| 1 | <?php |
| 2 | /** |
| 3 | * WordPress Theme Install Administration API |
| 4 | * |
| 5 | * @package WordPress |
| 6 | * @subpackage Administration |
| 7 | */ |
| 8 | |
| 9 | $themes_allowedtags = array('a' => array('href' => array(), 'title' => array(), 'target' => array()), |
| 10 | 'abbr' => array('title' => array()), 'acronym' => array('title' => array()), |
| 11 | 'code' => array(), 'pre' => array(), 'em' => array(), 'strong' => array(), |
| 12 | 'div' => array(), 'p' => array(), 'ul' => array(), 'ol' => array(), 'li' => array(), |
| 13 | 'h1' => array(), 'h2' => array(), 'h3' => array(), 'h4' => array(), 'h5' => array(), 'h6' => array(), |
| 14 | 'img' => array('src' => array(), 'class' => array(), 'alt' => array()) |
| 15 | ); |
| 16 | |
| 17 | $theme_field_defaults = array( 'description' => true, 'sections' => false, 'tested' => true, 'requires' => true, |
| 18 | 'rating' => true, 'downloaded' => true, 'downloadlink' => true, 'last_updated' => true, 'homepage' => true, |
| 19 | 'tags' => true, 'num_ratings' => true |
| 20 | ); |
| 21 | |
| 22 | |
| 23 | /** |
| 24 | * Retrieve theme installer pages from WordPress Themes API. |
| 25 | * |
| 26 | * It is possible for a theme to override the Themes API result with three |
| 27 | * filters. Assume this is for themes, which can extend on the Theme Info to |
| 28 | * offer more choices. This is very powerful and must be used with care, when |
| 29 | * overridding the filters. |
| 30 | * |
| 31 | * The first filter, 'themes_api_args', is for the args and gives the action as |
| 32 | * the second parameter. The hook for 'themes_api_args' must ensure that an |
| 33 | * object is returned. |
| 34 | * |
| 35 | * The second filter, 'themes_api', is the result that would be returned. |
| 36 | * |
| 37 | * @since 2.8.0 |
| 38 | * |
| 39 | * @param string $action |
| 40 | * @param array|object $args Optional. Arguments to serialize for the Theme Info API. |
| 41 | * @return mixed |
| 42 | */ |
| 43 | function themes_api($action, $args = null) { |
| 44 | |
| 45 | if ( is_array($args) ) |
| 46 | $args = (object)$args; |
| 47 | |
| 48 | if ( !isset($args->per_page) ) |
| 49 | $args->per_page = 24; |
| 50 | |
| 51 | $args = apply_filters('themes_api_args', $args, $action); //NOTE: Ensure that an object is returned via this filter. |
| 52 | $res = apply_filters('themes_api', false, $action, $args); //NOTE: Allows a theme to completely override the builtin WordPress.org API. |
| 53 | |
| 54 | if ( ! $res ) { |
| 55 | $request = wp_remote_post('http://api.wordpress.org/themes/info/1.0/', array( 'body' => array('action' => $action, 'request' => serialize($args))) ); |
| 56 | if ( is_wp_error($request) ) { |
| 57 | $res = new WP_Error('themes_api_failed', __('An Unexpected HTTP Error occured during the API request.</p> <p><a href="?" onclick="document.location.reload(); return false;">Try again</a>'), $request->get_error_message() ); |
| 58 | } else { |
| 59 | $res = unserialize($request['body']); | //Possible Control Flow
|
| 60 | if ( ! $res ) |
| 61 | $res = new WP_Error('themes_api_failed', __('An unknown error occured'), $request['body']); |
| 62 | } |
| 63 | } |
| 64 | //var_dump(array($args, $res)); |
