Project

General

Profile

« Previous | Next » 

Revision 1365

Added by Dietmar almost 14 years ago

added some functions
set status to 2.8.2 RC3

View differences:

branches/2.8.x/CHANGELOG
11 11
! = Update/Change
12 12

  
13 13
------------------------------------- 2.8.2 -------------------------------------
14
29 Dec-2010 Build 1365 Dietmar Woellbrink (Luisehahne)
15
! added some functions 
16
! set status to 2.8.2 RC3
14 17
29 Dec-2010 Build 1364 Dietmar Woellbrink (Luisehahne)
15 18
! added function 'db_update_key_value()'
16 19
29 Dec-2010 Build 1363 Dietmar Woellbrink (Luisehahne)
branches/2.8.x/wb/admin/interface/version.php
51 51
}
52 52

  
53 53
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
54
if(!defined('VERSION')) define('VERSION', '2.8.2.RC2');
55
if(!defined('REVISION')) define('REVISION', '1364');
54
if(!defined('VERSION')) define('VERSION', '2.8.2.RC3');
55
if(!defined('REVISION')) define('REVISION', '1365');
56 56

  
57 57
?>
branches/2.8.x/wb/framework/functions.php
25 25
// Define that this file has been loaded
26 26
define('FUNCTIONS_FILE_LOADED', true);
27 27

  
28
// Function to remove a non-empty directory
29
function rm_full_dir($directory)
30
{
28
/**
29
 * @description: recursively delete a non empty directory
30
 * @param string $directory :
31
 * @param bool $empty : true if you want the folder just emptied, but not deleted
32
 *                      false, or just simply leave it out, the given directory will be deleted, as well
33
 * @return boolean: list of ro-dirs
34
 * @from http://www.php.net/manual/de/function.rmdir.php#98499
35
 */
36
function rm_full_dir($directory, $empty = false) {
37

  
38
    if(substr($directory,-1) == "/")
39
	{
40
        $directory = substr($directory,0,-1);
41
    }
42

  
31 43
    // If suplied dirname is a file then unlink it
32
    if (is_file($directory))
44
    if (is_file( $directory ))
33 45
	{
34 46
        return unlink($directory);
35 47
    }
36
    // Empty the folder
37
	if (is_dir($directory))
38
    {
39
        $dir = dir($directory);
40
        while (false !== $entry = $dir->read())
41
        {
42
            // Skip pointers
43
            if ($entry == '.' || $entry == '..') { continue; }
44
            // Deep delete directories
45
            if (is_dir($directory.'/'.$entry))
48

  
49
    if(!file_exists($directory) || !is_dir($directory))
50
	{
51
        return false;
52
    } elseif(!is_readable($directory))
53
	{
54
        return false;
55
    } else {
56
        $directoryHandle = opendir($directory);
57

  
58
        while ($contents = readdir($directoryHandle))
59
		{
60
            if($contents != '.' && $contents != '..')
46 61
			{
47
				rm_full_dir($directory.'/'.$entry);
62
                $path = $directory . "/" . $contents;
63

  
64
                if(is_dir($path))
65
				{
66
                    rm_full_dir($path);
67
                } else {
68
                    unlink($path);
69
                }
48 70
            }
49
            else
50
            {
51
                unlink($directory.'/'.$entry);
71
        }
72

  
73
        closedir($directoryHandle);
74

  
75
        if($empty == false)
76
		{
77
            if(!rmdir($directory))
78
			{
79
                return false;
52 80
            }
53 81
        }
54
        // Now delete the folder
55
        $dir->close();
56
        return rmdir($directory);
57
	}
82

  
83
        return true;
84
    }
58 85
}
59 86

  
60 87
/*
......
90 117
    	}
91 118
        $dir->close();
92 119
    }
120

  
121
	// sorting
122
	if(natcasesort($result_list))
123
	{
124
		// new indexing
125
		$result_list = array_merge($result_list);
126
	}
93 127
	return $result_list; // Now return the list
94 128
}
95 129

  
......
119 153
    }
120 154
}
121 155

  
156
/**
157
* Scan a given directory for dirs and files.
158
*
159
* usage: scan_current_dir ($root = '' )
160
*
161
* @param     $root   set a absolute rootpath as string. if root is empty the current path will be scan
162
* @param     $search set a search pattern for files, empty search brings all files
163
* @access    public
164
* @return    array    returns a natsort array with keys 'path' and 'filename'
165
*
166
*/
167
if(!function_exists('scan_current_dir'))
168
{
169
	function scan_current_dir($root = '', $search = '/.*/')
170
	{
171
	    $FILE = array();
172
		$array = array();
173
	    clearstatcache();
174
	    $root = empty ($root) ? getcwd() : $root;
175
	    if (($handle = opendir($root)))
176
	    {
177
	    // Loop through the files and dirs an add to list  DIRECTORY_SEPARATOR
178
	        while (false !== ($file = readdir($handle)))
179
	        {
180
	            if (substr($file, 0, 1) != '.' && $file != 'index.php')
181
	            {
182
	                if (is_dir($root.'/'.$file))
183
	                {
184
	                    $FILE['path'][] = $file;
185
	                } elseif (preg_match($search, $file, $array) )
186
                    {
187
	                    $FILE['filename'][] = $array[0];
188
	                }
189
	            }
190
	        }
191
	        $close_verz = closedir($handle);
192
	    }
193

