Themes.php 68 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106
  1. <?php
  2. /**
  3. * This file concerns itself almost completely with theme administration.
  4. * Its tasks include changing theme settings, installing and removing
  5. * themes, choosing the current theme, and editing themes.
  6. *
  7. * @todo Update this for the new package manager?
  8. *
  9. * Creating and distributing theme packages:
  10. * There isn't that much required to package and distribute your own themes...
  11. * just do the following:
  12. * - create a theme_info.xml file, with the root element theme-info.
  13. * - its name should go in a name element, just like description.
  14. * - your name should go in author. (email in the email attribute.)
  15. * - any support website for the theme should be in website.
  16. * - layers and templates (non-default) should go in those elements ;).
  17. * - if the images dir isn't images, specify in the images element.
  18. * - any extra rows for themes should go in extra, serialized. (as in array(variable => value).)
  19. * - tar and gzip the directory - and you're done!
  20. * - please include any special license in a license.txt file.
  21. *
  22. * Simple Machines Forum (SMF)
  23. *
  24. * @package SMF
  25. * @author Simple Machines http://www.simplemachines.org
  26. * @copyright 2013 Simple Machines and individual contributors
  27. * @license http://www.simplemachines.org/about/smf/license.php BSD
  28. *
  29. * @version 2.1 Alpha 1
  30. */
  31. if (!defined('SMF'))
  32. die('No direct access...');
  33. /**
  34. * Subaction handler - manages the action and delegates control to the proper
  35. * sub-action.
  36. * It loads both the Themes and Settings language files.
  37. * Checks the session by GET or POST to verify the sent data.
  38. * Requires the user not be a guest. (@todo what?)
  39. * Accessed via ?action=admin;area=theme.
  40. */
  41. function ThemesMain()
  42. {
  43. global $txt, $context, $scripturl, $sourcedir;
  44. // Load the important language files...
  45. loadLanguage('Themes');
  46. loadLanguage('Settings');
  47. loadLanguage('Drafts');
  48. // No funny business - guests only.
  49. is_not_guest();
  50. require_once($sourcedir . '/Subs-Themes.php');
  51. // Default the page title to Theme Administration by default.
  52. $context['page_title'] = $txt['themeadmin_title'];
  53. // Theme administration, removal, choice, or installation...
  54. $subActions = array(
  55. 'admin' => 'ThemeAdmin',
  56. 'list' => 'ThemeList',
  57. 'reset' => 'SetThemeOptions',
  58. 'options' => 'SetThemeOptions',
  59. 'install' => 'ThemeInstall',
  60. 'remove' => 'RemoveTheme',
  61. 'pick' => 'PickTheme',
  62. 'edit' => 'EditTheme',
  63. 'enable' => 'EnableTheme',
  64. 'copy' => 'CopyTemplate',
  65. );
  66. // @todo Layout Settings?
  67. if (!empty($context['admin_menu_name']))
  68. {
  69. $context[$context['admin_menu_name']]['tab_data'] = array(
  70. 'title' => $txt['themeadmin_title'],
  71. 'help' => 'themes',
  72. 'description' => $txt['themeadmin_description'],
  73. 'tabs' => array(
  74. 'admin' => array(
  75. 'description' => $txt['themeadmin_admin_desc'],
  76. ),
  77. 'list' => array(
  78. 'description' => $txt['themeadmin_list_desc'],
  79. ),
  80. 'reset' => array(
  81. 'description' => $txt['themeadmin_reset_desc'],
  82. ),
  83. 'edit' => array(
  84. 'description' => $txt['themeadmin_edit_desc'],
  85. ),
  86. ),
  87. );
  88. }
  89. // Follow the sa or just go to administration.
  90. if (isset($_GET['sa']) && !empty($subActions[$_GET['sa']]))
  91. $subActions[$_GET['sa']]();
  92. else
  93. $subActions['admin']();
  94. }
  95. /**
  96. * This function allows administration of themes and their settings,
  97. * as well as global theme settings.
  98. * - sets the settings theme_allow, theme_guests, and knownThemes.
  99. * - requires the admin_forum permission.
  100. * - accessed with ?action=admin;area=theme;sa=admin.
  101. *
  102. * @uses Themes template
  103. * @uses Admin language file
  104. */
  105. function ThemeAdmin()
  106. {
  107. global $context, $boarddir, $modSettings, $smcFunc;
  108. loadLanguage('Admin');
  109. isAllowedTo('admin_forum');
  110. loadTemplate('Themes');
  111. // List all installed and enabled themes.
  112. get_all_themes(true);
  113. // Can we create a new theme?
  114. $context['can_create_new'] = is_writable($boarddir . '/Themes');
  115. $context['new_theme_dir'] = substr(realpath($boarddir . '/Themes/default'), 0, -7);
  116. // Look for a non existent theme directory. (ie theme87.)
  117. $theme_dir = $boarddir . '/Themes/theme';
  118. $i = 1;
  119. while (file_exists($theme_dir . $i))
  120. $i++;
  121. $context['new_theme_name'] = 'theme' . $i;
  122. // A bunch of tokens for a bunch of forms.
  123. createToken('admin-tm');
  124. createToken('admin-t-file');
  125. createToken('admin-t-copy');
  126. createToken('admin-t-dir');
  127. // Are handling any settings?
  128. if (isset($_POST['save']))
  129. {
  130. checkSession();
  131. validateToken('admin-tm');
  132. if (isset($_POST['options']['known_themes']))
  133. foreach ($_POST['options']['known_themes'] as $key => $id)
  134. $_POST['options']['known_themes'][$key] = (int) $id;
  135. else
  136. fatal_lang_error('themes_none_selectable', false);
  137. if (!in_array($_POST['options']['theme_guests'], $_POST['options']['known_themes']))
  138. fatal_lang_error('themes_default_selectable', false);
  139. // Commit the new settings.
  140. updateSettings(array(
  141. 'theme_allow' => $_POST['options']['theme_allow'],
  142. 'theme_guests' => $_POST['options']['theme_guests'],
  143. 'knownThemes' => implode(',', $_POST['options']['known_themes']),
  144. ));
  145. if ((int) $_POST['theme_reset'] == 0 || in_array($_POST['theme_reset'], $_POST['options']['known_themes']))
  146. updateMemberData(null, array('id_theme' => (int) $_POST['theme_reset']));
  147. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=admin');
  148. }
  149. }
  150. /**
  151. * This function lists the available themes and provides an interface to reset
  152. * the paths of all the installed themes.
  153. */
  154. function ThemeList()
  155. {
  156. global $context, $boarddir, $boardurl, $smcFunc;
  157. loadLanguage('Admin');
  158. isAllowedTo('admin_forum');
  159. if (isset($_REQUEST['th']))
  160. return SetThemeSettings();
  161. if (isset($_POST['save']))
  162. {
  163. checkSession();
  164. validateToken('admin-tl');
  165. $themes = get_all_themes(false);
  166. $setValues = array();
  167. foreach ($themes as $id => $theme)
  168. {
  169. if (file_exists($_POST['reset_dir'] . '/' . basename($theme['theme_dir'])))
  170. {
  171. $setValues[] = array($id, 0, 'theme_dir', realpath($_POST['reset_dir'] . '/' . basename($theme['theme_dir'])));
  172. $setValues[] = array($id, 0, 'theme_url', $_POST['reset_url'] . '/' . basename($theme['theme_dir']));
  173. $setValues[] = array($id, 0, 'images_url', $_POST['reset_url'] . '/' . basename($theme['theme_dir']) . '/' . basename($theme['images_url']));
  174. }
  175. if (isset($theme['base_theme_dir']) && file_exists($_POST['reset_dir'] . '/' . basename($theme['base_theme_dir'])))
  176. {
  177. $setValues[] = array($id, 0, 'base_theme_dir', realpath($_POST['reset_dir'] . '/' . basename($theme['base_theme_dir'])));
  178. $setValues[] = array($id, 0, 'base_theme_url', $_POST['reset_url'] . '/' . basename($theme['base_theme_dir']));
  179. $setValues[] = array($id, 0, 'base_images_url', $_POST['reset_url'] . '/' . basename($theme['base_theme_dir']) . '/' . basename($theme['base_images_url']));
  180. }
  181. cache_put_data('theme_settings-' . $id, null, 90);
  182. }
  183. if (!empty($setValues))
  184. {
  185. $smcFunc['db_insert']('replace',
  186. '{db_prefix}themes',
  187. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  188. $setValues,
  189. array('id_theme', 'variable', 'id_member')
  190. );
  191. }
  192. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id']);
  193. }
  194. loadTemplate('Themes');
  195. // Get all installed themes.
  196. get_all_themes(false);
  197. $context['reset_dir'] = realpath($boarddir . '/Themes');
  198. $context['reset_url'] = $boardurl . '/Themes';
  199. $context['sub_template'] = 'list_themes';
  200. createToken('admin-tl');
  201. createToken('admin-tr', 'request');
  202. createToken('admin-tre', 'request');
  203. }
  204. /**
  205. * Administrative global settings.
  206. */
  207. function SetThemeOptions()
  208. {
  209. global $txt, $context, $settings, $modSettings, $smcFunc;
  210. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (isset($_GET['id']) ? (int) $_GET['id'] : 0);
  211. isAllowedTo('admin_forum');
  212. if (empty($_GET['th']) && empty($_GET['id']))
  213. {
  214. $request = $smcFunc['db_query']('', '
  215. SELECT id_theme, variable, value
  216. FROM {db_prefix}themes
  217. WHERE variable IN ({string:name}, {string:theme_dir})
  218. AND id_member = {int:no_member}',
  219. array(
  220. 'no_member' => 0,
  221. 'name' => 'name',
  222. 'theme_dir' => 'theme_dir',
  223. )
  224. );
  225. $context['themes'] = array();
  226. while ($row = $smcFunc['db_fetch_assoc']($request))
  227. {
  228. if (!isset($context['themes'][$row['id_theme']]))
  229. $context['themes'][$row['id_theme']] = array(
  230. 'id' => $row['id_theme'],
  231. 'num_default_options' => 0,
  232. 'num_members' => 0,
  233. );
  234. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  235. }
  236. $smcFunc['db_free_result']($request);
  237. $request = $smcFunc['db_query']('', '
  238. SELECT id_theme, COUNT(*) AS value
  239. FROM {db_prefix}themes
  240. WHERE id_member = {int:guest_member}
  241. GROUP BY id_theme',
  242. array(
  243. 'guest_member' => -1,
  244. )
  245. );
  246. while ($row = $smcFunc['db_fetch_assoc']($request))
  247. $context['themes'][$row['id_theme']]['num_default_options'] = $row['value'];
  248. $smcFunc['db_free_result']($request);
  249. // Need to make sure we don't do custom fields.
