Themes.php 64 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966
  1. <?php
  2. /**
  3. * This file concerns itself almost completely with theme administration.
  4. * Its tasks include changing theme settings, installing and removing
  5. * themes, choosing the current theme, and editing themes.
  6. *
  7. * @todo Update this for the new package manager?
  8. *
  9. * Creating and distributing theme packages:
  10. * There isn't that much required to package and distribute your own themes...
  11. * just do the following:
  12. * - create a theme_info.xml file, with the root element theme-info.
  13. * - its name should go in a name element, just like description.
  14. * - your name should go in author. (email in the email attribute.)
  15. * - any support website for the theme should be in website.
  16. * - layers and templates (non-default) should go in those elements ;).
  17. * - if the images dir isn't images, specify in the images element.
  18. * - any extra rows for themes should go in extra, serialized. (as in array(variable => value).)
  19. * - tar and gzip the directory - and you're done!
  20. * - please include any special license in a license.txt file.
  21. *
  22. * Simple Machines Forum (SMF)
  23. *
  24. * @package SMF
  25. * @author Simple Machines http://www.simplemachines.org
  26. * @copyright 2013 Simple Machines and individual contributors
  27. * @license http://www.simplemachines.org/about/smf/license.php BSD
  28. *
  29. * @version 2.1 Alpha 1
  30. */
  31. if (!defined('SMF'))
  32. die('No direct access...');
  33. /**
  34. * Subaction handler - manages the action and delegates control to the proper
  35. * sub-action.
  36. * It loads both the Themes and Settings language files.
  37. * Checks the session by GET or POST to verify the sent data.
  38. * Requires the user not be a guest. (@todo what?)
  39. * Accessed via ?action=admin;area=theme.
  40. */
  41. function ThemesMain()
  42. {
  43. global $txt, $context, $scripturl, $sourcedir;
  44. // Load the important language files...
  45. loadLanguage('Themes');
  46. loadLanguage('Settings');
  47. loadLanguage('Drafts');
  48. // No funny business - guests only.
  49. is_not_guest();
  50. require_once($sourcedir . '/Subs-Themes.php');
  51. // Default the page title to Theme Administration by default.
  52. $context['page_title'] = $txt['themeadmin_title'];
  53. // Theme administration, removal, choice, or installation...
  54. $subActions = array(
  55. 'admin' => 'ThemeAdmin',
  56. 'list' => 'ThemeList',
  57. 'reset' => 'SetThemeOptions',
  58. 'options' => 'SetThemeOptions',
  59. 'install' => 'ThemeInstall',
  60. 'remove' => 'RemoveTheme',
  61. 'pick' => 'PickTheme',
  62. 'edit' => 'EditTheme',
  63. 'enable' => 'EnableTheme',
  64. 'copy' => 'CopyTemplate',
  65. );
  66. // @todo Layout Settings?
  67. if (!empty($context['admin_menu_name']))
  68. {
  69. $context[$context['admin_menu_name']]['tab_data'] = array(
  70. 'title' => $txt['themeadmin_title'],
  71. 'help' => 'themes',
  72. 'description' => $txt['themeadmin_description'],
  73. 'tabs' => array(
  74. 'admin' => array(
  75. 'description' => $txt['themeadmin_admin_desc'],
  76. ),
  77. 'list' => array(
  78. 'description' => $txt['themeadmin_list_desc'],
  79. ),
  80. 'reset' => array(
  81. 'description' => $txt['themeadmin_reset_desc'],
  82. ),
  83. 'edit' => array(
  84. 'description' => $txt['themeadmin_edit_desc'],
  85. ),
  86. ),
  87. );
  88. }
  89. // Follow the sa or just go to administration.
  90. if (isset($_GET['sa']) && !empty($subActions[$_GET['sa']]))
  91. $subActions[$_GET['sa']]();
  92. else
  93. $subActions['admin']();
  94. }
  95. /**
  96. * This function allows administration of themes and their settings,
  97. * as well as global theme settings.
  98. * - sets the settings theme_allow, theme_guests, and knownThemes.
  99. * - requires the admin_forum permission.
  100. * - accessed with ?action=admin;area=theme;sa=admin.
  101. *
  102. * @uses Themes template
  103. * @uses Admin language file
  104. */
  105. function ThemeAdmin()
  106. {
  107. global $context, $boarddir, $modSettings, $smcFunc;
  108. loadLanguage('Admin');
  109. isAllowedTo('admin_forum');
  110. loadTemplate('Themes');
  111. // List all installed and enabled themes.
  112. get_all_themes(true);
  113. // Can we create a new theme?
  114. $context['can_create_new'] = is_writable($boarddir . '/Themes');
  115. $context['new_theme_dir'] = substr(realpath($boarddir . '/Themes/default'), 0, -7);
  116. // Look for a non existent theme directory. (ie theme87.)
  117. $theme_dir = $boarddir . '/Themes/theme';
  118. $i = 1;
  119. while (file_exists($theme_dir . $i))
  120. $i++;
  121. $context['new_theme_name'] = 'theme' . $i;
  122. // A bunch of tokens for a bunch of forms.
  123. createToken('admin-tm');
  124. createToken('admin-t-file');
  125. createToken('admin-t-copy');
  126. createToken('admin-t-dir');
  127. // Are handling any settings?
  128. if (isset($_POST['save']))
  129. {
  130. checkSession();
  131. validateToken('admin-tm');
  132. if (isset($_POST['options']['known_themes']))
  133. foreach ($_POST['options']['known_themes'] as $key => $id)
  134. $_POST['options']['known_themes'][$key] = (int) $id;
  135. else
  136. fatal_lang_error('themes_none_selectable', false);
  137. if (!in_array($_POST['options']['theme_guests'], $_POST['options']['known_themes']))
  138. fatal_lang_error('themes_default_selectable', false);
  139. // Commit the new settings.
  140. updateSettings(array(
  141. 'theme_allow' => $_POST['options']['theme_allow'],
  142. 'theme_guests' => $_POST['options']['theme_guests'],
  143. 'knownThemes' => implode(',', $_POST['options']['known_themes']),
  144. ));
  145. if ((int) $_POST['theme_reset'] == 0 || in_array($_POST['theme_reset'], $_POST['options']['known_themes']))
  146. updateMemberData(null, array('id_theme' => (int) $_POST['theme_reset']));
  147. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=admin');
  148. }
  149. }
  150. /**
  151. * This function lists the available themes and provides an interface to reset
  152. * the paths of all the installed themes.
  153. */
  154. function ThemeList()
  155. {
  156. global $context, $boarddir, $boardurl, $smcFunc;
  157. loadLanguage('Admin');
  158. isAllowedTo('admin_forum');
  159. if (isset($_REQUEST['th']))
  160. return SetThemeSettings();
  161. if (isset($_POST['save']))
  162. {
  163. checkSession();
  164. validateToken('admin-tl');
  165. // Calling the almighty power of global vars!
  166. get_all_themes(false);
  167. $setValues = array();
  168. foreach ($context['themes'] as $id => $theme)
  169. {
  170. if (file_exists($_POST['reset_dir'] . '/' . basename($theme['theme_dir'])))
  171. {
  172. $setValues[] = array($id, 0, 'theme_dir', realpath($_POST['reset_dir'] . '/' . basename($theme['theme_dir'])));
  173. $setValues[] = array($id, 0, 'theme_url', $_POST['reset_url'] . '/' . basename($theme['theme_dir']));
  174. $setValues[] = array($id, 0, 'images_url', $_POST['reset_url'] . '/' . basename($theme['theme_dir']) . '/' . basename($theme['images_url']));
  175. }
  176. if (isset($theme['base_theme_dir']) && file_exists($_POST['reset_dir'] . '/' . basename($theme['base_theme_dir'])))
  177. {
  178. $setValues[] = array($id, 0, 'base_theme_dir', realpath($_POST['reset_dir'] . '/' . basename($theme['base_theme_dir'])));
  179. $setValues[] = array($id, 0, 'base_theme_url', $_POST['reset_url'] . '/' . basename($theme['base_theme_dir']));
  180. $setValues[] = array($id, 0, 'base_images_url', $_POST['reset_url'] . '/' . basename($theme['base_theme_dir']) . '/' . basename($theme['base_images_url']));
  181. }
  182. cache_put_data('theme_settings-' . $id, null, 90);
  183. }
  184. if (!empty($setValues))
  185. {
  186. $smcFunc['db_insert']('replace',
  187. '{db_prefix}themes',
  188. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  189. $setValues,
  190. array('id_theme', 'variable', 'id_member')
  191. );
  192. }
  193. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id']);
  194. }
  195. loadTemplate('Themes');
  196. // Get all installed themes.
  197. get_all_themes(false);
  198. $context['reset_dir'] = realpath($boarddir . '/Themes');
  199. $context['reset_url'] = $boardurl . '/Themes';
  200. $context['sub_template'] = 'list_themes';
  201. createToken('admin-tl');
  202. createToken('admin-tr', 'request');
  203. createToken('admin-tre', 'request');
  204. }
  205. /**
  206. * Administrative global settings.
  207. */
  208. function SetThemeOptions()
  209. {
  210. global $txt, $context, $settings, $modSettings, $smcFunc;
  211. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (isset($_GET['id']) ? (int) $_GET['id'] : 0);
  212. isAllowedTo('admin_forum');
  213. if (empty($_GET['th']) && empty($_GET['id']))
  214. {
  215. $request = $smcFunc['db_query']('', '
  216. SELECT id_theme, variable, value
  217. FROM {db_prefix}themes
  218. WHERE variable IN ({string:name}, {string:theme_dir})
  219. AND id_member = {int:no_member}',
  220. array(
  221. 'no_member' => 0,
  222. 'name' => 'name',
  223. 'theme_dir' => 'theme_dir',
  224. )
  225. );
  226. $context['themes'] = array();
  227. while ($row = $smcFunc['db_fetch_assoc']($request))
  228. {
  229. if (!isset($context['themes'][$row['id_theme']]))
  230. $context['themes'][$row['id_theme']] = array(
  231. 'id' => $row['id_theme'],
  232. 'num_default_options' => 0,
  233. 'num_members' => 0,
  234. );
  235. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  236. }
  237. $smcFunc['db_free_result']($request);
  238. $request = $smcFunc['db_query']('', '
  239. SELECT id_theme, COUNT(*) AS value
  240. FROM {db_prefix}themes
  241. WHERE id_member = {int:guest_member}
  242. GROUP BY id_theme',
  243. array(
  244. 'guest_member' => -1,
  245. )
  246. );
  247. while ($row = $smcFunc['db_fetch_assoc']($request))
  248. $context['themes'][$row['id_theme']]['num_default_options'] = $row['value'];
  249. $smcFunc['db_free_result']($request);
  250. // Need to make sure we don't do custom fields.
  251. $request = $smcFunc['db_query']('', '
  252. SELECT col_name
  253. FROM {db_prefix}custom_fields',
  254. array(
  255. )
  256. );
  257. $customFields = array();
  258. while ($row = $smcFunc['db_fetch_assoc']($request))
  259. $customFields[] = $row['col_name'];
  260. $smcFunc['db_free_result']($request);
  261. $customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
  262. $request = $smcFunc['db_query']('themes_count', '
  263. SELECT COUNT(DISTINCT id_member) AS value, id_theme
  264. FROM {db_prefix}themes
  265. WHERE id_member > {int:no_member}
  266. ' . $customFieldsQuery . '
  267. GROUP BY id_theme',
  268. array(
  269. 'no_member' => 0,
  270. 'custom_fields' => empty($customFields) ? array() : $customFields,
  271. )
  272. );
  273. while ($row = $smcFunc['db_fetch_assoc']($request))
  274. $context['themes'][$row['id_theme']]['num_members'] = $row['value'];
  275. $smcFunc['db_free_result']($request);
  276. // There has to be a Settings template!
  277. foreach ($context['themes'] as $k => $v)
  278. if (empty($v['theme_dir']) || (!file_exists($v['theme_dir'] . '/Settings.template.php') && empty($v['num_members'])))
  279. unset($context['themes'][$k]);
  280. loadTemplate('Themes');
  281. $context['sub_template'] = 'reset_list';
  282. createToken('admin-stor', 'request');
  283. return;
  284. }
  285. // Submit?
  286. if (isset($_POST['submit']) && empty($_POST['who']))
  287. {
  288. checkSession();
  289. validateToken('admin-sto');
  290. if (empty($_POST['options']))
  291. $_POST['options'] = array();
  292. if (empty($_POST['default_options']))
  293. $_POST['default_options'] = array();
  294. // Set up the sql query.
  295. $setValues = array();
  296. foreach ($_POST['options'] as $opt => $val)
  297. $setValues[] = array(-1, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
  298. $old_settings = array();
  299. foreach ($_POST['default_options'] as $opt => $val)
  300. {
  301. $old_settings[] = $opt;
  302. $setValues[] = array(-1, 1, $opt, is_array($val) ? implode(',', $val) : $val);
  303. }
  304. // If we're actually inserting something..
  305. if (!empty($setValues))
  306. {
  307. // Are there options in non-default themes set that should be cleared?
  308. if (!empty($old_settings))
  309. $smcFunc['db_query']('', '
  310. DELETE FROM {db_prefix}themes
  311. WHERE id_theme != {int:default_theme}
  312. AND id_member = {int:guest_member}
  313. AND variable IN ({array_string:old_settings})',
  314. array(
  315. 'default_theme' => 1,
  316. 'guest_member' => -1,
  317. 'old_settings' => $old_settings,
  318. )
  319. );
  320. $smcFunc['db_insert']('replace',
  321. '{db_prefix}themes',
  322. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  323. $setValues,
  324. array('id_theme', 'variable', 'id_member')
  325. );
  326. }
  327. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  328. cache_put_data('theme_settings-1', null, 90);
  329. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  330. }
  331. elseif (isset($_POST['submit']) && $_POST['who'] == 1)
  332. {
  333. checkSession();
  334. validateToken('admin-sto');
  335. $_POST['options'] = empty($_POST['options']) ? array() : $_POST['options'];
  336. $_POST['options_master'] = empty($_POST['options_master']) ? array() : $_POST['options_master'];
  337. $_POST['default_options'] = empty($_POST['default_options']) ? array() : $_POST['default_options'];
  338. $_POST['default_options_master'] = empty($_POST['default_options_master']) ? array() : $_POST['default_options_master'];
  339. $old_settings = array();
  340. foreach ($_POST['default_options'] as $opt => $val)
  341. {
  342. if ($_POST['default_options_master'][$opt] == 0)
  343. continue;
  344. elseif ($_POST['default_options_master'][$opt] == 1)
  345. {
  346. // Delete then insert for ease of database compatibility!
  347. $smcFunc['db_query']('substring', '
  348. DELETE FROM {db_prefix}themes
  349. WHERE id_theme = {int:default_theme}
  350. AND id_member != {int:no_member}
  351. AND variable = SUBSTRING({string:option}, 1, 255)',
  352. array(
  353. 'default_theme' => 1,
  354. 'no_member' => 0,
  355. 'option' => $opt,
  356. )
  357. );
  358. $smcFunc['db_query']('substring', '
  359. INSERT INTO {db_prefix}themes
  360. (id_member, id_theme, variable, value)
  361. SELECT id_member, 1, SUBSTRING({string:option}, 1, 255), SUBSTRING({string:value}, 1, 65534)
  362. FROM {db_prefix}members',
  363. array(
  364. 'option' => $opt,
  365. 'value' => (is_array($val) ? implode(',', $val) : $val),
  366. )
  367. );
  368. $old_settings[] = $opt;
  369. }
  370. elseif ($_POST['default_options_master'][$opt] == 2)
  371. {
  372. $smcFunc['db_query']('', '
  373. DELETE FROM {db_prefix}themes
  374. WHERE variable = {string:option_name}
  375. AND id_member > {int:no_member}',
  376. array(
  377. 'no_member' => 0,
  378. 'option_name' => $opt,
  379. )
  380. );
  381. }
  382. }
  383. // Delete options from other themes.
  384. if (!empty($old_settings))
  385. $smcFunc['db_query']('', '
  386. DELETE FROM {db_prefix}themes
  387. WHERE id_theme != {int:default_theme}
  388. AND id_member > {int:no_member}
  389. AND variable IN ({array_string:old_settings})',
  390. array(
  391. 'default_theme' => 1,
  392. 'no_member' => 0,
  393. 'old_settings' => $old_settings,
  394. )
  395. );
  396. foreach ($_POST['options'] as $opt => $val)
  397. {
  398. if ($_POST['options_master'][$opt] == 0)
  399. continue;
  400. elseif ($_POST['options_master'][$opt] == 1)
  401. {
  402. // Delete then insert for ease of database compatibility - again!
  403. $smcFunc['db_query']('substring', '
  404. DELETE FROM {db_prefix}themes
  405. WHERE id_theme = {int:current_theme}
  406. AND id_member != {int:no_member}
  407. AND variable = SUBSTRING({string:option}, 1, 255)',
  408. array(
  409. 'current_theme' => $_GET['th'],
  410. 'no_member' => 0,
  411. 'option' => $opt,
  412. )
  413. );
  414. $smcFunc['db_query']('substring', '
  415. INSERT INTO {db_prefix}themes
  416. (id_member, id_theme, variable, value)
  417. SELECT id_member, {int:current_theme}, SUBSTRING({string:option}, 1, 255), SUBSTRING({string:value}, 1, 65534)
  418. FROM {db_prefix}members',
  419. array(
  420. 'current_theme' => $_GET['th'],
  421. 'option' => $opt,
  422. 'value' => (is_array($val) ? implode(',', $val) : $val),
  423. )
  424. );
  425. }
  426. elseif ($_POST['options_master'][$opt] == 2)
  427. {
  428. $smcFunc['db_query']('', '
  429. DELETE FROM {db_prefix}themes
  430. WHERE variable = {string:option}
  431. AND id_member > {int:no_member}
  432. AND id_theme = {int:current_theme}',
  433. array(
  434. 'no_member' => 0,
  435. 'current_theme' => $_GET['th'],
  436. 'option' => $opt,
  437. )
  438. );
  439. }
  440. }
  441. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  442. }
  443. elseif (!empty($_GET['who']) && $_GET['who'] == 2)
  444. {
  445. checkSession('get');
  446. validateToken('admin-stor', 'request');
  447. // Don't delete custom fields!!
