Themes.php 71 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205
  1. <?php
  2. /**
  3. * This file concerns itself almost completely with theme administration.
  4. * Its tasks include changing theme settings, installing and removing
  5. * themes, choosing the current theme, and editing themes.
  6. *
  7. * @todo Update this for the new package manager?
  8. *
  9. * Creating and distributing theme packages:
  10. * There isn't that much required to package and distribute your own themes...
  11. * just do the following:
  12. * - create a theme_info.xml file, with the root element theme-info.
  13. * - its name should go in a name element, just like description.
  14. * - your name should go in author. (email in the email attribute.)
  15. * - any support website for the theme should be in website.
  16. * - layers and templates (non-default) should go in those elements ;).
  17. * - if the images dir isn't images, specify in the images element.
  18. * - any extra rows for themes should go in extra, serialized. (as in array(variable => value).)
  19. * - tar and gzip the directory - and you're done!
  20. * - please include any special license in a license.txt file.
  21. *
  22. * Simple Machines Forum (SMF)
  23. *
  24. * @package SMF
  25. * @author Simple Machines http://www.simplemachines.org
  26. * @copyright 2012 Simple Machines
  27. * @license http://www.simplemachines.org/about/smf/license.php BSD
  28. *
  29. * @version 2.1 Alpha 1
  30. */
  31. if (!defined('SMF'))
  32. die('Hacking attempt...');
  33. /**
  34. * Subaction handler - manages the action and delegates control to the proper
  35. * sub-action.
  36. * It loads both the Themes and Settings language files.
  37. * Checks the session by GET or POST to verify the sent data.
  38. * Requires the user not be a guest. (@todo what?)
  39. * Accessed via ?action=admin;area=theme.
  40. */
  41. function ThemesMain()
  42. {
  43. global $txt, $context, $scripturl;
  44. // Load the important language files...
  45. loadLanguage('Themes');
  46. loadLanguage('Settings');
  47. // No funny business - guests only.
  48. is_not_guest();
  49. // Default the page title to Theme Administration by default.
  50. $context['page_title'] = $txt['themeadmin_title'];
  51. // Theme administration, removal, choice, or installation...
  52. $subActions = array(
  53. 'admin' => 'ThemeAdmin',
  54. 'list' => 'ThemeList',
  55. 'reset' => 'SetThemeOptions',
  56. 'options' => 'SetThemeOptions',
  57. 'install' => 'ThemeInstall',
  58. 'remove' => 'RemoveTheme',
  59. 'pick' => 'PickTheme',
  60. 'edit' => 'EditTheme',
  61. 'copy' => 'CopyTemplate',
  62. );
  63. // @todo Layout Settings?
  64. if (!empty($context['admin_menu_name']))
  65. {
  66. $context[$context['admin_menu_name']]['tab_data'] = array(
  67. 'title' => $txt['themeadmin_title'],
  68. 'help' => 'themes',
  69. 'description' => $txt['themeadmin_description'],
  70. 'tabs' => array(
  71. 'admin' => array(
  72. 'description' => $txt['themeadmin_admin_desc'],
  73. ),
  74. 'list' => array(
  75. 'description' => $txt['themeadmin_list_desc'],
  76. ),
  77. 'reset' => array(
  78. 'description' => $txt['themeadmin_reset_desc'],
  79. ),
  80. 'edit' => array(
  81. 'description' => $txt['themeadmin_edit_desc'],
  82. ),
  83. ),
  84. );
  85. }
  86. // Follow the sa or just go to administration.
  87. if (isset($_GET['sa']) && !empty($subActions[$_GET['sa']]))
  88. $subActions[$_GET['sa']]();
  89. else
  90. $subActions['admin']();
  91. }
  92. /**
  93. * This function allows administration of themes and their settings,
  94. * as well as global theme settings.
  95. * - sets the settings theme_allow, theme_guests, and knownThemes.
  96. * - requires the admin_forum permission.
  97. * - accessed with ?action=admin;area=theme;sa=admin.
  98. *
  99. * @uses Themes template
  100. * @uses Admin language file
  101. */
  102. function ThemeAdmin()
  103. {
  104. global $context, $boarddir, $modSettings, $smcFunc;
  105. loadLanguage('Admin');
  106. isAllowedTo('admin_forum');
  107. // If we aren't submitting - that is, if we are about to...
  108. if (!isset($_POST['save']))
  109. {
  110. loadTemplate('Themes');
  111. // Make our known themes a little easier to work with.
  112. $knownThemes = !empty($modSettings['knownThemes']) ? explode(',',$modSettings['knownThemes']) : array();
  113. // Load up all the themes.
  114. $request = $smcFunc['db_query']('', '
  115. SELECT id_theme, value AS name
  116. FROM {db_prefix}themes
  117. WHERE variable = {string:name}
  118. AND id_member = {int:no_member}
  119. ORDER BY id_theme',
  120. array(
  121. 'no_member' => 0,
  122. 'name' => 'name',
  123. )
  124. );
  125. $context['themes'] = array();
  126. while ($row = $smcFunc['db_fetch_assoc']($request))
  127. $context['themes'][] = array(
  128. 'id' => $row['id_theme'],
  129. 'name' => $row['name'],
  130. 'known' => in_array($row['id_theme'], $knownThemes),
  131. );
  132. $smcFunc['db_free_result']($request);
  133. // Can we create a new theme?
  134. $context['can_create_new'] = is_writable($boarddir . '/Themes');
  135. $context['new_theme_dir'] = substr(realpath($boarddir . '/Themes/default'), 0, -7);
  136. // Look for a non existent theme directory. (ie theme87.)
  137. $theme_dir = $boarddir . '/Themes/theme';
  138. $i = 1;
  139. while (file_exists($theme_dir . $i))
  140. $i++;
  141. $context['new_theme_name'] = 'theme' . $i;
  142. createToken('admin-tm');
  143. }
  144. else
  145. {
  146. checkSession();
  147. validateToken('admin-tm');
  148. if (isset($_POST['options']['known_themes']))
  149. foreach ($_POST['options']['known_themes'] as $key => $id)
  150. $_POST['options']['known_themes'][$key] = (int) $id;
  151. else
  152. fatal_lang_error('themes_none_selectable', false);
  153. if (!in_array($_POST['options']['theme_guests'], $_POST['options']['known_themes']))
  154. fatal_lang_error('themes_default_selectable', false);
  155. // Commit the new settings.
  156. updateSettings(array(
  157. 'theme_allow' => $_POST['options']['theme_allow'],
  158. 'theme_guests' => $_POST['options']['theme_guests'],
  159. 'knownThemes' => implode(',', $_POST['options']['known_themes']),
  160. ));
  161. if ((int) $_POST['theme_reset'] == 0 || in_array($_POST['theme_reset'], $_POST['options']['known_themes']))
  162. updateMemberData(null, array('id_theme' => (int) $_POST['theme_reset']));
  163. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=admin');
  164. }
  165. }
  166. /**
  167. * This function lists the available themes and provides an interface to reset
  168. * the paths of all the installed themes.
  169. */
  170. function ThemeList()
  171. {
  172. global $context, $boarddir, $boardurl, $smcFunc;
  173. loadLanguage('Admin');
  174. isAllowedTo('admin_forum');
  175. if (isset($_REQUEST['th']))
  176. return SetThemeSettings();
  177. if (isset($_POST['save']))
  178. {
  179. checkSession();
  180. validateToken('admin-tl');
  181. $request = $smcFunc['db_query']('', '
  182. SELECT id_theme, variable, value
  183. FROM {db_prefix}themes
  184. WHERE variable IN ({string:theme_dir}, {string:theme_url}, {string:images_url}, {string:base_theme_dir}, {string:base_theme_url}, {string:base_images_url})
  185. AND id_member = {int:no_member}',
  186. array(
  187. 'no_member' => 0,
  188. 'theme_dir' => 'theme_dir',
  189. 'theme_url' => 'theme_url',
  190. 'images_url' => 'images_url',
  191. 'base_theme_dir' => 'base_theme_dir',
  192. 'base_theme_url' => 'base_theme_url',
  193. 'base_images_url' => 'base_images_url',
  194. )
  195. );
  196. $themes = array();
  197. while ($row = $smcFunc['db_fetch_assoc']($request))
  198. $themes[$row['id_theme']][$row['variable']] = $row['value'];
  199. $smcFunc['db_free_result']($request);
  200. $setValues = array();
  201. foreach ($themes as $id => $theme)
  202. {
  203. if (file_exists($_POST['reset_dir'] . '/' . basename($theme['theme_dir'])))
  204. {
  205. $setValues[] = array($id, 0, 'theme_dir', realpath($_POST['reset_dir'] . '/' . basename($theme['theme_dir'])));
  206. $setValues[] = array($id, 0, 'theme_url', $_POST['reset_url'] . '/' . basename($theme['theme_dir']));
  207. $setValues[] = array($id, 0, 'images_url', $_POST['reset_url'] . '/' . basename($theme['theme_dir']) . '/' . basename($theme['images_url']));
  208. }
  209. if (isset($theme['base_theme_dir']) && file_exists($_POST['reset_dir'] . '/' . basename($theme['base_theme_dir'])))
  210. {
  211. $setValues[] = array($id, 0, 'base_theme_dir', realpath($_POST['reset_dir'] . '/' . basename($theme['base_theme_dir'])));
  212. $setValues[] = array($id, 0, 'base_theme_url', $_POST['reset_url'] . '/' . basename($theme['base_theme_dir']));
  213. $setValues[] = array($id, 0, 'base_images_url', $_POST['reset_url'] . '/' . basename($theme['base_theme_dir']) . '/' . basename($theme['base_images_url']));
  214. }
  215. cache_put_data('theme_settings-' . $id, null, 90);
  216. }
  217. if (!empty($setValues))
  218. {
  219. $smcFunc['db_insert']('replace',
  220. '{db_prefix}themes',
  221. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  222. $setValues,
  223. array('id_theme', 'variable', 'id_member')
  224. );
  225. }
  226. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id']);
  227. }
  228. loadTemplate('Themes');
  229. $request = $smcFunc['db_query']('', '
  230. SELECT id_theme, variable, value
  231. FROM {db_prefix}themes
  232. WHERE variable IN ({string:name}, {string:theme_dir}, {string:theme_url}, {string:images_url})
  233. AND id_member = {int:no_member}',
  234. array(
  235. 'no_member' => 0,
  236. 'name' => 'name',
  237. 'theme_dir' => 'theme_dir',
  238. 'theme_url' => 'theme_url',
  239. 'images_url' => 'images_url',
  240. )
  241. );
  242. $context['themes'] = array();
  243. while ($row = $smcFunc['db_fetch_assoc']($request))
  244. {
  245. if (!isset($context['themes'][$row['id_theme']]))
  246. $context['themes'][$row['id_theme']] = array(
  247. 'id' => $row['id_theme'],
  248. );
  249. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  250. }
  251. $smcFunc['db_free_result']($request);
  252. foreach ($context['themes'] as $i => $theme)
  253. {
  254. $context['themes'][$i]['theme_dir'] = realpath($context['themes'][$i]['theme_dir']);
  255. if (file_exists($context['themes'][$i]['theme_dir'] . '/index.template.php'))
  256. {
  257. // Fetch the header... a good 256 bytes should be more than enough.
