseif (!empty($_GET['who']) && $_GET['who'] == 2)
  513. {
  514. checkSession('get');
  515. validateToken('admin-stor', 'request');
  516. // Don't delete custom fields!!
  517. if ($_GET['th'] == 1)
  518. {
  519. $request = $smcFunc['db_query']('', '
  520. SELECT col_name
  521. FROM {db_prefix}custom_fields',
  522. array(
  523. )
  524. );
  525. $customFields = array();
  526. while ($row = $smcFunc['db_fetch_assoc']($request))
  527. $customFields[] = $row['col_name'];
  528. $smcFunc['db_free_result']($request);
  529. }
  530. $customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
  531. $smcFunc['db_query']('', '
  532. DELETE FROM {db_prefix}themes
  533. WHERE id_member > {int:no_member}
  534. AND id_theme = {int:current_theme}
  535. ' . $customFieldsQuery,
  536. array(
  537. 'no_member' => 0,
  538. 'current_theme' => $_GET['th'],
  539. 'custom_fields' => empty($customFields) ? array() : $customFields,
  540. )
  541. );
  542. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  543. }
  544. $old_id = $settings['theme_id'];
  545. $old_settings = $settings;
  546. loadTheme($_GET['th'], false);
  547. loadLanguage('Profile');
  548. // @todo Should we just move these options so they are no longer theme dependant?
  549. loadLanguage('PersonalMessage');
  550. // Let the theme take care of the settings.
  551. loadTemplate('Settings');
  552. loadSubTemplate('options');
  553. $context['sub_template'] = 'set_options';
  554. $context['page_title'] = $txt['theme_settings'];
  555. $context['options'] = $context['theme_options'];
  556. $context['theme_settings'] = $settings;
  557. if (empty($_REQUEST['who']))
  558. {
  559. $request = $smcFunc['db_query']('', '
  560. SELECT variable, value
  561. FROM {db_prefix}themes
  562. WHERE id_theme IN (1, {int:current_theme})
  563. AND id_member = {int:guest_member}',
  564. array(
  565. 'current_theme' => $_GET['th'],
  566. 'guest_member' => -1,
  567. )
  568. );
  569. $context['theme_options'] = array();
  570. while ($row = $smcFunc['db_fetch_assoc']($request))
  571. $context['theme_options'][$row['variable']] = $row['value'];
  572. $smcFunc['db_free_result']($request);
  573. $context['theme_options_reset'] = false;
  574. }
  575. else
  576. {
  577. $context['theme_options'] = array();
  578. $context['theme_options_reset'] = true;
  579. }
  580. foreach ($context['options'] as $i => $setting)
  581. {
  582. // Is this disabled?
  583. if ($setting['id'] == 'calendar_start_day' && empty($modSettings['cal_enabled']))
  584. {
  585. unset($context['options'][$i]);
  586. continue;
  587. }
  588. elseif (($setting['id'] == 'topics_per_page' || $setting['id'] == 'messages_per_page') && !empty($modSettings['disableCustomPerPage']))
  589. {
  590. unset($context['options'][$i]);
  591. continue;
  592. }
  593. if (!isset($setting['type']) || $setting['type'] == 'bool')
  594. $context['options'][$i]['type'] = 'checkbox';
  595. elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
  596. $context['options'][$i]['type'] = 'number';
  597. elseif ($setting['type'] == 'string')
  598. $context['options'][$i]['type'] = 'text';
  599. if (isset($setting['options']))
  600. $context['options'][$i]['type'] = 'list';
  601. $context['options'][$i]['value'] = !isset($context['theme_options'][$setting['id']]) ? '' : $context['theme_options'][$setting['id']];
  602. }
  603. // Restore the existing theme.
  604. loadTheme($old_id, false);
  605. $settings = $old_settings;
  606. loadTemplate('Themes');
  607. createToken('admin-sto');
  608. }
  609. /**
  610. * Administrative global settings.
  611. * - saves and requests global theme settings. ($settings)
  612. * - loads the Admin language file.
  613. * - calls ThemeAdmin() if no theme is specified. (the theme center.)
  614. * - requires admin_forum permission.
  615. * - accessed with ?action=admin;area=theme;sa=list&th=xx.
  616. */
  617. function SetThemeSettings()
  618. {
  619. global $txt, $context, $settings, $modSettings, $sourcedir, $smcFunc;
  620. if (empty($_GET['th']) && empty($_GET['id']))
  621. return ThemeAdmin();
  622. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  623. // Select the best fitting tab.
  624. $context[$context['admin_menu_name']]['current_subsection'] = 'list';
  625. loadLanguage('Admin');
  626. isAllowedTo('admin_forum');
  627. // Validate inputs/user.
  628. if (empty($_GET['th']))
  629. fatal_lang_error('no_theme', false);
  630. // Fetch the smiley sets...
  631. $sets = explode(',', 'none,' . $modSettings['smiley_sets_known']);
  632. $set_names = explode("\n", $txt['smileys_none'] . "\n" . $modSettings['smiley_sets_names']);
  633. $context['smiley_sets'] = array(
  634. '' => $txt['smileys_no_default']
  635. );
  636. foreach ($sets as $i => $set)
  637. $context['smiley_sets'][$set] = htmlspecialchars($set_names[$i]);
  638. $old_id = $settings['theme_id'];
  639. $old_settings = $settings;
  640. loadTheme($_GET['th'], false);
  641. // Sadly we really do need to init the template.
  642. loadSubTemplate('init', 'ignore');
  643. // Also load the actual themes language file - in case of special settings.
  644. loadLanguage('Settings', '', true, true);
  645. // And the custom language strings...
  646. loadLanguage('ThemeStrings', '', false, true);
  647. // Let the theme take care of the settings.
  648. loadTemplate('Settings');
  649. loadSubTemplate('settings');
  650. // Load the variants separately...
  651. $settings['theme_variants'] = array();
  652. if (file_exists($settings['theme_dir'] . '/index.template.php'))
  653. {
  654. $file_contents = implode('', file($settings['theme_dir'] . '/index.template.php'));
  655. if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
  656. eval('global $settings;' . $matches[0]);
  657. }
  658. // Submitting!
  659. if (isset($_POST['save']))
  660. {
  661. checkSession();
  662. validateToken('admin-sts');
  663. if (empty($_POST['options']))
  664. $_POST['options'] = array();
  665. if (empty($_POST['default_options']))
  666. $_POST['default_options'] = array();
  667. // Make sure items are cast correctly.
  668. foreach ($context['theme_settings'] as $item)
  669. {
  670. // Disregard this item if this is just a separator.
  671. if (!is_array($item))
  672. continue;
  673. foreach (array('options', 'default_options') as $option)
  674. {
  675. if (!isset($_POST[$option][$item['id']]))
  676. continue;
  677. // Checkbox.
  678. elseif (empty($item['type']))
  679. $_POST[$option][$item['id']] = $_POST[$option][$item['id']] ? 1 : 0;
  680. // Number
  681. elseif ($item['type'] == 'number')
  682. $_POST[$option][$item['id']] = (int) $_POST[$option][$item['id']];
  683. }
  684. }
  685. // Set up the sql query.
  686. $inserts = array();
  687. foreach ($_POST['options'] as $opt => $val)
  688. $inserts[] = array(0, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
  689. foreach ($_POST['default_options'] as $opt => $val)
  690. $inserts[] = array(0, 1, $opt, is_array($val) ? implode(',', $val) : $val);
  691. // If we're actually inserting something..
  692. if (!empty($inserts))
  693. {
  694. $smcFunc['db_insert']('replace',
  695. '{db_prefix}themes',
  696. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  697. $inserts,
  698. array('id_member', 'id_theme', 'variable')
  699. );
  700. }
  701. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  702. cache_put_data('theme_settings-1', null, 90);
  703. // Invalidate the cache.
  704. updateSettings(array('settings_updated' => time()));
  705. redirectexit('action=admin;area=theme;sa=list;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id']);
  706. }
  707. $context['sub_template'] = 'set_settings';
  708. $context['page_title'] = $txt['theme_settings'];
  709. foreach ($settings as $setting => $dummy)
  710. {
  711. if (!in_array($setting, array('theme_url', 'theme_dir', 'images_url', 'template_dirs')))
  712. $settings[$setting] = htmlspecialchars__recursive($settings[$setting]);
  713. }
  714. $context['settings'] = $context['theme_settings'];
  715. $context['theme_settings'] = $settings;
  716. foreach ($context['settings'] as $i => $setting)
  717. {
  718. // Separators are dummies, so leave them alone.
