mirror of
https://github.com/friendica/friendica
synced 2025-04-26 13:50:11 +00:00
Sanitize theme path items
- Sanitize theme style/color/scheme path items
This commit is contained in:
Hypolite Petovan
parent
6aac84dc8e
commit
b529c03a20
9 changed files with 65 additions and 50 deletions
|
|
@ -8,6 +8,7 @@ namespace Friendica\Core;
|
|||
|
||||
use Friendica\BaseObject;
|
||||
use Friendica\Model\Profile;
|
||||
use Friendica\Util\Strings;
|
||||
|
||||
require_once 'boot.php';
|
||||
|
||||
|
|
@ -50,6 +51,8 @@ class Theme
|
|||
*/
|
||||
public static function getInfo($theme)
|
||||
{
|
||||
$theme = Strings::sanitizeFilePathItem($theme);
|
||||
|
||||
$info = [
|
||||
'name' => $theme,
|
||||
'description' => "",
|
||||
|
|
@ -113,31 +116,37 @@ class Theme
|
|||
*/
|
||||
public static function getScreenshot($theme)
|
||||
{
|
||||
$theme = Strings::sanitizeFilePathItem($theme);
|
||||
|
||||
$exts = ['.png', '.jpg'];
|
||||
foreach ($exts as $ext) {
|
||||
if (file_exists('view/theme/' . $theme . '/screenshot' . $ext)) {
|
||||
return(System::baseUrl() . '/view/theme/' . $theme . '/screenshot' . $ext);
|
||||
return System::baseUrl() . '/view/theme/' . $theme . '/screenshot' . $ext;
|
||||
}
|
||||
}
|
||||
return(System::baseUrl() . '/images/blank.png');
|
||||
return System::baseUrl() . '/images/blank.png';
|
||||
}
|
||||
|
||||
// install and uninstall theme
|
||||
public static function uninstall($theme)
|
||||
{
|
||||
Logger::log("Addons: uninstalling theme " . $theme);
|
||||
$theme = Strings::sanitizeFilePathItem($theme);
|
||||
|
||||
include_once "view/theme/$theme/theme.php";
|
||||
if (function_exists("{$theme}_uninstall")) {
|
||||
$func = "{$theme}_uninstall";
|
||||
$func();
|
||||
// silently fail if theme was removed or if $theme is funky
|
||||
if (file_exists("view/theme/$theme/theme.php")) {
|
||||
Logger::log("Addons: uninstalling theme " . $theme);
|
||||
|
||||
if (function_exists("{$theme}_uninstall")) {
|
||||
$func = "{$theme}_uninstall";
|
||||
$func();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public static function install($theme)
|
||||
{
|
||||
// silently fail if theme was removed
|
||||
$theme = Strings::sanitizeFilePathItem($theme);
|
||||
|
||||
// silently fail if theme was removed or if $theme is funky
|
||||
if (!file_exists("view/theme/$theme/theme.php")) {
|
||||
return false;
|
||||
}
|
||||
|
|
@ -183,10 +192,10 @@ class Theme
|
|||
$parent = 'NOPATH';
|
||||
}
|
||||
$theme = \get_app()->getCurrentTheme();
|
||||
$thname = $theme;
|
||||
$parent = Strings::sanitizeFilePathItem($parent);
|
||||
$ext = substr($file, strrpos($file, '.') + 1);
|
||||
$paths = [
|
||||
"{$root}view/theme/$thname/$ext/$file",
|
||||
"{$root}view/theme/$theme/$ext/$file",
|
||||
"{$root}view/theme/$parent/$ext/$file",
|
||||
"{$root}view/$ext/$file",
|
||||
];
|
||||
|
|
@ -212,6 +221,8 @@ class Theme
|
|||
*/
|
||||
public static function getStylesheetPath($theme)
|
||||
{
|
||||
$theme = Strings::sanitizeFilePathItem($theme);
|
||||
|
||||
if (!file_exists('view/theme/' . $theme . '/style.php')) {
|
||||
return 'view/theme/' . $theme . '/style.css';
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue