function get_all_themes()

tokens and move back the settings block

Signed-off-by: Suki <[email protected]>

Sources/Subs-Themes.php

@@ -56,14 +56,72 @@ function get_single_theme($id)
 	return $single;
 }
 
+function get_all_themes()
+{
+	global $modSettings, $context, $smcFunc;
+
+	// Make our known themes a little easier to work with.
+	$knownThemes = !empty($modSettings['knownThemes']) ? explode(',',$modSettings['knownThemes']) : array();
+
+	$request = $smcFunc['db_query']('', '
+		SELECT id_theme, variable, value
+		FROM {db_prefix}themes
+		WHERE variable IN ({string:name}, {string:version}, {string:theme_dir}, {string:theme_url}, {string:images_url})
+			AND id_member = {int:no_member}',
+		array(
+			'no_member' => 0,
+			'name' => 'name',
+			'version' => 'version',
+			'theme_dir' => 'theme_dir',
+			'theme_url' => 'theme_url',
+			'images_url' => 'images_url',
+		)
+	);
+	$context['themes'] = array();
+	while ($row = $smcFunc['db_fetch_assoc']($request))
+	{
+		if (!isset($context['themes'][$row['id_theme']]))
+			$context['themes'][$row['id_theme']] = array(
+				'id' => $row['id_theme'],
+				'name' => $row['value'],
+				'known' => in_array($row['id_theme'], $knownThemes),
+			);
+		$context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
+	}
+	$smcFunc['db_free_result']($request);
+
+	foreach ($context['themes'] as $i => $theme)
+	{
+		$context['themes'][$i]['theme_dir'] = realpath($context['themes'][$i]['theme_dir']);
+
+		// Fetch the version if there isn't one stored on the DB. @todo get it from the .xml file.
+		if (empty($context['themes'][$i]['version']) && file_exists($context['themes'][$i]['theme_dir'] . '/index.template.php'))
+		{
+			// Fetch the header... a good 256 bytes should be more than enough.
+			$fp = fopen($context['themes'][$i]['theme_dir'] . '/index.template.php', 'rb');
+			$header = fread($fp, 256);
+			fclose($fp);
+
+			// Can we find a version comment, at all?
+			if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
+				$context['themes'][$i]['version'] = $match[1];
+		}
+
+		$context['themes'][$i]['valid_path'] = file_exists($context['themes'][$i]['theme_dir']) && is_dir($context['themes'][$i]['theme_dir']);
+	}
+
+	return $context['themes'];
+}
+
 function get_theme_info($path)
 {
-	global $sourcedir, $forum_version;
+	global $sourcedir, $forum_version, $explicit_images;
 
 	if (empty($path))
 		return false;
 
 	$xml_data = array();
+	$explicit_images = false;
 
 	// Parse theme-info.xml into an xmlArray.
 	require_once($sourcedir . '/Class-Package.php');
@@ -101,13 +159,22 @@ function get_theme_info($path)
 		if (!empty($theme_info_xml[$name]))
 			$xml_data[$var] = $theme_info_xml[$name];
 
+	if (!empty($theme_info_xml['images']))
+	{
+		$xml_data['images_url'] = $path . '/' . $theme_info_xml['images'];
+		$explicit_images = true;
+	}
+
+	if (!empty($theme_info_xml['extra']))
+		$xml_data += unserialize($theme_info_xml['extra']);
+
 	return $xml_data;
 }
 
 function theme_install($to_install = array())
 {
 	global $sourcedir, $txt, $context, $boarddir, $boardurl;
-	global $themedir, $themeurl;
+	global $themedir, $themeurl, $explicit_images;
 
 	// External use? no problem!
 	if ($to_install)
@@ -184,20 +251,11 @@ function theme_install($to_install = array())
 					);
 
 					// Do a redirect and set a nice updated message.
-					redirectexit('action=admin;area=theme;sa=install;theme_id=' . $to_update['id_theme'] . ';updated;' . $context['session_var'] . '=' . $context['session_id']);
-					break;
+					return $to_update['id_theme'];
+					break; // Just for reference.
 			}
 	}
 
