From 55829faf85e74c293fae3a8f56a57becdff1ea4b Mon Sep 17 00:00:00 2001
From: Yasen Pramatarov <yasen@lindeas.com>
Date: Fri, 20 Jun 2025 13:55:08 +0300
Subject: [PATCH] Fixes theme helper to use the new theme assets helper

---
 app/helpers/theme.php | 64 ++++++++++++++++++++++++++++++++++++-------
 1 file changed, 54 insertions(+), 10 deletions(-)

diff --git a/app/helpers/theme.php b/app/helpers/theme.php
index 884b0c2..e5a7427 100644
--- a/app/helpers/theme.php
+++ b/app/helpers/theme.php
@@ -23,6 +23,7 @@ class Theme
      */
     private static $config;
 
+
     /**
      * Get the theme configuration
      *
@@ -35,11 +36,13 @@ class Theme
         return self::$config;
     }
 
+
     /**
      * @var string Current theme name
      */
     private static $currentTheme;
 
+
     /**
      * Initialize the theme system
      */
@@ -52,6 +55,7 @@ class Theme
         self::$currentTheme = self::getCurrentThemeName();
     }
 
+
     /**
      * Get the current theme name
      *
@@ -69,20 +73,55 @@ class Theme
             return self::$currentTheme;
         }
 
-        // Get from session if available
-        if (Session::isValidSession() && isset($_SESSION['user_theme'])) {
-            $theme = $_SESSION['user_theme'];
-            if (self::themeExists($theme)) {
-                self::$currentTheme = $theme;
-                return $theme;
-            }
+        // Try to get from session first
+        $sessionTheme = Session::get('theme');
+        if ($sessionTheme && isset(self::$config['available_themes'][$sessionTheme])) {
+            self::$currentTheme = $sessionTheme;
+        } else {
+            // Fall back to default theme
+            self::$currentTheme = self::$config['active_theme'];
         }
 
-        // Default to 'default' theme which uses app/templates
-        self::$currentTheme = 'default';
-        return 'default';
+        return self::$currentTheme;
     }
 
+
+    /**
+     * Get the URL for a theme asset
+     *
+     * @param string $themeId Theme ID
+     * @param string $assetPath Path to the asset relative to theme directory (e.g., 'css/style.css')
+     * @return string|null URL to the asset or null if not found
+     */
+    public static function getAssetUrl($themeId, $assetPath = '')
+    {
+        // Clean and validate the asset path
+        $assetPath = ltrim($assetPath, '/');
+        if (empty($assetPath)) {
+            return null;
+        }
+
+        // Only allow alphanumeric, hyphen, underscore, dot, and forward slash
+        if (!preg_match('/^[a-zA-Z0-9_\-\.\/]+$/', $assetPath)) {
+            return null;
+        }
+
+        // Prevent directory traversal
+        if (strpos($assetPath, '..') !== false) {
+            return null;
+        }
+
+        $fullPath = __DIR__ . "/../../themes/$themeId/$assetPath";
+        if (!file_exists($fullPath) || !is_readable($fullPath)) {
+            return null;
+        }
+
+        // Use the router to generate the URL
+        global $app_root;
+        return "$app_root/app/helpers/theme-asset.php?theme=" . urlencode($themeId) . "&path=" . urlencode($assetPath);
+    }
+
+
     /**
      * Set the current theme for the session
      *
@@ -125,6 +164,7 @@ class Theme
         return true;
     }
 
+
     /**
      * Check if a theme exists
      *
@@ -142,6 +182,7 @@ class Theme
         return is_dir($themePath) && file_exists("$themePath/config.php");
     }
 
+
     /**
      * Get the path to a theme
      *
@@ -155,6 +196,7 @@ class Theme
         return rtrim($config['paths']['themes'], '/') . "/$themeName";
     }
 
+
     /**
      * Get the URL for a theme asset
      *
@@ -185,6 +227,7 @@ class Theme
         return $baseUrl . $assetPath;
     }
 
+
     /**
      * Include a theme template file
      *
@@ -226,6 +269,7 @@ class Theme
         error_log("Template not found: {$template} in theme: {$themeName}");
     }
 
+
     /**
      * Get all available themes
      *