namespace Friendica\Core;
use Friendica\BaseObject;
-use Friendica\Core\Logger;
-use Friendica\Core\System;
use Friendica\Model\Profile;
+use Friendica\Util\Strings;
+
+require_once 'boot.php';
/**
* Some functions to handle themes
*/
class Theme
{
+ public static function getAllowedList()
+ {
+ $allowed_themes_str = Config::get('system', 'allowed_themes');
+ $allowed_themes_raw = explode(',', $allowed_themes_str);
+ $allowed_themes = [];
+ if (count($allowed_themes_raw)) {
+ foreach ($allowed_themes_raw as $theme) {
+ $theme = Strings::sanitizeFilePathItem(trim($theme));
+ if (strlen($theme) && is_dir("view/theme/$theme")) {
+ $allowed_themes[] = $theme;
+ }
+ }
+ }
+
+ return $allowed_themes;
+ }
+
/**
* @brief Parse theme comment in search of theme infos.
*
*/
public static function getInfo($theme)
{
+ $theme = Strings::sanitizeFilePathItem($theme);
+
$info = [
'name' => $theme,
'description' => "",
$a = \get_app();
$stamp1 = microtime(true);
$theme_file = file_get_contents("view/theme/$theme/theme.php");
- $a->saveTimestamp($stamp1, "file");
+ $a->getProfiler()->saveTimestamp($stamp1, "file", System::callstack());
$result = preg_match("|/\*.*\*/|msU", $theme_file, $matches);
*/
public static function getScreenshot($theme)
{
+ $theme = Strings::sanitizeFilePathItem($theme);
+
$exts = ['.png', '.jpg'];
foreach ($exts as $ext) {
if (file_exists('view/theme/' . $theme . '/screenshot' . $ext)) {
- return(System::baseUrl() . '/view/theme/' . $theme . '/screenshot' . $ext);
+ return System::baseUrl() . '/view/theme/' . $theme . '/screenshot' . $ext;
}
}
- return(System::baseUrl() . '/images/blank.png');
+ return System::baseUrl() . '/images/blank.png';
}
- // install and uninstall theme
public static function uninstall($theme)
{
- Logger::log("Addons: uninstalling theme " . $theme);
+ $theme = Strings::sanitizeFilePathItem($theme);
- include_once "view/theme/$theme/theme.php";
- if (function_exists("{$theme}_uninstall")) {
- $func = "{$theme}_uninstall";
- $func();
+ // silently fail if theme was removed or if $theme is funky
+ if (file_exists("view/theme/$theme/theme.php")) {
+ Logger::log("Addons: uninstalling theme " . $theme);
+
+ if (function_exists("{$theme}_uninstall")) {
+ $func = "{$theme}_uninstall";
+ $func();
+ }
}
}
public static function install($theme)
{
- // silently fail if theme was removed
+ $theme = Strings::sanitizeFilePathItem($theme);
+ // silently fail if theme was removed or if $theme is funky
if (!file_exists("view/theme/$theme/theme.php")) {
return false;
}
$parent = 'NOPATH';
}
$theme = \get_app()->getCurrentTheme();
- $thname = $theme;
+ $parent = Strings::sanitizeFilePathItem($parent);
$ext = substr($file, strrpos($file, '.') + 1);
$paths = [
- "{$root}view/theme/$thname/$ext/$file",
+ "{$root}view/theme/$theme/$ext/$file",
"{$root}view/theme/$parent/$ext/$file",
"{$root}view/$ext/$file",
];
*/
public static function getStylesheetPath($theme)
{
+ $theme = Strings::sanitizeFilePathItem($theme);
+
if (!file_exists('view/theme/' . $theme . '/style.php')) {
return 'view/theme/' . $theme . '/style.css';
}