  250. $request = $smcFunc['db_query']('', '
  251. SELECT col_name
  252. FROM {db_prefix}custom_fields',
  253. array(
  254. )
  255. );
  256. $customFields = array();
  257. while ($row = $smcFunc['db_fetch_assoc']($request))
  258. $customFields[] = $row['col_name'];
  259. $smcFunc['db_free_result']($request);
  260. $customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
  261. $request = $smcFunc['db_query']('themes_count', '
  262. SELECT COUNT(DISTINCT id_member) AS value, id_theme
  263. FROM {db_prefix}themes
  264. WHERE id_member > {int:no_member}
  265. ' . $customFieldsQuery . '
  266. GROUP BY id_theme',
  267. array(
  268. 'no_member' => 0,
  269. 'custom_fields' => empty($customFields) ? array() : $customFields,
  270. )
  271. );
  272. while ($row = $smcFunc['db_fetch_assoc']($request))
  273. $context['themes'][$row['id_theme']]['num_members'] = $row['value'];
  274. $smcFunc['db_free_result']($request);
  275. // There has to be a Settings template!
  276. foreach ($context['themes'] as $k => $v)
  277. if (empty($v['theme_dir']) || (!file_exists($v['theme_dir'] . '/Settings.template.php') && empty($v['num_members'])))
  278. unset($context['themes'][$k]);
  279. loadTemplate('Themes');
  280. $context['sub_template'] = 'reset_list';
  281. createToken('admin-stor', 'request');
  282. return;
  283. }
  284. // Submit?
  285. if (isset($_POST['submit']) && empty($_POST['who']))
  286. {
  287. checkSession();
  288. validateToken('admin-sto');
  289. if (empty($_POST['options']))
  290. $_POST['options'] = array();
  291. if (empty($_POST['default_options']))
  292. $_POST['default_options'] = array();
  293. // Set up the sql query.
  294. $setValues = array();
  295. foreach ($_POST['options'] as $opt => $val)
  296. $setValues[] = array(-1, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
  297. $old_settings = array();
  298. foreach ($_POST['default_options'] as $opt => $val)
  299. {
  300. $old_settings[] = $opt;
  301. $setValues[] = array(-1, 1, $opt, is_array($val) ? implode(',', $val) : $val);
  302. }
  303. // If we're actually inserting something..
  304. if (!empty($setValues))
  305. {
  306. // Are there options in non-default themes set that should be cleared?
  307. if (!empty($old_settings))
  308. $smcFunc['db_query']('', '
  309. DELETE FROM {db_prefix}themes
  310. WHERE id_theme != {int:default_theme}
  311. AND id_member = {int:guest_member}
  312. AND variable IN ({array_string:old_settings})',
  313. array(
  314. 'default_theme' => 1,
  315. 'guest_member' => -1,
  316. 'old_settings' => $old_settings,
  317. )
  318. );
  319. $smcFunc['db_insert']('replace',
  320. '{db_prefix}themes',
  321. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  322. $setValues,
  323. array('id_theme', 'variable', 'id_member')
  324. );
  325. }
  326. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  327. cache_put_data('theme_settings-1', null, 90);
  328. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  329. }
  330. elseif (isset($_POST['submit']) && $_POST['who'] == 1)
  331. {
  332. checkSession();
  333. validateToken('admin-sto');
  334. $_POST['options'] = empty($_POST['options']) ? array() : $_POST['options'];
  335. $_POST['options_master'] = empty($_POST['options_master']) ? array() : $_POST['options_master'];
  336. $_POST['default_options'] = empty($_POST['default_options']) ? array() : $_POST['default_options'];
  337. $_POST['default_options_master'] = empty($_POST['default_options_master']) ? array() : $_POST['default_options_master'];
  338. $old_settings = array();
  339. foreach ($_POST['default_options'] as $opt => $val)
  340. {
  341. if ($_POST['default_options_master'][$opt] == 0)
  342. continue;
  343. elseif ($_POST['default_options_master'][$opt] == 1)
  344. {
  345. // Delete then insert for ease of database compatibility!
  346. $smcFunc['db_query']('substring', '
  347. DELETE FROM {db_prefix}themes
  348. WHERE id_theme = {int:default_theme}
  349. AND id_member != {int:no_member}
  350. AND variable = SUBSTRING({string:option}, 1, 255)',
  351. array(
  352. 'default_theme' => 1,
  353. 'no_member' => 0,
  354. 'option' => $opt,
  355. )
  356. );
  357. $smcFunc['db_query']('substring', '
  358. INSERT INTO {db_prefix}themes
  359. (id_member, id_theme, variable, value)
  360. SELECT id_member, 1, SUBSTRING({string:option}, 1, 255), SUBSTRING({string:value}, 1, 65534)
  361. FROM {db_prefix}members',
  362. array(
  363. 'option' => $opt,
  364. 'value' => (is_array($val) ? implode(',', $val) : $val),
  365. )
  366. );
  367. $old_settings[] = $opt;
  368. }
  369. elseif ($_POST['default_options_master'][$opt] == 2)
  370. {
  371. $smcFunc['db_query']('', '
  372. DELETE FROM {db_prefix}themes
  373. WHERE variable = {string:option_name}
  374. AND id_member > {int:no_member}',
  375. array(
  376. 'no_member' => 0,
  377. 'option_name' => $opt,
  378. )
  379. );
  380. }
  381. }
  382. // Delete options from other themes.
  383. if (!empty($old_settings))
  384. $smcFunc['db_query']('', '
  385. DELETE FROM {db_prefix}themes
  386. WHERE id_theme != {int:default_theme}
  387. AND id_member > {int:no_member}
  388. AND variable IN ({array_string:old_settings})',
  389. array(
  390. 'default_theme' => 1,
  391. 'no_member' => 0,
  392. 'old_settings' => $old_settings,
  393. )
  394. );
  395. foreach ($_POST['options'] as $opt => $val)
  396. {
  397. if ($_POST['options_master'][$opt] == 0)
  398. continue;
  399. elseif ($_POST['options_master'][$opt] == 1)
  400. {
  401. // Delete then insert for ease of database compatibility - again!
  402. $smcFunc['db_query']('substring', '
  403. DELETE FROM {db_prefix}themes
  404. WHERE id_theme = {int:current_theme}
  405. AND id_member != {int:no_member}
  406. AND variable = SUBSTRING({string:option}, 1, 255)',
  407. array(
  408. 'current_theme' => $_GET['th'],
  409. 'no_member' => 0,
  410. 'option' => $opt,
  411. )
  412. );
  413. $smcFunc['db_query']('substring', '
  414. INSERT INTO {db_prefix}themes
  415. (id_member, id_theme, variable, value)
  416. SELECT id_member, {int:current_theme}, SUBSTRING({string:option}, 1, 255), SUBSTRING({string:value}, 1, 65534)
  417. FROM {db_prefix}members',
  418. array(
  419. 'current_theme' => $_GET['th'],
  420. 'option' => $opt,
  421. 'value' => (is_array($val) ? implode(',', $val) : $val),
  422. )
  423. );
  424. }
  425. elseif ($_POST['options_master'][$opt] == 2)
  426. {
  427. $smcFunc['db_query']('', '
  428. DELETE FROM {db_prefix}themes
  429. WHERE variable = {string:option}
  430. AND id_member > {int:no_member}
  431. AND id_theme = {int:current_theme}',
  432. array(
  433. 'no_member' => 0,
  434. 'current_theme' => $_GET['th'],
  435. 'option' => $opt,
  436. )
  437. );
  438. }
  439. }
  440. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  441. }
  442. elseif (!empty($_GET['who']) && $_GET['who'] == 2)
  443. {
  444. checkSession('get');
  445. validateToken('admin-stor', 'request');
  446. // Don't delete custom fields!!
  447. if ($_GET['th'] == 1)
  448. {
  449. $request = $smcFunc['db_query']('', '
  450. SELECT col_name
  451. FROM {db_prefix}custom_fields',
  452. array(
  453. )
  454. );
  455. $customFields = array();
  456. while ($row = $smcFunc['db_fetch_assoc']($request))
  457. $customFields[] = $row['col_name'];
  458. $smcFunc['db_free_result']($request);
  459. }
  460. $customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
  461. $smcFunc['db_query']('', '
  462. DELETE FROM {db_prefix}themes
  463. WHERE id_member > {int:no_member}
  464. AND id_theme = {int:current_theme}
  465. ' . $customFieldsQuery,
  466. array(
  467. 'no_member' => 0,
  468. 'current_theme' => $_GET['th'],
  469. 'custom_fields' => empty($customFields) ? array() : $customFields,
  470. )
  471. );
  472. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  473. }
  474. $old_id = $settings['theme_id'];
  475. $old_settings = $settings;
  476. loadTheme($_GET['th'], false);
  477. loadLanguage('Profile');
  478. // @todo Should we just move these options so they are no longer theme dependant?
  479. loadLanguage('PersonalMessage');
  480. // Let the theme take care of the settings.
