Roundcube Community Forum

 

User Selectable Skin

Started by enderblue, February 19, 2007, 10:55:30 PM

Previous topic - Next topic

enderblue

I have done some work on allowing individual users the ability to have their own skin. Are their easy ways to apply my patch to someone else's file? There are changes needed in three files: main.inc.php, func.inc, and save_prefs.inc. I will post the required changes if someone asks for it.

ghostks

It would be nice to see what you've done. I want to implement this feature too.

enderblue

Add the following lines to main.inc.php  (/config). I put them right before 'skin_path'
/*******************************/
// relative path to the base skin folder //
$rcmail_config['skin_base'] = 'skins/';
/*******************************/


Add the following lines to func.inc (/program/steps/settings). I put them after the reference to "prettydate"
/***********************************************************/
// show skin selection
 $field_id = 'rcmfd_skin_path';
 $select_skins = new select(array('name' => '_skin_path', 'id' => $field_id));
 $dir = $CONFIG['skin_base'];

 if (is_dir($dir))
 {
  chdir($dir);
  $dirarr = scandir(getcwd());
  //
  foreach($dirarr as $value)
  {
   if (($value != '.') && ($value != '..') && is_dir($value))
   {
    $select_skins->add($value, 'skins/' . $value . '/');
   }
  }
 }

 $out .= sprintf("%s\n",
         $field_id,
         rep_specialchars_output(rcube_label('skin_path')),
         $select_skins->show($CONFIG['skin_path']));
/***************************************************************/


Also add the following to your labels.inc (/program/localization/en_US for English)
/********************************/
$labels['skin_path'] = 'Skins';
/********************************/


Last but not least save_prefs.inc  (/program/steps/settings)
/*********************************************************/
$a_user_prefs['skin_path'] = isset($_POST['_skin_path']) ? ($_POST['_skin_path']) : $CONFIG['skin_path'];
$CONFIG['skin_path'] = $CONFIG['skin_path'] ? unslashify($CONFIG['skin_path']) : 'skins/default';
$skin_path = $CONFIG['skin_path'];
/********************************************************/




That should do the trick. Let me know if something doesn't work, I will try my best to help.

ghostks

I will check this code in roundcube later, but I can see, that you are using POST variables directly without filtering. This is very serious security hole, please add any kind of content filtration before using it.

enderblue

What you said went right over my head. I just emulated other lines of code. If that portion of code has security holes, then a lot of that file has security holes. Please let me know how I should have done it. I just kinda hacked that into my existing code and I am not an expert, so any suggestions would greatly appreciated. Thanks.

bitwise

First, Thanks for this plug-in! :)
I was having some problems with the code for func.inc :-[
And for some reason I couldn't get the is_dir working!
I am running:
Apache version    1.3.34 (Unix)    
MySQL version    4.0.27-standard    
PHP version    4.4.1

This is what I did get working.
I put the following code at around line 146

/***********************************************************/
// show skin selection
 $field_id = 'rcmfd_skin_path';
 $select_skins = new select(array('name' => '_skin_path', 'id' => $field_id));
 $dir = $CONFIG['skin_base'];

 if ($handle = opendir($dir)) {
while (false !== ($skin = readdir($handle))) {
// if (is_dir($skin)) {
if ($skin != "." && $skin != "..") {
   $select_skins->add($skin, 'skins/' . $skin . '/');
}
// }
  }//end while
closedir($handle);
 }

 $out .= sprintf(&quot;<tr><td class=\&quot;title\&quot;><label for=\&quot;%s\&quot;>%s</label></td><td>%s</td></tr>\n&quot;,
         $field_id,
         rep_specialchars_output(rcube_label('skin_path')),
         $select_skins->show($CONFIG['skin_path']));
/***************************************************************/