Project

General

Profile

wb-archiv283 / branches / 2.8.x / wb / framework / class.wb.php @ 1138

1
<?php
2

    
3
// $Id: class.wb.php 1138 2009-08-25 10:18:21Z ruud $
4

    
5
/*
6

7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2009, Ryan Djurovich
9

10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14

15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19

20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23

24
*/
25

    
26
/*
27

28
wb class
29

30
This class is the basis for admin and frontend classes.
31

32
*/
33

    
34
// Include PHPLIB template class
35
require_once(WB_PATH."/include/phplib/template.inc");
36

    
37
require_once(WB_PATH.'/framework/class.database.php');
38

    
39
// Include new wbmailer class (subclass of PHPmailer)
40
require_once(WB_PATH."/framework/class.wbmailer.php");
41

    
42
class wb
43
{
44
        // General initialization function 
45
        // performed when frontend or backend is loaded.
46
        function wb() {
47
        }
48
        
49
        // Check whether a page is visible or not.
50
        // This will check page-visibility and user- and group-rights.
51
        /* page_is_visible() returns
52
                false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
53
                true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
54
        */
55
        function page_is_visible($page) {
56
                $show_it = false; // shall we show the page?
57
                $page_id = $page['page_id'];
58
                $visibility = $page['visibility'];
59
                $viewing_groups = $page['viewing_groups'];
60
                $viewing_users = $page['viewing_users'];
61
                // First check if visibility is 'none', 'deleted'
62
                if($visibility == 'none') {
63
                        return(false);
64
                } elseif($visibility == 'deleted') {
65
                        return(false);
66
                }
67
                // Now check if visibility is 'hidden', 'private' or 'registered'
68
                if($visibility == 'hidden') { // hidden: hide the menu-link, but show the page
69
                        $show_it = true;
70
                } elseif($visibility == 'private' || $visibility == 'registered') {
71
                        // Check if the user is logged in
72
                        if($this->is_authenticated() == true) {
73
                                // Now check if the user has perms to view the page
74
                                $in_group = false;
75
                                foreach($this->get_groups_id() as $cur_gid){
76
                                    if(in_array($cur_gid, explode(',', $viewing_groups))) {
77
                                        $in_group = true;
78
                                    }
79
                                }
80
                                if($in_group || in_array($this->get_user_id(), explode(',', $viewing_users))) {
81
                                        $show_it = true;
82
                                } else {
83
                                        $show_it = false;
84
                                }
85
                        } else {
86
                                $show_it = false;
87
                        }
88
                } elseif($visibility == 'public') {
89
                        $show_it = true;
90
                } else {
91
                        $show_it = false;
92
                }
93
                return($show_it);
94
        }
95
        // Check if there is at least one active section on this page
96
        function page_is_active($page) {
97
                global $database;
98
                $has_active_sections = false;
99
                $page_id = $page['page_id'];
100
                $now = time();
101
                $query_sections = $database->query("SELECT publ_start,publ_end FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id'");
102
                if($query_sections->numRows() != 0) {
103
                        while($section = $query_sections->fetchRow()) {
104
                                if($now<$section['publ_end'] && ($now>$section['publ_start'] || $section['publ_start']==0) || $now>$section['publ_start'] && $section['publ_end']==0) {
105
                                        $has_active_sections = true;
106
                                        break;
107
                                }
108
                        }
109
                }
110
                return($has_active_sections);
111
        }
112

    
113
        // Check whether we should show a page or not (for front-end)
114
        function show_page($page) {
115
                if($this->page_is_visible($page) && $this->page_is_active($page)) {
116
                        return true;
117
                } else {
118
                        return false;
119
                }
120
        }
121

    
122
        // Check if the user is already authenticated or not
123
        function is_authenticated() {
124
                if(isset($_SESSION['USER_ID']) AND $_SESSION['USER_ID'] != "" AND is_numeric($_SESSION['USER_ID'])) {
125
                        return true;
126
                } else {
127
                        return false;
128
                }
129
        }
130
        // Modified addslashes function which takes into account magic_quotes
131
        function add_slashes($input) {
132
                if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
133
                        return $input;
134
                }
135
                $output = addslashes($input);
136
                return $output;
137
        }
138

    
139
        // Ditto for stripslashes
140
        // Attn: this is _not_ the counterpart to $this->add_slashes() !
141
        // Use stripslashes() to undo a preliminarily done $this->add_slashes()
142
        // The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
143
        function strip_slashes($input) {
144
                if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
145
                        return $input;
146
                }
147
                $output = stripslashes($input);
148
                return $output;
149
        }
150

    
151
        // Escape backslashes for use with mySQL LIKE strings
152
        function escape_backslashes($input) {
153
                return str_replace("\\","\\\\",$input);
154
        }
155

    
156
        function page_link($link){
157
                // Check for :// in the link (used in URL's) as well as mailto:
158
                if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
159
                        return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
160
                } else {
161
                        return $link;
162
                }
163
        }
164
        
165
        // Get POST data
166
        function get_post($field) {
167
                if(isset($_POST[$field])) {
168
                        return $_POST[$field];
169
                } else {
170
                        return null;
171
                }
172
        }
173

    
174
        // Get POST data and escape it
175
        function get_post_escaped($field) {
176
                $result = $this->get_post($field);
177
                return (is_null($result)) ? null : $this->add_slashes($result);
178
        }
179
        
180
        // Get GET data
181
        function get_get($field) {
182
                if(isset($_GET[$field])) {
183
                        return $_GET[$field];
184
                } else {
185
                        return null;
186
                }
187
        }
188