| 65 | return apply_filters('themes_api_result', $res, $action, $args); |
| 66 | } |
| 67 | |
| 68 | /** |
| 69 | * Retrieve list of WordPress theme features (aka theme tags) |
| 70 | * |
| 71 | * @since 2.8.0 |
| 72 | * |
| 73 | * @return array |
| 74 | */ |
| 75 | function install_themes_feature_list( ) { |
| 76 | if ( !$cache = get_transient( 'wporg_theme_feature_list' ) ) |
| 77 | set_transient( 'wporg_theme_feature_list', array( ), 10800); |
| 78 | |
| 79 | if ( $cache ) |
| 80 | return $cache; |
| 81 | |
| 82 | $feature_list = themes_api( 'feature_list', array( ) ); |
| 83 | if ( is_wp_error( $feature_list ) ) |
| 84 | return $features; |
| 85 | |
| 86 | set_transient( 'wporg_theme_feature_list', $feature_list, 10800 ); |
| 87 | |
| 88 | return $feature_list; |
| 89 | } |
| 90 | |
| 91 | add_action('install_themes_search', 'install_theme_search', 10, 1); |
| 92 | /** |
| 93 | * Display theme search results |
| 94 | * |
| 95 | * @since 2.8.0 |
| 96 | * |
| 97 | * @param string $page |
| 98 | */ |
| 99 | function install_theme_search($page) { |
| 100 | global $theme_field_defaults; |
| 101 | |
| 102 | $type = isset($_REQUEST['type']) ? stripslashes( $_REQUEST['type'] ) : ''; |
| 103 | $term = isset($_REQUEST['s']) ? stripslashes( $_REQUEST['s'] ) : ''; |
| 104 | |
| 105 | $args = array(); |
| 106 | |
| 107 | switch( $type ){ |
| 108 | case 'tag': |
| 109 | $terms = explode(',', $term); |
| 110 | $terms = array_map('trim', $terms); |
| 111 | $terms = array_map('sanitize_title_with_dashes', $terms); |
| 112 | $args['tag'] = $terms; |
| 113 | break; |
| 114 | case 'term': |
| 115 | $args['search'] = $term; |
| 116 | break; |
| 117 | case 'author': |
| 118 | $args['author'] = $term; |
| 119 | break; |
| 120 | } |
| 121 | |
| 122 | $args['page'] = $page; |
| 123 | $args['fields'] = $theme_field_defaults; |
| 124 | |
| 125 | if ( !empty( $_POST['features'] ) ) { |
| 126 | $terms = $_POST['features']; |
| 127 | $terms = array_map( 'trim', $terms ); |
| 128 | $terms = array_map( 'sanitize_title_with_dashes', $terms ); |
| 129 | $args['tag'] = $terms; |
| 130 | $_REQUEST['s'] = implode( ',', $terms ); |
| 131 | $_REQUEST['type'] = 'tag'; |
| 132 | } |
| 133 | |
| 134 | $api = themes_api('query_themes', $args); |
| 135 | |
| 136 | if ( is_wp_error($api) ) |
| 137 | wp_die($api); |
| 138 | |
| 139 | add_action('install_themes_table_header', 'install_theme_search_form'); |
| 140 | |
| 141 | display_themes($api->themes, $api->info['page'], $api->info['pages']); |
| 142 | } |
| 143 | |
| 144 | /** |
| 145 | * Display search form for searching themes. |
| 146 | * |
| 147 | * @since 2.8.0 |
| 148 | */ |
| 149 | function install_theme_search_form() { |
| 150 | $type = isset( $_REQUEST['type'] ) ? stripslashes( $_REQUEST['type'] ) : ''; |
| 151 | $term = isset( $_REQUEST['s'] ) ? stripslashes( $_REQUEST['s'] ) : ''; |
| 152 | ?> |
| 153 | <p class="install-help"><?php _e('Search for themes by keyword, author, or tag.') ?></p> |
| 154 | |
| 155 | <form id="search-themes" method="post" action="<?php echo admin_url( 'theme-install.php?tab=search' ); ?>"> |
| 156 | <select name="type" id="typeselector"> |
| 157 | <option value="term" <?php selected('term', $type) ?>><?php _e('Term'); ?></option> |
| 158 | <option value="author" <?php selected('author', $type) ?>><?php _e('Author'); ?></option> |
| 159 | <option value="tag" <?php selected('tag', $type) ?>><?php _ex('Tag', 'Theme Installer'); ?></option> |
| 160 | </select> |
| 161 | <input type="text" name="s" size="30" value="<?php echo esc_attr($term) ?>" /> |
| 162 | <input type="submit" name="search" value="<?php esc_attr_e('Search'); ?>" class="button" /> |
| 163 | </form> |
| 164 | <?php |
| 165 | } |
| 166 | |
| 167 | add_action('install_themes_dashboard', 'install_themes_dashboard'); |
| 168 | /** |
| 169 | * Display tags filter for themes. |
| 170 | * |
| 171 | * @since 2.8.0 |
| 172 | */ |
| 173 | function install_themes_dashboard() { |
| 174 | install_theme_search_form(); |
| 175 | ?> |
| 176 | <h4><?php _e('Feature Filter') ?></h4> |
| 177 | <form method="post" action="<?php echo admin_url( 'theme-install.php?tab=search' ); ?>"> |
| 178 | <p class="install-help"><?php _e('Find a theme based on specific features') ?></p> |
| 179 | <?php |
| 180 | $feature_list = install_themes_feature_list( ); |
| 181 | echo '<div class="feature-filter">'; |
| 182 | $trans = array ('Colors' => __('Colors'), 'black' => __('Black'), 'blue' => __('Blue'), 'brown' => __('Brown'), |
| 183 | 'green' => __('Green'), 'orange' => __('Orange'), 'pink' => __('Pink'), 'purple' => __('Purple'), 'red' => __('Red'), |
| 184 | 'silver' => __('Silver'), 'tan' => __('Tan'), 'white' => __('White'), 'yellow' => __('Yellow'), 'dark' => __('Dark'), |
| 185 | 'light' => __('Light'), 'Columns' => __('Columns'), 'one-column' => __('One Column'), 'two-columns' => __('Two Columns'), |
| 186 | 'three-columns' => __('Three Columns'), 'four-columns' => __('Four Columns'), 'left-sidebar' => __('Left Sidebar'), |
| 187 | 'right-sidebar' => __('Right Sidebar'), 'Width' => __('Width'), 'fixed-width' => __('Fixed Width'), 'flexible-width' => __('Flexible Width'), |
| 188 | 'Features' => __('Features'), 'custom-colors' => __('Custom Colors'), 'custom-header' => __('Custom Header'), 'theme-options' => __('Theme Options'), |
| 189 | 'threaded-comments' => __('Threaded Comments'), 'sticky-post' => __('Sticky Post'), 'microformats' => __('Microformats'), |
| 190 | 'Subject' => __('Subject'), 'holiday' => __('Holiday'), 'photoblogging' => __('Photoblogging'), 'seasonal' => __('Seasonal'), |
| 191 | ); |
| 192 | |
| 193 | foreach ( (array) $feature_list as $feature_name => $features ) { |
| 194 | if ( isset($trans[$feature_name]) ) |
| 195 | $feature_name = $trans[$feature_name]; |
| 196 | $feature_name = esc_html( $feature_name ); |
| 197 | echo '<div class="feature-name">' . $feature_name . '</div>'; |
| 198 | |
| 199 | echo '<ol style="float: left; width: 725px;" class="feature-group">'; |
| 200 | foreach ( $features as $feature ) { |
| 201 | $feature_name = $feature; |
| 202 | if ( isset($trans[$feature]) ) |
| 203 | $feature_name = $trans[$feature]; |
| 204 | $feature_name = esc_html( $feature_name ); |
| 205 | $feature = esc_attr($feature); |
| 206 | ?> |
| 207 | |
| 208 | <li> |
| 209 | <input type="checkbox" name="features[<?php echo $feature; ?>]" id="feature-id-<?php echo $feature; ?>" value="<?php echo $feature; ?>" /> | //Cross Site Scripting
