diff options
Diffstat (limited to 'include/plugin.php')
| -rwxr-xr-x | include/plugin.php | 37 |
1 files changed, 25 insertions, 12 deletions
diff --git a/include/plugin.php b/include/plugin.php index 3a64f67cc..db20152ea 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -356,6 +356,7 @@ function get_plugin_info($plugin){ return $info; $f = file_get_contents("addon/$plugin/$plugin.php"); + $f = escape_tags($f); $r = preg_match("|/\*.*\*/|msU", $f, $m); if ($r){ @@ -471,6 +472,8 @@ function get_theme_info($theme){ 'description' => '', 'author' => array(), 'version' => '', + 'minversion' => '', + 'maxversion' => '', 'compat' => '', 'credits' => '', 'maintainer' => array(), @@ -598,16 +601,23 @@ function head_get_links() { function format_css_if_exists($source) { - $path_prefix = script_path() . '/'; - if (strpos($source[0], '/') !== false) { - // The source is a URL - $path = $source[0]; + // script_path() returns https://yoursite.tld + + $path_prefix = script_path(); + + $script = $source[0]; + + if(strpos($script, '/') !== false) { + // The script is a path relative to the server root + $path = $script; // If the url starts with // then it's an absolute URL - if($source[0][0] === '/' && $source[0][1] === '/') $path_prefix = ''; + if(substr($script,0,2) === '//') { + $path_prefix = ''; + } } else { // It's a file from the theme - $path = theme_include($source[0]); + $path = '/' . theme_include($script); } if($path) { @@ -677,7 +687,7 @@ function head_get_js() { foreach(App::$js_sources as $sources) { if(count($sources)) { foreach($sources as $source) { - if($src === 'main.js') + if($source === 'main.js') continue; $str .= format_js_if_exists($source); } @@ -697,16 +707,19 @@ function head_get_main_js() { } function format_js_if_exists($source) { - $path_prefix = script_path() . '/'; + $path_prefix = script_path(); if(strpos($source,'/') !== false) { - // The source is a URL + // The source is a known path on the system $path = $source; // If the url starts with // then it's an absolute URL - if($source[0] === '/' && $source[1] === '/') $path_prefix = ''; - } else { + if(substr($source,0,2) === '//') { + $path_prefix = ''; + } + } + else { // It's a file from the theme - $path = theme_include($source); + $path = '/' . theme_include($source); } if($path) { $qstring = ((parse_url($path, PHP_URL_QUERY)) ? '&' : '?') . 'v=' . STD_VERSION; |