diff --git a/phpBB/adm/admin_styles.php b/phpBB/adm/admin_styles.php index 1c09414652..05832204ca 100644 --- a/phpBB/adm/admin_styles.php +++ b/phpBB/adm/admin_styles.php @@ -100,24 +100,27 @@ foreach (array('tar.gz' => 'zlib', 'tar.bz2' => 'bz2', 'zip' => 'zlib') as $type // Unified actions -if ($id) +switch ($action) { - switch ($action) - { - case 'export': + case 'export': + if ($id) + { export($mode, $id); - break; + } + break; - case 'add': - case 'install': - case 'details': -// install($mode, $action, $id); - break; + case 'add': + case 'install': + case 'details': + install($mode, $action, $id); + break; - case 'delete': + case 'delete': + if ($id) + { remove($mode, $id); - break; - } + } + break; } @@ -148,583 +151,7 @@ switch ($mode) $db->sql_query($sql); break; - case 'add': case 'edit': - case 'install': - $style_path = (!empty($_REQUEST['path'])) ? htmlspecialchars($_REQUEST['path']) : ''; - $root_path = ''; - - $element_ary = array('template' => STYLES_TPL_TABLE, 'theme' => STYLES_CSS_TABLE, 'imageset' => STYLES_IMAGE_TABLE); - $phpbbversion = preg_replace('#^2\.([0-9]+?)\.([0-9]+?).*?$#', '\1.\2', $config['version']); - - - // Importing/uploading then check data and extract archive - if (!empty($_FILES['upload_file']['name']) || !empty($_POST['import_file'])) - { - if (!empty($_FILES['upload_file']['name'])) - { - $realname = htmlspecialchars($_FILES['upload_file']['name']); - $filename = htmlspecialchars($_FILES['upload_file']['tmp_name']); - - if (!is_uploaded_file($filename)) - { - trigger_error("$filename was not uploaded"); - } - } - else - { - $realname = htmlspecialchars($_POST['import_file']); - $filename = "{$phpbb_root_path}store/$realname"; - } - - if (!preg_match('#(' . $archive_preg . ')$#i', $realname, $match)) - { - $error[] = sprintf($user->lang['UPLOAD_WRONG_TYPE'], $archive_types); - } - $path = preg_replace('#^(.*?)' . preg_quote($match[0]) . '$#', '\1', $realname); - - // Attempt to extract the files to a temporary directory in store - $tmp_path = $phpbb_root_path . 'store/tmp_' . substr(uniqid(''), 0, 10) . '/'; - if (!@mkdir($tmp_path)) - { - trigger_error("Cannot create $tmp_path", E_USER_ERROR); - } - - include($phpbb_root_path . 'includes/functions_compress.'.$phpEx); - - switch ($match[0]) - { - case '.zip': - $zip = new compress_zip('r', $filename); - break; - default: - $zip = new compress_tar('r', $filename, $match[0]); - } - $zip->extract($tmp_path); - $zip->close(); - - unset($cfg); - } - - - // Installing, importing/uploading then obtain the style cfg information - if (($action == 'install' && $style_path) || (!empty($_FILES['upload_file']['name']) || !empty($_POST['import_file']))) - { - $root_path = ($action == 'install') ? "{$phpbb_root_path}styles/$style_path/" : "$tmp_path"; - - if (!($fp = @fopen("{$root_path}style.cfg", 'rb'))) - { - $error[] = $user->lang['STYLE_ERR_NOT_STYLE']; - } - else - { - $stylecfg = explode("\n", fread($fp, filesize("{$root_path}style.cfg"))); - } - fclose($fp); - } - - - // Installing, importing/uploading then grab the element info else grab the - // submitted params ... stylecfg will be set if this is true (see above) - if (sizeof($stylecfg)) - { - $style_name = trim($stylecfg[0]); - $style_copyright = trim($stylecfg[1]); - $style_version = preg_replace('#^2\.([0-9]+?)\.([0-9]+?).*?$#', '\1.\2', trim($stylecfg[2])); - $reqd_template = trim($stylecfg[3]); - $reqd_theme = trim($stylecfg[4]); - $reqd_imageset = trim($stylecfg[5]); - - // Check to see if each element is already installed, if it is grab the id - foreach ($element_ary as $element => $table) - { - $l_element = strtoupper($element); - - if (${'reqd_' . $element}) - { - $sql_where = "{$element}_name = '" . $db->sql_escape(${'reqd_' . $element}) . "'"; - } - else - { - if (!($cfg = @file("$root_path$element/$element.cfg"))) - { - $error[] = sprintf($user->lang['REQUIRES_' . $l_element], ${'reqd_' . $element}); - } - ${$element . '_name'} = trim($cfg[0]); - $sql_where = "{$element}_name = '" . $db->sql_escape(${$element . '_name'}) . "'"; - } - - if (!sizeof($error)) - { - $sql = "SELECT {$element}_id, {$element}_name - FROM $table - WHERE $sql_where"; - $result = $db->sql_query($sql); - - if ($row = $db->sql_fetchrow($result)) - { - ${$element . '_name'} = $row[$element . '_name']; - ${$element . '_id'} = $row[$element . '_id']; - } - else - { - ${$element . '_copyright'} = trim($cfg[1]); - ${$element . '_id'} = 0; - unset($cfg); - } - $db->sql_freeresult($result); - } - } - - $s_hidden_fields = ''; - } - else - { - // NOTE: Data here is stripslashed! Ensure it's escaped when entering the DB - $style_name = (!empty($_POST['name'])) ? stripslashes(htmlspecialchars($_POST['name'])) : ''; - $style_copyright = (!empty($_POST['copyright'])) ? stripslashes(htmlspecialchars($_POST['copyright'])) : ''; - - $template_id = (!empty($_POST['template_id'])) ? intval($_POST['template_id']) : 0; - $theme_id = (!empty($_POST['theme_id'])) ? intval($_POST['theme_id']) : 0; - $imageset_id = (!empty($_POST['imageset_id'])) ? intval($_POST['imageset_id']) : 0; - - if (!empty($_POST['basis'])) - { - $basis = intval($_POST['basis']); - - $sql = 'SELECT template_id, theme_id, imageset_id - FROM ' . STYLES_TABLE . " - WHERE style_id = $basis"; - $result = $db->sql_query($sql); - - if (!extract($db->sql_fetchrow($result))) - { - $error[] = $user->lang['NO_STYLE']; - } - $db->sql_freeresult($result); - } - } - - // Common params - $style_active = (isset($_POST['style_active'])) ? ((!empty($_POST['style_active'])) ? 1 : 0) : 1; - $style_default = (isset($_POST['style_default'])) ? ((!empty($_POST['style_default'])) ? 1 : 0) : (($config['default_style'] == $id) ? 1 : 0); - - // User has submitted form and no errors have occured - if ($update && !sizeof($error)) - { - // We're installing/uploading/importing - if (sizeof($stylecfg)) - { - foreach ($element_ary as $element => $table) - { - // Zero id value ... need to install element ... run usual checks - // and do the install if necessary - if (!${$element . '_id'}) - { - $l_element = strtoupper($element); - - if (empty(${$element . '_name'})) - { - $error[] = $user->lang[$l_element . '_ERR_STYLE_NAME']; - } - - if (strlen(${$element . '_name'}) > 30) - { - $error[] = $user->lang[$l_element . '_ERR_NAME_LONG']; - } - - if (!preg_match('#^[a-z0-9_\-\+\. ]+$#i', ${$element . '_name'})) - { - $error[] = $user->lang[$l_element . '_ERR_NAME_CHARS']; - } - - if (strlen(${$element . '_copyright'}) > 60) - { - $error[] = $user->lang[$l_element . '_ERR_COPY_LONG']; - } - - if (!sizeof($error)) - { - switch ($element) - { - case 'template': - $template_path = str_replace(' ', '_', $template_name); - - if ($action != 'install') - { - @mkdir("{$phpbb_root_path}styles/$template_path", 0777); - @chmod("{$phpbb_root_path}styles/$template_path", 0777); - copy_files("{$root_path}template", filelist("{$root_path}template", '', '*'), "$template_path/template"); - } - - $template_storedb = (!is_writeable("{$phpbb_root_path}styles/$template_path/template")) ? 1 : 0; - - $sql_ary = array( - 'template_name' => $template_name, - 'template_copyright' => $template_copyright, - 'template_path' => $template_path, - 'template_storedb' => $template_storedb - ); - - $db->sql_transaction('begin'); - - $sql = 'INSERT INTO ' . STYLES_TPL_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); - - $db->sql_query($sql); - - $template_id = $db->sql_nextid(); - - if ($template_storedb) - { - $filelist = filelist("{$root_path}template", '', 'html'); - store_templates('insert', $template_id, $style_path, $filelist); - } - - $db->sql_transaction('commit'); - - $log = ($template_storedb) ? 'LOG_ADD_TEMPLATE_FS' : 'LOG_ADD_TEMPLATE_DB'; - add_log('admin', $log, $template_name); - break; - - case 'theme': - $theme_path = str_replace(' ', '_', $theme_name); - - if ($action != 'install') - { - - @mkdir("{$phpbb_root_path}styles/$theme_path", 0777); - @chmod("{$phpbb_root_path}/$theme_path", 0777); - copy_files("{$root_path}theme", filelist("{$root_path}theme", '', '*'), "$theme_path/theme"); - } - - $theme_storedb = 0; - if (!is_writeable("{$phpbb_root_path}styles/$theme_path/theme/stylesheet.css")) - { - $theme_data = str_replace('./', "styles/$theme_path/theme/", implode('', file("$root_path/theme/stylesheet.css"))); - $theme_storedb = 1; - } - - $sql_ary = array( - 'theme_name' => $theme_name, - 'theme_copyright' => $theme_copyright, - 'theme_path' => $theme_path, - 'theme_storedb' => $theme_storedb, - 'theme_data' => ($theme_storedb) ? $theme_data : '', - 'theme_mtime' => ($theme_storedb) ? filemtime("{$phpbb_root_path}styles/$theme_path/theme/stylesheet.css") : 0 - ); - - $sql = 'INSERT INTO ' . STYLES_CSS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); - $db->sql_query($sql); - - $theme_id = $db->sql_nextid(); - - $log = ($theme_storedb) ? 'LOG_ADD_THEME_DB' : 'LOG_ADD_THEME_FS'; - add_log('admin', $log, $theme_name); - break; - - case 'imageset': - $imageset_path = str_replace(' ', '_', $imageset_name); - - if ($action != 'install') - { - - @mkdir("{$phpbb_root_path}styles/$imageset_path", 0777); - @chmod("{$phpbb_root_path}styles/$imageset_path", 0777); - copy_files("{$root_path}imageset", filelist("{$root_path}imageset", '', '*'), "$imageset_path/imageset"); - } - - $cfg = file("{$phpbb_root_path}styles/$imageset_path/imageset/imageset.cfg"); - - $sql_img_ary = array(); - for ($i = 3; $i < sizeof($cfg); $i++) - { - $tmp = explode('||', $cfg[$i]); - $sql_img_ary[$tmp[0]] = str_replace('{PATH}', "styles/$imageset_path/imageset/", trim($tmp[1])); - } - - $sql_ary = array( - 'imageset_name' => $imageset_name, - 'imageset_copyright' => $imageset_copyright, - 'imageset_path' => $imageset_path, - ); - $sql_ary += $sql_img_ary; - - $sql = 'INSERT INTO ' . STYLES_IMAGE_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); - $db->sql_query($sql); - - $imageset_id = $db->sql_nextid(); - - add_log('admin', 'LOG_ADD_IMAGESET', $imageset_name); - break; - } - } - } - } - } - - if (!sizeof($error)) - { - if ($action != 'edit' && empty($style_name)) - { - $error[] = $user->lang['STYLE_ERR_STYLE_NAME']; - } - - if ($action != 'edit' && strlen($style_name) > 30) - { - $error[] = $user->lang['STYLE_ERR_NAME_LONG']; - } - - if ($action != 'edit' && !preg_match('#^[a-z0-9_\-\+\. ]+$#i', $style_name)) - { - $error[] = $user->lang['STYLE_ERR_NAME_CHARS']; - } - - if ($action != 'edit' && strlen($style_copyright) > 60) - { - $error[] = $user->lang['STYLE_ERR_COPY_LONG']; - } - - if (!$template_id || !$theme_id || !$imageset_id) - { - $error[] = $user->lang['STYLE_ERR_NO_IDS']; - } - - $sql_where = ($action != 'edit') ? "style_name = '" . $db->sql_escape($style_name) . "'" : "style_id = $id"; - $sql = 'SELECT style_name - FROM ' . STYLES_TABLE . " - WHERE $sql_where"; - $result = $db->sql_query($sql); - - if (extract($db->sql_fetchrow($result)) && $action != 'edit') - { - $error[] = $user->lang['STYLE_ERR_NAME_EXIST']; - } - $db->sql_freeresult($result); - - - if (!sizeof($error)) - { - $sql_ary = array( - 'template_id' => $template_id, - 'theme_id' => $theme_id, - 'imageset_id' => $imageset_id, - 'style_active' => $style_active, - ); - if ($action != 'edit') - { - $sql_ary += array( - 'style_name' => $style_name, - 'style_copyright' => $style_copyright, - ); - } - - $sql = ($action != 'edit') ? 'INSERT INTO ' . STYLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary) : 'UPDATE ' . STYLES_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE style_id = $id"; - $db->sql_query($sql); - - if ($action != 'edit') - { - $id = $db->sql_nextid(); - } - - if ($style_default) - { - set_config('default_style', $id); - } - - if ($tmp_path) - { - cleanup_folder($tmp_path); - } - - $log = ($action != 'edit') ? 'LOG_ADD_STYLE' : 'LOG_EDIT_STYLE'; - add_log('admin', $log, $style_name); - - $message = ($action != 'edit') ? 'STYLE_ADDED' : 'STYLE_EDITED'; - trigger_error($user->lang[$message]); - } - } - } - - // Something went wrong ... so we'll clean up any decompressed uploaded/imported - // archives. - if ($tmp_path) - { - cleanup_folder($tmp_path); - } - - // Either an error occured or the user has just entered the form - if (!sizeof($error) && !$update && $id) - { - $sql = 'SELECT * - FROM ' . STYLES_TABLE . " - WHERE style_id = $id"; - $result = $db->sql_query($sql); - - if (!extract($db->sql_fetchrow($result))) - { - trigger_error($user->lang['NO_STYLE']); - } - $db->sql_freeresult($result); - - $style_default = ($config['default_style'] == $id) ? 1 : 0; - } - - if ($action != 'install') - { - $style_options = array(); - foreach ($element_ary as $element => $table) - { - $sql = "SELECT {$element}_id, {$element}_name - FROM $table - ORDER BY {$element}_id ASC"; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - $selected = ($row[$element . '_id'] == ${$element . '_id'}) ? ' selected="selected"' : ''; - ${$element . '_options'} .= ''; - } - $db->sql_freeresult($result); - } - } - - $active_yes = ($style_active) ? ' checked="checked"' : ''; - $active_no = (!$style_active) ? ' checked="checked"' : ''; - $style_default_yes = ($style_default) ? ' checked="checked"' : ''; - $style_default_no = (!$style_default) ? ' checked="checked"' : ''; - - $l_prefix = strtoupper($action); - - // Output the page - adm_page_header($user->lang[$l_prefix . '_STYLE']); - -?> - -

lang[$l_prefix . '_STYLE']; ?>

- -

lang[$l_prefix . '_STYLE_EXPLAIN']; ?>

- -
"> - - - - - - - - - - - - - - - - - - - - - - - - - - - - -$file"; - } - } - closedir($dp); - - $store_options = '' . $store_options; - -?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
lang[$l_prefix . '_STYLE']; ?>
', $error); ?>
lang['STYLE_NAME']; ?>:' : '' . $style_name . ''; - -?>
lang['STYLE_COPYRIGHT']; ?>:' : '' . $style_copyright . ''; - -?>
lang['STYLE_TEMPLATE']; ?>:$template_name" : ''; - -?>
lang['STYLE_THEME']; ?>:$theme_name" : ''; - -?>
lang['STYLE_IMAGESET']; ?>:$imageset_name" : ''; - -?>
lang['EXISTING_STYLE']; ?>
lang['STYLE_UPLOAD_BASIS']; ?>:
lang['ALLOWED_FILETYPES']; ?>:
lang['STYLE_IMPORT_BASIS']; ?>:
 
lang['STYLE_ACTIVE']; ?>: /> lang['YES']; ?>   /> lang['NO']; ?>
lang['STYLE_DEFAULT']; ?>: /> lang['YES']; ?>   /> lang['NO']; ?>
  