  481. loadTemplate('Settings');
  482. loadSubTemplate('options');
  483. $context['sub_template'] = 'set_options';
  484. $context['page_title'] = $txt['theme_settings'];
  485. $context['options'] = $context['theme_options'];
  486. $context['theme_settings'] = $settings;
  487. if (empty($_REQUEST['who']))
  488. {
  489. $request = $smcFunc['db_query']('', '
  490. SELECT variable, value
  491. FROM {db_prefix}themes
  492. WHERE id_theme IN (1, {int:current_theme})
  493. AND id_member = {int:guest_member}',
  494. array(
  495. 'current_theme' => $_GET['th'],
  496. 'guest_member' => -1,
  497. )
  498. );
  499. $context['theme_options'] = array();
  500. while ($row = $smcFunc['db_fetch_assoc']($request))
  501. $context['theme_options'][$row['variable']] = $row['value'];
  502. $smcFunc['db_free_result']($request);
  503. $context['theme_options_reset'] = false;
  504. }
  505. else
  506. {
  507. $context['theme_options'] = array();
  508. $context['theme_options_reset'] = true;
  509. }
  510. foreach ($context['options'] as $i => $setting)
  511. {
  512. // Is this disabled?
  513. if ($setting['id'] == 'calendar_start_day' && empty($modSettings['cal_enabled']))
  514. {
  515. unset($context['options'][$i]);
  516. continue;
  517. }
  518. elseif (($setting['id'] == 'topics_per_page' || $setting['id'] == 'messages_per_page') && !empty($modSettings['disableCustomPerPage']))
  519. {
  520. unset($context['options'][$i]);
  521. continue;
  522. }
  523. if (!isset($setting['type']) || $setting['type'] == 'bool')
  524. $context['options'][$i]['type'] = 'checkbox';
  525. elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
  526. $context['options'][$i]['type'] = 'number';
  527. elseif ($setting['type'] == 'string')
  528. $context['options'][$i]['type'] = 'text';
  529. if (isset($setting['options']))
  530. $context['options'][$i]['type'] = 'list';
  531. $context['options'][$i]['value'] = !isset($context['theme_options'][$setting['id']]) ? '' : $context['theme_options'][$setting['id']];
  532. }
  533. // Restore the existing theme.
  534. loadTheme($old_id, false);
  535. $settings = $old_settings;
  536. loadTemplate('Themes');
  537. createToken('admin-sto');
  538. }
  539. /**
  540. * Administrative global settings.
  541. * - saves and requests global theme settings. ($settings)
  542. * - loads the Admin language file.
  543. * - calls ThemeAdmin() if no theme is specified. (the theme center.)
  544. * - requires admin_forum permission.
  545. * - accessed with ?action=admin;area=theme;sa=list&th=xx.
  546. */
  547. function SetThemeSettings()
  548. {
  549. global $txt, $context, $settings, $modSettings, $sourcedir, $smcFunc;
  550. if (empty($_GET['th']) && empty($_GET['id']))
  551. return ThemeAdmin();
  552. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  553. // Select the best fitting tab.
  554. $context[$context['admin_menu_name']]['current_subsection'] = 'list';
  555. loadLanguage('Admin');
  556. isAllowedTo('admin_forum');
  557. // Validate inputs/user.
  558. if (empty($_GET['th']))
  559. fatal_lang_error('no_theme', false);
  560. // Fetch the smiley sets...
  561. $sets = explode(',', 'none,' . $modSettings['smiley_sets_known']);
  562. $set_names = explode("\n", $txt['smileys_none'] . "\n" . $modSettings['smiley_sets_names']);
  563. $context['smiley_sets'] = array(
  564. '' => $txt['smileys_no_default']
  565. );
  566. foreach ($sets as $i => $set)
  567. $context['smiley_sets'][$set] = $smcFunc['htmlspecialchars']($set_names[$i]);
  568. $old_id = $settings['theme_id'];
  569. $old_settings = $settings;
  570. loadTheme($_GET['th'], false);
  571. // Sadly we really do need to init the template.
  572. loadSubTemplate('init', 'ignore');
  573. // Also load the actual themes language file - in case of special settings.
  574. loadLanguage('Settings', '', true, true);
  575. // And the custom language strings...
  576. loadLanguage('ThemeStrings', '', false, true);
  577. // Let the theme take care of the settings.
  578. loadTemplate('Settings');
  579. loadSubTemplate('settings');
  580. // Load the variants separately...
  581. $settings['theme_variants'] = array();
  582. if (file_exists($settings['theme_dir'] . '/index.template.php'))
  583. {
  584. $file_contents = implode('', file($settings['theme_dir'] . '/index.template.php'));
  585. if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
  586. eval('global $settings;' . $matches[0]);
  587. }
  588. // Submitting!
  589. if (isset($_POST['save']))
  590. {
  591. checkSession();
  592. validateToken('admin-sts');
  593. if (empty($_POST['options']))
  594. $_POST['options'] = array();
  595. if (empty($_POST['default_options']))
  596. $_POST['default_options'] = array();
  597. // Make sure items are cast correctly.
  598. foreach ($context['theme_settings'] as $item)
  599. {
  600. // Disregard this item if this is just a separator.
  601. if (!is_array($item))
  602. continue;
  603. foreach (array('options', 'default_options') as $option)
  604. {
  605. if (!isset($_POST[$option][$item['id']]))
  606. continue;
  607. // Checkbox.
  608. elseif (empty($item['type']))
  609. $_POST[$option][$item['id']] = $_POST[$option][$item['id']] ? 1 : 0;
  610. // Number
  611. elseif ($item['type'] == 'number')
  612. $_POST[$option][$item['id']] = (int) $_POST[$option][$item['id']];
  613. }
  614. }
  615. // Set up the sql query.
  616. $inserts = array();
  617. foreach ($_POST['options'] as $opt => $val)
  618. $inserts[] = array(0, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
  619. foreach ($_POST['default_options'] as $opt => $val)
  620. $inserts[] = array(0, 1, $opt, is_array($val) ? implode(',', $val) : $val);
  621. // If we're actually inserting something..
  622. if (!empty($inserts))
  623. {
  624. $smcFunc['db_insert']('replace',
  625. '{db_prefix}themes',
  626. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  627. $inserts,
  628. array('id_member', 'id_theme', 'variable')
  629. );
  630. }
  631. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  632. cache_put_data('theme_settings-1', null, 90);
  633. // Invalidate the cache.
  634. updateSettings(array('settings_updated' => time()));
  635. redirectexit('action=admin;area=theme;sa=list;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id']);
  636. }
  637. $context['sub_template'] = 'set_settings';
  638. $context['page_title'] = $txt['theme_settings'];
  639. foreach ($settings as $setting => $dummy)
  640. {
  641. if (!in_array($setting, array('theme_url', 'theme_dir', 'images_url', 'template_dirs')))
  642. $settings[$setting] = htmlspecialchars__recursive($settings[$setting]);
  643. }
  644. $context['settings'] = $context['theme_settings'];
  645. $context['theme_settings'] = $settings;
  646. foreach ($context['settings'] as $i => $setting)
  647. {
  648. // Separators are dummies, so leave them alone.
  649. if (!is_array($setting))
  650. continue;
  651. if (!isset($setting['type']) || $setting['type'] == 'bool')
  652. $context['settings'][$i]['type'] = 'checkbox';
  653. elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
  654. $context['settings'][$i]['type'] = 'number';
  655. elseif ($setting['type'] == 'string')
  656. $context['settings'][$i]['type'] = 'text';
  657. if (isset($setting['options']))
  658. $context['settings'][$i]['type'] = 'list';
  659. $context['settings'][$i]['value'] = !isset($settings[$setting['id']]) ? '' : $settings[$setting['id']];
  660. }
  661. // Do we support variants?
  662. if (!empty($settings['theme_variants']))
  663. {
  664. $context['theme_variants'] = array();
  665. foreach ($settings['theme_variants'] as $variant)
  666. {
  667. // Have any text, old chap?
  668. $context['theme_variants'][$variant] = array(
  669. 'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
  670. 'thumbnail' => !file_exists($settings['theme_dir'] . '/images/thumbnail.png') || file_exists($settings['theme_dir'] . '/images/thumbnail_' . $variant . '.png') ? $settings['images_url'] . '/thumbnail_' . $variant . '.png' : ($settings['images_url'] . '/thumbnail.png'),
  671. );
  672. }
  673. $context['default_variant'] = !empty($settings['default_variant']) && isset($context['theme_variants'][$settings['default_variant']]) ? $settings['default_variant'] : $settings['theme_variants'][0];
  674. }
  675. // Restore the current theme.
  676. loadTheme($old_id, false);
  677. // Reinit just incase.
  678. loadSubTemplate('init', 'ignore');
  679. $settings = $old_settings;
  680. loadTemplate('Themes');
  681. // We like Kenny better than Token.
  682. createToken('admin-sts');
  683. }
  684. /**
  685. * Remove a theme from the database.
  686. * - removes an installed theme.
  687. * - requires an administrator.
  688. * - accessed with ?action=admin;area=theme;sa=remove.
  689. */
  690. function RemoveTheme()
  691. {
  692. global $modSettings, $context, $smcFunc;
  693. checkSession('get');
  694. isAllowedTo('admin_forum');
  695. validateToken('admin-tr', 'request');
  696. // The theme's ID must be an integer.
  697. $themeID = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  698. // You can't delete the default theme!
  699. if ($_GET['th'] == 1)
  700. fatal_lang_error('no_access', false);
  701. $theme_info = get_single_theme($themeID);
  702. // Remove it from the DB.
  703. remove_theme($themeID);
  704. // And remove all its files and folders too.
  705. if (!empty($theme_info) && !empty($theme_info['theme_dir']))
  706. remove_dir($theme_info['theme_dir']);
  707. // Go back to the list page.
  708. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id']);
  709. }
  710. function EnableTheme()
  711. {
  712. global $modSettings, $context;
  713. checkSession('get');
  714. isAllowedTo('admin_forum');
  715. validateToken('admin-tre', 'request');
  716. // The theme's ID must be an string.
  717. $themeID = isset($_GET['th']) ? (string) trim($_GET['th']) : (string) trim($_GET['id']);
  718. // Get the current list.
  719. $enableThemes = explode(',', $modSettings['enableThemes']);
  720. // Are we disabling it?
  721. if (isset($_GET['disabled']))
  722. $enableThemes = array_diff($enableThemes, array($themeID));
  723. // Nope? then enable it!
  724. else
  725. $enableThemes[] = (string) $themeID;
  726. // Update the setting.
  727. $enableThemes = strtr(implode(',', $enableThemes), array(',,' => ','));
  728. updateSettings(array('enableThemes' => $enableThemes));
  729. // Done!