-	if (!empty($theme_info_xml['images']))
-	{
-		$context['to_install']['images_url'] = $context['to_install']['theme_url'] . '/' . $theme_info_xml['images'];
-		$explicit_images = true;
-	}
-
-	if (!empty($theme_info_xml['extra']))
-		$context['to_install'] += unserialize($theme_info_xml['extra']);
-
 	if (isset($context['to_install']['based_on']))
 	{
 		// No need for elaborated stuff when the theme is based on the default one.
@@ -280,6 +338,8 @@ function theme_install($to_install = array())
 		);
 
 	updateSettings(array('knownThemes' => strtr($modSettings['knownThemes'] . ',' . $id_theme, array(',,' => ','))));
+
+	return $id_theme;
 }
 
 ?>

Sources/Themes.php

@@ -43,7 +43,7 @@ if (!defined('SMF'))
  */
 function ThemesMain()
 {
-	global $txt, $context, $scripturl;
+	global $txt, $context, $scripturl, $sourcedir;
 
 	// Load the important language files...
 	loadLanguage('Themes');
@@ -53,6 +53,8 @@ function ThemesMain()
 	// No funny business - guests only.
 	is_not_guest();
 
+	require_once($sourcedir . '/Subs-Themes.php');
+
 	// Default the page title to Theme Administration by default.
 	$context['page_title'] = $txt['themeadmin_title'];
 
@@ -77,12 +79,12 @@ function ThemesMain()
 			'help' => 'themes',
 			'description' => $txt['themeadmin_description'],
 			'tabs' => array(
-				'admin' => array(
-					'description' => $txt['themeadmin_admin_desc'],
-				),
 				'list' => array(
 					'description' => $txt['themeadmin_list_desc'],
 				),
+				'admin' => array(
+					'description' => $txt['themeadmin_admin_desc'],
+				),
 				'reset' => array(
 					'description' => $txt['themeadmin_reset_desc'],
 				),
@@ -97,7 +99,7 @@ function ThemesMain()
 	if (isset($_GET['sa']) && !empty($subActions[$_GET['sa']]))
 		$subActions[$_GET['sa']]();
 	else
-		$subActions['admin']();
+		$subActions['list']();
 }
 
 /**
@@ -112,30 +114,35 @@ function ThemesMain()
  */
 function ThemeAdmin()
 {
-	global $context, $boarddir, $modSettings, $smcFunc;
+	global $context, $boarddir, $modSettings, $smcFunc, $sourcedir;
+
+	require_once($sourcedir . '/Subs-Package.php');
 
 	loadLanguage('Admin');
 	isAllowedTo('admin_forum');
+	loadTemplate('Themes');
 
-	// If we aren't submitting - that is, if we are about to...
-	if (!isset($_POST['save']))
-	{
-		loadTemplate('Themes');
+	// List all installed themes.
+	get_all_themes();
 
-		// Can we create a new theme?
-		$context['can_create_new'] = is_writable($boarddir . '/Themes');
-		$context['new_theme_dir'] = substr(realpath($boarddir . '/Themes/default'), 0, -7);
+	// Can we create a new theme?
+	$context['can_create_new'] = is_writable($boarddir . '/Themes');
+	$context['new_theme_dir'] = substr(realpath($boarddir . '/Themes/default'), 0, -7);
 
-		// Look for a non existent theme directory. (ie theme87.)
-		$theme_dir = $boarddir . '/Themes/theme';
-		$i = 1;
-		while (file_exists($theme_dir . $i))
-			$i++;
-		$context['new_theme_name'] = 'theme' . $i;
+	// Look for a non existent theme directory. (ie theme87.)
+	$theme_dir = $boarddir . '/Themes/theme';
+	$i = 1;
+	while (file_exists($theme_dir . $i))
+		$i++;
+	$context['new_theme_name'] = 'theme' . $i;
 
