Invalid theme.xml works

[mikelietz]

Checking the theme for (-extras) Hemingway in the Pluggable Validator ( http://schemas.habariproject.org/pluggable_validator.php) - try it yourself with this URL:  https://trac.habariproject.org/habari-extras/export/2972/themes/hemingway/trunk/theme.xml - I see it is not valid.

Even though it has <theme> instead of <pluggable type="theme">, this theme can be selected and used.

Only valid pluggable themes should be able to load.

[ddebernardy]

see also #1136

[miklb]

Patch tested, and does prevent legacy themes from displaying, however, I think it should display a similar error in the available themes list as the inactive plugins does " [file] is a legacy plugin, and does not include an XML info file." or a similar message. Average user might upload theme, not see it, and not understand why the theme is available. Likewise, users on older versions upgrading might not understand why their theme isn't available any longer.

What is the side effect of a user upgrading with an active theme that doesn't have the proper XML file? What theme would it fail to?

[ddebernardy]

Replying to miklb:

What is the side effect of a user upgrading with an active theme that doesn't have the proper XML file? What theme would it fail to?

it's funny you raise that... I was itching to open some kind of "support child themes" ticket earlier today that led me to the exact same question (what happens when the parent theme gets deleted).

Personally, I think there should be a system-wide default theme. It could be K2, for instance, unless the site owner explicitly sets something different in the config.php file.

Re the message, agreed but I wasn't certain where to add it. :-P

[ddebernardy]

slightly related: #1183

[miklb]

There's been discussion of having a fallback theme to default to. I propose a very simple System theme - Auxiliary, that simply displays the blog title, an error message, and if logged in as a user, a message to check the previously active theme.

Attached is a screenshot of the proposed theme. It's a straight rip of our admin in essence.

Also users would have the option of copying it to their user/themes directory and that would take precedent over the system one. I assume that's already built in to Habari. I haven't committed this yet as I'd like a little feedback. As it stands, the message would be translatable.

[miklb]

screenshot of proposed Auxiliary theme

[miklb]

I suppose we should also include a 404 template with a simple message that there's a temporary problem and to check back soon as well.

Also, I'm not familiar with HTTP headers, but is there something we should include for such a scenario?

[mikelietz]

The only header code I can think might work would be 503  http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.5.3.

A fallback/failsafe theme sounds good to me, and it must be translatable as you mention. Does it work with a dead database?

[miklb]

The 503 sounds right.

I must admit, the logic in how a theme fails, and whether the theme could be set to load if the DB fails is above my pay grade. I'm hoping someone else could provide that. I've managed to figure out how to show on the theme page if a theme has failed due to bad XML, but there are still errors as I something is loading in the header that creates several errors if the patch is applied with a theme that has invalid XML file.

Outwardly facing, nothing bad happens, so all of this might be moot. An active theme with a bad XML file wouldn't deactivate the theme, which was what I would assume would happen. To a different point about if a theme were to be deleted, as I understand it, the next available active theme would become active. But that is out of the purview of this ticket.

[lildude]

As of r4303, legacy themes can not be activated from the themes page. Some useful information is provided to the user to clearly identify the theme and advise the user it's an unsupported legacy theme.

Still need to implement code to handle the upgrade procedure.