  719. if (!is_array($setting))
  720. continue;
  721. if (!isset($setting['type']) || $setting['type'] == 'bool')
  722. $context['settings'][$i]['type'] = 'checkbox';
  723. elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
  724. $context['settings'][$i]['type'] = 'number';
  725. elseif ($setting['type'] == 'string')
  726. $context['settings'][$i]['type'] = 'text';
  727. if (isset($setting['options']))
  728. $context['settings'][$i]['type'] = 'list';
  729. $context['settings'][$i]['value'] = !isset($settings[$setting['id']]) ? '' : $settings[$setting['id']];
  730. }
  731. // Do we support variants?
  732. if (!empty($settings['theme_variants']))
  733. {
  734. $context['theme_variants'] = array();
  735. foreach ($settings['theme_variants'] as $variant)
  736. {
  737. // Have any text, old chap?
  738. $context['theme_variants'][$variant] = array(
  739. 'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
  740. 'thumbnail' => !file_exists($settings['theme_dir'] . '/images/thumbnail.png') || file_exists($settings['theme_dir'] . '/images/thumbnail_' . $variant . '.png') ? $settings['images_url'] . '/thumbnail_' . $variant . '.png' : ($settings['images_url'] . '/thumbnail.png'),
  741. );
  742. }
  743. $context['default_variant'] = !empty($settings['default_variant']) && isset($context['theme_variants'][$settings['default_variant']]) ? $settings['default_variant'] : $settings['theme_variants'][0];
  744. }
  745. // Restore the current theme.
  746. loadTheme($old_id, false);
  747. // Reinit just incase.
  748. loadSubTemplate('init', 'ignore');
  749. $settings = $old_settings;
  750. loadTemplate('Themes');
  751. // We like Kenny better than Token.
  752. createToken('admin-sts');
  753. }
  754. /**
  755. * Remove a theme from the database.
  756. * - removes an installed theme.
  757. * - requires an administrator.
  758. * - accessed with ?action=admin;area=theme;sa=remove.
  759. */
  760. function RemoveTheme()
  761. {
  762. global $modSettings, $context, $smcFunc;
  763. checkSession('get');
  764. isAllowedTo('admin_forum');
  765. validateToken('admin-tr', 'request');
  766. // The theme's ID must be an integer.
  767. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  768. // You can't delete the default theme!
  769. if ($_GET['th'] == 1)
  770. fatal_lang_error('no_access', false);
  771. $known = explode(',', $modSettings['knownThemes']);
  772. for ($i = 0, $n = count($known); $i < $n; $i++)
  773. {
  774. if ($known[$i] == $_GET['th'])
  775. unset($known[$i]);
  776. }
  777. $smcFunc['db_query']('', '
  778. DELETE FROM {db_prefix}themes
  779. WHERE id_theme = {int:current_theme}',
  780. array(
  781. 'current_theme' => $_GET['th'],
  782. )
  783. );
  784. $smcFunc['db_query']('', '
  785. UPDATE {db_prefix}members
  786. SET id_theme = {int:default_theme}
  787. WHERE id_theme = {int:current_theme}',
  788. array(
  789. 'default_theme' => 0,
  790. 'current_theme' => $_GET['th'],
  791. )
  792. );
  793. $smcFunc['db_query']('', '
  794. UPDATE {db_prefix}boards
  795. SET id_theme = {int:default_theme}
  796. WHERE id_theme = {int:current_theme}',
  797. array(
  798. 'default_theme' => 0,
  799. 'current_theme' => $_GET['th'],
  800. )
  801. );
  802. $known = strtr(implode(',', $known), array(',,' => ','));
  803. // Fix it if the theme was the overall default theme.
  804. if ($modSettings['theme_guests'] == $_GET['th'])
  805. updateSettings(array('theme_guests' => '1', 'knownThemes' => $known));
  806. else
  807. updateSettings(array('knownThemes' => $known));
  808. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id']);
  809. }
  810. /**
  811. * Choose a theme from a list.
  812. * allows an user or administrator to pick a new theme with an interface.
  813. * - can edit everyone's (u = 0), guests' (u = -1), or a specific user's.
  814. * - uses the Themes template. (pick sub template.)
  815. * - accessed with ?action=admin;area=theme;sa=pick.
  816. * @todo thought so... Might be better to split this file in ManageThemes and Themes,
  817. * with centralized admin permissions on ManageThemes.
  818. */
  819. function PickTheme()
  820. {
  821. global $txt, $context, $modSettings, $user_info, $language, $smcFunc, $settings, $scripturl;
  822. loadLanguage('Profile');
  823. loadTemplate('Themes');
  824. // Build the link tree.
  825. $context['linktree'][] = array(
  826. 'url' => $scripturl . '?action=theme;sa=pick;u=' . (!empty($_REQUEST['u']) ? (int) $_REQUEST['u'] : 0),
  827. 'name' => $txt['theme_pick'],
  828. );
  829. $_SESSION['id_theme'] = 0;
  830. if (isset($_GET['id']))
  831. $_GET['th'] = $_GET['id'];
  832. // Saving a variant cause JS doesn't work - pretend it did ;)
  833. if (isset($_POST['save']))
  834. {
  835. // Which theme?
  836. foreach ($_POST['save'] as $k => $v)
  837. $_GET['th'] = (int) $k;
  838. if (isset($_POST['vrt'][$k]))
  839. $_GET['vrt'] = $_POST['vrt'][$k];
  840. }
  841. // Have we made a desicion, or are we just browsing?
  842. if (isset($_GET['th']))
  843. {
  844. checkSession('get');
  845. $_GET['th'] = (int) $_GET['th'];
  846. // Save for this user.
  847. if (!isset($_REQUEST['u']) || !allowedTo('admin_forum'))
  848. {
  849. updateMemberData($user_info['id'], array('id_theme' => (int) $_GET['th']));
  850. // A variants to save for the user?
  851. if (!empty($_GET['vrt']))
  852. {
  853. $smcFunc['db_insert']('replace',
  854. '{db_prefix}themes',
  855. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  856. array($_GET['th'], $user_info['id'], 'theme_variant', $_GET['vrt']),
  857. array('id_theme', 'id_member', 'variable')
  858. );
  859. cache_put_data('theme_settings-' . $_GET['th'] . ':' . $user_info['id'], null, 90);
  860. $_SESSION['id_variant'] = 0;
  861. }
  862. redirectexit('action=profile;area=theme');
  863. }
  864. // If changing members or guests - and there's a variant - assume changing default variant.
  865. if (!empty($_GET['vrt']) && ($_REQUEST['u'] == '0' || $_REQUEST['u'] == '-1'))
  866. {
  867. $smcFunc['db_insert']('replace',
  868. '{db_prefix}themes',
  869. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  870. array($_GET['th'], 0, 'default_variant', $_GET['vrt']),
  871. array('id_theme', 'id_member', 'variable')
  872. );
  873. // Make it obvious that it's changed
  874. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  875. }
  876. // For everyone.
  877. if ($_REQUEST['u'] == '0')
  878. {
  879. updateMemberData(null, array('id_theme' => (int) $_GET['th']));
  880. // Remove any custom variants.
  881. if (!empty($_GET['vrt']))
  882. {
  883. $smcFunc['db_query']('', '
  884. DELETE FROM {db_prefix}themes
  885. WHERE id_theme = {int:current_theme}
  886. AND variable = {string:theme_variant}',
  887. array(
  888. 'current_theme' => (int) $_GET['th'],
  889. 'theme_variant' => 'theme_variant',
  890. )
  891. );
  892. }
  893. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  894. }
  895. // Change the default/guest theme.
  896. elseif ($_REQUEST['u'] == '-1')
  897. {
  898. updateSettings(array('theme_guests' => (int) $_GET['th']));
  899. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  900. }
  901. // Change a specific member's theme.