  448. if ($_GET['th'] == 1)
  449. {
  450. $request = $smcFunc['db_query']('', '
  451. SELECT col_name
  452. FROM {db_prefix}custom_fields',
  453. array(
  454. )
  455. );
  456. $customFields = array();
  457. while ($row = $smcFunc['db_fetch_assoc']($request))
  458. $customFields[] = $row['col_name'];
  459. $smcFunc['db_free_result']($request);
  460. }
  461. $customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
  462. $smcFunc['db_query']('', '
  463. DELETE FROM {db_prefix}themes
  464. WHERE id_member > {int:no_member}
  465. AND id_theme = {int:current_theme}
  466. ' . $customFieldsQuery,
  467. array(
  468. 'no_member' => 0,
  469. 'current_theme' => $_GET['th'],
  470. 'custom_fields' => empty($customFields) ? array() : $customFields,
  471. )
  472. );
  473. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  474. }
  475. $old_id = $settings['theme_id'];
  476. $old_settings = $settings;
  477. loadTheme($_GET['th'], false);
  478. loadLanguage('Profile');
  479. // @todo Should we just move these options so they are no longer theme dependant?
  480. loadLanguage('PersonalMessage');
  481. // Let the theme take care of the settings.
  482. loadTemplate('Settings');
  483. loadSubTemplate('options');
  484. $context['sub_template'] = 'set_options';
  485. $context['page_title'] = $txt['theme_settings'];
  486. $context['options'] = $context['theme_options'];
  487. $context['theme_settings'] = $settings;
  488. if (empty($_REQUEST['who']))
  489. {
  490. $request = $smcFunc['db_query']('', '
  491. SELECT variable, value
  492. FROM {db_prefix}themes
  493. WHERE id_theme IN (1, {int:current_theme})
  494. AND id_member = {int:guest_member}',
  495. array(
  496. 'current_theme' => $_GET['th'],
  497. 'guest_member' => -1,
  498. )
  499. );
  500. $context['theme_options'] = array();
  501. while ($row = $smcFunc['db_fetch_assoc']($request))
  502. $context['theme_options'][$row['variable']] = $row['value'];
  503. $smcFunc['db_free_result']($request);
  504. $context['theme_options_reset'] = false;
  505. }
  506. else
  507. {
  508. $context['theme_options'] = array();
  509. $context['theme_options_reset'] = true;
  510. }
  511. foreach ($context['options'] as $i => $setting)
  512. {
  513. // Is this disabled?
  514. if ($setting['id'] == 'calendar_start_day' && empty($modSettings['cal_enabled']))
  515. {
  516. unset($context['options'][$i]);
  517. continue;
  518. }
  519. elseif (($setting['id'] == 'topics_per_page' || $setting['id'] == 'messages_per_page') && !empty($modSettings['disableCustomPerPage']))
  520. {
  521. unset($context['options'][$i]);
  522. continue;
  523. }
  524. if (!isset($setting['type']) || $setting['type'] == 'bool')
  525. $context['options'][$i]['type'] = 'checkbox';
  526. elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
  527. $context['options'][$i]['type'] = 'number';
  528. elseif ($setting['type'] == 'string')
  529. $context['options'][$i]['type'] = 'text';
  530. if (isset($setting['options']))
  531. $context['options'][$i]['type'] = 'list';
  532. $context['options'][$i]['value'] = !isset($context['theme_options'][$setting['id']]) ? '' : $context['theme_options'][$setting['id']];
  533. }
  534. // Restore the existing theme.
  535. loadTheme($old_id, false);
  536. $settings = $old_settings;
  537. loadTemplate('Themes');
  538. createToken('admin-sto');
  539. }
  540. /**
  541. * Administrative global settings.
  542. * - saves and requests global theme settings. ($settings)
  543. * - loads the Admin language file.
  544. * - calls ThemeAdmin() if no theme is specified. (the theme center.)
  545. * - requires admin_forum permission.
  546. * - accessed with ?action=admin;area=theme;sa=list&th=xx.
  547. */
  548. function SetThemeSettings()
  549. {
  550. global $txt, $context, $settings, $modSettings, $sourcedir, $smcFunc;
  551. if (empty($_GET['th']) && empty($_GET['id']))
  552. return ThemeAdmin();
  553. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  554. // Select the best fitting tab.
  555. $context[$context['admin_menu_name']]['current_subsection'] = 'list';
  556. loadLanguage('Admin');
  557. isAllowedTo('admin_forum');
  558. // Validate inputs/user.
  559. if (empty($_GET['th']))
  560. fatal_lang_error('no_theme', false);
  561. // Fetch the smiley sets...
  562. $sets = explode(',', 'none,' . $modSettings['smiley_sets_known']);
  563. $set_names = explode("\n", $txt['smileys_none'] . "\n" . $modSettings['smiley_sets_names']);
  564. $context['smiley_sets'] = array(
  565. '' => $txt['smileys_no_default']
  566. );
  567. foreach ($sets as $i => $set)
  568. $context['smiley_sets'][$set] = $smcFunc['htmlspecialchars']($set_names[$i]);
  569. $old_id = $settings['theme_id'];
  570. $old_settings = $settings;
  571. loadTheme($_GET['th'], false);
  572. // Sadly we really do need to init the template.
  573. loadSubTemplate('init', 'ignore');
  574. // Also load the actual themes language file - in case of special settings.
  575. loadLanguage('Settings', '', true, true);
  576. // And the custom language strings...
  577. loadLanguage('ThemeStrings', '', false, true);
  578. // Let the theme take care of the settings.
  579. loadTemplate('Settings');
  580. loadSubTemplate('settings');
  581. // Load the variants separately...
  582. $settings['theme_variants'] = array();
  583. if (file_exists($settings['theme_dir'] . '/index.template.php'))
  584. {
  585. $file_contents = implode('', file($settings['theme_dir'] . '/index.template.php'));
  586. if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
  587. eval('global $settings;' . $matches[0]);
  588. }
  589. // Submitting!
  590. if (isset($_POST['save']))
  591. {
  592. checkSession();
  593. validateToken('admin-sts');
  594. if (empty($_POST['options']))
  595. $_POST['options'] = array();
  596. if (empty($_POST['default_options']))
  597. $_POST['default_options'] = array();
  598. // Make sure items are cast correctly.
  599. foreach ($context['theme_settings'] as $item)
  600. {
  601. // Disregard this item if this is just a separator.
  602. if (!is_array($item))
  603. continue;
  604. foreach (array('options', 'default_options') as $option)
  605. {
  606. if (!isset($_POST[$option][$item['id']]))
  607. continue;
  608. // Checkbox.
  609. elseif (empty($item['type']))
  610. $_POST[$option][$item['id']] = $_POST[$option][$item['id']] ? 1 : 0;
  611. // Number
  612. elseif ($item['type'] == 'number')
  613. $_POST[$option][$item['id']] = (int) $_POST[$option][$item['id']];
  614. }
  615. }
  616. // Set up the sql query.
  617. $inserts = array();
  618. foreach ($_POST['options'] as $opt => $val)
  619. $inserts[] = array(0, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
  620. foreach ($_POST['default_options'] as $opt => $val)
  621. $inserts[] = array(0, 1, $opt, is_array($val) ? implode(',', $val) : $val);
  622. // If we're actually inserting something..
  623. if (!empty($inserts))
  624. {
  625. $smcFunc['db_insert']('replace',
  626. '{db_prefix}themes',
  627. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  628. $inserts,
  629. array('id_member', 'id_theme', 'variable')
  630. );
  631. }
  632. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  633. cache_put_data('theme_settings-1', null, 90);
  634. // Invalidate the cache.
  635. updateSettings(array('settings_updated' => time()));
  636. redirectexit('action=admin;area=theme;sa=list;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id']);
  637. }
  638. $context['sub_template'] = 'set_settings';
  639. $context['page_title'] = $txt['theme_settings'];
  640. foreach ($settings as $setting => $dummy)
  641. {
  642. if (!in_array($setting, array('theme_url', 'theme_dir', 'images_url', 'template_dirs')))
  643. $settings[$setting] = htmlspecialchars__recursive($settings[$setting]);
  644. }
  645. $context['settings'] = $context['theme_settings'];
  646. $context['theme_settings'] = $settings;
  647. foreach ($context['settings'] as $i => $setting)
  648. {
  649. // Separators are dummies, so leave them alone.
  650. if (!is_array($setting))
  651. continue;
  652. if (!isset($setting['type']) || $setting['type'] == 'bool')
  653. $context['settings'][$i]['type'] = 'checkbox';
  654. elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
  655. $context['settings'][$i]['type'] = 'number';
  656. elseif ($setting['type'] == 'string')
  657. $context['settings'][$i]['type'] = 'text';
  658. if (isset($setting['options']))
  659. $context['settings'][$i]['type'] = 'list';
  660. $context['settings'][$i]['value'] = !isset($settings[$setting['id']]) ? '' : $settings[$setting['id']];
  661. }
  662. // Do we support variants?
  663. if (!empty($settings['theme_variants']))
  664. {
  665. $context['theme_variants'] = array();
  666. foreach ($settings['theme_variants'] as $variant)
  667. {
  668. // Have any text, old chap?
  669. $context['theme_variants'][$variant] = array(
  670. 'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
  671. 'thumbnail' => !file_exists($settings['theme_dir'] . '/images/thumbnail.png') || file_exists($settings['theme_dir'] . '/images/thumbnail_' . $variant . '.png') ? $settings['images_url'] . '/thumbnail_' . $variant . '.png' : ($settings['images_url'] . '/thumbnail.png'),
  672. );
  673. }
  674. $context['default_variant'] = !empty($settings['default_variant']) && isset($context['theme_variants'][$settings['default_variant']]) ? $settings['default_variant'] : $settings['theme_variants'][0];
  675. }
  676. // Restore the current theme.