  730. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id'] .';done='. (isset($_GET['disabled']) ? 'disabling' : 'enabling'));
  731. }
  732. /**
  733. * Choose a theme from a list.
  734. * allows an user or administrator to pick a new theme with an interface.
  735. * - can edit everyone's (u = 0), guests' (u = -1), or a specific user's.
  736. * - uses the Themes template. (pick sub template.)
  737. * - accessed with ?action=admin;area=theme;sa=pick.
  738. * @todo thought so... Might be better to split this file in ManageThemes and Themes,
  739. * with centralized admin permissions on ManageThemes.
  740. */
  741. function PickTheme()
  742. {
  743. global $txt, $context, $modSettings, $user_info, $language, $smcFunc, $settings, $scripturl;
  744. loadLanguage('Profile');
  745. loadTemplate('Themes');
  746. // Build the link tree.
  747. $context['linktree'][] = array(
  748. 'url' => $scripturl . '?action=theme;sa=pick;u=' . (!empty($_REQUEST['u']) ? (int) $_REQUEST['u'] : 0),
  749. 'name' => $txt['theme_pick'],
  750. );
  751. $context['default_theme_id'] = $modSettings['theme_default'];
  752. $_SESSION['id_theme'] = 0;
  753. if (isset($_GET['id']))
  754. $_GET['th'] = $_GET['id'];
  755. // Saving a variant cause JS doesn't work - pretend it did ;)
  756. if (isset($_POST['save']))
  757. {
  758. // Which theme?
  759. foreach ($_POST['save'] as $k => $v)
  760. $_GET['th'] = (int) $k;
  761. if (isset($_POST['vrt'][$k]))
  762. $_GET['vrt'] = $_POST['vrt'][$k];
  763. }
  764. // Have we made a decision, or are we just browsing?
  765. if (isset($_GET['th']))
  766. {
  767. checkSession('get');
  768. $_GET['th'] = (int) $_GET['th'];
  769. // Save for this user.
  770. if (!isset($_REQUEST['u']) || !allowedTo('admin_forum'))
  771. {
  772. updateMemberData($user_info['id'], array('id_theme' => (int) $_GET['th']));
  773. // A variants to save for the user?
  774. if (!empty($_GET['vrt']))
  775. {
  776. $smcFunc['db_insert']('replace',
  777. '{db_prefix}themes',
  778. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  779. array($_GET['th'], $user_info['id'], 'theme_variant', $_GET['vrt']),
  780. array('id_theme', 'id_member', 'variable')
  781. );
  782. cache_put_data('theme_settings-' . $_GET['th'] . ':' . $user_info['id'], null, 90);
  783. $_SESSION['id_variant'] = 0;
  784. }
  785. redirectexit('action=profile;area=theme');
  786. }
  787. // If changing members or guests - and there's a variant - assume changing default variant.
  788. if (!empty($_GET['vrt']) && ($_REQUEST['u'] == '0' || $_REQUEST['u'] == '-1'))
  789. {
  790. $smcFunc['db_insert']('replace',
  791. '{db_prefix}themes',
  792. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  793. array($_GET['th'], 0, 'default_variant', $_GET['vrt']),
  794. array('id_theme', 'id_member', 'variable')
  795. );
  796. // Make it obvious that it's changed
  797. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  798. }
  799. // For everyone.
  800. if ($_REQUEST['u'] == '0')
  801. {
  802. updateMemberData(null, array('id_theme' => (int) $_GET['th']));
  803. // Remove any custom variants.
  804. if (!empty($_GET['vrt']))
  805. {
  806. $smcFunc['db_query']('', '
  807. DELETE FROM {db_prefix}themes
  808. WHERE id_theme = {int:current_theme}
  809. AND variable = {string:theme_variant}',
  810. array(
  811. 'current_theme' => (int) $_GET['th'],
  812. 'theme_variant' => 'theme_variant',
  813. )
  814. );
  815. }
  816. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  817. }
  818. // Change the default/guest theme.
  819. elseif ($_REQUEST['u'] == '-1')
  820. {
  821. updateSettings(array('theme_guests' => (int) $_GET['th']));
  822. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  823. }
  824. // Change a specific member's theme.
  825. else
  826. {
  827. // The forum's default theme is always 0 and we
  828. if (isset($_GET['th']) && $_GET['th'] == 0)
  829. $_GET['th'] = $modSettings['theme_guests'];
  830. updateMemberData((int) $_REQUEST['u'], array('id_theme' => (int) $_GET['th']));
  831. if (!empty($_GET['vrt']))
  832. {
  833. $smcFunc['db_insert']('replace',
  834. '{db_prefix}themes',
  835. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  836. array($_GET['th'], (int) $_REQUEST['u'], 'theme_variant', $_GET['vrt']),
  837. array('id_theme', 'id_member', 'variable')
  838. );
  839. cache_put_data('theme_settings-' . $_GET['th'] . ':' . (int) $_REQUEST['u'], null, 90);
  840. if ($user_info['id'] == $_REQUEST['u'])
  841. $_SESSION['id_variant'] = 0;
  842. }
  843. redirectexit('action=profile;u=' . (int) $_REQUEST['u'] . ';area=theme');
  844. }
  845. }
  846. // Figure out who the member of the minute is, and what theme they've chosen.
  847. if (!isset($_REQUEST['u']) || !allowedTo('admin_forum'))
  848. {
  849. $context['current_member'] = $user_info['id'];
  850. $context['current_theme'] = $user_info['theme'];
  851. }
  852. // Everyone can't chose just one.
  853. elseif ($_REQUEST['u'] == '0')
  854. {
  855. $context['current_member'] = 0;
  856. $context['current_theme'] = 0;
  857. }
  858. // Guests and such...
  859. elseif ($_REQUEST['u'] == '-1')
  860. {
  861. $context['current_member'] = -1;
  862. $context['current_theme'] = $modSettings['theme_guests'];
  863. }
  864. // Someones else :P.
  865. else
  866. {
  867. $context['current_member'] = (int) $_REQUEST['u'];
  868. $request = $smcFunc['db_query']('', '
  869. SELECT id_theme
  870. FROM {db_prefix}members
  871. WHERE id_member = {int:current_member}
  872. LIMIT 1',
  873. array(
  874. 'current_member' => $context['current_member'],
  875. )
  876. );
  877. list ($context['current_theme']) = $smcFunc['db_fetch_row']($request);
  878. $smcFunc['db_free_result']($request);
  879. }
  880. // Get the theme name and descriptions.
  881. $context['available_themes'] = array();
  882. if (!empty($modSettings['knownThemes']))
  883. {
  884. $request = $smcFunc['db_query']('', '
  885. SELECT id_theme, variable, value
  886. FROM {db_prefix}themes
  887. WHERE variable IN ({string:name}, {string:theme_url}, {string:theme_dir}, {string:images_url}, {string:disable_user_variant})' . (!allowedTo('admin_forum') ? '
  888. AND id_theme IN ({array_string:known_themes})' : '') . '
  889. AND id_theme != {int:default_theme}
  890. AND id_member = {int:no_member}',
  891. array(
  892. 'default_theme' => 0,
  893. 'name' => 'name',
  894. 'no_member' => 0,
  895. 'theme_url' => 'theme_url',
  896. 'theme_dir' => 'theme_dir',
  897. 'images_url' => 'images_url',
  898. 'disable_user_variant' => 'disable_user_variant',
  899. 'known_themes' => explode(',', $modSettings['knownThemes']),
  900. )
  901. );
  902. while ($row = $smcFunc['db_fetch_assoc']($request))
  903. {
  904. if (!isset($context['available_themes'][$row['id_theme']]))
  905. $context['available_themes'][$row['id_theme']] = array(
  906. 'id' => $row['id_theme'],
  907. 'selected' => $context['current_theme'] == $row['id_theme'],
  908. 'num_users' => 0
  909. );
  910. $context['available_themes'][$row['id_theme']][$row['variable']] = $row['value'];
  911. }
  912. $smcFunc['db_free_result']($request);
  913. }
  914. // Okay, this is a complicated problem: the default theme is 1, but they aren't allowed to access 1!
  915. if (!isset($context['available_themes'][$modSettings['theme_guests']]))
  916. {
  917. $context['available_themes'][0] = array(
  918. 'num_users' => 0
  919. );
  920. $guest_theme = 0;
  921. }
  922. else
  923. $guest_theme = $modSettings['theme_guests'];
  924. $request = $smcFunc['db_query']('', '
  925. SELECT id_theme, COUNT(*) AS the_count
  926. FROM {db_prefix}members
  927. GROUP BY id_theme
  928. ORDER BY id_theme DESC',
  929. array(
  930. )
  931. );
  932. while ($row = $smcFunc['db_fetch_assoc']($request))
  933. {
  934. // Figure out which theme it is they are REALLY using.
  935. if (!empty($modSettings['knownThemes']) && !in_array($row['id_theme'], explode(',',$modSettings['knownThemes'])))
  936. $row['id_theme'] = $guest_theme;
  937. elseif (empty($modSettings['theme_allow']))
  938. $row['id_theme'] = $guest_theme;
  939. if (isset($context['available_themes'][$row['id_theme']]))
  940. $context['available_themes'][$row['id_theme']]['num_users'] += $row['the_count'];
  941. else
  942. $context['available_themes'][$guest_theme]['num_users'] += $row['the_count'];
  943. }
  944. $smcFunc['db_free_result']($request);
  945. // Get any member variant preferences.
  946. $variant_preferences = array();
  947. if ($context['current_member'] > 0)
  948. {
  949. $request = $smcFunc['db_query']('', '
  950. SELECT id_theme, value
  951. FROM {db_prefix}themes
  952. WHERE variable = {string:theme_variant}
  953. AND id_member IN ({array_int:id_member})
  954. ORDER BY id_member ASC',
  955. array(
  956. 'theme_variant' => 'theme_variant',
  957. 'id_member' => isset($_REQUEST['sa']) && $_REQUEST['sa'] == 'pick' ? array(-1, $context['current_member']) : array(-1),
  958. )
  959. );
  960. while ($row = $smcFunc['db_fetch_assoc']($request))
  961. $variant_preferences[$row['id_theme']] = $row['value'];
  962. $smcFunc['db_free_result']($request);
  963. }
  964. // Save the setting first.
