X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FCore%2FTheme.php;h=c972e09fc71a659c085a7a0288c7b69f3391d19c;hb=c713c2bf622257dbecf223b5f58bf8a98dde9d65;hp=e5026904b8cef7936d4c2af75fe0ce600d8445c2;hpb=bd972151478f40f73585519110700222a1931d44;p=friendica.git diff --git a/src/Core/Theme.php b/src/Core/Theme.php index e5026904b8..c972e09fc7 100644 --- a/src/Core/Theme.php +++ b/src/Core/Theme.php @@ -6,8 +6,9 @@ namespace Friendica\Core; -use Friendica\Core\Logger; -use Friendica\Core\System; +use Friendica\BaseObject; +use Friendica\Model\Profile; +use Friendica\Util\Strings; require_once 'boot.php'; @@ -16,6 +17,23 @@ require_once 'boot.php'; */ class Theme { + public static function getAllowedList() + { + $allowed_themes_str = Config::get('system', 'allowed_themes'); + $allowed_themes_raw = explode(',', $allowed_themes_str); + $allowed_themes = []; + if (count($allowed_themes_raw)) { + foreach ($allowed_themes_raw as $theme) { + $theme = Strings::sanitizeFilePathItem(trim($theme)); + if (strlen($theme) && is_dir("view/theme/$theme")) { + $allowed_themes[] = $theme; + } + } + } + + return $allowed_themes; + } + /** * @brief Parse theme comment in search of theme infos. * @@ -33,6 +51,8 @@ class Theme */ public static function getInfo($theme) { + $theme = Strings::sanitizeFilePathItem($theme); + $info = [ 'name' => $theme, 'description' => "", @@ -48,10 +68,10 @@ class Theme return $info; } - $a = get_app(); + $a = \get_app(); $stamp1 = microtime(true); $theme_file = file_get_contents("view/theme/$theme/theme.php"); - $a->saveTimestamp($stamp1, "file"); + $a->getProfiler()->saveTimestamp($stamp1, "file", System::callstack()); $result = preg_match("|/\*.*\*/|msU", $theme_file, $matches); @@ -90,36 +110,43 @@ class Theme * * The screenshot is expected as view/theme/$theme/screenshot.[png|jpg]. * - * @param sring $theme The name of the theme + * @param string $theme The name of the theme * @return string + * @throws \Friendica\Network\HTTPException\InternalServerErrorException */ public static function getScreenshot($theme) { + $theme = Strings::sanitizeFilePathItem($theme); + $exts = ['.png', '.jpg']; foreach ($exts as $ext) { if (file_exists('view/theme/' . $theme . '/screenshot' . $ext)) { - return(System::baseUrl() . '/view/theme/' . $theme . '/screenshot' . $ext); + return System::baseUrl() . '/view/theme/' . $theme . '/screenshot' . $ext; } } - return(System::baseUrl() . '/images/blank.png'); + return System::baseUrl() . '/images/blank.png'; } - // install and uninstall theme public static function uninstall($theme) { - Logger::log("Addons: uninstalling theme " . $theme); + $theme = Strings::sanitizeFilePathItem($theme); - include_once "view/theme/$theme/theme.php"; - if (function_exists("{$theme}_uninstall")) { - $func = "{$theme}_uninstall"; - $func(); + // silently fail if theme was removed or if $theme is funky + if (file_exists("view/theme/$theme/theme.php")) { + Logger::log("Addons: uninstalling theme " . $theme); + + if (function_exists("{$theme}_uninstall")) { + $func = "{$theme}_uninstall"; + $func(); + } } } public static function install($theme) { - // silently fail if theme was removed + $theme = Strings::sanitizeFilePathItem($theme); + // silently fail if theme was removed or if $theme is funky if (!file_exists("view/theme/$theme/theme.php")) { return false; } @@ -148,6 +175,7 @@ class Theme * @param string $file Filename * @param string $root Full root path * @return string Path to the file or empty string if the file isn't found + * @throws \Friendica\Network\HTTPException\InternalServerErrorException */ public static function getPathForFile($file, $root = '') { @@ -157,17 +185,17 @@ class Theme if ($root !== '' && $root[strlen($root) - 1] !== '/') { $root = $root . '/'; } - $theme_info = get_app()->theme_info; + $theme_info = \get_app()->theme_info; if (is_array($theme_info) && array_key_exists('extends', $theme_info)) { $parent = $theme_info['extends']; } else { $parent = 'NOPATH'; } - $theme = get_app()->getCurrentTheme(); - $thname = $theme; + $theme = \get_app()->getCurrentTheme(); + $parent = Strings::sanitizeFilePathItem($parent); $ext = substr($file, strrpos($file, '.') + 1); $paths = [ - "{$root}view/theme/$thname/$ext/$file", + "{$root}view/theme/$theme/$ext/$file", "{$root}view/theme/$parent/$ext/$file", "{$root}view/$ext/$file", ]; @@ -193,13 +221,21 @@ class Theme */ public static function getStylesheetPath($theme) { - $a = get_app(); + $theme = Strings::sanitizeFilePathItem($theme); + + if (!file_exists('view/theme/' . $theme . '/style.php')) { + return 'view/theme/' . $theme . '/style.css'; + } + + $a = BaseObject::getApp(); + + $query_params = []; - $opts = (($a->profile_uid) ? '?f=&puid=' . $a->profile_uid : ''); - if (file_exists('view/theme/' . $theme . '/style.php')) { - return 'view/theme/' . $theme . '/style.pcss' . $opts; + $puid = Profile::getThemeUid($a); + if ($puid) { + $query_params['puid'] = $puid; } - return 'view/theme/' . $theme . '/style.css'; + return 'view/theme/' . $theme . '/style.pcss' . (!empty($query_params) ? '?' . http_build_query($query_params) : ''); } }