  902. else
  903. {
  904. // The forum's default theme is always 0 and we
  905. if (isset($_GET['th']) && $_GET['th'] == 0)
  906. $_GET['th'] = $modSettings['theme_guests'];
  907. updateMemberData((int) $_REQUEST['u'], array('id_theme' => (int) $_GET['th']));
  908. if (!empty($_GET['vrt']))
  909. {
  910. $smcFunc['db_insert']('replace',
  911. '{db_prefix}themes',
  912. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  913. array($_GET['th'], (int) $_REQUEST['u'], 'theme_variant', $_GET['vrt']),
  914. array('id_theme', 'id_member', 'variable')
  915. );
  916. cache_put_data('theme_settings-' . $_GET['th'] . ':' . (int) $_REQUEST['u'], null, 90);
  917. if ($user_info['id'] == $_REQUEST['u'])
  918. $_SESSION['id_variant'] = 0;
  919. }
  920. redirectexit('action=profile;u=' . (int) $_REQUEST['u'] . ';area=theme');
  921. }
  922. }
  923. // Figure out who the member of the minute is, and what theme they've chosen.
  924. if (!isset($_REQUEST['u']) || !allowedTo('admin_forum'))
  925. {
  926. $context['current_member'] = $user_info['id'];
  927. $context['current_theme'] = $user_info['theme'];
  928. }
  929. // Everyone can't chose just one.
  930. elseif ($_REQUEST['u'] == '0')
  931. {
  932. $context['current_member'] = 0;
  933. $context['current_theme'] = 0;
  934. }
  935. // Guests and such...
  936. elseif ($_REQUEST['u'] == '-1')
  937. {
  938. $context['current_member'] = -1;
  939. $context['current_theme'] = $modSettings['theme_guests'];
  940. }
  941. // Someones else :P.
  942. else
  943. {
  944. $context['current_member'] = (int) $_REQUEST['u'];
  945. $request = $smcFunc['db_query']('', '
  946. SELECT id_theme
  947. FROM {db_prefix}members
  948. WHERE id_member = {int:current_member}
  949. LIMIT 1',
  950. array(
  951. 'current_member' => $context['current_member'],
  952. )
  953. );
  954. list ($context['current_theme']) = $smcFunc['db_fetch_row']($request);
  955. $smcFunc['db_free_result']($request);
  956. }
  957. // Get the theme name and descriptions.
  958. $context['available_themes'] = array();
  959. if (!empty($modSettings['knownThemes']))
  960. {
  961. $request = $smcFunc['db_query']('', '
  962. SELECT id_theme, variable, value
  963. FROM {db_prefix}themes
  964. WHERE variable IN ({string:name}, {string:theme_url}, {string:theme_dir}, {string:images_url}, {string:disable_user_variant})' . (!allowedTo('admin_forum') ? '
  965. AND id_theme IN ({array_string:known_themes})' : '') . '
  966. AND id_theme != {int:default_theme}
  967. AND id_member = {int:no_member}',
  968. array(
  969. 'default_theme' => 0,
  970. 'name' => 'name',
  971. 'no_member' => 0,
  972. 'theme_url' => 'theme_url',
  973. 'theme_dir' => 'theme_dir',
  974. 'images_url' => 'images_url',
  975. 'disable_user_variant' => 'disable_user_variant',
  976. 'known_themes' => explode(',', $modSettings['knownThemes']),
  977. )
  978. );
  979. while ($row = $smcFunc['db_fetch_assoc']($request))
  980. {
  981. if (!isset($context['available_themes'][$row['id_theme']]))
  982. $context['available_themes'][$row['id_theme']] = array(
  983. 'id' => $row['id_theme'],
  984. 'selected' => $context['current_theme'] == $row['id_theme'],
  985. 'num_users' => 0
  986. );
  987. $context['available_themes'][$row['id_theme']][$row['variable']] = $row['value'];
  988. }
  989. $smcFunc['db_free_result']($request);
  990. }
  991. // Okay, this is a complicated problem: the default theme is 1, but they aren't allowed to access 1!
  992. if (!isset($context['available_themes'][$modSettings['theme_guests']]))
  993. {
  994. $context['available_themes'][0] = array(
  995. 'num_users' => 0
  996. );
  997. $guest_theme = 0;
  998. }
  999. else
  1000. $guest_theme = $modSettings['theme_guests'];
  1001. $request = $smcFunc['db_query']('', '
  1002. SELECT id_theme, COUNT(*) AS the_count
  1003. FROM {db_prefix}members
  1004. GROUP BY id_theme
  1005. ORDER BY id_theme DESC',
  1006. array(
  1007. )
  1008. );
  1009. while ($row = $smcFunc['db_fetch_assoc']($request))
  1010. {
  1011. // Figure out which theme it is they are REALLY using.
  1012. if (!empty($modSettings['knownThemes']) && !in_array($row['id_theme'], explode(',',$modSettings['knownThemes'])))
  1013. $row['id_theme'] = $guest_theme;
  1014. elseif (empty($modSettings['theme_allow']))
  1015. $row['id_theme'] = $guest_theme;
  1016. if (isset($context['available_themes'][$row['id_theme']]))
  1017. $context['available_themes'][$row['id_theme']]['num_users'] += $row['the_count'];
  1018. else
  1019. $context['available_themes'][$guest_theme]['num_users'] += $row['the_count'];
  1020. }
  1021. $smcFunc['db_free_result']($request);
  1022. // Get any member variant preferences.
  1023. $variant_preferences = array();
  1024. if ($context['current_member'] > 0)
  1025. {
  1026. $request = $smcFunc['db_query']('', '
  1027. SELECT id_theme, value
  1028. FROM {db_prefix}themes
  1029. WHERE variable = {string:theme_variant}
  1030. AND id_member IN ({array_int:id_member})
  1031. ORDER BY id_member ASC',
  1032. array(
  1033. 'theme_variant' => 'theme_variant',
  1034. 'id_member' => isset($_REQUEST['sa']) && $_REQUEST['sa'] == 'pick' ? array(-1, $context['current_member']) : array(-1),
  1035. )
  1036. );
  1037. while ($row = $smcFunc['db_fetch_assoc']($request))
  1038. $variant_preferences[$row['id_theme']] = $row['value'];
  1039. $smcFunc['db_free_result']($request);
  1040. }
  1041. // Save the setting first.
  1042. $current_images_url = $settings['images_url'];
  1043. $current_theme_variants = !empty($settings['theme_variants']) ? $settings['theme_variants'] : array();
  1044. foreach ($context['available_themes'] as $id_theme => $theme_data)
  1045. {
  1046. // Don't try to load the forum or board default theme's data... it doesn't have any!
  1047. if ($id_theme == 0)
  1048. continue;
  1049. // The thumbnail needs the correct path.
  1050. $settings['images_url'] = &$theme_data['images_url'];
  1051. if (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php'))
  1052. include($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php');
  1053. elseif (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php'))
  1054. include($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php');
  1055. else
  1056. {
  1057. $txt['theme_thumbnail_href'] = $theme_data['images_url'] . '/thumbnail.png';
  1058. $txt['theme_description'] = '';
  1059. }
  1060. $context['available_themes'][$id_theme]['thumbnail_href'] = $txt['theme_thumbnail_href'];
  1061. $context['available_themes'][$id_theme]['description'] = $txt['theme_description'];
  1062. // Are there any variants?
  1063. if (file_exists($theme_data['theme_dir'] . '/index.template.php') && empty($theme_data['disable_user_variant']))
  1064. {
  1065. $file_contents = implode('', file($theme_data['theme_dir'] . '/index.template.php'));
  1066. if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
  1067. {
  1068. $settings['theme_variants'] = array();
  1069. // Fill settings up.
