public function editAction() { $app_id = $this->getAppId(); $app = wa()->getAppInfo($app_id); $theme_id = waRequest::get('theme'); $theme = new waTheme($theme_id, $app_id); if (($f = waRequest::get('file')) !== '') { if (!$f) { $files = $theme['files']; if (isset($files['index.html'])) { $f = 'index.html'; } else { ksort($files); $f = key($files); } } $file = $theme->getFile($f); $file['id'] = $f; if ($theme->parent_theme_id && $file['parent']) { if (!waTheme::exists($theme->parent_theme_id, $app_id)) { $theme_id = $theme->parent_theme_id; if (strpost($theme_id, ':') !== false) { list($app_id, $theme_id) = explode(':', $theme_id, 2); $app = wa()->getAppInfo($app_id); } throw new waException(sprintf(_ws('Theme %s for “%s” app not found.'), $theme_id, $app['name'])); } $path = $theme->parent_theme->getPath(); $parent_file = $theme->parent_theme->getFile($f); if (empty($file['description'])) { $file['description'] = $parent_file['description']; } } else { $path = $theme->getPath(); } $path .= '/' . $f; $content = file_exists($path) ? file_get_contents($path) : ''; $file['content'] = $content; if ($theme->type == waTheme::OVERRIDDEN) { $file['has_original'] = $theme['type'] == file_exists(wa()->getAppPath('themes/' . $theme_id, $app_id) . '/' . $f); } } else { $file = array('id' => null, 'description' => '', 'custom' => true, 'content' => ''); } $template = $this->getConfig()->getRootPath() . '/wa-system/design/templates/DesignEdit.html'; $data = array('options' => $this->options, 'app_id' => $app_id, 'design_url' => $this->design_url, 'app' => $app, 'file' => $file, 'theme_id' => $theme_id, 'theme' => $theme); if ($theme->parent_theme_id) { $data['parent_theme'] = $theme->parent_theme; } $this->display($data, $template); }
public function setOptions(array $options) { $methods = get_class_methods($this); foreach ($options as $key => $value) { $pos = strpos($key, "_"); // get the index of the first underscore $pos2 = strpost($key, "_", $pos + 1); // get the index of the 2nd underscore if ($pos !== false && $pos2 !== false) { $key = substr_replace($key, array(strtoupper($key[$pos + 1]), strtoupper($key[$pos2 + 1])), array($pos + 1, $pos2 + 1), 1); // uppercase the character following the underscore } else { $key = substr_replace($key, strtoupper($key[$pos + 1]), $pos + 1, 1); // uppercase the character following the underscore } $key = str_replace("_", "", $key); // remove the underscore $method = 'set' . ucfirst($key); if (in_array($method, $methods)) { $this->{$method}($value); } } return $this; }
} elseif (isset($_GET['id'])) { if ($_GET['id'] != "" && is_numeric($_GET['id']) == TRUE) { $class_id = escape_string($_GET['id']); } else { cust_die("Invalid class ID."); } // perhaps $class_id = 0 can be reserved for a teachers'/admins' forum... // see if the requested ID is an actual class. $is_class = @query("SELECT 1 FROM `classes` WHERE `ID`='{$class_id}'") or die("Error checking the database."); if (num_rows($is_class) == 0) { cust_die("Invalid class ID."); } // if it is, see if the user may access it. teachers and admins may access all forums if (user_type() == "user") { $classes = parse_class_list($_SESSION['id']); if (strpos($classes, $class_id . ",") === FALSE && strpost($classes, "," . $class_id) === FALSE) { cust_die("You may not access this forum>"); } } // if he or she may... // allow the class's teacher (or an administrator) to delete posts or topics if (isset($_GET['delete'])) { // if the user is an administrator or the class's teacher, allow him or her to delete the post/topic if (user_type() == "admin" || user_type() == "teacher") { $good = 1; if (user_type() == "teacher") { // see if they teach the class $class_data = get_class_data($class_id); $class_data = explode("::", $class_data); $teacher_id = $class_data[1]; if ($teacher_id != $_SESSION['id']) {