  258. $fp = fopen($context['themes'][$i]['theme_dir'] . '/index.template.php', 'rb');
  259. $header = fread($fp, 256);
  260. fclose($fp);
  261. // Can we find a version comment, at all?
  262. if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
  263. $context['themes'][$i]['version'] = $match[1];
  264. }
  265. $context['themes'][$i]['valid_path'] = file_exists($context['themes'][$i]['theme_dir']) && is_dir($context['themes'][$i]['theme_dir']);
  266. }
  267. $context['reset_dir'] = realpath($boarddir . '/Themes');
  268. $context['reset_url'] = $boardurl . '/Themes';
  269. $context['sub_template'] = 'list_themes';
  270. createToken('admin-tl');
  271. createToken('admin-tr', 'request');
  272. }
  273. /**
  274. * Administrative global settings.
  275. */
  276. function SetThemeOptions()
  277. {
  278. global $txt, $context, $settings, $modSettings, $smcFunc;
  279. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (isset($_GET['id']) ? (int) $_GET['id'] : 0);
  280. isAllowedTo('admin_forum');
  281. if (empty($_GET['th']) && empty($_GET['id']))
  282. {
  283. $request = $smcFunc['db_query']('', '
  284. SELECT id_theme, variable, value
  285. FROM {db_prefix}themes
  286. WHERE variable IN ({string:name}, {string:theme_dir})
  287. AND id_member = {int:no_member}',
  288. array(
  289. 'no_member' => 0,
  290. 'name' => 'name',
  291. 'theme_dir' => 'theme_dir',
  292. )
  293. );
  294. $context['themes'] = array();
  295. while ($row = $smcFunc['db_fetch_assoc']($request))
  296. {
  297. if (!isset($context['themes'][$row['id_theme']]))
  298. $context['themes'][$row['id_theme']] = array(
  299. 'id' => $row['id_theme'],
  300. 'num_default_options' => 0,
  301. 'num_members' => 0,
  302. );
  303. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  304. }
  305. $smcFunc['db_free_result']($request);
  306. $request = $smcFunc['db_query']('', '
  307. SELECT id_theme, COUNT(*) AS value
  308. FROM {db_prefix}themes
  309. WHERE id_member = {int:guest_member}
  310. GROUP BY id_theme',
  311. array(
  312. 'guest_member' => -1,
  313. )
  314. );
  315. while ($row = $smcFunc['db_fetch_assoc']($request))
  316. $context['themes'][$row['id_theme']]['num_default_options'] = $row['value'];
  317. $smcFunc['db_free_result']($request);
  318. // Need to make sure we don't do custom fields.
  319. $request = $smcFunc['db_query']('', '
  320. SELECT col_name
  321. FROM {db_prefix}custom_fields',
  322. array(
  323. )
  324. );
  325. $customFields = array();
  326. while ($row = $smcFunc['db_fetch_assoc']($request))
  327. $customFields[] = $row['col_name'];
  328. $smcFunc['db_free_result']($request);
  329. $customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
  330. $request = $smcFunc['db_query']('themes_count', '
  331. SELECT COUNT(DISTINCT id_member) AS value, id_theme
  332. FROM {db_prefix}themes
  333. WHERE id_member > {int:no_member}
  334. ' . $customFieldsQuery . '
  335. GROUP BY id_theme',
  336. array(
  337. 'no_member' => 0,
  338. 'custom_fields' => empty($customFields) ? array() : $customFields,
  339. )
  340. );
  341. while ($row = $smcFunc['db_fetch_assoc']($request))
  342. $context['themes'][$row['id_theme']]['num_members'] = $row['value'];
  343. $smcFunc['db_free_result']($request);
  344. // There has to be a Settings template!
  345. foreach ($context['themes'] as $k => $v)
  346. if (empty($v['theme_dir']) || (!file_exists($v['theme_dir'] . '/Settings.template.php') && empty($v['num_members'])))
  347. unset($context['themes'][$k]);
  348. loadTemplate('Themes');
  349. $context['sub_template'] = 'reset_list';
  350. createToken('admin-stor', 'request');
  351. return;
  352. }
  353. // Submit?
  354. if (isset($_POST['submit']) && empty($_POST['who']))
  355. {
  356. checkSession();
  357. validateToken('admin-sto');
  358. if (empty($_POST['options']))
  359. $_POST['options'] = array();
  360. if (empty($_POST['default_options']))
  361. $_POST['default_options'] = array();
  362. // Set up the sql query.
  363. $setValues = array();
  364. foreach ($_POST['options'] as $opt => $val)
  365. $setValues[] = array(-1, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
  366. $old_settings = array();
  367. foreach ($_POST['default_options'] as $opt => $val)
  368. {
  369. $old_settings[] = $opt;
  370. $setValues[] = array(-1, 1, $opt, is_array($val) ? implode(',', $val) : $val);
  371. }
  372. // If we're actually inserting something..
  373. if (!empty($setValues))
  374. {
  375. // Are there options in non-default themes set that should be cleared?
  376. if (!empty($old_settings))
  377. $smcFunc['db_query']('', '
  378. DELETE FROM {db_prefix}themes
  379. WHERE id_theme != {int:default_theme}
  380. AND id_member = {int:guest_member}
  381. AND variable IN ({array_string:old_settings})',
  382. array(
  383. 'default_theme' => 1,
  384. 'guest_member' => -1,
  385. 'old_settings' => $old_settings,
  386. )
  387. );
  388. $smcFunc['db_insert']('replace',
  389. '{db_prefix}themes',
  390. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  391. $setValues,
  392. array('id_theme', 'variable', 'id_member')
  393. );
  394. }
  395. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  396. cache_put_data('theme_settings-1', null, 90);
  397. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  398. }
  399. elseif (isset($_POST['submit']) && $_POST['who'] == 1)
  400. {
  401. checkSession();
  402. validateToken('admin-sto');
  403. $_POST['options'] = empty($_POST['options']) ? array() : $_POST['options'];
  404. $_POST['options_master'] = empty($_POST['options_master']) ? array() : $_POST['options_master'];
  405. $_POST['default_options'] = empty($_POST['default_options']) ? array() : $_POST['default_options'];
  406. $_POST['default_options_master'] = empty($_POST['default_options_master']) ? array() : $_POST['default_options_master'];
  407. $old_settings = array();
  408. foreach ($_POST['default_options'] as $opt => $val)
  409. {
  410. if ($_POST['default_options_master'][$opt] == 0)
  411. continue;
  412. elseif ($_POST['default_options_master'][$opt] == 1)
  413. {
  414. // Delete then insert for ease of database compatibility!
  415. $smcFunc['db_query']('substring', '
  416. DELETE FROM {db_prefix}themes
  417. WHERE id_theme = {int:default_theme}
  418. AND id_member != {int:no_member}
  419. AND variable = SUBSTRING({string:option}, 1, 255)',
  420. array(
  421. 'default_theme' => 1,
  422. 'no_member' => 0,
  423. 'option' => $opt,
  424. )
  425. );
  426. $smcFunc['db_query']('substring', '
  427. INSERT INTO {db_prefix}themes
  428. (id_member, id_theme, variable, value)
  429. SELECT id_member, 1, SUBSTRING({string:option}, 1, 255), SUBSTRING({string:value}, 1, 65534)
  430. FROM {db_prefix}members',
  431. array(
  432. 'option' => $opt,
  433. 'value' => (is_array($val) ? implode(',', $val) : $val),
  434. )
  435. );
  436. $old_settings[] = $opt;
  437. }
  438. elseif ($_POST['default_options_master'][$opt] == 2)
  439. {
  440. $smcFunc['db_query']('', '
  441. DELETE FROM {db_prefix}themes
  442. WHERE variable = {string:option_name}
  443. AND id_member > {int:no_member}',
  444. array(
  445. 'no_member' => 0,
  446. 'option_name' => $opt,
  447. )
  448. );
  449. }
  450. }
  451. // Delete options from other themes.
  452. if (!empty($old_settings))
  453. $smcFunc['db_query']('', '
  454. DELETE FROM {db_prefix}themes
  455. WHERE id_theme != {int:default_theme}
  456. AND id_member > {int:no_member}
  457. AND variable IN ({array_string:old_settings})',
  458. array(
  459. 'default_theme' => 1,
  460. 'no_member' => 0,
  461. 'old_settings' => $old_settings,
  462. )
  463. );
  464. foreach ($_POST['options'] as $opt => $val)
  465. {
  466. if ($_POST['options_master'][$opt] == 0)
  467. continue;
  468. elseif ($_POST['options_master'][$opt] == 1)
  469. {
  470. // Delete then insert for ease of database compatibility - again!
  471. $smcFunc['db_query']('substring', '
  472. DELETE FROM {db_prefix}themes
  473. WHERE id_theme = {int:current_theme}
  474. AND id_member != {int:no_member}
  475. AND variable = SUBSTRING({string:option}, 1, 255)',
  476. array(
  477. 'current_theme' => $_GET['th'],
  478. 'no_member' => 0,
  479. 'option' => $opt,
  480. )
  481. );
  482. $smcFunc['db_query']('substring', '
  483. INSERT INTO {db_prefix}themes
  484. (id_member, id_theme, variable, value)
  485. SELECT id_member, {int:current_theme}, SUBSTRING({string:option}, 1, 255), SUBSTRING({string:value}, 1, 65534)
  486. FROM {db_prefix}members',
  487. array(
  488. 'current_theme' => $_GET['th'],
  489. 'option' => $opt,
  490. 'value' => (is_array($val) ? implode(',', $val) : $val),
  491. )
  492. );
  493. }
  494. elseif ($_POST['options_master'][$opt] == 2)
  495. {
  496. $smcFunc['db_query']('', '
  497. DELETE FROM {db_prefix}themes
  498. WHERE variable = {string:option}
  499. AND id_member > {int:no_member}
  500. AND id_theme = {int:current_theme}',
  501. array(
  502. 'no_member' => 0,
  503. 'current_theme' => $_GET['th'],
  504. 'option' => $opt,
  505. )
  506. );
  507. }
  508. }
  509. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  510. }
  511. elseif (!empty($_GET['who']) && $_GET['who'] == 2)
  512. {
  513. checkSession('get');
  514. validateToken('admin-stor', 'request');
  515. // Don't delete custom fields!!