|
| 210 | <label for="feature-id-<?php echo $feature; ?>"><?php echo $feature_name; ?></label> | //Cross Site Scripting
|
| 211 | </li> |
| 212 | |
| 213 | <?php } ?> |
| 214 | </ol> |
| 215 | <br class="clear" /> |
| 216 | <?php |
| 217 | } ?> |
| 218 | |
| 219 | </div> |
| 220 | <br class="clear" /> |
| 221 | <p><input type="submit" name="search" value="<?php esc_attr_e('Find Themes'); ?>" class="button" /></p> |
| 222 | </form> |
| 223 | <?php |
| 224 | } |
| 225 | |
| 226 | add_action('install_themes_featured', 'install_themes_featured', 10, 1); |
| 227 | /** |
| 228 | * Display featured themes. |
| 229 | * |
| 230 | * @since 2.8.0 |
| 231 | * |
| 232 | * @param string $page |
| 233 | */ |
| 234 | function install_themes_featured($page = 1) { |
| 235 | global $theme_field_defaults; |
| 236 | $args = array('browse' => 'featured', 'page' => $page, 'fields' => $theme_field_defaults); |
| 237 | $api = themes_api('query_themes', $args); |
| 238 | if ( is_wp_error($api) ) |
| 239 | wp_die($api); |
| 240 | display_themes($api->themes, $api->info['page'], $api->info['pages']); |
| 241 | } |
| 242 | |
| 243 | add_action('install_themes_new', 'install_themes_new', 10, 1); |
| 244 | /** |
| 245 | * Display new themes/ |
| 246 | * |
| 247 | * @since 2.8.0 |
| 248 | * |
| 249 | * @param string $page |
| 250 | */ |
| 251 | function install_themes_new($page = 1) { |
| 252 | global $theme_field_defaults; |
| 253 | $args = array('browse' => 'new', 'page' => $page, 'fields' => $theme_field_defaults); |
| 254 | $api = themes_api('query_themes', $args); |
| 255 | if ( is_wp_error($api) ) |
| 256 | wp_die($api); |
| 257 | display_themes($api->themes, $api->info['page'], $api->info['pages']); |
| 258 | } |
| 259 | |
| 260 | add_action('install_themes_updated', 'install_themes_updated', 10, 1); |
| 261 | /** |
| 262 | * Display recently updated themes. |
| 263 | * |
| 264 | * @since 2.8.0 |
| 265 | * |
| 266 | * @param string $page |
| 267 | */ |
| 268 | function install_themes_updated($page = 1) { |
| 269 | global $theme_field_defaults; |
| 270 | $args = array('browse' => 'updated', 'page' => $page, 'fields' => $theme_field_defaults); |
| 271 | $api = themes_api('query_themes', $args); |
| 272 | display_themes($api->themes, $api->info['page'], $api->info['pages']); |
| 273 | } |
| 274 | |
| 275 | add_action('install_themes_upload', 'install_themes_upload', 10, 1); |
| 276 | function install_themes_upload($page = 1) { |
| 277 | ?> |
| 278 | <h4><?php _e('Install a theme in .zip format') ?></h4> |
| 279 | <p class="install-help"><?php _e('If you have a theme in a .zip format, you may install it by uploading it here.') ?></p> |
| 280 | <form method="post" enctype="multipart/form-data" action="<?php echo admin_url('update.php?action=upload-theme') ?>"> |
| 281 | <?php wp_nonce_field( 'theme-upload') ?> |
| 282 | <input type="file" name="themezip" /> |
| 283 | <input type="submit" |
| 284 | class="button" value="<?php esc_attr_e('Install Now') ?>" /> |
| 285 | </form> |
| 286 | <?php |
| 287 | } |
| 288 | |
| 289 | function display_theme($theme, $actions = null, $show_details = true) { |
