Simplify Theme::getPathForfile to expand its uses

This commit is contained in:
Hypolite Petovan 2019-11-28 12:27:16 -05:00
parent 19bbae21de
commit 440d3eb9c4
2 changed files with 32 additions and 44 deletions

View File

@ -15,6 +15,7 @@ use Friendica\Core\Renderer;
use Friendica\Core\Theme; use Friendica\Core\Theme;
use Friendica\Module\Special\HTTPException as ModuleHTTPException; use Friendica\Module\Special\HTTPException as ModuleHTTPException;
use Friendica\Network\HTTPException; use Friendica\Network\HTTPException;
use Friendica\Util\Strings;
/** /**
* Contains the page specific environment variables for the current Page * Contains the page specific environment variables for the current Page
@ -224,15 +225,15 @@ class Page implements ArrayAccess
* being first * being first
*/ */
$this->page['htmlhead'] = Renderer::replaceMacros($tpl, [ $this->page['htmlhead'] = Renderer::replaceMacros($tpl, [
'$local_user' => local_user(), '$local_user' => local_user(),
'$generator' => 'Friendica' . ' ' . FRIENDICA_VERSION, '$generator' => 'Friendica' . ' ' . FRIENDICA_VERSION,
'$delitem' => $l10n->t('Delete this item?'), '$delitem' => $l10n->t('Delete this item?'),
'$update_interval' => $interval, '$update_interval' => $interval,
'$shortcut_icon' => $shortcut_icon, '$shortcut_icon' => $shortcut_icon,
'$touch_icon' => $touch_icon, '$touch_icon' => $touch_icon,
'$block_public' => intval($config->get('system', 'block_public')), '$block_public' => intval($config->get('system', 'block_public')),
'$stylesheets' => $this->stylesheets, '$stylesheets' => array_unique($this->stylesheets),
]) . $this->page['htmlhead']; ]) . $this->page['htmlhead'];
} }
/** /**
@ -282,8 +283,8 @@ class Page implements ArrayAccess
$tpl = Renderer::getMarkupTemplate('footer.tpl'); $tpl = Renderer::getMarkupTemplate('footer.tpl');
$this->page['footer'] = Renderer::replaceMacros($tpl, [ $this->page['footer'] = Renderer::replaceMacros($tpl, [
'$footerScripts' => $this->footerScripts, '$footerScripts' => array_unique($this->footerScripts),
]) . $this->page['footer']; ]) . $this->page['footer'];
} }
/** /**
@ -455,13 +456,13 @@ class Page implements ArrayAccess
* to load another page template than the default one. * to load another page template than the default one.
* The page templates are located in /view/php/ or in the theme directory. * The page templates are located in /view/php/ or in the theme directory.
*/ */
if (isset($_GET["mode"])) { if (isset($_GET['mode'])) {
$template = Theme::getPathForFile($_GET["mode"] . '.php'); $template = Theme::getPathForFile('php/' . Strings::sanitizeFilePathItem($_GET['mode']) . '.php');
} }
// If there is no page template use the default page template // If there is no page template use the default page template
if (empty($template)) { if (empty($template)) {
$template = Theme::getPathForFile("default.php"); $template = Theme::getPathForFile('php/default.php');
} }
// Theme templates expect $a as an App instance // Theme templates expect $a as an App instance
@ -470,7 +471,6 @@ class Page implements ArrayAccess
// Used as is in view/php/default.php // Used as is in view/php/default.php
$lang = $l10n->getCurrentLang(); $lang = $l10n->getCurrentLang();
/// @TODO Looks unsafe (remote-inclusion), is maybe not but Core\Theme::getPathForFile() uses file_exists() but does not escape anything
require_once $template; require_once $template;
} }
} }

View File

@ -185,45 +185,33 @@ class Theme
/** /**
* @brief Get the full path to relevant theme files by filename * @brief Get the full path to relevant theme files by filename
* *
* This function search in the theme directory (and if not present in global theme directory) * This function searches in order in the current theme directory, in the current theme parent directory, and lastly
* if there is a directory with the file extension and for a file with the given * in the base view/ folder.
* filename.
* *
* @param string $file Filename * @param string $file Filename
* @param string $root Full root path
* @return string Path to the file or empty string if the file isn't found * @return string Path to the file or empty string if the file isn't found
* @throws \Friendica\Network\HTTPException\InternalServerErrorException * @throws \Exception
*/ */
public static function getPathForFile($file, $root = '') public static function getPathForFile($file)
{ {
$file = basename($file); $a = BaseObject::getApp();
$theme = $a->getCurrentTheme();
$parent = Strings::sanitizeFilePathItem($a->theme_info['extends'] ?? $theme);
// Make sure $root ends with a slash / if it's not blank
if ($root !== '' && $root[strlen($root) - 1] !== '/') {
$root = $root . '/';
}
$theme_info = \get_app()->theme_info;
if (is_array($theme_info) && array_key_exists('extends', $theme_info)) {
$parent = $theme_info['extends'];
} else {
$parent = 'NOPATH';
}
$theme = \get_app()->getCurrentTheme();
$parent = Strings::sanitizeFilePathItem($parent);
$ext = substr($file, strrpos($file, '.') + 1);
$paths = [ $paths = [
"{$root}view/theme/$theme/$ext/$file", "view/theme/$theme/$file",
"{$root}view/theme/$parent/$ext/$file", "view/theme/$parent/$file",
"{$root}view/$ext/$file", "view/$file",
]; ];
foreach ($paths as $p) {
// strpos() is faster than strstr when checking if one string is in another (http://php.net/manual/en/function.strstr.php) foreach ($paths as $path) {
if (strpos($p, 'NOPATH') !== false) { if (file_exists($path)) {
continue; return $path;
} elseif (file_exists($p)) {
return $p;
} }
} }
return ''; return '';
} }