  965. $current_images_url = $settings['images_url'];
  966. $current_theme_variants = !empty($settings['theme_variants']) ? $settings['theme_variants'] : array();
  967. foreach ($context['available_themes'] as $id_theme => $theme_data)
  968. {
  969. // Don't try to load the forum or board default theme's data... it doesn't have any!
  970. if ($id_theme == 0)
  971. continue;
  972. // The thumbnail needs the correct path.
  973. $settings['images_url'] = &$theme_data['images_url'];
  974. if (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php'))
  975. include($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php');
  976. elseif (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php'))
  977. include($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php');
  978. else
  979. {
  980. $txt['theme_thumbnail_href'] = $theme_data['images_url'] . '/thumbnail.png';
  981. $txt['theme_description'] = '';
  982. }
  983. $context['available_themes'][$id_theme]['thumbnail_href'] = $txt['theme_thumbnail_href'];
  984. $context['available_themes'][$id_theme]['description'] = $txt['theme_description'];
  985. // Are there any variants?
  986. if (file_exists($theme_data['theme_dir'] . '/index.template.php') && (empty($theme_data['disable_user_variant']) || allowedTo('admin_forum')))
  987. {
  988. $file_contents = implode('', file($theme_data['theme_dir'] . '/index.template.php'));
  989. if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
  990. {
  991. $settings['theme_variants'] = array();
  992. // Fill settings up.
  993. eval('global $settings;' . $matches[0]);
  994. if (!empty($settings['theme_variants']))
  995. {
  996. loadLanguage('Settings');
  997. $context['available_themes'][$id_theme]['variants'] = array();
  998. foreach ($settings['theme_variants'] as $variant)
  999. $context['available_themes'][$id_theme]['variants'][$variant] = array(
  1000. 'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
  1001. 'thumbnail' => !file_exists($theme_data['theme_dir'] . '/images/thumbnail.png') || file_exists($theme_data['theme_dir'] . '/images/thumbnail_' . $variant . '.png') ? $theme_data['images_url'] . '/thumbnail_' . $variant . '.png' : ($theme_data['images_url'] . '/thumbnail.png'),
  1002. );
  1003. $context['available_themes'][$id_theme]['selected_variant'] = isset($_GET['vrt']) ? $_GET['vrt'] : (!empty($variant_preferences[$id_theme]) ? $variant_preferences[$id_theme] : (!empty($settings['default_variant']) ? $settings['default_variant'] : $settings['theme_variants'][0]));
  1004. if (!isset($context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail']))
  1005. $context['available_themes'][$id_theme]['selected_variant'] = $settings['theme_variants'][0];
  1006. $context['available_themes'][$id_theme]['thumbnail_href'] = $context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail'];
  1007. // Allow themes to override the text.
  1008. $context['available_themes'][$id_theme]['pick_label'] = isset($txt['variant_pick']) ? $txt['variant_pick'] : $txt['theme_pick_variant'];
  1009. }
  1010. }
  1011. }
  1012. }
  1013. // Then return it.
  1014. $settings['images_url'] = $current_images_url;
  1015. $settings['theme_variants'] = $current_theme_variants;
  1016. // As long as we're not doing the default theme...
  1017. if (!isset($_REQUEST['u']) || $_REQUEST['u'] >= 0)
  1018. {
  1019. if ($guest_theme != 0)
  1020. $context['available_themes'][0] = $context['available_themes'][$guest_theme];
  1021. $context['available_themes'][0]['id'] = 0;
  1022. $context['available_themes'][0]['name'] = $txt['theme_forum_default'];
  1023. $context['available_themes'][0]['selected'] = $context['current_theme'] == 0;
  1024. $context['available_themes'][0]['description'] = $txt['theme_global_description'];
  1025. }
  1026. ksort($context['available_themes']);
  1027. $context['page_title'] = $txt['theme_pick'];
  1028. $context['sub_template'] = 'pick';
  1029. }
  1030. /**
  1031. * Installs new themes, either from a gzip or copy of the default.
  1032. * - puts themes in $boardurl/Themes.
  1033. * - assumes the gzip has a root directory in it. (ie default.)
  1034. * Requires admin_forum.
  1035. * Accessed with ?action=admin;area=theme;sa=install.
  1036. */
  1037. function ThemeInstall()
  1038. {
  1039. global $sourcedir, $txt, $context, $boarddir, $boardurl;
  1040. global $themedir, $themeurl, $smcFunc;
  1041. checkSession('request');
  1042. isAllowedTo('admin_forum');
  1043. require_once($sourcedir . '/Subs-Package.php');
  1044. // Make it easier to change the path and url.
  1045. $themedir = $boarddir . '/Themes';
  1046. $themeurl = $boardurl . '/Themes';
  1047. loadTemplate('Themes');
  1048. $subActions = array(
  1049. 'file' => 'InstallFile',
  1050. 'copy' => 'InstallCopy',
  1051. 'dir' => 'InstallDir',
  1052. );
  1053. // Is there a function to call?
  1054. if (isset($_GET['do']) && !empty($_GET['do']) && isset($subActions[$_GET['do']]))
  1055. {
  1056. $action = $smcFunc['htmlspecialchars'](trim($_GET['do']));
  1057. // Got any info from the specific form?
  1058. if (!isset($_POST['save_'. $action]))
  1059. fatal_lang_error('theme_install_no_action', false);
  1060. validateToken('admin-t-'. $action);
  1061. // Hopefully the themes directory is writable, or we might have a problem.
  1062. if (!is_writable($themedir))
  1063. fatal_lang_error('theme_install_write_error', 'critical');
  1064. // Call the function and handle the result.
  1065. $result = $subActions[$action]();
  1066. // Everything went better than expected!
  1067. if (!empty($result))
  1068. {
  1069. $context['sub_template'] = 'installed';
  1070. $context['page_title'] = $txt['theme_installed'];
  1071. $context['installed_theme'] = $result;
  1072. }
  1073. }
  1074. // Nope, show a nice error.
  1075. else
  1076. fatal_lang_error('theme_install_no_action', false);
  1077. }
  1078. function InstallFile()
  1079. {
  1080. global $themedir, $themeurl, $context;
  1081. // Set a temp dir for dumping all required files on it.
  1082. $dirtemp = $themedir .'/temp';
  1083. // Create the temp dir.
  1084. mkdir($dirtemp, 0777);
  1085. // Hopefully the temp directory is writable, or we might have a problem.
  1086. if (!is_writable($dirtemp))
  1087. fatal_lang_error('theme_install_write_error', 'critical');
  1088. // This happens when the admin session is gone and the user has to login again.
  1089. if (!isset($_FILES) || !isset($_FILES['theme_gz']) || empty($_FILES['theme_gz']))
  1090. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  1091. // Another error check layer, something went wrong with the upload.
  1092. if (isset($_FILES['theme_gz']['error']) && $_FILES['theme_gz']['error'] != 0)
  1093. fatal_lang_error('theme_install_error_file_'. $_FILES['theme_gz']['error'], false);
  1094. // Get the theme's name.
  1095. $name = strtok(basename($_FILES['theme_gz']['name']));
  1096. $name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $name);
  1097. // Start setting some vars.
  1098. $context['to_install'] = array(
  1099. 'theme_dir' => $themedir . '/' . $name,
  1100. 'theme_url' => $themeurl . '/' . $name,
  1101. 'images_url' => $themeurl . '/' . $name . '/images',
  1102. 'name' => $name,
  1103. );
  1104. // Extract the file on the proper themes dir.
  1105. $extracted = read_tgz_file($_FILES['theme_gz']['tmp_name'], $dirtemp, false, true);
  1106. if ($extracted)
  1107. {
  1108. // Read its info form the XML file.
  1109. $theme_info = get_theme_info($dirtemp);
  1110. $context['to_install'] += $theme_info;
  1111. // Install the theme. theme_install() will take care of possible errors.
  1112. $context['to_install']['id'] = theme_install($context['to_install']);
  1113. // Rename the temp dir to the actual theme name.
  1114. rename($dirtemp, $context['to_install']['theme_dir']);
  1115. // return all the info.
  1116. return $context['to_install'];
  1117. }
  1118. else
  1119. fatal_lang_error('theme_install_error_title', false);
  1120. }
  1121. function InstallCopy()
  1122. {
  1123. global $themedir, $themeurl, $settings, $smcFunc, $context;
  1124. global $forum_version;
  1125. // There's gotta be something to work with.
  1126. if (!isset($_REQUEST['copy']) || empty($_REQUEST['copy']))
  1127. fatal_lang_error('theme_install_error_title', false);
  1128. // Get a cleaner version.
  1129. $name = preg_replace('~[^A-Za-z0-9_\- ]~', '', $_REQUEST['copy']);
  1130. // Is there a theme already named like this?
  1131. if (file_exists($themedir .'/'. $name))
  1132. fatal_lang_error('theme_install_already_dir', false);
  1133. // This is a brand new theme so set all possible values.
  1134. $context['to_install'] = array(
  1135. 'theme_dir' => $themedir . '/' . $name,
  1136. 'theme_url' => $themeurl . '/' . $name,
  1137. 'name' => $name,
  1138. 'images_url' => $themeurl . '/' . $name . '/images',
  1139. 'version' => '1.0',
  1140. 'install_for' => '2.1 - 2.1.99, '. strtr($forum_version, array('SMF ' => '')),
  1141. );
  1142. // Create the specific dir.
  1143. umask(0);
  1144. mkdir($context['to_install']['theme_dir'], 0777);
  1145. // Buy some time.
  1146. @set_time_limit(600);
  1147. if (function_exists('apache_reset_timeout'))
  1148. @apache_reset_timeout();
  1149. // Create subdirectories for css and javascript files.
  1150. mkdir($context['to_install']['theme_dir'] . '/css', 0777);
  1151. mkdir($context['to_install']['theme_dir'] . '/scripts', 0777);
  1152. // Copy over the default non-theme files.
