Index: core/units/helpers/themes_helper.php
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
--- core/units/helpers/themes_helper.php (revision 15716)
+++ core/units/helpers/themes_helper.php (revision )
@@ -433,6 +433,7 @@
+
##-->*/
$comment_end = strpos($template_data, '##-->');
@@ -441,21 +442,36 @@
return Array ();
}
- $comment = trim( substr($template_data, 6, $comment_end - 6) );
- if (preg_match_all('/<(NAME|DESC|SECTION)>(.*?)<\/(NAME|DESC|SECTION)>/is', $comment, $regs)) {
- $ret = Array ();
+ $ret = Array ();
- foreach ($regs[1] as $param_order => $param_name) {
- $ret[ strtolower($param_name) ] = trim($regs[2][$param_order]);
+ $comment = trim( substr($template_data, 6, $comment_end - 6) );
+ $allowed_settings = Array ('name', 'desc', 'section', 'section_aware');
+
+ $meta_info = simplexml_load_string('' . $comment . '');
+ /* @var $meta_info SimpleXMLElement[] */
+
+ if ( $meta_info === false ) {
+ // Malformed XML. SimpleXML will print an error itself.
+ return Array ();
- }
+ }
+ foreach ($meta_info as $setting) {
+ $setting_name = strtolower($setting->getName());
+
+ if ( !in_array($setting_name, $allowed_settings) ) {
+ trigger_error('Setting "' . $setting_name . '" not supported in "' . $template_file . '" template', E_USER_WARNING);
+ continue;
+ }
+
+ $ret[$setting_name] = trim($setting);
+ }
+
- if (array_key_exists('section', $ret) && $ret['section']) {
+ if ( array_key_exists('section', $ret) && $ret['section'] ) {
- $category_path = explode('||', $ret['section']);
- $category_path = array_map('trim', $category_path);
- $ret['section'] = implode('||', $category_path);
- }
+ $category_path = explode('||', $ret['section']);
+ $category_path = array_map('trim', $category_path);
+ $ret['section'] = implode('||', $category_path);
+ }
- return $ret;
+ return $ret;
- }
}
return Array ();
\ No newline at end of file
Index: core/kernel/managers/rewrite_url_processor.php
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
--- core/kernel/managers/rewrite_url_processor.php (revision 15716)
+++ core/kernel/managers/rewrite_url_processor.php (revision )
@@ -692,7 +692,7 @@
}
} while ( !$template_found && $url_parts );
- if ( $template_found ) {
+ if ( $template_found && $this->_isTemplateAllowed($template_found, $vars['m_cat_id']) ) {
$template_parts = explode('/', $template_path);
$vars['t'] = $template_path . ($index_added ? '/index' : '');
@@ -705,6 +705,76 @@
// $vars['m_cat_id'] = $themes_helper->getPageByTemplate($template_path, $vars['m_theme']);
return true;
+ }
+
+ return false;
+ }
+
+ /**
+ * Determines if found template can be used in combination with found category
+ *
+ * @param int $file_id
+ * @param int $category_id
+ * @return bool
+ * @access protected
+ */
+ protected function _isTemplateAllowed($file_id, $category_id)
+ {
+ if ( $this->_isSectionAwareTemplate($file_id) ) {
+ // template accepts any category from url
+ return true;
+ }
+
+ $allowed_categories = Array (0, $this->Application->getBaseCategory());
+
+ $sql = 'SELECT t.ThemeId, CONCAT(tf.FilePath, "/", tf.FileName) AS Path
+ FROM ' . TABLE_PREFIX . 'Themes t
+ JOIN ' . TABLE_PREFIX . 'ThemeFiles tf ON tf.ThemeId = t.ThemeId
+ WHERE tf.FileId = ' . $file_id;
+ $template_info = $this->Conn->GetRow($sql);
+
+ if ( $template_info ) {
+ // this template isn't added to ".smsignore"
+ $template = preg_replace('/^[\\/]{0,1}(.*)\.tpl$/', "$1", $template_info['Path']);
+
+ $where_clause = Array (
+ 'Template = ' . $this->Conn->qstr($template),
+ 'ThemeId = ' . $template_info['ThemeId'],
+ '`Type` = ' . PAGE_TYPE_TEMPLATE,
+ );
+
+ $sql = 'SELECT CategoryId
+ FROM ' . TABLE_PREFIX . 'Categories
+ WHERE (' . implode(') AND (', $where_clause) . ')';
+ $template_category_id = $this->Conn->GetOne($sql);
+
+ if ( $template_category_id ) {
+ // category found for this template
+ $allowed_categories[] = $template_category_id;
+ }
+ }
+
+ return in_array($category_id, $allowed_categories);
+ }
+
+ /**
+ * Determines, that template by given $file_id is in fact section agnostic template
+ *
+ * @param int $file_id
+ * @return bool
+ * @access protected
+ */
+ protected function _isSectionAwareTemplate($file_id)
+ {
+ $sql = 'SELECT FileMetaInfo
+ FROM ' . TABLE_PREFIX . 'ThemeFiles
+ WHERE FileId = ' . $file_id;
+ $meta_info = $this->Conn->GetOne($sql);
+
+ if ( $meta_info ) {
+ $meta_info = unserialize($meta_info);
+
+ return isset($meta_info['section_aware']);
}
return false;
\ No newline at end of file