| 290 | global $themes_allowedtags; |
| 291 | |
| 292 | if ( empty($theme) ) |
| 293 | return; |
| 294 | |
| 295 | $name = wp_kses($theme->name, $themes_allowedtags); |
| 296 | $desc = wp_kses($theme->description, $themes_allowedtags); |
| 297 | //if ( strlen($desc) > 30 ) |
| 298 | // $desc = substr($desc, 0, 15) . '<span class="dots">...</span><span>' . substr($desc, -15) . '</span>'; |
| 299 | |
| 300 | $preview_link = $theme->preview_url . '?TB_iframe=true&width=600&height=400'; |
| 301 | if ( !is_array($actions) ) { |
| 302 | $actions = array(); |
| 303 | $actions[] = '<a href="' . admin_url('theme-install.php?tab=theme-information&theme=' . $theme->slug . |
| 304 | '&TB_iframe=true&tbWidth=500&tbHeight=385') . '" class="thickbox thickbox-preview onclick" title="' . esc_attr(sprintf(__('Install “%s”'), $name)) . '">' . __('Install') . '</a>'; |
| 305 | $actions[] = '<a href="' . $preview_link . '" class="thickbox thickbox-preview onclick previewlink" title="' . esc_attr(sprintf(__('Preview “%s”'), $name)) . '">' . __('Preview') . '</a>'; |
| 306 | $actions = apply_filters('theme_install_action_links', $actions, $theme); |
| 307 | } |
| 308 | |
| 309 | $actions = implode ( ' | ', $actions ); |
| 310 | ?> |
| 311 | <a class='thickbox thickbox-preview screenshot' |
| 312 | href='<?php echo esc_url($preview_link); ?>' |
| 313 | title='<?php echo esc_attr(sprintf(__('Preview “%s”'), $name)); ?>'> |
| 314 | <img src='<?php echo esc_url($theme->screenshot_url); ?>' width='150' /> |
| 315 | </a> |
| 316 | <h3><?php echo $name ?></h3> |
| 317 | <span class='action-links'><?php echo $actions ?></span> |
| 318 | <p><?php echo $desc ?></p> |
| 319 | <?php if ( $show_details ) { ?> |
| 320 | <a href="#theme_detail" class="theme-detail hide-if-no-js" tabindex='4'><?php _e('Details') ?></a> |
| 321 | <div class="themedetaildiv hide-if-js"> |
| 322 | <p><strong><?php _e('Version:') ?></strong> <?php echo wp_kses($theme->version, $themes_allowedtags) ?></p> |
| 323 | <p><strong><?php _e('Author:') ?></strong> <?php echo wp_kses($theme->author, $themes_allowedtags) ?></p> |
| 324 | <?php if ( ! empty($theme->last_updated) ) : ?> |
| 325 | <p><strong><?php _e('Last Updated:') ?></strong> <span title="<?php echo $theme->last_updated ?>"><?php printf( __('%s ago'), human_time_diff(strtotime($theme->last_updated)) ) ?></span></p> |
| 326 | <?php endif; if ( ! empty($theme->requires) ) : ?> |
| 327 | <p><strong><?php _e('Requires WordPress Version:') ?></strong> <?php printf(__('%s or higher'), $theme->requires) ?></p> |
| 328 | <?php endif; if ( ! empty($theme->tested) ) : ?> |
| 329 | <p><strong><?php _e('Compatible up to:') ?></strong> <?php echo $theme->tested ?></p> |
| 330 | <?php endif; if ( !empty($theme->downloaded) ) : ?> |
| 331 | <p><strong><?php _e('Downloaded:') ?></strong> <?php printf(_n('%s time', '%s times', $theme->downloaded), number_format_i18n($theme->downloaded)) ?></p> |
| 332 | <?php endif; ?> |
| 333 | <div class="star-holder" title="<?php printf(_n('(based on %s rating)', '(based on %s ratings)', $theme->num_ratings), number_format_i18n($theme->num_ratings)) ?>"> |
| 334 | <div class="star star-rating" style="width: <?php echo esc_attr($theme->rating) ?>px"></div> |