-sql_query($sql); $installed = array(); - $basis_options = ''; + $basis_options = ''; while ($row = $db->sql_fetchrow($result)) { $installed[] = strtolower($row['style_name']); @@ -774,7 +201,7 @@ switch ($mode) ?> - "> + ">  ">lang['STYLE_' . strtoupper($stylevis)]; ?>   ">lang['DELETE']; ?>  @@ -840,7 +267,7 @@ switch ($mode) ?> - lang['CREATE_STYLE']; ?>: lang['FROM']; ?> + lang['CREATE_STYLE']; ?>: lang['FROM']; ?> ' . $img . ''; @@ -1871,13 +1291,6 @@ function csspreview() adm_page_footer(); break; - - case 'add': - case 'details': - case 'install': - details('theme', $mode, $action, $id); - exit; - break; } // Front page @@ -1932,18 +1345,6 @@ function csspreview() } } - $dp = @opendir("{$phpbb_root_path}styles/$imageset_path/imageset/"); - while ($file = readdir($dp)) - { - if (is_file("{$phpbb_root_path}styles/$imageset_path/imageset/$file")) - { - if (!in_array($file, $test_ary)) - { - $imglist['custom'][] = $file; - } - } - } - closedir($dp); unset($matches); unset($test_ary); @@ -1972,7 +1373,7 @@ function csspreview() { foreach ($img_ary as $img) { - $img = substr($path, 1) . (($path != '') ? '/' : '') . $img; + $img = ((substr($path, 0, 1) == '/') ? substr($path, 1) : $path) . $img; $selected = (preg_match('#' . preg_quote($img) . '$#', $background_image)) ? ' selected="selected"' : ''; $imagesetlist_options .= ''; @@ -2025,13 +1426,6 @@ function csspreview() adm_page_footer(); break; - - case 'add': - case 'details': - case 'install': - details('imageset', $mode, $action, $id); - exit; - break; } // Front page @@ -2052,15 +1446,13 @@ function frontend($type, $options) switch ($type) { case 'template': - $table = STYLES_TPL_TABLE; + $sql_from = STYLES_TPL_TABLE; break; - case 'theme': - $table = STYLES_CSS_TABLE; + $sql_from = STYLES_CSS_TABLE; break; - case 'imageset': - $table = STYLES_IMAGE_TABLE; + $sql_from = STYLES_IMAGE_TABLE; break; } @@ -2085,11 +1477,11 @@ function frontend($type, $options) sql_query($sql); $installed = array(); - $basis_options = ''; + $basis_options = ''; while ($row = $db->sql_fetchrow($result)) { $installed[] = $row[$type . '_name']; @@ -2154,7 +1546,7 @@ function frontend($type, $options) ?> - ">lang['INSTALL']; ?> + ">lang['INSTALL']; ?> - lang['CREATE_' . $l_prefix]; ?>: + lang['CREATE_' . $l_prefix]; ?>: lang['FROM']; ?> @@ -2195,22 +1587,19 @@ function remove($type, $id) switch ($type) { case 'style': - $table = STYLES_TABLE; + $sql_from = STYLES_TABLE; $sql_select = 'style_name'; break; - case 'template': - $table = STYLES_TPL_TABLE; + $sql_from = STYLES_TPL_TABLE; $sql_select = 'template_name, template_path, template_storedb'; break; - case 'theme': - $table = STYLES_CSS_TABLE; + $sql_from = STYLES_CSS_TABLE; $sql_select = 'theme_name, theme_path, theme_storedb'; break; - case 'imageset': - $table = STYLES_IMAGE_TABLE; + $sql_from = STYLES_IMAGE_TABLE; $sql_select = 'imageset_name, imageset_path'; break; } @@ -2218,7 +1607,7 @@ function remove($type, $id) $l_prefix = strtoupper($type); $sql = "SELECT $sql_select - FROM $table + FROM $sql_from WHERE {$type}_id = $id"; $result = $db->sql_query($sql); @@ -2231,7 +1620,7 @@ function remove($type, $id) $storedb = (isset(${$type . '_storedb'})) ? ${$type . '_storedb'} : false; $sql = "SELECT {$type}_id, {$type}_name - FROM $table + FROM $sql_from WHERE {$type}_id <> $id ORDER BY {$type}_id"; $result = $db->sql_query($sql); @@ -2250,7 +1639,7 @@ function remove($type, $id) if ($update) { - $sql = "DELETE FROM $table + $sql = "DELETE FROM $sql_from WHERE {$type}_id = $id"; $db->sql_query($sql); @@ -2264,7 +1653,7 @@ function remove($type, $id) } else { - $sql = "UPDATE $table + $sql = "UPDATE $sql_from SET {$type}_id = $new_id WHERE {$type}_id = $id"; $db->sql_query($sql); @@ -2320,7 +1709,7 @@ function remove($type, $id) @@ -2826,19 +2215,11 @@ function copy_files($src, $filelist, $dst) { if (!file_exists("{$phpbb_root_path}styles/$dst$filepath$file")) { - @rename("$src$filepath$file", "{$phpbb_root_path}styles/$dst$filepath$file"); + @copy("$src$filepath$file", "{$phpbb_root_path}styles/$dst$filepath$file"); @chmod("{$phpbb_root_path}styles/$dst$filepath$file", 0777); } } - - if ($filepath && file_exists("$src$filepath")) - { - @rmdir("$src$filepath"); - } } - - @rmdir("$src/$dst"); - @rmdir($src); } function cleanup_folder($path) @@ -2860,12 +2241,885 @@ function cleanup_folder($path) } @rmdir("$path"); } -// -// FUNCTIONS -// --------- + +function test_installed($element, $root_path, $reqd_name, &$id, &$name, &$copyright) +{ + global $db, $user; + + switch ($element) + { + case 'template': + $sql_from = STYLES_TPL_TABLE; + break; + case 'theme': + $sql_from = STYLES_CSS_TABLE; + break; + case 'imageset': + $sql_from = STYLES_IMAGE_TABLE; + break; + } + + $l_element = strtoupper($element); + + if ($reqd_name) + { + $sql_where = "{$element}_name = '" . $db->sql_escape($reqd_name) . "'"; + } + else + { + if (!($cfg = @file("$root_path$element/$element.cfg"))) + { + return sprintf($user->lang['REQUIRES_' . $l_element], $reqd_name); + } + $name = trim($cfg[0]); + $sql_where = "{$element}_name = '" . $db->sql_escape($name) . "'"; + } + + if (!sizeof($error)) + { + $sql = "SELECT {$element}_id, {$element}_name + FROM $sql_from + WHERE $sql_where"; + $result = $db->sql_query($sql); + + if ($row = $db->sql_fetchrow($result)) + { + $name = $row[$element . '_name']; + $id = $row[$element . '_id']; + } + else + { + $copyright = trim($cfg[1]); + $id = 0; + unset($cfg); + } + $db->sql_freeresult($result); + } + + return true; +} + +function install_element($type, $action, $root_path, &$id, $name, $copyright, $storedb = 0) +{ + global $phpbb_root_path, $db, $user; + + switch ($type) + { + case 'template': + $sql_from = STYLES_TPL_TABLE; + break; + case 'theme': + $sql_from = STYLES_CSS_TABLE; + break; + case 'imageset': + $sql_from = STYLES_IMAGE_TABLE; + break; + } + + $l_type = strtoupper($type); + $path = str_replace(' ', '_', $name); + + if (empty($name)) + { + $error[] = $user->lang[$l_type . '_ERR_STYLE_NAME']; + } + + if (strlen($name) > 30) + { + $error[] = $user->lang[$l_type . '_ERR_NAME_LONG']; + } + + if (!preg_match('#^[a-z0-9_\-\+\. ]+$#i', $name)) + { + $error[] = $user->lang[$l_type . '_ERR_NAME_CHARS']; + } + + if (strlen($copyright) > 60) + { + $error[] = $user->lang[$l_type . '_ERR_COPY_LONG']; + } + + $sql = "SELECT {$type}_name + FROM $sql_from + WHERE {$type}_name = '" . $db->sql_escape($name) . "'"; + $result = $db->sql_query($sql); + + if (extract($db->sql_fetchrow($result))) + { + $error[] = $user->lang[$l_type . '_ERR_NAME_EXIST']; + } + $db->sql_freeresult($result); + + if (sizeof($error)) + { + return $error; + } + + if ($action != 'install') + { + @mkdir("{$phpbb_root_path}styles/$path", 0777); + @chmod("{$phpbb_root_path}styles/$path", 0777); + if ($root_path) + { + copy_files("$root_path$type", filelist("$root_path$type", '', '*'), "$path/$type"); + } + } + + $sql_ary = array( + $type . '_name' => $name, + $type . '_copyright'=> $copyright, + $type . '_path' => $path, + ); + if ($type != 'imageset') + { + switch ($type) + { + case 'template': + $sql_ary += array( + $type . '_storedb' => (!is_writeable("{$phpbb_root_path}styles/$path/$type")) ? 1 : 0 + ); + break; + + case 'theme': + $sql_ary += array( + 'theme_storedb' => (!is_writeable("{$phpbb_root_path}styles/$path/theme/stylesheet.css")) ? 