diff --git a/application/controllers/admin/themes.php b/application/controllers/admin/themes.php
index 3864e765c2e..14d702b2978 100755
--- a/application/controllers/admin/themes.php
+++ b/application/controllers/admin/themes.php
@@ -635,17 +635,21 @@ public function delete()
$this->getController()->redirect(array("admin/themeoptions"));
}
- public function deleteBrokenTheme($templatename)
+ public function deleteBrokenTheme()
{
- // First we check that the theme is really broken
- $aBrokenThemes = Template::getBrokenThemes();
- $templatename = sanitize_dirname($templatename);
- if (array_key_exists($templatename, $aBrokenThemes)) {
- if (rmdirr(Yii::app()->getConfig('userthemerootdir')."/".$templatename)){
- Yii::app()->setFlashMessage(sprintf(gT("Theme '%s' was successfully deleted."), $templatename));
+ $templatename = trim( Yii::app()->request->getPost('templatename') );
+
+ if (Permission::model()->hasGlobalPermission('templates', 'delete')) {
+ // First we check that the theme is really broken
+ $aBrokenThemes = Template::getBrokenThemes();
+ $templatename = sanitize_dirname($templatename);
+ if (array_key_exists($templatename, $aBrokenThemes)) {
+ if (rmdirr(Yii::app()->getConfig('userthemerootdir')."/".$templatename)){
+ Yii::app()->setFlashMessage(sprintf(gT("Theme '%s' was successfully deleted."), $templatename));
+ }
+ }else{
+ Yii::app()->setFlashMessage(gT("Not a broken theme!"), 'error');
}
- }else{
- Yii::app()->setFlashMessage(gT("Not a broken theme!"), 'error');
}
$this->getController()->redirect(array("admin/themeoptions"));
diff --git a/application/views/admin/themeoptions/index.php b/application/views/admin/themeoptions/index.php
index 0816d0cd9fc..0998aca9e2c 100644
--- a/application/views/admin/themeoptions/index.php
+++ b/application/views/admin/themeoptions/index.php
@@ -61,6 +61,8 @@
| buttons; ?> |
+
+
@@ -106,9 +108,15 @@
hasGlobalPermission('templates','delete')):?>
- ", "_top")'>
-
-
+
+
+