| 335 | <div class="star star5"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('5 stars') ?>" /></div> |
| 336 | <div class="star star4"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('4 stars') ?>" /></div> |
| 337 | <div class="star star3"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('3 stars') ?>" /></div> |
| 338 | <div class="star star2"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('2 stars') ?>" /></div> |
| 339 | <div class="star star1"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('1 star') ?>" /></div> |
| 340 | </div> |
| 341 | </div> |
| 342 | <?php } |
| 343 | /* |
| 344 | object(stdClass)[59] |
| 345 | public 'name' => string 'Magazine Basic' (length=14) |
| 346 | public 'slug' => string 'magazine-basic' (length=14) |
| 347 | public 'version' => string '1.1' (length=3) |
| 348 | public 'author' => string 'tinkerpriest' (length=12) |
| 349 | public 'preview_url' => string 'http://wp-themes.com/?magazine-basic' (length=36) |
| 350 | public 'screenshot_url' => string 'http://wp-themes.com/wp-content/themes/magazine-basic/screenshot.png' (length=68) |
| 351 | public 'rating' => float 80 |
| 352 | public 'num_ratings' => int 1 |
| 353 | public 'homepage' => string 'http://wordpress.org/extend/themes/magazine-basic' (length=49) |
| 354 | public 'description' => string 'A basic magazine style layout with a fully customizable layout through a backend interface. Designed by <a href="http://bavotasan.com">c.bavota</a> of <a href="http://tinkerpriestmedia.com">Tinker Priest Media</a>.' (length=214) |
| 355 | public 'download_link' => string 'http://wordpress.org/extend/themes/download/magazine-basic.1.1.zip' (length=66) |
| 356 | */ |
| 357 | } |
| 358 | |
| 359 | /** |
| 360 | * Display theme content based on theme list. |
| 361 | * |
| 362 | * @since 2.8.0 |
| 363 | * |
| 364 | * @param array $themes List of themes. |
| 365 | * @param string $page |
| 366 | * @param int $totalpages Number of pages. |
| 367 | */ |
| 368 | function display_themes($themes, $page = 1, $totalpages = 1) { |
| 369 | $type = isset($_REQUEST['type']) ? stripslashes( $_REQUEST['type'] ) : ''; |
| 370 | $term = isset($_REQUEST['s']) ? stripslashes( $_REQUEST['s'] ) : ''; |
| 371 | ?> |
| 372 | <div class="tablenav"> |
| 373 | <div class="alignleft actions"><?php do_action('install_themes_table_header'); ?></div> |
| 374 | <?php |
| 375 | $url = esc_url($_SERVER['REQUEST_URI']); |
| 376 | if ( ! empty($term) ) |
| 377 | $url = add_query_arg('s', $term, $url); |
| 378 | if ( ! empty($type) ) |
| 379 | $url = add_query_arg('type', $type, $url); |
| 380 | |
| 381 | $page_links = paginate_links( array( |
| 382 | 'base' => add_query_arg('paged', '%#%', $url), |
| 383 | 'format' => '', |
| 384 | 'prev_text' => __('«'), |
| 385 | 'next_text' => __('»'), |
| 386 | 'total' => $totalpages, |
| 387 | 'current' => $page |
| 388 | )); |
| 389 | |
| 390 | if ( $page_links ) |
| 391 | echo "\t\t<div class='tablenav-pages'>$page_links</div>"; |
| 392 | ?> |
| 393 | </div> |
| 394 | <br class="clear" /> |
| 395 | <?php |
| 396 | if ( empty($themes) ) { |
| 397 | _e('No themes found'); |
| 398 | return; |
| 399 | } |
