Index: core/units/helpers/image_helper.php =================================================================== --- core/units/helpers/image_helper.php +++ core/units/helpers/image_helper.php @@ -61,8 +61,15 @@ } elseif (preg_match('/^fill:(.*)$/', $format_part, $regs)) { $res['fill'] = $regs[1]; - } elseif (preg_match('/^default:(.*)$/', $format_part, $regs)) { - $res['default'] = FULL_PATH.THEMES_PATH.'/'.$regs[1]; + } + elseif ( preg_match('/^default:(.*)$/', $format_part, $regs) ) { + $default_image = FULL_PATH . THEMES_PATH . '/' . $regs[1]; + + if ( strpos($default_image, '../') !== false ) { + $default_image = realpath($default_image); + } + + $res['default'] = $default_image; } } @@ -124,6 +131,13 @@ $src_path_escaped = preg_replace('/(\\\[\d]+)/', '\\\\\1', $src_path); // escape replacement patterns, like "\" $dst_image = preg_replace('/^'.preg_quote($src_path, '/').'(.*)\.(.*)$/', $src_path_escaped . DIRECTORY_SEPARATOR . 'resized\\1_' . crc32(serialize($params)) . '.\\2', $src_image); + // Keep resized version of theme-based images under "system" folder. + $theme_path = $this->Application->GetFrontThemePath(); + + if ( preg_match('/^' . preg_quote(FULL_PATH . $theme_path, '/') . '(.*)$/', $dst_image, $regs) ) { + $dst_image = WRITEABLE . $theme_path . $regs[1]; + } + $this->fileHelper->CheckFolder( dirname($dst_image) ); if (!file_exists($dst_image) || filemtime($src_image) > filemtime($dst_image)) {