function get_theme_config_file($theme)
{
+ $theme = Strings::sanitizeFilePathItem($theme);
+
$a = \get_app();
$base_theme = defaults($a->theme_info, 'extends');
$default_mobile_theme = 'none';
}
- $allowed_themes_str = Config::get('system', 'allowed_themes');
- $allowed_themes_raw = explode(',', $allowed_themes_str);
- $allowed_themes = [];
- if (count($allowed_themes_raw)) {
- foreach ($allowed_themes_raw as $x) {
- if (strlen(trim($x)) && is_dir("view/theme/$x")) {
- $allowed_themes[] = trim($x);
- }
- }
- }
-
+ $allowed_themes = Theme::getAllowedList();
$themes = [];
$mobile_themes = ["---" => L10n::t('No special theme for mobile devices')];
- if ($allowed_themes) {
- foreach ($allowed_themes as $theme) {
- $is_experimental = file_exists('view/theme/' . $theme . '/experimental');
- $is_unsupported = file_exists('view/theme/' . $theme . '/unsupported');
- $is_mobile = file_exists('view/theme/' . $theme . '/mobile');
- if (!$is_experimental || ($is_experimental && (Config::get('experimentals', 'exp_themes')==1 || is_null(Config::get('experimentals', 'exp_themes'))))) {
- $theme_name = ucfirst($theme);
- if ($is_unsupported) {
- $theme_name = L10n::t("%s - \x28Unsupported\x29", $theme_name);
- } elseif ($is_experimental) {
- $theme_name = L10n::t("%s - \x28Experimental\x29", $theme_name);
- }
- if ($is_mobile) {
- $mobile_themes[$theme] = $theme_name;
- } else {
- $themes[$theme] = $theme_name;
- }
+ foreach ($allowed_themes as $theme) {
+ $is_experimental = file_exists('view/theme/' . $theme . '/experimental');
+ $is_unsupported = file_exists('view/theme/' . $theme . '/unsupported');
+ $is_mobile = file_exists('view/theme/' . $theme . '/mobile');
+ if (!$is_experimental || ($is_experimental && (Config::get('experimentals', 'exp_themes')==1 || is_null(Config::get('experimentals', 'exp_themes'))))) {
+ $theme_name = ucfirst($theme);
+ if ($is_unsupported) {
+ $theme_name = L10n::t('%s - (Unsupported)', $theme_name);
+ } elseif ($is_experimental) {
+ $theme_name = L10n::t('%s - (Experimental)', $theme_name);
+ }
+
+ if ($is_mobile) {
+ $mobile_themes[$theme] = $theme_name;
+ } else {
+ $themes[$theme] = $theme_name;
}
}
}
+
$theme_selected = defaults($_SESSION, 'theme' , $default_theme);
$mobile_theme_selected = defaults($_SESSION, 'mobile-theme', $default_mobile_theme);
<?php
use Friendica\App;
+use Friendica\Util\Strings;
/**
* load view/theme/$current_theme/style.php with friendica context
function view_init(App $a)
{
header("Content-Type: text/css");
-
- if ($a->argc == 4){
+
+ if ($a->argc == 4) {
$theme = $a->argv[2];
+ $theme = Strings::sanitizeFilePathItem($theme);
+
// set the path for later use in the theme styles
$THEMEPATH = "view/theme/$theme";
- if(file_exists("view/theme/$theme/style.php"))
+ if (file_exists("view/theme/$theme/style.php")) {
require_once("view/theme/$theme/style.php");
+ }
}
-
+
exit();
}
use Exception;
use Friendica\Core\Config\Cache\IConfigCache;
use Friendica\Core\Config\Configuration;
+use Friendica\Core\Theme;
use Friendica\Database\DBA;
use Friendica\Model\Profile;
use Friendica\Network\HTTPException\InternalServerErrorException;
use Friendica\Util\Config\ConfigFileLoader;
use Friendica\Util\HTTPSignature;
use Friendica\Util\Profiler;
+use Friendica\Util\Strings;
use Psr\Log\LoggerInterface;
/**
// Sane default
$this->currentTheme = $system_theme;
- $allowed_themes = explode(',', $this->config->get('system', 'allowed_themes', $system_theme));
-
$page_theme = null;
// Find the theme that belongs to the user whose stuff we are looking at
if ($this->profile_uid && ($this->profile_uid != local_user())) {
$theme_name = $user_theme;
}
+ $theme_name = Strings::sanitizeFilePathItem($theme_name);
if ($theme_name
- && in_array($theme_name, $allowed_themes)
+ && in_array($theme_name, Theme::getAllowedList())
&& (file_exists('view/theme/' . $theme_name . '/style.css')