| 400 | ?> |
| 401 | <table id="availablethemes" cellspacing="0" cellpadding="0"> |
| 402 | <?php |
| 403 | $rows = ceil(count($themes) / 3); |
| 404 | $table = array(); |
| 405 | $theme_keys = array_keys($themes); |
| 406 | for ( $row = 1; $row <= $rows; $row++ ) |
| 407 | for ( $col = 1; $col <= 3; $col++ ) |
| 408 | $table[$row][$col] = array_shift($theme_keys); |
| 409 | |
| 410 | foreach ( $table as $row => $cols ) { |
| 411 | ?> |
| 412 | <tr> |
| 413 | <?php |
| 414 | |
| 415 | foreach ( $cols as $col => $theme_index ) { |
| 416 | $class = array('available-theme'); |
| 417 | if ( $row == 1 ) $class[] = 'top'; |
| 418 | if ( $col == 1 ) $class[] = 'left'; |
| 419 | if ( $row == $rows ) $class[] = 'bottom'; |
| 420 | if ( $col == 3 ) $class[] = 'right'; |
| 421 | ?> |
| 422 | <td class="<?php echo join(' ', $class); ?>"><?php |
| 423 | if ( isset($themes[$theme_index]) ) |
| 424 | display_theme($themes[$theme_index]); |
| 425 | ?></td> |
| 426 | <?php } // end foreach $cols ?> |
| 427 | </tr> |
| 428 | <?php } // end foreach $table ?> |
| 429 | </table> |
| 430 | |
| 431 | <div class="tablenav"><?php if ( $page_links ) |
| 432 | echo "\t\t<div class='tablenav-pages'>$page_links</div>"; ?> <br |
| 433 | class="clear" /> |
| 434 | </div> |
| 435 | |
| 436 | <?php |
| 437 | } |
| 438 | |
| 439 | add_action('install_themes_pre_theme-information', 'install_theme_information'); |
| 440 | |
| 441 | /** |
| 442 | * Display theme information in dialog box form. |
| 443 | * |
| 444 | * @since 2.8.0 |
| 445 | */ |
| 446 | function install_theme_information() { |
| 447 | //TODO: This function needs a LOT of UI work :) |
| 448 | global $tab, $themes_allowedtags; |
| 449 | |
| 450 | $api = themes_api('theme_information', array('slug' => stripslashes( $_REQUEST['theme'] ) )); |
| 451 | |
| 452 | if ( is_wp_error($api) ) |
| 453 | wp_die($api); |
| 454 | |
| 455 | // Sanitize HTML |
| 456 | foreach ( (array)$api->sections as $section_name => $content ) |
| 457 | $api->sections[$section_name] = wp_kses($content, $themes_allowedtags); |
| 458 | |
| 459 | foreach ( array('version', 'author', 'requires', 'tested', 'homepage', 'downloaded', 'slug') as $key ) { |
| 460 | if ( isset($api->$key) ) |
| 461 | $api->$key = wp_kses($api->$key, $themes_allowedtags); |
| 462 | } |
| 463 | |
| 464 | iframe_header( __('Theme Install') ); |
| 465 | |
| 466 | if ( empty($api->download_link) ) { |
| 467 | echo '<div id="message" class="error"><p>' . __('<strong>Error:</strong> This theme is currently not available. Please try again later.') . '</p></div>'; |
| 468 | iframe_footer(); |
| 469 | exit; |
| 470 | } |
| 471 | |
| 472 | if ( !empty($api->tested) && version_compare($GLOBALS['wp_version'], $api->tested, '>') ) |
| 473 | echo '<div class="updated"><p>' . __('<strong>Warning:</strong> This theme has <strong>not been tested</strong> with your current version of WordPress.') . '</p></div>'; |
| 474 | else if ( !empty($api->requires) && version_compare($GLOBALS['wp_version'], $api->requires, '<') ) |
| 475 | echo '<div class="updated"><p>' . __('<strong>Warning:</strong> This theme has not been marked as <strong>compatible</strong> with your version of WordPress.') . '</p></div>'; |
| 476 | |
| 477 | // Default to a "new" theme |
| 478 | $type = 'install'; |
| 479 | // Check to see if this theme is known to be installed, and has an update awaiting it. |
| 480 | $update_themes = get_site_transient('update_themes'); |
| 481 | if ( is_object($update_themes) && isset($update_themes->response) ) { |
| 482 | foreach ( (array)$update_themes->response as $theme_slug => $theme_info ) { |
| 483 | if ( $theme_slug === $api->slug ) { |
| 484 | $type = 'update_available'; |
| 485 | $update_file = $theme_slug; | //Arbitrary file disclosing
|
| 486 | break; |
| 487 | } |
| 488 | } |
| 489 | } |
| 490 | |
| 491 | $themes = get_themes(); |
| 492 | foreach ( $themes as $this_theme ) { |
| 493 | if ( is_array($this_theme) && $this_theme['Stylesheet'] == $api->slug ) { |
| 494 | if ( $this_theme['Version'] == $api->version ) { |
| 495 | $type = 'latest_installed'; |
| 496 | } elseif ( $this_theme['Version'] > $api->version ) { |
| 497 | $type = 'newer_installed'; |
| 498 | $newer_version = $this_theme['Version']; |
| 499 | } |
| 500 | break; |
| 501 | } |
| 502 | } |
| 503 | ?> |
| 504 | |
| 505 | <div class='available-theme'> |
| 506 | <img src='<?php echo esc_url($api->screenshot_url) ?>' width='300' class="theme-preview-img" /> |
| 507 | <h3><?php echo $api->name; ?></h3> | //Cross Site Scripting
|
| 508 | <p><?php printf(__('by %s'), $api->author); ?></p> |
| 509 | <p><?php printf(__('Version: %s'), $api->version); ?></p> |
| 510 | |
| 511 | <?php |
| 512 | $buttons = '<a class="button" id="cancel" href="#" onclick="tb_close();return false;">' . __('Cancel') . '</a> '; |
| 513 | |
| 514 | switch ( $type ) { |
| 515 | default: |
| 516 | case 'install': |
| 517 | if ( current_user_can('install_themes') ) : |
| 518 | $buttons .= '<a class="button-primary" id="install" href="' . wp_nonce_url(admin_url('update.php?action=install-theme&theme=' . $api->slug), 'install-theme_' . $api->slug) . '" target="_parent">' . __('Install Now') . '</a>'; |
| 519 | endif; |
| 520 | break; |
| 521 | case 'update_available': |
| 522 | if ( current_user_can('update_themes') ) : |
| 523 | $buttons .= '<a class="button-primary" id="install" href="' . wp_nonce_url(admin_url('update.php?action=upgrade-theme&theme=' . $update_file), 'upgrade-theme_' . $update_file) . '" target="_parent">' . __('Install Update Now') . '</a>'; |
| 524 | endif; |
| 525 | break; |
| 526 | case 'newer_installed': |
| 527 | if ( current_user_can('install_themes') || current_user_can('update_themes') ) : |
| 528 | ?><p><?php printf(__('Newer version (%s) is installed.'), $newer_version); ?></p><?php |
| 529 | endif; |
| 530 | break; |
| 531 | case 'latest_installed': |
| 532 | if ( current_user_can('install_themes') || current_user_can('update_themes') ) : |
| 533 | ?><p><?php _e('This version is already installed.'); ?></p><?php |
| 534 | endif; |
| 535 | break; |
| 536 | } ?> |
| 537 | <br class="clear" /> |
| 538 | </div> |
| 539 | |
| 540 | <p class="action-button"> |
| 541 | <?php echo $buttons; ?> | //Cross Site Scripting
|
| 542 | <br class="clear" /> |
| 543 | </p> |
| 544 | |
| 545 | <?php |
| 546 | iframe_footer(); |
| 547 | exit; |
| 548 | } |
| 549 | |