    
189
        // Get SESSION data
190
        function get_session($field) {
191
                if(isset($_SESSION[$field])) {
192
                        return $_SESSION[$field];
193
                } else {
194
                        return null;
195
                }
196
        }
197

    
198
        // Get SERVER data
199
        function get_server($field) {
200
                if(isset($_SERVER[$field])) {
201
                        return $_SERVER[$field];
202
                } else {
203
                        return null;
204
                }
205
        }
206

    
207
        // Get the current users id
208
        function get_user_id() {
209
                return $_SESSION['USER_ID'];
210
        }
211

    
212
        // Get the current users group id
213
        function get_group_id() {
214
                return $_SESSION['GROUP_ID'];
215
        }
216

    
217
        // Get the current users group ids
218
        function get_groups_id() {
219
                return explode(",", $_SESSION['GROUPS_ID']);
220
        }
221

    
222
        // Get the current users group name
223
        function get_group_name() {
224
                return implode(",", $_SESSION['GROUP_NAME']);
225
        }
226

    
227
        // Get the current users group name
228
        function get_groups_name() {
229
                return $_SESSION['GROUP_NAME'];
230
        }
231

    
232
        // Get the current users username
233
        function get_username() {
234
                return $_SESSION['USERNAME'];
235
        }
236

    
237
        // Get the current users display name
238
        function get_display_name() {
239
                return ($_SESSION['DISPLAY_NAME']);
240
        }
241

    
242
        // Get the current users email address
243
        function get_email() {
244
                return $_SESSION['EMAIL'];
245
        }
246

    
247
        // Get the current users home folder
248
        function get_home_folder() {
249
                return $_SESSION['HOME_FOLDER'];
250
        }
251

    
252
        // Get the current users timezone
253
        function get_timezone() {
254
                if(!isset($_SESSION['USE_DEFAULT_TIMEZONE'])) {
255
                        return $_SESSION['TIMEZONE'];
256
                } else {
257
                        return '-72000';
258
                }
259
        }
260

    
261
        // Validate supplied email address
262
        function validate_email($email) {
263
                if(eregi("^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$", $email)) {
264
                        return true;
265
                } else {
266
                        return false;
267
                }
268
        }
269

    
270
        // Print a success message which then automatically redirects the user to another page
271
        function print_success($message, $redirect = 'index.php') {
272
                global $TEXT, $database;
273
                
274
                // fetch redirect timer for sucess messages from settings table
275
                $table = TABLE_PREFIX . 'settings';
276
                $results = @$database->get_one("SELECT `value` FROM `$table` WHERE `name` = 'redirect_timer'");
277
                $redirect_timer = ($results) ? $results : '1500';
278

    
279
                // add template variables
280
                $success_template = new Template(THEME_PATH.'/templates');
281
                $success_template->set_file('page', 'success.htt');
282
                $success_template->set_block('page', 'main_block', 'main');
283
                $success_template->set_var('MESSAGE', $message);
284
                $success_template->set_var('REDIRECT', $redirect);
285
                $success_template->set_var('REDIRECT_TIMER', $redirect_timer);
286
                $success_template->set_var('NEXT', $TEXT['NEXT']);
287
                $success_template->parse('main', 'main_block', false);
288
                $success_template->pparse('output', 'page');
289
        }
290
        
291
        // Print an error message
292
        function print_error($message, $link = 'index.php', $auto_footer = true) {
293
                global $TEXT;
294
                $success_template = new Template(THEME_PATH.'/templates');
295
                $success_template->set_file('page', 'error.htt');
296
                $success_template->set_block('page', 'main_block', 'main');
297
                $success_template->set_var('MESSAGE', $message);
298
                $success_template->set_var('LINK', $link);
299
                $success_template->set_var('BACK', $TEXT['BACK']);
300
                $success_template->parse('main', 'main_block', false);
301
                $success_template->pparse('output', 'page');
302
                if ( $auto_footer == true ) {
303
                        if ( method_exists($this, "print_footer") ) {
304
                                $this->print_footer();
305
                                exit();
306
                        }
307
                }
308
        }
309

    
310
        // Validate send email
311
        function mail($fromaddress, $toaddress, $subject, $message, $fromname='') {
312
                /* 
313
                        INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
314
                        SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
315
                        NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
316

317
                        NOTE:
318
                        To use SMTP for sending out mails, you have to specify the SMTP host of your domain
319
                        via the Settings panel in the backend of Website Baker
320
                */ 
321

    
322
                $fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
323
                $toaddress = preg_replace('/[\r\n]/', '', $toaddress);
324
                $subject = preg_replace('/[\r\n]/', '', $subject);
325
                $message_alt = $message;
326
                $message = preg_replace('/[\r\n]/', '<br \>', $message);
327
                
328
                // create PHPMailer object and define default settings
329
                $myMail = new wbmailer();
330

    
331
                // set user defined from address
332
                if ($fromaddress!='') {
333
                        if($fromname!='') $myMail->FromName = $fromname;         // FROM-NAME
334
                        $myMail->From = $fromaddress;                            // FROM:
335
                        $myMail->AddReplyTo($fromaddress);                       // REPLY TO:
336
                }
337
                
338
                // define recepient and information to send out
339
                $myMail->AddAddress($toaddress);                            // TO:
340
                $myMail->Subject = $subject;                                // SUBJECT
341
                $myMail->Body = $message;                                   // CONTENT (HTML)
342
                $myMail->AltBody = strip_tags($message_alt);                                // CONTENT (TEXT)
343
                
344
                // check if there are any send mail errors, otherwise say successful
345
                if (!$myMail->Send()) {
346
                        return false;
347
                } else {
348
                        return true;
349
                }
350
        }
351

    
352
}
353
?>