diff -r 8063eace5b67 -r fe8b8c9b54e8 plugins/admin/ThemeManager.php --- a/plugins/admin/ThemeManager.php Sat Mar 01 18:54:33 2008 -0500 +++ b/plugins/admin/ThemeManager.php Sat Mar 01 18:55:30 2008 -0500 @@ -12,7 +12,7 @@ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. */ -function page_Admin_ThemeManager() +function page_Admin_ThemeManager($force_no_json = false) { global $db, $session, $paths, $template, $plugins; // Common objects global $lang; @@ -83,7 +83,7 @@ $installable = array_flip($installable); // AJAX code - if ( $paths->getParam(0) === 'action.json' ) + if ( $paths->getParam(0) === 'action.json' && !$force_no_json ) { return ajaxServlet_Admin_ThemeManager($themes); } @@ -209,290 +209,211 @@ // Build a list of group names $row['group_names'] = array(); - foreach ( $row['group_list'] as $group_id ) + $q = $db->sql_query('SELECT group_id, group_name FROM ' . table_prefix . 'groups;'); + if ( !$q ) + $db->die_json(); + while ( $gr = $db->fetchrow() ) { - $row['group_names'][$group_id] = ''; + $row['group_names'][ intval($gr['group_id']) ] = $gr['group_name']; } - if ( count($row['group_names']) > 0 ) + $db->free_result(); + + // Build a list of usernames + $row['usernames'] = array(); + foreach ( $row['group_list'] as $el ) { - $idlist = 'group_id = ' . implode(' OR group_id = ', array_keys($row['group_names'])); - $q = $db->sql_query('SELECT group_id, group_name FROM ' . table_prefix . "groups WHERE $idlist;"); + if ( !preg_match('/^u:([0-9]+)$/', $el, $match) ) + continue; + $uid =& $match[1]; + $q = $db->sql_query('SELECT username FROM ' . table_prefix . "users WHERE user_id = $uid;"); if ( !$q ) $db->die_json(); - while ( $gr = $db->fetchrow_num() ) + if ( $db->numrows() < 1 ) { - list($group_id, $group_name) = $gr; - $row['group_names'][$group_id] = $group_name; + $db->free_result(); + continue; } + list($username) = $db->fetchrow_num(); + $row['usernames'][$uid] = $username; + $db->free_result(); } echo enano_json_encode($row); break; + case 'uid_lookup': + $username = @$request['username']; + if ( empty($username) ) + { + die(enano_json_encode(array( + 'mode' => 'error', + 'error' => $lang->get('acptm_err_invalid_username') + ))); + } + $username = $db->escape(strtolower($username)); + $q = $db->sql_query('SELECT user_id, username FROM ' . table_prefix . "users WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username';"); + if ( !$q ) + $db->die_json(); + + if ( $db->numrows() < 1 ) + { + die(enano_json_encode(array( + 'mode' => 'error', + 'error' => $lang->get('acptm_err_username_not_found') + ))); + } + + list($uid, $username_real) = $db->fetchrow_num(); + $db->free_result(); + + echo enano_json_encode(array( + 'uid' => $uid, + 'username' => $username_real + )); + break; + case 'save_theme': + if ( !isset($request['theme_data']) ) + { + die(enano_json_encode(array( + 'mode' => 'error', + 'error' => 'No theme data in request' + ))); + } + $theme_data =& $request['theme_data']; + // Perform integrity check on theme data + $chk_theme_exists = isset($themes[@$theme_data['theme_id']]); + $theme_data['theme_name'] = trim(@$theme_data['theme_name']); + $chk_name_good = !empty($theme_data['theme_name']); + $chk_policy_good = in_array(@$theme_data['group_policy'], array('allow_all', 'whitelist', 'blacklist')); + $chk_grouplist_good = true; + foreach ( $theme_data['group_list'] as $acl_entry ) + { + if ( !preg_match('/^(u|g):[0-9]+$/', $acl_entry) ) + { + $chk_grouplist_good = false; + break; + } + } + $chk_style_good = @in_array(@$theme_data['default_style'], @$themes[@$theme_data['theme_id']]['css']); + if ( !$chk_theme_exists || !$chk_name_good || !$chk_policy_good || !$chk_grouplist_good || !