  1070. eval('global $settings;' . $matches[0]);
  1071. if (!empty($settings['theme_variants']))
  1072. {
  1073. loadLanguage('Settings');
  1074. $context['available_themes'][$id_theme]['variants'] = array();
  1075. foreach ($settings['theme_variants'] as $variant)
  1076. $context['available_themes'][$id_theme]['variants'][$variant] = array(
  1077. 'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
  1078. 'thumbnail' => !file_exists($theme_data['theme_dir'] . '/images/thumbnail.png') || file_exists($theme_data['theme_dir'] . '/images/thumbnail_' . $variant . '.png') ? $theme_data['images_url'] . '/thumbnail_' . $variant . '.png' : ($theme_data['images_url'] . '/thumbnail.png'),
  1079. );
  1080. $context['available_themes'][$id_theme]['selected_variant'] = isset($_GET['vrt']) ? $_GET['vrt'] : (!empty($variant_preferences[$id_theme]) ? $variant_preferences[$id_theme] : (!empty($settings['default_variant']) ? $settings['default_variant'] : $settings['theme_variants'][0]));
  1081. if (!isset($context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail']))
  1082. $context['available_themes'][$id_theme]['selected_variant'] = $settings['theme_variants'][0];
  1083. $context['available_themes'][$id_theme]['thumbnail_href'] = $context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail'];
  1084. // Allow themes to override the text.
  1085. $context['available_themes'][$id_theme]['pick_label'] = isset($txt['variant_pick']) ? $txt['variant_pick'] : $txt['theme_pick_variant'];
  1086. }
  1087. }
  1088. }
  1089. }
  1090. // Then return it.
  1091. $settings['images_url'] = $current_images_url;
  1092. $settings['theme_variants'] = $current_theme_variants;
  1093. // As long as we're not doing the default theme...
  1094. if (!isset($_REQUEST['u']) || $_REQUEST['u'] >= 0)
  1095. {
  1096. if ($guest_theme != 0)
  1097. $context['available_themes'][0] = $context['available_themes'][$guest_theme];
  1098. $context['available_themes'][0]['id'] = 0;
  1099. $context['available_themes'][0]['name'] = $txt['theme_forum_default'];
  1100. $context['available_themes'][0]['selected'] = $context['current_theme'] == 0;
  1101. $context['available_themes'][0]['description'] = $txt['theme_global_description'];
  1102. }
  1103. ksort($context['available_themes']);
  1104. $context['page_title'] = $txt['theme_pick'];
  1105. $context['sub_template'] = 'pick';
  1106. }
  1107. /**
  1108. * Installs new themes, either from a gzip or copy of the default.
  1109. * - puts themes in $boardurl/Themes.
  1110. * - assumes the gzip has a root directory in it. (ie default.)
  1111. * Requires admin_forum.
  1112. * Accessed with ?action=admin;area=theme;sa=install.
  1113. */
  1114. function ThemeInstall()
  1115. {
  1116. global $sourcedir, $boarddir, $boardurl, $txt, $context, $settings, $modSettings, $smcFunc;
  1117. checkSession('request');
  1118. isAllowedTo('admin_forum');
  1119. checkSession('request');
  1120. require_once($sourcedir . '/Subs-Package.php');
  1121. loadTemplate('Themes');
  1122. if (isset($_GET['theme_id']))
  1123. {
  1124. $result = $smcFunc['db_query']('', '
  1125. SELECT value
  1126. FROM {db_prefix}themes
  1127. WHERE id_theme = {int:current_theme}
  1128. AND id_member = {int:no_member}
  1129. AND variable = {string:name}
  1130. LIMIT 1',
  1131. array(
  1132. 'current_theme' => (int) $_GET['theme_id'],
  1133. 'no_member' => 0,
  1134. 'name' => 'name',
  1135. )
  1136. );
  1137. list ($theme_name) = $smcFunc['db_fetch_row']($result);
  1138. $smcFunc['db_free_result']($result);
  1139. $context['sub_template'] = 'installed';
  1140. $context['page_title'] = $txt['theme_installed'];
  1141. $context['installed_theme'] = array(
  1142. 'id' => (int) $_GET['theme_id'],
  1143. 'name' => $theme_name,
  1144. );
  1145. return;
  1146. }
  1147. if ((!empty($_FILES['theme_gz']) && (!isset($_FILES['theme_gz']['error']) || $_FILES['theme_gz']['error'] != 4)) || !empty($_REQUEST['theme_gz']))
  1148. $method = 'upload';
  1149. elseif (isset($_REQUEST['theme_dir']) && rtrim(realpath($_REQUEST['theme_dir']), '/\\') != realpath($boarddir . '/Themes') && file_exists($_REQUEST['theme_dir']))
  1150. $method = 'path';
  1151. else
  1152. $method = 'copy';
  1153. if (!empty($_REQUEST['copy']) && $method == 'copy')
  1154. {
  1155. // Hopefully the themes directory is writable, or we might have a problem.
  1156. if (!is_writable($boarddir . '/Themes'))
  1157. fatal_lang_error('theme_install_write_error', 'critical');
  1158. $theme_dir = $boarddir . '/Themes/' . preg_replace('~[^A-Za-z0-9_\- ]~', '', $_REQUEST['copy']);
  1159. umask(0);
  1160. mkdir($theme_dir, 0777);
  1161. @set_time_limit(600);
  1162. if (function_exists('apache_reset_timeout'))
  1163. @apache_reset_timeout();
  1164. // Create subdirectories for css and javascript files.
  1165. mkdir($theme_dir . '/css', 0777);
  1166. mkdir($theme_dir . '/scripts', 0777);
  1167. // Copy over the default non-theme files.
  1168. $to_copy = array('/index.php', '/index.template.php', '/css/index.css', '/css/rtl.css', '/scripts/theme.js');
  1169. foreach ($to_copy as $file)
  1170. {
  1171. copy($settings['default_theme_dir'] . $file, $theme_dir . $file);
  1172. @chmod($theme_dir . $file, 0777);
  1173. }
  1174. // And now the entire images directory!
  1175. copytree($settings['default_theme_dir'] . '/images', $theme_dir . '/images');
  1176. package_flush_cache();
  1177. $theme_name = $_REQUEST['copy'];
  1178. $images_url = $boardurl . '/Themes/' . basename($theme_dir) . '/images';
  1179. $theme_dir = realpath($theme_dir);
  1180. // Lets get some data for the new theme.
  1181. $request = $smcFunc['db_query']('', '
  1182. SELECT variable, value
  1183. FROM {db_prefix}themes
  1184. WHERE variable IN ({string:theme_templates}, {string:theme_layers})
  1185. AND id_member = {int:no_member}
  1186. AND id_theme = {int:default_theme}',
  1187. array(
  1188. 'no_member' => 0,
  1189. 'default_theme' => 1,
  1190. 'theme_templates' => 'theme_templates',
  1191. 'theme_layers' => 'theme_layers',
  1192. )
  1193. );
  1194. while ($row = $smcFunc['db_fetch_assoc']($request))
  1195. {
  1196. if ($row['variable'] == 'theme_templates')
  1197. $theme_templates = $row['value'];
  1198. elseif ($row['variable'] == 'theme_layers')
  1199. $theme_layers = $row['value'];
  1200. else
  1201. continue;
  1202. }
  1203. $smcFunc['db_free_result']($request);
  1204. // Lets add a theme_info.xml to this theme.
  1205. $xml_info = '<' . '?xml version="1.0"?' . '>
  1206. <theme-info xmlns="http://www.simplemachines.org/xml/theme-info" xmlns:smf="http://www.simplemachines.org/">
  1207. <!-- For the id, always use something unique - put your name, a colon, and then the package name. -->
  1208. <id>smf:' . $smcFunc['strtolower'](str_replace(array(' '), '_', $_REQUEST['copy'])) . '</id>
  1209. <version>' . $modSettings['smfVersion'] . '</version>
  1210. <!-- Theme name, used purely for aesthetics. -->
  1211. <name>' . $_REQUEST['copy'] . '</name>
  1212. <!-- Author: your email address or contact information. The name attribute is optional. -->
  1213. <author name="Simple Machines">[email protected]</author>
  1214. <!-- Website... where to get updates and more information. -->
  1215. <website>http://www.simplemachines.org/</website>
  1216. <!-- Template layers to use, defaults to "html,body". -->
  1217. <layers>' . (empty($theme_layers) ? 'html,body' : $theme_layers) . '</layers>
  1218. <!-- Templates to load on startup. Default is "index". -->
  1219. <templates>' . (empty($theme_templates) ? 'index' : $theme_templates) . '</templates>
  1220. <!-- Base this theme off another? Default is blank, or no. It could be "default". -->
  1221. <based-on></based-on>
  1222. </theme-info>';
  1223. // Now write it.
