2 changed files with 11 additions and 55 deletions
--- a/app/helpers/theme.php
+++ b/app/helpers/theme.php
@ -23,7 +23,6 @@ class Theme
     */
    private static $config;

-
    /**
     * Get the theme configuration
     *
@ -36,13 +35,11 @@ class Theme
        return self::$config;
    }

-
    /**
     * @var string Current theme name
     */
    private static $currentTheme;

-
    /**
     * Initialize the theme system
     */
@ -55,7 +52,6 @@ class Theme
        self::$currentTheme = self::getCurrentThemeName();
    }

-
    /**
     * Get the current theme name
     *
@ -73,55 +69,20 @@ class Theme
            return self::$currentTheme;
        }

-        // Try to get from session first
-        $sessionTheme = Session::get('theme');
-        if ($sessionTheme && isset(self::$config['available_themes'][$sessionTheme])) {
-            self::$currentTheme = $sessionTheme;
-        } else {
-            // Fall back to default theme
-            self::$currentTheme = self::$config['active_theme'];
+        // Get from session if available
+        if (Session::isValidSession() && isset($_SESSION['user_theme'])) {
+            $theme = $_SESSION['user_theme'];
+            if (self::themeExists($theme)) {
+                self::$currentTheme = $theme;
+                return $theme;
+            }
        }

-        return self::$currentTheme;
+        // Default to 'default' theme which uses app/templates
+        self::$currentTheme = 'default';
+        return 'default';
    }

-
-    /**
-     * Get the URL for a theme asset
-     *
-     * @param string $themeId Theme ID
-     * @param string $assetPath Path to the asset relative to theme directory (e.g., 'css/style.css')
-     * @return string|null URL to the asset or null if not found
-     */
-    public static function getAssetUrl($themeId, $assetPath = '')
-    {
-        // Clean and validate the asset path
-        $assetPath = ltrim($assetPath, '/');
-        if (empty($assetPath)) {
-            return null;
-        }
-
-        // Only allow alphanumeric, hyphen, underscore, dot, and forward slash
-        if (!preg_match('/^[a-zA-Z0-9_\-\.\/]+$/', $assetPath)) {
-            return null;
-        }
-
-        // Prevent directory traversal
-        if (strpos($assetPath, '..') !== false) {
-            return null;
-        }
-
-        $fullPath = __DIR__ . "/../../themes/$themeId/$assetPath";
-        if (!file_exists($fullPath) || !is_readable($fullPath)) {
-            return null;
-        }
-
-        // Use the router to generate the URL
-        global $app_root;
-        return "$app_root/app/helpers/theme-asset.php?theme=" . urlencode($themeId) . "&path=" . urlencode($assetPath);
-    }
-
-
    /**
     * Set the current theme for the session
     *
@ -164,7 +125,6 @@ class Theme
        return true;
    }

-
    /**
     * Check if a theme exists
     *
@ -182,7 +142,6 @@ class Theme
        return is_dir($themePath) && file_exists("$themePath/config.php");
    }

-
    /**
     * Get the path to a theme
     *
@ -196,7 +155,6 @@ class Theme
        return rtrim($config['paths']['themes'], '/') . "/$themeName";
    }

-
    /**
     * Get the URL for a theme asset
     *
@ -227,7 +185,6 @@ class Theme
        return $baseUrl . $assetPath;
    }

-
    /**
     * Include a theme template file
     *
@ -269,7 +226,6 @@ class Theme
        error_log("Template not found: {$template} in theme: {$themeName}");
    }

-
    /**
     * Get all available themes
     *
--- a/app/pages/theme.php
+++ b/app/pages/theme.php
@ -53,7 +53,7 @@ $themeData = [];
 foreach ($themes as $id => $name) {
    $themeData[$id] = [
        'name' => $name,
-        'screenshotUrl' => \App\Helpers\Theme::getAssetUrl($id, 'screenshot.png'),
+        'screenshotUrl' => \App\Helpers\Theme::getScreenshotUrl($id),
        'isActive' => $id === $currentTheme
    ];
 }