-		createToken('admin-tm');
-	}
-	else
+	// A bunch of tokens for a bunch of forms.
+	createToken('admin-tm');
+	createToken('admin-t-file');
+	createToken('admin-t-copy');
+	createToken('admin-t-dir');
+
+	if (isset($_POST['save']))
 	{
 		checkSession();
 		validateToken('admin-tm');
@@ -236,61 +243,13 @@ function ThemeList()
 
 	loadTemplate('Themes');
 
-	// Make our known themes a little easier to work with.
-	$knownThemes = !empty($modSettings['knownThemes']) ? explode(',',$modSettings['knownThemes']) : array();
-
-	$request = $smcFunc['db_query']('', '
-		SELECT id_theme, variable, value
-		FROM {db_prefix}themes
-		WHERE variable IN ({string:name}, {string:version}, {string:theme_dir}, {string:theme_url}, {string:images_url})
-			AND id_member = {int:no_member}',
-		array(
-			'no_member' => 0,
-			'name' => 'name',
-			'version' => 'version',
-			'theme_dir' => 'theme_dir',
-			'theme_url' => 'theme_url',
-			'images_url' => 'images_url',
-		)
-	);
-	$context['themes'] = array();
-	while ($row = $smcFunc['db_fetch_assoc']($request))
-	{
-		if (!isset($context['themes'][$row['id_theme']]))
-			$context['themes'][$row['id_theme']] = array(
-				'id' => $row['id_theme'],
-				'name' => $row['value'],
-				'known' => in_array($row['id_theme'], $knownThemes),
-			);
-		$context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
-	}
-	$smcFunc['db_free_result']($request);
-
-	foreach ($context['themes'] as $i => $theme)
-	{
-		$context['themes'][$i]['theme_dir'] = realpath($context['themes'][$i]['theme_dir']);
-
-		// Fetch the version if there isn't one stored on te DB.
-		if (empty($context['themes'][$i]['version']) && file_exists($context['themes'][$i]['theme_dir'] . '/index.template.php'))
-		{
-			// Fetch the header... a good 256 bytes should be more than enough.
-			$fp = fopen($context['themes'][$i]['theme_dir'] . '/index.template.php', 'rb');
-			$header = fread($fp, 256);
-			fclose($fp);
-
-			// Can we find a version comment, at all?
-			if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
-				$context['themes'][$i]['version'] = $match[1];
-		}
-
-		$context['themes'][$i]['valid_path'] = file_exists($context['themes'][$i]['theme_dir']) && is_dir($context['themes'][$i]['theme_dir']);
-	}
+	// Get all installed themes.
+	get_all_themes();
 
 	$context['reset_dir'] = realpath($boarddir . '/Themes');
 	$context['reset_url'] = $boardurl . '/Themes';
 
 	$context['sub_template'] = 'list_themes';
-	createToken('admin-ti');
 	createToken('admin-tl');
 	createToken('admin-tr', 'request');
 }
@@ -1273,13 +1232,14 @@ function PickTheme()
 function ThemeInstall()
 {
 	global $sourcedir, $txt, $context, $boarddir, $boardurl;
-	global $themedir, $themeurl;
+	global $themedir, $themeurl, $smcFunc;
 
 	checkSession('request');
 	isAllowedTo('admin_forum');
 
-	require_once($sourcedir . '/Subs-Package.php');
-	require_once($sourcedir . '/Subs-Themes.php');
+	// Make it easier to change the path and url.
+	$themedir = $boarddir . '/Themes';
+	$themeurl = $boardurl . '/Themes';
 
 	loadTemplate('Themes');
 
@@ -1290,27 +1250,23 @@ function ThemeInstall()
 	);
 
 	// Is there a function to call?
-	if (isset($_GET['do']) && empty($_GET['do']) && isset($subActions[$_GET['do']]))
+	if (isset($_GET['do']) && !empty($_GET['do']) && isset($subActions[$_GET['do']]))
 	{
+		$action = $smcFunc['htmlspecialchars'](trim($_GET['do']));
+
+		validateToken('admin-t-'. $action);
+
 		// Hopefully the themes directory is writable, or we might have a problem.
 		if (!is_writable($themedir))
 			fatal_lang_error('theme_install_write_error', 'critical');
 
