diff --git a/lib/Froxlor/Ajax/Ajax.php b/lib/Froxlor/Ajax/Ajax.php index 1f7f49a3..6e54a9e1 100644 --- a/lib/Froxlor/Ajax/Ajax.php +++ b/lib/Froxlor/Ajax/Ajax.php @@ -162,7 +162,7 @@ class Ajax $content = preg_replace("/[\r\n]+/", " ", strip_tags($item->description)); $content = substr($content, 0, 150) . "..."; - $items .= UI::twig()->render($this->theme . '/user/newsfeeditem.html.twig', [ + $items .= UI::twig()->render(UI::validateThemeTemplate('/user/newsfeeditem.html.twig', $this->theme), [ 'link' => $link, 'title' => $title, 'date' => $date, @@ -201,7 +201,7 @@ class Ajax $result['last_update_check'] = $uc_data['ts']; $result['channel'] = Settings::Get('system.update_channel'); - $result_rendered = UI::twig()->render($this->theme . '/misc/version_top.html.twig', $result); + $result_rendered = UI::twig()->render(UI::validateThemeTemplate('/misc/version_top.html.twig', $this->theme), $result); return $this->jsonResponse($result_rendered); } catch (Exception $e) { // don't display anything if just not allowed due to permissions diff --git a/lib/Froxlor/Api/Api.php b/lib/Froxlor/Api/Api.php index 404ef735..7cde0c2c 100644 --- a/lib/Froxlor/Api/Api.php +++ b/lib/Froxlor/Api/Api.php @@ -117,6 +117,6 @@ class Api private function stripcslashesDeep($value) { - return is_array($value) ? array_map([$this, 'stripcslashesDeep'], $value) : stripcslashes($value); + return is_array($value) ? array_map([$this, 'stripcslashesDeep'], $value) : (!empty($value) ? stripcslashes($value) : null); } } diff --git a/lib/Froxlor/Config/ConfigDisplay.php b/lib/Froxlor/Config/ConfigDisplay.php index 558ad409..cfaceb46 100644 --- a/lib/Froxlor/Config/ConfigDisplay.php +++ b/lib/Froxlor/Config/ConfigDisplay.php @@ -148,7 +148,7 @@ class ConfigDisplay if ($lasttype != '' && $lasttype != $_action['type']) { $commands = trim($commands); $numbrows = count(explode("\n", $commands)); - $configpage .= UI::twig()->render(self::$theme . '/settings/conf/command.html.twig', [ + $configpage .= UI::twig()->render(UI::validateThemeTemplate('/settings/conf/command.html.twig', self::$theme), [ 'commands' => $commands, 'numbrows' => $numbrows ]); @@ -182,7 +182,7 @@ class ConfigDisplay $commands = trim($commands_pre); if ($commands != "") { $numbrows = count(explode("\n", $commands)); - $commands_pre = UI::twig()->render(self::$theme . '/settings/conf/command.html.twig', [ + $commands_pre = UI::twig()->render(UI::validateThemeTemplate('/settings/conf/command.html.twig', self::$theme), [ 'commands' => $commands, 'numbrows' => $numbrows ]); @@ -190,12 +190,12 @@ class ConfigDisplay $commands = trim($commands_post); if ($commands != "") { $numbrows = count(explode("\n", $commands)); - $commands_post = UI::twig()->render(self::$theme . '/settings/conf/command.html.twig', [ + $commands_post = UI::twig()->render(UI::validateThemeTemplate('/settings/conf/command.html.twig', self::$theme), [ 'commands' => $commands, 'numbrows' => $numbrows ]); } - $configpage .= UI::twig()->render(self::$theme . '/settings/conf/fileblock.html.twig', [ + $configpage .= UI::twig()->render(UI::validateThemeTemplate('/settings/conf/fileblock.html.twig', self::$theme), [ 'realname' => $realname, 'commands_pre' => $commands_pre, 'commands_file' => $commands_file, @@ -210,7 +210,7 @@ class ConfigDisplay $commands = trim($commands); if ($commands != '') { $numbrows = count(explode("\n", $commands)); - $configpage .= UI::twig()->render(self::$theme . '/settings/conf/command.html.twig', [ + $configpage .= UI::twig()->render(UI::validateThemeTemplate('/settings/conf/command.html.twig', self::$theme), [ 'commands' => $commands, 'numbrows' => $numbrows ]); @@ -233,7 +233,7 @@ class ConfigDisplay $file_content = htmlspecialchars($file_content); $numbrows = count(explode("\n", $file_content)); //eval("\$files=\"" . \Froxlor\UI\Template::getTemplate("configfiles/configfiles_file") . "\";"); - $files = UI::twig()->render(self::$theme . '/settings/conf/file.html.twig', [ + $files = UI::twig()->render(UI::validateThemeTemplate('/settings/conf/file.html.twig', self::$theme), [ 'distro_editor' => self::$editor, 'realname' => $realname, 'numbrows' => $numbrows, diff --git a/lib/Froxlor/UI/Callbacks/Text.php b/lib/Froxlor/UI/Callbacks/Text.php index a1439558..3edfb72e 100644 --- a/lib/Froxlor/UI/Callbacks/Text.php +++ b/lib/Froxlor/UI/Callbacks/Text.php @@ -92,7 +92,7 @@ class Text $result = $attributes['fields']; $apikey_data = include Froxlor::getInstallDir() . '/lib/formfields/formfield.api_key.php'; - $body = UI::twig()->render(UI::getTheme() . '/user/inline-form.html.twig', [ + $body = UI::twig()->render(UI::validateThemeTemplate('/user/inline-form.html.twig'), [ 'formaction' => $linker->getLink(['section' => 'index', 'page' => 'apikeys']), 'formdata' => $apikey_data['apikey'], 'editid' => $attributes['fields']['id'] diff --git a/lib/Froxlor/UI/Panel/UI.php b/lib/Froxlor/UI/Panel/UI.php index bf6ace51..10ee15e9 100644 --- a/lib/Froxlor/UI/Panel/UI.php +++ b/lib/Froxlor/UI/Panel/UI.php @@ -260,7 +260,18 @@ class UI */ public static function twigBuffer($name, array $context = []) { - $template_file = self::getTheme() . '/' . $name; + $template_file = self::validateThemeTemplate($name); + + self::$twigbuf[] = [ + $template_file => $context + ]; + } + + public static function validateThemeTemplate(string $name, string $theme = "") { + if (empty(trim($theme))) { + $theme = self::getTheme(); + } + $template_file = $theme . '/' . $name; if (!file_exists(Froxlor::getInstallDir() . '/templates/' . $template_file)) { PhpHelper::phpErrHandler(E_USER_WARNING, "Template '" . $template_file . "' could not be found, trying fallback theme", __FILE__, __LINE__); $template_file = self::$default_theme . '/'. $name; @@ -268,10 +279,7 @@ class UI PhpHelper::phpErrHandler(E_USER_ERROR, "Unknown template '" . $template_file . "'", __FILE__, __LINE__); } } - - self::$twigbuf[] = [ - $template_file => $context - ]; + return $template_file; } public static function getTheme()