Project

General

Profile

1 1241 Luisehahne
<?php
2
/****************************************************************************
3
* SVN Version information:
4
*
5
* $Id$
6
*
7
*****************************************************************************
8
*                          WebsiteBaker
9
*
10
* WebsiteBaker Project <http://www.websitebaker2.org/>
11
* Copyright (C) 2009, Website Baker Org. e.V.
12
*         http://start.websitebaker2.org/impressum-datenschutz.php
13
* Copyright (C) 2004-2009, Ryan Djurovich
14
*
15
*                        About WebsiteBaker
16
*
17
* Website Baker is a PHP-based Content Management System (CMS)
18
* designed with one goal in mind: to enable its users to produce websites
19
* with ease.
20
*
21
*****************************************************************************
22
*
23
*****************************************************************************
24
*                        LICENSE INFORMATION
25
*
26
* WebsiteBaker is free software; you can redistribute it and/or
27
* modify it under the terms of the GNU General Public License
28
* as published by the Free Software Foundation; either version 2
29
* of the License, or (at your option) any later version.
30
*
31
* WebsiteBaker is distributed in the hope that it will be useful,
32
* but WITHOUT ANY WARRANTY; without even the implied warranty of
33
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
34
* See the GNU General Public License for more details.
35
*
36
* You should have received a copy of the GNU General Public License
37
* along with this program; if not, write to the Free Software
38
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
39
****************************************************************************
40
*
41
*                   WebsiteBaker Extra Information
42
*
43
*
44
*
45
*
46
*****************************************************************************/
47
/**
48
 *
49
 * @category     admin
50
 * @package      settings
51
 * @author       Ryan Djurovich
52
 * @copyright    2004-2009, Ryan Djurovich
53
 * @copyright    2009-2010, Website Baker Org. e.V.
54
 * @version      $Id$
55
 * @platform     WebsiteBaker 2.8.x
56
 * @requirements >= PHP 4.3.4
57
 * @license      http://www.gnu.org/licenses/gpl.html
58
 *
59
 */
60
61
// prevent this file from being accessed directly in the browser (would set all entries in DB settings table to '')
62
if(!isset($_POST['default_language']) || $_POST['default_language'] == '') die(header('Location: index.php'));
63
64
// Find out if the user was view advanced options or not
65
if($_POST['advanced'] == 'yes' ? $advanced = '?advanced=yes' : $advanced = '');
66
67
// Print admin header
68
require('../../config.php');
69
require_once(WB_PATH.'/framework/class.admin.php');
70
if($advanced == '') {
71
	$admin = new admin('Settings', 'settings_basic');
72
	$_POST['database_password'] = DB_PASSWORD;
73
} else {
74
	$admin = new admin('Settings', 'settings_advanced');
75
}
76
77
// Create a javascript back link
78
$js_back = "javascript: history.go(-1);";
79
80
// Ensure that the specified default email is formally valid
81
if(isset($_POST['server_email'])) {
82
	$_POST['server_email'] = strip_tags($_POST['server_email']);
83
	if(!eregi("^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$", $_POST['server_email'])) {
84
		$admin->print_error($MESSAGE['USERS']['INVALID_EMAIL'].
85
			'<br /><strong>Email: '.htmlentities($_POST['server_email']).'</strong>', $js_back);
86
	}
87
}
88
89
// Work-out file mode
90
if($advanced == '') {
91
	// Check if should be set to 777 or left alone
92
	if(isset($_POST['world_writeable']) AND $_POST['world_writeable'] == 'true') {
93
		$file_mode = '0777';
94
		$dir_mode = '0777';
95
	} else {
96
		$file_mode = STRING_FILE_MODE;
97
		$dir_mode = STRING_DIR_MODE;
98
	}
99
} else {
100
	// Work-out the octal value for file mode
101
	$u = 0;
102
	if(isset($_POST['file_u_r']) AND $_POST['file_u_r'] == 'true') {
103
		$u = $u+4;
104
	}
105
