Author Topic: User Selectable Skin  (Read 9948 times)

Offline enderblue

  • Newbie
  • *
  • Posts: 3
User Selectable Skin
« on: February 19, 2007, 10:55:30 PM »
I have done some work on allowing individual users the ability to have their own skin. Are their easy ways to apply my patch to someone else's file? There are changes needed in three files: main.inc.php, func.inc, and save_prefs.inc. I will post the required changes if someone asks for it.

Offline ghostks

  • Newbie
  • *
  • Posts: 8
Re: User Selectable Skin
« Reply #1 on: February 22, 2007, 01:40:14 PM »
It would be nice to see what you've done. I want to implement this feature too.

Offline enderblue

  • Newbie
  • *
  • Posts: 3
Re: User Selectable Skin
« Reply #2 on: February 22, 2007, 04:30:18 PM »
Add the following lines to main.inc.php  (/config). I put them right before 'skin_path'
/*******************************/
// relative path to the base skin folder //
$rcmail_config['skin_base'] = 'skins/';
/*******************************/


Add the following lines to func.inc (/program/steps/settings). I put them after the reference to "prettydate"
/***********************************************************/
// show skin selection
 $field_id = 'rcmfd_skin_path';
 $select_skins = new select(array('name' => '_skin_path', 'id' => $field_id));
 $dir = $CONFIG['skin_base'];

 if (is_dir($dir))
 {
  chdir($dir);
  $dirarr = scandir(getcwd());
  //
  foreach($dirarr as $value)
  {
   if (($value != '.') && ($value != '..') && is_dir($value))
   {
    $select_skins->add($value, 'skins/' . $value . '/');
   }
  }
 }

 $out .= sprintf("%s\n",
         $field_id,
         rep_specialchars_output(rcube_label('skin_path')),
         $select_skins->show($CONFIG['skin_path']));
/***************************************************************/


Also add the following to your labels.inc (/program/localization/en_US for English)
/********************************/
$labels['skin_path'] = 'Skins';
/********************************/


Last but not least save_prefs.inc  (/program/steps/settings)
/*********************************************************/
$a_user_prefs['skin_path'] = isset($_POST['_skin_path']) ? ($_POST['_skin_path']) : $CONFIG['skin_path'];
$CONFIG['skin_path'] = $CONFIG['skin_path'] ? unslashify($CONFIG['skin_path']) : 'skins/default';
$skin_path = $CONFIG['skin_path'];
/********************************************************/




That should do the trick. Let me know if something doesn't work, I will try my best to help.

Offline ghostks

  • Newbie
  • *
  • Posts: 8
Re: User Selectable Skin
« Reply #3 on: February 23, 2007, 04:37:11 AM »
I will check this code in roundcube later, but I can see, that you are using POST variables directly without filtering. This is very serious security hole, please add any kind of content filtration before using it.

Offline enderblue

  • Newbie
  • *
  • Posts: 3
Re: User Selectable Skin
« Reply #4 on: February 23, 2007, 07:41:56 AM »
What you said went right over my head. I just emulated other lines of code. If that portion of code has security holes, then a lot of that file has security holes. Please let me know how I should have done it. I just kinda hacked that into my existing code and I am not an expert, so any suggestions would greatly appreciated. Thanks.

Offline bitwise

  • Newbie
  • *
  • Posts: 3
Re: User Selectable Skin
« Reply #5 on: March 02, 2007, 04:22:53 PM »
First, Thanks for this plug-in! :)
I was having some problems with the code for func.inc :-[
And for some reason I couldn't get the is_dir working!
I am running:
Apache version    1.3.34 (Unix)    
MySQL version    4.0.27-standard    
PHP version    4.4.1

This is what I did get working.
I put the following code at around line 146

Code: [Select]
/***********************************************************/
// show skin selection
 $field_id = 'rcmfd_skin_path';
 $select_skins = new select(array('name' => '_skin_path', 'id' => $field_id));
 $dir = $CONFIG['skin_base'];

 if ($handle = opendir($dir)) {
while (false !== ($skin = readdir($handle))) {
// if (is_dir($skin)) {
if ($skin != "." && $skin != "..") {
   $select_skins->add($skin, 'skins/' . $skin . '/');
}
// }
  }//end while
closedir($handle);
 }

 $out .= sprintf(&quot;<tr><td class=\&quot;title\&quot;><label for=\&quot;%s\&quot;>%s</label></td><td>%s</td></tr>\n&quot;,
         $field_id,
         rep_specialchars_output(rcube_label('skin_path')),
         $select_skins->show($CONFIG['skin_path']));
/***************************************************************/