Project

General

Profile

1 1166 Luisehahne
<?php
2 1277 Luisehahne
/**
3
 *
4
 * @category        frontend
5
 * @package         framework
6
 * @author          WebsiteBaker Project
7
 * @copyright       2004-2009, Ryan Djurovich
8
 * @copyright       2009-2010, Website Baker Org. e.V.
9
 * @link			http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.x
12
 * @requirements    PHP 4.3.4 and higher
13
 * @version         $Id$
14
 * @filesource		$HeadURL: $
15
 * @lastmodified    $Date:  $
16
 *
17
 */
18 1166 Luisehahne
19
// Include PHPLIB template class
20
require_once(WB_PATH."/include/phplib/template.inc");
21
22
require_once(WB_PATH.'/framework/class.database.php');
23
24
// Include new wbmailer class (subclass of PHPmailer)
25
require_once(WB_PATH."/framework/class.wbmailer.php");
26
27 1337 Luisehahne
require_once(WB_PATH."/framework/class.secureform.php");
28
29
class wb extends SecureForm
30 1166 Luisehahne
{
31 1313 Luisehahne
32 1314 Luisehahne
	var $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+';
33
	// General initialization function
34 1166 Luisehahne
	// performed when frontend or backend is loaded.
35 1337 Luisehahne
36 1166 Luisehahne
	function wb() {
37
	}
38 1277 Luisehahne
39 1313 Luisehahne
40 1166 Luisehahne
	// Check whether a page is visible or not.
41
	// This will check page-visibility and user- and group-rights.
42
	/* page_is_visible() returns
43
		false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
44
		true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
45
	*/
46 1277 Luisehahne
	function page_is_visible($page)
47
    {
48 1166 Luisehahne
		$show_it = false; // shall we show the page?
49
		$page_id = $page['page_id'];
50
		$visibility = $page['visibility'];
51
		$viewing_groups = $page['viewing_groups'];
52
		$viewing_users = $page['viewing_users'];
53 1277 Luisehahne
54 1166 Luisehahne
		// First check if visibility is 'none', 'deleted'
55 1277 Luisehahne
		if($visibility == 'none')
56
        {
57 1166 Luisehahne
			return(false);
58 1277 Luisehahne
		} elseif($visibility == 'deleted')
59
        {
60 1166 Luisehahne
			return(false);
61
		}
62 1277 Luisehahne
63 1166 Luisehahne
		// Now check if visibility is 'hidden', 'private' or 'registered'
64
		if($visibility == 'hidden') { // hidden: hide the menu-link, but show the page
65
			$show_it = true;
66 1277 Luisehahne
		} elseif($visibility == 'private' || $visibility == 'registered')
67
        {
68 1166 Luisehahne
			// Check if the user is logged in
69 1277 Luisehahne
			if($this->is_authenticated() == true)
70
            {
71 1166 Luisehahne
				// Now check if the user has perms to view the page
72
				$in_group = false;
73 1277 Luisehahne
				foreach($this->get_groups_id() as $cur_gid)
74
                {
75
				    if(in_array($cur_gid, explode(',', $viewing_groups)))
76
                    {
77 1166 Luisehahne
				        $in_group = true;
78
				    }
79
				}
80
				if($in_group || in_array($this->get_user_id(), explode(',', $viewing_users))) {
81
					$show_it = true;
82
				} else {
83
					$show_it = false;
84
				}
85
			} else {
86
				$show_it = false;
87
			}
88
		} elseif($visibility == 'public') {
89
			$show_it = true;
90
		} else {
91
			$show_it = false;
92
		}
93
		return($show_it);
94
	}
95
	// Check if there is at least one active section on this page
96 1277 Luisehahne
	function page_is_active($page)
97
    {
98 1166 Luisehahne
		global $database;
99
		$has_active_sections = false;
100
		$page_id = $page['page_id'];
101
		$now = time();
102
		$query_sections = $database->query("SELECT publ_start,publ_end FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id'");
103 1277 Luisehahne
		if($query_sections->numRows() != 0)
104
        {
105
			while($section = $query_sections->fetchRow())
106
            {
107
				if($now<$section['publ_end'] && ($now>$section['publ_start'] || $section['publ_start']==0) || $now>$section['publ_start'] && $section['publ_end']==0)
108
                {
109 1166 Luisehahne
					$has_active_sections = true;
110