  516. if ($_GET['th'] == 1)
  517. {
  518. $request = $smcFunc['db_query']('', '
  519. SELECT col_name
  520. FROM {db_prefix}custom_fields',
  521. array(
  522. )
  523. );
  524. $customFields = array();
  525. while ($row = $smcFunc['db_fetch_assoc']($request))
  526. $customFields[] = $row['col_name'];
  527. $smcFunc['db_free_result']($request);
  528. }
  529. $customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
  530. $smcFunc['db_query']('', '
  531. DELETE FROM {db_prefix}themes
  532. WHERE id_member > {int:no_member}
  533. AND id_theme = {int:current_theme}
  534. ' . $customFieldsQuery,
  535. array(
  536. 'no_member' => 0,
  537. 'current_theme' => $_GET['th'],
  538. 'custom_fields' => empty($customFields) ? array() : $customFields,
  539. )
  540. );
  541. redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
  542. }
  543. $old_id = $settings['theme_id'];
  544. $old_settings = $settings;
  545. loadTheme($_GET['th'], false);
  546. loadLanguage('Profile');
  547. // @todo Should we just move these options so they are no longer theme dependant?
  548. loadLanguage('PersonalMessage');
  549. // Let the theme take care of the settings.
  550. loadTemplate('Settings');
  551. loadSubTemplate('options');
  552. $context['sub_template'] = 'set_options';
  553. $context['page_title'] = $txt['theme_settings'];
  554. $context['options'] = $context['theme_options'];
  555. $context['theme_settings'] = $settings;
  556. if (empty($_REQUEST['who']))
  557. {
  558. $request = $smcFunc['db_query']('', '
  559. SELECT variable, value
  560. FROM {db_prefix}themes
  561. WHERE id_theme IN (1, {int:current_theme})
  562. AND id_member = {int:guest_member}',
  563. array(
  564. 'current_theme' => $_GET['th'],
  565. 'guest_member' => -1,
  566. )
  567. );
  568. $context['theme_options'] = array();
  569. while ($row = $smcFunc['db_fetch_assoc']($request))
  570. $context['theme_options'][$row['variable']] = $row['value'];
  571. $smcFunc['db_free_result']($request);
  572. $context['theme_options_reset'] = false;
  573. }
  574. else
  575. {
  576. $context['theme_options'] = array();
  577. $context['theme_options_reset'] = true;
  578. }
  579. foreach ($context['options'] as $i => $setting)
  580. {
  581. // Is this disabled?
  582. if ($setting['id'] == 'calendar_start_day' && empty($modSettings['cal_enabled']))
  583. {
  584. unset($context['options'][$i]);
  585. continue;
  586. }
  587. elseif (($setting['id'] == 'topics_per_page' || $setting['id'] == 'messages_per_page') && !empty($modSettings['disableCustomPerPage']))
  588. {
  589. unset($context['options'][$i]);
  590. continue;
  591. }
  592. if (!isset($setting['type']) || $setting['type'] == 'bool')
  593. $context['options'][$i]['type'] = 'checkbox';
  594. elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
  595. $context['options'][$i]['type'] = 'number';
  596. elseif ($setting['type'] == 'string')
  597. $context['options'][$i]['type'] = 'text';
  598. if (isset($setting['options']))
  599. $context['options'][$i]['type'] = 'list';
  600. $context['options'][$i]['value'] = !isset($context['theme_options'][$setting['id']]) ? '' : $context['theme_options'][$setting['id']];
  601. }
  602. // Restore the existing theme.
  603. loadTheme($old_id, false);
  604. $settings = $old_settings;
  605. loadTemplate('Themes');
  606. createToken('admin-sto');
  607. }
  608. /**
  609. * Administrative global settings.
  610. * - saves and requests global theme settings. ($settings)
  611. * - loads the Admin language file.
  612. * - calls ThemeAdmin() if no theme is specified. (the theme center.)
  613. * - requires admin_forum permission.
  614. * - accessed with ?action=admin;area=theme;sa=list&th=xx.
  615. */
  616. function SetThemeSettings()
  617. {
  618. global $txt, $context, $settings, $modSettings, $sourcedir, $smcFunc;
  619. if (empty($_GET['th']) && empty($_GET['id']))
  620. return ThemeAdmin();
  621. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  622. // Select the best fitting tab.
  623. $context[$context['admin_menu_name']]['current_subsection'] = 'list';
  624. loadLanguage('Admin');
  625. isAllowedTo('admin_forum');
  626. // Validate inputs/user.
  627. if (empty($_GET['th']))
  628. fatal_lang_error('no_theme', false);
  629. // Fetch the smiley sets...
  630. $sets = explode(',', 'none,' . $modSettings['smiley_sets_known']);
  631. $set_names = explode("\n", $txt['smileys_none'] . "\n" . $modSettings['smiley_sets_names']);
  632. $context['smiley_sets'] = array(
  633. '' => $txt['smileys_no_default']
  634. );
  635. foreach ($sets as $i => $set)
  636. $context['smiley_sets'][$set] = htmlspecialchars($set_names[$i]);
  637. $old_id = $settings['theme_id'];
  638. $old_settings = $settings;
  639. loadTheme($_GET['th'], false);
  640. // Sadly we really do need to init the template.
  641. loadSubTemplate('init', 'ignore');
  642. // Also load the actual themes language file - in case of special settings.
  643. loadLanguage('Settings', '', true, true);
  644. // And the custom language strings...
  645. loadLanguage('ThemeStrings', '', false, true);
  646. // Let the theme take care of the settings.
  647. loadTemplate('Settings');
  648. loadSubTemplate('settings');
  649. // Load the variants separately...
  650. $settings['theme_variants'] = array();
  651. if (file_exists($settings['theme_dir'] . '/index.template.php'))
  652. {
  653. $file_contents = implode('', file($settings['theme_dir'] . '/index.template.php'));
  654. if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
  655. eval('global $settings;' . $matches[0]);
  656. }
  657. // Submitting!
  658. if (isset($_POST['save']))
  659. {
  660. checkSession();
  661. validateToken('admin-sts');
  662. if (empty($_POST['options']))
  663. $_POST['options'] = array();
  664. if (empty($_POST['default_options']))
  665. $_POST['default_options'] = array();
  666. // Make sure items are cast correctly.
  667. foreach ($context['theme_settings'] as $item)
  668. {
  669. // Disregard this item if this is just a separator.
  670. if (!is_array($item))
  671. continue;
  672. foreach (array('options', 'default_options') as $option)
  673. {
  674. if (!isset($_POST[$option][$item['id']]))
  675. continue;
  676. // Checkbox.
  677. elseif (empty($item['type']))
  678. $_POST[$option][$item['id']] = $_POST[$option][$item['id']] ? 1 : 0;
  679. // Number
  680. elseif ($item['type'] == 'number')
  681. $_POST[$option][$item['id']] = (int) $_POST[$option][$item['id']];
  682. }
  683. }
  684. // Set up the sql query.
  685. $inserts = array();
  686. foreach ($_POST['options'] as $opt => $val)
  687. $inserts[] = array(0, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
  688. foreach ($_POST['default_options'] as $opt => $val)
  689. $inserts[] = array(0, 1, $opt, is_array($val) ? implode(',', $val) : $val);
  690. // If we're actually inserting something..
  691. if (!empty($inserts))
  692. {
  693. $smcFunc['db_insert']('replace',
  694. '{db_prefix}themes',
  695. array('id_member' => 'int', 'id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  696. $inserts,
  697. array('id_member', 'id_theme', 'variable')
  698. );
  699. }
  700. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  701. cache_put_data('theme_settings-1', null, 90);
  702. // Invalidate the cache.
  703. updateSettings(array('settings_updated' => time()));
  704. redirectexit('action=admin;area=theme;sa=list;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id']);
  705. }
  706. $context['sub_template'] = 'set_settings';
  707. $context['page_title'] = $txt['theme_settings'];
  708. foreach ($settings as $setting => $dummy)
  709. {
  710. if (!in_array($setting, array('theme_url', 'theme_dir', 'images_url', 'template_dirs')))
  711. $settings[$setting] = htmlspecialchars__recursive($settings[$setting]);
  712. }
  713. $context['settings'] = $context['theme_settings'];
  714. $context['theme_settings'] = $settings;
  715. foreach ($context['settings'] as $i => $setting)
  716. {
  717. // Separators are dummies, so leave them alone.
  718. if (!is_array($setting))
  719. continue;
  720. if (!isset($setting['type']) || $setting['type'] == 'bool')
  721. $context['settings'][$i]['type'] = 'checkbox';
  722. elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
  723. $context['settings'][$i]['type'] = 'number';
  724. elseif ($setting['type'] == 'string')
  725. $context['settings'][$i]['type'] = 'text';
  726. if (isset($setting['options']))
  727. $context['settings'][$i]['type'] = 'list';
  728. $context['settings'][$i]['value'] = !isset($settings[$setting['id']]) ? '' : $settings[$setting['id']];
  729. }
  730. // Do we support variants?
  731. if (!empty($settings['theme_variants']))
  732. {
  733. $context['theme_variants'] = array();
  734. foreach ($settings['theme_variants'] as $variant)
  735. {
  736. // Have any text, old chap?
  737. $context['theme_variants'][$variant] = array(
  738. 'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
  739. 'thumbnail' => !file_exists($settings['theme_dir'] . '/images/thumbnail.png') || file_exists($settings['theme_dir'] . '/images/thumbnail_' . $variant . '.png') ? $settings['images_url'] . '/thumbnail_' . $variant . '.png' : ($settings['images_url'] . '/thumbnail.png'),
  740. );
  741. }
  742. $context['default_variant'] = !empty($settings['default_variant']) && isset($context['theme_variants'][$settings['default_variant']]) ? $settings['default_variant'] : $settings['theme_variants'][0];
  743. }
  744. // Restore the current theme.
  745. loadTheme($old_id, false);
  746. // Reinit just incase.
  747. loadSubTemplate('init', 'ignore');
  748. $settings = $old_settings;
  749. loadTemplate('Themes');
  750. // We like Kenny better than Token.
  751. createToken('admin-sts');
  752. }
  753. /**
  754. * Remove a theme from the database.
  755. * - removes an installed theme.
  756. * - requires an administrator.
  757. * - accessed with ?action=admin;area=theme;sa=remove.
  758. */
  759. function RemoveTheme()
  760. {
  761. global $modSettings, $context, $smcFunc;
  762. checkSession('get');
  763. isAllowedTo('admin_forum');
  764. validateToken('admin-tr', 'request');
  765. // The theme's ID must be an integer.
  766. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  767. // You can't delete the default theme!
