if (SQL_NUMROWS($result) == 0)
{
// Import theme
- $file = PATH."theme/".$_POST['theme']."/theme.php";
- if (file_exists($file))
- {
+ $file = sprintf("%stheme/%s/theme.php", PATH, SQL_ESCAPE($_POST['theme']));
+ if ((file_exists($file)) && (is_readable($file))) {
+ // Load the theme header file
include($file);
+
+ // Register it ith the exchange
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_themes (theme_path, theme_active, theme_ver)
VALUES ('%s', 'N', '%s')",
array($_POST['theme'], $THEME_VERSION), __FILE__, __LINE__);
$msg = ADMIN_THEME_IMPORTED_1.$_POST['theme'].ADMIN_THEME_IMPORTED_2;
- }
- else
- {
+ } else {
// Include file not found!
$msg = ADMIN_THEME_INC_404_1.$_POST['theme'].ADMIN_THEME_INC_404_2;
}
- }
- else
- {
+ } else {
// Free memory
SQL_FREERESULT($result);
// Read directory "themes"
$handle = opendir(PATH."theme/") or mxchange_die("Cannot read themes dir!");
-while ($dir = readdir($handle))
-{
+while ($dir = readdir($handle)) {
// Construct absolute theme.php file name
- $theme = PATH."theme/".$dir."/"."theme.php";
+ $theme = sprintf("%stheme/%s/theme.php", PATH, $dir);
// Test it...
- if (($dir != ".") && ($dir != "..") && (file_exists($theme)))
- {
+ if (($dir != ".") && ($dir != "..") && (file_exists($theme)) && (is_readable($theme))) {
// Found a valid directory so let's load it's theme.php file
include($theme);
// Generate output lines for the template
$OUT = ""; $SW = 2;
-foreach ($THEMES['theme_unix'] as $key=>$unix)
-{
+foreach ($THEMES['theme_unix'] as $key=>$unix) {
// Check if current theme is already imported or not
$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_themes WHERE theme_path='%s' LIMIT 1",
array($unix), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ if (SQL_NUMROWS($result) == 1) {
// Free memory
SQL_FREERESULT($result);
// Already installed
$FOUND = "<FONT class=\"admin_note\">".ADMIN_THEME_ALREADY_INSTALLED."</FONT>";
- }
- else
- {
+ } else {
// Theme not installed
$FOUND = "<FORM action=\"".URL."/modules.php?module=admin&what=theme_import\" method=\"POST\">
<INPUT type=\"submit\" name=\"ok\" class=\"admin_submit\" value=\"".ADMIN_INSTALL_THEME."\">
</TR>\n";
$SW = 3 - $SW;
}
-if (empty($OUT))
-{
+
+if (empty($OUT)) {
// No themes found???
$OUT .= "<TR>
<TD colspan=\"6\" class=\"bottom2\" height=\"80\">