1 : $storedb, + 'theme_data' => ($storedb) ? (($root_path) ? str_replace('./', "styles/$path/theme/", implode('', file("$root_path/$type/stylesheet.css"))) : '') : '', + 'theme_mtime' => ($storedb) ? filemtime("{$phpbb_root_path}styles/$path/theme/stylesheet.css") : 0 + ); + break; + } + } + else + { + $cfg = file("$root_path$type/imageset.cfg"); + + for ($i = 3; $i < sizeof($cfg); $i++) + { + $tmp = explode('||', $cfg[$i]); + $sql_ary[$tmp[0]] = str_replace('{PATH}', "styles/$path/imageset/", trim($tmp[1])); + } + unset($cfg); + } + + $db->sql_transaction('begin'); + + $sql = "INSERT INTO $sql_from + " . $db->sql_build_array('INSERT', $sql_ary); + $db->sql_query($sql); + + $id = $db->sql_nextid(); + + if ($type == 'template' && $storedb) + { + $filelist = filelist("{$root_path}template", '', 'html'); + store_templates('insert', $id, $path, $filelist); + } + + $db->sql_transaction('commit'); + + $log = ($storedb) ? 'LOG_ADD_' . $l_type . '_FS' : 'LOG_ADD_' . $l_type . '_DB'; + add_log('admin', $log, $name); +} + +function install($type, $action, $id) +{ + global $phpbb_root_path, $phpEx, $SID, $config, $db, $user; + global $safe_mode, $file_uploads, $archive_preg; + + $install_path = (isset($_REQUEST['path'])) ? htmlspecialchars($_REQUEST['path']) : ''; + $update = (isset($_POST['update'])) ? true : false; + + $installcfg = $error = array(); + $template_storedb = $theme_storedb = $basis = false; + $root_path = $tmp_path = $theme_data = $s_hidden_fields = ''; + $template_id = $template_name = $template_copyright =$theme_id = $theme_name = $theme_copyright = $imageset_id = $imageset_name = $imageset_copyright = ''; + + $l_type = strtoupper($type); + $l_prefix = ($action == 'add') ? 'ADD' : (($action == 'details') ? 'EDIT_DETAILS' : 'INSTALL'); + + $element_ary = array('template' => STYLES_TPL_TABLE, 'theme' => STYLES_CSS_TABLE, 'imageset' => STYLES_IMAGE_TABLE); + $phpbbversion = preg_replace('#^2\.([0-9]+?)\.([0-9]+?).*?$#', '\1.\2', $config['version']); + + switch ($type) + { + case 'style': + $sql_from = STYLES_TABLE; + break; + case 'template': + $sql_from = STYLES_TPL_TABLE; + break; + case 'theme': + $sql_from = STYLES_CSS_TABLE; + break; + case 'imageset': + $sql_from = STYLES_IMAGE_TABLE; + break; + } + + // Importing/uploading then check data and extract archive + if (!empty($_FILES['upload_file']['name']) || !empty($_POST['import_file'])) + { + if (!empty($_FILES['upload_file']['name'])) + { + $realname = htmlspecialchars($_FILES['upload_file']['name']); + $filename = htmlspecialchars($_FILES['upload_file']['tmp_name']); + + if (!is_uploaded_file($filename)) + { + trigger_error("$filename was not uploaded"); + } + } + else + { + $realname = htmlspecialchars($_POST['import_file']); + $filename = "{$phpbb_root_path}store/$realname"; + } + + if (!preg_match('#(' . $archive_preg . ')$#i', $realname, $match)) + { + $error[] = sprintf($user->lang['UPLOAD_WRONG_TYPE'], $archive_types); + } + $path = preg_replace('#^(.*?)' . preg_quote($match[0]) . '$#', '\1', $realname); + + // Attempt to extract the files to a temporary directory in store + $tmp_path = $phpbb_root_path . 'store/tmp_' . substr(uniqid(''), 0, 10) . '/'; + if (!@mkdir($tmp_path)) + { + trigger_error("Cannot create $tmp_path", E_USER_ERROR); + } + + include($phpbb_root_path . 'includes/functions_compress.'.$phpEx); + + switch ($match[0]) + { + case '.zip': + $zip = new compress_zip('r', $filename); + break; + default: + $zip = new compress_tar('r', $filename, $match[0]); + } + $zip->extract($tmp_path); + $zip->close(); + + unset($cfg); + } + + // Installing, importing/uploading then obtain the style cfg information + if (($action == 'install' && $install_path) || (!empty($_FILES['upload_file']['name']) || !empty($_POST['import_file']))) + { + $root_path = ($action == 'install') ? "{$phpbb_root_path}styles/$install_path/" : "$tmp_path"; + + if (!($fp = @fopen("$root_path$type/$type.cfg", 'rb'))) + { + $error[] = $user->lang[$l_type . '_ERR_NOT_' . $l_type]; + } + else + { + $installcfg = explode("\n", fread($fp, filesize("$root_path$type/$type.cfg"))); + } + fclose($fp); + } + + // Installing, importing/uploading then grab the element info else grab the + // submitted params ... stylecfg will be set if this is true (see above) + if (sizeof($installcfg)) + { + $name = trim($installcfg[0]); + $copyright = trim($installcfg[1]); + $version = preg_replace('#^2\.([0-9]+?)\.([0-9]+?).*?$#', '\1.\2', trim($installcfg[2])); + + switch ($type) + { + case 'style': + $reqd_template = trim($installcfg[3]); + $reqd_theme = trim($installcfg[4]); + $reqd_imageset = trim($installcfg[5]); + + // Check to see if each element is already installed, if it is grab the id + foreach ($element_ary as $element => $table) + { + ${$element . '_id'} = ${$element . '_name'} = ${$element . '_copyright'} = ''; + + test_installed($element, $root_path, ${$element . '_reqd'}, ${$element . '_id'}, ${$element . '_name'}, ${$element . '_copyright'}); + } + break; + + case 'template': + test_installed('template', $root_path, false, $template_id, $template_name, $template_copyright); + break; + + case 'theme': + test_installed('theme', $root_path, false, $theme_id, $theme_name, $theme_copyright); + break; + + case 'imageset': + test_installed('imageset', $root_path, false, $imageset_id, $imageset_name, $imageset_copyright); + break; + } + + $s_hidden_fields = ''; + } + else + { + // NOTE: Data here is stripslashed! Ensure it's escaped when entering the DB + $name = (!empty($_POST['name'])) ? stripslashes(htmlspecialchars($_POST['name'])) : ''; + $copyright = (!empty($_POST['copyright'])) ? stripslashes(htmlspecialchars($_POST['copyright'])) : ''; + + $template_id = (!empty($_POST['template_id'])) ? intval($_POST['template_id']) : 0; + $theme_id = (!empty($_POST['theme_id'])) ? intval($_POST['theme_id']) : 0; + $imageset_id = (!empty($_POST['imageset_id'])) ? intval($_POST['imageset_id']) : 0; + $basis = (isset($_POST['basis'])) ? intval($_POST['basis']) : 0; + + if ($basis || $update) + { + switch ($type) + { + case 'style': + $sql_select = 'style_name, template_id, theme_id, imageset_id'; + break; + case 'template': + $sql_select = 'template_id, template_name, template_path, template_storedb'; + break; + case 'theme': + $sql_select = 'theme_id, theme_name, theme_path, theme_data, theme_storedb'; + break; + case 'imageset': + $sql_select = 'imageset_name, imageset_path, imageset_id'; + break; + } + + $sql = "SELECT $sql_select + FROM $sql_from + WHERE {$type}_id = " . (($basis) ? $basis : $id); + $result = $db->sql_query($sql); + + if (!extract($db->sql_fetchrow($result))) + { + $error[] = $user->lang['NO_' . $l_type]; + } + $db->sql_freeresult($result); + + $s_hidden_fields .= ''; + } + } + + $storedb = (!empty($_POST['storedb'])) ? 1 : 0; + $style_active = (isset($_POST['style_active'])) ? ((!empty($_POST['style_active'])) ? 1 : 0) : 1; + $style_default = (isset($_POST['style_default'])) ? ((!empty($_POST['style_default'])) ? 1 : 0) : (($config['default_style'] == $id) ? 1 : 0); + + // User has submitted form and no errors have occured + if ($update && !sizeof($error)) + { + $sql_ary = array(); + + // We're installing/uploading/importing + if ($action == 'install') + { + switch ($type) + { + case 'style': + if (empty($style_name)) + { + $error[] = $user->lang['STYLE_ERR_STYLE_NAME']; + } + + if (strlen($style_name) > 30) + { + $error[] = $user->lang['STYLE_ERR_NAME_LONG']; + } + + if (!preg_match('#^[a-z0-9_\-\+\. ]+$#i', $style_name)) + { + $error[] = $user->lang['STYLE_ERR_NAME_CHARS']; + } + + if (strlen($style_copyright) > 60) + { + $error[] = $user->lang['STYLE_ERR_COPY_LONG']; + } + + $sql = 'SELECT style_name + FROM ' . STYLES_TABLE . " + WHERE style_name = '" . $db->sql_escape($style_name) . "'"; + $result = $db->sql_query($sql); + + if (extract($db->sql_fetchrow($result))) + { + $error[] = $user->lang['STYLE_ERR_NAME_EXIST']; + } + $db->sql_freeresult($result); + + foreach ($element_ary as $element => $table) + { + // Zero id value ... need to install element ... run usual checks + // and do the install if necessary + if (!