 		// Call the function and handle the result.
-		$result = $subActions[$_GET['do']]();
-
-		// Safety.
-		$context['error_message'] = false;
-		$context['installed_theme'] = false;
-		$context['sub_template'] = 'installed';
-
-		// Make it easier to change the path and url.
-		$themedir = $boarddir . '/Themes';
-		$themeurl = $boardurl . '/Themes';
+		$result = $subActions[$action]();
 
 		// Everything went better than expected!
 		if (!empty($result) && true == $result)
 		{
+			$context['sub_template'] = 'installed';
 			$context['page_title'] = $txt['theme_installed'];
 			$context['installed_theme'] = get_single_theme($result);
 		}
@@ -1365,14 +1321,14 @@ function InstallFile()
 
 function InstallCopy()
 {
-	global $thmedir, $settings;
+	global $themedir, $settings;
 
 	// There's gotta be something to work with.
-	if (!isset($_REQUEST['copy']) || empty($_REQUEST['copy']))
+	if (!isset($_POST['copy']) || empty($_POST['copy']))
 		fatal_lang_error('theme_install_error_title', false);
 
 	// Get a cleaner version.
-	$name = preg_replace('~[^A-Za-z0-9_\- ]~', '', $_REQUEST['copy']);
+	$name = preg_replace('~[^A-Za-z0-9_\- ]~', '', $_POST['copy']);
 
 	$context['to_install'] = array(
 		'dir' => $themedir . '/' . $name,

Themes/default/Themes.template.php

@@ -18,6 +18,82 @@ function template_main()
 	echo '
 	<div id="admincenter">';
 
+	echo '
+		<form action="', $scripturl, '?action=admin;area=theme;sa=admin" method="post" accept-charset="', $context['character_set'], '">
+			<div class="cat_bar">
+				<h3 class="catbg">',
+					$txt['settings'], '
+				</h3>
+			</div>
+			<div class="windowbg2">
+				<div class="content">
+					<dl class="settings">
+						<dt>
+							<label for="options-theme_allow"> ', $txt['theme_allow'], '</label>
+						</dt>
+						<dd>
+							<input type="checkbox" name="options[theme_allow]" id="options-theme_allow" value="1"', !empty($modSettings['theme_allow']) ? ' checked="checked"' : '', ' class="input_check" />
+						</dd>
+						<dt>
+							<label for="known_themes_list">', $txt['themeadmin_selectable'], '</label>:
+						</dt>
+						<dd>
+							<div id="known_themes_list">';
+
+	foreach ($context['themes'] as $theme)
+		echo '
+								<label for="options-known_themes_', $theme['id'], '"><input type="checkbox" name="options[known_themes][]" id="options-known_themes_', $theme['id'], '" value="', $theme['id'], '"', $theme['known'] ? ' checked="checked"' : '', ' class="input_check" /> ', $theme['name'], '</label><br />';
+
+		echo '
+							</div>
+							<a href="javascript:void(0);" onclick="document.getElementById(\'known_themes_list\').style.display=\'block\'; document.getElementById(\'known_themes_link\').style.display = \'none\'; return false; " id="known_themes_link" style="display: none;">[ ', $txt['themeadmin_themelist_link'], ' ]</a>
+							<script type="text/javascript"><!-- // --><![CDATA[
+								document.getElementById("known_themes_list").style.display = "none";
+								document.getElementById("known_themes_link").style.display = "";
+							// ]]></script>
+						</dd>
+						<dt>
+							<label for="theme_guests">', $txt['theme_guests'], ':</label>
+						</dt>
+						<dd>
+							<select name="options[theme_guests]" id="theme_guests">';
+
+	// Put an option for each theme in the select box.
+	foreach ($context['themes'] as $theme)
+		echo '
+								<option value="', $theme['id'], '"', $modSettings['theme_guests'] == $theme['id'] ? ' selected="selected"' : '', '>', $theme['name'], '</option>';
+
+	echo '
+							</select>
+							<span class="smalltext pick_theme"><a href="', $scripturl, '?action=theme;sa=pick;u=-1;', $context['session_var'], '=', $context['session_id'], '">', $txt['theme_select'], '</a></span>
+						</dd>
+						<dt>
+							<label for="theme_reset">', $txt['theme_reset'], '</label>:
+						</dt>
+						<dd>
+							<select name="theme_reset" id="theme_reset">
+								<option value="-1" selected="selected">', $txt['theme_nochange'], '</option>
+								<option value="0">', $txt['theme_forum_default'], '</option>';
+
+	// Same thing, this time for changing the theme of everyone.
+	foreach ($context['themes'] as $theme)
+		echo '
+								<option value="', $theme['id'], '">', $theme['name'], '</option>';
+
+	echo '
+							</select>
+							<span class="smalltext pick_theme"><a href="', $scripturl, '?action=theme;sa=pick;u=0;', $context['session_var'], '=', $context['session_id'], '">', $txt['theme_select'], '</a></span>
+						</dd>
+					</dl>
+					<input type="submit" name="save" value="' . $txt['save'] . '" class="button_submit" />
+					<input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '" />
+					<input type="hidden" name="', $context['admin-tm_token_var'], '" value="', $context['admin-tm_token'], '" />
+					<input type="hidden" value="0" name="options[theme_allow]" />
+				</div>
+			</div>
+		</form>
+		<br />';
+
 	// Theme install info.
 	echo '
 		<div class="cat_bar">
@@ -64,9 +140,10 @@ function template_main()
 				</h3>
 			</div>
 			<div class="content">
-				<form action="', $scripturl, '?action=admin;area=theme;sa=admin;do=file" method="post" accept-charset="', $context['character_set'], '" enctype="multipart/form-data">
+				<form action="', $scripturl, '?action=admin;area=theme;sa=install;do=file" method="post" accept-charset="', $context['character_set'], '" enctype="multipart/form-data">
+					<input type="hidden" name="', $context['admin-t-file_token_var'], '" value="', $context['admin-t-file_token'], '" />
 					<input type="file" name="theme_gz" id="theme_gz" value="theme_gz" size="40" onchange="this.form.copy.disabled = this.value != \'\'; this.form.theme_dir.disabled = this.value != \'\';" class="input_file" />
-					<input type="submit" name="save" value="' . $txt['save'] . '" class="button_submit" />
+					<input type="submit" name="save_file" value="' . $txt['save'] . '" class="button_submit" />
 				</form>
 			</div>';
 