  
194
		// sorting
195
	    if (isset ($FILE['path']) && natcasesort($FILE['path']))
196
	    {
197
			// new indexing
198
	        $FILE['path'] = array_merge($FILE['path']);
199
	    }
200
		// sorting
201
	    if (isset ($FILE['filename']) && natcasesort($FILE['filename']))
202
	    {
203
			// new indexing
204
	        $FILE['filename'] = array_merge($FILE['filename']);
205
	    }
206
	    return $FILE;
207
	}
208
}
209

  
122 210
// Function to open a directory and add to a file list
123 211
function file_list($directory, $skip = array(), $show_hidden = false)
124 212
{
......
138 226
		}
139 227
		$dir->close(); // Now close the folder object
140 228
	}
141
	natsort($result_list); // make the list nice. Not all OS do this itself
229

  
230
    // make the list nice. Not all OS do this itself
231
   if(natcasesort($result_list))
232
   {
233
		$result_list = array_merge($result_list);
234
   }
235

  
142 236
	return $result_list;
143 237
}
144 238

  
......
163 257
		}
164 258
		function remove_home_subs($directory = '/', $home_folders = '')
165 259
		{
166
			if($handle = opendir(WB_PATH.MEDIA_DIRECTORY.$directory))
260
			if( ($handle = opendir(WB_PATH.MEDIA_DIRECTORY.$directory)) )
167 261
			{
168 262
				// Loop through the dirs to check the home folders sub-dirs are not shown
169 263
				while(false !== ($file = readdir($handle)))
170 264
				{
171
					if($file[0] != '.' AND $file != 'index.php')
265
					if($file[0] != '.' && $file != 'index.php')
172 266
					{
173 267
						if(is_dir(WB_PATH.MEDIA_DIRECTORY.$directory.'/'.$file))
174 268
						{
......
203 297
	return $home_folders;
204 298
}
205 299

  
300
/*
301
 * @param object &$wb: $wb from frontend or $admin from backend
302
 * @return array: list of new entries
303
 * @description: callback remove path in files/dirs stored in array
304
 * @example: array_walk($array,'remove_path',PATH);
305
 */
306
//
307
function remove_path(&$path, $key, $vars = '')
308
{
309
	$path = str_replace($vars, '', $path);
310
}
311

  
312
/*
313
 * @param object &$wb: $wb from frontend or $admin from backend
314
 * @return array: list of ro-dirs
315
 * @description: returns a list of directories beyound /wb/media which are ReadOnly for current user
316
 */
317
function media_dirs_ro( &$wb )
318
{
319
	global $database;
320
	// if user is admin or home-folders not activated then there are no restrictions
321
	$allow_list = array();
322
	if( $wb->get_user_id() == 1 || !HOME_FOLDERS )
323
	{
324
		return array();
325
	}
326
	// at first read any dir and subdir from /media
327
	$full_list = directory_list( WB_PATH.MEDIA_DIRECTORY );
328
	// add own home_folder to allow-list
329
	if( $wb->get_home_folder() )
330
	{
331
		// old: $allow_list[] = get_home_folder();
332
		$allow_list[] = $wb->get_home_folder();
333
	}
334
	// get groups of current user
335
	$curr_groups = $wb->get_groups_id();
336
	// if current user is in admin-group
337
	 if( ($admin_key = array_search('1', $curr_groups)) !== false)
338
	{
339
		// remove admin-group from list
340
		unset($curr_groups[$admin_key]);
341
		// search for all users where the current user is admin from
342
		foreach( $curr_groups as $group)
343
		{
344
			$sql  = 'SELECT `home_folder` FROM `'.TABLE_PREFIX.'users` ';
345
			$sql .= 'WHERE (FIND_IN_SET(\''.$group.'\', `groups_id`) > 0) AND `home_folder` <> \'\' AND `user_id` <> '.$wb->get_user_id();
346
			if( ($res_hf = $database->query($sql)) != null )
347
			{
348
				while( $rec_hf = $res_hf->fetchrow() )
349
				{
350
					$allow_list[] = $rec_hf['home_folder'];
351
				}
352
			}
353
		}
354
	}
355
	$tmp_array = $full_list;
356
	// create a list for readonly dir
357
    $array = array();
358
	while( sizeof($tmp_array) > 0)
359
	{
360
        $tmp = array_shift($tmp_array);
361
        $x = 0;
362
		while($x < sizeof($allow_list))
363
		{
364
			if(strpos ($tmp,$allow_list[$x])) {
365
				$array[] = $tmp;
366
			}
367
			$x++;
368
		}
369
	}
370