$chk_style_good ) + { + die(enano_json_encode(array( + 'mode' => 'error', + 'error' => $lang->get('acptm_err_save_validation_failed') + ))); + } + + $enable = ( $theme_data['enabled'] ) ? '1' : '0'; + $theme_default = getConfig('theme_default'); + $warn_default = ( $theme_default === $theme_data['theme_id'] || $theme_data['make_default'] ) ? + ' ' . $lang->get('acptm_warn_access_with_default') . ' ' : + ' '; + if ( $enable == 0 && ( $theme_default === $theme_data['theme_id'] || $theme_data['make_default'] ) ) + { + $enable = '1'; + $warn_default .= $lang->get('acptm_warn_cant_disable_default'); + } + + // We're good. Update the theme... + $q = $db->sql_query('UPDATE ' . table_prefix . 'themes SET + theme_name = \'' . $db->escape($theme_data['theme_name']) . '\', + default_style = \'' . $db->escape($theme_data['default_style']) . '\', + group_list = \'' . $db->escape(enano_json_encode($theme_data['group_list'])) . '\', + group_policy = \'' . $db->escape($theme_data['group_policy']) . '\', + enabled = ' . $enable . ' + WHERE theme_id = \'' . $db->escape($theme_data['theme_id']) . '\';'); + if ( !$q ) + $db->die_json(); + + if ( $theme_data['make_default'] ) + { + setConfig('theme_default', $theme_data['theme_id']); + } + + echo '
' . $lang->get('acptm_msg_save_success') . '' . $warn_default . '
'; + + page_Admin_ThemeManager(true); + break; + case 'install': + $theme_id =& $request['theme_id']; + if ( !isset($themes[$theme_id]) ) + { + die(enano_json_encode(array( + 'mode' => 'error', + 'error' => 'Theme was deleted from themes/ directory or couldn\'t read theme metadata from filesystem' + ))); + } + if ( !isset($themes[$theme_id]['css'][0]) ) + { + die(enano_json_encode(array( + 'mode' => 'error', + 'error' => 'Theme doesn\'t have any files in css/, thus it can\'t be installed. (translators: l10n?)' + ))); + } + // build dataset + $theme_name = $db->escape($themes[$theme_id]['theme_name']); + $default_style = $db->escape($themes[$theme_id]['css'][0]); + $theme_id = $db->escape($theme_id); + + // insert it + $q = $db->sql_query('INSERT INTO ' . table_prefix . "themes(theme_id, theme_name, default_style, enabled, group_list, group_policy)\n" + . " VALUES( '$theme_id', '$theme_name', '$default_style', 1, '[]', 'allow_all' );"); + if ( !$q ) + $db->die_json(); + + // The response isn't processed unless it's in JSON. + echo 'Roger that, over and out.'; + + break; + case 'uninstall': + $theme_id =& $request['theme_id']; + $theme_default = getConfig('theme_default'); + + // Validation + if ( !isset($themes[$theme_id]) ) + { + die(enano_json_encode(array( + 'mode' => 'error', + 'error' => 'Theme was deleted from themes/ directory or couldn\'t read theme metadata from filesystem' + ))); + } + + if ( $theme_id == $theme_default ) + { + die(enano_json_encode(array( + 'mode' => 'error', + 'error' => $lang->get('acptm_err_uninstalling_default') + ))); + } + + if ( $theme_id == 'oxygen' ) + { + die(enano_json_encode(array( + 'mode' => 'error', + 'error' => $lang->get('acptm_err_uninstalling_oxygen') + ))); + } + + $theme_id = $db->escape($theme_id); + + $q = $db->sql_query('DELETE FROM ' . table_prefix . "themes WHERE theme_id = '$theme_id';"); + if ( !$q ) + $db->die_json(); + + // Change all the users that were on that theme to the default + $default_style = $themes[$theme_default]['default_style']; + $default_style = preg_replace('/\.css$/', '', $default_style); + + $theme_default = $db->escape($theme_default); + $default_style = $db->escape($default_style); + + $q = $db->sql_query('UPDATE ' . table_prefix . "users SET theme = '$theme_default', style = '$default_style' WHERE theme = '$theme_id';"); + if ( !$q ) + $db->die_json(); + + echo '
' . $lang->get('acptm_msg_uninstall_success') . '
'; + + page_Admin_ThemeManager(true); + break; } } -function page_Admin_ThemeManagerOld() -{ - global $db, $session, $paths, $template, $plugins; // Common objects - global $lang; - if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) - { - $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); - echo '