@@ -79,9 +156,10 @@ function template_main()
 				</h3>
 			</div>
 			<div class="content">
-				<form action="', $scripturl, '?action=admin;area=theme;sa=admin;do=copy" method="post" accept-charset="', $context['character_set'], '">
+				<form action="', $scripturl, '?action=admin;area=theme;sa=install;do=copy" method="post" accept-charset="', $context['character_set'], '">
+					<input type="hidden" name="', $context['admin-t-copy_token_var'], '" value="', $context['admin-t-copy_token'], '" />
 					<input type="text" name="copy" id="copy" value="', $context['new_theme_name'], '" size="40" class="input_text" />
-					<input type="submit" name="save" value="' . $txt['save'] . '" class="button_submit" />
+					<input type="submit" name="save_copy" value="' . $txt['save'] . '" class="button_submit" />
 				</form>
 			</div>';
 	}
@@ -95,9 +173,10 @@ function template_main()
 				</h3>
 			</div>
 			<div class="content">
-				<form action="', $scripturl, '?action=admin;area=theme;sa=admin;do=dir" method="post" accept-charset="', $context['character_set'], '">
+				<form action="', $scripturl, '?action=admin;area=theme;sa=install;do=dir" method="post" accept-charset="', $context['character_set'], '">
+					<input type="hidden" name="', $context['admin-t-dir_token_var'], '" value="', $context['admin-t-dir_token'], '" />
 					<input type="text" name="theme_dir" id="theme_dir" value="', $context['new_theme_dir'], '" size="40" style="width: 40%;" class="input_text" />
-					<input type="submit" name="save" value="' . $txt['save'] . '" class="button_submit" />
+					<input type="submit" name="save_dir" value="' . $txt['save'] . '" class="button_submit" />
 				</form>
 			</div>';
 