  677. loadTheme($old_id, false);
  678. // Reinit just incase.
  679. loadSubTemplate('init', 'ignore');
  680. $settings = $old_settings;
  681. loadTemplate('Themes');
  682. // We like Kenny better than Token.
  683. createToken('admin-sts');
  684. }
  685. /**
  686. * Remove a theme from the database.
  687. * - removes an installed theme.
  688. * - requires an administrator.
  689. * - accessed with ?action=admin;area=theme;sa=remove.
  690. */
  691. function RemoveTheme()
  692. {
  693. global $modSettings, $context, $smcFunc;
  694. checkSession('get');
  695. isAllowedTo('admin_forum');
  696. validateToken('admin-tr', 'request');
  697. // The theme's ID must be an integer.
  698. $themeID = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  699. // You can't delete the default theme!
  700. if ($themeID == 1)
  701. fatal_lang_error('no_access', false);
  702. $theme_info = get_single_theme($themeID);
  703. // Remove it from the DB.
  704. remove_theme($themeID);
  705. // And remove all its files and folders too.
  706. if (!empty($theme_info) && !empty($theme_info['theme_dir']))
  707. remove_dir($theme_info['theme_dir']);
  708. // Go back to the list page.
  709. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id'] .';done=removing');
  710. }
  711. function EnableTheme()
  712. {
  713. global $modSettings, $context;
  714. checkSession('get');
  715. isAllowedTo('admin_forum');
  716. validateToken('admin-tre', 'request');
  717. // The theme's ID must be an string.
  718. $themeID = isset($_GET['th']) ? (string) trim($_GET['th']) : (string) trim($_GET['id']);
  719. // Get the current list.
  720. $enableThemes = explode(',', $modSettings['enableThemes']);
  721. // Are we disabling it?
  722. if (isset($_GET['disabled']))
  723. $enableThemes = array_diff($enableThemes, array($themeID));
  724. // Nope? then enable it!
  725. else
  726. $enableThemes[] = (string) $themeID;
  727. // Update the setting.
  728. $enableThemes = strtr(implode(',', $enableThemes), array(',,' => ','));
  729. updateSettings(array('enableThemes' => $enableThemes));
  730. // Done!
  731. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id'] .';done='. (isset($_GET['disabled']) ? 'disabling' : 'enabling'));
  732. }
  733. /**
  734. * Choose a theme from a list.
  735. * allows an user or administrator to pick a new theme with an interface.
  736. * - can edit everyone's (u = 0), guests' (u = -1), or a specific user's.
  737. * - uses the Themes template. (pick sub template.)
  738. * - accessed with ?action=admin;area=theme;sa=pick.
  739. * @todo thought so... Might be better to split this file in ManageThemes and Themes,
  740. * with centralized admin permissions on ManageThemes.
  741. */
  742. function PickTheme()
  743. {
  744. global $txt, $context, $modSettings, $user_info, $language, $smcFunc, $settings, $scripturl;
  745. loadLanguage('Profile');
  746. loadTemplate('Themes');
  747. // Build the link tree.
  748. $context['linktree'][] = array(
  749. 'url' => $scripturl . '?action=theme;sa=pick;u=' . (!empty($_REQUEST['u']) ? (int) $_REQUEST['u'] : 0),
  750. 'name' => $txt['theme_pick'],
  751. );
  752. $context['default_theme_id'] = $modSettings['theme_default'];
  753. $_SESSION['id_theme'] = 0;
  754. if (isset($_GET['id']))
  755. $_GET['th'] = $_GET['id'];
  756. // Saving a variant cause JS doesn't work - pretend it did ;)
  757. if (isset($_POST['save']))
  758. {
  759. // Which theme?
  760. foreach ($_POST['save'] as $k => $v)
  761. $_GET['th'] = (int) $k;
  762. if (isset($_POST['vrt'][$k]))
  763. $_GET['vrt'] = $_POST['vrt'][$k];
  764. }
  765. // Have we made a decision, or are we just browsing?
  766. if (isset($_GET['th']))
  767. {
  768. checkSession('get');
  769. $_GET['th'] = (int) $_GET['th'];
  770. // Save for this user.
  771. if (!isset($_REQUEST['u']) || !allowedTo('admin_forum'))
  772. {
  773. updateMemberData($user_info['id'], array('id_theme' => (int) $_GET['th']));
  774. // A variants to save for the user?
  775. if (!empty($_GET['vrt']))
  776. {
  777. $smcFunc['db_insert']('replace',
  778. '{db_prefix}themes',
  779. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  780. array($_GET['th'], $user_info['id'], 'theme_variant', $_GET['vrt']),
  781. array('id_theme', 'id_member', 'variable')
  782. );
  783. cache_put_data('theme_settings-' . $_GET['th'] . ':' . $user_info['id'], null, 90);
  784. $_SESSION['id_variant'] = 0;
  785. }
  786. redirectexit('action=profile;area=theme');
  787. }
  788. // If changing members or guests - and there's a variant - assume changing default variant.
  789. if (!empty($_GET['vrt']) && ($_REQUEST['u'] == '0' || $_REQUEST['u'] == '-1'))
  790. {
  791. $smcFunc['db_insert']('replace',
  792. '{db_prefix}themes',
  793. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  794. array($_GET['th'], 0, 'default_variant', $_GET['vrt']),
  795. array('id_theme', 'id_member', 'variable')
  796. );
  797. // Make it obvious that it's changed
  798. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  799. }
  800. // For everyone.
  801. if ($_REQUEST['u'] == '0')
  802. {
  803. updateMemberData(null, array('id_theme' => (int) $_GET['th']));
  804. // Remove any custom variants.
  805. if (!empty($_GET['vrt']))
  806. {
  807. $smcFunc['db_query']('', '
  808. DELETE FROM {db_prefix}themes
  809. WHERE id_theme = {int:current_theme}
  810. AND variable = {string:theme_variant}',
  811. array(
  812. 'current_theme' => (int) $_GET['th'],
  813. 'theme_variant' => 'theme_variant',
  814. )
  815. );
  816. }
  817. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  818. }
  819. // Change the default/guest theme.
  820. elseif ($_REQUEST['u'] == '-1')
  821. {
  822. updateSettings(array('theme_guests' => (int) $_GET['th']));
  823. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  824. }
  825. // Change a specific member's theme.
  826. else
  827. {
  828. // The forum's default theme is always 0 and we
  829. if (isset($_GET['th']) && $_GET['th'] == 0)
  830. $_GET['th'] = $modSettings['theme_guests'];
  831. updateMemberData((int) $_REQUEST['u'], array('id_theme' => (int) $_GET['th']));
  832. if (!empty($_GET['vrt']))
  833. {
  834. $smcFunc['db_insert']('replace',
  835. '{db_prefix}themes',
  836. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  837. array($_GET['th'], (int) $_REQUEST['u'], 'theme_variant', $_GET['vrt']),
  838. array('id_theme', 'id_member', 'variable')
  839. );
  840. cache_put_data('theme_settings-' . $_GET['th'] . ':' . (int) $_REQUEST['u'], null, 90);
  841. if ($user_info['id'] == $_REQUEST['u'])
  842. $_SESSION['id_variant'] = 0;
  843. }
  844. redirectexit('action=profile;u=' . (int) $_REQUEST['u'] . ';area=theme');
  845. }
  846. }
  847. // Figure out who the member of the minute is, and what theme they've chosen.
  848. if (!isset($_REQUEST['u']) || !allowedTo('admin_forum'))
  849. {
  850. $context['current_member'] = $user_info['id'];
  851. $context['current_theme'] = $user_info['theme'];
  852. }
  853. // Everyone can't chose just one.
  854. elseif ($_REQUEST['u'] == '0')
  855. {
  856. $context['current_member'] = 0;
  857. $context['current_theme'] = 0;
  858. }
  859. // Guests and such...
  860. elseif ($_REQUEST['u'] == '-1')
  861. {
  862. $context['current_member'] = -1;
  863. $context['current_theme'] = $modSettings['theme_guests'];
  864. }
  865. // Someones else :P.
  866. else
  867. {
  868. $context['current_member'] = (int) $_REQUEST['u'];
  869. $request = $smcFunc['db_query']('', '
  870. SELECT id_theme
  871. FROM {db_prefix}members
  872. WHERE id_member = {int:current_member}
  873. LIMIT 1',
  874. array(
  875. 'current_member' => $context['current_member'],
  876. )
  877. );
  878. list ($context['current_theme']) = $smcFunc['db_fetch_row']($request);
  879. $smcFunc['db_free_result']($request);
  880. }
  881. // Get the theme name and descriptions.
