Project

General

Profile

1
<?php
2

    
3
// $Id: class.wb.php 1101 2009-07-29 12:17:45Z aldus $
4

    
5
/*
6

    
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2009, Ryan Djurovich
9

    
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14

    
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19

    
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23

    
24
*/
25

    
26
/*
27

    
28
wb class
29

    
30
This class is the basis for admin and frontend classes.
31

    
32
*/
33

    
34
// Include PHPLIB template class
35
require_once(WB_PATH."/include/phplib/template.inc");
36

    
37
require_once(WB_PATH.'/framework/class.database.php');
38

    
39
// Include new wbmailer class (subclass of PHPmailer)
40
require_once(WB_PATH."/framework/class.wbmailer.php");
41

    
42
class wb
43
{
44
	// General initialization function 
45
	// performed when frontend or backend is loaded.
46
	function wb() {
47
	}
48
	
49
	// Check whether a page is visible or not.
50
	// This will check page-visibility and user- and group-rights.
51
	/* page_is_visible() returns
52
		false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
53
		true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
54
	*/
55
	function page_is_visible($page) {
56
		$show_it = false; // shall we show the page?
57
		$page_id = $page['page_id'];
58
		$visibility = $page['visibility'];
59
		$viewing_groups = $page['viewing_groups'];
60
		$viewing_users = $page['viewing_users'];
61
		// First check if visibility is 'none', 'deleted'
62
		if($visibility == 'none') {
63
			return(false);
64
		} elseif($visibility == 'deleted') {
65
			return(false);
66
		}
67
		// Now check if visibility is 'hidden', 'private' or 'registered'
68
		if($visibility == 'hidden') { // hidden: hide the menu-link, but show the page
69
			$show_it = true;
70
		} elseif($visibility == 'private' || $visibility == 'registered') {
71
			// Check if the user is logged in
72
			if($this->is_authenticated() == true) {
73
				// Now check if the user has perms to view the page
74
				$in_group = false;
75
				foreach($this->get_groups_id() as $cur_gid){
76
				    if(in_array($cur_gid, explode(',', $viewing_groups))) {
77
				        $in_group = true;
78
				    }
79
				}
80
				if($in_group || in_array($this->get_user_id(), explode(',', $viewing_users))) {
81
					$show_it = true;
82
				} else {
83
					$show_it = false;
84
				}
85
			} else {
86
				$show_it = false;
87
			}
88
		} elseif($visibility == 'public') {
89
			$show_it = true;
90
		} else {
91
			$show_it = false;
92
		}
93
		return($show_it);
94
	}
95
	// Check if there is at least one active section on this page
96
	function page_is_active($page) {
97
		global $database;
98
		$has_active_sections = false;
99
		$page_id = $page['page_id'];
100
		$now = time();
101
		$query_sections = $database->query("SELECT publ_start,publ_end FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id'");
102
		if($query_sections->numRows() != 0) {
103
			while($section = $query_sections->fetchRow()) {
104
				if($now<$section['publ_end'] && ($now>$section['publ_start'] || $section['publ_start']==0) || $now>$section['publ_start'] && $section['publ_end']==0) {
105
					$has_active_sections = true;
106
					break;
107
				}
108
			}
109
		}
110
		return($has_active_sections);
111
	}
112

    
113
	// Check whether we should show a page or not (for front-end)
114
	function show_page($page) {
115
		if($this->page_is_visible($page) && $this->page_is_active($page)) {
116
			return true;
117
		} else {
118
			return false;
119
		}
120
	}
121

    
122
	// Check if the user is already authenticated or not
123
	function is_authenticated() {
124
		if(isset($_SESSION['USER_ID']) AND $_SESSION['USER_ID'] != "" AND is_numeric($_SESSION['USER_ID'])) {
125
			return true;
126
		} else {
127
			return false;
128
		}
129
	}
130
	// Modified addslashes function which takes into account magic_quotes
131
	function add_slashes($input) {
132
		if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
133
			return $input;
134
		}
135
		$output = addslashes($input);
136
		return $output;
137
	}
138

    
139
	// Ditto for stripslashes
140
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
141
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
142
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
143
	function strip_slashes($input) {
144
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
145
			return $input;
146
		}
147
		$output = stripslashes($input);
148
		return $output;
149
	}
150

    
151
	// Escape backslashes for use with mySQL LIKE strings
152
	function escape_backslashes($input) {
153
		return str_replace("\\","\\\\",$input);
154
	}
155

    
156
	function page_link($link){
157
		// Check for :// in the link (used in URL's) as well as mailto:
158
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
159
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
160
		} else {
161
			return $link;
162
		}
163
	}
164
	
165
	// Get POST data
166
	function get_post($field) {
167
		if(isset($_POST[$field])) {
168
			return $_POST[$field];
169
		} else {
170
			return null;
171
		}
172
	}
173

    
174
	// Get POST data and escape it
175
	function get_post_escaped($field) {
176
		$result = $this->get_post($field);
177
		return (is_null($result)) ? null : $this->add_slashes($result);
178
	}
179
	
180
	// Get GET data
181
	function get_get($field) {
182
		if(isset($_GET[$field])) {
183
			return $_GET[$field];
184
		} else {
185
			return null;
186
		}
187
	}
188

    
189
	// Get SESSION data
190
	function get_session($field) {
191
		if(isset($_SESSION[$field])) {
192
			return $_SESSION[$field];
193
		} else {
194
			return null;
195
		}
196
	}
197