  1153. $to_copy = array('/index.php', '/index.template.php', '/css/index.css', '/css/rtl.css', '/css/admin.css', '/scripts/theme.js');
  1154. foreach ($to_copy as $file)
  1155. {
  1156. copy($settings['default_theme_dir'] . $file, $context['to_install']['theme_dir'] . $file);
  1157. @chmod($context['to_install']['theme_dir'] . $file, 0777);
  1158. }
  1159. // And now the entire images directory!
  1160. copytree($settings['default_theme_dir'] . '/images', $context['to_install']['theme_dir'] . '/images');
  1161. package_flush_cache();
  1162. // Lets get some data for the new theme.
  1163. $request = $smcFunc['db_query']('', '
  1164. SELECT variable, value
  1165. FROM {db_prefix}themes
  1166. WHERE variable IN ({string:theme_templates}, {string:theme_layers})
  1167. AND id_member = {int:no_member}
  1168. AND id_theme = {int:default_theme}',
  1169. array(
  1170. 'no_member' => 0,
  1171. 'default_theme' => 1,
  1172. 'theme_templates' => 'theme_templates',
  1173. 'theme_layers' => 'theme_layers',
  1174. )
  1175. );
  1176. while ($row = $smcFunc['db_fetch_assoc']($request))
  1177. {
  1178. if ($row['variable'] == 'theme_templates')
  1179. $theme_templates = $row['value'];
  1180. elseif ($row['variable'] == 'theme_layers')
  1181. $theme_layers = $row['value'];
  1182. else
  1183. continue;
  1184. }
  1185. $smcFunc['db_free_result']($request);
  1186. $context['to_install'] += array(
  1187. 'theme_layers' => empty($theme_layers) ? 'html,body' : $theme_layers,
  1188. 'theme_templates' => empty($theme_templates) ? 'index' : $theme_templates,
  1189. );
  1190. // Lets add a theme_info.xml to this theme.
  1191. $xml_info = '<' . '?xml version="1.0"?' . '>
  1192. <theme-info xmlns="http://www.simplemachines.org/xml/theme-info" xmlns:smf="http://www.simplemachines.org/">
  1193. <!-- For the id, always use something unique - put your name, a colon, and then the package name. -->
  1194. <id>smf:' . $smcFunc['strtolower']($context['to_install']['name']) . '</id>
  1195. <!-- The theme\'s version, please try to use semantic versioning. -->
  1196. <version>1.0</version>
  1197. <!-- Install for, the SMF versions this theme was designed for. Uses the same wildcards used in the packager manager. This field is mandatory. -->
  1198. <install for="'. $context['to_install']['install_for'] .'" />
  1199. <!-- Theme name, used purely for aesthetics. -->
  1200. <name>' . $context['to_install']['name'] . '</name>
  1201. <!-- Author: your email address or contact information. The name attribute is optional. -->
  1202. <author name="Simple Machines">[email protected]</author>
  1203. <!-- Website... where to get updates and more information. -->
  1204. <website>http://www.simplemachines.org/</website>
  1205. <!-- Template layers to use, defaults to "html,body". -->
  1206. <layers>' . $context['to_install']['theme_layers'] . '</layers>
  1207. <!-- Templates to load on startup. Default is "index". -->
  1208. <templates>' . $context['to_install']['theme_templates'] . '</templates>
  1209. <!-- Base this theme off another? Default is blank, or no. It could be "default". -->
  1210. <based-on></based-on>
  1211. </theme-info>';
  1212. // Now write it.
  1213. $fp = @fopen($context['to_install']['theme_dir'] . '/theme_info.xml', 'w+');
  1214. if ($fp)
  1215. {
  1216. fwrite($fp, $xml_info);
  1217. fclose($fp);
  1218. }
  1219. // Install the theme. theme_install() will take care of possible errors.
  1220. $context['to_install']['id'] = theme_install($context['to_install']);
  1221. // return the info.
  1222. return $context['to_install'];
  1223. }
  1224. function InstallDir()
  1225. {
  1226. global $themedir, $themeurl, $context;
  1227. // Cannot use the theme dir as a theme dir.
  1228. if (!isset($_REQUEST['theme_dir']) || empty($_REQUEST['theme_dir']) || rtrim(realpath($_REQUEST['theme_dir']), '/\\') == realpath($themedir))
  1229. fatal_lang_error('theme_install_invalid_dir', false);
  1230. // Check is there is "something" on the dir.
  1231. elseif (!is_dir($_REQUEST['theme_dir']) || !file_exists($_REQUEST['theme_dir'] . '/theme_info.xml'))
  1232. fatal_lang_error('theme_install_error', false);
  1233. $name = basename($_REQUEST['theme_dir']);
  1234. $name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $name);
  1235. // All good! set some needed vars.
  1236. $context['to_install'] = array(
  1237. 'dir' => $_REQUEST['theme_dir'],
  1238. 'theme_url' => $themeurl . '/' . $name,
  1239. 'name' => $name,
  1240. 'images_url' => $themeurl . '/' . $name . '/images',
  1241. );
  1242. // Read its info form the XML file.
  1243. $context['to_install'] += $theme_info;
  1244. // Install the theme. theme_install() will take care of possible errors.
  1245. $context['to_install']['id'] = theme_install($context['to_install']);
  1246. // return the info.
  1247. return $context['to_install'];
  1248. }
  1249. /**
  1250. * Possibly the simplest and best example of how to use the template system.
  1251. * - allows the theme to take care of actions.
  1252. * - happens if $settings['catch_action'] is set and action isn't found
  1253. * in the action array.
  1254. * - can use a template, layers, sub_template, filename, and/or function.
  1255. * @todo look at this
  1256. */
  1257. function WrapAction()
  1258. {
  1259. global $context, $settings, $sourcedir;
  1260. // Load any necessary template(s)?
  1261. if (isset($settings['catch_action']['template']))
  1262. {
  1263. // Load both the template and language file. (but don't fret if the language file isn't there...)
  1264. loadTemplate($settings['catch_action']['template']);
  1265. loadLanguage($settings['catch_action']['template'], '', false);
  1266. }
  1267. // Any special layers?
  1268. if (isset($settings['catch_action']['layers']))
  1269. $context['template_layers'] = $settings['catch_action']['layers'];
  1270. // Just call a function?
  1271. if (isset($settings['catch_action']['function']))
  1272. {
  1273. if (isset($settings['catch_action']['filename']))
  1274. template_include($sourcedir . '/' . $settings['catch_action']['filename'], true);
  1275. $settings['catch_action']['function']();
  1276. }
  1277. // And finally, the main sub template ;).
  1278. elseif (isset($settings['catch_action']['sub_template']))
  1279. $context['sub_template'] = $settings['catch_action']['sub_template'];
  1280. }
  1281. /**
  1282. * Set an option via javascript.
  1283. * - sets a theme option without outputting anything.
  1284. * - can be used with javascript, via a dummy image... (which doesn't require
  1285. * the page to reload.)
  1286. * - requires someone who is logged in.
  1287. * - accessed via ?action=jsoption;var=variable;val=value;session_var=sess_id.
  1288. * - does not log access to the Who's Online log. (in index.php..)
  1289. */
  1290. function SetJavaScript()
  1291. {
  1292. global $settings, $user_info, $smcFunc, $options;
  1293. // Check the session id.
  1294. checkSession('get');
  1295. // This good-for-nothing pixel is being used to keep the session alive.
  1296. if (empty($_GET['var']) || !isset($_GET['val']))
  1297. redirectexit($settings['images_url'] . '/blank.png');
  1298. // Sorry, guests can't go any further than this..
  1299. if ($user_info['is_guest'] || $user_info['id'] == 0)
  1300. obExit(false);
  1301. $reservedVars = array(
  1302. 'actual_theme_url',
  1303. 'actual_images_url',
  1304. 'base_theme_dir',
  1305. 'base_theme_url',
  1306. 'default_images_url',
  1307. 'default_theme_dir',
  1308. 'default_theme_url',
  1309. 'default_template',
  1310. 'images_url',
  1311. 'number_recent_posts',
  1312. 'smiley_sets_default',
  1313. 'theme_dir',
  1314. 'theme_id',
  1315. 'theme_layers',
  1316. 'theme_templates',
  1317. 'theme_url',
  1318. 'name',
  1319. );
  1320. // Can't change reserved vars.
  1321. if (in_array(strtolower($_GET['var']), $reservedVars))
  1322. redirectexit($settings['images_url'] . '/blank.png');
  1323. // Use a specific theme?
  1324. if (isset($_GET['th']) || isset($_GET['id']))
  1325. {
  1326. // Invalidate the current themes cache too.
  1327. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 60);
  1328. $settings['theme_id'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  1329. }
  1330. // If this is the admin preferences the passed value will just be an element of it.
  1331. if ($_GET['var'] == 'admin_preferences')
  1332. {
  1333. $options['admin_preferences'] = !empty($options['admin_preferences']) ? unserialize($options['admin_preferences']) : array();
  1334. // New thingy...
  1335. if (isset($_GET['admin_key']) && strlen($_GET['admin_key']) < 5)
  1336. $options['admin_preferences'][$_GET['admin_key']] = $_GET['val'];
  1337. // Change the value to be something nice,
  1338. $_GET['val'] = serialize($options['admin_preferences']);
  1339. }
  1340. // Update the option.
  1341. $smcFunc['db_insert']('replace',
  1342. '{db_prefix}themes',
  1343. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  1344. array($settings['theme_id'], $user_info['id'], $_GET['var'], is_array($_GET['val']) ? implode(',', $_GET['val']) : $_GET['val']),
  1345. array('id_theme', 'id_member', 'variable')
  1346. );
  1347. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 60);
  1348. // Don't output anything...
  1349. redirectexit($settings['images_url'] . '/blank.png');
  1350. }
  1351. /**
  1352. * Shows an interface for editing the templates.
  1353. * - uses the Themes template and edit_template/edit_style sub template.
  1354. * - accessed via ?action=admin;area=theme;sa=edit
  1355. */
  1356. function EditTheme()
  1357. {
  1358. global $context, $settings, $scripturl, $boarddir, $smcFunc;
  1359. // @todo Should this be removed?