  882. $context['available_themes'] = array();
  883. if (!empty($modSettings['knownThemes']))
  884. {
  885. $request = $smcFunc['db_query']('', '
  886. SELECT id_theme, variable, value
  887. FROM {db_prefix}themes
  888. WHERE variable IN ({string:name}, {string:theme_url}, {string:theme_dir}, {string:images_url}, {string:disable_user_variant})' . (!allowedTo('admin_forum') ? '
  889. AND id_theme IN ({array_string:known_themes})' : '') . '
  890. AND id_theme != {int:default_theme}
  891. AND id_member = {int:no_member}
  892. AND id_theme IN ({array_string:enable_themes})',
  893. array(
  894. 'default_theme' => 0,
  895. 'name' => 'name',
  896. 'no_member' => 0,
  897. 'theme_url' => 'theme_url',
  898. 'theme_dir' => 'theme_dir',
  899. 'images_url' => 'images_url',
  900. 'disable_user_variant' => 'disable_user_variant',
  901. 'known_themes' => explode(',', $modSettings['knownThemes']),
  902. 'enable_themes' => explode(',', $modSettings['enableThemes']),
  903. )
  904. );
  905. while ($row = $smcFunc['db_fetch_assoc']($request))
  906. {
  907. if (!isset($context['available_themes'][$row['id_theme']]))
  908. $context['available_themes'][$row['id_theme']] = array(
  909. 'id' => $row['id_theme'],
  910. 'selected' => $context['current_theme'] == $row['id_theme'],
  911. 'num_users' => 0
  912. );
  913. $context['available_themes'][$row['id_theme']][$row['variable']] = $row['value'];
  914. }
  915. $smcFunc['db_free_result']($request);
  916. }
  917. // Okay, this is a complicated problem: the default theme is 1, but they aren't allowed to access 1!
  918. if (!isset($context['available_themes'][$modSettings['theme_guests']]))
  919. {
  920. $context['available_themes'][0] = array(
  921. 'num_users' => 0
  922. );
  923. $guest_theme = 0;
  924. }
  925. else
  926. $guest_theme = $modSettings['theme_guests'];
  927. $request = $smcFunc['db_query']('', '
  928. SELECT id_theme, COUNT(*) AS the_count
  929. FROM {db_prefix}members
  930. GROUP BY id_theme
  931. ORDER BY id_theme DESC',
  932. array(
  933. )
  934. );
  935. while ($row = $smcFunc['db_fetch_assoc']($request))
  936. {
  937. // Figure out which theme it is they are REALLY using.
  938. if (!empty($modSettings['knownThemes']) && !in_array($row['id_theme'], explode(',',$modSettings['knownThemes'])))
  939. $row['id_theme'] = $guest_theme;
  940. elseif (empty($modSettings['theme_allow']))
  941. $row['id_theme'] = $guest_theme;
  942. if (isset($context['available_themes'][$row['id_theme']]))
  943. $context['available_themes'][$row['id_theme']]['num_users'] += $row['the_count'];
  944. else
  945. $context['available_themes'][$guest_theme]['num_users'] += $row['the_count'];
  946. }
  947. $smcFunc['db_free_result']($request);
  948. // Get any member variant preferences.
  949. $variant_preferences = array();
  950. if ($context['current_member'] > 0)
  951. {
  952. $request = $smcFunc['db_query']('', '
  953. SELECT id_theme, value
  954. FROM {db_prefix}themes
  955. WHERE variable = {string:theme_variant}
  956. AND id_member IN ({array_int:id_member})
  957. ORDER BY id_member ASC',
  958. array(
  959. 'theme_variant' => 'theme_variant',
  960. 'id_member' => isset($_REQUEST['sa']) && $_REQUEST['sa'] == 'pick' ? array(-1, $context['current_member']) : array(-1),
  961. )
  962. );
  963. while ($row = $smcFunc['db_fetch_assoc']($request))
  964. $variant_preferences[$row['id_theme']] = $row['value'];
  965. $smcFunc['db_free_result']($request);
  966. }
  967. // Save the setting first.
  968. $current_images_url = $settings['images_url'];
  969. $current_theme_variants = !empty($settings['theme_variants']) ? $settings['theme_variants'] : array();
  970. foreach ($context['available_themes'] as $id_theme => $theme_data)
  971. {
  972. // Don't try to load the forum or board default theme's data... it doesn't have any!
  973. if ($id_theme == 0)
  974. continue;
  975. // The thumbnail needs the correct path.
  976. $settings['images_url'] = &$theme_data['images_url'];
  977. if (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php'))
  978. include($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php');
  979. elseif (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php'))
  980. include($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php');
  981. else
  982. {
  983. $txt['theme_thumbnail_href'] = $theme_data['images_url'] . '/thumbnail.png';
  984. $txt['theme_description'] = '';
  985. }
  986. $context['available_themes'][$id_theme]['thumbnail_href'] = $txt['theme_thumbnail_href'];
  987. $context['available_themes'][$id_theme]['description'] = $txt['theme_description'];
  988. // Are there any variants?
  989. if (file_exists($theme_data['theme_dir'] . '/index.template.php') && (empty($theme_data['disable_user_variant']) || allowedTo('admin_forum')))
  990. {
  991. $file_contents = implode('', file($theme_data['theme_dir'] . '/index.template.php'));
  992. if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
  993. {
  994. $settings['theme_variants'] = array();
  995. // Fill settings up.
  996. eval('global $settings;' . $matches[0]);
  997. if (!empty($settings['theme_variants']))
  998. {
  999. loadLanguage('Settings');
  1000. $context['available_themes'][$id_theme]['variants'] = array();
  1001. foreach ($settings['theme_variants'] as $variant)
  1002. $context['available_themes'][$id_theme]['variants'][$variant] = array(
  1003. 'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
  1004. 'thumbnail' => !file_exists($theme_data['theme_dir'] . '/images/thumbnail.png') || file_exists($theme_data['theme_dir'] . '/images/thumbnail_' . $variant . '.png') ? $theme_data['images_url'] . '/thumbnail_' . $variant . '.png' : ($theme_data['images_url'] . '/thumbnail.png'),
  1005. );
  1006. $context['available_themes'][$id_theme]['selected_variant'] = isset($_GET['vrt']) ? $_GET['vrt'] : (!empty($variant_preferences[$id_theme]) ? $variant_preferences[$id_theme] : (!empty($settings['default_variant']) ? $settings['default_variant'] : $settings['theme_variants'][0]));
  1007. if (!isset($context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail']))
  1008. $context['available_themes'][$id_theme]['selected_variant'] = $settings['theme_variants'][0];
  1009. $context['available_themes'][$id_theme]['thumbnail_href'] = $context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail'];
  1010. // Allow themes to override the text.
  1011. $context['available_themes'][$id_theme]['pick_label'] = isset($txt['variant_pick']) ? $txt['variant_pick'] : $txt['theme_pick_variant'];
  1012. }
  1013. }
  1014. }
  1015. }
  1016. // Then return it.
  1017. $settings['images_url'] = $current_images_url;
  1018. $settings['theme_variants'] = $current_theme_variants;
  1019. // As long as we're not doing the default theme...
  1020. if (!isset($_REQUEST['u']) || $_REQUEST['u'] >= 0)
  1021. {
  1022. if ($guest_theme != 0)
  1023. $context['available_themes'][0] = $context['available_themes'][$guest_theme];
  1024. $context['available_themes'][0]['id'] = 0;
  1025. $context['available_themes'][0]['name'] = $txt['theme_forum_default'];
  1026. $context['available_themes'][0]['selected'] = $context['current_theme'] == 0;
  1027. $context['available_themes'][0]['description'] = $txt['theme_global_description'];
  1028. }
  1029. ksort($context['available_themes']);
  1030. $context['page_title'] = $txt['theme_pick'];
  1031. $context['sub_template'] = 'pick';
  1032. }
  1033. /**
  1034. * Installs new themes, calls the respective function according to the install type.
  1035. * - puts themes in $boardurl/Themes.
  1036. * - assumes the gzip has a root directory in it. (ie default.)
  1037. * Requires admin_forum.
  1038. * Accessed with ?action=admin;area=theme;sa=install.
  1039. */
  1040. function ThemeInstall()
  1041. {
  1042. global $sourcedir, $txt, $context, $boarddir, $boardurl;
  1043. global $themedir, $themeurl, $smcFunc;
  1044. checkSession('request');
  1045. isAllowedTo('admin_forum');
  1046. require_once($sourcedir . '/Subs-Package.php');
  1047. // Make it easier to change the path and url.
  1048. $themedir = $boarddir . '/Themes';
  1049. $themeurl = $boardurl . '/Themes';
  1050. loadTemplate('Themes');
  1051. $subActions = array(
  1052. 'file' => 'InstallFile',
  1053. 'copy' => 'InstallCopy',
  1054. 'dir' => 'InstallDir',
  1055. );
  1056. // Is there a function to call?
  1057. if (isset($_GET['do']) && !empty($_GET['do']) && isset($subActions[$_GET['do']]))
  1058. {
  1059. $action = $smcFunc['htmlspecialchars'](trim($_GET['do']));
  1060. // Got any info from the specific form?
  1061. if (!isset($_POST['save_'. $action]))
  1062. fatal_lang_error('theme_install_no_action', false);
  1063. validateToken('admin-t-'. $action);
  1064. // Hopefully the themes directory is writable, or we might have a problem.
  1065. if (!is_writable($themedir))
  1066. fatal_lang_error('theme_install_write_error', 'critical');
  1067. // Call the function and handle the result.
  1068. $result = $subActions[$action]();
  1069. // Everything went better than expected!
  1070. if (!empty($result))
  1071. {
  1072. $context['sub_template'] = 'installed';
  1073. $context['page_title'] = $txt['theme_installed'];
  1074. $context['installed_theme'] = $result;
  1075. }
  1076. }
  1077. // Nope, show a nice error.
  1078. else
  1079. fatal_lang_error('theme_install_no_action', false);
  1080. }
  1081. /**
  1082. * Installs a theme from a theme package.
  1083. *
  1084. * Stores the theme files on a temp dir, on success it renames the dir to the new theme's name. Ends execution with fatal_lang_error() on any error.