  
371
	$full_list = array_diff( $full_list, $array );
372
	$tmp = array();
373
	$full_list = array_merge($tmp,$full_list);
374

  
375
	return $full_list;
376
}
377

  
378
/*
379
 * @param object &$wb: $wb from frontend or $admin from backend
380
 * @return array: list of rw-dirs
381
 * @description: returns a list of directories beyound /wb/media which are ReadWrite for current user
382
 */
383
function media_dirs_rw ( &$wb )
384
{
385
	global $database;
386
	// if user is admin or home-folders not activated then there are no restrictions
387
	// at first read any dir and subdir from /media
388
	$full_list = directory_list( WB_PATH.MEDIA_DIRECTORY );
389
    $array = array();
390
	$allow_list = array();
391
	if( ($wb->ami_group_member('1')) && !HOME_FOLDERS )
392
	{
393
		return $full_list;
394
	}
395
	// add own home_folder to allow-list
396
	if( $wb->get_home_folder() )
397
	{
398
	  	$allow_list[] = $wb->get_home_folder();
399
	} else {
400
		$array = $full_list;
401
	}
402
	// get groups of current user
403
	$curr_groups = $wb->get_groups_id();
404
	// if current user is in admin-group
405
	if( ($admin_key = array_search('1', $curr_groups)) == true)
406
	{
407
		// remove admin-group from list
408
		// unset($curr_groups[$admin_key]);
409
		// search for all users where the current user is admin from
410
		foreach( $curr_groups as $group)
411
		{
412
			$sql  = 'SELECT `home_folder` FROM `'.TABLE_PREFIX.'users` ';
413
			$sql .= 'WHERE (FIND_IN_SET(\''.$group.'\', `groups_id`) > 0) AND `home_folder` <> \'\' AND `user_id` <> '.$wb->get_user_id();
414
			if( ($res_hf = $database->query($sql)) != null )
415
			{
416
				while( $rec_hf = $res_hf->fetchrow() )
417
				{
418
					$allow_list[] = $rec_hf['home_folder'];
419
				}
420
			}
421
		}
422
	}
423

  
424
	$tmp_array = $full_list;
425
	// create a list for readwrite dir
426
	while( sizeof($tmp_array) > 0)
427
	{
428
        $tmp = array_shift($tmp_array);
429
        $x = 0;
430
		while($x < sizeof($allow_list))
431
		{
432
			if(strpos ($tmp,$allow_list[$x])) {
433
				$array[] = $tmp;
434
			}
435
			$x++;
436
		}
437
	}
438

  
439
	$tmp = array();
440
    $array = array_unique($array);
441
	$full_list = array_merge($tmp,$array);
442
    unset($array);
443
    unset($allow_list);
444

  
445
	return $full_list;
446
}
447

  
206 448
// Function to create directories
207 449
function make_dir($dir_name, $dir_mode = OCTAL_DIR_MODE)
208 450
{
......
617 859
function make_thumb($source, $destination, $size)
618 860
{
619 861
	// Check if GD is installed
620
	if(extension_loaded('gd') AND function_exists('imageCreateFromJpeg'))
862
	if(extension_loaded('gd') && function_exists('imageCreateFromJpeg'))
621 863
	{
622 864
		// First figure out the size of the thumbnail
623 865
		list($original_x, $original_y) = getimagesize($source);
......
662 904
function extract_permission($octal_value, $who, $action)
663 905
{
664 906
	// Make sure that all arguments are set and $octal_value is a real octal-integer
665
	if( ($who == '') or ($action == '') or (preg_match( '/[^0-7]/', (string)$octal_value )) )
907
	if( ($who == '') || ($action == '') || (preg_match( '/[^0-7]/', (string)$octal_value )) )
666 908
	{
667 909
		return false; // invalid argument, so return false
668 910
	}
......
709 951
}
710 952

  
711 953
// Function to delete a page
712
function delete_page($page_id)
713
{
714
	global $admin, $database, $MESSAGE;
715
	// Find out more about the page
716
	$database = new database();
717
	$sql  = 'SELECT `page_id`, `menu_title`, `page_title`, `level`, `link`, `parent`, `modified_by`, `modified_when` ';
718
	$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id` = '.$page_id;
719
	$results = $database->query($sql);
720
	if($database->is_error())    { $admin->print_error($database->get_error()); }
721
	if($results->numRows() == 0) { $admin->print_error($MESSAGE['PAGES']['NOT_FOUND']); }
722
	$results_array = $results->fetchRow();
723
	$parent     = $results_array['parent'];
724
	$level      = $results_array['level'];
725
	$link       = $results_array['link'];
726
	$page_title = $results_array['page_title'];
727
	$menu_title = $results_array['menu_title'];
728
	
729
	// Get the sections that belong to the page
730
	$sql = 'SELECT `section_id`, `module` FROM `'.TABLE_PREFIX.'sections` WHERE `page_id` = '.$page_id;
731
	$query_sections = $database->query($sql);
732
	if($query_sections->numRows() > 0)
954
	function delete_page($page_id)
733 955
	{
734
		while($section = $query_sections->fetchRow())
956
		global $admin, $database, $MESSAGE;
957
		// Find out more about the page
958
		$sql  = 'SELECT `page_id`, `menu_title`, `page_title`, `level`, `link`, `parent`, `modified_by`, `modified_when` ';
959
		$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id` = '.$page_id;
960
		$results = $database->query($sql);
961
		if($database->is_error())    { $admin->print_error($database->get_error()); }
962
		if($results->numRows() == 0) { $admin->print_error($MESSAGE['PAGES']['NOT_FOUND']); }
963
		$results_array = $results->fetchRow();
964
		$parent     = $results_array['parent'];
965
		$level      = $results_array['level'];
966
		$link       = $results_array['link'];
967
		$page_title = $results_array['page_title'];
968
		$menu_title = $results_array['menu_title'];
969

  
970
		// Get the sections that belong to the page
971
		$sql = 'SELECT `section_id`, `module` FROM `'.TABLE_PREFIX.'sections` WHERE `page_id` = '.$page_id;
972
		$query_sections = $database->query($sql);
973
		if($query_sections->numRows() > 0)
735 974
		{
736
			// Set section id
737
			$section_id = $section['section_id'];
738
			// Include the modules delete file if it exists
739
			if(file_exists(WB_PATH.'/modules/'.$section['module'].'/delete.php'))
975
			while($section = $query_sections->fetchRow())
740 976
			{
741
				include(WB_PATH.'/modules/'.$section['module'].'/delete.php');
977
				// Set section id
978
				$section_id = $section['section_id'];
979
				// Include the modules delete file if it exists
980
				if(file_exists(WB_PATH.'/modules/'.$section['module'].'/delete.php'))
981
				{
982
					include(WB_PATH.'/modules/'.$section['module'].'/delete.php');
983
				}
742 984
			}
743 985
		}
986
		// Update the pages table
987
		$sql = 'DELETE FROM `'.TABLE_PREFIX.'pages` WHERE `page_id` = '.$page_id;
988
		$database->query($sql);
989
		if($database->is_error())
990
		{
991
			$admin->print_error($database->get_error());
992
		}
993
		// Update the sections table
994
		$sql = 'DELETE FROM `'.TABLE_PREFIX.'sections` WHERE `page_id` = '.$page_id;
995
		$database->query($sql);
996
		if($database->is_error()) {
997
			$admin->print_error($database->get_error());
998
		}
999
		// Include the ordering class or clean-up ordering
1000
		include_once(WB_PATH.'/framework/class.order.php');
1001
		$order = new order(TABLE_PREFIX.'pages', 'position', 'page_id', 'parent');
1002
		$order->clean($parent);
1003
		// Unlink the page access file and directory
1004
		$directory = WB_PATH.PAGES_DIRECTORY.$link;
1005
		$filename = $directory.PAGE_EXTENSION;
1006
		$directory .= '/';
1007
		if(file_exists($filename))
1008
		{
1009
			if(!is_writable(WB_PATH.PAGES_DIRECTORY.'/'))
1010
			{
1011
				$admin->print_error($MESSAGE['PAGES']['CANNOT_DELETE_ACCESS_FILE']);
1012
			}
1013
			else
1014
			{
1015
				unlink($filename);
1016
				if( file_exists($directory) &&
1017
				   (rtrim($directory,'/') != WB_PATH.PAGES_DIRECTORY) &&
1018
				   (substr($link, 0, 1) != '.'))
1019
				{
1020
					rm_full_dir($directory);
1021
				}
1022
			}
1023
		}
744 1024
	}
745
	// Update the pages table
746
	$sql = 'DELETE FROM `'.TABLE_PREFIX.'pages` WHERE `page_id` = '.$page_id;
747
	$database->query($sql);
748
	if($database->is_error())
1025

  
1026
/*
1027
 * @param string $file: name of the file to read
1028
 * @param int $size: number of maximum bytes to read (0 = complete file)
1029
 * @return string: the content as string, false on error
1030
 */
1031
	function getFilePart($file, $size = 0)
749 1032
	{
750
		$admin->print_error($database->get_error());
751
	}
752
	// Update the sections table
753
	$sql = 'DELETE FROM `'.TABLE_PREFIX.'sections` WHERE `page_id` = '.$page_id;
754
	$database->query($sql);
755
	if($database->is_error()) {
756
		$admin->print_error($database->get_error());
757
	}
758
	// Include the ordering class or clean-up ordering
759
	include_once(WB_PATH.'/framework/class.order.php');
760
	$order = new order(TABLE_PREFIX.'pages', 'position', 'page_id', 'parent');
761
	$order->clean($parent);
762
	// Unlink the page access file and directory
763
	$directory = WB_PATH.PAGES_DIRECTORY.$link;
764
	$filename = $directory.PAGE_EXTENSION;
765
	$directory .= '/';
766
	if(file_exists($filename))
767
	{
768
		if(!is_writable(WB_PATH.PAGES_DIRECTORY.'/'))
1033
		$file_content = '';
1034
		if( file_exists($file) && is_file($file) && is_readable($file))
769 1035
		{
770
			$admin->print_error($MESSAGE['PAGES']['CANNOT_DELETE_ACCESS_FILE']);
1036
			if($size == 0)
1037
			{
1038
				$size = filesize($file);
1039
			}
1040
			if(($fh = fopen($file, 'rb')))
1041
			{
1042
				if( ($file_content = fread($fh, $size)) !== false )
1043
				{
1044
					return $file_content;
1045
				}
1046
				fclose($fh);
1047
			}
771 1048
		}
772
		else
1049
		return false;
1050
	}
1051

  
1052
	/**
1053
	* replace varnames with values in a string
1054
	*
1055
	* @param string $subject: stringvariable with vars placeholder
1056
	* @param array $replace: values to replace vars placeholder
1057
	* @return string
1058
	*/
1059
    function replace_vars($subject = '', &$replace = null )
1060
    {
1061
		if(is_array($replace))
773 1062
		{
774
			unlink($filename);
775
			if( file_exists($directory) &&
776
			   (rtrim($directory,'/') != WB_PATH.PAGES_DIRECTORY) &&
777
			   (substr($link, 0, 1) != '.'))
1063
			foreach ($replace  as $key => $value)
778 1064
			{
779
				rm_full_dir($directory);
1065
				$subject = str_replace("{{".$key."}}", $value, $subject);
780 1066
			}
781 1067
		}
782
	}
783
}
1068
		return $subject;
1069
    }
784 1070

  
785 1071
// Load module into DB
786 1072
function load_module($directory, $install = false)
787 1073
{
788 1074
	global $database,$admin,$MESSAGE;
789

