Roundcube Community Forum

Third Party Contributions => Old Style Plug-Ins => Topic started by: enderblue on February 19, 2007, 10:55:30 PM

Title: User Selectable Skin
Post by: enderblue on February 19, 2007, 10:55:30 PM
I have done some work on allowing individual users the ability to have their own skin. Are their easy ways to apply my patch to someone else's file? There are changes needed in three files: main.inc.php, func.inc, and save_prefs.inc. I will post the required changes if someone asks for it.
Title: Re: User Selectable Skin
Post by: ghostks on February 22, 2007, 01:40:14 PM
It would be nice to see what you've done. I want to implement this feature too.
Title: Re: User Selectable Skin
Post by: enderblue on February 22, 2007, 04:30:18 PM
Add the following lines to main.inc.php  (/config). I put them right before 'skin_path'
/*******************************/
// relative path to the base skin folder //
$rcmail_config['skin_base'] = 'skins/';
/*******************************/


Add the following lines to func.inc (/program/steps/settings). I put them after the reference to "prettydate"
/***********************************************************/
// show skin selection
 $field_id = 'rcmfd_skin_path';
 $select_skins = new select(array('name' => '_skin_path', 'id' => $field_id));
 $dir = $CONFIG['skin_base'];

 if (is_dir($dir))
 {
  chdir($dir);
  $dirarr = scandir(getcwd());
  //
  foreach($dirarr as $value)
  {
   if (($value != '.') && ($value != '..') && is_dir($value))
   {
    $select_skins->add($value, 'skins/' . $value . '/');
   }
  }
 }

 $out .= sprintf("%s\n",
         $field_id,
         rep_specialchars_output(rcube_label('skin_path')),
         $select_skins->show($CONFIG['skin_path']));
/***************************************************************/


Also add the following to your labels.inc (/program/localization/en_US for English)
/********************************/
$labels['skin_path'] = 'Skins';
/********************************/


Last but not least save_prefs.inc  (/program/steps/settings)
/*********************************************************/
$a_user_prefs['skin_path'] = isset($_POST['_skin_path']) ? ($_POST['_skin_path']) : $CONFIG['skin_path'];
$CONFIG['skin_path'] = $CONFIG['skin_path'] ? unslashify($CONFIG['skin_path']) : 'skins/default';
$skin_path = $CONFIG['skin_path'];
/********************************************************/




That should do the trick. Let me know if something doesn't work, I will try my best to help.
Title: Re: User Selectable Skin
Post by: ghostks on February 23, 2007, 04:37:11 AM
I will check this code in roundcube later, but I can see, that you are using POST variables directly without filtering. This is very serious security hole, please add any kind of content filtration before using it.
Title: Re: User Selectable Skin
Post by: enderblue on February 23, 2007, 07:41:56 AM
What you said went right over my head. I just emulated other lines of code. If that portion of code has security holes, then a lot of that file has security holes. Please let me know how I should have done it. I just kinda hacked that into my existing code and I am not an expert, so any suggestions would greatly appreciated. Thanks.
Title: Re: User Selectable Skin
Post by: bitwise on March 02, 2007, 04:22:53 PM
First, Thanks for this plug-in! :)
I was having some problems with the code for func.inc :-[
And for some reason I couldn't get the is_dir working!
I am running:
Apache version    1.3.34 (Unix)    
MySQL version    4.0.27-standard    
PHP version    4.4.1

This is what I did get working.
I put the following code at around line 146

Code: [Select]
/***********************************************************/
// show skin selection
 $field_id = 'rcmfd_skin_path';
 $select_skins = new select(array('name' => '_skin_path', 'id' => $field_id));
 $dir = $CONFIG['skin_base'];

 if ($handle = opendir($dir)) {
while (false !== ($skin = readdir($handle))) {
// if (is_dir($skin)) {
if ($skin != "." && $skin != "..") {
   $select_skins->add($skin, 'skins/' . $skin . '/');
}
// }
  }//end while
closedir($handle);
 }

 $out .= sprintf(&quot;<tr><td class=\&quot;title\&quot;><label for=\&quot;%s\&quot;>%s</label></td><td>%s</td></tr>\n&quot;,
         $field_id,
         rep_specialchars_output(rcube_label('skin_path')),
         $select_skins->show($CONFIG['skin_path']));
/***************************************************************/