mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-02-24 20:13:22 +01:00
Code Issues Releases Wiki Activity
php-phpbb/phpBB/style.php
Meik Sievertsen 2f4a618900 ok... i hope i haven't messed too much with the code and everything is still working. 
Changes:
- Ascraeus now uses constants for the phpbb root path and the php extension. This ensures more security for external applications and modifications (no more overwriting of root path and extension possible through insecure mods and register globals enabled) as well as no more globalizing needed.
- A second change implemented here is an additional short-hand-notation for append_sid(). It is allowed to omit the root path and extension now (for example calling append_sid('memberlist')) - in this case the root path and extension get added automatically. The hook is called after these are added.

git-svn-id: file:///svn/phpbb/trunk@8572 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-05-29 12:25:56 +00:00

250 lines
6.7 KiB
PHP
Raw Blame History

<?php
/**
*
* @package phpBB3
* @version $Id$
* @copyright (c) 2005 phpBB Group
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
/**
* @ignore
*/
define('IN_PHPBB', true);
if (!defined('PHPBB_ROOT_PATH')) define('PHPBB_ROOT_PATH', './');
if (!defined('PHP_EXT')) define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
$sid = (isset($_GET['sid']) && !is_array($_GET['sid'])) ? htmlspecialchars($_GET['sid']) : '';
$id = (isset($_GET['id'])) ? intval($_GET['id']) : 0;
if (strspn($sid, 'abcdefABCDEF0123456789') !== strlen($sid))
{
$sid = '';
}
// This is a simple script to grab and output the requested CSS data stored in the DB
// We include a session_id check to try and limit 3rd party linking ... unless they
// happen to have a current session it will output nothing. We will also cache the
// resulting CSS data for five minutes ... anything to reduce the load on the SQL
// server a little
if (!$id)
{
exit;
}
include(PHPBB_ROOT_PATH . 'common.' . PHP_EXT);
$user = false;
if ($sid)
{
$sql = 'SELECT u.user_id, u.user_lang
FROM ' . SESSIONS_TABLE . ' s, ' . USERS_TABLE . " u
WHERE s.session_id = '" . $db->sql_escape($sid) . "'
AND s.session_user_id = u.user_id";
$result = $db->sql_query($sql);
$user = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
}
$recompile = $config['load_tplcompile'];
if (!$user)
{
$id = $config['default_style'];
$recompile = false;
$user = array('user_id' => ANONYMOUS);
}
$sql = 'SELECT s.style_id, c.theme_id, c.theme_data, c.theme_path, c.theme_name, c.theme_mtime, i.*, t.template_path
FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . ' i
WHERE s.style_id = ' . $id . '
AND t.template_id = s.template_id
AND c.theme_id = s.theme_id
AND i.imageset_id = s.imageset_id';
$result = $db->sql_query($sql, 300);
$theme = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$theme)
{
garbage_collection();
exit_handler();
}
if ($user['user_id'] == ANONYMOUS)
{
$user['user_lang'] = $config['default_lang'];
}
$user_image_lang = (file_exists(PHPBB_ROOT_PATH . 'styles/' . $theme['imageset_path'] . '/imageset/' . $user['user_lang'])) ? $user['user_lang'] : $config['default_lang'];
$sql = 'SELECT *
FROM ' . STYLES_IMAGESET_DATA_TABLE . '
WHERE imageset_id = ' . $theme['imageset_id'] . "
AND image_filename <> ''
AND image_lang IN ('" . $db->sql_escape($user_image_lang) . "', '')";
$result = $db->sql_query($sql, 3600);
$img_array = array();
while ($row = $db->sql_fetchrow($result))
{
$img_array[$row['image_name']] = $row;
}
$db->sql_freeresult($result);
// gzip_compression
if ($config['gzip_compress'])
{
// IE6 is not able to compress the style (do not ask us why!)
$browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? strtolower(htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT'])) : '';