    
198
	// Get SERVER data
199
	function get_server($field) {
200
		if(isset($_SERVER[$field])) {
201
			return $_SERVER[$field];
202
		} else {
203
			return null;
204
		}
205
	}
206

    
207
	// Get the current users id
208
	function get_user_id() {
209
		return $_SESSION['USER_ID'];
210
	}
211

    
212
	// Get the current users group id
213
	function get_group_id() {
214
		return $_SESSION['GROUP_ID'];
215
	}
216

    
217
	// Get the current users group ids
218
	function get_groups_id() {
219
		return split(",", $_SESSION['GROUPS_ID']);
220
	}
221

    
222
	// Get the current users group name
223
	function get_group_name() {
224
		return implode(",", $_SESSION['GROUP_NAME']);
225
	}
226

    
227
	// Get the current users group name
228
	function get_groups_name() {
229
		return $_SESSION['GROUP_NAME'];
230
	}
231

    
232
	// Get the current users username
233
	function get_username() {
234
		return $_SESSION['USERNAME'];
235
	}
236

    
237
	// Get the current users display name
238
	function get_display_name() {
239
		return ($_SESSION['DISPLAY_NAME']);
240
	}
241

    
242
	// Get the current users email address
243
	function get_email() {
244
		return $_SESSION['EMAIL'];
245
	}
246

    
247
	// Get the current users home folder
248
	function get_home_folder() {
249
		return $_SESSION['HOME_FOLDER'];
250
	}
251

    
252
	// Get the current users timezone
253
	function get_timezone() {
254
		if(!isset($_SESSION['USE_DEFAULT_TIMEZONE'])) {
255
			return $_SESSION['TIMEZONE'];
256
		} else {
257
			return '-72000';
258
		}
259
	}
260

    
261
	// Validate supplied email address
262
	function validate_email($email) {
263
		if(eregi("^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$", $email)) {
264
			return true;
265
		} else {
266
			return false;
267
		}
268
	}
269

    
270
	// Print a success message which then automatically redirects the user to another page
271
	function print_success($message, $redirect = 'index.php') {
272
		global $TEXT, $database;
273
		
274
		// fetch redirect timer for sucess messages from settings table
275
		$table = TABLE_PREFIX . 'settings';
276
		$results = @$database->get_one("SELECT `value` FROM `$table` WHERE `name` = 'redirect_timer'");
277
		$redirect_timer = ($results) ? $results : '1500';
278

    
279
		// add template variables
280
		$success_template = new Template(THEME_PATH.'/templates');
281
		$success_template->set_file('page', 'success.htt');
282
		$success_template->set_block('page', 'main_block', 'main');
283
		$success_template->set_var('MESSAGE', $message);
284
		$success_template->set_var('REDIRECT', $redirect);
285
		$success_template->set_var('REDIRECT_TIMER', $redirect_timer);
286
		$success_template->set_var('NEXT', $TEXT['NEXT']);
287
		$success_template->parse('main', 'main_block', false);
288
		$success_template->pparse('output', 'page');
289
	}
290
	
291
	// Print an error message
292
	function print_error($message, $link = 'index.php', $auto_footer = true) {
293
		global $TEXT;
294
		$success_template = new Template(THEME_PATH.'/templates');
295
		$success_template->set_file('page', 'error.htt');
296
		$success_template->set_block('page', 'main_block', 'main');
297
		$success_template->set_var('MESSAGE', $message);
298
		$success_template->set_var('LINK', $link);
299
		$success_template->set_var('BACK', $TEXT['BACK']);
300
		$success_template->parse('main', 'main_block', false);
301
		$success_template->pparse('output', 'page');
302
		if ( $auto_footer == true ) {
303
			if ( method_exists($this, "print_footer") ) {
304
				$this->print_footer();
305
				exit();
306
			}
307
		}
308
	}
309

    
310
	// Validate send email
311
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='') {
312
		/* 
313
			INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
314
			SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
315
			NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
316

    
317
			NOTE:
318
			To use SMTP for sending out mails, you have to specify the SMTP host of your domain
319
			via the Settings panel in the backend of Website Baker
320
		*/ 
321

    
322
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
323
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
324
		$subject = preg_replace('/[\r\n]/', '', $subject);
325
		$message_alt = $message;
326
		$message = preg_replace('/[\r\n]/', '<br \>', $message);
327
		
328
		// create PHPMailer object and define default settings
329
		$myMail = new wbmailer();
330

    
331
		// set user defined from address
332
		if ($fromaddress!='') {
333
			if($fromname!='') $myMail->FromName = $fromname;         // FROM-NAME
334
			$myMail->From = $fromaddress;                            // FROM:
335
			$myMail->AddReplyTo($fromaddress);                       // REPLY TO:
336
		}
337
		
338
		// define recepient and information to send out
339
		$myMail->AddAddress($toaddress);                            // TO:
340
		$myMail->Subject = $subject;                                // SUBJECT
341
		$myMail->Body = $message;                                   // CONTENT (HTML)
342
		$myMail->AltBody = strip_tags($message_alt);				// CONTENT (TEXT)
343
		
344
		// check if there are any send mail errors, otherwise say successful
345
		if (!$myMail->Send()) {
346
			return false;
347
		} else {
348
			return true;
349
		}
350
	}
351

    
352
}
353
?>
(8-8/15)