1
wishcraft
Quick Multixoops Theme Hack... xoopslists.php incursive

Hi how you doing? Soon will be grabe the latest copy of XOOPS and make a multi system, which the way mamba has been calling for it..

This is the theme hack for you..

This involves an ateration to the smarty.class.php & common.php, it makes use to the theme construct.. if you make it for totality and removal of the current code, but normally that would be for security and physical views of pages.

{- Smarty.class.php

le="color: #000000"><?php /* Line - 1736 this is to filename the cache and smarty files from cache and compile to have the domain abstraction */ function _get_auto_filename($auto_base, $auto_source = null, $auto_id = null) { $_compile_dir_sep = $this->use_sub_dirs ? DIRECTORY_SEPARATOR : '^'; $_return = $auto_base . DIRECTORY_SEPARATOR; $df = str_replace('http://','',XOOPS_URL); $df = str_replace('https://','',$df); $df = str_replace('www.','',$df); if(isset($auto_id)) { // make auto_id safe for directory names $auto_id = str_replace('%7C',$_compile_dir_sep,(urlencode($auto_id))); // split into separate directories $_return .= $auto_id . $_compile_dir_sep; } $_return .= '%%'.$df; if(isset($auto_source)) { // make source name safe for filename $_filename = urlencode(basename($auto_source)); $_crc32 = sprintf('%08X', crc32($auto_source)); // prepend %% to avoid name conflicts with // with $params['auto_id'] names $_crc32 = substr($_crc32, 0, 2) . $_compile_dir_sep . substr($_crc32, 0, 3) . $_compile_dir_sep . $_crc32; $_return .= '%%' . $_crc32 .'%%' . $_filename; } return $_return; }


Then you will need to make the following changes to common.php

le="color: #000000"><?php /**#@-*/ require_once(XOOPS_ROOT_PATH.'/class/xoopslists.php'); $lister = new XoopsLists; $themes = $lister->getDirListAsArray(XOOPS_ROOT_PATH.'/themes/'); foreach ($themes as $k => $v) { $source = parse_url(sprintf('%s', XOOPS_URL)); $theme = parse_url(sprintf('http://www.%s', $v)); if ($theme['host'] == $source['host']) $xoopsConfig['theme_set'] = $v; } if (strlen($xoopsConfig['theme_set'] )==0) $xoopsConfig['theme_set'] = 'unauthorised'; /* Security Local if (!empty($_POST['xoops_theme_select']) && in_array($_POST['xoops_theme_select'], $xoopsConfig['theme_set_allowed'])) { $xoopsConfig['theme_set'] = $_POST['xoops_theme_select']; $_SESSION['xoopsUserTheme'] = $_POST['xoops_theme_select']; } elseif (!empty($_SESSION['xoopsUserTheme']) && in_array($_SESSION['xoopsUserTheme'], $xoopsConfig['theme_set_allowed'])) { $xoopsConfig['theme_set'] = $_SESSION['xoopsUserTheme']; }*/


You can get and example of unathorised theme you can download the one we use at http://bin.chronolabs.org.au/xoops_thm_unauthorised.zip

le="color: #000000"><?php The simple change to the mainfile.php where the define of XOOPS main file settings. define('XOOPS_URL', strtolower('http://'.$_SERVER['HTTP_HOST']));


The directory follows the folling path.. recursively into subdomains if you want to do multiple subdomains. this example would need theme directories as so.
le="color: #000000"><?php /XOOPS_ROOT_PATH |-Themes |-yoursite.com |-examplesite.com |-secure.examplesite.com |-support.examplesite.com


You could make a recurisely building but with what depth limits..

le="color: #000000"><?php /XOOPS_ROOT_PATH |-Themes |-yoursite.com |-examplesite.com |-secure - for secure.examplesite.com |-support- for support.examplesite.com
vCard (*.vcf): Dr. Simon Antony Roberts.vcf
Follow, Like & Read:-

x.com/EmpressFX
facebook.com/DrAntonyRoberts

2
ghia
Re: Quick Multixoops Theme Hack... xoopslists.php incursive
  • 2008/12/13 11:26

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


For
le="color: #000000"><?php define('XOOPS_URL', strtolower('http://'.$_SERVER['HTTP_HOST']));

isn't $_SERVER['HTTPS'] to take into account?
Else what is the point to have:
le="color: #000000"><?php $df = str_replace('http://','',XOOPS_URL); $df = str_replace('https://','',$df); $df = str_replace('www.','',$df);

And for
le="color: #000000"><?php $theme = parse_url(sprintf('http://www.%s', $v));

Should the theme not be used with https: if the request url was https to avoid warnings of mixed content in the browser?

Feature request:
I think a theme change from http: to https: would also be very nice and show clearly to the user, that he is on a secured part of the site.
le="color: #000000"><?php /* Security Local if (!empty($_POST['xoops_theme_select']) && in_array($_POST['xoops_theme_select'], $xoopsConfig['theme_set_allowed'])) { $xoopsConfig['theme_set'] = $_POST['xoops_theme_select']; $_SESSION['xoopsUserTheme'] = $_POST['xoops_theme_select']; } elseif (!empty($_SESSION['xoopsUserTheme']) && in_array($_SESSION['xoopsUserTheme'], $xoopsConfig['theme_set_allowed'])) { $xoopsConfig['theme_set'] = $_SESSION['xoopsUserTheme']; }*/
Does this hack implies that users can no longer choose an alternate theme?

3
wishcraft
Re: Quick Multixoops Theme Hack... xoopslists.php incursive

Resized Image Yeah it is a quick faq.. You know there are many choices in code...
vCard (*.vcf): Dr. Simon Antony Roberts.vcf
Follow, Like & Read:-

x.com/EmpressFX
facebook.com/DrAntonyRoberts

Who's Online

239 user(s) are online (168 user(s) are browsing Support Forums)


Members: 0


Guests: 239


more...

Donat-O-Meter

Stats
Goal: $15.00
Due Date: Jul 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $15.00
Make donations with PayPal!

Latest GitHub Commits