${$element . '_id'}) + { + $error += install_element($element, $action, $root_path, ${$element . '_id'}, $name, $copyright); + } + } + + if (!$template_id || !$theme_id || !$imageset_id) + { + $error[] = $user->lang['STYLE_ERR_NO_IDS']; + } + + if (!sizeof($error)) + { + $db->sql_transaction('begin'); + + $sql_ary += array( + $type . '_name' => $name, + $type . '_copyright' => $copyright, + ); + if ($type == 'style') + { + $sql_ary += array( + 'style_active' => $style_active, + 'template_id' => $template_id, + 'theme_id' => $theme_id, + 'imageset_id' => $imageset_id, + ); + } + + $sql = 'INSERT INTO ' . STYLES_TABLE . ' + ' . $db->sql_build_array('INSERT', $sql_ary); + $db->sql_query($sql); + + $id = $db->sql_nextid(); + + if ($type == 'style' && $style_default) + { + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_style = $id + WHERE user_style = " . $config['default_style']; + $db->sql_query($sql); + + set_config('default_style', $id); + } + + $db->sql_transaction('commit'); + + add_log('admin', 'LOG_ADD_STYLE', $style_name); + } + break; + + case 'template': + $error = install_element('template', $action, $root_path, $id, $name, $copyright); + break; + + case 'theme': + $error = install_element('theme', $action, $root_path, $id, $name, $copyright); + break; + + case 'imageset': + $error = install_element('imageset', $action, $root_path, $id, $name, $copyright); + break; + } + + if ($tmp_path) + { + cleanup_folder($tmp_path); + } + + if (!sizeof($error)) + { + $message = ($storedb) ? '_ADDED_DB' : '_ADDED'; + trigger_error($user->lang[$l_type . $message]); + } + } + else if ($action == 'add') + { + // Create path if it doesn't exist + if ($type != 'style') + { + $storedb = 1; + + umask(0); + if (file_exists("{$phpbb_root_path}styles/$path") || @mkdir("{$phpbb_root_path}styles/$path", 0777)) + { + if (@chmod("{$phpbb_root_path}styles/$path", 0777)) + { + $storedb = 0; + } + } + } + + if ($basis && ($template_storedb || $theme_storedb)) + { + $tmp_path = $phpbb_root_path . 'store/tmp_' . substr(uniqid(''), 0, 10) . '/'; + if (!@mkdir($tmp_path, 0777)) + { + trigger_error("Cannot create $tmp_path", E_USER_ERROR); + } + @chmod($tmp_path, 0777); + + if (!@mkdir("$tmp_path$type", 0777)) + { + trigger_error("Cannot create $tmp_path$type", E_USER_ERROR); + } + @chmod("$tmp_path$type", 0777); + + switch ($type) + { + case 'theme': + copyfiles("{$phpbb_root_path}styles/$path/theme/", filelist("{$phpbb_root_path}styles/$path/theme/", '', '*'), "$tmp_path$type/"); + + $fp = fopen("$tmp_path$type/stylesheet.css", 'wb'); + fwrite($fp, $theme_data); + fclose($theme_data); + break; + + case 'template': + copyfiles("{$phpbb_root_path}styles/$path/$type/", filelist("{$phpbb_root_path}styles/$path/$type/", '', '*'), "$tmp_path$type/"); + + $sql = 'SELECT template_filename, template_mtime, template_data + FROM ' . STYLES_TPLDATA_TABLE . " + WHERE template_id = $basis"; + $result = $db->sql_fetchrow($result); + + while ($row = $db->sql_fetchrow($result)) + { + $fp = fopen("$tmp_path$type/" . $row['template_filename'], 'wb'); + fwrite($fp, $row['template_data']); + fclose($fp); + } + $db->sql_freeresult($result); + break; + } + } + + $root_path = ($tmp_path) ? $tmp_path : (($basis) ? $phpbb_root_path . 'styles/' . ${$type . '_path'} . '/' : ''); + + $error = install_element($type, $action, $root_path, $id, $name, $copyright, $storedb); + + if ($tmp_path) + { + cleanup_folder($tmp_path); + } + + if (!sizeof($error)) + { + $message = ($storedb) ? '_ADDED_DB' : '_ADDED'; + trigger_error($user->lang["$l_type$message"]); + } + } + else if ($action == 'details') + { + if ($type == 'style') + { + $sql_ary = array( + 'template_id' => $template_id, + 'theme_id' => $theme_id, + 'imageset_id' => $imageset_id, + 'style_active' => $style_active, + ); + } + else if ($type != 'imageset') + { + switch ($type) + { + case 'theme': + if ($theme_storedb != $storedb) + { + $theme_data = implode('', file("{$phpbb_root_path}styles/$theme_path/theme/stylesheet.css")); + if (!$storedb && !$safe_mode && is_writeable("{$phpbb_root_path}styles/$theme_path/theme/stylesheet.css")) + { + $storedb = 1; + if ($fp = @fopen("{$phpbb_root_path}styles/$theme_path/$type/stylesheet.css", 'wb')) + { + $storedb = (@fwrite($fp, str_replace("styles/$theme_path/theme/", './', $theme_data))) ? 0 : 1; + } + fclose($fp); + } + $theme_data = str_replace('./', "styles/$theme_path/theme/", $theme_data); + + $sql_ary = array( + 'theme_mtime' => ($storedb) ? filemtime("{$phpbb_root_path}styles/$theme_path/theme/stylesheet.css") : 0, + 'theme_storedb' => $storedb, + 'theme_data' => ($storedb) ? $theme_data : '', + ); + } + break; + + case 'template': + if ($theme_storedb != $storedb) + { + $filelist = filelist("{$phpbb_root_path}styles/$template_path/template", '', 'html'); + + if (!$storedb && !$safe_mode && is_writeable("{$phpbb_root_path}styles/$template_path/template")) + { + $sql = 'SELECT * + FROM ' . STYLES_TPLDATA_TABLE . " + WHERE template_id = $id"; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + if (!($fp = @fopen("{$phpbb_root_path}styles/$template_path/template/" . $row['template_filename'], 'wb'))) + { + $storedb = 1; + break; + } + + fwrite($fp, $row['template_data']); + fclose($fp); + } + $db->sql_freeresult($result); + + if (!$storedb) + { + $sql = 'DELETE FROM ' . STYLES_TPLDATA_TABLE . " + WHERE template_id = $id"; + $db->sql_query($sql); + } + } + + $sql_ary = array( + 'template_storedb' => $storedb, + ); + } + break; + } + } + + if ($type != 'imageset' && sizeof($sql_ary)) + { + $sql = "UPDATE $sql_from + SET " . $db->sql_build_array('UPDATE', $sql_ary) . " + WHERE {$type}_id = $id"; + $db->sql_query($sql); + + if ($type == 'style' && $style_default) + { + set_config('default_style', $id); + } + } + + add_log('admin', 'LOG_EDIT_' . $l_type, $name); + trigger_error($user->lang[$l_type . '_EDITED']); + } + } + + // Something went wrong ... so we'll clean up any decompressed uploaded/imported archives. + if ($tmp_path) + { +// cleanup_folder($tmp_path); + } + + // Either an error occured or the user has just entered the form + if (!sizeof($error) && !$update && $id) + { + $sql = "SELECT * + FROM $sql_from + WHERE {$type}_id = $id"; + $result = $db->sql_query($sql); + + if (!extract($db->sql_fetchrow($result))) + { + trigger_error($user->lang['NO_' . $l_type]); + } + $db->sql_freeresult($result); + + $style_default = ($type == 'style' && $config['default_style'] == $id) ? 1 : 0; + $storedb = (!empty(${$type . '_storedb'})) ? true : false; // Fudged because we use $storedb when submitting data + } + + if ($type == 'style' && $action != 'install') + { + $style_options = array(); + foreach ($element_ary as $element => $table) + { + $sql = "SELECT {$element}_id, {$element}_name + FROM $table + ORDER BY {$element}_id ASC"; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $selected = ($row[$element . '_id'] == ${$element . '_id'}) ? ' selected="selected"' : ''; + ${$element . '_options'} .= ''; + } + $db->sql_freeresult($result); + } + } + + // Output the page + adm_page_header($user->lang[$l_prefix . '_' . $l_type]); + +?> + +

lang[$l_prefix . '_' . $l_type]; ?>

+ +

lang[$l_prefix . '_' . $l_type . '_EXPLAIN']; ?>

+ +
"> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +$file"; + } + } + closedir($dp); + + $store_options = '' . $store_options; + +?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
lang[$l_prefix . '_' . $l_type]; ?>
', $error); ?>
lang[$l_type . '_NAME']; ?>:' : '' . ${$type . '_name'} . ''; + +?>
lang['COPYRIGHT']; ?>:' : '' . ${$type . '_copyright'} . ''; + +?>
lang['STYLE_TEMPLATE']; ?>:$template_name" : ''; + +?>
lang['STYLE_THEME']; ?>:$theme_name" : ''; + +?>
lang['STYLE_IMAGESET']; ?>:$imageset_name" : ''; + +?>
lang['EXISTING_' . $l_type]; ?>
lang[$l_type . '_UPLOAD_BASIS']; ?>:
lang['ALLOWED_FILETYPES']; ?>:
lang[$l_type . '_IMPORT_BASIS']; ?>:
 
lang['STYLE_ACTIVE']; ?>: /> lang['YES']; ?>   /> lang['NO']; ?>
lang['STYLE_DEFAULT']; ?>: /> lang['YES']; ?>   /> lang['NO']; ?>
lang[$l_type . '_LOCATION']; ?>:
lang[$l_type . '_LOCATION_EXPLAIN']; ?>		 /> lang['STORE_FILESYSTEM']; ?>   /> lang['STORE_DATABASE']; ?>
  
