diff options
| author | Nathan Kinkade <nath@nkinka.de> | 2012-05-12 13:06:18 +0000 |
|---|---|---|
| committer | Nathan Kinkade <nath@nkinka.de> | 2012-05-12 13:06:18 +0000 |
| commit | f5098f54b8279f468d94747b1156e15ea05d6d25 (patch) | |
| tree | 2ecfb6663887ffbc72de8f231864b6c78bd62640 /modules/gallery/libraries/Theme_View.php | |
| parent | a13fd7f373f3718037a2ce90a3cb408f24856602 (diff) | |
| parent | d1390bd87db1a7e59bbd72f5991fbbc6374c98b4 (diff) | |
Merge branch 'master' of git://github.com/gallery/gallery3
Diffstat (limited to 'modules/gallery/libraries/Theme_View.php')
| -rw-r--r-- | modules/gallery/libraries/Theme_View.php | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/modules/gallery/libraries/Theme_View.php b/modules/gallery/libraries/Theme_View.php index 031da6de..78b74cde 100644 --- a/modules/gallery/libraries/Theme_View.php +++ b/modules/gallery/libraries/Theme_View.php @@ -33,7 +33,12 @@ class Theme_View_Core extends Gallery_View { $this->theme_name = module::get_var("gallery", "active_site_theme"); if (identity::active_user()->admin) { - $this->theme_name = Input::instance()->get("theme", $this->theme_name); + $theme_name = Input::instance()->get("theme"); + if ($theme_name && + file_exists(THEMEPATH . $theme_name) && + strpos(realpath(THEMEPATH . $theme_name), THEMEPATH) == 0) { + $this->theme_name = $theme_name; + } } $this->item = null; $this->tag = null; |