Themes.php 68 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111
  1. <?php
  2. /**
  3. * This file concerns itself almost completely with theme administration.
  4. * Its tasks include changing theme settings, installing and removing
  5. * themes, choosing the current theme, and editing themes.
  6. *
  7. * @todo Update this for the new package manager?
  8. *
  9. * Creating and distributing theme packages:
  10. * There isn't that much required to package and distribute your own themes...
  11. * just do the following:
  12. * - create a theme_info.xml file, with the root element theme-info.
  13. * - its name should go in a name element, just like description.
  14. * - your name should go in author. (email in the email attribute.)
  15. * - any support website for the theme should be in website.
  16. * - layers and templates (non-default) should go in those elements ;).
  17. * - if the images dir isn't images, specify in the images element.
  18. * - any extra rows for themes should go in extra, serialized. (as in array(variable => value).)
  19. * - tar and gzip the directory - and you're done!
  20. * - please include any special license in a license.txt file.
  21. *
  22. * Simple Machines Forum (SMF)
  23. *
  24. * @package SMF
  25. * @author Simple Machines http://www.simplemachines.org
  26. * @copyright 2013 Simple Machines and individual contributors
  27. * @license http://www.simplemachines.org/about/smf/license.php BSD
  28. *
  29. * @version 2.1 Alpha 1
  30. */
  31. if (!defined('SMF'))
  32. die('No direct access...');
  33. /**
  34. * Subaction handler - manages the action and delegates control to the proper
  35. * sub-action.
  36. * It loads both the Themes and Settings language files.
  37. * Checks the session by GET or POST to verify the sent data.
  38. * Requires the user not be a guest. (@todo what?)
  39. * Accessed via ?action=admin;area=theme.
  40. */
  41. function ThemesMain()
  42. {
  43. global $txt, $context, $scripturl, $sourcedir;
  44. // Load the important language files...
  45. loadLanguage('Themes');
  46. loadLanguage('Settings');
  47. loadLanguage('Drafts');
  48. // No funny business - guests only.
  49. is_not_guest();
  50. require_once($sourcedir . '/Subs-Themes.php');
  51. // Default the page title to Theme Administration by default.
  52. $context['page_title'] = $txt['themeadmin_title'];
  53. // Theme administration, removal, choice, or installation...
  54. $subActions = array(
  55. 'admin' => 'ThemeAdmin',
  56. 'list' => 'ThemeList',
  57. 'reset' => 'SetThemeOptions',
  58. 'options' => 'SetThemeOptions',
  59. 'install' => 'ThemeInstall',
  60. 'remove' => 'RemoveTheme',
  61. 'pick' => 'PickTheme',
  62. 'edit' => 'EditTheme',
  63. 'copy' => 'CopyTemplate',
  64. );
  65. // @todo Layout Settings?
  66. if (!empty($context['admin_menu_name']))
  67. {
  68. $context[$context['admin_menu_name']]['tab_data'] = array(
  69. 'title' => $txt['themeadmin_title'],
  70. 'help' => 'themes',
  71. 'description' => $txt['themeadmin_description'],
  72. 'tabs' => array(
  73. 'admin' => array(
  74. 'description' => $txt['themeadmin_admin_desc'],
  75. ),
  76. 'list' => array(
  77. 'description' => $txt['themeadmin_list_desc'],
  78. ),
  79. 'reset' => array(
  80. 'description' => $txt['themeadmin_reset_desc'],
  81. ),
  82. 'edit' => array(
  83. 'description' => $txt['themeadmin_edit_desc'],
  84. ),
  85. ),
  86. );
  87. }
  88. // Follow the sa or just go to administration.
  89. if (isset($_GET['sa']) && !empty($subActions[$_GET['sa']]))
  90. $subActions[$_GET['sa']]();
  91. else
  92. $subActions['admin']();
  93. }
  94. /**
  95. * This function allows administration of themes and their settings,
  96. * as well as global theme settings.
  97. * - sets the settings theme_allow, theme_guests, and knownThemes.
  98. * - requires the admin_forum permission.
  99. * - accessed with ?action=admin;area=theme;sa=admin.
  100. *
  101. * @uses Themes template
  102. * @uses Admin language file
  103. */
  104. function ThemeAdmin()
  105. {
  106. global $context, $boarddir, $modSettings, $smcFunc;
  107. loadLanguage('Admin');
  108. isAllowedTo('admin_forum');
  109. loadTemplate('Themes');
  110. // List all installed themes.
  111. get_all_themes();
  112. // Can we create a new theme?
  113. $context['can_create_new'] = is_writable($boarddir . '/Themes');
  114. $context['new_theme_dir'] = substr(realpath($boarddir . '/Themes/default'), 0, -7);
  115. // Look for a non existent theme directory. (ie theme87.)
  116. $theme_dir = $boarddir . '/Themes/theme';
  117. $i = 1;
  118. while (file_exists($theme_dir . $i))
  119. $i++;
  120. $context['new_theme_name'] = 'theme' . $i;
  121. // A bunch of tokens for a bunch of forms.
  122. createToken('admin-tm');
  123. createToken('admin-t-file');
  124. createToken('admin-t-copy');
  125. createToken('admin-t-dir');
  126. // Are handling any settings?
  127. if (isset($_POST['save']))
  128. {
  129. checkSession();
  130. validateToken('admin-tm');
  131. if (isset($_POST['options']['known_themes']))
  132. foreach ($_POST['options']['known_themes'] as $key => $id)
  133. $_POST['options']['known_themes'][$key] = (int) $id;
  134. else
  135. fatal_lang_error('themes_none_selectable', false);
  136. if (!in_array($_POST['options']['theme_guests'], $_POST['options']['known_themes']))
  137. fatal_lang_error('themes_default_selectable', false);
  138. // Commit the new settings.
  139. updateSettings(array(
  140. 'theme_allow' => $_POST['options']['theme_allow'],
  141. 'theme_guests' => $_POST['options']['theme_guests'],
  142. 'knownThemes' => implode(',', $_POST['options']['known_themes']),
  143. ));
  144. if ((int) $_POST['theme_reset'] == 0 || in_array($_POST['theme_reset'], $_POST['options']['known_themes']))
  145. updateMemberData(null, array('id_theme' => (int) $_POST['theme_reset']));
  146. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=admin');
  147. }
  148. }
  149. /**
  150. * This function lists the available themes and provides an interface to reset
  151. * the paths of all the installed themes.
  152. */
  153. function ThemeList()
  154. {
  155. global $context, $boarddir, $boardurl, $smcFunc;
  156. loadLanguage('Admin');
  157. isAllowedTo('admin_forum');
  158. if (isset($_REQUEST['th']))
  159. return SetThemeSettings();
  160. if (isset($_POST['save']))
  161. {
  162. checkSession();
  163. validateToken('admin-tl');
  164. $request = $smcFunc['db_query']('', '
  165. SELECT id_theme, variable, value
  166. FROM {db_prefix}themes
  167. WHERE variable IN ({string:theme_dir}, {string:theme_url}, {string:images_url}, {string:base_theme_dir}, {string:base_theme_url}, {string:base_images_url})
  168. AND id_member = {int:no_member}',
  169. array(
  170. 'no_member' => 0,
  171. 'theme_dir' => 'theme_dir',
  172. 'theme_url' => 'theme_url',
  173. 'images_url' => 'images_url',
  174. 'base_theme_dir' => 'base_theme_dir',
  175. 'base_theme_url' => 'base_theme_url',
  176. 'base_images_url' => 'base_images_url',
  177. )
  178. );
  179. $themes = array();
  180. while ($row = $smcFunc['db_fetch_assoc']($request))
  181. $themes[$row['id_theme']][$row['variable']] = $row['value'];
  182. $smcFunc['db_free_result']($request);
  183. $setValues = array();
  184. foreach ($themes as $id => $theme)
  185. {
  186. if (file_exists($_POST['reset_dir'] . '/' . basename($theme['theme_dir'])))
  187. {
  188. $setValues[] = array($id, 0, 'theme_dir', realpath($_POST['reset_dir'] . '/' . basename($theme['theme_dir'])));
  189. $setValues[] = array($id, 0, 'theme_url', $_POST['reset_url'] . '/' . basename($theme['theme_dir']));
  190. $setValues[] = array($id, 0, 'images_url', $_POST['reset_url'] . '/' . basename($theme['theme_dir']) . '/' . basename($theme['images_url']));
  191. }
  192. if (isset($theme['base_theme_dir']) && file_exists($_POST['reset_dir'] . '/' . basename($theme['base_theme_dir'])))
  193. {
  194. $setValues[] = array($id, 0, 'base_theme_dir', realpath($_POST['reset_dir'] . '/' . basename($theme['base_theme_dir'])));
  195. $setValues[] = array($id, 0, 'base_theme_url', $_POST['reset_url'] . '/' . basename($theme['base_theme_dir']));
  196. $setValues[] = array($id, 0, 'base_images_url', $_POST['reset_url'] . '/' . basename($theme['base_theme_dir']) . '/' . basename($theme['base_images_url']));
  197. }
  198. cache_put_data('theme_settings-' . $id, null, 90);
  199. }
  200. if (!empty($setValues))
  201. {
  202. $smcFunc['db_insert']('replace',
  203. '{db_prefix}themes',
  204. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  205. $setValues,
  206. array('id_theme', 'variable', 'id_member')
  207. );
  208. }
  209. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id']);
  210. }
  211. loadTemplate('Themes');
  212. // Get all installed themes.
  213. get_all_themes();
  214. $context['reset_dir'] = realpath($boarddir . '/Themes');
  215. $context['reset_url'] = $boardurl . '/Themes';
  216. $context['sub_template'] = 'list_themes';
  217. createToken('admin-tl');
  218. createToken('admin-tr', 'request');
  219. }
  220. /**
  221. * Administrative global settings.