  768. if ($_GET['th'] == 1)
  769. fatal_lang_error('no_access', false);
  770. $known = explode(',', $modSettings['knownThemes']);
  771. for ($i = 0, $n = count($known); $i < $n; $i++)
  772. {
  773. if ($known[$i] == $_GET['th'])
  774. unset($known[$i]);
  775. }
  776. $smcFunc['db_query']('', '
  777. DELETE FROM {db_prefix}themes
  778. WHERE id_theme = {int:current_theme}',
  779. array(
  780. 'current_theme' => $_GET['th'],
  781. )
  782. );
  783. $smcFunc['db_query']('', '
  784. UPDATE {db_prefix}members
  785. SET id_theme = {int:default_theme}
  786. WHERE id_theme = {int:current_theme}',
  787. array(
  788. 'default_theme' => 0,
  789. 'current_theme' => $_GET['th'],
  790. )
  791. );
  792. $smcFunc['db_query']('', '
  793. UPDATE {db_prefix}boards
  794. SET id_theme = {int:default_theme}
  795. WHERE id_theme = {int:current_theme}',
  796. array(
  797. 'default_theme' => 0,
  798. 'current_theme' => $_GET['th'],
  799. )
  800. );
  801. $known = strtr(implode(',', $known), array(',,' => ','));
  802. // Fix it if the theme was the overall default theme.
  803. if ($modSettings['theme_guests'] == $_GET['th'])
  804. updateSettings(array('theme_guests' => '1', 'knownThemes' => $known));
  805. else
  806. updateSettings(array('knownThemes' => $known));
  807. redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id']);
  808. }
  809. /**
  810. * Choose a theme from a list.
  811. * allows an user or administrator to pick a new theme with an interface.
  812. * - can edit everyone's (u = 0), guests' (u = -1), or a specific user's.
  813. * - uses the Themes template. (pick sub template.)
  814. * - accessed with ?action=admin;area=theme;sa=pick.
  815. * @todo thought so... Might be better to split this file in ManageThemes and Themes,
  816. * with centralized admin permissions on ManageThemes.
  817. */
  818. function PickTheme()
  819. {
  820. global $txt, $context, $modSettings, $user_info, $language, $smcFunc, $settings, $scripturl;
  821. loadLanguage('Profile');
  822. loadTemplate('Themes');
  823. // Build the link tree.
  824. $context['linktree'][] = array(
  825. 'url' => $scripturl . '?action=theme;sa=pick;u=' . (!empty($_REQUEST['u']) ? (int) $_REQUEST['u'] : 0),
  826. 'name' => $txt['theme_pick'],
  827. );
  828. $_SESSION['id_theme'] = 0;
  829. if (isset($_GET['id']))
  830. $_GET['th'] = $_GET['id'];
  831. // Saving a variant cause JS doesn't work - pretend it did ;)
  832. if (isset($_POST['save']))
  833. {
  834. // Which theme?
  835. foreach ($_POST['save'] as $k => $v)
  836. $_GET['th'] = (int) $k;
  837. if (isset($_POST['vrt'][$k]))
  838. $_GET['vrt'] = $_POST['vrt'][$k];
  839. }
  840. // Have we made a desicion, or are we just browsing?
  841. if (isset($_GET['th']))
  842. {
  843. checkSession('get');
  844. $_GET['th'] = (int) $_GET['th'];
  845. // Save for this user.
  846. if (!isset($_REQUEST['u']) || !allowedTo('admin_forum'))
  847. {
  848. updateMemberData($user_info['id'], array('id_theme' => (int) $_GET['th']));
  849. // A variants to save for the user?
  850. if (!empty($_GET['vrt']))
  851. {
  852. $smcFunc['db_insert']('replace',
  853. '{db_prefix}themes',
  854. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  855. array($_GET['th'], $user_info['id'], 'theme_variant', $_GET['vrt']),
  856. array('id_theme', 'id_member', 'variable')
  857. );
  858. cache_put_data('theme_settings-' . $_GET['th'] . ':' . $user_info['id'], null, 90);
  859. $_SESSION['id_variant'] = 0;
  860. }
  861. redirectexit('action=profile;area=theme');
  862. }
  863. // If changing members or guests - and there's a variant - assume changing default variant.
  864. if (!empty($_GET['vrt']) && ($_REQUEST['u'] == '0' || $_REQUEST['u'] == '-1'))
  865. {
  866. $smcFunc['db_insert']('replace',
  867. '{db_prefix}themes',
  868. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  869. array($_GET['th'], 0, 'default_variant', $_GET['vrt']),
  870. array('id_theme', 'id_member', 'variable')
  871. );
  872. // Make it obvious that it's changed
  873. cache_put_data('theme_settings-' . $_GET['th'], null, 90);
  874. }
  875. // For everyone.
  876. if ($_REQUEST['u'] == '0')
  877. {
  878. updateMemberData(null, array('id_theme' => (int) $_GET['th']));
  879. // Remove any custom variants.
  880. if (!empty($_GET['vrt']))
  881. {
  882. $smcFunc['db_query']('', '
  883. DELETE FROM {db_prefix}themes
  884. WHERE id_theme = {int:current_theme}
  885. AND variable = {string:theme_variant}',
  886. array(
  887. 'current_theme' => (int) $_GET['th'],
  888. 'theme_variant' => 'theme_variant',
  889. )
  890. );
  891. }
  892. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  893. }
  894. // Change the default/guest theme.
  895. elseif ($_REQUEST['u'] == '-1')
  896. {
  897. updateSettings(array('theme_guests' => (int) $_GET['th']));
  898. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  899. }
  900. // Change a specific member's theme.
  901. else
  902. {
  903. // The forum's default theme is always 0 and we
  904. if (isset($_GET['th']) && $_GET['th'] == 0)
  905. $_GET['th'] = $modSettings['theme_guests'];
  906. updateMemberData((int) $_REQUEST['u'], array('id_theme' => (int) $_GET['th']));
  907. if (!empty($_GET['vrt']))
  908. {
  909. $smcFunc['db_insert']('replace',
  910. '{db_prefix}themes',
  911. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  912. array($_GET['th'], (int) $_REQUEST['u'], 'theme_variant', $_GET['vrt']),
  913. array('id_theme', 'id_member', 'variable')
  914. );
  915. cache_put_data('theme_settings-' . $_GET['th'] . ':' . (int) $_REQUEST['u'], null, 90);
  916. if ($user_info['id'] == $_REQUEST['u'])
  917. $_SESSION['id_variant'] = 0;
  918. }
  919. redirectexit('action=profile;u=' . (int) $_REQUEST['u'] . ';area=theme');
  920. }
  921. }
  922. // Figure out who the member of the minute is, and what theme they've chosen.
  923. if (!isset($_REQUEST['u']) || !allowedTo('admin_forum'))
  924. {
  925. $context['current_member'] = $user_info['id'];
  926. $context['current_theme'] = $user_info['theme'];
  927. }
  928. // Everyone can't chose just one.
  929. elseif ($_REQUEST['u'] == '0')
  930. {
  931. $context['current_member'] = 0;
  932. $context['current_theme'] = 0;
  933. }
  934. // Guests and such...
  935. elseif ($_REQUEST['u'] == '-1')
  936. {
  937. $context['current_member'] = -1;
  938. $context['current_theme'] = $modSettings['theme_guests'];
  939. }
  940. // Someones else :P.
  941. else
  942. {
  943. $context['current_member'] = (int) $_REQUEST['u'];
  944. $request = $smcFunc['db_query']('', '
  945. SELECT id_theme
  946. FROM {db_prefix}members
  947. WHERE id_member = {int:current_member}
  948. LIMIT 1',
  949. array(
  950. 'current_member' => $context['current_member'],
  951. )
  952. );
  953. list ($context['current_theme']) = $smcFunc['db_fetch_row']($request);
  954. $smcFunc['db_free_result']($request);
  955. }
  956. // Get the theme name and descriptions.
  957. $context['available_themes'] = array();
  958. if (!empty($modSettings['knownThemes']))
  959. {
  960. $request = $smcFunc['db_query']('', '
  961. SELECT id_theme, variable, value
  962. FROM {db_prefix}themes
  963. WHERE variable IN ({string:name}, {string:theme_url}, {string:theme_dir}, {string:images_url}, {string:disable_user_variant})' . (!allowedTo('admin_forum') ? '
  964. AND id_theme IN ({array_string:known_themes})' : '') . '
  965. AND id_theme != {int:default_theme}
  966. AND id_member = {int:no_member}',
  967. array(
  968. 'default_theme' => 0,
  969. 'name' => 'name',
  970. 'no_member' => 0,
  971. 'theme_url' => 'theme_url',
  972. 'theme_dir' => 'theme_dir',
  973. 'images_url' => 'images_url',
  974. 'disable_user_variant' => 'disable_user_variant',
  975. 'known_themes' => explode(',', $modSettings['knownThemes']),
  976. )
  977. );
  978. while ($row = $smcFunc['db_fetch_assoc']($request))
  979. {
  980. if (!isset($context['available_themes'][$row['id_theme']]))
  981. $context['available_themes'][$row['id_theme']] = array(
  982. 'id' => $row['id_theme'],
  983. 'selected' => $context['current_theme'] == $row['id_theme'],
  984. 'num_users' => 0
  985. );
  986. $context['available_themes'][$row['id_theme']][$row['variable']] = $row['value'];
  987. }
  988. $smcFunc['db_free_result']($request);
  989. }
  990. // Okay, this is a complicated problem: the default theme is 1, but they aren't allowed to access 1!
  991. if (!isset($context['available_themes'][$modSettings['theme_guests']]))
  992. {
  993. $context['available_themes'][0] = array(
  994. 'num_users' => 0
  995. );
  996. $guest_theme = 0;
  997. }
  998. else
  999. $guest_theme = $modSettings['theme_guests'];
  1000. $request = $smcFunc['db_query']('', '
  1001. SELECT id_theme, COUNT(*) AS the_count
  1002. FROM {db_prefix}members
  1003. GROUP BY id_theme
  1004. ORDER BY id_theme DESC',
  1005. array(
  1006. )
  1007. );
  1008. while ($row = $smcFunc['db_fetch_assoc']($request))
  1009. {
  1010. // Figure out which theme it is they are REALLY using.
  1011. if (!empty($modSettings['knownThemes']) && !in_array($row['id_theme'], explode(',',$modSettings['knownThemes'])))
  1012. $row['id_theme'] = $guest_theme;
  1013. elseif (empty($modSettings['theme_allow']))
  1014. $row['id_theme'] = $guest_theme;
  1015. if (isset($context['available_themes'][$row['id_theme']]))
  1016. $context['available_themes'][$row['id_theme']]['num_users'] += $row['the_count'];
  1017. else
  1018. $context['available_themes'][$guest_theme]['num_users'] += $row['the_count'];
  1019. }
  1020. $smcFunc['db_free_result']($request);
  1021. // Get any member variant preferences.
  1022. $variant_preferences = array();
  1023. if ($context['current_member'] > 0)
  1024. {
  1025. $request = $smcFunc['db_query']('', '
  1026. SELECT id_theme, value
  1027. FROM {db_prefix}themes
  1028. WHERE variable = {string:theme_variant}
  1029. AND id_member IN ({array_int:id_member})
  1030. ORDER BY id_member ASC',
  1031. array(
  1032. 'theme_variant' => 'theme_variant',
  1033. 'id_member' => isset($_REQUEST['sa']) && $_REQUEST['sa'] == 'pick' ? array(-1, $context['current_member']) : array(-1),
  1034. )
  1035. );
  1036. while ($row = $smcFunc['db_fetch_assoc']($request))
  1037. $variant_preferences[$row['id_theme']] = $row['value'];
  1038. $smcFunc['db_free_result']($request);
  1039. }
  1040. // Save the setting first.
