require($INC);
}
+// Always make sure the session management is initialized first
+require_once(PATH."inc/session.php");
+
//
-function GET_CURR_THEME()
-{
- global $_COOKIE, $INC_POOL, $CONFIG, $_GET, $_POST, $CSS;
+function GET_CURR_THEME() {
+ global $INC_POOL, $_CONFIG, $CSS;
+
// The default theme is 'default'... ;-)
$ret = "default";
// Load default theme if not empty from configuration
- if (!empty($CONFIG['default_theme'])) $ret = $CONFIG['default_theme'];
+ if (!empty($_CONFIG['default_theme'])) $ret = $_CONFIG['default_theme'];
- if (empty($_COOKIE['mxchange_theme']))
- {
+ if (!isSessionVariableSet('mxchange_theme')) {
// Set default theme
- @setcookie("mxchange_theme", $ret, (time() + 60*60*24*365), COOKIE_PATH);
- }
- elseif ((!empty($_COOKIE['mxchange_theme'])) && (GET_EXT_VERSION("sql_patches") >= "0.1.4"))
- {
+ set_session("mxchange_theme", $ret);
+ } elseif ((isSessionVariableSet('mxchange_theme')) && (GET_EXT_VERSION("sql_patches") >= "0.1.4")) {
// Get theme from cookie
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_themes WHERE theme_path='%s' LIMIT 1", array($_COOKIE['mxchange_theme']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_themes WHERE theme_path='%s' LIMIT 1", array(get_session('mxchange_theme')), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
// Design is valid!
- $ret = $_COOKIE['mxchange_theme'];
+ $ret = get_session('mxchange_theme');
}
// Free memory
SQL_FREERESULT($result);
- }
- elseif ((!mxchange_installed) && ((mxchange_installing) || ($CSS == true)) && ((!empty($_GET['theme'])) || (!empty($_POST['theme']))))
- {
+ } elseif ((!isBooleanConstantAndTrue('mxchange_installed')) && ((isBooleanConstantAndTrue('mxchange_installing')) || ($CSS == true)) && ((!empty($_GET['theme'])) || (!empty($_POST['theme'])))) {
+ // Prepare FQFN for checking
+ $theme = sprintf("%stheme/%s/theme.php", PATH, $_GET['theme']);
+
// Installation mode active
- if ((!empty($_GET['theme'])) && (file_exists(PATH."theme/".$_GET['theme']."/theme.php")))
- {
+ if ((!empty($_GET['theme'])) && (file_exists($theme)) && (is_readable($theme))) {
// Set cookie from URL data
- @setcookie("mxchange_theme", $_GET['theme'], (time() + 60*60*24*365), COOKIE_PATH);
- $_COOKIE['mxchange_theme'] = $_GET['theme'];
- }
- elseif (file_exists(PATH."theme/".$_POST['theme']."/theme.php"))
- {
+ set_session("mxchange_theme", $_GET['theme']);
+ } elseif (file_exists(PATH."theme/".$_POST['theme']."/theme.php")) {
// Set cookie from posted data
- @setcookie("mxchange_theme", $_POST['theme'], (time() + 60*60*24*365), COOKIE_PATH);
- $_COOKIE['mxchange_theme'] = $_POST['theme'];
+ set_session("mxchange_theme", $_POST['theme']);
}
// Set return value
- $ret = $_COOKIE['mxchange_theme'];
- }
- else
- {
+ $ret = get_session('mxchange_theme');
+ } else {
// Invalid design, reset cookie
- @setcookie("mxchange_theme", $ret, (time() + 60*60*24*365), COOKIE_PATH);
+ set_session("mxchange_theme", $ret);
}
// Add (maybe) found theme.php file to inclusion list
- $theme = PATH."theme/".$ret."/theme.php";
- if (@file_exists($theme)) $INC_POOL[] = $theme;
+ $theme = sprintf("%stheme/%s/theme.php", PATH, SQL_ESCAPE($ret));
+
+ // Try to load the requested include file
+ if ((@file_exists($theme)) && (is_readable($theme))) $INC_POOL[] = $theme;
// Return theme value
return $ret;
function THEME_SELECTION_BOX($mod, $act, $wht, $result)
{
// Construction URL
- global $CurrTheme;
+ global $currTheme;
$FORM = URL."/modules.php?module=".$mod;
if (!empty($act)) $FORM .= "&action=".$act;
if (!empty($wht)) $FORM .= "&what=".$wht;
foreach ($THEMES['theme_unix'] as $key=>$theme)
{
$OUT .= " <OPTION value=\"".$theme."\"";
- if ($theme == $CurrTheme) $OUT .= " selected=\"selected\"";
+ if ($theme == $currTheme) $OUT .= " selected=\"selected\"";
$OUT .= ">".$THEMES['theme_name'][$key]."</OPTION>\n";
}
}
// Initialize variables
-$CurrTheme = GET_CURR_THEME();
+$currTheme = GET_CURR_THEME();
if (empty($_POST['new_theme'])) $_POST['new_theme'] = "";
// Check if new theme is selcted
-if ((!empty($_POST['new_theme'])) && ($_POST['new_theme'] != $CurrTheme))
+if ((!empty($_POST['new_theme'])) && ($_POST['new_theme'] != $currTheme))
{
// Set new theme for guests
$NewTheme = $_POST['new_theme'];
// Change to new theme
- @setcookie("mxchange_theme", $NewTheme, (time() + 60*60*24*365), COOKIE_PATH);
+ set_session("mxchange_theme", $NewTheme);
// Remove current from array and set new
- $theme = PATH."theme/".$CurrTheme."/theme.php";
+ $theme = PATH."theme/".$currTheme."/theme.php";
unset($INC_POOL[array_search($theme, $INC_POOL)]);
$INC_POOL[] = PATH."theme/".$NewTheme."/theme.php";
}