  1360. if (isset($_REQUEST['preview']))
  1361. die('die() with fire');
  1362. isAllowedTo('admin_forum');
  1363. loadTemplate('Themes');
  1364. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) @$_GET['id'];
  1365. if (empty($_GET['th']))
  1366. {
  1367. $request = $smcFunc['db_query']('', '
  1368. SELECT id_theme, variable, value
  1369. FROM {db_prefix}themes
  1370. WHERE variable IN ({string:name}, {string:theme_dir}, {string:theme_templates}, {string:theme_layers})
  1371. AND id_member = {int:no_member}',
  1372. array(
  1373. 'name' => 'name',
  1374. 'theme_dir' => 'theme_dir',
  1375. 'theme_templates' => 'theme_templates',
  1376. 'theme_layers' => 'theme_layers',
  1377. 'no_member' => 0,
  1378. )
  1379. );
  1380. $context['themes'] = array();
  1381. while ($row = $smcFunc['db_fetch_assoc']($request))
  1382. {
  1383. if (!isset($context['themes'][$row['id_theme']]))
  1384. $context['themes'][$row['id_theme']] = array(
  1385. 'id' => $row['id_theme'],
  1386. 'num_default_options' => 0,
  1387. 'num_members' => 0,
  1388. );
  1389. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  1390. }
  1391. $smcFunc['db_free_result']($request);
  1392. foreach ($context['themes'] as $key => $theme)
  1393. {
  1394. // There has to be a Settings template!
  1395. if (!file_exists($theme['theme_dir'] . '/index.template.php') && !file_exists($theme['theme_dir'] . '/css/index.css'))
  1396. unset($context['themes'][$key]);
  1397. else
  1398. {
  1399. if (!isset($theme['theme_templates']))
  1400. $templates = array('index');
  1401. else
  1402. $templates = explode(',', $theme['theme_templates']);
  1403. foreach ($templates as $template)
  1404. if (file_exists($theme['theme_dir'] . '/' . $template . '.template.php'))
  1405. {
  1406. // Fetch the header... a good 256 bytes should be more than enough.
  1407. $fp = fopen($theme['theme_dir'] . '/' . $template . '.template.php', 'rb');
  1408. $header = fread($fp, 256);
  1409. fclose($fp);
  1410. // Can we find a version comment, at all?
  1411. if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
  1412. {
  1413. $ver = $match[1];
  1414. if (!isset($context['themes'][$key]['version']) || $context['themes'][$key]['version'] > $ver)
  1415. $context['themes'][$key]['version'] = $ver;
  1416. }
  1417. }
  1418. $context['themes'][$key]['can_edit_style'] = file_exists($theme['theme_dir'] . '/css/index.css');
  1419. }
  1420. }
  1421. $context['sub_template'] = 'edit_list';
  1422. return 'no_themes';
  1423. }
  1424. $context['session_error'] = false;
  1425. // Get the directory of the theme we are editing.
  1426. $request = $smcFunc['db_query']('', '
  1427. SELECT value, id_theme
  1428. FROM {db_prefix}themes
  1429. WHERE variable = {string:theme_dir}
  1430. AND id_theme = {int:current_theme}
  1431. LIMIT 1',
  1432. array(
  1433. 'current_theme' => $_GET['th'],
  1434. 'theme_dir' => 'theme_dir',
  1435. )
  1436. );
  1437. list ($theme_dir, $context['theme_id']) = $smcFunc['db_fetch_row']($request);
  1438. $smcFunc['db_free_result']($request);
  1439. if (!file_exists($theme_dir . '/index.template.php') && !file_exists($theme_dir . '/css/index.css'))
  1440. fatal_lang_error('theme_edit_missing', false);
  1441. if (!isset($_REQUEST['filename']))
  1442. {
  1443. if (isset($_GET['directory']))
  1444. {
  1445. if (substr($_GET['directory'], 0, 1) == '.')
  1446. $_GET['directory'] = '';
  1447. else
  1448. {
  1449. $_GET['directory'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_GET['directory']);
  1450. $temp = realpath($theme_dir . '/' . $_GET['directory']);
  1451. if (empty($temp) || substr($temp, 0, strlen(realpath($theme_dir))) != realpath($theme_dir))
  1452. $_GET['directory'] = '';
  1453. }
  1454. }
  1455. if (isset($_GET['directory']) && $_GET['directory'] != '')
  1456. {
  1457. $context['theme_files'] = get_file_listing($theme_dir . '/' . $_GET['directory'], $_GET['directory'] . '/');
  1458. $temp = dirname($_GET['directory']);
  1459. array_unshift($context['theme_files'], array(
  1460. 'filename' => $temp == '.' || $temp == '' ? '/ (..)' : $temp . ' (..)',
  1461. 'is_writable' => is_writable($theme_dir . '/' . $temp),
  1462. 'is_directory' => true,
  1463. 'is_template' => false,
  1464. 'is_image' => false,
  1465. 'is_editable' => false,
  1466. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $temp,
  1467. 'size' => '',
  1468. ));
  1469. }
  1470. else
  1471. $context['theme_files'] = get_file_listing($theme_dir, '');
  1472. $context['sub_template'] = 'edit_browse';
  1473. return;
  1474. }
  1475. else
  1476. {
  1477. if (substr($_REQUEST['filename'], 0, 1) == '.')
  1478. $_REQUEST['filename'] = '';
  1479. else
  1480. {
  1481. $_REQUEST['filename'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_REQUEST['filename']);
  1482. $temp = realpath($theme_dir . '/' . $_REQUEST['filename']);
  1483. if (empty($temp) || substr($temp, 0, strlen(realpath($theme_dir))) != realpath($theme_dir))
  1484. $_REQUEST['filename'] = '';
  1485. }
  1486. if (empty($_REQUEST['filename']))
  1487. fatal_lang_error('theme_edit_missing', false);
  1488. }
  1489. if (isset($_POST['save']))
  1490. {
  1491. if (checkSession('post', '', false) == '' && validateToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']), 'post', false) == true)
  1492. {
  1493. if (is_array($_POST['entire_file']))
  1494. $_POST['entire_file'] = implode("\n", $_POST['entire_file']);
  1495. $_POST['entire_file'] = rtrim(strtr($_POST['entire_file'], array("\r" => '', ' ' => "\t")));
  1496. // Check for a parse error!
  1497. if (substr($_REQUEST['filename'], -13) == '.template.php' && is_writable($theme_dir) && ini_get('display_errors'))
  1498. {
  1499. $request = $smcFunc['db_query']('', '
  1500. SELECT value
  1501. FROM {db_prefix}themes
  1502. WHERE variable = {string:theme_url}
  1503. AND id_theme = {int:current_theme}
  1504. LIMIT 1',
  1505. array(
  1506. 'current_theme' => $_GET['th'],
  1507. 'theme_url' => 'theme_url',
  1508. )
  1509. );
  1510. list ($theme_url) = $smcFunc['db_fetch_row']($request);
  1511. $smcFunc['db_free_result']($request);
  1512. $fp = fopen($theme_dir . '/tmp_' . session_id() . '.php', 'w');
  1513. fwrite($fp, $_POST['entire_file']);
  1514. fclose($fp);
  1515. $error = @file_get_contents($theme_url . '/tmp_' . session_id() . '.php');
  1516. if (preg_match('~ <b>(\d+)</b><br( /)?' . '>$~i', $error) != 0)
  1517. $error_file = $theme_dir . '/tmp_' . session_id() . '.php';
  1518. else
  1519. unlink($theme_dir . '/tmp_' . session_id() . '.php');
  1520. }
  1521. if (!isset($error_file))
  1522. {
  1523. $fp = fopen($theme_dir . '/' . $_REQUEST['filename'], 'w');
  1524. fwrite($fp, $_POST['entire_file']);
  1525. fclose($fp);
  1526. redirectexit('action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . dirname($_REQUEST['filename']));
  1527. }
  1528. }
  1529. // Session timed out.
  1530. else
  1531. {
  1532. loadLanguage('Errors');
  1533. $context['session_error'] = true;
  1534. $context['sub_template'] = 'edit_file';
  1535. // Recycle the submitted data.
  1536. if (is_array($_POST['entire_file']))
  1537. $context['entire_file'] = $smcFunc['htmlspecialchars'](implode("\n", $_POST['entire_file']));
  1538. else
  1539. $context['entire_file'] = $smcFunc['htmlspecialchars']($_POST['entire_file']);
  1540. $context['edit_filename'] = $smcFunc['htmlspecialchars']($_POST['filename']);
  1541. // You were able to submit it, so it's reasonable to assume you are allowed to save.
  1542. $context['allow_save'] = true;
  1543. // Re-create the token so that it can be used
  1544. createToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']));
  1545. return;
  1546. }
  1547. }
  1548. $context['allow_save'] = is_writable($theme_dir . '/' . $_REQUEST['filename']);
  1549. $context['allow_save_filename'] = strtr($theme_dir . '/' . $_REQUEST['filename'], array($boarddir => '...'));
  1550. $context['edit_filename'] = $smcFunc['htmlspecialchars']($_REQUEST['filename']);
  1551. if (substr($_REQUEST['filename'], -4) == '.css')
  1552. {
  1553. $context['sub_template'] = 'edit_style';
  1554. $context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(file_get_contents($theme_dir . '/' . $_REQUEST['filename']), array("\t" => ' ')));
  1555. }
  1556. elseif (substr($_REQUEST['filename'], -13) == '.template.php')
  1557. {
  1558. $context['sub_template'] = 'edit_template';
  1559. if (!isset($error_file))
  1560. $file_data = file($theme_dir . '/' . $_REQUEST['filename']);
  1561. else
  1562. {
  1563. if (preg_match('~(<b>.+?</b>:.+?<b>).+?(</b>.+?<b>\d+</b>)<br( /)?' . '>$~i', $error, $match) != 0)
  1564. $context['parse_error'] = $match[1] . $_REQUEST['filename'] . $match[2];
  1565. $file_data = file($error_file);
  1566. unlink($error_file);
  1567. }
  1568. $j = 0;
  1569. $context['file_parts'] = array(array('lines' => 0, 'line' => 1, 'data' => ''));
  1570. for ($i = 0, $n = count($file_data); $i < $n; $i++)
  1571. {
  1572. if (isset($file_data[$i + 1]) && substr($file_data[$i + 1], 0, 9) == 'function ')
  1573. {
  1574. // Try to format the functions a little nicer...