  
790
	if(is_dir($directory) AND file_exists($directory.'/info.php'))
1075
	$retVal = false;
1076
	if(is_dir($directory) && file_exists($directory.'/info.php'))
791 1077
	{
792 1078
		require($directory.'/info.php');
793 1079
		if(isset($module_name))
794 1080
		{
795
			if(!isset($module_license))                                  { $module_license = 'GNU General Public License'; }
796
			if(!isset($module_platform) AND isset($module_designed_for)) { $module_platform = $module_designed_for; }
797
			if(!isset($module_function) AND isset($module_type))         { $module_function = $module_type; }
1081
			if(!isset($module_license)) { $module_license = 'GNU General Public License'; }
1082
			if(!isset($module_platform) && isset($module_designed_for)) { $module_platform = $module_designed_for; }
1083
			if(!isset($module_function) && isset($module_type)) { $module_function = $module_type; }
798 1084
			$module_function = strtolower($module_function);
799 1085
			// Check that it doesn't already exist
800
			$sql  = 'SELECT `addon_id` FROM `'.TABLE_PREFIX.'addons` ';
801
			$sql .= 'WHERE `type` = "module" AND `directory` = "'.$module_directory.'" LIMIT 0,1';
802
			$result = $database->query($sql);
803
			if($result->numRows() == 0)
1086
			$sqlwhere = 'WHERE `type` = \'module\' AND `directory` = \''.$module_directory.'\'';
1087
			$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'addons` '.$sqlwhere;
1088
			if( $database->get_one($sql) )
804 1089
			{
1090
				$sql  = 'UPDATE `'.TABLE_PREFIX.'addons` SET ';
1091
			}else{
805 1092
				// Load into DB
806 1093
				$sql  = 'INSERT INTO `'.TABLE_PREFIX.'addons` SET ';
807
				$sql .= '`directory` = "'.$module_directory.'", ';
808
				$sql .= '`name` = "'.$module_name.'", ';
809
				$sql .= '`description`= "'.addslashes($module_description).'", ';
810
				$sql .= '`type`= "module", ';
811
				$sql .= '`function` = "'.$module_function.'", ';
812
				$sql .= '`version` = "'.$module_version.'", ';
813
				$sql .= '`platform` = "'.$module_platform.'", ';
814
				$sql .= '`author` = "'.addslashes($module_author).'", ';
815
				$sql .= '`license` = "'.addslashes($module_license).'"';
816
				$database->query($sql);
817
				// Run installation script
818
				if($install == true)
1094
				$sqlwhere = '';
1095
			}
1096
			$sql .= '`directory` = \''.$module_directory.'\', ';
1097
			$sql .= '`name` = \''.$module_name.'\', ';
1098
			$sql .= '`description`= \''.addslashes($module_description).'\', ';
1099
			$sql .= '`type`= \'module\', ';
1100
			$sql .= '`function` = \''.$module_function.'\', ';
1101
			$sql .= '`version` = \''.$module_version.'\', ';
1102
			$sql .= '`platform` = \''.$module_platform.'\', ';
1103
			$sql .= '`author` = \''.addslashes($module_author).'\', ';
1104
			$sql .= '`license` = \''.addslashes($module_license).'\'';
1105
			$sql .= $sqlwhere;
1106
			$retVal = $database->query($sql);
1107
			// Run installation script
1108
			if($install == true)
1109
			{
1110
				if(file_exists($directory.'/install.php'))
819 1111
				{
820
					if(file_exists($directory.'/install.php'))
821
					{
822
						require($directory.'/install.php');
823
					}
1112
					require($directory.'/install.php');
824 1113
				}
825 1114
			}
826 1115
		}
......
831 1120
function load_template($directory)
832 1121
{
833 1122
	global $database, $admin;
834
	if(is_dir($directory) AND file_exists($directory.'/info.php'))
1123
	$retVal = false;
1124
	if(is_dir($directory) && file_exists($directory.'/info.php'))
835 1125
	{
836 1126
		require($directory.'/info.php');
837 1127
		if(isset($template_name))
......
840 1130
            {
841 1131
              $template_license = 'GNU General Public License';
842 1132
            }
843
			if(!isset($template_platform) AND isset($template_designed_for))
1133
			if(!isset($template_platform) && isset($template_designed_for))
844 1134
            {
845 1135
              $template_platform = $template_designed_for;
846 1136
            }
......
849 1139
              $template_function = 'template';
850 1140
            }
851 1141
			// Check that it doesn't already exist
852
			$sql  = 'SELECT `addon_id` FROM `'.TABLE_PREFIX.'addons` ';
853
			$sql .= 'WHERE `type` = "template" AND `directory` = "'.$template_directory.'" LIMIT 0,1';
854
			$result = $database->query($sql);
855
			if($result->numRows() == 0)
1142
			$sqlwhere = 'WHERE `type` = \'template\' AND `directory` = \''.$template_directory.'\'';
1143
			$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'addons` '.$sqlwhere;
1144
			if( $database->get_one($sql) )
856 1145
			{
1146
				$sql  = 'UPDATE `'.TABLE_PREFIX.'addons` SET ';
1147
			}else{
857 1148
				// Load into DB
858 1149
				$sql  = 'INSERT INTO `'.TABLE_PREFIX.'addons` SET ';
859
				$sql .= '`directory` = "'.$template_directory.'", ';
860
				$sql .= '`name` = "'.$template_name.'", ';
861
				$sql .= '`description`= "'.addslashes($template_description).'", ';
862
				$sql .= '`type`= "template", ';
863
				$sql .= '`function` = "'.$template_function.'", ';
864
				$sql .= '`version` = "'.$template_version.'", ';
865
				$sql .= '`platform` = "'.$template_platform.'", ';
866
				$sql .= '`author` = "'.addslashes($template_author).'", ';
867
				$sql .= '`license` = "'.addslashes($template_license).'" ';
868
				$database->query($sql);
1150
				$sqlwhere = '';
869 1151
			}
1152
			$sql .= '`directory` = \''.$template_directory.'\', ';
1153
			$sql .= '`name` = \''.$template_name.'\', ';
1154
			$sql .= '`description`= \''.addslashes($template_description).'\', ';
1155
			$sql .= '`type`= \'template\', ';
1156
			$sql .= '`function` = \''.$template_function.'\', ';
1157
			$sql .= '`version` = \''.$template_version.'\', ';
1158
			$sql .= '`platform` = \''.$template_platform.'\', ';
1159
			$sql .= '`author` = \''.addslashes($template_author).'\', ';
1160
			$sql .= '`license` = \''.addslashes($template_license).'\' ';
1161
			$sql .= $sqlwhere;
1162
			$retVal = $database->query($sql);
870 1163
		}
871 1164
	}
1165
	return $retVal;
872 1166
}
873 1167