+sql_query($sql); - - if (!($row = $db->sql_fetchrow($result))) - { - trigger_error($user->lang['NO_' . $l_type]); - } - $db->sql_freeresult($result); - - $name = (!empty($row[$type . '_name'])) ? $row[$type . '_name'] : ''; - $copyright = (!empty($row[$type . '_copyright'])) ? $row[$type . '_copyright'] : ''; - $path = (!empty($row[$type . '_path'])) ? $row[$l_type . '_path'] : ''; - $storedb = (!empty($row[$type . '_storedb'])) ? $type[$type . '_storedb'] : ''; - $data = (!empty($row[$type . '_data'])) ? $row[$type . '_data'] : ''; - unset($row); - - $s_hidden_fields = ''; - } - else if ($action == 'install') - { - if (empty($_GET['name'])) - { - trigger_error($user->lang[$l_type . '_ERR_NO_NAME']); - } - - $path = trim(htmlspecialchars($_GET['name'])); - if (!file_exists("{$phpbb_root_path}styles/$path/$type/$type.cfg")) - { - trigger_error($user->lang['NO_' . $l_type]); - } - - if (!($cfg = file("{$phpbb_root_path}styles/$path/$type/$type.cfg"))) - { - trigger_error($user->lang['NO_' . $l_type]); - } - - $name = trim($cfg[0]); - $copyright = trim($ecfg[1]); - $version = preg_replace('#^2\.([0-9]+?)\.([0-9]+?).*?$#', '\1.\2', trim($cfg[2])); - $phpbbversion = preg_replace('#^2\.([0-9]+?)\.([0-9]+?).*?$#', '\1.\2', $config['version']); - - if ($version != $phpbbversion) - { - $error[] = $user->lang[$l_type . '_VERSION_DIFF']; - } - - $s_hidden_fields = ''; - } - else - { - $name = (!empty($_POST['name'])) ? htmlspecialchars(stripslashes($_POST['name'])) : ''; - $copyright = (!empty($_POST['copyright'])) ? htmlspecialchars(stripslashes($_POST['copyright'])) : ''; - $storedb = (!empty($_POST['storedb'])) ? 1 : (($safe_mode) ? 1 : 0); - $basis = (!empty($_POST['basis'])) ? intval($_POST['basis']) : false; - $path = (!empty($_POST['path'])) ? htmlspecialchars(stripslashes($_POST['path'])) : ''; - - $s_hidden_fields = (!empty($_POST['basis'])) ? '' : ''; - if ($path) - { - $s_hidden_fields .= ''; - } - } - } - - // Do the update thang - if ($update) - { - if (!$safe_mode && $action == 'add' && is_writeable("{$phpbb_root_path}styles") && (!empty($_FILES['upload_file']['name']) || !empty($_POST['import_file']))) - { - if (!empty($_FILES['upload_file']['name'])) - { - $realname = htmlspecialchars($_FILES['upload_file']['name']); - $filename = htmlspecialchars($_FILES['upload_file']['tmp_name']); - - if (!is_uploaded_file($filename)) - { - trigger_error("$filename was not uploaded"); - } - } - else - { - $realname = htmlspecialchars($_POST['import_file']); - $filename = "{$phpbb_root_path}store/$realname"; - } - - if (!preg_match('#(' . $archive_preg . ')$#i', $realname, $match)) - { - $error[] = sprintf($user->lang['UPLOAD_WRONG_TYPE'], $archive_types); - } - $path = preg_replace('#^(.*?)' . preg_quote($match[0]) . '$#', '\1', $realname); - - // Attempt to extract the files to a temporary directory in store - $tmp_path = $phpbb_root_path . 'store/tmp_' . substr(uniqid(''), 0, 10) . '/'; - if (!@mkdir($tmp_path)) - { - trigger_error("Cannot create $tmp_path"); - } - - include($phpbb_root_path . 'includes/functions_compress.'.$phpEx); - - switch ($match[0]) - { - case '.zip': - $zip = new compress_zip('r', $filename); - break; - default: - $zip = new compress_tar('r', $filename, $match[0]); - } - $zip->extract($tmp_path); - $zip->close(); - - $filelist = filelist($tmp_path, '', '*'); - - if (!in_array($type . '.cfg', $filelist['/' . $type])) - { - trigger_error($user->lang[$l_type . '_ERR_NOT_' . $l_type]); - } - - $cfg = file("$tmp_path$type/$type.cfg"); - $name = trim($cfg[0]); - $copyright = trim($cfg[1]); - $version = trim($cfg[2]); - unset($cfg); - } - else if ($action == 'install') - { - // NOT CONSISTENT WITH style installation - $path = (!empty($_POST['path'])) ? htmlspecialchars($_POST['path']) : ''; - - if (!($cfg = file("{$phpbb_root_path}styles/$path/$type/$type.cfg"))) - { - trigger_error($user->lang['NO_' . $l_type]); - } - - $name = trim($cfg[0]); - $copyright = trim($cfg[1]); - $version = trim($cfg[2]); - $storedb = (!empty($_POST['storedb'])) ? 1 : 0; - - unset($cfg); - } - else - { - $name = (!empty($_POST['name'])) ? htmlspecialchars($_POST['name']) : ''; - $copyright = (!empty($_POST['copyright'])) ? htmlspecialchars($_POST['copyright']) : ''; - $storedb = (!empty($_POST['storedb'])) ? 1 : 0; - } - - $sql_where = ($action == 'add' || $action == 'install') ? "WHERE {$type}_name = '" . $db->sql_escape($name) . "'" : "WHERE {$type}_id <> $id AND {$type}_name = '" . $db->sql_escape($name) . "'"; - $sql = "SELECT {$type}_name - FROM $table - $sql_where"; - $result = $db->sql_query($sql); - - if ($row = $db->sql_fetchrow($result)) - { - $error[] = $user->lang[$l_type . '_ERR_NAME_EXIST']; - } - $db->sql_freeresult($result); - unset($row); - - if (empty($name)) - { - $error[] = $user->lang[$l_type . '_ERR_STYLE_NAME']; - } - - if (strlen($name) > 30) - { - $error[] = $user->lang[$l_type . '_ERR_NAME_LONG']; - } - - if (!preg_match('#^[a-z0-9_\-\+\. ]+$#i', $name)) - { - $error[] = $user->lang[$l_type . '_ERR_NAME_CHARS']; - } - - if (strlen($copyright) > 60) - { - $error[] = $user->lang[$l_type . '_ERR_COPY_LONG']; - } - - if (!sizeof($error)) - { - $css_data = ''; - if ($action == 'install') - { - switch ($type) - { - case 'theme': - if (!is_writeable("{$phpbb_root_path}styles/$path/$type/stylesheet.css")) - { - $storedb = 1; - if (!($css_data = implode('', file("{$phpbb_root_path}styles/$path/$type/stylesheet.css")))) - { - trigger_error($user->lang['NO_THEME']); - } - } - break; - - case 'template': - $filelist = filelist("{$phpbb_root_path}styles/$path/$type", '', 'html'); - if (!is_writeable("{$phpbb_root_path}styles/$path/$type")) - { - $storedb = 1; - } - break; - - case 'imageset': - if (!($cfg = file("{$phpbb_root_path}styles/$path/$type/imageset.cfg"))) - { - trigger_error($user->lang['NO_IMAGESET']); - } - - for ($i = 3; $i < sizeof($cfg); $i++) - { - $tmp = explode('||', $cfg[$i]); - $sql_img_ary[$tmp[0]] = str_replace('{PATH}', "styles/$path/$type/", trim($tmp[1])); - } - unset($cfg); - break; - } - } - - - - if ($action == 'add' && !$safe_mode && is_writeable("{$phpbb_root_path}styles")) - { - umask(0); - if (@mkdir("{$phpbb_root_path}styles/$path", 0777)) - { - @chmod("{$phpbb_root_path}styles/$path", 0777); - } - - if (@mkdir("{$phpbb_root_path}styles/$path/$type", 0777)) - { - if (!@chmod("{$phpbb_root_path}styles/$path/$type", 0777)) - { - $storedb = 1; - } - } - - - - - if (!empty($_FILES['upload_file']) || !empty($_POST['import_file'])) - { - // TODO - // mkdir, rmdir and rename error catching - ksort($filelist); - foreach ($filelist as $filepath => $file_ary) - { - if ($path && !file_exists("{$phpbb_root_path}styles/$path$filepath")) - { - @mkdir("{$phpbb_root_path}styles/$path$filepath", 0777); - } - - foreach ($file_ary as $file) - { - @rename("$tmp_path$filepath/$file", "{$phpbb_root_path}styles/$path$filepath/$file"); - } - - if ($filepath && file_exists("$tmp_path$filepath")) - { - @rmdir("$tmp_path$filepath"); - } - } - - @rmdir("$tmp_path/$type"); - @rmdir($tmp_path); - } - else if ($basis && !$storedb && !$safe_mode) - { - switch ($type) - { - case 'theme': - $sql = "SELECT theme_name, theme_path, theme_storedb, css_data - FROM $table - WHERE theme_id = $basis"; - $result = $db->sql_query($sql); - - if ($row = $db->sql_fetchrow($result)) - { - $css_data = ($row['storedb']) ? $row['css_data'] : implode('', file($phpbb_root_path . 'styles/' . $row['theme_path'] . "/$type/stylesheet.css")); - - if (!$storedb && ($fp = @fopen("{$phpbb_root_path}styles/$path/$type/stylesheet.css", 'wb'))) - { - $storedb = (@fwrite($fp, $css_data)) ? 0 : 1; - - if (!$storedb) - { - unset($css_data); - - // Get a list of all files and folders in the basis themes folder - $filelist = filelist($phpbb_root_path . 'styles/' . $row['theme_path'] . '/' . $type, '', '*'); - - // Copy every file bar the original stylesheet - foreach ($filelist as $filepath => $file_ary) - { - foreach ($file_ary as $file) - { - if ($file == 'stylesheet.css') - { - continue; - } - - if (!file_exists("{$phpbb_root_path}styles/$path/$type/$filepath")) - { - @mkdir("{$phpbb_root_path}styles/$path/$type/$filepath"); - } - @copy("{$phpbb_root_path}styles/" . $row['theme_path'] . "/$type/$filepath/$file", "{$phpbb_root_path}styles/$path/$type/$filepath/$file"); - } - } - unset($filelist); - } - } - else - { - $storedb = 1; - } - @fclose($fp); - } - $db->sql_freeresult($result); - break; - - case 'template': - $sql = "SELECT theme_name, theme_path, theme_storedb, css_data - FROM $table - WHERE theme_id = $basis"; - $result = $db->sql_query($sql); - - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - if (!$row) - { - $error = $user->lang['NO_TEMPLATE']; - break; - } - - if (!is_writeable("{$phpbb_root_path}styles/$path/$type")) - { - $storedb = 1; - } - - if ($row['template_storedb']) - { - } - break; - - case 'imageset': - $sql = "SELECT imageset_name, imageset_path - FROM $table - WHERE imageset_id = $basis"; - $result = $db->sql_query($sql); - - if ($row = $db->sql_fetchrow($result)) - { - // Get a list of all files and folders - $filelist = filelist("{$phpbb_root_path}styles/" . $row['imageset_path'] . '/imageset/', '', '*'); - - // Copy every file - foreach ($filelist as $pathfile => $file_ary) - { - foreach ($file_ary as $file) - { - if (!file_exists("{$phpbb_root_path}styles/$path/$type/$pathfile")) - { - @mkdir("{$phpbb_root_path}styles/$path/$type/$pathfile"); - } - @copy("{$phpbb_root_path}styles/" . $row['imageset_path'] . "/$type$pathfile/$file", "{$phpbb_root_path}styles/$path/$type$pathfile/$file"); - } - } - unset($filelist); - } - $db->sql_freeresult($result); - break; - } - } - } - - // Build relevant array ... we need to do this in bits depending on the - // action and type - $sql_ary = array( - $type . '_name' => $name, - ); - - if ($action == 'add' || $action == 'install') - { - $sql_ary += array( - $type . '_copyright'=> $copyright, - $type . '_path' => $path, - ); - - switch ($type) - { - case 'theme': - $sql_ary += array( - $type . '_mtime' => ($storedb) ? filemtime("{$phpbb_root_path}styles/$path/$type/stylesheet.css") : 0, - $type . '_storedb' => $storedb, - $type . '_data' => ($storedb) ? $css_data : '', - ); - break; - case 'template': - $sql_ary += array( - $type . '_storedb' => $storedb, - ); - break; - } - } - - if ($action == 'details' && $mode != 'imageset') - { - $sql = "SELECT {$type}_path, {$type}_storedb" . (($type == 'theme') ? ', theme_data' : '') . " - FROM $table - WHERE {$type}_id = $id"; - $result = $db->sql_query($sql); - - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if ($row[$type . '_storedb'] != $storedb) - { - $path = $row[$type . '_path']; - - switch ($type) - { - case 'theme': - $css_data = implode('', file("{$phpbb_root_path}styles/$path/$type/stylesheet.css")); - if (!$storedb && !$safe_mode && is_writeable("{$phpbb_root_path}styles/$path/theme/stylesheet.css")) - { - $storedb = 1; - if ($fp = @fopen("{$phpbb_root_path}styles/$path/$type/stylesheet.css", 'wb')) - { - $storedb = (@fwrite($fp, str_replace("styles/$path/theme/", './', $css_data))) ? 0 : 1; - } - fclose($fp); - } - $css_data = str_replace('./', "styles/$path/theme/", $css_data); - - $sql_ary += array( - $type . '_mtime' => ($storedb) ? filemtime("{$phpbb_root_path}styles/$path/$type/stylesheet.css") : 0, - $type . '_storedb' => $storedb, - $type . '_data' => ($storedb) ? $css_data : '', - ); - break; - - case 'template': - $filelist = filelist("{$phpbb_root_path}styles/$path/template", '', 'html'); - - if (!$storedb && !$safe_mode && is_writeable("{$phpbb_root_path}styles/$path/template")) - { - $sql = 'SELECT * - FROM ' . STYLES_TPLDATA_TABLE . " - WHERE template_id = $id"; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - if (!($fp = fopen("{$phpbb_root_path}styles/$path/template/" . $row['template_filename'], 'wb'))) - { - $storedb = 1; - break; - } - - if (!fwrite($fp, $row['template_data'])) - { - $storedb = 1; - break; - } - - fclose($fp); - - } - $db->sql_freeresult($result); - - if (!$storedb) - { - $sql = 'DELETE FROM ' . STYLES_TPLDATA_TABLE . " - WHERE template_id = $id"; - $db->sql_query($sql); - } - } - - $sql_ary += array( - $type . '_storedb' => $storedb, - ); - break; - } - } - } - - $db->sql_transaction('begin'); - - $sql = ($action == 'add' || $action == 'install') ? "INSERT INTO $table " . $db->sql_build_array('INSERT', $sql_ary) : "UPDATE $table SET " . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE {$type}_id = $id"; - $db->sql_query($sql); - - if ($type == 'template' && $storedb) - { - $filelist = array('/template' => $filelist['']); - - if (!$id) - { - $id = $db->sql_nextid(); - } - - store_templates('insert', $id, $path, $filelist); - } - - $db->sql_transaction('commit'); - - $message = ($action == 'add' || $action == 'install') ? (($storedb) ? $l_prefix . '_DB_ADDED' : $l_prefix . '_FS_ADDED') : $l_prefix . '_DETAILS_UPDATE'; - $log = ($action == 'add' || $action == 'install') ? (($storedb) ? 'LOG_ADD_' . $l_prefix . '_DB' : 'LOG_ADD_' . $l_prefix . '_FS') : 'LOG_EDIT_' . $l_prefix . '_DETAILS'; - - add_log('admin', $log, $_name); - trigger_error($user->lang[$message]); - } - - - // If we were uploading or importing and an error occured we delete - // the temporary files - if (!empty($_FILES['upload_file']) || !empty($_POST['import_file'])) - { - // TODO - // mkdir, rmdir and rename error catching - ksort($filelist); - foreach ($filelist as $filepath => $file_ary) - { - foreach ($file_ary as $file) - { - @unlink("$tmp_path$filepath/$file"); - } - - if ($filepath && file_exists("$tmp_path$filepath")) - { - @rmdir("$tmp_path$filepath"); - } - } - - @rmdir("$tmp_path/$type"); - @rmdir($tmp_path); - } - } - - - $storedb_no = (!$storedb) ? ' checked="checked"' : ''; - $storedb_yes = ($storedb) ? ' checked="checked"' : ''; - - - // Output the page - adm_page_header($user->lang[$l_prefix . '_' . $l_type]); - -?> - -