  1224. $fp = @fopen($theme_dir . '/theme_info.xml', 'w+');
  1225. if ($fp)
  1226. {
  1227. fwrite($fp, $xml_info);
  1228. fclose($fp);
  1229. }
  1230. }
  1231. elseif (isset($_REQUEST['theme_dir']) && $method == 'path')
  1232. {
  1233. if (!is_dir($_REQUEST['theme_dir']) || !file_exists($_REQUEST['theme_dir'] . '/theme_info.xml'))
  1234. fatal_lang_error('theme_install_error', false);
  1235. $theme_name = basename($_REQUEST['theme_dir']);
  1236. $theme_dir = $_REQUEST['theme_dir'];
  1237. }
  1238. elseif ($method = 'upload')
  1239. {
  1240. // Hopefully the themes directory is writable, or we might have a problem.
  1241. if (!is_writable($boarddir . '/Themes'))
  1242. fatal_lang_error('theme_install_write_error', 'critical');
  1243. // This happens when the admin session is gone and the user has to login again
  1244. if (empty($_FILES['theme_gz']) && empty($_REQUEST['theme_gz']))
  1245. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  1246. // Set the default settings...
  1247. $theme_name = strtok(basename(isset($_FILES['theme_gz']) ? $_FILES['theme_gz']['name'] : $_REQUEST['theme_gz']), '.');
  1248. $theme_name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $theme_name);
  1249. $theme_dir = $boarddir . '/Themes/' . $theme_name;
  1250. if (isset($_FILES['theme_gz']) && is_uploaded_file($_FILES['theme_gz']['tmp_name']) && (ini_get('open_basedir') != '' || file_exists($_FILES['theme_gz']['tmp_name'])))
  1251. $extracted = read_tgz_file($_FILES['theme_gz']['tmp_name'], $boarddir . '/Themes/' . $theme_name, false, true);
  1252. elseif (isset($_REQUEST['theme_gz']))
  1253. {
  1254. // Check that the theme is from simplemachines.org, for now... maybe add mirroring later.
  1255. if (preg_match('~^http://[\w_\-]+\.simplemachines\.org/~', $_REQUEST['theme_gz']) == 0 || strpos($_REQUEST['theme_gz'], 'dlattach') !== false)
  1256. fatal_lang_error('not_on_simplemachines');
  1257. $extracted = read_tgz_file($_REQUEST['theme_gz'], $boarddir . '/Themes/' . $theme_name, false, true);
  1258. }
  1259. else
  1260. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  1261. }
  1262. // Something go wrong?
  1263. if ($theme_dir != '' && basename($theme_dir) != 'Themes')
  1264. {
  1265. // Defaults.
  1266. $install_info = array(
  1267. 'theme_url' => $boardurl . '/Themes/' . basename($theme_dir),
  1268. 'images_url' => isset($images_url) ? $images_url : $boardurl . '/Themes/' . basename($theme_dir) . '/images',
  1269. 'theme_dir' => $theme_dir,
  1270. 'name' => $theme_name
  1271. );
  1272. if (file_exists($theme_dir . '/theme_info.xml'))
  1273. {
  1274. $theme_info = file_get_contents($theme_dir . '/theme_info.xml');
  1275. // Parse theme-info.xml into an xmlArray.
  1276. require_once($sourcedir . '/Class-Package.php');
  1277. $theme_info_xml = new xmlArray($theme_info);
  1278. // @todo Error message of some sort?
  1279. if (!$theme_info_xml->exists('theme-info[0]'))
  1280. return 'package_get_error_packageinfo_corrupt';
  1281. $theme_info_xml = $theme_info_xml->path('theme-info[0]');
  1282. $theme_info_xml = $theme_info_xml->to_array();
  1283. $xml_elements = array(
  1284. 'name' => 'name',
  1285. 'theme_layers' => 'layers',
  1286. 'theme_templates' => 'templates',
  1287. 'based_on' => 'based-on',
  1288. );
  1289. foreach ($xml_elements as $var => $name)
  1290. {
  1291. if (!empty($theme_info_xml[$name]))
  1292. $install_info[$var] = $theme_info_xml[$name];
  1293. }
  1294. if (!empty($theme_info_xml['images']))
  1295. {
  1296. $install_info['images_url'] = $install_info['theme_url'] . '/' . $theme_info_xml['images'];
  1297. $explicit_images = true;
  1298. }
  1299. if (!empty($theme_info_xml['extra']))
  1300. $install_info += unserialize($theme_info_xml['extra']);
  1301. }
  1302. if (isset($install_info['based_on']))
  1303. {
  1304. if ($install_info['based_on'] == 'default')
  1305. {
  1306. $install_info['theme_url'] = $settings['default_theme_url'];
  1307. $install_info['images_url'] = $settings['default_images_url'];
  1308. }
  1309. elseif ($install_info['based_on'] != '')
  1310. {
  1311. $install_info['based_on'] = preg_replace('~[^A-Za-z0-9\-_ ]~', '', $install_info['based_on']);
  1312. $request = $smcFunc['db_query']('', '
  1313. SELECT th.value AS base_theme_dir, th2.value AS base_theme_url' . (!empty($explicit_images) ? '' : ', th3.value AS images_url') . '
  1314. FROM {db_prefix}themes AS th
  1315. INNER JOIN {db_prefix}themes AS th2 ON (th2.id_theme = th.id_theme
  1316. AND th2.id_member = {int:no_member}
  1317. AND th2.variable = {string:theme_url})' . (!empty($explicit_images) ? '' : '
  1318. INNER JOIN {db_prefix}themes AS th3 ON (th3.id_theme = th.id_theme
  1319. AND th3.id_member = {int:no_member}
  1320. AND th3.variable = {string:images_url})') . '
  1321. WHERE th.id_member = {int:no_member}
  1322. AND (th.value LIKE {string:based_on} OR th.value LIKE {string:based_on_path})
  1323. AND th.variable = {string:theme_dir}
  1324. LIMIT 1',
  1325. array(
  1326. 'no_member' => 0,
  1327. 'theme_url' => 'theme_url',
  1328. 'images_url' => 'images_url',
  1329. 'theme_dir' => 'theme_dir',
  1330. 'based_on' => '%/' . $install_info['based_on'],
  1331. 'based_on_path' => '%' . "\\" . $install_info['based_on'],
  1332. )
  1333. );
  1334. $temp = $smcFunc['db_fetch_assoc']($request);
  1335. $smcFunc['db_free_result']($request);
  1336. // @todo An error otherwise?
  1337. if (is_array($temp))
  1338. {
  1339. $install_info = $temp + $install_info;
  1340. if (empty($explicit_images) && !empty($install_info['base_theme_url']))
  1341. $install_info['theme_url'] = $install_info['base_theme_url'];
  1342. }
  1343. }
  1344. unset($install_info['based_on']);
  1345. }
  1346. // Find the newest id_theme.
  1347. $result = $smcFunc['db_query']('', '
  1348. SELECT MAX(id_theme)
  1349. FROM {db_prefix}themes',
  1350. array(
  1351. )
  1352. );
  1353. list ($id_theme) = $smcFunc['db_fetch_row']($result);
  1354. $smcFunc['db_free_result']($result);
  1355. // This will be theme number...
  1356. $id_theme++;
  1357. $inserts = array();
  1358. foreach ($install_info as $var => $val)
  1359. $inserts[] = array($id_theme, $var, $val);
  1360. if (!empty($inserts))
  1361. $smcFunc['db_insert']('insert',
  1362. '{db_prefix}themes',
  1363. array('id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  1364. $inserts,
  1365. array('id_theme', 'variable')
  1366. );
  1367. updateSettings(array('knownThemes' => strtr($modSettings['knownThemes'] . ',' . $id_theme, array(',,' => ','))));
  1368. }
  1369. redirectexit('action=admin;area=theme;sa=install;theme_id=' . $id_theme . ';' . $context['session_var'] . '=' . $context['session_id']);
  1370. }
  1371. /**
  1372. * Possibly the simplest and best example of how to use the template system.
  1373. * - allows the theme to take care of actions.