					break;
111
				}
112
			}
113
		}
114
		return($has_active_sections);
115
	}
116
117
	// Check whether we should show a page or not (for front-end)
118 1277 Luisehahne
	function show_page($page)
119
    {
120
		if($this->page_is_visible($page) && $this->page_is_active($page))
121
        {
122 1166 Luisehahne
			return true;
123
		} else {
124
			return false;
125
		}
126
	}
127
128
	// Check if the user is already authenticated or not
129
	function is_authenticated() {
130 1277 Luisehahne
		if(isset($_SESSION['USER_ID']) AND $_SESSION['USER_ID'] != "" AND is_numeric($_SESSION['USER_ID']))
131
        {
132 1166 Luisehahne
			return true;
133
		} else {
134
			return false;
135
		}
136
	}
137 1277 Luisehahne
138 1166 Luisehahne
	// Modified addslashes function which takes into account magic_quotes
139
	function add_slashes($input) {
140
		if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
141
			return $input;
142
		}
143
		$output = addslashes($input);
144
		return $output;
145
	}
146
147
	// Ditto for stripslashes
148
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
149
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
150
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
151
	function strip_slashes($input) {
152
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
153
			return $input;
154
		}
155
		$output = stripslashes($input);
156
		return $output;
157
	}
158
159
	// Escape backslashes for use with mySQL LIKE strings
160
	function escape_backslashes($input) {
161
		return str_replace("\\","\\\\",$input);
162
	}
163
164
	function page_link($link){
165
		// Check for :// in the link (used in URL's) as well as mailto:
166
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
167
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
168
		} else {
169
			return $link;
170
		}
171
	}
172
173
	// Get POST data
174
	function get_post($field) {
175
		if(isset($_POST[$field])) {
176
			return $_POST[$field];
177
		} else {
178
			return null;
179
		}
180
	}
181
182
	// Get POST data and escape it
183
	function get_post_escaped($field) {
184
		$result = $this->get_post($field);
185
		return (is_null($result)) ? null : $this->add_slashes($result);
186
	}
187
188
	// Get GET data
189
	function get_get($field) {
190
		if(isset($_GET[$field])) {
191
			return $_GET[$field];
192
		} else {
193
			return null;
194
		}
195
	}
196
197
	// Get SESSION data
198
	function get_session($field) {
199
		if(isset($_SESSION[$field])) {
200
			return $_SESSION[$field];
201
		} else {
202
			return null;
203
		}
204
	}
205
206
	// Get SERVER data
207
	function get_server($field) {
208
		if(isset($_SERVER[$field])) {
209
			return $_SERVER[$field];
210
		} else {
211
			return null;
212
		}
213
	}
214
215
	// Get the current users id
216
	function get_user_id() {
217
		return $_SESSION['USER_ID'];
218
	}
219
220
	// Get the current users group id
221
	function get_group_id() {
222
		return $_SESSION['GROUP_ID'];
223
	}
224
225
	// Get the current users group ids
226
	function get_groups_id() {
227
		return explode(",", $_SESSION['GROUPS_ID']);
228
	}
229
230
	// Get the current users group name
231
	function get_group_name() {
232
		return implode(",", $_SESSION['GROUP_NAME']);
233
	}
234
235
	// Get the current users group name
236
	function get_groups_name() {
237
		return $_SESSION['GROUP_NAME'];
238
	}
239
240
	// Get the current users username
241
	function get_username() {
242
		return $_SESSION['USERNAME'];
243
	}
244
245
	// Get the current users display name
246
	function get_display_name() {
247
		return ($_SESSION['DISPLAY_NAME']);
248
	}
249
250
	// Get the current users email address
251
	function get_email() {
252
		return $_SESSION['EMAIL'];
253
	}
254
255
	// Get the current users home folder
256
	function get_home_folder() {
257
		return $_SESSION['HOME_FOLDER'];
258
	}
259
260
	// Get the current users timezone
261
	function get_timezone() {
262
		if(!isset($_SESSION['USE_DEFAULT_TIMEZONE'])) {
263
			return $_SESSION['TIMEZONE'];
264
		} else {
265
			return '-72000';