  1041. $current_images_url = $settings['images_url'];
  1042. $current_theme_variants = !empty($settings['theme_variants']) ? $settings['theme_variants'] : array();
  1043. foreach ($context['available_themes'] as $id_theme => $theme_data)
  1044. {
  1045. // Don't try to load the forum or board default theme's data... it doesn't have any!
  1046. if ($id_theme == 0)
  1047. continue;
  1048. // The thumbnail needs the correct path.
  1049. $settings['images_url'] = &$theme_data['images_url'];
  1050. if (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php'))
  1051. include($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php');
  1052. elseif (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php'))
  1053. include($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php');
  1054. else
  1055. {
  1056. $txt['theme_thumbnail_href'] = $theme_data['images_url'] . '/thumbnail.png';
  1057. $txt['theme_description'] = '';
  1058. }
  1059. $context['available_themes'][$id_theme]['thumbnail_href'] = $txt['theme_thumbnail_href'];
  1060. $context['available_themes'][$id_theme]['description'] = $txt['theme_description'];
  1061. // Are there any variants?
  1062. if (file_exists($theme_data['theme_dir'] . '/index.template.php') && empty($theme_data['disable_user_variant']))
  1063. {
  1064. $file_contents = implode('', file($theme_data['theme_dir'] . '/index.template.php'));
  1065. if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
  1066. {
  1067. $settings['theme_variants'] = array();
  1068. // Fill settings up.
  1069. eval('global $settings;' . $matches[0]);
  1070. if (!empty($settings['theme_variants']))
  1071. {
  1072. loadLanguage('Settings');
  1073. $context['available_themes'][$id_theme]['variants'] = array();
  1074. foreach ($settings['theme_variants'] as $variant)
  1075. $context['available_themes'][$id_theme]['variants'][$variant] = array(
  1076. 'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
  1077. 'thumbnail' => !file_exists($theme_data['theme_dir'] . '/images/thumbnail.png') || file_exists($theme_data['theme_dir'] . '/images/thumbnail_' . $variant . '.png') ? $theme_data['images_url'] . '/thumbnail_' . $variant . '.png' : ($theme_data['images_url'] . '/thumbnail.png'),
  1078. );
  1079. $context['available_themes'][$id_theme]['selected_variant'] = isset($_GET['vrt']) ? $_GET['vrt'] : (!empty($variant_preferences[$id_theme]) ? $variant_preferences[$id_theme] : (!empty($settings['default_variant']) ? $settings['default_variant'] : $settings['theme_variants'][0]));
  1080. if (!isset($context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail']))
  1081. $context['available_themes'][$id_theme]['selected_variant'] = $settings['theme_variants'][0];
  1082. $context['available_themes'][$id_theme]['thumbnail_href'] = $context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail'];
  1083. // Allow themes to override the text.
  1084. $context['available_themes'][$id_theme]['pick_label'] = isset($txt['variant_pick']) ? $txt['variant_pick'] : $txt['theme_pick_variant'];
  1085. }
  1086. }
  1087. }
  1088. }
  1089. // Then return it.
  1090. $settings['images_url'] = $current_images_url;
  1091. $settings['theme_variants'] = $current_theme_variants;
  1092. // As long as we're not doing the default theme...
  1093. if (!isset($_REQUEST['u']) || $_REQUEST['u'] >= 0)
  1094. {
  1095. if ($guest_theme != 0)
  1096. $context['available_themes'][0] = $context['available_themes'][$guest_theme];
  1097. $context['available_themes'][0]['id'] = 0;
  1098. $context['available_themes'][0]['name'] = $txt['theme_forum_default'];
  1099. $context['available_themes'][0]['selected'] = $context['current_theme'] == 0;
  1100. $context['available_themes'][0]['description'] = $txt['theme_global_description'];
  1101. }
  1102. ksort($context['available_themes']);
  1103. $context['page_title'] = $txt['theme_pick'];
  1104. $context['sub_template'] = 'pick';
  1105. }
  1106. /**
  1107. * Installs new themes, either from a gzip or copy of the default.
  1108. * - puts themes in $boardurl/Themes.
  1109. * - assumes the gzip has a root directory in it. (ie default.)
  1110. * Requires admin_forum.
  1111. * Accessed with ?action=admin;area=theme;sa=install.
  1112. */
  1113. function ThemeInstall()
  1114. {
  1115. global $sourcedir, $boarddir, $boardurl, $txt, $context, $settings, $modSettings, $smcFunc;
  1116. checkSession('request');
  1117. isAllowedTo('admin_forum');
  1118. checkSession('request');
  1119. require_once($sourcedir . '/Subs-Package.php');
  1120. loadTemplate('Themes');
  1121. if (isset($_GET['theme_id']))
  1122. {
  1123. $result = $smcFunc['db_query']('', '
  1124. SELECT value
  1125. FROM {db_prefix}themes
  1126. WHERE id_theme = {int:current_theme}
  1127. AND id_member = {int:no_member}
  1128. AND variable = {string:name}
  1129. LIMIT 1',
  1130. array(
  1131. 'current_theme' => (int) $_GET['theme_id'],
  1132. 'no_member' => 0,
  1133. 'name' => 'name',
  1134. )
  1135. );
  1136. list ($theme_name) = $smcFunc['db_fetch_row']($result);
  1137. $smcFunc['db_free_result']($result);
  1138. $context['sub_template'] = 'installed';
  1139. $context['page_title'] = $txt['theme_installed'];
  1140. $context['installed_theme'] = array(
  1141. 'id' => (int) $_GET['theme_id'],
  1142. 'name' => $theme_name,
  1143. );
  1144. return;
  1145. }
  1146. if ((!empty($_FILES['theme_gz']) && (!isset($_FILES['theme_gz']['error']) || $_FILES['theme_gz']['error'] != 4)) || !empty($_REQUEST['theme_gz']))
  1147. $method = 'upload';
  1148. elseif (isset($_REQUEST['theme_dir']) && rtrim(realpath($_REQUEST['theme_dir']), '/\\') != realpath($boarddir . '/Themes') && file_exists($_REQUEST['theme_dir']))
  1149. $method = 'path';
  1150. else
  1151. $method = 'copy';
  1152. if (!empty($_REQUEST['copy']) && $method == 'copy')
  1153. {
  1154. // Hopefully the themes directory is writable, or we might have a problem.
  1155. if (!is_writable($boarddir . '/Themes'))
  1156. fatal_lang_error('theme_install_write_error', 'critical');
  1157. $theme_dir = $boarddir . '/Themes/' . preg_replace('~[^A-Za-z0-9_\- ]~', '', $_REQUEST['copy']);
  1158. umask(0);
  1159. mkdir($theme_dir, 0777);
  1160. @set_time_limit(600);
  1161. if (function_exists('apache_reset_timeout'))
  1162. @apache_reset_timeout();
  1163. // Create subdirectories for css and javascript files.
  1164. mkdir($theme_dir . '/css', 0777);
  1165. mkdir($theme_dir . '/scripts', 0777);
  1166. // Copy over the default non-theme files.
  1167. $to_copy = array('/index.php', '/index.template.php', '/css/index.css', '/css/rtl.css', '/scripts/theme.js');
  1168. foreach ($to_copy as $file)
  1169. {
  1170. copy($settings['default_theme_dir'] . $file, $theme_dir . $file);
  1171. @chmod($theme_dir . $file, 0777);
  1172. }
  1173. // And now the entire images directory!
  1174. copytree($settings['default_theme_dir'] . '/images', $theme_dir . '/images');
  1175. package_flush_cache();
  1176. $theme_name = $_REQUEST['copy'];
  1177. $images_url = $boardurl . '/Themes/' . basename($theme_dir) . '/images';
  1178. $theme_dir = realpath($theme_dir);
  1179. // Lets get some data for the new theme.
  1180. $request = $smcFunc['db_query']('', '
  1181. SELECT variable, value
  1182. FROM {db_prefix}themes
  1183. WHERE variable IN ({string:theme_templates}, {string:theme_layers})
  1184. AND id_member = {int:no_member}
  1185. AND id_theme = {int:default_theme}',
  1186. array(
  1187. 'no_member' => 0,
  1188. 'default_theme' => 1,
  1189. 'theme_templates' => 'theme_templates',
  1190. 'theme_layers' => 'theme_layers',
  1191. )
  1192. );
  1193. while ($row = $smcFunc['db_fetch_assoc']($request))
  1194. {
  1195. if ($row['variable'] == 'theme_templates')
  1196. $theme_templates = $row['value'];
  1197. elseif ($row['variable'] == 'theme_layers')
  1198. $theme_layers = $row['value'];
  1199. else
  1200. continue;
  1201. }
  1202. $smcFunc['db_free_result']($request);
  1203. // Lets add a theme_info.xml to this theme.
  1204. $xml_info = '<' . '?xml version="1.0"?' . '>
  1205. <theme-info xmlns="http://www.simplemachines.org/xml/theme-info" xmlns:smf="http://www.simplemachines.org/">
  1206. <!-- For the id, always use something unique - put your name, a colon, and then the package name. -->
  1207. <id>smf:' . $smcFunc['strtolower'](str_replace(array(' '), '_', $_REQUEST['copy'])) . '</id>
  1208. <version>' . $modSettings['smfVersion'] . '</version>
  1209. <!-- Theme name, used purely for aesthetics. -->
  1210. <name>' . $_REQUEST['copy'] . '</name>
  1211. <!-- Author: your email address or contact information. The name attribute is optional. -->
  1212. <author name="Simple Machines">[email protected]</author>
  1213. <!-- Website... where to get updates and more information. -->
  1214. <website>http://www.simplemachines.org/</website>
  1215. <!-- Template layers to use, defaults to "html,body". -->
  1216. <layers>' . (empty($theme_layers) ? 'html,body' : $theme_layers) . '</layers>
  1217. <!-- Templates to load on startup. Default is "index". -->
  1218. <templates>' . (empty($theme_templates) ? 'index' : $theme_templates) . '</templates>
  1219. <!-- Base this theme off another? Default is blank, or no. It could be "default". -->
  1220. <based-on></based-on>
  1221. </theme-info>';
  1222. // Now write it.