  222. */
  223. function SetThemeOptions()
  224. {
  225. global $txt, $context, $settings, $modSettings, $smcFunc;
  226. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (isset($_GET['id']) ? (int) $_GET['id'] : 0);
  227. isAllowedTo('admin_forum');
  228. if (empty($_GET['th']) && empty($_GET['id']))
  229. {
  230. $request = $smcFunc['db_query']('', '
  231. SELECT id_theme, variable, value
  232. FROM {db_prefix}themes
  233. WHERE variable IN ({string:name}, {string:theme_dir})
  234. AND id_member = {int:no_member}',
  235. array(
  236. 'no_member' => 0,
  237. 'name' => 'name',
  238. 'theme_dir' => 'theme_dir',
  239. )
  240. );
  241. $context['themes'] = array();
  242. while ($row = $smcFunc['db_fetch_assoc']($request))
  243. {
  244. if (!isset($context['themes'][$row['id_theme']]))
  245. $context['themes'][$row['id_theme']] = array(
  246. 'id' => $row['id_theme'],
  247. 'num_default_options' => 0,
  248. 'num_members' => 0,
  249. );
  250. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  251. }
  252. $smcFunc['db_free_result']($request);
  253. $request = $smcFunc['db_query']('', '
  254. SELECT id_theme, COUNT(*) AS value
  255. FROM {db_prefix}themes
  256. WHERE id_member = {int:guest_member}
  257. GROUP BY id_theme',
  258. array(
  259. 'guest_member' => -1,
  260. )
  261. );
  262. while ($row = $smcFunc['db_fetch_assoc']($request))
  263. $context['themes'][$row['id_theme']]['num_default_options'] = $row['value'];
  264. $smcFunc['db_free_result']($request);
  265. // Need to make sure we don't do custom fields.
  266. $request = $smcFunc['db_query']('', '
  267. SELECT col_name
  268. FROM {db_prefix}custom_fields',
  269. array(
  270. )
  271. );
  272. $customFields = array();
  273. while ($row = $smcFunc['db_fetch_assoc']($request))
  274. $customFields[] = $row['col_name'];
  275. $smcFunc['db_free_result']($request);
  276. $customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
  277. $request = $smcFunc['db_query']('themes_count', '
  278. SELECT COUNT(DISTINCT id_member) AS value, id_theme
  279. FROM {db_prefix}themes
  280. WHERE id_member > {int:no_member}
  281. ' . $customFieldsQuery . '
  282. GROUP BY id_theme',
  283. array(
  284. 'no_member' => 0,
  285. 'custom_fields' => empty($customFields) ? array() : $customFields,
  286. )
  287. );
  288. while ($row = $smcFunc['db_fetch_assoc']($request))
  289. $context['themes'][$row['id_theme']]['num_members'] = $row['value'];
  290. $smcFunc['db_free_result']($request);
  291. // There has to be a Settings template!
  292. foreach ($context['themes'] as $k => $v)
  293. if (empty($v['theme_dir']) || (!file_exists($v['theme_dir'] . '/Settings.template.php') && empty($v['num_members'])))
  294. unset($context['themes'][$k]);
  295. loadTemplate('Themes');
  296. $context['sub_template'] = 'reset_list';
  297. createToken('admin-stor', 'request');
  298. return;
  299. }
  300. // Submit?
  301. if (isset($_POST['submit']) && empty($_POST['who']))
  302. {
  303. checkSession();
  304. validateToken('admin-sto');
  305. if (empty($_POST['options']))
  306. $_POST['options'] = array();
  307. if (empty($_POST['default_options']))
  308. $_POST['default_options'] = array();
  309. // Set up the sql query.
  310. $setValues = array();
  311. foreach ($_POST['options'] as $opt => $val)
  312. $setValues[] = array(-1, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
  313. $old_settings = array();
  314. foreach ($_POST['default_options'] as $opt => $val)
  315. {
  316. $old_settings[] = $opt;
  317. $setValues[] = array(-1, 1, $opt, is_array($val) ? implode(',', $val) : $val);
  318. }
  319. // If we're actually inserting something..
  320. if (!empty($setValues))
  321. {
  322. // Are there options in non-default themes set that should be cleared?
  323. if (!empty($old_settings))
  324. $smcFunc['db_query']('', '
  325. DELETE FROM {db_prefix}themes
  326. WHERE id_theme != {int:default_theme}
  327. AND id_member = {int:guest_member}
  328. AND variable IN ({array_string:old_settings})',
  329. array(
  330. 'default_theme' => 1,
  331. 'guest_member' => -1,
  332. 'old_settings' => $old_settings,
  333. )
  334. );
  335. $smcFunc['db_insert']('replace',
  336. '{db_prefix}themes',
  337. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  338. $setValues,
  339. array('id_theme', 'variable', 'id_member')
  340. );
  341. }
  342. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  343. cache_put_data('theme_settings-1', null, 90);
  344. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  345. }
  346. elseif (isset($_POST['submit']) && $_POST['who'] == 1)
  347. {
  348. checkSession();
  349. validateToken('admin-sto');
  350. $_POST['options'] = empty($_POST['options']) ? array() : $_POST['options'];
  351. $_POST['options_master'] = empty($_POST['options_master']) ? array() : $_POST['options_master'];
  352. $_POST['default_options'] = empty($_POST['default_options']) ? array() : $_POST['default_options'];
  353. $_POST['default_options_master'] = empty($_POST['default_options_master']) ? array() : $_POST['default_options_master'];
  354. $old_settings = array();
  355. foreach ($_POST['default_options'] as $opt => $val)
  356. {
  357. if ($_POST['default_options_master'][$opt] == 0)
  358. continue;
  359. elseif ($_POST['default_options_master'][$opt] == 1)
  360. {
  361. // Delete then insert for ease of database compatibility!
  362. $smcFunc['db_query']('substring', '
  363. DELETE FROM {db_prefix}themes
  364. WHERE id_theme = {int:default_theme}
  365. AND id_member != {int:no_member}
  366. AND variable = SUBSTRING({string:option}, 1, 255)',
  367. array(
  368. 'default_theme' => 1,
  369. 'no_member' => 0,
  370. 'option' => $opt,
  371. )
  372. );
  373. $smcFunc['db_query']('substring', '
  374. INSERT INTO {db_prefix}themes
  375. (id_member, id_theme, variable, value)
  376. SELECT id_member, 1, SUBSTRING({string:option}, 1, 255), SUBSTRING({string:value}, 1, 65534)
  377. FROM {db_prefix}members',
  378. array(
  379. 'option' => $opt,
  380. 'value' => (is_array($val) ? implode(',', $val) : $val),
  381. )
  382. );
  383. $old_settings[] = $opt;
  384. }
  385. elseif ($_POST['default_options_master'][$opt] == 2)
  386. {
  387. $smcFunc['db_query']('', '
  388. DELETE FROM {db_prefix}themes
  389. WHERE variable = {string:option_name}
  390. AND id_member > {int:no_member}',
  391. array(
  392. 'no_member' => 0,
  393. 'option_name' => $opt,
  394. )
  395. );
  396. }
  397. }
  398. // Delete options from other themes.
  399. if (!empty($old_settings))
  400. $smcFunc['db_query']('', '
  401. DELETE FROM {db_prefix}themes
  402. WHERE id_theme != {int:default_theme}
  403. AND id_member > {int:no_member}
  404. AND variable IN ({array_string:old_settings})',
  405. array(
  406. 'default_theme' => 1,
  407. 'no_member' => 0,
  408. 'old_settings' => $old_settings,
  409. )
  410. );
  411. foreach ($_POST['options'] as $opt => $val)
  412. {
  413. if ($_POST['options_master'][$opt] == 0)
  414. continue;
  415. elseif ($_POST['options_master'][$opt] == 1)
  416. {
  417. // Delete then insert for ease of database compatibility - again!
  418. $smcFunc['db_query']('substring', '
  419. DELETE FROM {db_prefix}themes
  420. WHERE id_theme = {int:current_theme}
  421. AND id_member != {int:no_member}
  422. AND variable = SUBSTRING({string:option}, 1, 255)',
  423. array(
  424. 'current_theme' => $_GET['th'],
  425. 'no_member' => 0,
  426. 'option' => $opt,
  427. )
  428. );
  429. $smcFunc['db_query']('substring', '
  430. INSERT INTO {db_prefix}themes
  431. (id_member, id_theme, variable, value)
  432. SELECT id_member, {int:current_theme}, SUBSTRING({string:option}, 1, 255), SUBSTRING({string:value}, 1, 65534)
  433. FROM {db_prefix}members',
  434. array(
  435. 'current_theme' => $_GET['th'],
  436. 'option' => $opt,
  437. 'value' => (is_array($val) ? implode(',', $val) : $val),
  438. )
  439. );
  440. }
  441. elseif ($_POST['options_master'][$opt] == 2)
  442. {
  443. $smcFunc['db_query']('', '
  444. DELETE FROM {db_prefix}themes
  445. WHERE variable = {string:option}
  446. AND id_member > {int:no_member}
  447. AND id_theme = {int:current_theme}',
  448. array(
  449. 'no_member' => 0,
  450. 'current_theme' => $_GET['th'],
  451. 'option' => $opt,
  452. )
  453. );
  454. }
  455. }
  456. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  457. }
  458. elseif (!empty($_GET['who']) && $_GET['who'] == 2)
  459. {
  460. checkSession('get');
  461. validateToken('admin-stor', 'request');
  462. // Don't delete custom fields!!
  463. if ($_GET['th'] == 1)
  464. {
  465. $request = $smcFunc['db_query']('', '
  466. SELECT col_name
  467. FROM {db_prefix}custom_fields',
  468. array(
  469. )
  470. );
  471. $customFields = array();
  472. while ($row = $smcFunc['db_fetch_assoc']($request))
  473. $customFields[] = $row['col_name'];
  474. $smcFunc['db_free_result']($request);
  475. }
  476. $customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
  477. $smcFunc['db_query']('', '
  478. DELETE FROM {db_prefix}themes
  479. WHERE id_member > {int:no_member}
  480. AND id_theme = {int:current_theme}
  481. ' . $customFieldsQuery,
  482. array(
  483. 'no_member' => 0,
  484. 'current_theme' => $_GET['th'],
  485. 'custom_fields' => empty($customFields) ? array() : $customFields,
  486. )
  487. );
  488. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  489. }
  490. $old_id = $settings['theme_id'];
  491. $old_settings = $settings;
  492. loadTheme($_GET['th'], false);
  493. loadLanguage('Profile');
  494. // @todo Should we just move these options so they are no longer theme dependant?