266
		}
267
	}
268
269
	// Validate supplied email address
270
	function validate_email($email) {
271 1216 LordDarkma
		if(preg_match('/^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$/', $email)) {
272
		return true;
273 1166 Luisehahne
		} else {
274
			return false;
275
		}
276
	}
277
278 1337 Luisehahne
	// Print a success message which then automatically redirects the user to another page
279
	function print_success( $message, $redirect = 'index.php' ) {
280
	    global $TEXT;
281
	    // fetch redirect timer for sucess messages from settings table
282
	    $redirect_timer = ((defined( 'REDIRECT_TIMER' )) && (REDIRECT_TIMER >= 1500)) ? REDIRECT_TIMER : 0;
283
	    // add template variables
284
	    $tpl = new Template( THEME_PATH.'/templates' );
285
	    $tpl->set_file( 'page', 'success.htt' );
286
	    $tpl->set_block( 'page', 'main_block', 'main' );
287
	    $tpl->set_block( 'main_block', 'show_redirect_block', 'show_redirect' );
288
	    $tpl->set_var( 'MESSAGE', $message );
289
	    $tpl->set_var( 'REDIRECT', $redirect );
290
	    $tpl->set_var( 'REDIRECT_TIMER', $redirect_timer );
291
	    $tpl->set_var( 'NEXT', $TEXT['NEXT'] );
292 1342 Luisehahne
	    $tpl->set_var( 'BACK', $TEXT['BACK'] );
293 1337 Luisehahne
	    if ($redirect_timer == 0) {
294
	        $tpl->set_block( 'show_redirect', '' );
295
	    }
296
	    else {
297
	        $tpl->parse( 'show_redirect', 'show_redirect_block', true );
298
	    }
299
	    $tpl->parse( 'main', 'main_block', false );
300
	    $tpl->pparse( 'output', 'page' );
301 1312 Luisehahne
	}
302
303 1166 Luisehahne
	// Print an error message
304
	function print_error($message, $link = 'index.php', $auto_footer = true) {
305
		global $TEXT;
306
		$success_template = new Template(THEME_PATH.'/templates');
307
		$success_template->set_file('page', 'error.htt');
308
		$success_template->set_block('page', 'main_block', 'main');
309
		$success_template->set_var('MESSAGE', $message);
310
		$success_template->set_var('LINK', $link);
311
		$success_template->set_var('BACK', $TEXT['BACK']);
312
		$success_template->parse('main', 'main_block', false);
313
		$success_template->pparse('output', 'page');
314
		if ( $auto_footer == true ) {
315
			if ( method_exists($this, "print_footer") ) {
316
				$this->print_footer();
317
			}
318
		}
319
		exit();
320
	}
321
322
	// Validate send email
323
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='') {
324
		/*
325
			INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
326
			SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
327
			NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
328
329
			NOTE:
330
			To use SMTP for sending out mails, you have to specify the SMTP host of your domain
331
			via the Settings panel in the backend of Website Baker
332
		*/
333
334
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
335
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
336
		$subject = preg_replace('/[\r\n]/', '', $subject);
337
		$message_alt = $message;
338
		$message = preg_replace('/[\r\n]/', '<br \>', $message);
339
340
		// create PHPMailer object and define default settings
341
		$myMail = new wbmailer();
342
343
		// set user defined from address
344
		if ($fromaddress!='') {
345
			if($fromname!='') $myMail->FromName = $fromname;         // FROM-NAME
346
			$myMail->From = $fromaddress;                            // FROM:
347
			$myMail->AddReplyTo($fromaddress);                       // REPLY TO:
348
		}
349
350
		// define recepient and information to send out
351
		$myMail->AddAddress($toaddress);                            // TO:
352
		$myMail->Subject = $subject;                                // SUBJECT
353
		$myMail->Body = $message;                                   // CONTENT (HTML)
354
		$myMail->AltBody = strip_tags($message_alt);				// CONTENT (TEXT)
355
356
		// check if there are any send mail errors, otherwise say successful
357
		if (!$myMail->Send()) {
358
			return false;
359
		} else {
360
			return true;
361
		}
362
	}
363
364
}
365
?>