  1085. * @return array The newly created theme's info.
  1086. */
  1087. function InstallFile()
  1088. {
  1089. global $themedir, $themeurl, $context;
  1090. // Set a temp dir for dumping all required files on it.
  1091. $dirtemp = $themedir .'/temp';
  1092. // Create the temp dir.
  1093. mkdir($dirtemp, 0777);
  1094. // Hopefully the temp directory is writable, or we might have a problem.
  1095. if (!is_writable($dirtemp))
  1096. {
  1097. // Lets give it a try.
  1098. @chmod($dirtmp, '0755');
  1099. // How about now?
  1100. if (!is_writable($dirtemp))
  1101. fatal_lang_error('theme_install_write_error', 'critical');
  1102. }
  1103. // This happens when the admin session is gone and the user has to login again.
  1104. if (!isset($_FILES) || !isset($_FILES['theme_gz']) || empty($_FILES['theme_gz']))
  1105. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  1106. // Another error check layer, something went wrong with the upload.
  1107. if (isset($_FILES['theme_gz']['error']) && $_FILES['theme_gz']['error'] != 0)
  1108. fatal_lang_error('theme_install_error_file_'. $_FILES['theme_gz']['error'], false);
  1109. // Get the theme's name.
  1110. $name = strtok(basename($_FILES['theme_gz']['name']));
  1111. $name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $name);
  1112. // Start setting some vars.
  1113. $context['to_install'] = array(
  1114. 'theme_dir' => $themedir . '/' . $name,
  1115. 'theme_url' => $themeurl . '/' . $name,
  1116. 'images_url' => $themeurl . '/' . $name . '/images',
  1117. 'name' => $name,
  1118. );
  1119. // Extract the file on the proper themes dir.
  1120. $extracted = read_tgz_file($_FILES['theme_gz']['tmp_name'], $dirtemp, false, true);
  1121. if ($extracted)
  1122. {
  1123. // Read its info form the XML file.
  1124. $theme_info = get_theme_info($dirtemp);
  1125. $context['to_install'] += $theme_info;
  1126. // Install the theme. theme_install() will return the new installed ID.
  1127. $context['to_install']['id'] = theme_install($context['to_install']);
  1128. // Rename the temp dir to the actual theme name.
  1129. rename($dirtemp, $context['to_install']['theme_dir']);
  1130. // return all the info.
  1131. return $context['to_install'];
  1132. }
  1133. else
  1134. fatal_lang_error('theme_install_error_title', false);
  1135. }
  1136. /**
  1137. * Makes a copy form the default theme, assigns a name for it and installs it.
  1138. *
  1139. * Creates a new .xml file containing all the theme's info.
  1140. * @return array The newly created theme's info.
  1141. */
  1142. function InstallCopy()
  1143. {
  1144. global $themedir, $themeurl, $settings, $smcFunc, $context;
  1145. global $forum_version;
  1146. // There's gotta be something to work with.
  1147. if (!isset($_REQUEST['copy']) || empty($_REQUEST['copy']))
  1148. fatal_lang_error('theme_install_error_title', false);
  1149. // Get a cleaner version.
  1150. $name = preg_replace('~[^A-Za-z0-9_\- ]~', '', $_REQUEST['copy']);
  1151. // Is there a theme already named like this?
  1152. if (file_exists($themedir .'/'. $name))
  1153. fatal_lang_error('theme_install_already_dir', false);
  1154. // This is a brand new theme so set all possible values.
  1155. $context['to_install'] = array(
  1156. 'theme_dir' => $themedir . '/' . $name,
  1157. 'theme_url' => $themeurl . '/' . $name,
  1158. 'name' => $name,
  1159. 'images_url' => $themeurl . '/' . $name . '/images',
  1160. 'version' => '1.0',
  1161. 'install_for' => '2.1 - 2.1.99, '. strtr($forum_version, array('SMF ' => '')),
  1162. 'based_on' => '',
  1163. 'based_on_dir' => $themedir . '/default',
  1164. );
  1165. // Create the specific dir.
  1166. umask(0);
  1167. mkdir($context['to_install']['theme_dir'], 0777);
  1168. // Buy some time.
  1169. @set_time_limit(600);
  1170. if (function_exists('apache_reset_timeout'))
  1171. @apache_reset_timeout();
  1172. // Create subdirectories for css and javascript files.
  1173. mkdir($context['to_install']['theme_dir'] . '/css', 0777);
  1174. mkdir($context['to_install']['theme_dir'] . '/scripts', 0777);
  1175. // Copy over the default non-theme files.
  1176. $to_copy = array('/index.php', '/index.template.php', '/css/index.css', '/css/rtl.css', '/css/admin.css', '/scripts/theme.js');
  1177. foreach ($to_copy as $file)
  1178. {
  1179. copy($settings['default_theme_dir'] . $file, $context['to_install']['theme_dir'] . $file);
  1180. @chmod($context['to_install']['theme_dir'] . $file, 0777);
  1181. }
  1182. // And now the entire images directory!
  1183. copytree($settings['default_theme_dir'] . '/images', $context['to_install']['theme_dir'] . '/images');
  1184. package_flush_cache();
  1185. // Lets get some data for the new theme.
  1186. $request = $smcFunc['db_query']('', '
  1187. SELECT variable, value
  1188. FROM {db_prefix}themes
  1189. WHERE variable IN ({string:theme_templates}, {string:theme_layers})
  1190. AND id_member = {int:no_member}
  1191. AND id_theme = {int:default_theme}',
  1192. array(
  1193. 'no_member' => 0,
  1194. 'default_theme' => 1,
  1195. 'theme_templates' => 'theme_templates',
  1196. 'theme_layers' => 'theme_layers',
  1197. )
  1198. );
  1199. while ($row = $smcFunc['db_fetch_assoc']($request))
  1200. {
  1201. if ($row['variable'] == 'theme_templates')
  1202. $theme_templates = $row['value'];
  1203. elseif ($row['variable'] == 'theme_layers')
  1204. $theme_layers = $row['value'];
  1205. else
  1206. continue;
  1207. }
  1208. $smcFunc['db_free_result']($request);
  1209. $context['to_install'] += array(
  1210. 'theme_layers' => empty($theme_layers) ? 'html,body' : $theme_layers,
  1211. 'theme_templates' => empty($theme_templates) ? 'index' : $theme_templates,
  1212. );
  1213. // Lets add a theme_info.xml to this theme.
  1214. $xml_info = '<' . '?xml version="1.0"?' . '>
  1215. <theme-info xmlns="http://www.simplemachines.org/xml/theme-info" xmlns:smf="http://www.simplemachines.org/">
  1216. <!-- For the id, always use something unique - put your name, a colon, and then the package name. -->
  1217. <id>smf:' . $smcFunc['strtolower']($context['to_install']['name']) . '</id>
  1218. <!-- The theme\'s version, please try to use semantic versioning. -->
  1219. <version>1.0</version>
  1220. <!-- Install for, the SMF versions this theme was designed for. Uses the same wildcards used in the packager manager. This field is mandatory. -->
  1221. <install for="'. $context['to_install']['install_for'] .'" />
  1222. <!-- Theme name, used purely for aesthetics. -->
  1223. <name>' . $context['to_install']['name'] . '</name>
  1224. <!-- Author: your email address or contact information. The name attribute is optional. -->
  1225. <author name="Simple Machines">[email protected]</author>
  1226. <!-- Website... where to get updates and more information. -->
  1227. <website>http://www.simplemachines.org/</website>
  1228. <!-- Template layers to use, defaults to "html,body". -->
  1229. <layers>' . $context['to_install']['theme_layers'] . '</layers>
  1230. <!-- Templates to load on startup. Default is "index". -->
  1231. <templates>' . $context['to_install']['theme_templates'] . '</templates>
  1232. <!-- Base this theme off another? Default is blank, or no. It could be "default". -->
  1233. <based-on></based-on>
  1234. </theme-info>';
  1235. // Now write it.
  1236. $fp = @fopen($context['to_install']['theme_dir'] . '/theme_info.xml', 'w+');
  1237. if ($fp)
  1238. {
  1239. fwrite($fp, $xml_info);
  1240. fclose($fp);
  1241. }
  1242. // Install the theme. theme_install() will take care of possible errors.
  1243. $context['to_install']['id'] = theme_install($context['to_install']);
  1244. // return the info.
  1245. return $context['to_install'];
  1246. }
  1247. /**
  1248. * Install a theme from a specific dir
  1249. *
  1250. * Assumes the dir is located on the main Themes dir. Ends execution with fatal_lang_error() on any error.
  1251. * @return array The newly created theme's info.
  1252. */
  1253. function InstallDir()
  1254. {
  1255. global $themedir, $themeurl, $context;
  1256. // Cannot use the theme dir as a theme dir.
  1257. if (!isset($_REQUEST['theme_dir']) || empty($_REQUEST['theme_dir']) || rtrim(realpath($_REQUEST['theme_dir']), '/\\') == realpath($themedir))
  1258. fatal_lang_error('theme_install_invalid_dir', false);
  1259. // Check is there is "something" on the dir.
  1260. elseif (!is_dir($_REQUEST['theme_dir']) || !file_exists($_REQUEST['theme_dir'] . '/theme_info.xml'))
  1261. fatal_lang_error('theme_install_error', false);
  1262. $name = basename($_REQUEST['theme_dir']);
  1263. $name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $name);
  1264. // All good! set some needed vars.