  495. loadLanguage('PersonalMessage');
  496. // Let the theme take care of the settings.
  497. loadTemplate('Settings');
  498. loadSubTemplate('options');
  499. $context['sub_template'] = 'set_options';
  500. $context['page_title'] = $txt['theme_settings'];
  501. $context['options'] = $context['theme_options'];
  502. $context['theme_settings'] = $settings;
  503. if (empty($_REQUEST['who']))
  504. {
  505. $request = $smcFunc['db_query']('', '
  506. SELECT variable, value
  507. FROM {db_prefix}themes
  508. WHERE id_theme IN (1, {int:current_theme})
  509. AND id_member = {int:guest_member}',
  510. array(
  511. 'current_theme' => $_GET['th'],
  512. 'guest_member' => -1,
  513. )
  514. );
  515. $context['theme_options'] = array();
  516. while ($row = $smcFunc['db_fetch_assoc']($request))
  517. $context['theme_options'][$row['variable']] = $row['value'];
  518. $smcFunc['db_free_result']($request);
  519. $context['theme_options_reset'] = false;
  520. }
  521. else
  522. {
  523. $context['theme_options'] = array();
  524. $context['theme_options_reset'] = true;
  525. }
  526. foreach ($context['options'] as $i => $setting)
  527. {
  528. // Is this disabled?
  529. if ($setting['id'] == 'calendar_start_day' && empty($modSettings['cal_enabled']))
  530. {
  531. unset($context['options'][$i]);
  532. continue;
  533. }
  534. elseif (($setting['id'] == 'topics_per_page' || $setting['id'] == 'messages_per_page') && !empty($modSettings['disableCustomPerPage']))
  535. {
  536. unset($context['options'][$i]);
  537. continue;
  538. }
  539. if (!isset($setting['type']) || $setting['type'] == 'bool')
  540. $context['options'][$i]['type'] = 'checkbox';
  541. elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
  542. $context['options'][$i]['type'] = 'number';
  543. elseif ($setting['type'] == 'string')
  544. $context['options'][$i]['type'] = 'text';
  545. if (isset($setting['options']))
  546. $context['options'][$i]['type'] = 'list';
  547. $context['options'][$i]['value'] = !isset($context['theme_options'][$setting['id']]) ? '' : $context['theme_options'][$setting['id']];
  548. }
  549. // Restore the existing theme.
  550. loadTheme($old_id, false);
  551. $settings = $old_settings;
  552. loadTemplate('Themes');
  553. createToken('admin-sto');
  554. }
  555. /**
  556. * Administrative global settings.
  557. * - saves and requests global theme settings. ($settings)
  558. * - loads the Admin language file.
  559. * - calls ThemeAdmin() if no theme is specified. (the theme center.)
  560. * - requires admin_forum permission.
  561. * - accessed with ?action=admin;area=theme;sa=list&th=xx.
  562. */
  563. function SetThemeSettings()
  564. {
  565. global $txt, $context, $settings, $modSettings, $sourcedir, $smcFunc;
  566. if (empty($_GET['th']) && empty($_GET['id']))
  567. return ThemeAdmin();
  568. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  569. // Select the best fitting tab.
  570. $context[$context['admin_menu_name']]['current_subsection'] = 'list';
  571. loadLanguage('Admin');
  572. isAllowedTo('admin_forum');
  573. // Validate inputs/user.
  574. if (empty($_GET['th']))
  575. fatal_lang_error('no_theme', false);
  576. // Fetch the smiley sets...
  577. $sets = explode(',', 'none,' . $modSettings['smiley_sets_known']);
  578. $set_names = explode("\n", $txt['smileys_none'] . "\n" . $modSettings['smiley_sets_names']);
  579. $context['smiley_sets'] = array(
  580. '' => $txt['smileys_no_default']
  581. );
  582. foreach ($sets as $i => $set)
  583. $context['smiley_sets'][$set] = $smcFunc['htmlspecialchars']($set_names[$i]);
  584. $old_id = $settings['theme_id'];
  585. $old_settings = $settings;
  586. loadTheme($_GET['th'], false);
  587. // Sadly we really do need to init the template.
  588. loadSubTemplate('init', 'ignore');
  589. // Also load the actual themes language file - in case of special settings.
  590. loadLanguage('Settings', '', true, true);
  591. // And the custom language strings...
  592. loadLanguage('ThemeStrings', '', false, true);
  593. // Let the theme take care of the settings.
  594. loadTemplate('Settings');
  595. loadSubTemplate('settings');
  596. // Load the variants separately...
  597. $settings['theme_variants'] = array();
  598. if (file_exists($settings['theme_dir'] . '/index.template.php'))
  599. {
  600. $file_contents = implode('', file($settings['theme_dir'] . '/index.template.php'));
  601. if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
  602. eval('global $settings;' . $matches[0]);
  603. }
  604. // Submitting!
  605. if (isset($_POST['save']))
  606. {
  607. checkSession();
  608. validateToken('admin-sts');
  609. if (empty($_POST['options']))
  610. $_POST['options'] = array();
  611. if (empty($_POST['default_options']))
  612. $_POST['default_options'] = array();
  613. // Make sure items are cast correctly.
  614. foreach ($context['theme_settings'] as $item)
  615. {
  616. // Disregard this item if this is just a separator.
  617. if (!is_array($item))
  618. continue;
  619. foreach (array('options', 'default_options') as $option)
  620. {
  621. if (!isset($_POST[$option][$item['id']]))
  622. continue;
  623. // Checkbox.
  624. elseif (empty($item['type']))
  625. $_POST[$option][$item['id']] = $_POST[$option][$item['id']] ? 1 : 0;
  626. // Number
  627. elseif ($item['type'] == 'number')
  628. $_POST[$option][$item['id']] = (int) $_POST[$option][$item['id']];
  629. }
  630. }
  631. // Set up the sql query.
  632. $inserts = array();
  633. foreach ($_POST['options'] as $opt => $val)
  634. $inserts[] = array(0, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
  635. foreach ($_POST['default_options'] as $opt => $val)
  636. $inserts[] = array(0, 1, $opt, is_array($val) ? implode(',', $val) : $val);
  637. // If we're actually inserting something..
  638. if (!empty($inserts))
  639. {
  640. $smcFunc['db_insert']('replace',
  641. '{db_prefix}themes',
  642. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  643. $inserts,
  644. array('id_member', 'id_theme', 'variable')
  645. );
  646. }
  647. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  648. cache_put_data('theme_settings-1', null, 90);
  649. // Invalidate the cache.
  650. updateSettings(array('settings_updated' => time()));
  651. redirectexit('action=admin;area=theme;sa=list;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id']);
  652. }
  653. $context['sub_template'] = 'set_settings';
  654. $context['page_title'] = $txt['theme_settings'];
  655. foreach ($settings as $setting => $dummy)
  656. {
  657. if (!in_array($setting, array('theme_url', 'theme_dir', 'images_url', 'template_dirs')))
  658. $settings[$setting] = htmlspecialchars__recursive($settings[$setting]);
  659. }
  660. $context['settings'] = $context['theme_settings'];
  661. $context['theme_settings'] = $settings;
  662. foreach ($context['settings'] as $i => $setting)
  663. {
  664. // Separators are dummies, so leave them alone.
  665. if (!is_array($setting))
  666. continue;
  667. if (!isset($setting['type']) || $setting['type'] == 'bool')
  668. $context['settings'][$i]['type'] = 'checkbox';
  669. elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
  670. $context['settings'][$i]['type'] = 'number';
  671. elseif ($setting['type'] == 'string')
  672. $context['settings'][$i]['type'] = 'text';
  673. if (isset($setting['options']))
  674. $context['settings'][$i]['type'] = 'list';
  675. $context['settings'][$i]['value'] = !isset($settings[$setting['id']]) ? '' : $settings[$setting['id']];
  676. }
  677. // Do we support variants?
  678. if (!empty($settings['theme_variants']))
  679. {
  680. $context['theme_variants'] = array();
  681. foreach ($settings['theme_variants'] as $variant)
  682. {
  683. // Have any text, old chap?
  684. $context['theme_variants'][$variant] = array(
  685. 'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
  686. 'thumbnail' => !file_exists($settings['theme_dir'] . '/images/thumbnail.png') || file_exists($settings['theme_dir'] . '/images/thumbnail_' . $variant . '.png') ? $settings['images_url'] . '/thumbnail_' . $variant . '.png' : ($settings['images_url'] . '/thumbnail.png'),
  687. );
  688. }
  689. $context['default_variant'] = !empty($settings['default_variant']) && isset($context['theme_variants'][$settings['default_variant']]) ? $settings['default_variant'] : $settings['theme_variants'][0];
  690. }
  691. // Restore the current theme.
  692. loadTheme($old_id, false);
  693. // Reinit just incase.
  694. loadSubTemplate('init', 'ignore');
  695. $settings = $old_settings;
  696. loadTemplate('Themes');
  697. // We like Kenny better than Token.
  698. createToken('admin-sts');
  699. }
  700. /**
  701. * Remove a theme from the database.
  702. * - removes an installed theme.
  703. * - requires an administrator.
  704. * - accessed with ?action=admin;area=theme;sa=remove.
  705. */
  706. function RemoveTheme()
  707. {
  708. global $modSettings, $context, $smcFunc;
  709. checkSession('get');
  710. isAllowedTo('admin_forum');
  711. validateToken('admin-tr', 'request');
  712. // The theme's ID must be an integer.
  713. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  714. // You can't delete the default theme!
  715. if ($_GET['th'] == 1)
  716. fatal_lang_error('no_access', false);
  717. $known = explode(',', $modSettings['knownThemes']);
  718. for ($i = 0, $n = count($known); $i < $n; $i++)
  719. {
  720. if ($known[$i] == $_GET['th'])
  721. unset($known[$i]);
  722. }
  723. $smcFunc['db_query']('', '
  724. DELETE FROM {db_prefix}themes
  725. WHERE id_theme = {int:current_theme}',
  726. array(
  727. 'current_theme' => $_GET['th'],
  728. )
  729. );
  730. $smcFunc['db_query']('', '
  731. UPDATE {db_prefix}members
  732. SET id_theme = {int:default_theme}
  733. WHERE id_theme = {int:current_theme}',
  734. array(
  735. 'default_theme' => 0,
  736. 'current_theme' => $_GET['th'],
  737. )
  738. );
  739. $smcFunc['db_query']('', '
  740. UPDATE {db_prefix}boards
  741. SET id_theme = {int:default_theme}
  742. WHERE id_theme = {int:current_theme}',
  743. array(
  744. 'default_theme' => 0,
  745. 'current_theme' => $_GET['th'],
  746. )
  747. );
  748. $known = strtr(implode(',', $known), array(',,' => ','));
  749. // Fix it if the theme was the overall default theme.
  750. if ($modSettings['theme_guests'] == $_GET['th'])
  751. updateSettings(array('theme_guests' => '1', 'knownThemes' => $known));
  752. else
  753. updateSettings(array('knownThemes' => $known));
  754. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id']);
  755. }
  756. /**
  757. * Choose a theme from a list.
  758. * allows an user or administrator to pick a new theme with an interface.
  759. * - can edit everyone's (u = 0), guests' (u = -1), or a specific user's.
  760. * - uses the Themes template. (pick sub template.)
  761. * - accessed with ?action=admin;area=theme;sa=pick.
  762. * @todo thought so... Might be better to split this file in ManageThemes and Themes,
  763. * with centralized admin permissions on ManageThemes.
  764. */
  765. function PickTheme()
  766. {
  767. global $txt, $context, $modSettings, $user_info, $language, $smcFunc, $settings, $scripturl;
  768. loadLanguage('Profile');
  769. loadTemplate('Themes');
  770. // Build the link tree.
  771. $context['linktree'][] = array(
  772. 'url' => $scripturl . '?action=theme;sa=pick;u=' . (!empty($_REQUEST['u']) ? (int) $_REQUEST['u'] : 0),
  773. 'name' => $txt['theme_pick'],
  774. );
  775. $context['default_theme_id'] = $modSettings['theme_default'];
  776. $_SESSION['id_theme'] = 0;
  777. if (isset($_GET['id']))
  778. $_GET['th'] = $_GET['id'];
  779. // Saving a variant cause JS doesn't work - pretend it did ;)
  780. if (isset($_POST['save']))
  781. {
  782. // Which theme?
  783. foreach ($_POST['save'] as $k => $v)
  784. $_GET['th'] = (int) $k;
  785. if (isset($_POST['vrt'][$k]))
  786. $_GET['vrt'] = $_POST['vrt'][$k];
  787. }
  788. // Have we made a desicion, or are we just browsing?
  789. if (isset($_GET['th']))
  790. {
  791. checkSession('get');
  792. $_GET['th'] = (int) $_GET['th'];
  793. // Save for this user.
  794. if (!isset($_REQUEST['u']) || !allowedTo('admin_forum'))
  795. {
  796. updateMemberData($user_info['id'], array('id_theme' => (int) $_GET['th']));
  797. // A variants to save for the user?
  798. if (!empty($_GET['vrt']))
  799. {
  800. $smcFunc['db_insert']('replace',
  801. '{db_prefix}themes',
  802. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  803. array($_GET['th'], $user_info['id'], 'theme_variant', $_GET['vrt']),
  804. array('id_theme', 'id_member', 'variable')
  805. );
  806. cache_put_data('theme_settings-' . $_GET['th'] . ':' . $user_info['id'], null, 90);
  807. $_SESSION['id_variant'] = 0;
  808. }
  809. redirectexit('action=profile;area=theme');
  810. }
  811. // If changing members or guests - and there's a variant - assume changing default variant.
  812. if (!empty($_GET['vrt']) && ($_REQUEST['u'] == '0' || $_REQUEST['u'] == '-1'))
  813. {
  814. $smcFunc['db_insert']('replace',
  815. '{db_prefix}themes',
  816. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  817. array($_GET['th'], 0, 'default_variant', $_GET['vrt']),
  818. array('id_theme', 'id_member', 'variable')
  819. );
  820. // Make it obvious that it's changed
  821. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  822. }
  823. // For everyone.
  824. if ($_REQUEST['u'] == '0')
  825. {
  826. updateMemberData(null, array('id_theme' => (int) $_GET['th']));
  827. // Remove any custom variants.
  828. if (!empty($_GET['vrt']))
  829. {
  830. $smcFunc['db_query']('', '
  831. DELETE FROM {db_prefix}themes
  832. WHERE id_theme = {int:current_theme}
  833. AND variable = {string:theme_variant}',
  834. array(
  835. 'current_theme' => (int) $_GET['th'],
  836. 'theme_variant' => 'theme_variant',
  837. )
  838. );
  839. }
  840. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  841. }
  842. // Change the default/guest theme.
  843. elseif ($_REQUEST['u'] == '-1')
  844. {
  845. updateSettings(array('theme_guests' => (int) $_GET['th']));
  846. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  847. }
  848. // Change a specific member's theme.
  849. else
  850. {
  851. // The forum's default theme is always 0 and we
  852. if (isset($_GET['th']) && $_GET['th'] == 0)
  853. $_GET['th'] = $modSettings['theme_guests'];
  854. updateMemberData((int) $_REQUEST['u'], array('id_theme' => (int) $_GET['th']));
  855. if (!empty($_GET['vrt']))
  856. {
  857. $smcFunc['db_insert']('replace',
  858. '{db_prefix}themes',
  859. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  860. array($_GET['th'], (int) $_REQUEST['u'], 'theme_variant', $_GET['vrt']),
  861. array('id_theme', 'id_member', 'variable')
  862. );
  863. cache_put_data('theme_settings-' . $_GET['th'] . ':' . (int) $_REQUEST['u'], null, 90);
  864. if ($user_info['id'] == $_REQUEST['u'])
  865. $_SESSION['id_variant'] = 0;
  866. }
  867. redirectexit('action=profile;u=' . (int) $_REQUEST['u'] . ';area=theme');
  868. }
  869. }
  870. // Figure out who the member of the minute is, and what theme they've chosen.
  871. if (!isset($_REQUEST['u']) || !allowedTo('admin_forum'))
  872. {
  873. $context['current_member'] = $user_info['id'];
  874. $context['current_theme'] = $user_info['theme'];
  875. }
  876. // Everyone can't chose just one.
  877. elseif ($_REQUEST['u'] == '0')
  878. {
  879. $context['current_member'] = 0;
  880. $context['current_theme'] = 0;
  881. }
  882. // Guests and such...
  883. elseif ($_REQUEST['u'] == '-1')
  884. {
  885. $context['current_member'] = -1;
  886. $context['current_theme'] = $modSettings['theme_guests'];
  887. }
  888. // Someones else :P.
  889. else
  890. {
  891. $context['current_member'] = (int) $_REQUEST['u'];
  892. $request = $smcFunc['db_query']('', '
  893. SELECT id_theme
  894. FROM {db_prefix}members
  895. WHERE id_member = {int:current_member}
  896. LIMIT 1',
  897. array(
  898. 'current_member' => $context['current_member'],
  899. )
  900. );
  901. list ($context['current_theme']) = $smcFunc['db_fetch_row']($request);
  902. $smcFunc['db_free_result']($request);
  903. }
  904. // Get the theme name and descriptions.
  905. $context['available_themes'] = array();
  906. if (!empty($modSettings['knownThemes']))
  907. {
  908. $request = $smcFunc['db_query']('', '
  909. SELECT id_theme, variable, value
  910. FROM {db_prefix}themes
  911. WHERE variable IN ({string:name}, {string:theme_url}, {string:theme_dir}, {string:images_url}, {string:disable_user_variant})' . (!allowedTo('admin_forum') ? '
  912. AND id_theme IN ({array_string:known_themes})' : '') . '
  913. AND id_theme != {int:default_theme}
  914. AND id_member = {int:no_member}',
  915. array(
  916. 'default_theme' => 0,
  917. 'name' => 'name',
  918. 'no_member' => 0,
  919. 'theme_url' => 'theme_url',
  920. 'theme_dir' => 'theme_dir',
  921. 'images_url' => 'images_url',
  922. 'disable_user_variant' => 'disable_user_variant',
  923. 'known_themes' => explode(',', $modSettings['knownThemes']),
  924. )
  925. );
  926. while ($row = $smcFunc['db_fetch_assoc']($request))
  927. {
  928. if (!isset($context['available_themes'][$row['id_theme']]))
  929. $context['available_themes'][$row['id_theme']] = array(
  930. 'id' => $row['id_theme'],
  931. 'selected' => $context['current_theme'] == $row['id_theme'],
  932. 'num_users' => 0
  933. );
  934. $context['available_themes'][$row['id_theme']][$row['variable']] = $row['value'];
  935. }
  936. $smcFunc['db_free_result']($request);
  937. }
  938. // Okay, this is a complicated problem: the default theme is 1, but they aren't allowed to access 1!
  939. if (!isset($context['available_themes'][$modSettings['theme_guests']]))
  940. {
  941. $context['available_themes'][0] = array(
  942. 'num_users' => 0
  943. );
  944. $guest_theme = 0;
  945. }
  946. else
  947. $guest_theme = $modSettings['theme_guests'];
  948. $request = $smcFunc['db_query']('', '
  949. SELECT id_theme, COUNT(*) AS the_count
  950. FROM {db_prefix}members
  951. GROUP BY id_theme
  952. ORDER BY id_theme DESC',
  953. array(
  954. )
  955. );
  956. while ($row = $smcFunc['db_fetch_assoc']($request))
  957. {
  958. // Figure out which theme it is they are REALLY using.
  959. if (!empty($modSettings['knownThemes']) && !in_array($row['id_theme'], explode(',',$modSettings['knownThemes'])))
  960. $row['id_theme'] = $guest_theme;
  961. elseif (empty($modSettings['theme_allow']))
  962. $row['id_theme'] = $guest_theme;
  963. if (isset($context['available_themes'][$row['id_theme']]))
  964. $context['available_themes'][$row['id_theme']]['num_users'] += $row['the_count'];
  965. else
  966. $context['available_themes'][$guest_theme]['num_users'] += $row['the_count'];
  967. }
  968. $smcFunc['db_free_result']($request);
  969. // Get any member variant preferences.
