Line 14 | Line 14 |
---|
define('IN_PHPBB', true); $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './'; $phpEx = substr(strrchr(__FILE__, '.'), 1);
|
define('IN_PHPBB', true); $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './'; $phpEx = substr(strrchr(__FILE__, '.'), 1);
|
| require($phpbb_root_path . 'includes/startup.' . $phpEx);
|
require($phpbb_root_path . 'config.' . $phpEx);
|
require($phpbb_root_path . 'config.' . $phpEx);
|
if (version_compare(PHP_VERSION, '6.0.0-dev', '<'))
| if (!defined('PHPBB_INSTALLED') || empty($dbms) || empty($acm_type))
|
{
|
{
|
set_magic_quotes_runtime(0);
| exit;
|
}
// Load Extensions
|
}
// Load Extensions
|
if (!empty($load_extensions))
| if (!empty($load_extensions) && function_exists('dl'))
|
{ $load_extensions = explode(',', $load_extensions);
| { $load_extensions = explode(',', $load_extensions);
|
Line 32 | Line 34 |
---|
} }
|
} }
|
$sid = (isset($_GET['sid']) && !is_array($_GET['sid'])) ? htmlspecialchars($_GET['sid']) : '';
| |
$id = (isset($_GET['id'])) ? intval($_GET['id']) : 0;
|
$id = (isset($_GET['id'])) ? intval($_GET['id']) : 0;
|
if (strspn($sid, 'abcdefABCDEF0123456789') !== strlen($sid)) { $sid = ''; }
| |
// This is a simple script to grab and output the requested CSS data stored in the DB // We include a session_id check to try and limit 3rd party linking ... unless they
| // This is a simple script to grab and output the requested CSS data stored in the DB // We include a session_id check to try and limit 3rd party linking ... unless they
|
Line 48 | Line 43 |
---|
// server a little if ($id) {
|
// server a little if ($id) {
|
if (empty($acm_type) || empty($dbms)) { die('Hacking attempt'); }
| |
// Include files require($phpbb_root_path . 'includes/acm/acm_' . $acm_type . '.' . $phpEx); require($phpbb_root_path . 'includes/cache.' . $phpEx); require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx); require($phpbb_root_path . 'includes/constants.' . $phpEx);
|
// Include files require($phpbb_root_path . 'includes/acm/acm_' . $acm_type . '.' . $phpEx); require($phpbb_root_path . 'includes/cache.' . $phpEx); require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx); require($phpbb_root_path . 'includes/constants.' . $phpEx);
|
| require($phpbb_root_path . 'includes/functions.' . $phpEx);
|
$db = new $sql_db(); $cache = new cache();
| $db = new $sql_db(); $cache = new cache();
|
Line 71 | Line 62 |
---|
$config = $cache->obtain_config(); $user = false;
|
$config = $cache->obtain_config(); $user = false;
|
| // try to get a session ID from REQUEST array $sid = request_var('sid', '');
if (!$sid) { // if that failed, then look in the cookies $sid = request_var($config['cookie_name'] . '_sid', '', false, true); }
if (strspn($sid, 'abcdefABCDEF0123456789') !== strlen($sid)) { $sid = ''; }
|
if ($sid) {
| if ($sid) {
|
Line 86 | Line 91 |
---|
$recompile = $config['load_tplcompile']; if (!$user) {
|
$recompile = $config['load_tplcompile']; if (!$user) {
|
$id = $config['default_style']; $recompile = false;
| $id = ($id) ? $id : $config['default_style']; // Commented out because calls do not always include the SID anymore // $recompile = false;
|
$user = array('user_id' => ANONYMOUS); }
|
$user = array('user_id' => ANONYMOUS); }
|
$sql = 'SELECT s.style_id, c.theme_data, c.theme_path, c.theme_name, c.theme_mtime, i.*, t.template_path