if ($browser && strpos($browser, 'msie 6.0') === false && @extension_loaded('zlib') && !headers_sent())
{
ob_start('ob_gzhandler');
}
}
// Expire time of seven days if not recached
$expire_time = 7 * 86400;
$recache = false;
// Re-cache stylesheet data if necessary
if ($recompile || empty($theme['theme_data']))
{
$recache = (empty($theme['theme_data'])) ? true : false;
$update_time = time();
// We test for stylesheet.css because it is faster and most likely the only file changed on common themes
if (!$recache && $theme['theme_mtime'] < @filemtime(PHPBB_ROOT_PATH . 'styles/' . $theme['theme_path'] . '/theme/stylesheet.css'))
{
$recache = true;
$update_time = @filemtime(PHPBB_ROOT_PATH . 'styles/' . $theme['theme_path'] . '/theme/stylesheet.css');
}
else if (!$recache)
{
$last_change = $theme['theme_mtime'];
$dir = @opendir(PHPBB_ROOT_PATH . "styles/{$theme['theme_path']}/theme");
if ($dir)
{
while (($entry = readdir($dir)) !== false)
{
if (substr(strrchr($entry, '.'), 1) == 'css' && $last_change < @filemtime(PHPBB_ROOT_PATH . "styles/{$theme['theme_path']}/theme/{$entry}"))
{
$recache = true;
break;
}
}
closedir($dir);
}
}
}
if ($recache)
{
if (!class_exists('acp_styles'))
{
include(PHPBB_ROOT_PATH . 'includes/acp/acp_styles.' . PHP_EXT);
}
$theme['theme_data'] = acp_styles::db_theme_data($theme);
$theme['theme_mtime'] = $update_time;
// Save CSS contents
$sql_ary = array(
'theme_mtime' => $theme['theme_mtime'],
'theme_data' => $theme['theme_data']
);
// @TODO: rewrite with the new param db functions
$sql = 'UPDATE ' . STYLES_THEME_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
WHERE theme_id = {$theme['theme_id']}";
$db->sql_query($sql);
$cache->destroy('sql', STYLES_THEME_TABLE);
}
// Only set the expire time if the theme changed data is older than 30 minutes - to cope with changes from the ACP
if ($recache || $theme['theme_mtime'] > (time() - 1800))
{
header('Expires: 0');
}
else
{
header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + $expire_time));
}
header('Content-type: text/css; charset=UTF-8');
// Parse Theme Data
$replace = array(
'{T_THEME_PATH}' => PHPBB_ROOT_PATH . 'styles/' . $theme['theme_path'] . '/theme',
'{T_TEMPLATE_PATH}' => PHPBB_ROOT_PATH . 'styles/' . $theme['template_path'] . '/template',
'{T_IMAGESET_PATH}' => PHPBB_ROOT_PATH . 'styles/' . $theme['imageset_path'] . '/imageset',
'{T_IMAGESET_LANG_PATH}' => PHPBB_ROOT_PATH . 'styles/' . $theme['imageset_path'] . '/imageset/' . $user_image_lang,
'{T_STYLESHEET_NAME}' => $theme['theme_name'],
'{S_USER_LANG}' => $user['user_lang']
);
$theme['theme_data'] = str_replace(array_keys($replace), array_values($replace), $theme['theme_data']);
$matches = array();
preg_match_all('#\{IMG_([A-Za-z0-9_]*?)_(WIDTH|HEIGHT|SRC)\}#', $theme['theme_data'], $matches);
$imgs = $find = $replace = array();
if (isset($matches[0]) && sizeof($matches[0]))
{
foreach ($matches[1] as $i => $img)
{
$img = strtolower($img);
$find[] = $matches[0][$i];
if (!isset($img_array[$img]))
{
$replace[] = '';
continue;
}
if (!isset($imgs[$img]))
{
$img_data = &$img_array[$img];
$imgsrc = ($img_data['image_lang'] ? $img_data['image_lang'] . '/' : '') . $img_data['image_filename'];
$imgs[$img] = array(
'src' => PHPBB_ROOT_PATH . 'styles/' . $theme['imageset_path'] . '/imageset/' . $imgsrc,
'width' => $img_data['image_width'],
'height' => $img_data['image_height'],
);
}
switch ($matches[2][$i])
{
case 'SRC':
$replace[] = $imgs[$img]['src'];
break;
case 'WIDTH':
$replace[] = $imgs[$img]['width'];
break;
case 'HEIGHT':
$replace[] = $imgs[$img]['height'];
break;
default:
continue;
}
}
if (sizeof($find))
{
$theme['theme_data'] = str_replace($find, $replace, $theme['theme_data']);
}
}
echo $theme['theme_data'];
garbage_collection();
exit_handler();
?>
Reference in New Issue View Git Blame Copy Permalink