  970. $variant_preferences = array();
  971. if ($context['current_member'] > 0)
  972. {
  973. $request = $smcFunc['db_query']('', '
  974. SELECT id_theme, value
  975. FROM {db_prefix}themes
  976. WHERE variable = {string:theme_variant}
  977. AND id_member IN ({array_int:id_member})
  978. ORDER BY id_member ASC',
  979. array(
  980. 'theme_variant' => 'theme_variant',
  981. 'id_member' => isset($_REQUEST['sa']) && $_REQUEST['sa'] == 'pick' ? array(-1, $context['current_member']) : array(-1),
  982. )
  983. );
  984. while ($row = $smcFunc['db_fetch_assoc']($request))
  985. $variant_preferences[$row['id_theme']] = $row['value'];
  986. $smcFunc['db_free_result']($request);
  987. }
  988. // Save the setting first.
  989. $current_images_url = $settings['images_url'];
  990. $current_theme_variants = !empty($settings['theme_variants']) ? $settings['theme_variants'] : array();
  991. foreach ($context['available_themes'] as $id_theme => $theme_data)
  992. {
  993. // Don't try to load the forum or board default theme's data... it doesn't have any!
  994. if ($id_theme == 0)
  995. continue;
  996. // The thumbnail needs the correct path.
  997. $settings['images_url'] = &$theme_data['images_url'];
  998. if (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php'))
  999. include($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php');
  1000. elseif (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php'))
  1001. include($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php');
  1002. else
  1003. {
  1004. $txt['theme_thumbnail_href'] = $theme_data['images_url'] . '/thumbnail.png';
  1005. $txt['theme_description'] = '';
  1006. }
  1007. $context['available_themes'][$id_theme]['thumbnail_href'] = $txt['theme_thumbnail_href'];
  1008. $context['available_themes'][$id_theme]['description'] = $txt['theme_description'];
  1009. // Are there any variants?
  1010. if (file_exists($theme_data['theme_dir'] . '/index.template.php') && (empty($theme_data['disable_user_variant']) || allowedTo('admin_forum')))
  1011. {
  1012. $file_contents = implode('', file($theme_data['theme_dir'] . '/index.template.php'));
  1013. if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
  1014. {
  1015. $settings['theme_variants'] = array();
  1016. // Fill settings up.
  1017. eval('global $settings;' . $matches[0]);
  1018. if (!empty($settings['theme_variants']))
  1019. {
  1020. loadLanguage('Settings');
  1021. $context['available_themes'][$id_theme]['variants'] = array();
  1022. foreach ($settings['theme_variants'] as $variant)
  1023. $context['available_themes'][$id_theme]['variants'][$variant] = array(
  1024. 'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
  1025. 'thumbnail' => !file_exists($theme_data['theme_dir'] . '/images/thumbnail.png') || file_exists($theme_data['theme_dir'] . '/images/thumbnail_' . $variant . '.png') ? $theme_data['images_url'] . '/thumbnail_' . $variant . '.png' : ($theme_data['images_url'] . '/thumbnail.png'),
  1026. );
  1027. $context['available_themes'][$id_theme]['selected_variant'] = isset($_GET['vrt']) ? $_GET['vrt'] : (!empty($variant_preferences[$id_theme]) ? $variant_preferences[$id_theme] : (!empty($settings['default_variant']) ? $settings['default_variant'] : $settings['theme_variants'][0]));
  1028. if (!isset($context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail']))
  1029. $context['available_themes'][$id_theme]['selected_variant'] = $settings['theme_variants'][0];
  1030. $context['available_themes'][$id_theme]['thumbnail_href'] = $context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail'];
  1031. // Allow themes to override the text.
  1032. $context['available_themes'][$id_theme]['pick_label'] = isset($txt['variant_pick']) ? $txt['variant_pick'] : $txt['theme_pick_variant'];
  1033. }
  1034. }
  1035. }
  1036. }
  1037. // Then return it.
  1038. $settings['images_url'] = $current_images_url;
  1039. $settings['theme_variants'] = $current_theme_variants;
  1040. // As long as we're not doing the default theme...
  1041. if (!isset($_REQUEST['u']) || $_REQUEST['u'] >= 0)
  1042. {
  1043. if ($guest_theme != 0)
  1044. $context['available_themes'][0] = $context['available_themes'][$guest_theme];
  1045. $context['available_themes'][0]['id'] = 0;
  1046. $context['available_themes'][0]['name'] = $txt['theme_forum_default'];
  1047. $context['available_themes'][0]['selected'] = $context['current_theme'] == 0;
  1048. $context['available_themes'][0]['description'] = $txt['theme_global_description'];
  1049. }
  1050. ksort($context['available_themes']);
  1051. $context['page_title'] = $txt['theme_pick'];
  1052. $context['sub_template'] = 'pick';
  1053. }
  1054. /**
  1055. * Installs new themes, either from a gzip or copy of the default.
  1056. * - puts themes in $boardurl/Themes.
  1057. * - assumes the gzip has a root directory in it. (ie default.)
  1058. * Requires admin_forum.
  1059. * Accessed with ?action=admin;area=theme;sa=install.
  1060. */
  1061. function ThemeInstall()
  1062. {
  1063. global $sourcedir, $txt, $context, $boarddir, $boardurl;
  1064. global $themedir, $themeurl, $smcFunc;
  1065. checkSession('request');
  1066. isAllowedTo('admin_forum');
  1067. require_once($sourcedir . '/Subs-Package.php');
  1068. // Make it easier to change the path and url.
  1069. $themedir = $boarddir . '/Themes';
  1070. $themeurl = $boardurl . '/Themes';
  1071. loadTemplate('Themes');
  1072. $subActions = array(
  1073. 'file' => 'InstallFile',
  1074. 'copy' => 'InstallCopy',
  1075. 'dir' => 'InstallDir',
  1076. );
  1077. // Is there a function to call?
  1078. if (isset($_GET['do']) && !empty($_GET['do']) && isset($subActions[$_GET['do']]))
  1079. {
  1080. $action = $smcFunc['htmlspecialchars'](trim($_GET['do']));
  1081. // Got any info from the specific form?
  1082. if (!isset($_POST['save_'. $action]))
  1083. fatal_lang_error('theme_install_no_action', false);
  1084. validateToken('admin-t-'. $action);
  1085. // Hopefully the themes directory is writable, or we might have a problem.
  1086. if (!is_writable($themedir))
  1087. fatal_lang_error('theme_install_write_error', 'critical');
  1088. // Call the function and handle the result.
  1089. $result = $subActions[$action]();
  1090. // Everything went better than expected!
  1091. if (!empty($result) && true == $result)
  1092. {
  1093. $context['sub_template'] = 'installed';
  1094. $context['page_title'] = $txt['theme_installed'];
  1095. $context['installed_theme'] = get_single_theme($result);
  1096. }
  1097. }
  1098. // Nope, show a nice error.
  1099. else
  1100. fatal_lang_error('theme_install_no_action', false);
  1101. }
  1102. function InstallFile()
  1103. {
  1104. global $themedir, $themeurl, $context;
  1105. $result = array();
  1106. // This happens when the admin session is gone and the user has to login again.
  1107. if (!isset($_FILES) || !isset($_FILES['theme_gz']) || empty($_FILES['theme_gz']))
  1108. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  1109. // Another error check layer, something went wrong with the upload.
  1110. if (isset($_FILES['theme_gz']['error']) && $_FILES['theme_gz']['error'] != 0)
  1111. fatal_lang_error('theme_install_error_file_'. $_FILES['theme_gz']['error'], false);
  1112. // Get the theme's name.
  1113. $name = strtok(basename($_FILES['theme_gz']['name']));
  1114. $name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $name);
  1115. // Start setting some vars.
  1116. $context['to_install'] = array(
  1117. 'theme_dir' => $themedir . '/' . $name,
  1118. 'theme_url' => $themeurl . '/' . $name,
  1119. 'images_url' => $themeurl . '/' . $name . '/images',
  1120. 'name' => $name,
  1121. );
  1122. // Extract the file on the proper themes dir.
  1123. $extracted = read_tgz_file($_FILES['theme_gz']['tmp_name'], $context['to_install']['theme_dir'], false, true);
  1124. if ($extracted)
  1125. {
  1126. // Read its info form the XML file.
  1127. $theme_info = get_theme_info($context['to_install']['theme_dir']);
  1128. $context['to_install'] += $theme_info;
  1129. // Install the theme. theme_install() will take care of possible errors.
  1130. $id = theme_install($context['to_install']);
  1131. // return the ID.
  1132. return $id;
  1133. }
  1134. else
  1135. fatal_lang_error('theme_install_error_title', false);
  1136. }
  1137. function InstallCopy()
  1138. {
  1139. global $themedir, $themeurl, $settings, $smcFunc, $context;
  1140. global $forum_version;
  1141. // There's gotta be something to work with.
  1142. if (!isset($_REQUEST['copy']) || empty($_REQUEST['copy']))
  1143. fatal_lang_error('theme_install_error_title', false);
  1144. // Get a cleaner version.
  1145. $name = preg_replace('~[^A-Za-z0-9_\- ]~', '', $_REQUEST['copy']);
  1146. // Is there a theme already named like this?
  1147. if (file_exists($themedir .'/'. $name))
  1148. fatal_lang_error('theme_install_already_dir', false);
  1149. // This is a brand new theme so set all possible values.
  1150. $context['to_install'] = array(
  1151. 'theme_dir' => $themedir . '/' . $name,
  1152. 'theme_url' => $themeurl . '/' . $name,
  1153. 'name' => $name,
  1154. 'images_url' => $themeurl . '/' . $name . '/images',
  1155. 'version' => '1.0',
  1156. 'install_for' => '2.1 - 2.1.99, '. strtr($forum_version, array('SMF ' => '')),
  1157. );
  1158. // Create the specific dir.
  1159. umask(0);
  1160. mkdir($context['to_install']['theme_dir'], 0777);
  1161. // Buy some time.
  1162. @set_time_limit(600);
  1163. if (function_exists('apache_reset_timeout'))
  1164. @apache_reset_timeout();
  1165. // Create subdirectories for css and javascript files.
