source: branches/2.4/plugins/LocalFilesEditor/include/css.inc.php @ 20712

Revision 20712, 3.1 KB checked in by plg, 6 years ago (diff)

bug 2844: increase security on LocalFiles Editor, filter on files to edit.

Line 
1<?php
2if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
3
4include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
5$themes = new themes();
6
7if (isset($_POST['edit']))
8{
9  $_POST['theme'] = $_POST['theme_select'];
10}
11
12if (isset($_POST['theme']) and '~common~' == $_POST['theme'])
13{
14  $page['theme'] = $_POST['theme'];
15  $edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'css/rules.css';
16}
17else
18{
19  if (isset($_GET['theme']))
20  {
21    $page['theme'] = $_GET['theme'];
22  }
23  elseif (isset($_POST['theme']))
24  {
25    $page['theme'] = $_POST['theme'];
26  }
27 
28  if (!isset($page['theme']) or !in_array($page['theme'], array_keys($themes->fs_themes)))
29  {
30    $page['theme'] = get_default_theme();
31  }
32 
33  $edited_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$page['theme'].'-rules.css';
34}
35
36$template->assign('theme', $page['theme']);
37
38if (file_exists($edited_file))
39{
40  $content_file = file_get_contents($edited_file);
41}
42else
43{
44  $content_file = "/* " . l10n('locfiledit_newfile') . " */\n\n";
45}
46
47$selected = 0; 
48$value = '~common~';
49$file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/rules.css';
50
51$options[$value] = (file_exists($file) ? '&#x2714;' : '&#x2718;').' local / css / rules.css';
52if ($page['theme'] == $value)
53{
54  $selected = $value;
55}
56
57// themes are displayed in the same order as on screen
58// [Administration > Configuration > Themes]
59
60$themes->sort_fs_themes();
61$default_theme = get_default_theme();
62$db_themes = $themes->get_db_themes();
63
64$db_theme_ids = array();
65foreach ($db_themes as $db_theme)
66{
67  array_push($db_theme_ids, $db_theme['id']);
68}
69
70$active_themes = array();
71$inactive_themes = array();
72
73foreach ($themes->fs_themes as $theme_id => $fs_theme)
74{
75  if ($theme_id == 'default')
76  {
77    continue;
78  }
79
80  if (in_array($theme_id, $db_theme_ids))
81  {
82    if ($theme_id == $default_theme)
83    {
84      array_unshift($active_themes, $fs_theme);
85    }
86    else
87    {
88      array_push($active_themes, $fs_theme);
89    }
90  }
91  else
92  {
93    array_push($inactive_themes, $fs_theme);
94  }
95}
96
97$active_theme_options = array();
98foreach ($active_themes as $theme)
99{
100  $file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$theme['id'].'-rules.css';
101
102  $label = (file_exists($file) ? '&#x2714;' : '&#x2718;').' '.$theme['name'];
103
104  if ($default_theme == $theme['id'])
105  {
106    $label.= ' ('.l10n('default').')';
107  }
108
109  $active_theme_options[$theme['id']] = $label;
110 
111  if ($theme['id'] == $page['theme'])
112  {
113    $selected = $theme['id'];
114  }
115}
116
117if (count($active_theme_options) > 0)
118{
119  $options[l10n('Active Themes')] = $active_theme_options;
120}
121
122$inactive_theme_options = array();
123foreach ($inactive_themes as $theme)
124{
125  $file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR . 'css/'.$theme['id'].'-rules.css';
126
127  $inactive_theme_options[$theme['id']] = (file_exists($file) ? '&#x2714;' : '&#x2718;').' '.$theme['name'];
128 
129  if ($theme['id'] == $page['theme'])
130  {
131    $selected = $theme['id'];
132  }
133}
134
135if (count($inactive_theme_options) > 0)
136{
137  $options[l10n('Inactive Themes')] = $inactive_theme_options;
138}
139
140$template->assign(
141  'css_lang_tpl',
142  array(
143    'SELECT_NAME' => 'theme_select',
144    'OPTIONS' => $options,
145    'SELECTED' => $selected
146    )
147);
148
149$codemirror_mode = 'text/css';
150?>
Note: See TracBrowser for help on using the repository browser.