  
874 1168
// Load language into DB
875 1169
function load_language($file)
876 1170
{
877 1171
	global $database,$admin;
1172
	$retVal = false;
878 1173
	if (file_exists($file) && preg_match('#^([A-Z]{2}.php)#', basename($file)))
879 1174
	{
880
		require($file);
1175
		// require($file);  it's to large
1176
		// read contents of the template language file into string
1177
		$data = @file_get_contents(WB_PATH.'/languages/'.str_replace('.php','',basename($file)).'.php');
1178
		// use regular expressions to fetch the content of the variable from the string
1179
		$language_name = get_variable_content('language_name', $data, false);
1180
		$language_code = get_variable_content('language_code', $data, false);
1181
		$language_author = get_variable_content('language_author', $data);
1182
		$language_version = get_variable_content('language_version', $data, false);
1183
		$language_platform = get_variable_content('language_platform', $data, false);
1184

  
881 1185
		if(isset($language_name))
882 1186
		{
883
			if(!isset($language_license))                                    { $language_license = 'GNU General Public License'; }
884
			if(!isset($language_platform) AND isset($language_designed_for)) { $language_platform = $language_designed_for; }
1187
			if(!isset($language_license)) { $language_license = 'GNU General Public License'; }
1188
			if(!isset($language_platform) && isset($language_designed_for)) { $language_platform = $language_designed_for; }
885 1189
			// Check that it doesn't already exist
886
			$sql  = 'SELECT `addon_id` FROM `'.TABLE_PREFIX.'addons` ';
887
			$sql .= 'WHERE `type` = "language" AND `directory` = "'.$language_code.'" LIMIT 0,1';
888
			$result = $database->query($sql);
889
			if($result->numRows() == 0)
1190
			$sqlwhere = 'WHERE `type` = \'language\' AND `directory` = \''.$language_code.'\'';
1191
			$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'addons` '.$sqlwhere;
1192
			if( $database->get_one($sql) )
890 1193
			{
1194
				$sql  = 'UPDATE `'.TABLE_PREFIX.'addons` SET ';
1195
			}else{
891 1196
				// Load into DB
892 1197
				$sql  = 'INSERT INTO `'.TABLE_PREFIX.'addons` SET ';
893
				$sql .= '`directory` = "'.$language_code.'", ';
894
				$sql .= '`name` = "'.$language_name.'", ';
895
				$sql .= '`type`= "language", ';
896
				$sql .= '`version` = "'.$language_version.'", ';
897
				$sql .= '`platform` = "'.$language_platform.'", ';
898
				$sql .= '`author` = "'.addslashes($language_author).'", ';
899
				$sql .= '`license` = "'.addslashes($language_license).'"';
900
				$database->query($sql);
1198
				$sqlwhere = '';
901 1199
			}
1200
			$sql .= '`directory` = \''.$language_code.'\', ';
1201
			$sql .= '`name` = \''.$language_name.'\', ';
1202
			$sql .= '`type`= \'language\', ';
1203
			$sql .= '`version` = \''.$language_version.'\', ';
1204
			$sql .= '`platform` = \''.$language_platform.'\', ';
1205
			$sql .= '`author` = \''.addslashes($language_author).'\', ';
1206
			$sql .= '`license` = \''.addslashes($language_license).'\' ';
1207
			$sql .= $sqlwhere;
1208
			$retVal = $database->query($sql);
902 1209
		}
903 1210
	}
1211
	return $retVal;
904 1212
}
905 1213

  
906 1214
// Upgrade module info in DB, optionally start upgrade script
......
913 1221
		require($mod_directory.'/info.php');
914 1222
		if(isset($module_name))
915 1223
		{
916
			if(!isset($module_license))                                  { $module_license = 'GNU General Public License'; }
1224
			if(!isset($module_license)) { $module_license = 'GNU General Public License'; }
917 1225
			if(!isset($module_platform) && isset($module_designed_for)) { $module_platform = $module_designed_for; }
918
			if(!isset($module_function) && isset($module_type))         { $module_function = $module_type; }
1226
			if(!isset($module_function) && isset($module_type)) { $module_function = $module_type; }
919 1227
			$module_function = strtolower($module_function);
920 1228
			// Check that it does already exist
921
			// Check that it does already exist
922 1229
			$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'addons` ';
923 1230
			$sql .= 'WHERE `directory` = \''.$module_directory.'\'';
924