  1223. $fp = @fopen($theme_dir . '/theme_info.xml', 'w+');
  1224. if ($fp)
  1225. {
  1226. fwrite($fp, $xml_info);
  1227. fclose($fp);
  1228. }
  1229. }
  1230. elseif (isset($_REQUEST['theme_dir']) && $method == 'path')
  1231. {
  1232. if (!is_dir($_REQUEST['theme_dir']) || !file_exists($_REQUEST['theme_dir'] . '/theme_info.xml'))
  1233. fatal_lang_error('theme_install_error', false);
  1234. $theme_name = basename($_REQUEST['theme_dir']);
  1235. $theme_dir = $_REQUEST['theme_dir'];
  1236. }
  1237. elseif ($method = 'upload')
  1238. {
  1239. // Hopefully the themes directory is writable, or we might have a problem.
  1240. if (!is_writable($boarddir . '/Themes'))
  1241. fatal_lang_error('theme_install_write_error', 'critical');
  1242. // This happens when the admin session is gone and the user has to login again
  1243. if (empty($_FILES['theme_gz']) && empty($_REQUEST['theme_gz']))
  1244. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  1245. // Set the default settings...
  1246. $theme_name = strtok(basename(isset($_FILES['theme_gz']) ? $_FILES['theme_gz']['name'] : $_REQUEST['theme_gz']), '.');
  1247. $theme_name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $theme_name);
  1248. $theme_dir = $boarddir . '/Themes/' . $theme_name;
  1249. if (isset($_FILES['theme_gz']) && is_uploaded_file($_FILES['theme_gz']['tmp_name']) && (ini_get('open_basedir') != '' || file_exists($_FILES['theme_gz']['tmp_name'])))
  1250. $extracted = read_tgz_file($_FILES['theme_gz']['tmp_name'], $boarddir . '/Themes/' . $theme_name, false, true);
  1251. elseif (isset($_REQUEST['theme_gz']))
  1252. {
  1253. // Check that the theme is from simplemachines.org, for now... maybe add mirroring later.
  1254. if (preg_match('~^http://[\w_\-]+\.simplemachines\.org/~', $_REQUEST['theme_gz']) == 0 || strpos($_REQUEST['theme_gz'], 'dlattach') !== false)
  1255. fatal_lang_error('not_on_simplemachines');
  1256. $extracted = read_tgz_file($_REQUEST['theme_gz'], $boarddir . '/Themes/' . $theme_name, false, true);
  1257. }
  1258. else
  1259. redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
  1260. }
  1261. // Something go wrong?
  1262. if ($theme_dir != '' && basename($theme_dir) != 'Themes')
  1263. {
  1264. // Defaults.
  1265. $install_info = array(
  1266. 'theme_url' => $boardurl . '/Themes/' . basename($theme_dir),
  1267. 'images_url' => isset($images_url) ? $images_url : $boardurl . '/Themes/' . basename($theme_dir) . '/images',
  1268. 'theme_dir' => $theme_dir,
  1269. 'name' => $theme_name
  1270. );
  1271. if (file_exists($theme_dir . '/theme_info.xml'))
  1272. {
  1273. $theme_info = file_get_contents($theme_dir . '/theme_info.xml');
  1274. // Parse theme-info.xml into an xmlArray.
  1275. require_once($sourcedir . '/Class-Package.php');
  1276. $theme_info_xml = new xmlArray($theme_info);
  1277. // @todo Error message of some sort?
  1278. if (!$theme_info_xml->exists('theme-info[0]'))
  1279. return 'package_get_error_packageinfo_corrupt';
  1280. $theme_info_xml = $theme_info_xml->path('theme-info[0]');
  1281. $theme_info_xml = $theme_info_xml->to_array();
  1282. $xml_elements = array(
  1283. 'name' => 'name',
  1284. 'theme_layers' => 'layers',
  1285. 'theme_templates' => 'templates',
  1286. 'based_on' => 'based-on',
  1287. );
  1288. foreach ($xml_elements as $var => $name)
  1289. {
  1290. if (!empty($theme_info_xml[$name]))
  1291. $install_info[$var] = $theme_info_xml[$name];
  1292. }
  1293. if (!empty($theme_info_xml['images']))
  1294. {
  1295. $install_info['images_url'] = $install_info['theme_url'] . '/' . $theme_info_xml['images'];
  1296. $explicit_images = true;
  1297. }
  1298. if (!empty($theme_info_xml['extra']))
  1299. $install_info += unserialize($theme_info_xml['extra']);
  1300. }
  1301. if (isset($install_info['based_on']))
  1302. {
  1303. if ($install_info['based_on'] == 'default')
  1304. {
  1305. $install_info['theme_url'] = $settings['default_theme_url'];
  1306. $install_info['images_url'] = $settings['default_images_url'];
  1307. }
  1308. elseif ($install_info['based_on'] != '')
  1309. {
  1310. $install_info['based_on'] = preg_replace('~[^A-Za-z0-9\-_ ]~', '', $install_info['based_on']);
  1311. $request = $smcFunc['db_query']('', '
  1312. SELECT th.value AS base_theme_dir, th2.value AS base_theme_url' . (!empty($explicit_images) ? '' : ', th3.value AS images_url') . '
  1313. FROM {db_prefix}themes AS th
  1314. INNER JOIN {db_prefix}themes AS th2 ON (th2.id_theme = th.id_theme
  1315. AND th2.id_member = {int:no_member}
  1316. AND th2.variable = {string:theme_url})' . (!empty($explicit_images) ? '' : '
  1317. INNER JOIN {db_prefix}themes AS th3 ON (th3.id_theme = th.id_theme
  1318. AND th3.id_member = {int:no_member}
  1319. AND th3.variable = {string:images_url})') . '
  1320. WHERE th.id_member = {int:no_member}
  1321. AND (th.value LIKE {string:based_on} OR th.value LIKE {string:based_on_path})
  1322. AND th.variable = {string:theme_dir}
  1323. LIMIT 1',
  1324. array(
  1325. 'no_member' => 0,
  1326. 'theme_url' => 'theme_url',
  1327. 'images_url' => 'images_url',
  1328. 'theme_dir' => 'theme_dir',
  1329. 'based_on' => '%/' . $install_info['based_on'],
  1330. 'based_on_path' => '%' . "\\" . $install_info['based_on'],
  1331. )
  1332. );
  1333. $temp = $smcFunc['db_fetch_assoc']($request);
  1334. $smcFunc['db_free_result']($request);
  1335. // @todo An error otherwise?
  1336. if (is_array($temp))
  1337. {
  1338. $install_info = $temp + $install_info;
  1339. if (empty($explicit_images) && !empty($install_info['base_theme_url']))
  1340. $install_info['theme_url'] = $install_info['base_theme_url'];
  1341. }
  1342. }
  1343. unset($install_info['based_on']);
  1344. }
  1345. // Find the newest id_theme.
  1346. $result = $smcFunc['db_query']('', '
  1347. SELECT MAX(id_theme)
  1348. FROM {db_prefix}themes',
  1349. array(
  1350. )
  1351. );
  1352. list ($id_theme) = $smcFunc['db_fetch_row']($result);
  1353. $smcFunc['db_free_result']($result);
  1354. // This will be theme number...
  1355. $id_theme++;
  1356. $inserts = array();
  1357. foreach ($install_info as $var => $val)
  1358. $inserts[] = array($id_theme, $var, $val);
  1359. if (!empty($inserts))
  1360. $smcFunc['db_insert']('insert',
  1361. '{db_prefix}themes',
  1362. array('id_theme' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  1363. $inserts,
  1364. array('id_theme', 'variable')
  1365. );
  1366. updateSettings(array('knownThemes' => strtr($modSettings['knownThemes'] . ',' . $id_theme, array(',,' => ','))));
  1367. }
  1368. redirectexit('action=admin;area=theme;sa=install;theme_id=' . $id_theme . ';' . $context['session_var'] . '=' . $context['session_id']);
  1369. }
  1370. /**
  1371. * Possibly the simplest and best example of how to use the template system.
  1372. * - allows the theme to take care of actions.
  1373. * - happens if $settings['catch_action'] is set and action isn't found
  1374. * in the action array.
  1375. * - can use a template, layers, sub_template, filename, and/or function.
  1376. * @todo look at this
  1377. */
  1378. function WrapAction()
  1379. {
  1380. global $context, $settings, $sourcedir;
  1381. // Load any necessary template(s)?
  1382. if (isset($settings['catch_action']['template']))
  1383. {
  1384. // Load both the template and language file. (but don't fret if the language file isn't there...)
  1385. loadTemplate($settings['catch_action']['template']);
  1386. loadLanguage($settings['catch_action']['template'], '', false);
  1387. }
  1388. // Any special layers?
  1389. if (isset($settings['catch_action']['layers']))
  1390. $context['template_layers'] = $settings['catch_action']['layers'];
  1391. // Just call a function?
  1392. if (isset($settings['catch_action']['function']))
  1393. {
  1394. if (isset($settings['catch_action']['filename']))
  1395. template_include($sourcedir . '/' . $settings['catch_action']['filename'], true);
  1396. $settings['catch_action']['function']();
  1397. }
  1398. // And finally, the main sub template ;).
  1399. elseif (isset($settings['catch_action']['sub_template']))
  1400. $context['sub_template'] = $settings['catch_action']['sub_template'];
  1401. }
  1402. /**
  1403. * Set an option via javascript.
  1404. * - sets a theme option without outputting anything.
  1405. * - can be used with javascript, via a dummy image... (which doesn't require
  1406. * the page to reload.)
  1407. * - requires someone who is logged in.
  1408. * - accessed via ?action=jsoption;var=variable;val=value;session_var=sess_id.
  1409. * - does not log access to the Who's Online log. (in index.php..)
  1410. */
  1411. function SetJavaScript()
  1412. {
  1413. global $settings, $user_info, $smcFunc, $options;
  1414. // Check the session id.
  1415. checkSession('get');
  1416. // This good-for-nothing pixel is being used to keep the session alive.
  1417. if (empty($_GET['var']) || !isset($_GET['val']))
  1418. redirectexit($settings['images_url'] . '/blank.png');
  1419. // Sorry, guests can't go any further than this..
  1420. if ($user_info['is_guest'] || $user_info['id'] == 0)
  1421. obExit(false);
  1422. $reservedVars = array(
  1423. 'actual_theme_url',
  1424. 'actual_images_url',
  1425. 'base_theme_dir',
  1426. 'base_theme_url',
  1427. 'default_images_url',
  1428. 'default_theme_dir',
  1429. 'default_theme_url',
  1430. 'default_template',
  1431. 'images_url',
  1432. 'number_recent_posts',
  1433. 'smiley_sets_default',
  1434. 'theme_dir',
  1435. 'theme_id',
  1436. 'theme_layers',
  1437. 'theme_templates',
  1438. 'theme_url',
  1439. 'name',
  1440. );
  1441. // Can't change reserved vars.
  1442. if (in_array(strtolower($_GET['var']), $reservedVars))
  1443. redirectexit($settings['images_url'] . '/blank.png');
  1444. // Use a specific theme?
  1445. if (isset($_GET['th']) || isset($_GET['id']))
  1446. {
  1447. // Invalidate the current themes cache too.