lang[$l_prefix . '_' . $l_type]; ?>

- -

lang[$l_prefix . '_' . $l_type . '_EXPLAIN']; ?>

- -
"> - - - - - - - - - - - - - - - - - - - - - -$file"; - } - } - closedir($dp); - - $store_options = '' . $store_options; - - $sql = "SELECT {$type}_id, {$type}_name - FROM $table"; - $result = $db->sql_query($sql); - - $basis_options = ''; - while ($row = $db->sql_fetchrow($result)) - { - $selected = (!empty($_POST['basis']) && $_POST['basis'] == $row[$type . '_id']) ? ' selected="selected"' : ''; - $basis_options .= ''; - } - $db->sql_freeresult($result); - -?> - - - - - - - - - - - - - - - - - - - -
lang[$l_prefix . '_' . $l_type]; ?>
', $error); ?>
lang[$l_type . '_NAME']; ?>:' : "$name"; - -?>
lang['COPYRIGHT']; ?>:
lang[$l_type . '_LOCATION']; ?>:
lang[$l_type . '_LOCATION_EXPLAIN']; ?>		 /> lang['STORE_FILESYSTEM']; ?>   /> lang['STORE_DATABASE']; ?>
lang[$l_type . '_BASIS']; ?>
lang[$l_type . '_EXISTING_BASIS']; ?>:
lang[$l_type . '_UPLOAD_BASIS']; ?>:
lang['ALLOWED_FILETYPES']; ?>:
lang[$l_type . '_IMPORT_BASIS']; ?>:
  
- \ No newline at end of file