  1166. mkdir($context['to_install']['theme_dir'] . '/css', 0777);
  1167. mkdir($context['to_install']['theme_dir'] . '/scripts', 0777);
  1168. // Copy over the default non-theme files.
  1169. $to_copy = array('/index.php', '/index.template.php', '/css/index.css', '/css/rtl.css', '/css/admin.css', '/scripts/theme.js');
  1170. foreach ($to_copy as $file)
  1171. {
  1172. copy($settings['default_theme_dir'] . $file, $context['to_install']['theme_dir'] . $file);
  1173. @chmod($context['to_install']['theme_dir'] . $file, 0777);
  1174. }
  1175. // And now the entire images directory!
  1176. copytree($settings['default_theme_dir'] . '/images', $context['to_install']['theme_dir'] . '/images');
  1177. package_flush_cache();
  1178. // Lets get some data for the new theme.
  1179. $request = $smcFunc['db_query']('', '
  1180. SELECT variable, value
  1181. FROM {db_prefix}themes
  1182. WHERE variable IN ({string:theme_templates}, {string:theme_layers})
  1183. AND id_member = {int:no_member}
  1184. AND id_theme = {int:default_theme}',
  1185. array(
  1186. 'no_member' => 0,
  1187. 'default_theme' => 1,
  1188. 'theme_templates' => 'theme_templates',
  1189. 'theme_layers' => 'theme_layers',
  1190. )
  1191. );
  1192. while ($row = $smcFunc['db_fetch_assoc']($request))
  1193. {
  1194. if ($row['variable'] == 'theme_templates')
  1195. $theme_templates = $row['value'];
  1196. elseif ($row['variable'] == 'theme_layers')
  1197. $theme_layers = $row['value'];
  1198. else
  1199. continue;
  1200. }
  1201. $smcFunc['db_free_result']($request);
  1202. $context['to_install'] += array(
  1203. 'theme_layers' => empty($theme_layers) ? 'html,body' : $theme_layers,
  1204. 'theme_templates' => empty($theme_templates) ? 'index' : $theme_templates,
  1205. );
  1206. // Lets add a theme_info.xml to this theme.
  1207. $xml_info = '<' . '?xml version="1.0"?' . '>
  1208. <theme-info xmlns="http://www.simplemachines.org/xml/theme-info" xmlns:smf="http://www.simplemachines.org/">
  1209. <!-- For the id, always use something unique - put your name, a colon, and then the package name. -->
  1210. <id>smf:' . $smcFunc['strtolower']($context['to_install']['name']) . '</id>
  1211. <!-- The theme\'s version, please try to use semantic versioning. -->
  1212. <version>1.0</version>
  1213. <!-- Install for, the SMF versions this theme was designed for. Uses the same wildcards used in the packager manager. This field is mandatory. -->
  1214. <install for="'. $context['to_install']['install_for'] .'" />
  1215. <!-- Theme name, used purely for aesthetics. -->
  1216. <name>' . $context['to_install']['name'] . '</name>
  1217. <!-- Author: your email address or contact information. The name attribute is optional. -->
  1218. <author name="Simple Machines">[email protected]</author>
  1219. <!-- Website... where to get updates and more information. -->
  1220. <website>http://www.simplemachines.org/</website>
  1221. <!-- Template layers to use, defaults to "html,body". -->
  1222. <layers>' . $context['to_install']['theme_layers'] . '</layers>
  1223. <!-- Templates to load on startup. Default is "index". -->
  1224. <templates>' . $context['to_install']['theme_templates'] . '</templates>
  1225. <!-- Base this theme off another? Default is blank, or no. It could be "default". -->
  1226. <based-on></based-on>
  1227. </theme-info>';
  1228. // Now write it.
  1229. $fp = @fopen($context['to_install']['theme_dir'] . '/theme_info.xml', 'w+');
  1230. if ($fp)
  1231. {
  1232. fwrite($fp, $xml_info);
  1233. fclose($fp);
  1234. }
  1235. // Install the theme. theme_install() will take care of possible errors.
  1236. $id = theme_install($context['to_install']);
  1237. // return the ID.
  1238. return $id;
  1239. }
  1240. function InstallDir()
  1241. {
  1242. global $themedir;
  1243. // Cannot use the theme dir as a theme dir.
  1244. if (!isset($_REQUEST['theme_dir']) || empty($_REQUEST['theme_dir']) || rtrim(realpath($_REQUEST['theme_dir']), '/\\') == realpath($themedir))
  1245. fatal_lang_error('theme_install_invalid_dir', false);
  1246. // Check is there is "something" on the dir.
  1247. elseif (!is_dir($_REQUEST['theme_dir']) || !file_exists($_REQUEST['theme_dir'] . '/theme_info.xml'))
  1248. fatal_lang_error('theme_install_error', false);
  1249. $name = basename($_REQUEST['theme_dir']);
  1250. $name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $name);
  1251. // All good! set some needed vars.
  1252. $context['to_install'] = array(
  1253. 'dir' => $_REQUEST['theme_dir'],
  1254. 'theme_url' => $themeurl . '/' . $name,
  1255. 'name' => $name,
  1256. 'images_url' => $themeurl . '/' . $name . '/images',
  1257. );
  1258. // Read its info form the XML file.
  1259. $context['to_install'] += $theme_info;
  1260. // Install the theme. theme_install() will take care of possible errors.
  1261. $id = theme_install($context['to_install']);
  1262. // return the ID.
  1263. return $id;
  1264. }
  1265. /**
  1266. * Possibly the simplest and best example of how to use the template system.
  1267. * - allows the theme to take care of actions.
  1268. * - happens if $settings['catch_action'] is set and action isn't found
  1269. * in the action array.
  1270. * - can use a template, layers, sub_template, filename, and/or function.
  1271. * @todo look at this
  1272. */
  1273. function WrapAction()
  1274. {
  1275. global $context, $settings, $sourcedir;
  1276. // Load any necessary template(s)?
  1277. if (isset($settings['catch_action']['template']))
  1278. {
  1279. // Load both the template and language file. (but don't fret if the language file isn't there...)
  1280. loadTemplate($settings['catch_action']['template']);
  1281. loadLanguage($settings['catch_action']['template'], '', false);
  1282. }
  1283. // Any special layers?
  1284. if (isset($settings['catch_action']['layers']))
  1285. $context['template_layers'] = $settings['catch_action']['layers'];
  1286. // Just call a function?
  1287. if (isset($settings['catch_action']['function']))
  1288. {
  1289. if (isset($settings['catch_action']['filename']))
  1290. template_include($sourcedir . '/' . $settings['catch_action']['filename'], true);
  1291. $settings['catch_action']['function']();
  1292. }
  1293. // And finally, the main sub template ;).
  1294. elseif (isset($settings['catch_action']['sub_template']))
  1295. $context['sub_template'] = $settings['catch_action']['sub_template'];
  1296. }
  1297. /**
  1298. * Set an option via javascript.
  1299. * - sets a theme option without outputting anything.
  1300. * - can be used with javascript, via a dummy image... (which doesn't require
  1301. * the page to reload.)
  1302. * - requires someone who is logged in.
  1303. * - accessed via ?action=jsoption;var=variable;val=value;session_var=sess_id.
  1304. * - does not log access to the Who's Online log. (in index.php..)
  1305. */
  1306. function SetJavaScript()
  1307. {
  1308. global $settings, $user_info, $smcFunc, $options;
  1309. // Check the session id.
  1310. checkSession('get');
  1311. // This good-for-nothing pixel is being used to keep the session alive.
  1312. if (empty($_GET['var']) || !isset($_GET['val']))
  1313. redirectexit($settings['images_url'] . '/blank.png');
  1314. // Sorry, guests can't go any further than this..
  1315. if ($user_info['is_guest'] || $user_info['id'] == 0)
  1316. obExit(false);
  1317. $reservedVars = array(
  1318. 'actual_theme_url',
  1319. 'actual_images_url',
  1320. 'base_theme_dir',
  1321. 'base_theme_url',
  1322. 'default_images_url',
  1323. 'default_theme_dir',
  1324. 'default_theme_url',
  1325. 'default_template',
  1326. 'images_url',
  1327. 'number_recent_posts',
  1328. 'smiley_sets_default',
  1329. 'theme_dir',
  1330. 'theme_id',
  1331. 'theme_layers',
  1332. 'theme_templates',
  1333. 'theme_url',
  1334. 'name',
  1335. );
  1336. // Can't change reserved vars.
  1337. if (in_array(strtolower($_GET['var']), $reservedVars))
  1338. redirectexit($settings['images_url'] . '/blank.png');
  1339. // Use a specific theme?
  1340. if (isset($_GET['th']) || isset($_GET['id']))
  1341. {
  1342. // Invalidate the current themes cache too.
  1343. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 60);
  1344. $settings['theme_id'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  1345. }
  1346. // If this is the admin preferences the passed value will just be an element of it.
  1347. if ($_GET['var'] == 'admin_preferences')
  1348. {
  1349. $options['admin_preferences'] = !empty($options['admin_preferences']) ? unserialize($options['admin_preferences']) : array();
  1350. // New thingy...
  1351. if (isset($_GET['admin_key']) && strlen($_GET['admin_key']) < 5)
  1352. $options['admin_preferences'][$_GET['admin_key']] = $_GET['val'];
  1353. // Change the value to be something nice,
  1354. $_GET['val'] = serialize($options['admin_preferences']);
  1355. }
  1356. // Update the option.
  1357. $smcFunc['db_insert']('replace',
  1358. '{db_prefix}themes',
  1359. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  1360. array($settings['theme_id'], $user_info['id'], $_GET['var'], is_array($_GET['val']) ? implode(',', $_GET['val']) : $_GET['val']),
  1361. array('id_theme', 'id_member', 'variable')
  1362. );
  1363. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 60);
  1364. // Don't output anything...
  1365. redirectexit($settings['images_url'] . '/blank.png');
  1366. }
  1367. /**
  1368. * Shows an interface for editing the templates.
  1369. * - uses the Themes template and edit_template/edit_style sub template.