  1374. * - happens if $settings['catch_action'] is set and action isn't found
  1375. * in the action array.
  1376. * - can use a template, layers, sub_template, filename, and/or function.
  1377. * @todo look at this
  1378. */
  1379. function WrapAction()
  1380. {
  1381. global $context, $settings, $sourcedir;
  1382. // Load any necessary template(s)?
  1383. if (isset($settings['catch_action']['template']))
  1384. {
  1385. // Load both the template and language file. (but don't fret if the language file isn't there...)
  1386. loadTemplate($settings['catch_action']['template']);
  1387. loadLanguage($settings['catch_action']['template'], '', false);
  1388. }
  1389. // Any special layers?
  1390. if (isset($settings['catch_action']['layers']))
  1391. $context['template_layers'] = $settings['catch_action']['layers'];
  1392. // Just call a function?
  1393. if (isset($settings['catch_action']['function']))
  1394. {
  1395. if (isset($settings['catch_action']['filename']))
  1396. template_include($sourcedir . '/' . $settings['catch_action']['filename'], true);
  1397. $settings['catch_action']['function']();
  1398. }
  1399. // And finally, the main sub template ;).
  1400. elseif (isset($settings['catch_action']['sub_template']))
  1401. $context['sub_template'] = $settings['catch_action']['sub_template'];
  1402. }
  1403. /**
  1404. * Set an option via javascript.
  1405. * - sets a theme option without outputting anything.
  1406. * - can be used with javascript, via a dummy image... (which doesn't require
  1407. * the page to reload.)
  1408. * - requires someone who is logged in.
  1409. * - accessed via ?action=jsoption;var=variable;val=value;session_var=sess_id.
  1410. * - does not log access to the Who's Online log. (in index.php..)
  1411. */
  1412. function SetJavaScript()
  1413. {
  1414. global $settings, $user_info, $smcFunc, $options;
  1415. // Check the session id.
  1416. checkSession('get');
  1417. // This good-for-nothing pixel is being used to keep the session alive.
  1418. if (empty($_GET['var']) || !isset($_GET['val']))
  1419. redirectexit($settings['images_url'] . '/blank.png');
  1420. // Sorry, guests can't go any further than this..
  1421. if ($user_info['is_guest'] || $user_info['id'] == 0)
  1422. obExit(false);
  1423. $reservedVars = array(
  1424. 'actual_theme_url',
  1425. 'actual_images_url',
  1426. 'base_theme_dir',
  1427. 'base_theme_url',
  1428. 'default_images_url',
  1429. 'default_theme_dir',
  1430. 'default_theme_url',
  1431. 'default_template',
  1432. 'images_url',
  1433. 'number_recent_posts',
  1434. 'smiley_sets_default',
  1435. 'theme_dir',
  1436. 'theme_id',
  1437. 'theme_layers',
  1438. 'theme_templates',
  1439. 'theme_url',
  1440. 'name',
  1441. );
  1442. // Can't change reserved vars.
  1443. if (in_array(strtolower($_GET['var']), $reservedVars))
  1444. redirectexit($settings['images_url'] . '/blank.png');
  1445. // Use a specific theme?
  1446. if (isset($_GET['th']) || isset($_GET['id']))
  1447. {
  1448. // Invalidate the current themes cache too.
  1449. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 60);
  1450. $settings['theme_id'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  1451. }
  1452. // If this is the admin preferences the passed value will just be an element of it.
  1453. if ($_GET['var'] == 'admin_preferences')
  1454. {
  1455. $options['admin_preferences'] = !empty($options['admin_preferences']) ? unserialize($options['admin_preferences']) : array();
  1456. // New thingy...
  1457. if (isset($_GET['admin_key']) && strlen($_GET['admin_key']) < 5)
  1458. $options['admin_preferences'][$_GET['admin_key']] = $_GET['val'];
  1459. // Change the value to be something nice,
  1460. $_GET['val'] = serialize($options['admin_preferences']);
  1461. }
  1462. // Update the option.
  1463. $smcFunc['db_insert']('replace',
  1464. '{db_prefix}themes',
  1465. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  1466. array($settings['theme_id'], $user_info['id'], $_GET['var'], is_array($_GET['val']) ? implode(',', $_GET['val']) : $_GET['val']),
  1467. array('id_theme', 'id_member', 'variable')
  1468. );
  1469. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 60);
  1470. // Don't output anything...
  1471. redirectexit($settings['images_url'] . '/blank.png');
  1472. }
  1473. /**
  1474. * Shows an interface for editing the templates.
  1475. * - uses the Themes template and edit_template/edit_style sub template.
  1476. * - accessed via ?action=admin;area=theme;sa=edit
  1477. */
  1478. function EditTheme()
  1479. {
  1480. global $context, $settings, $scripturl, $boarddir, $smcFunc;
  1481. // @todo Should this be removed?
  1482. if (isset($_REQUEST['preview']))
  1483. die('die() with fire');
  1484. isAllowedTo('admin_forum');
  1485. loadTemplate('Themes');
  1486. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) @$_GET['id'];
  1487. if (empty($_GET['th']))
  1488. {
  1489. $request = $smcFunc['db_query']('', '
  1490. SELECT id_theme, variable, value
  1491. FROM {db_prefix}themes
  1492. WHERE variable IN ({string:name}, {string:theme_dir}, {string:theme_templates}, {string:theme_layers})
  1493. AND id_member = {int:no_member}',
  1494. array(
  1495. 'name' => 'name',
  1496. 'theme_dir' => 'theme_dir',
  1497. 'theme_templates' => 'theme_templates',
  1498. 'theme_layers' => 'theme_layers',
  1499. 'no_member' => 0,
  1500. )
  1501. );
  1502. $context['themes'] = array();
  1503. while ($row = $smcFunc['db_fetch_assoc']($request))
  1504. {
  1505. if (!isset($context['themes'][$row['id_theme']]))
  1506. $context['themes'][$row['id_theme']] = array(
  1507. 'id' => $row['id_theme'],
  1508. 'num_default_options' => 0,
  1509. 'num_members' => 0,
  1510. );
  1511. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  1512. }
  1513. $smcFunc['db_free_result']($request);
  1514. foreach ($context['themes'] as $key => $theme)
  1515. {
  1516. // There has to be a Settings template!
  1517. if (!file_exists($theme['theme_dir'] . '/index.template.php') && !file_exists($theme['theme_dir'] . '/css/index.css'))
  1518. unset($context['themes'][$key]);
  1519. else
  1520. {
  1521. if (!isset($theme['theme_templates']))
  1522. $templates = array('index');
  1523. else
  1524. $templates = explode(',', $theme['theme_templates']);
  1525. foreach ($templates as $template)
  1526. if (file_exists($theme['theme_dir'] . '/' . $template . '.template.php'))
  1527. {
  1528. // Fetch the header... a good 256 bytes should be more than enough.
  1529. $fp = fopen($theme['theme_dir'] . '/' . $template . '.template.php', 'rb');
  1530. $header = fread($fp, 256);
  1531. fclose($fp);
  1532. // Can we find a version comment, at all?
  1533. if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
  1534. {
  1535. $ver = $match[1];
  1536. if (!isset($context['themes'][$key]['version']) || $context['themes'][$key]['version'] > $ver)
  1537. $context['themes'][$key]['version'] = $ver;
  1538. }
  1539. }
  1540. $context['themes'][$key]['can_edit_style'] = file_exists($theme['theme_dir'] . '/css/index.css');
  1541. }
  1542. }
  1543. $context['sub_template'] = 'edit_list';
  1544. return 'no_themes';
  1545. }
  1546. $context['session_error'] = false;
  1547. // Get the directory of the theme we are editing.
  1548. $request = $smcFunc['db_query']('', '
  1549. SELECT value, id_theme
  1550. FROM {db_prefix}themes
  1551. WHERE variable = {string:theme_dir}
  1552. AND id_theme = {int:current_theme}
  1553. LIMIT 1',
  1554. array(
  1555. 'current_theme' => $_GET['th'],
  1556. 'theme_dir' => 'theme_dir',
  1557. )
  1558. );
  1559. list ($theme_dir, $context['theme_id']) = $smcFunc['db_fetch_row']($request);
  1560. $smcFunc['db_free_result']($request);
  1561. if (!isset($_REQUEST['filename']))
  1562. {
  1563. if (isset($_GET['directory']))
  1564. {
  1565. if (substr($_GET['directory'], 0, 1) == '.')