  1448. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 60);
  1449. $settings['theme_id'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  1450. }
  1451. // If this is the admin preferences the passed value will just be an element of it.
  1452. if ($_GET['var'] == 'admin_preferences')
  1453. {
  1454. $options['admin_preferences'] = !empty($options['admin_preferences']) ? unserialize($options['admin_preferences']) : array();
  1455. // New thingy...
  1456. if (isset($_GET['admin_key']) && strlen($_GET['admin_key']) < 5)
  1457. $options['admin_preferences'][$_GET['admin_key']] = $_GET['val'];
  1458. // Change the value to be something nice,
  1459. $_GET['val'] = serialize($options['admin_preferences']);
  1460. }
  1461. // Update the option.
  1462. $smcFunc['db_insert']('replace',
  1463. '{db_prefix}themes',
  1464. array('id_theme' => 'int', 'id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
  1465. array($settings['theme_id'], $user_info['id'], $_GET['var'], is_array($_GET['val']) ? implode(',', $_GET['val']) : $_GET['val']),
  1466. array('id_theme', 'id_member', 'variable')
  1467. );
  1468. cache_put_data('theme_settings-' . $settings['theme_id'] . ':' . $user_info['id'], null, 60);
  1469. // Don't output anything...
  1470. redirectexit($settings['images_url'] . '/blank.png');
  1471. }
  1472. /**
  1473. * Shows an interface for editing the templates.
  1474. * - uses the Themes template and edit_template/edit_style sub template.
  1475. * - accessed via ?action=admin;area=theme;sa=edit
  1476. */
  1477. function EditTheme()
  1478. {
  1479. global $context, $settings, $scripturl, $boarddir, $smcFunc;
  1480. // @todo Should this be removed?
  1481. if (isset($_REQUEST['preview']))
  1482. die('die() with fire');
  1483. isAllowedTo('admin_forum');
  1484. loadTemplate('Themes');
  1485. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) @$_GET['id'];
  1486. if (empty($_GET['th']))
  1487. {
  1488. $request = $smcFunc['db_query']('', '
  1489. SELECT id_theme, variable, value
  1490. FROM {db_prefix}themes
  1491. WHERE variable IN ({string:name}, {string:theme_dir}, {string:theme_templates}, {string:theme_layers})
  1492. AND id_member = {int:no_member}',
  1493. array(
  1494. 'name' => 'name',
  1495. 'theme_dir' => 'theme_dir',
  1496. 'theme_templates' => 'theme_templates',
  1497. 'theme_layers' => 'theme_layers',
  1498. 'no_member' => 0,
  1499. )
  1500. );
  1501. $context['themes'] = array();
  1502. while ($row = $smcFunc['db_fetch_assoc']($request))
  1503. {
  1504. if (!isset($context['themes'][$row['id_theme']]))
  1505. $context['themes'][$row['id_theme']] = array(
  1506. 'id' => $row['id_theme'],
  1507. 'num_default_options' => 0,
  1508. 'num_members' => 0,
  1509. );
  1510. $context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
  1511. }
  1512. $smcFunc['db_free_result']($request);
  1513. foreach ($context['themes'] as $key => $theme)
  1514. {
  1515. // There has to be a Settings template!
  1516. if (!file_exists($theme['theme_dir'] . '/index.template.php') && !file_exists($theme['theme_dir'] . '/css/index.css'))
  1517. unset($context['themes'][$key]);
  1518. else
  1519. {
  1520. if (!isset($theme['theme_templates']))
  1521. $templates = array('index');
  1522. else
  1523. $templates = explode(',', $theme['theme_templates']);
  1524. foreach ($templates as $template)
  1525. if (file_exists($theme['theme_dir'] . '/' . $template . '.template.php'))
  1526. {
  1527. // Fetch the header... a good 256 bytes should be more than enough.
  1528. $fp = fopen($theme['theme_dir'] . '/' . $template . '.template.php', 'rb');
  1529. $header = fread($fp, 256);
  1530. fclose($fp);
  1531. // Can we find a version comment, at all?
  1532. if (preg_match('~\*\s@version\s+(.+)[\s]{2}~i', $header, $match) == 1)
  1533. {
  1534. $ver = $match[1];
  1535. if (!isset($context['themes'][$key]['version']) || $context['themes'][$key]['version'] > $ver)
  1536. $context['themes'][$key]['version'] = $ver;
  1537. }
  1538. }
  1539. $context['themes'][$key]['can_edit_style'] = file_exists($theme['theme_dir'] . '/css/index.css');
  1540. }
  1541. }
  1542. $context['sub_template'] = 'edit_list';
  1543. return 'no_themes';
  1544. }
  1545. $context['session_error'] = false;
  1546. // Get the directory of the theme we are editing.
  1547. $request = $smcFunc['db_query']('', '
  1548. SELECT value, id_theme
  1549. FROM {db_prefix}themes
  1550. WHERE variable = {string:theme_dir}
  1551. AND id_theme = {int:current_theme}
  1552. LIMIT 1',
  1553. array(
  1554. 'current_theme' => $_GET['th'],
  1555. 'theme_dir' => 'theme_dir',
  1556. )
  1557. );
  1558. list ($theme_dir, $context['theme_id']) = $smcFunc['db_fetch_row']($request);
  1559. $smcFunc['db_free_result']($request);
  1560. if (!isset($_REQUEST['filename']))
  1561. {
  1562. if (isset($_GET['directory']))
  1563. {
  1564. if (substr($_GET['directory'], 0, 1) == '.')
  1565. $_GET['directory'] = '';
  1566. else
  1567. {
  1568. $_GET['directory'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_GET['directory']);
  1569. $temp = realpath($theme_dir . '/' . $_GET['directory']);
  1570. if (empty($temp) || substr($temp, 0, strlen(realpath($theme_dir))) != realpath($theme_dir))
  1571. $_GET['directory'] = '';
  1572. }
  1573. }
  1574. if (isset($_GET['directory']) && $_GET['directory'] != '')
  1575. {
  1576. $context['theme_files'] = get_file_listing($theme_dir . '/' . $_GET['directory'], $_GET['directory'] . '/');
  1577. $temp = dirname($_GET['directory']);
  1578. array_unshift($context['theme_files'], array(
  1579. 'filename' => $temp == '.' || $temp == '' ? '/ (..)' : $temp . ' (..)',
  1580. 'is_writable' => is_writable($theme_dir . '/' . $temp),
  1581. 'is_directory' => true,
  1582. 'is_template' => false,
  1583. 'is_image' => false,
  1584. 'is_editable' => false,
  1585. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $temp,
  1586. 'size' => '',
  1587. ));
  1588. }
  1589. else
  1590. $context['theme_files'] = get_file_listing($theme_dir, '');
  1591. $context['sub_template'] = 'edit_browse';
  1592. return;
  1593. }
  1594. else
  1595. {
  1596. if (substr($_REQUEST['filename'], 0, 1) == '.')
  1597. $_REQUEST['filename'] = '';
  1598. else
  1599. {
  1600. $_REQUEST['filename'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_REQUEST['filename']);
  1601. $temp = realpath($theme_dir . '/' . $_REQUEST['filename']);
  1602. if (empty($temp) || substr($temp, 0, strlen(realpath($theme_dir))) != realpath($theme_dir))
  1603. $_REQUEST['filename'] = '';
  1604. }
  1605. if (empty($_REQUEST['filename']))
  1606. fatal_lang_error('theme_edit_missing', false);
  1607. }
  1608. if (isset($_POST['save']))
  1609. {
  1610. if (checkSession('post', '', false) == '' && validateToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']), 'post', false) == true)
  1611. {
  1612. if (is_array($_POST['entire_file']))
  1613. $_POST['entire_file'] = implode("\n", $_POST['entire_file']);
  1614. $_POST['entire_file'] = rtrim(strtr($_POST['entire_file'], array("\r" => '', ' ' => "\t")));
  1615. // Check for a parse error!
  1616. if (substr($_REQUEST['filename'], -13) == '.template.php' && is_writable($theme_dir) && ini_get('display_errors'))
  1617. {
  1618. $request = $smcFunc['db_query']('', '
  1619. SELECT value
  1620. FROM {db_prefix}themes
  1621. WHERE variable = {string:theme_url}
  1622. AND id_theme = {int:current_theme}
  1623. LIMIT 1',
  1624. array(
  1625. 'current_theme' => $_GET['th'],
  1626. 'theme_url' => 'theme_url',
  1627. )
  1628. );
  1629. list ($theme_url) = $smcFunc['db_fetch_row']($request);
  1630. $smcFunc['db_free_result']($request);
  1631. $fp = fopen($theme_dir . '/tmp_' . session_id() . '.php', 'w');
  1632. fwrite($fp, $_POST['entire_file']);
  1633. fclose($fp);
  1634. $error = @file_get_contents($theme_url . '/tmp_' . session_id() . '.php');
  1635. if (preg_match('~ <b>(\d+)</b><br( /)?' . '>$~i', $error) != 0)
  1636. $error_file = $theme_dir . '/tmp_' . session_id() . '.php';
  1637. else
  1638. unlink($theme_dir . '/tmp_' . session_id() . '.php');
  1639. }
  1640. if (!isset($error_file))
  1641. {
  1642. $fp = fopen($theme_dir . '/' . $_REQUEST['filename'], 'w');
  1643. fwrite($fp, $_POST['entire_file']);
  1644. fclose($fp);
  1645. redirectexit('action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . dirname($_REQUEST['filename']));
  1646. }
  1647. }
  1648. // Session timed out.
  1649. else
  1650. {
  1651. loadLanguage('Errors');
  1652. $context['session_error'] = true;
  1653. $context['sub_template'] = 'edit_file';
  1654. // Recycle the submitted data.
  1655. if (is_array($_POST['entire_file']))
  1656. $context['entire_file'] = htmlspecialchars(implode("\n", $_POST['entire_file']));
  1657. else
  1658. $context['entire_file'] = htmlspecialchars($_POST['entire_file']);
  1659. $context['edit_filename'] = htmlspecialchars($_POST['filename']);
  1660. // You were able to submit it, so it's reasonable to assume you are allowed to save.