  1370. * - accessed via ?action=admin;area=theme;sa=edit
  1371. */
  1372. function EditTheme()
  1373. {
  1374. global $context, $settings, $scripturl, $boarddir, $smcFunc;
  1375. // @todo Should this be removed?
  1376. if (isset($_REQUEST['preview']))
  1377. die('die() with fire');
  1378. isAllowedTo('admin_forum');
  1379. loadTemplate('Themes');
  1380. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) @$_GET['id'];
  1381. if (empty($_GET['th']))
  1382. {
  1383. $request = $smcFunc['db_query']('', '
  1384. SELECT id_theme, variable, value
  1385. FROM {db_prefix}themes
  1386. WHERE variable IN ({string:name}, {string:theme_dir}, {string:theme_templates}, {string:theme_layers})
  1387. AND id_member = {int:no_member}',
  1388. array(
  1389. 'name' => 'name',
  1390. 'theme_dir' => 'theme_dir',
  1391. 'theme_templates' => 'theme_templates',
  1392. 'theme_layers' => 'theme_layers',
  1393. 'no_member' => 0,
  1394. )
  1395. );
  1396. $context['themes'] = array();
  1397. while ($row = $smcFunc['db_fetch_assoc']($request))
  1398. {
  1399. if (!isset($context['themes'][$row['id_theme']]))
  1400. $context['themes'][$row['id_theme']] = array(
  1401. 'id' => $row['id_theme'],
  1402. 'num_default_options' => 0,
  1403. 'num_members' => 0,
  1404. );
  1405. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  1406. }
  1407. $smcFunc['db_free_result']($request);
  1408. foreach ($context['themes'] as $key => $theme)
  1409. {
  1410. // There has to be a Settings template!
  1411. if (!file_exists($theme['theme_dir'] . '/index.template.php') && !file_exists($theme['theme_dir'] . '/css/index.css'))
  1412. unset($context['themes'][$key]);
  1413. else
  1414. {
  1415. if (!isset($theme['theme_templates']))
  1416. $templates = array('index');
  1417. else
  1418. $templates = explode(',', $theme['theme_templates']);
  1419. foreach ($templates as $template)
  1420. if (file_exists($theme['theme_dir'] . '/' . $template . '.template.php'))
  1421. {
  1422. // Fetch the header... a good 256 bytes should be more than enough.
  1423. $fp = fopen($theme['theme_dir'] . '/' . $template . '.template.php', 'rb');
  1424. $header = fread($fp, 256);
  1425. fclose($fp);
  1426. // Can we find a version comment, at all?
  1427. if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
  1428. {
  1429. $ver = $match[1];
  1430. if (!isset($context['themes'][$key]['version']) || $context['themes'][$key]['version'] > $ver)
  1431. $context['themes'][$key]['version'] = $ver;
  1432. }
  1433. }
  1434. $context['themes'][$key]['can_edit_style'] = file_exists($theme['theme_dir'] . '/css/index.css');
  1435. }
  1436. }
  1437. $context['sub_template'] = 'edit_list';
  1438. return 'no_themes';
  1439. }
  1440. $context['session_error'] = false;
  1441. // Get the directory of the theme we are editing.
  1442. $request = $smcFunc['db_query']('', '
  1443. SELECT value, id_theme
  1444. FROM {db_prefix}themes
  1445. WHERE variable = {string:theme_dir}
  1446. AND id_theme = {int:current_theme}
  1447. LIMIT 1',
  1448. array(
  1449. 'current_theme' => $_GET['th'],
  1450. 'theme_dir' => 'theme_dir',
  1451. )
  1452. );
  1453. list ($theme_dir, $context['theme_id']) = $smcFunc['db_fetch_row']($request);
  1454. $smcFunc['db_free_result']($request);
  1455. if (!file_exists($theme_dir . '/index.template.php') && !file_exists($theme_dir . '/css/index.css'))
  1456. fatal_lang_error('theme_edit_missing', false);
  1457. if (!isset($_REQUEST['filename']))
  1458. {
  1459. if (isset($_GET['directory']))
  1460. {
  1461. if (substr($_GET['directory'], 0, 1) == '.')
  1462. $_GET['directory'] = '';
  1463. else
  1464. {
  1465. $_GET['directory'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_GET['directory']);
  1466. $temp = realpath($theme_dir . '/' . $_GET['directory']);
  1467. if (empty($temp) || substr($temp, 0, strlen(realpath($theme_dir))) != realpath($theme_dir))
  1468. $_GET['directory'] = '';
  1469. }
  1470. }
  1471. if (isset($_GET['directory']) && $_GET['directory'] != '')
  1472. {
  1473. $context['theme_files'] = get_file_listing($theme_dir . '/' . $_GET['directory'], $_GET['directory'] . '/');
  1474. $temp = dirname($_GET['directory']);
  1475. array_unshift($context['theme_files'], array(
  1476. 'filename' => $temp == '.' || $temp == '' ? '/ (..)' : $temp . ' (..)',
  1477. 'is_writable' => is_writable($theme_dir . '/' . $temp),
  1478. 'is_directory' => true,
  1479. 'is_template' => false,
  1480. 'is_image' => false,
  1481. 'is_editable' => false,
  1482. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $temp,
  1483. 'size' => '',
  1484. ));
  1485. }
  1486. else
  1487. $context['theme_files'] = get_file_listing($theme_dir, '');
  1488. $context['sub_template'] = 'edit_browse';
  1489. return;
  1490. }
  1491. else
  1492. {
  1493. if (substr($_REQUEST['filename'], 0, 1) == '.')
  1494. $_REQUEST['filename'] = '';
  1495. else
  1496. {
  1497. $_REQUEST['filename'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_REQUEST['filename']);
  1498. $temp = realpath($theme_dir . '/' . $_REQUEST['filename']);
  1499. if (empty($temp) || substr($temp, 0, strlen(realpath($theme_dir))) != realpath($theme_dir))
  1500. $_REQUEST['filename'] = '';
  1501. }
  1502. if (empty($_REQUEST['filename']))
  1503. fatal_lang_error('theme_edit_missing', false);
  1504. }
  1505. if (isset($_POST['save']))
  1506. {
  1507. if (checkSession('post', '', false) == '' && validateToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']), 'post', false) == true)
  1508. {
  1509. if (is_array($_POST['entire_file']))
  1510. $_POST['entire_file'] = implode("\n", $_POST['entire_file']);
  1511. $_POST['entire_file'] = rtrim(strtr($_POST['entire_file'], array("\r" => '', ' ' => "\t")));
  1512. // Check for a parse error!
  1513. if (substr($_REQUEST['filename'], -13) == '.template.php' && is_writable($theme_dir) && ini_get('display_errors'))
  1514. {
  1515. $request = $smcFunc['db_query']('', '
  1516. SELECT value
  1517. FROM {db_prefix}themes
  1518. WHERE variable = {string:theme_url}
  1519. AND id_theme = {int:current_theme}
  1520. LIMIT 1',
  1521. array(
  1522. 'current_theme' => $_GET['th'],
  1523. 'theme_url' => 'theme_url',
  1524. )
  1525. );
  1526. list ($theme_url) = $smcFunc['db_fetch_row']($request);
  1527. $smcFunc['db_free_result']($request);
  1528. $fp = fopen($theme_dir . '/tmp_' . session_id() . '.php', 'w');
  1529. fwrite($fp, $_POST['entire_file']);
  1530. fclose($fp);
  1531. $error = @file_get_contents($theme_url . '/tmp_' . session_id() . '.php');
  1532. if (preg_match('~ <b>(\d+)</b><br( /)?' . '>$~i', $error) != 0)
  1533. $error_file = $theme_dir . '/tmp_' . session_id() . '.php';
  1534. else
  1535. unlink($theme_dir . '/tmp_' . session_id() . '.php');
  1536. }
  1537. if (!isset($error_file))
  1538. {
  1539. $fp = fopen($theme_dir . '/' . $_REQUEST['filename'], 'w');
  1540. fwrite($fp, $_POST['entire_file']);
  1541. fclose($fp);
  1542. redirectexit('action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . dirname($_REQUEST['filename']));
  1543. }
  1544. }
  1545. // Session timed out.
  1546. else
  1547. {
  1548. loadLanguage('Errors');
  1549. $context['session_error'] = true;
  1550. $context['sub_template'] = 'edit_file';
  1551. // Recycle the submitted data.
  1552. if (is_array($_POST['entire_file']))
  1553. $context['entire_file'] = $smcFunc['htmlspecialchars'](implode("\n", $_POST['entire_file']));
  1554. else
  1555. $context['entire_file'] = $smcFunc['htmlspecialchars']($_POST['entire_file']);
  1556. $context['edit_filename'] = $smcFunc['htmlspecialchars']($_POST['filename']);
  1557. // You were able to submit it, so it's reasonable to assume you are allowed to save.
  1558. $context['allow_save'] = true;
  1559. // Re-create the token so that it can be used
  1560. createToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']));
  1561. return;
  1562. }
  1563. }
  1564. $context['allow_save'] = is_writable($theme_dir . '/' . $_REQUEST['filename']);
  1565. $context['allow_save_filename'] = strtr($theme_dir . '/' . $_REQUEST['filename'], array($boarddir => '...'));
  1566. $context['edit_filename'] = $smcFunc['htmlspecialchars']($_REQUEST['filename']);
  1567. if (substr($_REQUEST['filename'], -4) == '.css')
  1568. {
  1569. $context['sub_template'] = 'edit_style';
  1570. $context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(file_get_contents($theme_dir . '/' . $_REQUEST['filename']), array("\t" => ' ')));
  1571. }
  1572. elseif (substr($_REQUEST['filename'], -13) == '.template.php')
  1573. {
  1574. $context['sub_template'] = 'edit_template';
  1575. if (!isset($error_file))
  1576. $file_data = file($theme_dir . '/' . $_REQUEST['filename']);
  1577. else
  1578. {
  1579. if (preg_match('~(<b>.+?</b>:.+?<b>).+?(</b>.+?<b>\d+</b>)<br( /)?' . '>$~i', $error, $match) != 0)
  1580. $context['parse_error'] = $match[1] . $_REQUEST['filename'] . $match[2];
  1581. $file_data = file($error_file);
  1582. unlink($error_file);
  1583. }
  1584. $j = 0;
  1585. $context['file_parts'] = array(array('lines' => 0, 'line' => 1, 'data' => ''));
  1586. for ($i = 0, $n = count($file_data); $i < $n; $i++)
  1587. {
  1588. if (isset($file_data[$i + 1]) && substr($file_data[$i + 1], 0, 9) == 'function ')
  1589. {
  1590. // Try to format the functions a little nicer...