| $sql = 'SELECT s.style_id, c.theme_id, c.theme_data, c.theme_path, c.theme_name, c.theme_mtime, i.*, t.template_path
|
FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . ' i WHERE s.style_id = ' . $id . ' AND t.template_id = s.template_id
| FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . ' i WHERE s.style_id = ' . $id . ' AND t.template_id = s.template_id
|
Line 113 | Line 119 |
---|
$user_image_lang = (file_exists($phpbb_root_path . 'styles/' . $theme['imageset_path'] . '/imageset/' . $user['user_lang'])) ? $user['user_lang'] : $config['default_lang'];
|
$user_image_lang = (file_exists($phpbb_root_path . 'styles/' . $theme['imageset_path'] . '/imageset/' . $user['user_lang'])) ? $user['user_lang'] : $config['default_lang'];
|
| // Same query in session.php
|
$sql = 'SELECT * FROM ' . STYLES_IMAGESET_DATA_TABLE . ' WHERE imageset_id = ' . $theme['imageset_id'] . "
|
$sql = 'SELECT * FROM ' . STYLES_IMAGESET_DATA_TABLE . ' WHERE imageset_id = ' . $theme['imageset_id'] . "
|
| AND image_filename <> ''
|
AND image_lang IN ('" . $db->sql_escape($user_image_lang) . "', '')"; $result = $db->sql_query($sql, 3600);
| AND image_lang IN ('" . $db->sql_escape($user_image_lang) . "', '')"; $result = $db->sql_query($sql, 3600);
|
Line 188 | Line 196 |
---|
);
$sql = 'UPDATE ' . STYLES_THEME_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
|
);
$sql = 'UPDATE ' . STYLES_THEME_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
|
WHERE theme_id = $id";
| WHERE theme_id = {$theme['theme_id']}";
|
$db->sql_query($sql);
$cache->destroy('sql', STYLES_THEME_TABLE);
| $db->sql_query($sql);
$cache->destroy('sql', STYLES_THEME_TABLE);
|
Line 208 | Line 216 |
---|
// Parse Theme Data $replace = array(
|
// Parse Theme Data $replace = array(
|
'{T_THEME_PATH}' => "{$phpbb_root_path}styles/" . $theme['theme_path'] . '/theme', '{T_TEMPLATE_PATH}' => "{$phpbb_root_path}styles/" . $theme['template_path'] . '/template', '{T_IMAGESET_PATH}' => "{$phpbb_root_path}styles/" . $theme['imageset_path'] . '/imageset', '{T_IMAGESET_LANG_PATH}' => "{$phpbb_root_path}styles/" . $theme['imageset_path'] . '/imageset/' . $user_image_lang,
| '{T_THEME_PATH}' => "{$phpbb_root_path}styles/" . rawurlencode($theme['theme_path']) . '/theme', '{T_TEMPLATE_PATH}' => "{$phpbb_root_path}styles/" . rawurlencode($theme['template_path']) . '/template', '{T_IMAGESET_PATH}' => "{$phpbb_root_path}styles/" . rawurlencode($theme['imageset_path']) . '/imageset', '{T_IMAGESET_LANG_PATH}' => "{$phpbb_root_path}styles/" . rawurlencode($theme['imageset_path']) . '/imageset/' . $user_image_lang,
|
'{T_STYLESHEET_NAME}' => $theme['theme_name'], '{S_USER_LANG}' => $user['user_lang'] );
| '{T_STYLESHEET_NAME}' => $theme['theme_name'], '{S_USER_LANG}' => $user['user_lang'] );
|
Line 240 | Line 248 |
---|
$img_data = &$img_array[$img]; $imgsrc = ($img_data['image_lang'] ? $img_data['image_lang'] . '/' : '') . $img_data['image_filename']; $imgs[$img] = array(
|
$img_data = &$img_array[$img]; $imgsrc = ($img_data['image_lang'] ? $img_data['image_lang'] . '/' : '') . $img_data['image_filename']; $imgs[$img] = array(
|
'src' => $phpbb_root_path . 'styles/' . $theme['imageset_path'] . '/imageset/' . $imgsrc,
| 'src' => $phpbb_root_path . 'styles/' . rawurlencode($theme['imageset_path']) . '/imageset/' . $imgsrc,
|
'width' => $img_data['image_width'], 'height' => $img_data['image_height'], );
| 'width' => $img_data['image_width'], 'height' => $img_data['image_height'], );
|