1
wishcraft
Quick Multixoops Theme Hack... xoopslists.php incursive

Hi how you doing? Soon will be grabe the latest copy of XOOPS and make a multi system, which the way mamba has been calling for it..

This is the theme hack for you..

This involves an ateration to the smarty.class.php & common.php, it makes use to the theme construct.. if you make it for totality and removal of the current code, but normally that would be for security and physical views of pages.

{- Smarty.class.php

/* Line - 1736
   this is to filename the cache and smarty files from cache and compile to have the domain abstraction */

    
function _get_auto_filename($auto_base$auto_source null$auto_id null)
    {
        
$_compile_dir_sep =  $this->use_sub_dirs DIRECTORY_SEPARATOR '^';
        
$_return $auto_base DIRECTORY_SEPARATOR;

        
$df str_replace('http://','',XOOPS_URL);
        
$df str_replace('https://','',$df);
        
$df str_replace('www.','',$df);

        if(isset(
$auto_id)) {
            
// make auto_id safe for directory names
            
$auto_id str_replace('%7C',$_compile_dir_sep,(urlencode($auto_id)));
            
// split into separate directories
            
$_return .= $auto_id $_compile_dir_sep;
        }
        
$_return .= '%%'.$df;
        if(isset(
$auto_source)) {
            
// make source name safe for filename
            
$_filename urlencode(basename($auto_source));
            
$_crc32 sprintf('%08X'crc32($auto_source));
            
// prepend %% to avoid name conflicts with
            // with $params['auto_id'] names
            
$_crc32 substr($_crc3202) . $_compile_dir_sep .
                      
substr($_crc3203) . $_compile_dir_sep $_crc32;
            
$_return .= '%%' $_crc32 .'%%' $_filename;
        }

        return 
$_return;
    }


Then you will need to make the following changes to common.php

/**#@-*/

require_once(XOOPS_ROOT_PATH.'/class/xoopslists.php');

$lister = new XoopsLists;
$themes $lister->getDirListAsArray(XOOPS_ROOT_PATH.'/themes/');
foreach (
$themes as $k => $v) {
    
$source parse_url(sprintf('%s'XOOPS_URL));
    
$theme parse_url(sprintf('http://www.%s'$v));
    if (
$theme['host'] == $source['host'])
        
$xoopsConfig['theme_set'] = $v;
}

if (
strlen($xoopsConfig['theme_set'] )==0)
    
$xoopsConfig['theme_set'] = 'unauthorised';
    
    
/* Security Local
    
    
    if (!empty($_POST['xoops_theme_select']) && in_array($_POST['xoops_theme_select'], $xoopsConfig['theme_set_allowed'])) {
    $xoopsConfig['theme_set'] = $_POST['xoops_theme_select'];
    $_SESSION['xoopsUserTheme'] = $_POST['xoops_theme_select'];
} elseif (!empty($_SESSION['xoopsUserTheme']) && in_array($_SESSION['xoopsUserTheme'], $xoopsConfig['theme_set_allowed'])) {
    $xoopsConfig['theme_set'] = $_SESSION['xoopsUserTheme'];
}*/


You can get and example of unathorised theme you can download the one we use at http://bin.chronolabs.org.au/xoops_thm_unauthorised.zip

The simple change to the mainfile.php where the define of XOOPS main file settings.

define('XOOPS_URL'strtolower('http://'.$_SERVER['HTTP_HOST']));


The directory follows the folling path.. recursively into subdomains if you want to do multiple subdomains. this example would need theme directories as so.
/XOOPS_ROOT_PATH
  
|-Themes
     
|-yoursite.com
     
|-examplesite.com
     
|-secure.examplesite.com 
     
|-support.examplesite.com


You could make a recurisely building but with what depth limits..

/XOOPS_ROOT_PATH
  
|-Themes
     
|-yoursite.com
     
|-examplesite.com
         
|-secure  - for secure.examplesite.com
         
|-support- for support.examplesite.com
Resized Image
http://www.ohloh.net/accounts/226400

Follow, Like & Read:-

twitter.com/RegaltyFamily
github.com/Chronolabs-Cooperative
facebook.com/DrAntonyRoberts

2
ghia
Re: Quick Multixoops Theme Hack... xoopslists.php incursive
  • 2008/12/13 11:26

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


For
define('XOOPS_URL'strtolower('http://'.$_SERVER['HTTP_HOST']));

isn't $_SERVER['HTTPS'] to take into account?
Else what is the point to have:
$df str_replace('http://','',XOOPS_URL);
        
$df str_replace('https://','',$df);
        
$df str_replace('www.','',$df);

And for
$theme parse_url(sprintf('http://www.%s'$v));

Should the theme not be used with https: if the request url was https to avoid warnings of mixed content in the browser?

Feature request:
I think a theme change from http: to https: would also be very nice and show clearly to the user, that he is on a secured part of the site.
/* Security Local
    
    
    if (!empty($_POST['xoops_theme_select']) && in_array($_POST['xoops_theme_select'], $xoopsConfig['theme_set_allowed'])) {
    $xoopsConfig['theme_set'] = $_POST['xoops_theme_select'];
    $_SESSION['xoopsUserTheme'] = $_POST['xoops_theme_select'];
} elseif (!empty($_SESSION['xoopsUserTheme']) && in_array($_SESSION['xoopsUserTheme'], $xoopsConfig['theme_set_allowed'])) {
    $xoopsConfig['theme_set'] = $_SESSION['xoopsUserTheme'];
}*/
Does this hack implies that users can no longer choose an alternate theme?

3
wishcraft
Re: Quick Multixoops Theme Hack... xoopslists.php incursive

Resized Image Yeah it is a quick faq.. You know there are many choices in code...
Resized Image
http://www.ohloh.net/accounts/226400

Follow, Like & Read:-

twitter.com/RegaltyFamily
github.com/Chronolabs-Cooperative
facebook.com/DrAntonyRoberts

Login

Who's Online

396 user(s) are online (266 user(s) are browsing Support Forums)


Members: 0


Guests: 396


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits