From f6cbe9a5a03056be4e8f20747ef5f933e2a55f12 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Tue, 9 Dec 2014 15:16:53 +0300
Subject: [PATCH] require version information in all additional themes

---
 classes/pref/prefs.php |  3 ++-
 include/functions2.php | 22 +++++++++++++++++++++-
 index.php              |  2 +-
 prefs.php              |  2 +-
 themes/night.css       |  1 +
 5 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php
index 571237239..da11f55e1 100644
--- a/classes/pref/prefs.php
+++ b/classes/pref/prefs.php
@@ -571,7 +571,8 @@ class Pref_Prefs extends Handler_Protected {
 
 			} else if ($pref_name == "USER_CSS_THEME") {
 
-				$themes = array_map("basename", glob("themes/*.css"));
+				$themes = array_filter(array_map("basename", glob("themes/*.css")),
+					"theme_valid");
 
 				print_select($pref_name, $value, $themes,
 					'dojoType="dijit.form.Select"');
diff --git a/include/functions2.php b/include/functions2.php
index 31ca98035..45c73b373 100644
--- a/include/functions2.php
+++ b/include/functions2.php
@@ -17,7 +17,10 @@
 		$params["default_view_order_by"] = get_pref("_DEFAULT_VIEW_ORDER_BY");
 		$params["bw_limit"] = (int) $_SESSION["bw_limit"];
 		$params["label_base_index"] = (int) LABEL_BASE_INDEX;
-		$params["theme"] = get_pref("USER_CSS_THEME", false, false);
+
+		$theme = get_pref( "USER_CSS_THEME", false, false);
+		$params["theme"] = theme_valid("$theme") ? $theme : "";
+
 		$params["plugins"] = implode(", ", PluginHost::getInstance()->get_plugin_names());
 
 		$params["php_platform"] = PHP_OS;
@@ -2422,4 +2425,21 @@
 		return LABEL_BASE_INDEX - 1 + abs($feed);
 	}
 
+	function theme_valid($file) {
+		if ($file == "default.css") return true; // needed for array_filter
+		$file = "themes/" . basename($file);
+
+		if (file_exists($file) && is_readable($file)) {
+			$fh = fopen($file, "r");
+
+			if ($fh) {
+				$header = fgets($fh);
+				fclose($fh);
+
+				return strpos($header, "supports-version:" . VERSION_STATIC) !== FALSE;
+			}
+		}
+
+		return false;
+	}
 ?>
diff --git a/index.php b/index.php
index 74498b8f4..4f2a9a860 100644
--- a/index.php
+++ b/index.php
@@ -65,7 +65,7 @@
 
 	<?php if ($_SESSION["uid"]) {
 		$theme = get_pref( "USER_CSS_THEME", $_SESSION["uid"], false);
-		if ($theme && file_exists("themes/$theme")) {
+		if ($theme && theme_valid("$theme")) {
 			echo stylesheet_tag("themes/$theme");
 		} else {
 			echo stylesheet_tag("themes/default.css");
diff --git a/prefs.php b/prefs.php
index cc6267798..191f452c4 100644
--- a/prefs.php
+++ b/prefs.php
@@ -41,7 +41,7 @@
 
 	<?php if ($_SESSION["uid"]) {
 		$theme = get_pref( "USER_CSS_THEME", $_SESSION["uid"], false);
-		if ($theme && file_exists("themes/$theme")) {
+		if ($theme && theme_valid("$theme")) {
 			echo stylesheet_tag("themes/$theme");
 		} else {
 			echo stylesheet_tag("themes/default.css");
diff --git a/themes/night.css b/themes/night.css
index 78b73f09a..5a236a911 100644
--- a/themes/night.css
+++ b/themes/night.css
@@ -1,3 +1,4 @@
+/* supports-version:1.15 */
 @import "default.css";
 
 body#ttrssMain #feeds-holder {
-- 
GitLab