source: trunk/admin/themes_new.php @ 5406

Last change on this file since 5406 was 5406, checked in by patdenice, 14 years ago

Add token to themes installation.
Only webmasters can install new plugins, themes or languages.
File size: 4.8 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if( !defined("PHPWG_ROOT_PATH") )
25{
26  die ("Hacking attempt!");
27}
28
29include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
30
31$base_url = get_root_url().'admin.php?page='.$page['page'];
32
33$themes = new themes();
34$themes->set_tabsheet('themes_new');
35
36// +-----------------------------------------------------------------------+
37// |                           setup check                                 |
38// +-----------------------------------------------------------------------+
39
40$themes_dir = PHPWG_ROOT_PATH.'themes';
41if (!is_writable($themes_dir))
42{
43  array_push(
44    $page['errors'],
45    sprintf(
46      l10n('Add write access to the "%s" directory'),
47      'themes'
48      )
49    );
50}
51
52// +-----------------------------------------------------------------------+
53// |                       perform installation                            |
54// +-----------------------------------------------------------------------+
55
56if (isset($_GET['revision']) and isset($_GET['extension']))
57{
58  if (!is_webmaster())
59  {
60    array_push($page['errors'], l10n('Webmaster status is required.'));
61  }
62  else
63  {
64    check_pwg_token();
65
66    $install_status = $themes->extract_theme_files(
67      'install',
68      $_GET['revision'],
69      $_GET['extension']
70      );
71   
72    redirect($base_url.'&installstatus='.$install_status);
73  }
74}
75
76// +-----------------------------------------------------------------------+
77// |                        installation result                            |
78// +-----------------------------------------------------------------------+
79
80if (isset($_GET['installstatus']))
81{
82  switch ($_GET['installstatus'])
83  {
84    case 'ok':
85      array_push(
86        $page['infos'],
87        l10n('Theme has been successfully installed')
88        );
89      break;
90
91    case 'temp_path_error':
92      array_push($page['errors'], l10n('Can\'t create temporary file.'));
93      break;
94
95    case 'dl_archive_error':
96      array_push($page['errors'], l10n('Can\'t download archive.'));
97      break;
98
99    case 'archive_error':
100      array_push($page['errors'], l10n('Can\'t read or extract archive.'));
101      break;
102
103    default:
104      array_push(
105        $page['errors'],
106        sprintf(l10n('An error occured during extraction (%s).'), $_GET['installstatus'])
107        );
108  } 
109}
110
111// +-----------------------------------------------------------------------+
112// |                          template output                              |
113// +-----------------------------------------------------------------------+
114
115$template->set_filenames(array('themes' => 'themes_new.tpl'));
116
117if ($themes->get_server_themes(true)) // only new themes
118{
119  foreach($themes->server_themes as $theme)
120  {
121    $url_auto_install = htmlentities($base_url)
122      . '&amp;revision=' . $theme['revision_id']
123      . '&amp;extension=' . $theme['extension_id']
124      . '&amp;pwg_token='.get_pwg_token()
125      ;
126
127    $template->append(
128      'new_themes',
129      array(
130        'name' => $theme['extension_name'],
131        'screenshot' => PEM_URL.'/upload/extension-'.$theme['extension_id'].'/thumbnail.jpg',
132        'install_url' => $url_auto_install,
133        )
134      );
135  }
136}
137else
138{
139  array_push($page['errors'], l10n('Can\'t connect to server.'));
140}
141
142$template->assign_var_from_handle('ADMIN_CONTENT', 'themes');
143?>
Note: See TracBrowser for help on using the repository browser.