  1591. $context['file_parts'][$j]['data'] = trim($context['file_parts'][$j]['data']) . "\n";
  1592. if (empty($context['file_parts'][$j]['lines']))
  1593. unset($context['file_parts'][$j]);
  1594. $context['file_parts'][++$j] = array('lines' => 0, 'line' => $i + 1, 'data' => '');
  1595. }
  1596. $context['file_parts'][$j]['lines']++;
  1597. $context['file_parts'][$j]['data'] .= $smcFunc['htmlspecialchars'](strtr($file_data[$i], array("\t" => ' ')));
  1598. }
  1599. $context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(implode('', $file_data), array("\t" => ' ')));
  1600. }
  1601. else
  1602. {
  1603. $context['sub_template'] = 'edit_file';
  1604. $context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(file_get_contents($theme_dir . '/' . $_REQUEST['filename']), array("\t" => ' ')));
  1605. }
  1606. // Create a special token to allow editing of multiple files.
  1607. createToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']));
  1608. }
  1609. /**
  1610. * Generates a file listing for a given directory
  1611. *
  1612. * @param type $path
  1613. * @param type $relative
  1614. * @return type
  1615. */
  1616. function get_file_listing($path, $relative)
  1617. {
  1618. global $scripturl, $txt, $context;
  1619. // Is it even a directory?
  1620. if (!is_dir($path))
  1621. fatal_lang_error('error_invalid_dir', 'critical');
  1622. $dir = dir($path);
  1623. $entries = array();
  1624. while ($entry = $dir->read())
  1625. $entries[] = $entry;
  1626. $dir->close();
  1627. natcasesort($entries);
  1628. $listing1 = array();
  1629. $listing2 = array();
  1630. foreach ($entries as $entry)
  1631. {
  1632. // Skip all dot files, including .htaccess.
  1633. if (substr($entry, 0, 1) == '.' || $entry == 'CVS')
  1634. continue;
  1635. if (is_dir($path . '/' . $entry))
  1636. $listing1[] = array(
  1637. 'filename' => $entry,
  1638. 'is_writable' => is_writable($path . '/' . $entry),
  1639. 'is_directory' => true,
  1640. 'is_template' => false,
  1641. 'is_image' => false,
  1642. 'is_editable' => false,
  1643. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $relative . $entry,
  1644. 'size' => '',
  1645. );
  1646. else
  1647. {
  1648. $size = filesize($path . '/' . $entry);
  1649. if ($size > 2048 || $size == 1024)
  1650. $size = comma_format($size / 1024) . ' ' . $txt['themeadmin_edit_kilobytes'];
  1651. else
  1652. $size = comma_format($size) . ' ' . $txt['themeadmin_edit_bytes'];
  1653. $listing2[] = array(
  1654. 'filename' => $entry,
  1655. 'is_writable' => is_writable($path . '/' . $entry),
  1656. 'is_directory' => false,
  1657. 'is_template' => preg_match('~\.template\.php$~', $entry) != 0,
  1658. 'is_image' => preg_match('~\.(jpg|jpeg|gif|bmp|png)$~', $entry) != 0,
  1659. 'is_editable' => is_writable($path . '/' . $entry) && preg_match('~\.(php|pl|css|js|vbs|xml|xslt|txt|xsl|html|htm|shtm|shtml|asp|aspx|cgi|py)$~', $entry) != 0,
  1660. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;filename=' . $relative . $entry,
  1661. 'size' => $size,
  1662. 'last_modified' => timeformat(filemtime($path . '/' . $entry)),
  1663. );
  1664. }
  1665. }
  1666. return array_merge($listing1, $listing2);
  1667. }
  1668. /**
  1669. * Makes a copy of a template file in a new location
  1670. * @uses Themes template, copy_template sub-template.
  1671. */
  1672. function CopyTemplate()
  1673. {
  1674. global $context, $settings, $smcFunc;
  1675. isAllowedTo('admin_forum');
  1676. loadTemplate('Themes');
  1677. $context[$context['admin_menu_name']]['current_subsection'] = 'edit';
  1678. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  1679. $request = $smcFunc['db_query']('', '
  1680. SELECT th1.value, th1.id_theme, th2.value
  1681. FROM {db_prefix}themes AS th1
  1682. LEFT JOIN {db_prefix}themes AS th2 ON (th2.variable = {string:base_theme_dir} AND th2.id_theme = {int:current_theme})
  1683. WHERE th1.variable = {string:theme_dir}
  1684. AND th1.id_theme = {int:current_theme}
  1685. LIMIT 1',
  1686. array(
  1687. 'current_theme' => $_GET['th'],
  1688. 'base_theme_dir' => 'base_theme_dir',
  1689. 'theme_dir' => 'theme_dir',
  1690. )
  1691. );
  1692. list ($theme_dir, $context['theme_id'], $base_theme_dir) = $smcFunc['db_fetch_row']($request);
  1693. $smcFunc['db_free_result']($request);
  1694. if (isset($_REQUEST['template']) && preg_match('~[\./\\\\:\0]~', $_REQUEST['template']) == 0)
  1695. {
  1696. if (!empty($base_theme_dir) && file_exists($base_theme_dir . '/' . $_REQUEST['template'] . '.template.php'))
  1697. $filename = $base_theme_dir . '/' . $_REQUEST['template'] . '.template.php';
  1698. elseif (file_exists($settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php'))
  1699. $filename = $settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php';
  1700. else
  1701. fatal_lang_error('no_access', false);
  1702. $fp = fopen($theme_dir . '/' . $_REQUEST['template'] . '.template.php', 'w');
  1703. fwrite($fp, file_get_contents($filename));
  1704. fclose($fp);
  1705. redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
  1706. }
  1707. elseif (isset($_REQUEST['lang_file']) && preg_match('~^[^\./\\\\:\0]\.[^\./\\\\:\0]$~', $_REQUEST['lang_file']) != 0)
  1708. {
  1709. if (!empty($base_theme_dir) && file_exists($base_theme_dir . '/languages/' . $_REQUEST['lang_file'] . '.php'))
  1710. $filename = $base_theme_dir . '/languages/' . $_REQUEST['template'] . '.php';
  1711. elseif (file_exists($settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php'))
  1712. $filename = $settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php';
  1713. else
  1714. fatal_lang_error('no_access', false);
  1715. $fp = fopen($theme_dir . '/languages/' . $_REQUEST['lang_file'] . '.php', 'w');
  1716. fwrite($fp, file_get_contents($filename));
  1717. fclose($fp);
  1718. redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
  1719. }
  1720. $templates = array();
  1721. $lang_files = array();
  1722. $dir = dir($settings['default_theme_dir']);
  1723. while ($entry = $dir->read())
  1724. {
  1725. if (substr($entry, -13) == '.template.php')
  1726. $templates[] = substr($entry, 0, -13);
  1727. }
  1728. $dir->close();
  1729. $dir = dir($settings['default_theme_dir'] . '/languages');
  1730. while ($entry = $dir->read())
  1731. {
  1732. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches))
  1733. $lang_files[] = $matches[1];
  1734. }
  1735. $dir->close();
  1736. if (!empty($base_theme_dir))
  1737. {
  1738. $dir = dir($base_theme_dir);
  1739. while ($entry = $dir->read())
  1740. {
  1741. if (substr($entry, -13) == '.template.php' && !in_array(substr($entry, 0, -13), $templates))
  1742. $templates[] = substr($entry, 0, -13);
  1743. }
  1744. $dir->close();
  1745. if (file_exists($base_theme_dir . '/languages'))
  1746. {
  1747. $dir = dir($base_theme_dir . '/languages');
  1748. while ($entry = $dir->read())
  1749. {
  1750. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches) && !in_array($matches[1], $lang_files))
  1751. $lang_files[] = $matches[1];
  1752. }
  1753. $dir->close();
  1754. }
  1755. }
  1756. natcasesort($templates);
  1757. natcasesort($lang_files);
  1758. $context['available_templates'] = array();
  1759. foreach ($templates as $template)
  1760. $context['available_templates'][$template] = array(
  1761. 'filename' => $template . '.template.php',
  1762. 'value' => $template,
  1763. 'already_exists' => false,
  1764. 'can_copy' => is_writable($theme_dir),
  1765. );
  1766. $context['available_language_files'] = array();
  1767. foreach ($lang_files as $file)
  1768. $context['available_language_files'][$file] = array(
  1769. 'filename' => $file . '.php',
  1770. 'value' => $file,
  1771. 'already_exists' => false,
  1772. 'can_copy' => file_exists($theme_dir . '/languages') ? is_writable($theme_dir . '/languages') : is_writable($theme_dir),
  1773. );
  1774. $dir = dir($theme_dir);
  1775. while ($entry = $dir->read())
  1776. {
  1777. if (substr($entry, -13) == '.template.php' && isset($context['available_templates'][substr($entry, 0, -13)]))
  1778. {
  1779. $context['available_templates'][substr($entry, 0, -13)]['already_exists'] = true;
  1780. $context['available_templates'][substr($entry, 0, -13)]['can_copy'] = is_writable($theme_dir . '/' . $entry);
  1781. }
  1782. }
  1783. $dir->close();
  1784. if (file_exists($theme_dir . '/languages'))
  1785. {
  1786. $dir = dir($theme_dir . '/languages');
  1787. while ($entry = $dir->read())
  1788. {
  1789. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches) && isset($context['available_language_files'][$matches[1]]))
  1790. {
  1791. $context['available_language_files'][$matches[1]]['already_exists'] = true;
  1792. $context['available_language_files'][$matches[1]]['can_copy'] = is_writable($theme_dir . '/languages/' . $entry);
  1793. }
  1794. }
  1795. $dir->close();
  1796. }
  1797. $context['sub_template'] = 'copy_template';
  1798. }
  1799. ?>