|| file_exists('view/theme/' . $theme_name . '/style.php'))
) {
use Friendica\BaseObject;
use Friendica\Model\Profile;
+use Friendica\Util\Strings;
require_once 'boot.php';
*/
public static function getInfo($theme)
{
+ $theme = Strings::sanitizeFilePathItem($theme);
+
$info = [
'name' => $theme,
'description' => "",
*/
public static function getScreenshot($theme)
{
+ $theme = Strings::sanitizeFilePathItem($theme);
+
$exts = ['.png', '.jpg'];
foreach ($exts as $ext) {
if (file_exists('view/theme/' . $theme . '/screenshot' . $ext)) {
- return(System::baseUrl() . '/view/theme/' . $theme . '/screenshot' . $ext);
+ return System::baseUrl() . '/view/theme/' . $theme . '/screenshot' . $ext;
}
}
- return(System::baseUrl() . '/images/blank.png');
+ return System::baseUrl() . '/images/blank.png';
}
- // install and uninstall theme
public static function uninstall($theme)
{
- Logger::log("Addons: uninstalling theme " . $theme);
+ $theme = Strings::sanitizeFilePathItem($theme);
- include_once "view/theme/$theme/theme.php";
- if (function_exists("{$theme}_uninstall")) {
- $func = "{$theme}_uninstall";
- $func();
+ // silently fail if theme was removed or if $theme is funky
+ if (file_exists("view/theme/$theme/theme.php")) {
+ Logger::log("Addons: uninstalling theme " . $theme);
+
+ if (function_exists("{$theme}_uninstall")) {
+ $func = "{$theme}_uninstall";
+ $func();
+ }
}
}
public static function install($theme)
{
- // silently fail if theme was removed
+ $theme = Strings::sanitizeFilePathItem($theme);
+ // silently fail if theme was removed or if $theme is funky
if (!file_exists("view/theme/$theme/theme.php")) {
return false;
}
$parent = 'NOPATH';
}
$theme = \get_app()->getCurrentTheme();
- $thname = $theme;
+ $parent = Strings::sanitizeFilePathItem($parent);
$ext = substr($file, strrpos($file, '.') + 1);
$paths = [
- "{$root}view/theme/$thname/$ext/$file",
+ "{$root}view/theme/$theme/$ext/$file",
"{$root}view/theme/$parent/$ext/$file",
"{$root}view/$ext/$file",
];
*/
public static function getStylesheetPath($theme)
{
+ $theme = Strings::sanitizeFilePathItem($theme);
+
if (!file_exists('view/theme/' . $theme . '/style.php')) {
return 'view/theme/' . $theme . '/style.css';
}
### A bootstrap based theme for friendica
This Theme was started as an experiment to give the user a good looking and modern theme for friendica.
-I conentrated on 3 topics:
+I concentrated on 3 topics:
1. A Modern, mobile friendly UI with bootstrap and awesome font
2. Try to get a new UX for friendica (e.g. use modals where it seems to be useful)
*/
use Friendica\Core\PConfig;
+use Friendica\Util\Strings;
function get_scheme_info($scheme)
{
$scheme = PConfig::get(local_user(), 'frio', 'scheme', PConfig::get(local_user(), 'frio', 'schema'));
}
+ $scheme = Strings::sanitizeFilePathItem($scheme);
+
$info = [
'name' => $scheme,
'description' => '',
use Friendica\Core\Config;
use Friendica\Core\PConfig;
+use Friendica\Util\Strings;
require_once 'view/theme/frio/php/PHPColors/Color.php';
+$scheme = '';
$schemecss = '';
$schemecssfile = false;
$scheme_modified = 0;
$scheme = $_REQUEST['scheme'];
}
-// Sanitize the data.
-$scheme = !empty($scheme) ? basename($scheme) : '';
-
+$scheme = Strings::sanitizeFilePathItem($scheme);
if (($scheme) && ($scheme != '---')) {
if (file_exists('view/theme/frio/scheme/' . $scheme . '.php')) {
$quattro_align = $site_quattro_align;
}
+$color = \Friendica\Util\Strings::sanitizeFilePathItem($color);
+
if (file_exists("$THEMEPATH/$color/style.css")) {
echo file_get_contents("$THEMEPATH/$color/style.css");
}
$stylecss = '';
$modified = '';
+$style = \Friendica\Util\Strings::sanitizeFilePathItem($style);
+
foreach (['style', $style] as $file) {
$stylecssfile = $THEMEPATH . DIRECTORY_SEPARATOR . $file .'.css';
if (file_exists($stylecssfile)) {
projects / friendica.git / commitdiff