538 case 'acljson': |
538 case 'acljson': |
539 require_once(ENANO_ROOT.'/includes/pageutils.php'); |
539 require_once(ENANO_ROOT.'/includes/pageutils.php'); |
540 $parms = ( isset($_POST['acl_params']) ) ? rawurldecode($_POST['acl_params']) : false; |
540 $parms = ( isset($_POST['acl_params']) ) ? rawurldecode($_POST['acl_params']) : false; |
541 echo PageUtils::acl_json($parms); |
541 echo PageUtils::acl_json($parms); |
542 break; |
542 break; |
|
543 case 'theme_list': |
|
544 header('Content-type: application/json'); |
|
545 |
|
546 $q = $db->sql_query('SELECT theme_name, theme_id FROM ' . table_prefix . "themes WHERE enabled = 1 ORDER BY theme_name ASC;"); |
|
547 if ( !$q ) |
|
548 $db->die_json(); |
|
549 |
|
550 $return = array(); |
|
551 while ( $row = $db->fetchrow() ) |
|
552 $return[] = $row; |
|
553 |
|
554 foreach ( $return as &$theme ) |
|
555 { |
|
556 $theme['have_thumb'] = file_exists(ENANO_ROOT . "/themes/{$theme['theme_id']}/preview.png"); |
|
557 } |
|
558 |
|
559 echo enano_json_encode($return); |
|
560 |
|
561 break; |
|
562 case "get_styles": |
|
563 if ( !preg_match('/^[a-z0-9_-]+$/', $_GET['theme_id']) ) |
|
564 die(enano_json_encode(array())); |
|
565 |
|
566 $theme_id = $_GET['theme_id']; |
|
567 $return = array(); |
|
568 |
|
569 if ( $dr = @opendir(ENANO_ROOT . "/themes/$theme_id/css/") ) |
|
570 { |
|
571 while ( $dh = @readdir($dr) ) |
|
572 { |
|
573 if ( preg_match('/\.css$/', $dh) && $dh != '_printable.css' ) |
|
574 { |
|
575 $return[] = preg_replace('/\.css$/', '', $dh); |
|
576 } |
|
577 } |
|
578 } |
|
579 else |
|
580 { |
|
581 $return = array( |
|
582 'mode' => 'error', |
|
583 'error' => 'Could not open directory.' |
|
584 ); |
|
585 } |
|
586 echo enano_json_encode($return); |
|
587 break; |
543 case "change_theme": |
588 case "change_theme": |
544 if ( !isset($_POST['theme_id']) || !isset($_POST['style_id']) ) |
589 if ( !isset($_POST['theme_id']) || !isset($_POST['style_id']) ) |
545 { |
590 { |
546 die('Invalid input'); |
591 die(enano_json_encode(array('mode' => 'error', 'error' => 'Invalid parameter'))); |
547 } |
592 } |
548 if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['theme_id']) || !preg_match('/^([a-z0-9_-]+)$/i', $_POST['style_id']) ) |
593 if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['theme_id']) || !preg_match('/^([a-z0-9_-]+)$/i', $_POST['style_id']) ) |
549 { |
594 { |
550 die('Invalid input'); |
595 die(enano_json_encode(array('mode' => 'error', 'error' => 'Invalid parameter'))); |
551 } |
596 } |
552 if ( !file_exists(ENANO_ROOT . '/themes/' . $_POST['theme_id'] . '/css/' . $_POST['style_id'] . '.css') ) |
597 if ( !file_exists(ENANO_ROOT . '/themes/' . $_POST['theme_id'] . '/css/' . $_POST['style_id'] . '.css') ) |
553 { |
598 { |
554 die('Can\'t find theme file: ' . ENANO_ROOT . '/themes/' . $_POST['theme_id'] . '/css/' . $_POST['style_id'] . '.css'); |
599 die(enano_json_encode(array('mode' => 'error', 'error' => 'Can\'t find theme file: ' . ENANO_ROOT . '/themes/' . $_POST['theme_id'] . '/css/' . $_POST['style_id'] . '.css')));; |
555 } |
600 } |
556 if ( !$session->user_logged_in ) |
601 if ( !$session->user_logged_in ) |
557 { |
602 { |
558 die('You must be logged in to change your theme'); |
603 die(enano_json_encode(array('mode' => 'error', 'error' => 'You must be logged in to change your theme'))); |
559 } |
604 } |
560 // Just in case something slipped through... |
605 // Just in case something slipped through... |
561 $theme_id = $db->escape($_POST['theme_id']); |
606 $theme_id = $db->escape($_POST['theme_id']); |
562 $style_id = $db->escape($_POST['style_id']); |
607 $style_id = $db->escape($_POST['style_id']); |
563 $e = $db->sql_query('UPDATE ' . table_prefix . "users SET theme='$theme_id', style='$style_id' WHERE user_id=$session->user_id;"); |
608 $e = $db->sql_query('UPDATE ' . table_prefix . "users SET theme = '$theme_id', style = '$style_id' WHERE user_id = $session->user_id;"); |
564 if ( !$e ) |
609 if ( !$e ) |
565 die( $db->get_error() ); |
610 die( $db->get_error() ); |
566 die('GOOD'); |
611 |
|
612 echo enano_json_encode(array( |
|
613 'success' => true |
|
614 )); |
567 break; |
615 break; |
568 case 'get_tags': |
616 case 'get_tags': |
569 |
617 |
570 $ret = array('tags' => array(), 'user_level' => $session->user_level, 'can_add' => $session->get_permissions('tag_create')); |
618 $ret = array('tags' => array(), 'user_level' => $session->user_level, 'can_add' => $session->get_permissions('tag_create')); |
571 $q = $db->sql_query('SELECT t.tag_id, t.tag_name, pg.pg_target IS NOT NULL AS used_in_acl, t.user_id FROM '.table_prefix.'tags AS t |
619 $q = $db->sql_query('SELECT t.tag_id, t.tag_name, pg.pg_target IS NOT NULL AS used_in_acl, t.user_id FROM '.table_prefix.'tags AS t |