' . $lang->get('adm_err_not_auth_title') . '

'; - echo '

' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '

'; - return; - } - - - // Get the list of styles in the themes/ dir - $h = opendir('./themes'); - $l = Array(); - if(!$h) die('Error opening directory "./themes" for reading.'); - while(false !== ($n = readdir($h))) { - if($n != '.' && $n != '..' && is_dir('./themes/'.$n)) - $l[] = $n; - } - closedir($h); - echo(' -

Theme Management

-

Install, uninstall, and manage Enano themes.

- '); - if(isset($_POST['disenable'])) { - $q = 'SELECT enabled FROM '.table_prefix.'themes WHERE theme_id=\'' . $db->escape($_POST['theme_id']) . '\''; - $s = $db->sql_query($q); - if(!$s) die('Error selecting enabled/disabled state value: '.$db->get_error().'
SQL:
'.$q); - $r = $db->fetchrow_num($s); - $db->free_result(); - if($r[0] == 1) $e = 0; - else $e = 1; - $s=true; - if($e==0) - { - $c = $db->sql_query('SELECT * FROM '.table_prefix.'themes WHERE enabled=1'); - if(!$c) $db->_die('The backup check for having at least on theme enabled failed.'); - if($db->numrows() <= 1) { echo '
You cannot disable the last remaining theme.
'; $s=false; } - } - $db->free_result(); - if($s) { - $q = 'UPDATE '.table_prefix.'themes SET enabled='.$e.' WHERE theme_id=\'' . $db->escape($_POST['theme_id']) . '\''; - $a = $db->sql_query($q); - if(!$a) die('Error updating enabled/disabled state value: '.$db->get_error().'
SQL:
'.$q); - else echo('
The theme "'.$_POST['theme_id'].'" has been '. ( ( $e == '1' ) ? 'enabled' : 'disabled' ).'.
'); - } - } - elseif(isset($_POST['edit'])) { - - $dir = './themes/'.$_POST['theme_id'].'/css/'; - $list = Array(); - // Open a known directory, and proceed to read its contents - if (is_dir($dir)) { - if ($dh = opendir($dir)) { - while (($file = readdir($dh)) !== false) { - if(preg_match('#^(.*?)\.css$#is', $file) && $file != '_printable.css') { - $list[$file] = capitalize_first_letter(substr($file, 0, strlen($file)-4)); - } - } - closedir($dh); - } - } - $lk = array_keys($list); - - $q = 'SELECT theme_name,default_style FROM '.table_prefix.'themes WHERE theme_id=\''.$db->escape($_POST['theme_id']).'\''; - $s = $db->sql_query($q); - if(!$s) die('Error selecting name value: '.$db->get_error().'
SQL:
'.$q); - $r = $db->fetchrow_num($s); - $db->free_result(); - acp_start_form(); - echo('
- Theme name displayed to users:

- Default stylesheet:

- -
'); - echo(''); - } - elseif(isset($_POST['editsave'])) { - $q = 'UPDATE '.table_prefix.'themes SET theme_name=\'' . $db->escape($_POST['name']) . '\',default_style=\''.$db->escape($_POST['defaultcss']).'\' WHERE theme_id=\'' . $db->escape($_POST['theme_id']) . '\''; - $s = $db->sql_query($q); - if(!$s) die('Error updating name value: '.$db->get_error().'
SQL:
'.$q); - else echo('
Theme data updated.
'); - } - elseif(isset($_POST['up'])) { - // If there is only one theme or if the selected theme is already at the top, do nothing - $q = 'SELECT theme_order FROM '.table_prefix.'themes ORDER BY theme_order;'; - $s = $db->sql_query($q); - if(!$s) die('Error selecting order information: '.$db->get_error().'
SQL:
'.$q); - $q = 'SELECT theme_order FROM '.table_prefix.'themes WHERE theme_id=\''.$db->escape($_POST['theme_id']).'\''; - $sn = $db->sql_query($q); - if(!$sn) die('Error selecting order information: '.$db->get_error().'
SQL:
'.$q); - $r = $db->fetchrow_num($sn); - if( /* check for only one theme... */ $db->numrows($s) < 2 || $r[0] == 1 /* ...and check if this theme is already at the top */ ) { echo('
This theme is already at the top of the list, or there is only one theme installed.
'); } else { - // Get the order IDs of the selected theme and the theme before it - $q = 'SELECT theme_order FROM '.table_prefix.'themes WHERE theme_id=\'' . $db->escape($_POST['theme_id']) . '\''; - $s = $db->sql_query($q); - if(!$s) die('Error selecting order information: '.$db->get_error().'
SQL:
'.$q); - $r = $db->fetchrow_num($s); - $r = $r[0]; - $rb = $r - 1; - // Thank God for jEdit's rectangular selection and the ablity to edit multiple lines at the same time ;) - $q = 'UPDATE '.table_prefix.'themes SET theme_order=0 WHERE theme_order='.$rb.''; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.$db->get_error().'
SQL:
'.$q); - $q = 'UPDATE '.table_prefix.'themes SET theme_order='.$rb.' WHERE theme_order='.$r.''; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.$db->get_error().'
SQL:
'.$q); - $q = 'UPDATE '.table_prefix.'themes SET theme_order='.$r.' WHERE theme_order=0'; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.$db->get_error().'
SQL:
'.$q); - echo('
Theme moved up.
'); - } - $db->free_result($s); - $db->free_result($sn); - } - elseif(isset($_POST['down'])) { - // If there is only one theme or if the selected theme is already at the top, do nothing - $q = 'SELECT theme_order FROM '.table_prefix.'themes ORDER BY theme_order;'; - $s = $db->sql_query($q); - if(!$s) die('Error selecting order information: '.$db->get_error().'
SQL:
'.$q); - $r = $db->fetchrow_num($s); - if( /* check for only one theme... */ $db->numrows($s) < 2 || $r[0] == $db->numrows($s) /* ...and check if this theme is already at the bottom */ ) { echo('
This theme is already at the bottom of the list, or there is only one theme installed.
'); } else { - // Get the order IDs of the selected theme and the theme before it - $q = 'SELECT theme_order FROM '.table_prefix.'themes WHERE theme_id=\''.$db->escape($_POST['theme_id']).'\''; - $s = $db->sql_query($q); - if(!$s) die('Error selecting order information: '.$db->get_error().'
SQL:
'.$q); - $r = $db->fetchrow_num($s); - $r = $r[0]; - $rb = $r + 1; - // Thank God for jEdit's rectangular selection and the ablity to edit multiple lines at the same time ;) - $q = 'UPDATE '.table_prefix.'themes SET theme_order=0 WHERE theme_order='.$rb.''; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.$db->get_error().'
SQL:
'.$q); - $q = 'UPDATE '.table_prefix.'themes SET theme_order='.$rb.' WHERE theme_order='.$r.''; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.$db->get_error().'
SQL:
'.$q); - $q = 'UPDATE '.table_prefix.'themes SET theme_order='.$r.' WHERE theme_order=0'; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.$db->get_error().'
SQL:
'.$q); - echo('
Theme moved down.
'); - } - } - else if(isset($_POST['uninstall'])) - { - $q = 'SELECT * FROM '.table_prefix.'themes;'; - $s = $db->sql_query($q); - if ( !$s ) - { - die('Error getting theme count: '.$db->get_error().'
SQL:
'.$q); - } - $n = $db->numrows($s); - $db->free_result(); - - if ( $_POST['theme_id'] == 'oxygen' ) - { - echo '
The Oxygen theme is used by Enano for installation, upgrades, and error messages, and cannot be uninstalled.
'; - } - else - { - if($n < 2) - { - echo '
The theme could not be uninstalled because it is the only theme left.
'; - } - else - { - $q = 'DELETE FROM '.table_prefix.'themes WHERE theme_id=\''.$db->escape($_POST['theme_id']).'\' LIMIT 1;'; - $s = $db->sql_query($q); - if ( !$s ) - { - die('Error deleting theme data: '.$db->get_error().'
SQL:
'.$q); - } - else - { - echo('
Theme uninstalled.
'); - } - } - } - } - elseif(isset($_POST['install'])) { - $q = 'SELECT theme_id FROM '.table_prefix.'themes;'; - $s = $db->sql_query($q); - if(!$s) die('Error getting theme count: '.$db->get_error().'
SQL:
'.$q); - $n = $db->numrows($s); - $n++; - $theme_id = $_POST['theme_id']; - $theme = Array(); - include('./themes/'.$theme_id.'/theme.cfg'); - if ( !isset($theme['theme_id']) ) - { - echo '
Could not load theme.cfg (theme metadata file)
'; - } - else - { - $default_style = false; - if ( $dh = opendir('./themes/' . $theme_id . '/css') ) - { - while ( $file = readdir($dh) ) - { - if ( $file != '_printable.css' && preg_match('/\.css$/i', $file) ) - { - $default_style = $file; - break; - } - } - closedir($dh); - } - else - { - die('The /css subdirectory could not be located in the theme\'s directory'); - } - - if ( $default_style ) - { - $q = 'INSERT INTO '.table_prefix.'themes(theme_id,theme_name,theme_order,enabled,default_style) VALUES(\''.$db->escape($theme['theme_id']).'\', \''.$db->escape($theme['theme_name']).'\', '.$n.', 1, \'' . $db->escape($default_style) . '\')'; - $s = $db->sql_query($q); - if(!$s) die('Error inserting theme data: '.$db->get_error().'
SQL:
'.$q); - else echo('
Theme "'.$theme['theme_name'].'" installed.
'); - } - else - { - echo '
Could not determine the default style for the theme.
'; - } - } - } - echo(' -

Currently installed themes

-
-

- -

-
-

Install a new theme

- '); - $theme = Array(); - $obb = ''; - for($i=0;$isql_query($q); - if(!$s) die('Error selecting list of currently installed themes: '.$db->get_error().'
Attempted SQL:
'.$q); - if($db->numrows($s) < 1) { - $obb .= ''; - } - $db->free_result(); - } - } - if($obb != '') { - echo('

'); - echo(''); - echo(' - -

'); - } else echo('

All themes are currently installed.

'); -}