X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-themes.php;h=ca190695b59adb50706c014bc5983efb6f463adb;hb=e5676824c6657556f866057ffa33cb78826c8f89;hp=9731f71f5d56a6bf97e19612faed6fc3b523cfc3;hpb=4ef4c88fc481335dc0631b223111c15a84cccb51;p=mailer.git diff --git a/inc/modules/member/what-themes.php b/inc/modules/member/what-themes.php index 9731f71f5d..ca190695b5 100644 --- a/inc/modules/member/what-themes.php +++ b/inc/modules/member/what-themes.php @@ -32,30 +32,29 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) -{ +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); -} - elseif (!IS_LOGGED_IN()) -{ +} elseif (!IS_MEMBER()) { LOAD_URL("modules.php?module=index"); +} elseif ((!EXT_IS_ACTIVE("theme")) && (!IS_ADMIN())) { + ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "theme"); + return; } // Add description as navigation point -ADD_DESCR("member", basename(__FILE__)); +ADD_DESCR("member", __FILE__); -if (!empty($_POST['member_theme'])) -{ +if (!empty($_POST['member_theme'])) { // Save theme to member's profile - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET curr_theme='%s' WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET curr_theme='%s' WHERE userid=%s LIMIT 1", array($_POST['member_theme'], $GLOBALS['userid']), __FILE__, __LINE__); // Set new theme for guests - $NewTheme = $_POST['member_theme']; + $newTheme = SQL_ESCAPE($_POST['member_theme']); // Change to new theme - set_session("mxchange_theme", $NewTheme); + set_session("mxchange_theme", $newTheme); // Theme saved! LOAD_TEMPLATE("admin_settings_saved", false, MEMBER_THEME_SAVED); @@ -73,23 +72,16 @@ $THEMES = array( // Read directory "themes" $handle = opendir(PATH."theme/") or mxchange_die("Cannot read themes dir!"); -while ($dir = readdir($handle)) { +while ($entry = readdir($handle)) { // Construct absolute theme.php file name - $theme = sprintf("%stheme/%s/theme.php", PATH, $dir); - - // Test it... - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_themes WHERE theme_path='%s' AND theme_active='Y' LIMIT 1", - array($dir), __FILE__, __LINE__); - - if (($dir != ".") && ($dir != "..") && (FILE_READABLE($theme)) && (SQL_NUMROWS($result) == 1)) { - // Free memory - SQL_FREERESULT($result); + $theme = sprintf("%stheme/%s/theme.php", PATH, $entry); + if (($entry != ".") && ($entry != "..") && (FILE_READABLE($theme)) && (THEME_IS_ACTIVE($entry))) { // Found a valid directory so let's load it's theme.php file include($theme); // Add found theme to array - $THEMES['theme_unix'][] = $dir; + $THEMES['theme_unix'][] = $entry; $THEMES['theme_name'][] = $THEME_NAME; $THEMES['theme_author'][] = $THEME_AUTHOR; $THEMES['theme_email'][] = $THEME_EMAIL; @@ -106,8 +98,7 @@ array_pk_sort($THEMES, array("theme_name")); // Generate output lines for the template $OUT = ""; $SW = 2; -foreach ($THEMES['theme_unix'] as $key=>$unix) -{ +foreach ($THEMES['theme_unix'] as $key => $unix) { $default = ""; if (get_session('mxchange_theme') == $unix) $default = " checked selected"; @@ -127,8 +118,8 @@ foreach ($THEMES['theme_unix'] as $key=>$unix) \n"; $SW = 3 - $SW; } -if (empty($OUT)) -{ + +if (empty($OUT)) { // No themes found??? $OUT = "