  1566. $_GET['directory'] = '';
  1567. else
  1568. {
  1569. $_GET['directory'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_GET['directory']);
  1570. $temp = realpath($theme_dir . '/' . $_GET['directory']);
  1571. if (empty($temp) || substr($temp, 0, strlen(realpath($theme_dir))) != realpath($theme_dir))
  1572. $_GET['directory'] = '';
  1573. }
  1574. }
  1575. if (isset($_GET['directory']) && $_GET['directory'] != '')
  1576. {
  1577. $context['theme_files'] = get_file_listing($theme_dir . '/' . $_GET['directory'], $_GET['directory'] . '/');
  1578. $temp = dirname($_GET['directory']);
  1579. array_unshift($context['theme_files'], array(
  1580. 'filename' => $temp == '.' || $temp == '' ? '/ (..)' : $temp . ' (..)',
  1581. 'is_writable' => is_writable($theme_dir . '/' . $temp),
  1582. 'is_directory' => true,
  1583. 'is_template' => false,
  1584. 'is_image' => false,
  1585. 'is_editable' => false,
  1586. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $temp,
  1587. 'size' => '',
  1588. ));
  1589. }
  1590. else
  1591. $context['theme_files'] = get_file_listing($theme_dir, '');
  1592. $context['sub_template'] = 'edit_browse';
  1593. return;
  1594. }
  1595. else
  1596. {
  1597. if (substr($_REQUEST['filename'], 0, 1) == '.')
  1598. $_REQUEST['filename'] = '';
  1599. else
  1600. {
  1601. $_REQUEST['filename'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_REQUEST['filename']);
  1602. $temp = realpath($theme_dir . '/' . $_REQUEST['filename']);
  1603. if (empty($temp) || substr($temp, 0, strlen(realpath($theme_dir))) != realpath($theme_dir))
  1604. $_REQUEST['filename'] = '';
  1605. }
  1606. if (empty($_REQUEST['filename']))
  1607. fatal_lang_error('theme_edit_missing', false);
  1608. }
  1609. if (isset($_POST['save']))
  1610. {
  1611. if (checkSession('post', '', false) == '' && validateToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']), 'post', false) == true)
  1612. {
  1613. if (is_array($_POST['entire_file']))
  1614. $_POST['entire_file'] = implode("\n", $_POST['entire_file']);
  1615. $_POST['entire_file'] = rtrim(strtr($_POST['entire_file'], array("\r" => '', ' ' => "\t")));
  1616. // Check for a parse error!
  1617. if (substr($_REQUEST['filename'], -13) == '.template.php' && is_writable($theme_dir) && ini_get('display_errors'))
  1618. {
  1619. $request = $smcFunc['db_query']('', '
  1620. SELECT value
  1621. FROM {db_prefix}themes
  1622. WHERE variable = {string:theme_url}
  1623. AND id_theme = {int:current_theme}
  1624. LIMIT 1',
  1625. array(
  1626. 'current_theme' => $_GET['th'],
  1627. 'theme_url' => 'theme_url',
  1628. )
  1629. );
  1630. list ($theme_url) = $smcFunc['db_fetch_row']($request);
  1631. $smcFunc['db_free_result']($request);
  1632. $fp = fopen($theme_dir . '/tmp_' . session_id() . '.php', 'w');
  1633. fwrite($fp, $_POST['entire_file']);
  1634. fclose($fp);
  1635. $error = @file_get_contents($theme_url . '/tmp_' . session_id() . '.php');
  1636. if (preg_match('~ <b>(\d+)</b><br( /)?' . '>$~i', $error) != 0)
  1637. $error_file = $theme_dir . '/tmp_' . session_id() . '.php';
  1638. else
  1639. unlink($theme_dir . '/tmp_' . session_id() . '.php');
  1640. }
  1641. if (!isset($error_file))
  1642. {
  1643. $fp = fopen($theme_dir . '/' . $_REQUEST['filename'], 'w');
  1644. fwrite($fp, $_POST['entire_file']);
  1645. fclose($fp);
  1646. redirectexit('action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . dirname($_REQUEST['filename']));
  1647. }
  1648. }
  1649. // Session timed out.
  1650. else
  1651. {
  1652. loadLanguage('Errors');
  1653. $context['session_error'] = true;
  1654. $context['sub_template'] = 'edit_file';
  1655. // Recycle the submitted data.
  1656. if (is_array($_POST['entire_file']))
  1657. $context['entire_file'] = htmlspecialchars(implode("\n", $_POST['entire_file']));
  1658. else
  1659. $context['entire_file'] = htmlspecialchars($_POST['entire_file']);
  1660. $context['edit_filename'] = htmlspecialchars($_POST['filename']);
  1661. // You were able to submit it, so it's reasonable to assume you are allowed to save.
  1662. $context['allow_save'] = true;
  1663. return;
  1664. }
  1665. }
  1666. $context['allow_save'] = is_writable($theme_dir . '/' . $_REQUEST['filename']);
  1667. $context['allow_save_filename'] = strtr($theme_dir . '/' . $_REQUEST['filename'], array($boarddir => '...'));
  1668. $context['edit_filename'] = htmlspecialchars($_REQUEST['filename']);
  1669. if (substr($_REQUEST['filename'], -4) == '.css')
  1670. {
  1671. $context['sub_template'] = 'edit_style';
  1672. $context['entire_file'] = htmlspecialchars(strtr(file_get_contents($theme_dir . '/' . $_REQUEST['filename']), array("\t" => ' ')));
  1673. }
  1674. elseif (substr($_REQUEST['filename'], -13) == '.template.php')
  1675. {
  1676. $context['sub_template'] = 'edit_template';
  1677. if (!isset($error_file))
  1678. $file_data = file($theme_dir . '/' . $_REQUEST['filename']);
  1679. else
  1680. {
  1681. if (preg_match('~(<b>.+?</b>:.+?<b>).+?(</b>.+?<b>\d+</b>)<br( /)?' . '>$~i', $error, $match) != 0)
  1682. $context['parse_error'] = $match[1] . $_REQUEST['filename'] . $match[2];
  1683. $file_data = file($error_file);
  1684. unlink($error_file);
  1685. }
  1686. $j = 0;
  1687. $context['file_parts'] = array(array('lines' => 0, 'line' => 1, 'data' => ''));
  1688. for ($i = 0, $n = count($file_data); $i < $n; $i++)
  1689. {
  1690. if (isset($file_data[$i + 1]) && substr($file_data[$i + 1], 0, 9) == 'function ')
  1691. {
  1692. // Try to format the functions a little nicer...
  1693. $context['file_parts'][$j]['data'] = trim($context['file_parts'][$j]['data']) . "\n";
  1694. if (empty($context['file_parts'][$j]['lines']))
  1695. unset($context['file_parts'][$j]);
  1696. $context['file_parts'][++$j] = array('lines' => 0, 'line' => $i + 1, 'data' => '');
  1697. }
  1698. $context['file_parts'][$j]['lines']++;
  1699. $context['file_parts'][$j]['data'] .= htmlspecialchars(strtr($file_data[$i], array("\t" => ' ')));
  1700. }
  1701. $context['entire_file'] = htmlspecialchars(strtr(implode('', $file_data), array("\t" => ' ')));
  1702. }
  1703. else
  1704. {
  1705. $context['sub_template'] = 'edit_file';
  1706. $context['entire_file'] = htmlspecialchars(strtr(file_get_contents($theme_dir . '/' . $_REQUEST['filename']), array("\t" => ' ')));
  1707. }
  1708. // Create a special token to allow editing of multiple files.
  1709. createToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']));
  1710. }
  1711. function get_file_listing($path, $relative)
  1712. {
  1713. global $scripturl, $txt, $context;
  1714. // Is it even a directory?