  1265. $context['to_install'] = array(
  1266. 'dir' => $_REQUEST['theme_dir'],
  1267. 'theme_url' => $themeurl . '/' . $name,
  1268. 'name' => $name,
  1269. 'images_url' => $themeurl . '/' . $name . '/images',
  1270. );
  1271. // Read its info form the XML file.
  1272. $theme_info = get_theme_info($context['to_install']['theme_dir']);
  1273. $context['to_install'] += $theme_info;
  1274. // Install the theme. theme_install() will take care of possible errors.
  1275. $context['to_install']['id'] = theme_install($context['to_install']);
  1276. // return the info.
  1277. return $context['to_install'];
  1278. }
  1279. /**
  1280. * Possibly the simplest and best example of how to use the template system.
  1281. * - allows the theme to take care of actions.
  1282. * - happens if $settings['catch_action'] is set and action isn't found
  1283. * in the action array.
  1284. * - can use a template, layers, sub_template, filename, and/or function.
  1285. * @todo look at this
  1286. */
  1287. function WrapAction()
  1288. {
  1289. global $context, $settings, $sourcedir;
  1290. // Load any necessary template(s)?
  1291. if (isset($settings['catch_action']['template']))
  1292. {
  1293. // Load both the template and language file. (but don't fret if the language file isn't there...)
  1294. loadTemplate($settings['catch_action']['template']);
  1295. loadLanguage($settings['catch_action']['template'], '', false);
  1296. }
  1297. // Any special layers?
  1298. if (isset($settings['catch_action']['layers']))
  1299. $context['template_layers'] = $settings['catch_action']['layers'];
  1300. // Just call a function?
  1301. if (isset($settings['catch_action']['function']))
  1302. {
  1303. if (isset($settings['catch_action']['filename']))
  1304. template_include($sourcedir . '/' . $settings['catch_action']['filename'], true);
  1305. $settings['catch_action']['function']();
  1306. }
  1307. // And finally, the main sub template ;).
  1308. elseif (isset($settings['catch_action']['sub_template']))
  1309. $context['sub_template'] = $settings['catch_action']['sub_template'];
  1310. }
  1311. /**
  1312. * Set an option via javascript.
  1313. * - sets a theme option without outputting anything.
  1314. * - can be used with javascript, via a dummy image... (which doesn't require
  1315. * the page to reload.)
  1316. * - requires someone who is logged in.
  1317. * - accessed via ?action=jsoption;var=variable;val=value;session_var=sess_id.
  1318. * - does not log access to the Who's Online log. (in index.php..)
  1319. */
  1320. function SetJavaScript()
  1321. {
  1322. global $settings, $user_info, $smcFunc, $options;
  1323. // Check the session id.
  1324. checkSession('get');
  1325. // This good-for-nothing pixel is being used to keep the session alive.
  1326. if (empty($_GET['var']) || !isset($_GET['val']))
  1327. redirectexit($settings['images_url'] . '/blank.png');
  1328. // Sorry, guests can't go any further than this..
  1329. if ($user_info['is_guest'] || $user_info['id'] == 0)
  1330. obExit(false);
  1331. $reservedVars = array(
  1332. 'actual_theme_url',
  1333. 'actual_images_url',
  1334. 'base_theme_dir',
  1335. 'base_theme_url',
  1336. 'default_images_url',
  1337. 'default_theme_dir',
  1338. 'default_theme_url',
  1339. 'default_template',
  1340. 'images_url',
  1341. 'number_recent_posts',
  1342. 'smiley_sets_default',
  1343. 'theme_dir',
  1344. 'theme_id',
  1345. 'theme_layers',
  1346. 'theme_templates',
  1347. 'theme_url',
  1348. 'name',
  1349. );
  1350. // Can't change reserved vars.
  1351. if (in_array(strtolower($_GET['var']), $reservedVars))
  1352. redirectexit($settings['images_url'] . '/blank.png');
  1353. // Use a specific theme?
  1354. if (isset($_GET['th']) || isset($_GET['id']))
  1355. {
  1356. // Invalidate the current themes cache too.
  1357. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 60);
  1358. $settings['theme_id'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  1359. }
  1360. // If this is the admin preferences the passed value will just be an element of it.
  1361. if ($_GET['var'] == 'admin_preferences')
  1362. {
  1363. $options['admin_preferences'] = !empty($options['admin_preferences']) ? unserialize($options['admin_preferences']) : array();
  1364. // New thingy...
  1365. if (isset($_GET['admin_key']) && strlen($_GET['admin_key']) < 5)
  1366. $options['admin_preferences'][$_GET['admin_key']] = $_GET['val'];
  1367. // Change the value to be something nice,
  1368. $_GET['val'] = serialize($options['admin_preferences']);
  1369. }
  1370. // Update the option.
  1371. $smcFunc['db_insert']('replace',
  1372. '{db_prefix}themes',
  1373. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  1374. array($settings['theme_id'], $user_info['id'], $_GET['var'], is_array($_GET['val']) ? implode(',', $_GET['val']) : $_GET['val']),
  1375. array('id_theme', 'id_member', 'variable')
  1376. );
  1377. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 60);
  1378. // Don't output anything...
  1379. redirectexit($settings['images_url'] . '/blank.png');
  1380. }
  1381. /**
  1382. * Shows an interface for editing the templates.
  1383. * - uses the Themes template and edit_template/edit_style sub template.
  1384. * - accessed via ?action=admin;area=theme;sa=edit
  1385. */
  1386. function EditTheme()
  1387. {
  1388. global $context, $settings, $scripturl, $boarddir, $smcFunc;
  1389. // @todo Should this be removed?
  1390. if (isset($_REQUEST['preview']))
  1391. die('die() with fire');
  1392. isAllowedTo('admin_forum');
  1393. loadTemplate('Themes');
  1394. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) @$_GET['id'];
  1395. if (empty($_GET['th']))
  1396. {
  1397. get_all_themes();
  1398. foreach ($context['themes'] as $key => $theme)
  1399. {
  1400. // There has to be a Settings template!
  1401. if (!file_exists($theme['theme_dir'] . '/index.template.php') && !file_exists($theme['theme_dir'] . '/css/index.css'))
  1402. unset($context['themes'][$key]);
  1403. else
  1404. $context['themes'][$key]['can_edit_style'] = file_exists($theme['theme_dir'] . '/css/index.css');
  1405. }
  1406. $context['sub_template'] = 'edit_list';
  1407. return 'no_themes';
  1408. }
  1409. $context['session_error'] = false;
  1410. // Get the directory of the theme we are editing.
  1411. $currentTheme = get_single_theme($_GET['th']);
  1412. $context['theme_id'] = $currentTheme['id'];
  1413. if (!file_exists($currentTheme['theme_dir'] . '/index.template.php') && !file_exists($currentTheme['theme_dir'] . '/css/index.css'))
  1414. fatal_lang_error('theme_edit_missing', false);
  1415. if (!isset($_REQUEST['filename']))
  1416. {
  1417. if (isset($_GET['directory']))
  1418. {
  1419. if (substr($_GET['directory'], 0, 1) == '.')
  1420. $_GET['directory'] = '';
  1421. else
  1422. {
  1423. $_GET['directory'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_GET['directory']);
  1424. $temp = realpath($currentTheme['theme_dir'] . '/' . $_GET['directory']);
  1425. if (empty($temp) || substr($temp, 0, strlen(realpath($theme_dir))) != realpath($theme_dir))
  1426. $_GET['directory'] = '';
  1427. }
  1428. }
  1429. if (isset($_GET['directory']) && $_GET['directory'] != '')
  1430. {
  1431. $context['theme_files'] = get_file_listing($currentTheme['theme_dir'] . '/' . $_GET['directory'], $_GET['directory'] . '/');
  1432. $temp = dirname($_GET['directory']);
  1433. array_unshift($context['theme_files'], array(
  1434. 'filename' => $temp == '.' || $temp == '' ? '/ (..)' : $temp . ' (..)',
  1435. 'is_writable' => is_writable($currentTheme['theme_dir'] . '/' . $temp),
  1436. 'is_directory' => true,
  1437. 'is_template' => false,
  1438. 'is_image' => false,
  1439. 'is_editable' => false,
  1440. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $temp,
  1441. 'size' => '',
  1442. ));
  1443. }
  1444. else
  1445. $context['theme_files'] = get_file_listing($currentTheme['theme_dir'], '');
  1446. $context['sub_template'] = 'edit_browse';
  1447. return;
  1448. }
  1449. else
  1450. {
  1451. if (substr($_REQUEST['filename'], 0, 1) == '.')
  1452. $_REQUEST['filename'] = '';
  1453. else
  1454. {
  1455. $_REQUEST['filename'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_REQUEST['filename']);
  1456. $temp = realpath($currentTheme['theme_dir'] . '/' . $_REQUEST['filename']);
  1457. if (empty($temp) || substr($temp, 0, strlen(realpath($theme_dir))) != realpath($currentTheme['theme_dir']))
  1458. $_REQUEST['filename'] = '';
  1459. }
  1460. if (empty($_REQUEST['filename']))
  1461. fatal_lang_error('theme_edit_missing', false);
  1462. }
  1463. if (isset($_POST['save']))
  1464. {
  1465. if (checkSession('post', '', false) == '' && validateToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']), 'post', false) == true)
  1466. {
  1467. if (is_array($_POST['entire_file']))
  1468. $_POST['entire_file'] = implode("\n", $_POST['entire_file']);
  1469. $_POST['entire_file'] = rtrim(strtr($_POST['entire_file'], array("\r" => '', ' ' => "\t")));
  1470. // Check for a parse error!