  1575. $context['file_parts'][$j]['data'] = trim($context['file_parts'][$j]['data']) . "\n";
  1576. if (empty($context['file_parts'][$j]['lines']))
  1577. unset($context['file_parts'][$j]);
  1578. $context['file_parts'][++$j] = array('lines' => 0, 'line' => $i + 1, 'data' => '');
  1579. }
  1580. $context['file_parts'][$j]['lines']++;
  1581. $context['file_parts'][$j]['data'] .= $smcFunc['htmlspecialchars'](strtr($file_data[$i], array("\t" => ' ')));
  1582. }
  1583. $context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(implode('', $file_data), array("\t" => ' ')));
  1584. }
  1585. else
  1586. {
  1587. $context['sub_template'] = 'edit_file';
  1588. $context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(file_get_contents($theme_dir . '/' . $_REQUEST['filename']), array("\t" => ' ')));
  1589. }
  1590. // Create a special token to allow editing of multiple files.
  1591. createToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']));
  1592. }
  1593. /**
  1594. * Generates a file listing for a given directory
  1595. *
  1596. * @param type $path
  1597. * @param type $relative
  1598. * @return type
  1599. */
  1600. function get_file_listing($path, $relative)
  1601. {
  1602. global $scripturl, $txt, $context;
  1603. // Is it even a directory?
  1604. if (!is_dir($path))
  1605. fatal_lang_error('error_invalid_dir', 'critical');
  1606. $dir = dir($path);
  1607. $entries = array();
  1608. while ($entry = $dir->read())
  1609. $entries[] = $entry;
  1610. $dir->close();
  1611. natcasesort($entries);
  1612. $listing1 = array();
  1613. $listing2 = array();
  1614. foreach ($entries as $entry)
  1615. {
  1616. // Skip all dot files, including .htaccess.
  1617. if (substr($entry, 0, 1) == '.' || $entry == 'CVS')
  1618. continue;
  1619. if (is_dir($path . '/' . $entry))
  1620. $listing1[] = array(
  1621. 'filename' => $entry,
  1622. 'is_writable' => is_writable($path . '/' . $entry),
  1623. 'is_directory' => true,
  1624. 'is_template' => false,
  1625. 'is_image' => false,
  1626. 'is_editable' => false,
  1627. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $relative . $entry,
  1628. 'size' => '',
  1629. );
  1630. else
  1631. {
  1632. $size = filesize($path . '/' . $entry);
  1633. if ($size > 2048 || $size == 1024)
  1634. $size = comma_format($size / 1024) . ' ' . $txt['themeadmin_edit_kilobytes'];
  1635. else
  1636. $size = comma_format($size) . ' ' . $txt['themeadmin_edit_bytes'];
  1637. $listing2[] = array(
  1638. 'filename' => $entry,
  1639. 'is_writable' => is_writable($path . '/' . $entry),
  1640. 'is_directory' => false,
  1641. 'is_template' => preg_match('~\.template\.php$~', $entry) != 0,
  1642. 'is_image' => preg_match('~\.(jpg|jpeg|gif|bmp|png)$~', $entry) != 0,
  1643. 'is_editable' => is_writable($path . '/' . $entry) && preg_match('~\.(php|pl|css|js|vbs|xml|xslt|txt|xsl|html|htm|shtm|shtml|asp|aspx|cgi|py)$~', $entry) != 0,
  1644. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;filename=' . $relative . $entry,
  1645. 'size' => $size,
  1646. 'last_modified' => timeformat(filemtime($path . '/' . $entry)),
  1647. );
  1648. }
  1649. }
  1650. return array_merge($listing1, $listing2);
  1651. }
  1652. /**
  1653. * Makes a copy of a template file in a new location
  1654. * @uses Themes template, copy_template sub-template.
  1655. */
  1656. function CopyTemplate()
  1657. {
  1658. global $context, $settings, $smcFunc;
  1659. isAllowedTo('admin_forum');
  1660. loadTemplate('Themes');
  1661. $context[$context['admin_menu_name']]['current_subsection'] = 'edit';
  1662. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  1663. $request = $smcFunc['db_query']('', '
  1664. SELECT th1.value, th1.id_theme, th2.value
  1665. FROM {db_prefix}themes AS th1
  1666. LEFT JOIN {db_prefix}themes AS th2 ON (th2.variable = {string:base_theme_dir} AND th2.id_theme = {int:current_theme})
  1667. WHERE th1.variable = {string:theme_dir}
  1668. AND th1.id_theme = {int:current_theme}
  1669. LIMIT 1',
  1670. array(
  1671. 'current_theme' => $_GET['th'],
  1672. 'base_theme_dir' => 'base_theme_dir',
  1673. 'theme_dir' => 'theme_dir',
  1674. )
  1675. );
  1676. list ($theme_dir, $context['theme_id'], $base_theme_dir) = $smcFunc['db_fetch_row']($request);
  1677. $smcFunc['db_free_result']($request);
  1678. if (isset($_REQUEST['template']) && preg_match('~[\./\\\\:\0]~', $_REQUEST['template']) == 0)
  1679. {
  1680. if (!empty($base_theme_dir) && file_exists($base_theme_dir . '/' . $_REQUEST['template'] . '.template.php'))
  1681. $filename = $base_theme_dir . '/' . $_REQUEST['template'] . '.template.php';
  1682. elseif (file_exists($settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php'))
  1683. $filename = $settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php';
  1684. else
  1685. fatal_lang_error('no_access', false);
  1686. $fp = fopen($theme_dir . '/' . $_REQUEST['template'] . '.template.php', 'w');
  1687. fwrite($fp, file_get_contents($filename));
  1688. fclose($fp);
  1689. redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
  1690. }
  1691. elseif (isset($_REQUEST['lang_file']) && preg_match('~^[^\./\\\\:\0]\.[^\./\\\\:\0]$~', $_REQUEST['lang_file']) != 0)
  1692. {
  1693. if (!empty($base_theme_dir) && file_exists($base_theme_dir . '/languages/' . $_REQUEST['lang_file'] . '.php'))
  1694. $filename = $base_theme_dir . '/languages/' . $_REQUEST['template'] . '.php';
  1695. elseif (file_exists($settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php'))
  1696. $filename = $settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php';
  1697. else
  1698. fatal_lang_error('no_access', false);
  1699. $fp = fopen($theme_dir . '/languages/' . $_REQUEST['lang_file'] . '.php', 'w');
  1700. fwrite($fp, file_get_contents($filename));
  1701. fclose($fp);
  1702. redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
  1703. }
  1704. $templates = array();
  1705. $lang_files = array();
  1706. $dir = dir($settings['default_theme_dir']);
  1707. while ($entry = $dir->read())
  1708. {
  1709. if (substr($entry, -13) == '.template.php')
  1710. $templates[] = substr($entry, 0, -13);
  1711. }
  1712. $dir->close();
  1713. $dir = dir($settings['default_theme_dir'] . '/languages');
  1714. while ($entry = $dir->read())
  1715. {
  1716. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches))
  1717. $lang_files[] = $matches[1];
  1718. }
  1719. $dir->close();
  1720. if (!empty($base_theme_dir))
  1721. {
  1722. $dir = dir($base_theme_dir);
  1723. while ($entry = $dir->read())
  1724. {
  1725. if (substr($entry, -13) == '.template.php' && !in_array(substr($entry, 0, -13), $templates))
  1726. $templates[] = substr($entry, 0, -13);
  1727. }
  1728. $dir->close();
  1729. if (file_exists($base_theme_dir . '/languages'))
  1730. {
  1731. $dir = dir($base_theme_dir . '/languages');
  1732. while ($entry = $dir->read())
  1733. {
  1734. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches) && !in_array($matches[1], $lang_files))
  1735. $lang_files[] = $matches[1];
  1736. }
  1737. $dir->close();
  1738. }
  1739. }
  1740. natcasesort($templates);
  1741. natcasesort($lang_files);
  1742. $context['available_templates'] = array();
  1743. foreach ($templates as $template)
  1744. $context['available_templates'][$template] = array(
  1745. 'filename' => $template . '.template.php',
  1746. 'value' => $template,
  1747. 'already_exists' => false,
  1748. 'can_copy' => is_writable($theme_dir),
  1749. );
  1750. $context['available_language_files'] = array();
  1751. foreach ($lang_files as $file)
  1752. $context['available_language_files'][$file] = array(
  1753. 'filename' => $file . '.php',
  1754. 'value' => $file,
  1755. 'already_exists' => false,
  1756. 'can_copy' => file_exists($theme_dir . '/languages') ? is_writable($theme_dir . '/languages') : is_writable($theme_dir),
  1757. );
  1758. $dir = dir($theme_dir);
  1759. while ($entry = $dir->read())
  1760. {
  1761. if (substr($entry, -13) == '.template.php' && isset($context['available_templates'][substr($entry, 0, -13)]))
  1762. {
  1763. $context['available_templates'][substr($entry, 0, -13)]['already_exists'] = true;
  1764. $context['available_templates'][substr($entry, 0, -13)]['can_copy'] = is_writable($theme_dir . '/' . $entry);
  1765. }
  1766. }
  1767. $dir->close();
  1768. if (file_exists($theme_dir . '/languages'))
  1769. {
  1770. $dir = dir($theme_dir . '/languages');
  1771. while ($entry = $dir->read())
  1772. {
  1773. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches) && isset($context['available_language_files'][$matches[1]]))
  1774. {
  1775. $context['available_language_files'][$matches[1]]['already_exists'] = true;
  1776. $context['available_language_files'][$matches[1]]['can_copy'] = is_writable($theme_dir . '/languages/' . $entry);
  1777. }
  1778. }
  1779. $dir->close();
  1780. }
  1781. $context['sub_template'] = 'copy_template';
  1782. }
  1783. ?>