  1661. $context['allow_save'] = true;
  1662. return;
  1663. }
  1664. }
  1665. $context['allow_save'] = is_writable($theme_dir . '/' . $_REQUEST['filename']);
  1666. $context['allow_save_filename'] = strtr($theme_dir . '/' . $_REQUEST['filename'], array($boarddir => '...'));
  1667. $context['edit_filename'] = htmlspecialchars($_REQUEST['filename']);
  1668. if (substr($_REQUEST['filename'], -4) == '.css')
  1669. {
  1670. $context['sub_template'] = 'edit_style';
  1671. $context['entire_file'] = htmlspecialchars(strtr(file_get_contents($theme_dir . '/' . $_REQUEST['filename']), array("\t" => ' ')));
  1672. }
  1673. elseif (substr($_REQUEST['filename'], -13) == '.template.php')
  1674. {
  1675. $context['sub_template'] = 'edit_template';
  1676. if (!isset($error_file))
  1677. $file_data = file($theme_dir . '/' . $_REQUEST['filename']);
  1678. else
  1679. {
  1680. if (preg_match('~(<b>.+?</b>:.+?<b>).+?(</b>.+?<b>\d+</b>)<br( /)?' . '>$~i', $error, $match) != 0)
  1681. $context['parse_error'] = $match[1] . $_REQUEST['filename'] . $match[2];
  1682. $file_data = file($error_file);
  1683. unlink($error_file);
  1684. }
  1685. $j = 0;
  1686. $context['file_parts'] = array(array('lines' => 0, 'line' => 1, 'data' => ''));
  1687. for ($i = 0, $n = count($file_data); $i < $n; $i++)
  1688. {
  1689. if (isset($file_data[$i + 1]) && substr($file_data[$i + 1], 0, 9) == 'function ')
  1690. {
  1691. // Try to format the functions a little nicer...
  1692. $context['file_parts'][$j]['data'] = trim($context['file_parts'][$j]['data']) . "\n";
  1693. if (empty($context['file_parts'][$j]['lines']))
  1694. unset($context['file_parts'][$j]);
  1695. $context['file_parts'][++$j] = array('lines' => 0, 'line' => $i + 1, 'data' => '');
  1696. }
  1697. $context['file_parts'][$j]['lines']++;
  1698. $context['file_parts'][$j]['data'] .= htmlspecialchars(strtr($file_data[$i], array("\t" => ' ')));
  1699. }
  1700. $context['entire_file'] = htmlspecialchars(strtr(implode('', $file_data), array("\t" => ' ')));
  1701. }
  1702. else
  1703. {
  1704. $context['sub_template'] = 'edit_file';
  1705. $context['entire_file'] = htmlspecialchars(strtr(file_get_contents($theme_dir . '/' . $_REQUEST['filename']), array("\t" => ' ')));
  1706. }
  1707. // Create a special token to allow editing of multiple files.
  1708. createToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']));
  1709. }
  1710. /**
  1711. * Generates a file listing for a given directory
  1712. *
  1713. * @param type $path
  1714. * @param type $relative
  1715. * @return type
  1716. */
  1717. function get_file_listing($path, $relative)
  1718. {
  1719. global $scripturl, $txt, $context;
  1720. // Is it even a directory?
  1721. if (!is_dir($path))
  1722. fatal_lang_error('error_invalid_dir', 'critical');
  1723. $dir = dir($path);
  1724. $entries = array();
  1725. while ($entry = $dir->read())
  1726. $entries[] = $entry;
  1727. $dir->close();
  1728. natcasesort($entries);
  1729. $listing1 = array();
  1730. $listing2 = array();
  1731. foreach ($entries as $entry)
  1732. {
  1733. // Skip all dot files, including .htaccess.
  1734. if (substr($entry, 0, 1) == '.' || $entry == 'CVS')
  1735. continue;
  1736. if (is_dir($path . '/' . $entry))
  1737. $listing1[] = array(
  1738. 'filename' => $entry,
  1739. 'is_writable' => is_writable($path . '/' . $entry),
  1740. 'is_directory' => true,
  1741. 'is_template' => false,
  1742. 'is_image' => false,
  1743. 'is_editable' => false,
  1744. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $relative . $entry,
  1745. 'size' => '',
  1746. );
  1747. else
  1748. {
  1749. $size = filesize($path . '/' . $entry);
  1750. if ($size > 2048 || $size == 1024)
  1751. $size = comma_format($size / 1024) . ' ' . $txt['themeadmin_edit_kilobytes'];
  1752. else
  1753. $size = comma_format($size) . ' ' . $txt['themeadmin_edit_bytes'];
  1754. $listing2[] = array(
  1755. 'filename' => $entry,
  1756. 'is_writable' => is_writable($path . '/' . $entry),
  1757. 'is_directory' => false,
  1758. 'is_template' => preg_match('~\.template\.php$~', $entry) != 0,
  1759. 'is_image' => preg_match('~\.(jpg|jpeg|gif|bmp|png)$~', $entry) != 0,
  1760. 'is_editable' => is_writable($path . '/' . $entry) && preg_match('~\.(php|pl|css|js|vbs|xml|xslt|txt|xsl|html|htm|shtm|shtml|asp|aspx|cgi|py)$~', $entry) != 0,
  1761. 'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;filename=' . $relative . $entry,
  1762. 'size' => $size,
  1763. 'last_modified' => timeformat(filemtime($path . '/' . $entry)),
  1764. );
  1765. }
  1766. }
  1767. return array_merge($listing1, $listing2);
  1768. }
  1769. /**
  1770. * Makes a copy of a template file in a new location
  1771. * @uses Themes template, copy_template sub-template.
  1772. */
  1773. function CopyTemplate()
  1774. {
  1775. global $context, $settings, $smcFunc;
  1776. isAllowedTo('admin_forum');
  1777. loadTemplate('Themes');
  1778. $context[$context['admin_menu_name']]['current_subsection'] = 'edit';
  1779. $_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
  1780. $request = $smcFunc['db_query']('', '
  1781. SELECT th1.value, th1.id_theme, th2.value
  1782. FROM {db_prefix}themes AS th1
  1783. LEFT JOIN {db_prefix}themes AS th2 ON (th2.variable = {string:base_theme_dir} AND th2.id_theme = {int:current_theme})
  1784. WHERE th1.variable = {string:theme_dir}
  1785. AND th1.id_theme = {int:current_theme}
  1786. LIMIT 1',
  1787. array(
  1788. 'current_theme' => $_GET['th'],
  1789. 'base_theme_dir' => 'base_theme_dir',
  1790. 'theme_dir' => 'theme_dir',
  1791. )
  1792. );
  1793. list ($theme_dir, $context['theme_id'], $base_theme_dir) = $smcFunc['db_fetch_row']($request);
  1794. $smcFunc['db_free_result']($request);
  1795. if (isset($_REQUEST['template']) && preg_match('~[\./\\\\:\0]~', $_REQUEST['template']) == 0)
  1796. {
  1797. if (!empty($base_theme_dir) && file_exists($base_theme_dir . '/' . $_REQUEST['template'] . '.template.php'))
  1798. $filename = $base_theme_dir . '/' . $_REQUEST['template'] . '.template.php';
  1799. elseif (file_exists($settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php'))
  1800. $filename = $settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php';
  1801. else
  1802. fatal_lang_error('no_access', false);
  1803. $fp = fopen($theme_dir . '/' . $_REQUEST['template'] . '.template.php', 'w');
  1804. fwrite($fp, file_get_contents($filename));
  1805. fclose($fp);
  1806. redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
  1807. }
  1808. elseif (isset($_REQUEST['lang_file']) && preg_match('~^[^\./\\\\:\0]\.[^\./\\\\:\0]$~', $_REQUEST['lang_file']) != 0)
  1809. {
  1810. if (!empty($base_theme_dir) && file_exists($base_theme_dir . '/languages/' . $_REQUEST['lang_file'] . '.php'))
  1811. $filename = $base_theme_dir . '/languages/' . $_REQUEST['template'] . '.php';
  1812. elseif (file_exists($settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php'))
  1813. $filename = $settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php';
  1814. else
  1815. fatal_lang_error('no_access', false);
  1816. $fp = fopen($theme_dir . '/languages/' . $_REQUEST['lang_file'] . '.php', 'w');
  1817. fwrite($fp, file_get_contents($filename));
  1818. fclose($fp);
  1819. redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
  1820. }
  1821. $templates = array();
  1822. $lang_files = array();
  1823. $dir = dir($settings['default_theme_dir']);
  1824. while ($entry = $dir->read())
  1825. {
  1826. if (substr($entry, -13) == '.template.php')
  1827. $templates[] = substr($entry, 0, -13);
  1828. }
  1829. $dir->close();
  1830. $dir = dir($settings['default_theme_dir'] . '/languages');
  1831. while ($entry = $dir->read())
  1832. {
  1833. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches))
  1834. $lang_files[] = $matches[1];
  1835. }
  1836. $dir->close();
  1837. if (!empty($base_theme_dir))
  1838. {
  1839. $dir = dir($base_theme_dir);
  1840. while ($entry = $dir->read())
  1841. {
  1842. if (substr($entry, -13) == '.template.php' && !in_array(substr($entry, 0, -13), $templates))
  1843. $templates[] = substr($entry, 0, -13);
  1844. }
  1845. $dir->close();
  1846. if (file_exists($base_theme_dir . '/languages'))
  1847. {
  1848. $dir = dir($base_theme_dir . '/languages');
  1849. while ($entry = $dir->read())
  1850. {
  1851. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches) && !in_array($matches[1], $lang_files))
  1852. $lang_files[] = $matches[1];
  1853. }
  1854. $dir->close();
  1855. }
  1856. }
  1857. natcasesort($templates);
  1858. natcasesort($lang_files);
  1859. $context['available_templates'] = array();
  1860. foreach ($templates as $template)
  1861. $context['available_templates'][$template] = array(
  1862. 'filename' => $template . '.template.php',
  1863. 'value' => $template,
  1864. 'already_exists' => false,
  1865. 'can_copy' => is_writable($theme_dir),
  1866. );
  1867. $context['available_language_files'] = array();
  1868. foreach ($lang_files as $file)
  1869. $context['available_language_files'][$file] = array(
  1870. 'filename' => $file . '.php',
  1871. 'value' => $file,
  1872. 'already_exists' => false,
  1873. 'can_copy' => file_exists($theme_dir . '/languages') ? is_writable($theme_dir . '/languages') : is_writable($theme_dir),
  1874. );
  1875. $dir = dir($theme_dir);
  1876. while ($entry = $dir->read())
  1877. {
  1878. if (substr($entry, -13) == '.template.php' && isset($context['available_templates'][substr($entry, 0, -13)]))
  1879. {
  1880. $context['available_templates'][substr($entry, 0, -13)]['already_exists'] = true;
  1881. $context['available_templates'][substr($entry, 0, -13)]['can_copy'] = is_writable($theme_dir . '/' . $entry);
  1882. }
  1883. }
  1884. $dir->close();
  1885. if (file_exists($theme_dir . '/languages'))
  1886. {
  1887. $dir = dir($theme_dir . '/languages');
  1888. while ($entry = $dir->read())
  1889. {
  1890. if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches) && isset($context['available_language_files'][$matches[1]]))
  1891. {
  1892. $context['available_language_files'][$matches[1]]['already_exists'] = true;
  1893. $context['available_language_files'][$matches[1]]['can_copy'] = is_writable($theme_dir . '/languages/' . $entry);
  1894. }
  1895. }
  1896. $dir->close();
  1897. }
  1898. $context['sub_template'] = 'copy_template';
  1899. }
  1900. ?>