  1471. if (substr($_REQUEST['filename'], -13) == '.template.php' && is_writable($currentTheme['theme_dir']) && ini_get('display_errors'))
  1472. {
  1473. $fp = fopen($currentTheme['theme_dir'] . '/tmp_' . session_id() . '.php', 'w');
  1474. fwrite($fp, $_POST['entire_file']);
  1475. fclose($fp);
  1476. $error = @file_get_contents($currentTheme['theme_url'] . '/tmp_' . session_id() . '.php');
  1477. if (preg_match('~ <b>(\d+)</b><br( /)?' . '>$~i', $error) != 0)
  1478. $error_file = $currentTheme['theme_dir'] . '/tmp_' . session_id() . '.php';
  1479. else
  1480. unlink($currentTheme['theme_dir'] . '/tmp_' . session_id() . '.php');
  1481. }
  1482. if (!isset($error_file))
  1483. {
  1484. $fp = fopen($currentTheme['theme_dir'] . '/' . $_REQUEST['filename'], 'w');
  1485. fwrite($fp, $_POST['entire_file']);
  1486. fclose($fp);
  1487. redirectexit('action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . dirname($_REQUEST['filename']));
  1488. }
  1489. }
  1490. // Session timed out.
  1491. else
  1492. {
  1493. loadLanguage('Errors');
  1494. $context['session_error'] = true;
  1495. $context['sub_template'] = 'edit_file';
  1496. // Recycle the submitted data.
  1497. if (is_array($_POST['entire_file']))
  1498. $context['entire_file'] = $smcFunc['htmlspecialchars'](implode("\n", $_POST['entire_file']));
  1499. else
  1500. $context['entire_file'] = $smcFunc['htmlspecialchars']($_POST['entire_file']);
  1501. $context['edit_filename'] = $smcFunc['htmlspecialchars']($_POST['filename']);
  1502. // You were able to submit it, so it's reasonable to assume you are allowed to save.
  1503. $context['allow_save'] = true;
  1504. // Re-create the token so that it can be used
  1505. createToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']));
  1506. return;
  1507. }
  1508. }
  1509. $context['allow_save'] = is_writable($currentTheme['theme_dir'] . '/' . $_REQUEST['filename']);
  1510. $context['allow_save_filename'] = strtr($currentTheme['theme_dir'] . '/' . $_REQUEST['filename'], array($boarddir => '...'));
  1511. $context['edit_filename'] = $smcFunc['htmlspecialchars']($_REQUEST['filename']);
  1512. if (substr($_REQUEST['filename'], -4) == '.css')
  1513. {
  1514. $context['sub_template'] = 'edit_style';
  1515. $context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(file_get_contents($currentTheme['theme_dir'] . '/' . $_REQUEST['filename']), array("\t" => ' ')));
  1516. }
  1517. elseif (substr($_REQUEST['filename'], -13) == '.template.php')
  1518. {
  1519. $context['sub_template'] = 'edit_template';
  1520. if (!isset($error_file))
  1521. $file_data = file($currentTheme['theme_dir'] . '/' . $_REQUEST['filename']);
  1522. else
  1523. {
  1524. if (preg_match('~(<b>.+?</b>:.+?<b>).+?(</b>.+?<b>\d+</b>)<br( /)?' . '>$~i', $error, $match) != 0)
  1525. $context['parse_error'] = $match[1] . $_REQUEST['filename'] . $match[2];
  1526. $file_data = file($error_file);
  1527. unlink($error_file);
  1528. }
  1529. $j = 0;
  1530. $context['file_parts'] = array(array('lines' => 0, 'line' => 1, 'data' => ''));
  1531. for ($i = 0, $n = count($file_data); $i < $n; $i++)
  1532. {
  1533. if (isset($file_data[$i + 1]) && substr($file_data[$i + 1], 0, 9) == 'function ')
  1534. {
  1535. // Try to format the functions a little nicer...
  1536. $context['file_parts'][$j]['data'] = trim($context['file_parts'][$j]['data']) . "\n";
  1537. if (empty($context['file_parts'][$j]['lines']))
  1538. unset($context['file_parts'][$j]);
  1539. $context['file_parts'][++$j] = array('lines' => 0, 'line' => $i + 1, 'data' => '');
  1540. }
  1541. $context['file_parts'][$j]['lines']++;
  1542. $context['file_parts'][$j]['data'] .= $smcFunc['htmlspecialchars'](strtr($file_data[$i], array("\t" => ' ')));
  1543. }
  1544. $context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(implode('', $file_data), array("\t" => ' ')));
  1545. }
  1546. else
  1547. {
  1548. $context['sub_template'] = 'edit_file';
  1549. $context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(file_get_contents($theme_dir . '/' . $_REQUEST['filename']), array("\t" => ' ')));
  1550. }
  1551. // Create a special token to allow editing of multiple files.
  1552. createToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']));
  1553. }
  1554. /**
  1555. * Makes a copy of a template file in a new location
  1556. * @uses Themes template, copy_template sub-template.
  1557. */
  1558. function CopyTemplate()
  1559. {
  1560. global $context, $settings, $smcFunc;
  1561. isAllowedTo('admin_forum');
  1562. loadTemplate('Themes');
  1563. $context[$context['admin_menu_name']]['current_subsection'] = 'edit';
  1564. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  1565. if (empty($_GET['th']))
  1566. fatal_lang_error('theme_install_invalid_id');
  1567. // Get the theme info.
  1568. $theme = get_single_theme($_GET['th']);
  1569. $context['theme_id'] = $theme['id'];
  1570. if (isset($_REQUEST['template']) && preg_match('~[\./\\\\:\0]~', $_REQUEST['template']) == 0)
  1571. {
  1572. if (file_exists($settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php'))
  1573. $filename = $settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php';
  1574. else
  1575. fatal_lang_error('no_access', false);
  1576. $fp = fopen($theme['theme_dir'] . '/' . $_REQUEST['template'] . '.template.php', 'w');
  1577. fwrite($fp, file_get_contents($filename));
  1578. fclose($fp);
  1579. redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
  1580. }
  1581. elseif (isset($_REQUEST['lang_file']) && preg_match('~^[^\./\\\\:\0]\.[^\./\\\\:\0]$~', $_REQUEST['lang_file']) != 0)
  1582. {
  1583. if (file_exists($settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php'))
  1584. $filename = $settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php';
  1585. else
  1586. fatal_lang_error('no_access', false);
  1587. $fp = fopen($theme['theme_dir'] . '/languages/' . $_REQUEST['lang_file'] . '.php', 'w');
  1588. fwrite($fp, file_get_contents($filename));
  1589. fclose($fp);
  1590. redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
  1591. }
  1592. $templates = array();
  1593. $lang_files = array();
  1594. $dir = dir($settings['default_theme_dir']);
  1595. while ($entry = $dir->read())
  1596. {
  1597. if (substr($entry, -13) == '.template.php')
  1598. $templates[] = substr($entry, 0, -13);
  1599. }
  1600. $dir->close();
  1601. $dir = dir($settings['default_theme_dir'] . '/languages');
  1602. while ($entry = $dir->read())
  1603. {
  1604. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches))
  1605. $lang_files[] = $matches[1];
  1606. }
  1607. $dir->close();
  1608. natcasesort($templates);
  1609. natcasesort($lang_files);
  1610. $context['available_templates'] = array();
  1611. foreach ($templates as $template)
  1612. $context['available_templates'][$template] = array(
  1613. 'filename' => $template . '.template.php',
  1614. 'value' => $template,
  1615. 'already_exists' => false,
  1616. 'can_copy' => is_writable($theme['theme_dir']),
  1617. );
  1618. $context['available_language_files'] = array();
  1619. foreach ($lang_files as $file)
  1620. $context['available_language_files'][$file] = array(
  1621. 'filename' => $file . '.php',
  1622. 'value' => $file,
  1623. 'already_exists' => false,
  1624. 'can_copy' => file_exists($theme['theme_dir'] . '/languages') ? is_writable($theme['theme_dir'] . '/languages') : is_writable($theme['theme_dir']),
  1625. );
  1626. $dir = dir($theme['theme_dir']);
  1627. while ($entry = $dir->read())
  1628. {
  1629. if (substr($entry, -13) == '.template.php' && isset($context['available_templates'][substr($entry, 0, -13)]))
  1630. {
  1631. $context['available_templates'][substr($entry, 0, -13)]['already_exists'] = true;
  1632. $context['available_templates'][substr($entry, 0, -13)]['can_copy'] = is_writable($theme['theme_dir'] . '/' . $entry);
  1633. }
  1634. }
  1635. $dir->close();
  1636. if (file_exists($theme['theme_dir'] . '/languages'))
  1637. {
  1638. $dir = dir($theme['theme_dir'] . '/languages');
  1639. while ($entry = $dir->read())
  1640. {
  1641. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches) && isset($context['available_language_files'][$matches[1]]))
  1642. {
  1643. $context['available_language_files'][$matches[1]]['already_exists'] = true;
  1644. $context['available_language_files'][$matches[1]]['can_copy'] = is_writable($theme['theme_dir'] . '/languages/' . $entry);
  1645. }
  1646. }
  1647. $dir->close();
  1648. }
  1649. $context['sub_template'] = 'copy_template';
  1650. }
  1651. ?>