  1715. if (!is_dir($path))
  1716. fatal_lang_error('error_invalid_dir', 'critical');
  1717. $dir = dir($path);
  1718. $entries = array();
  1719. while ($entry = $dir->read())
  1720. $entries[] = $entry;
  1721. $dir->close();
  1722. natcasesort($entries);
  1723. $listing1 = array();
  1724. $listing2 = array();
  1725. foreach ($entries as $entry)
  1726. {
  1727. // Skip all dot files, including .htaccess.
  1728. if (substr($entry, 0, 1) == '.' || $entry == 'CVS')
  1729. continue;
  1730. if (is_dir($path . '/' . $entry))
  1731. $listing1[] = array(
  1732. 'filename' => $entry,
  1733. 'is_writable' => is_writable($path . '/' . $entry),
  1734. 'is_directory' => true,
  1735. 'is_template' => false,
  1736. 'is_image' => false,
  1737. 'is_editable' => false,
  1738. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $relative . $entry,
  1739. 'size' => '',
  1740. );
  1741. else
  1742. {
  1743. $size = filesize($path . '/' . $entry);
  1744. if ($size > 2048 || $size == 1024)
  1745. $size = comma_format($size / 1024) . ' ' . $txt['themeadmin_edit_kilobytes'];
  1746. else
  1747. $size = comma_format($size) . ' ' . $txt['themeadmin_edit_bytes'];
  1748. $listing2[] = array(
  1749. 'filename' => $entry,
  1750. 'is_writable' => is_writable($path . '/' . $entry),
  1751. 'is_directory' => false,
  1752. 'is_template' => preg_match('~\.template\.php$~', $entry) != 0,
  1753. 'is_image' => preg_match('~\.(jpg|jpeg|gif|bmp|png)$~', $entry) != 0,
  1754. 'is_editable' => is_writable($path . '/' . $entry) && preg_match('~\.(php|pl|css|js|vbs|xml|xslt|txt|xsl|html|htm|shtm|shtml|asp|aspx|cgi|py)$~', $entry) != 0,
  1755. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;filename=' . $relative . $entry,
  1756. 'size' => $size,
  1757. 'last_modified' => timeformat(filemtime($path . '/' . $entry)),
  1758. );
  1759. }
  1760. }
  1761. return array_merge($listing1, $listing2);
  1762. }
  1763. function CopyTemplate()
  1764. {
  1765. global $context, $settings, $smcFunc;
  1766. isAllowedTo('admin_forum');
  1767. loadTemplate('Themes');
  1768. $context[$context['admin_menu_name']]['current_subsection'] = 'edit';
  1769. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  1770. $request = $smcFunc['db_query']('', '
  1771. SELECT th1.value, th1.id_theme, th2.value
  1772. FROM {db_prefix}themes AS th1
  1773. LEFT JOIN {db_prefix}themes AS th2 ON (th2.variable = {string:base_theme_dir} AND th2.id_theme = {int:current_theme})
  1774. WHERE th1.variable = {string:theme_dir}
  1775. AND th1.id_theme = {int:current_theme}
  1776. LIMIT 1',
  1777. array(
  1778. 'current_theme' => $_GET['th'],
  1779. 'base_theme_dir' => 'base_theme_dir',
  1780. 'theme_dir' => 'theme_dir',
  1781. )
  1782. );
  1783. list ($theme_dir, $context['theme_id'], $base_theme_dir) = $smcFunc['db_fetch_row']($request);
  1784. $smcFunc['db_free_result']($request);
  1785. if (isset($_REQUEST['template']) && preg_match('~[\./\\\\:\0]~', $_REQUEST['template']) == 0)
  1786. {
  1787. if (!empty($base_theme_dir) && file_exists($base_theme_dir . '/' . $_REQUEST['template'] . '.template.php'))
  1788. $filename = $base_theme_dir . '/' . $_REQUEST['template'] . '.template.php';
  1789. elseif (file_exists($settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php'))
  1790. $filename = $settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php';
  1791. else
  1792. fatal_lang_error('no_access', false);
  1793. $fp = fopen($theme_dir . '/' . $_REQUEST['template'] . '.template.php', 'w');
  1794. fwrite($fp, file_get_contents($filename));
  1795. fclose($fp);
  1796. redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
  1797. }
  1798. elseif (isset($_REQUEST['lang_file']) && preg_match('~^[^\./\\\\:\0]\.[^\./\\\\:\0]$~', $_REQUEST['lang_file']) != 0)
  1799. {
  1800. if (!empty($base_theme_dir) && file_exists($base_theme_dir . '/languages/' . $_REQUEST['lang_file'] . '.php'))
  1801. $filename = $base_theme_dir . '/languages/' . $_REQUEST['template'] . '.php';
  1802. elseif (file_exists($settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php'))
  1803. $filename = $settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php';
  1804. else
  1805. fatal_lang_error('no_access', false);
  1806. $fp = fopen($theme_dir . '/languages/' . $_REQUEST['lang_file'] . '.php', 'w');
  1807. fwrite($fp, file_get_contents($filename));
  1808. fclose($fp);
  1809. redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
  1810. }
  1811. $templates = array();
  1812. $lang_files = array();
  1813. $dir = dir($settings['default_theme_dir']);
  1814. while ($entry = $dir->read())
  1815. {
  1816. if (substr($entry, -13) == '.template.php')
  1817. $templates[] = substr($entry, 0, -13);
  1818. }
  1819. $dir->close();
  1820. $dir = dir($settings['default_theme_dir'] . '/languages');
  1821. while ($entry = $dir->read())
  1822. {
  1823. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches))
  1824. $lang_files[] = $matches[1];
  1825. }
  1826. $dir->close();
  1827. if (!empty($base_theme_dir))
  1828. {
  1829. $dir = dir($base_theme_dir);
  1830. while ($entry = $dir->read())
  1831. {
  1832. if (substr($entry, -13) == '.template.php' && !in_array(substr($entry, 0, -13), $templates))
  1833. $templates[] = substr($entry, 0, -13);
  1834. }
  1835. $dir->close();
  1836. if (file_exists($base_theme_dir . '/languages'))
  1837. {
  1838. $dir = dir($base_theme_dir . '/languages');
  1839. while ($entry = $dir->read())
  1840. {
  1841. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches) && !in_array($matches[1], $lang_files))
  1842. $lang_files[] = $matches[1];
  1843. }
  1844. $dir->close();
  1845. }
  1846. }
  1847. natcasesort($templates);
  1848. natcasesort($lang_files);
  1849. $context['available_templates'] = array();
  1850. foreach ($templates as $template)
  1851. $context['available_templates'][$template] = array(
  1852. 'filename' => $template . '.template.php',
  1853. 'value' => $template,
  1854. 'already_exists' => false,
  1855. 'can_copy' => is_writable($theme_dir),
  1856. );
  1857. $context['available_language_files'] = array();
  1858. foreach ($lang_files as $file)
  1859. $context['available_language_files'][$file] = array(
  1860. 'filename' => $file . '.php',
  1861. 'value' => $file,
  1862. 'already_exists' => false,
  1863. 'can_copy' => file_exists($theme_dir . '/languages') ? is_writable($theme_dir . '/languages') : is_writable($theme_dir),
  1864. );
  1865. $dir = dir($theme_dir);
  1866. while ($entry = $dir->read())
  1867. {
  1868. if (substr($entry, -13) == '.template.php' && isset($context['available_templates'][substr($entry, 0, -13)]))
  1869. {
  1870. $context['available_templates'][substr($entry, 0, -13)]['already_exists'] = true;
  1871. $context['available_templates'][substr($entry, 0, -13)]['can_copy'] = is_writable($theme_dir . '/' . $entry);
  1872. }
  1873. }
  1874. $dir->close();
  1875. if (file_exists($theme_dir . '/languages'))
  1876. {
  1877. $dir = dir($theme_dir . '/languages');
  1878. while ($entry = $dir->read())
  1879. {
  1880. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches) && isset($context['available_language_files'][$matches[1]]))
  1881. {
  1882. $context['available_language_files'][$matches[1]]['already_exists'] = true;
  1883. $context['available_language_files'][$matches[1]]['can_copy'] = is_writable($theme_dir . '/languages/' . $entry);
  1884. }
  1885. }
  1886. $dir->close();
  1887. }
  1888. $context['sub_template'] = 'copy_template';
  1889. }
  1890. ?>