	if(isset($_POST['file_u_w']) AND $_POST['file_u_w'] == 'true') {
106
		$u = $u+2;
107
	}
108
	if(isset($_POST['file_u_e']) AND $_POST['file_u_e'] == 'true') {
109
		$u = $u+1;
110
	}
111
	$g = 0;
112
	if(isset($_POST['file_g_r']) AND $_POST['file_g_r'] == 'true') {
113
		$g = $g+4;
114
	}
115
	if(isset($_POST['file_g_w']) AND $_POST['file_g_w'] == 'true') {
116
		$g = $g+2;
117
	}
118
	if(isset($_POST['file_g_e']) AND $_POST['file_g_e'] == 'true') {
119
		$g = $g+1;
120
	}
121
	$o = 0;
122
	if(isset($_POST['file_o_r']) AND $_POST['file_o_r'] == 'true') {
123
		$o = $o+4;
124
	}
125
	if(isset($_POST['file_o_w']) AND $_POST['file_o_w'] == 'true') {
126
		$o = $o+2;
127
	}
128
	if(isset($_POST['file_o_e']) AND $_POST['file_o_e'] == 'true') {
129
		$o = $o+1;
130
	}
131
	$file_mode = "0".$u.$g.$o;
132
	// Work-out the octal value for dir mode
133
	$u = 0;
134
	if(isset($_POST['dir_u_r']) AND $_POST['dir_u_r'] == 'true') {
135
		$u = $u+4;
136
	}
137
	if(isset($_POST['dir_u_w']) AND $_POST['dir_u_w'] == 'true') {
138
		$u = $u+2;
139
	}
140
	if(isset($_POST['dir_u_e']) AND $_POST['dir_u_e'] == 'true') {
141
		$u = $u+1;
142
	}
143
	$g = 0;
144
	if(isset($_POST['dir_g_r']) AND $_POST['dir_g_r'] == 'true') {
145
		$g = $g+4;
146
	}
147
	if(isset($_POST['dir_g_w']) AND $_POST['dir_g_w'] == 'true') {
148
		$g = $g+2;
149
	}
150
	if(isset($_POST['dir_g_e']) AND $_POST['dir_g_e'] == 'true') {
151
		$g = $g+1;
152
	}
153
	$o = 0;
154
	if(isset($_POST['dir_o_r']) AND $_POST['dir_o_r'] == 'true') {
155
		$o = $o+4;
156
	}
157
	if(isset($_POST['dir_o_w']) AND $_POST['dir_o_w'] == 'true') {
158
		$o = $o+2;
159
	}
160
	if(isset($_POST['dir_o_e']) AND $_POST['dir_o_e'] == 'true') {
161
		$o = $o+1;
162
	}
163
	$dir_mode = "0".$u.$g.$o;
164
}
165
166
// Create new database object
167
$database = new database();
168
169
// Query current settings in the db, then loop through them and update the db with the new value
170
$query = "SELECT name FROM ".TABLE_PREFIX."settings";
171
$results = $database->query($query);
172
while($setting = $results->fetchRow()) {
173
	$setting_name = $setting['name'];
174
	$value = $admin->get_post($setting_name);
175
	if ($setting_name!='wb_version') {
176
		$allow_tags_in_fields = array('website_header', 'website_footer','wbmailer_smtp_password');
177
		if(!in_array($setting_name, $allow_tags_in_fields)) {
178
			$value = strip_tags($value);
179
		}
180
		switch ($setting_name) {
181
			case 'default_timezone':
182
				$value=$value*60*60;
183
				break;
184
			case 'string_dir_mode':
185
				$value=$dir_mode;
186
				break;
187
			case 'string_file_mode':
188
				$value=$file_mode;
189
				break;
190
			case 'pages_directory':
191
				if(trim($value)=='/') $value='';
192
				break;
193
		}
194
		$value = $admin->add_slashes($value);
195
		$database->query("UPDATE ".TABLE_PREFIX."settings SET value = '$value' WHERE name = '$setting_name'");
196
	}
197
}
198
199
// Query current search settings in the db, then loop through them and update the db with the new value
200
$query = "SELECT name, value FROM ".TABLE_PREFIX."search WHERE extra = ''";
201
$results = $database->query($query);
202
while($search_setting = $results->fetchRow())
203
{
204
	$old_value = $search_setting['value'];
205
	$setting_name = $search_setting['name'];
206
	$post_name = 'search_'.$search_setting['name'];
207
	if($admin->get_post($post_name) == '')
208
    {
209
        $value = $old_value;
210
    }
211
	else
212
    {
213
        $value = $admin->get_post($post_name);
214
    }
215
216
	$value = $admin->add_slashes($value);
217
	$database->query("UPDATE ".TABLE_PREFIX."search SET value = '$value' WHERE name = '$setting_name'");
218
}
219
220
// Check if there was an error updating the db
221
if($database->is_error()) {
222
	$admin->print_error($database->get_error, ADMIN_URL.'/settings/index.php'.$advanced);
223
	$admin->print_footer();
224
	exit();
225
}
226
227
$admin->print_success($MESSAGE['SETTINGS']['SAVED'], ADMIN_URL.'/settings/index.php'.$advanced);
228
$admin->print_footer();
229
230
?>