Merge pull request #713 from ZoneMinder/validate_skin_and_css

Check to make sure that skin and css are valid.
This commit is contained in:
Andrew Bauer 2015-02-19 15:20:15 -06:00
commit aad70bc2c7
1 changed files with 14 additions and 2 deletions

View File

@ -63,20 +63,32 @@ if ( isset($_GET['skin']) )
$skin = $_GET['skin'];
elseif ( isset($_COOKIE['zmSkin']) )
$skin = $_COOKIE['zmSkin'];
elseif ( ZM_SKIN_DEFAULT )
elseif ( defined(ZM_SKIN_DEFAULT) )
$skin = ZM_SKIN_DEFAULT;
else
$skin = "classic";
$skins = array_map( 'basename', glob('skins/*',GLOB_ONLYDIR) );
if ( ! in_array( $skin, $skins ) ) {
Error( "Invalid skin '$skin'" );
$skin = 'classic';
}
if ( isset($_GET['css']) )
$css = $_GET['css'];
elseif ( isset($_COOKIE['zmCSS']) )
$css = $_COOKIE['zmCSS'];
elseif (ZM_CSS_DEFAULT)
elseif (defined(ZM_CSS_DEFAULT))
$css = ZM_CSS_DEFAULT;
else
$css = "classic";
$css_skins = array_map( 'basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR) );
if ( ! in_array( $css, $css_skins ) ) {
Error( "Invalid skin css '$css'" );
$css = 'classic';
}
define( "ZM_BASE_PATH", dirname( $_SERVER['REQUEST_URI'] ) );
define( "ZM_SKIN_PATH", "skins/$skin" );