@@ -124,82 +203,6 @@ function template_list_themes()
 	echo '
 	<div id="admincenter">';
 
-	echo '
-		<form action="', $scripturl, '?action=admin;area=theme;sa=admin" method="post" accept-charset="', $context['character_set'], '">
-			<div class="cat_bar">
-				<h3 class="catbg">',
-					$txt['settings'], '
-				</h3>
-			</div>
-			<div class="windowbg2">
-				<div class="content">
-					<dl class="settings">
-						<dt>
-							<label for="options-theme_allow"> ', $txt['theme_allow'], '</label>
-						</dt>
-						<dd>
-							<input type="checkbox" name="options[theme_allow]" id="options-theme_allow" value="1"', !empty($modSettings['theme_allow']) ? ' checked="checked"' : '', ' class="input_check" />
-						</dd>
-						<dt>
-							<label for="known_themes_list">', $txt['themeadmin_selectable'], '</label>:
-						</dt>
-						<dd>
-							<div id="known_themes_list">';
-
-	foreach ($context['themes'] as $theme)
-		echo '
-								<label for="options-known_themes_', $theme['id'], '"><input type="checkbox" name="options[known_themes][]" id="options-known_themes_', $theme['id'], '" value="', $theme['id'], '"', $theme['known'] ? ' checked="checked"' : '', ' class="input_check" /> ', $theme['name'], '</label><br />';
-
-		echo '
-							</div>
-							<a href="javascript:void(0);" onclick="document.getElementById(\'known_themes_list\').style.display=\'block\'; document.getElementById(\'known_themes_link\').style.display = \'none\'; return false; " id="known_themes_link" style="display: none;">[ ', $txt['themeadmin_themelist_link'], ' ]</a>
-							<script type="text/javascript"><!-- // --><![CDATA[
-								document.getElementById("known_themes_list").style.display = "none";
-								document.getElementById("known_themes_link").style.display = "";
-							// ]]></script>
-						</dd>
-						<dt>
-							<label for="theme_guests">', $txt['theme_guests'], ':</label>
-						</dt>
-						<dd>
-							<select name="options[theme_guests]" id="theme_guests">';
-
-	// Put an option for each theme in the select box.
-	foreach ($context['themes'] as $theme)
-		echo '
-								<option value="', $theme['id'], '"', $modSettings['theme_guests'] == $theme['id'] ? ' selected="selected"' : '', '>', $theme['name'], '</option>';
-
-	echo '
-							</select>
-							<span class="smalltext pick_theme"><a href="', $scripturl, '?action=theme;sa=pick;u=-1;', $context['session_var'], '=', $context['session_id'], '">', $txt['theme_select'], '</a></span>
-						</dd>
-						<dt>
-							<label for="theme_reset">', $txt['theme_reset'], '</label>:
-						</dt>
-						<dd>
-							<select name="theme_reset" id="theme_reset">
-								<option value="-1" selected="selected">', $txt['theme_nochange'], '</option>
-								<option value="0">', $txt['theme_forum_default'], '</option>';
-
-	// Same thing, this time for changing the theme of everyone.
-	foreach ($context['themes'] as $theme)
-		echo '
-								<option value="', $theme['id'], '">', $theme['name'], '</option>';
-
-	echo '
-							</select>
-							<span class="smalltext pick_theme"><a href="', $scripturl, '?action=theme;sa=pick;u=0;', $context['session_var'], '=', $context['session_id'], '">', $txt['theme_select'], '</a></span>
-						</dd>
-					</dl>
-					<input type="submit" name="save" value="' . $txt['save'] . '" class="button_submit" />
-					<input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '" />
-					<input type="hidden" name="', $context['admin-ti_token_var'], '" value="', $context['admin-ti_token'], '" />
-					<input type="hidden" value="0" name="options[theme_allow]" />
-				</div>
-			</div>
-		</form>
-		<br />';
-
 	echo '
 		<div class="cat_bar">
 			<h3 class="catbg">', $txt['themeadmin_list_heading'], '</h3>