  
925 1231
			if( $database->get_one($sql) )
926 1232
			{
927 1233
				// Update in DB
928 1234
				$sql  = 'UPDATE `'.TABLE_PREFIX.'addons` SET ';
929
				$sql .= '`version` = \''.$module_version.'\', ';
930
				$sql .= '`description` = \''.addslashes($module_description).'\', ';
1235
				$sql .= '`version` = "'.$module_version.'", ';
1236
				$sql .= '`description` = "'.addslashes($module_description).'", ';
931 1237
				$sql .= '`platform` = \''.$module_platform.'\', ';
932 1238
				$sql .= '`author` = \''.addslashes($module_author).'\', ';
933 1239
				$sql .= '`license` = \''.addslashes($module_license).'\' ';
......
973 1279
	}
974 1280
}
975 1281

  
976
?>
1282
/*
1283
 * @param string $modulname: like saved in addons.directory
1284
 * @param boolean $source: true reads from database, false from info.php
1285
 * @return string:  the version as string, if not found returns null
1286
 */
1287

  
1288
	function get_modul_version($modulname, $source = true)
1289
	{
1290
		global $database;
1291
		$version = null;
1292
		if( $source != true )
1293
		{
1294
			$sql = 'SELECT `version` FROM `'.TABLE_PREFIX.'addons` WHERE `directory`=\''.$modulname.'\'';
1295
			$version = $database->get_one($sql);
1296
		} else {
1297
			$info_file = WB_PATH.'/modules/'.$modulname.'/info.php';
1298
			if(file_exists($info_file))
1299
			{
1300
				if(($info_file = file_get_contents($info_file)))
1301
				{
1302
					$version = get_variable_content('module_version', $info_file, false, false);
1303
					$version = ($version !== false) ? $version : null;
1304
				}
1305
			}
1306
		}
1307
		return $version;
1308
	}
1309

  
1310
/*
1311
 * @param string $varlist: commaseperated list of varnames to move into global space
1312
 * @return bool:  false if one of the vars already exists in global space (error added to msgQueue)
1313
 */
1314
	function vars2globals_wrapper($varlist)
1315
	{
1316
		$retval = true;
1317
		if( $varlist != '')
1318
		{
1319
			$vars = explode(',', $varlist);
1320
			foreach( $vars as $var)
1321
			{
1322
				if( isset($GLOBALS[$var]) )
1323
				{
1324
					ErrorLog::write( 'variabe $'.$var.' already defined in global space!!',__FILE__, __FUNCTION__, __LINE__);
1325
					$retval = false;
1326
				}else
1327
				{
1328
					global $$var;
1329
				}
1330
			}
1331
		}
1332
		return $retval;
1333
	}
1334

  
1335

  
branches/2.8.x/wb/framework/class.wb.php
1
<?php
2
/**
3
 *
4
 * @category        frontend
5
 * @package         framework
6
 * @author          WebsiteBaker Project
7
 * @copyright       2004-2009, Ryan Djurovich
8
 * @copyright       2009-2011, Website Baker Org. e.V.
9
 * @link			http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.x
12
 * @requirements    PHP 5.2.2 and higher
13
 * @version         $Id$
14
 * @filesource		$HeadURL: $
15
 * @lastmodified    $Date:  $
16
 *
17
 */
18

  
19
// Include PHPLIB template class
20
require_once(WB_PATH."/include/phplib/template.inc");
21

  
22
require_once(WB_PATH.'/framework/class.database.php');
23

  
24
// Include new wbmailer class (subclass of PHPmailer)
25
require_once(WB_PATH."/framework/class.wbmailer.php");
26

  
27
require_once(WB_PATH."/framework/class.secureform.php");
28

  
29
class wb extends SecureForm
30
{
31

  
32
	var $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+';
33
	// General initialization function
34
	// performed when frontend or backend is loaded.
35

  
36
	function wb() {
37
	}
38

  
39

  
40
	// Check whether a page is visible or not.
41
	// This will check page-visibility and user- and group-rights.
42
	/* page_is_visible() returns
43
		false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
44
		true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
45
	*/
46
	function page_is_visible($page)
47
    {
48
		$show_it = false; // shall we show the page?
49
		$page_id = $page['page_id'];
50
		$visibility = $page['visibility'];
51
		$viewing_groups = $page['viewing_groups'];
52
		$viewing_users = $page['viewing_users'];
53

  
54
		// First check if visibility is 'none', 'deleted'
55
		if($visibility == 'none')
56
        {
57
			return(false);
58
		} elseif($visibility == 'deleted')
59
        {
60
			return(false);
61
		}
62

  
63
		// Now check if visibility is 'hidden', 'private' or 'registered'
64
		if($visibility == 'hidden') { // hidden: hide the menu-link, but show the page
65
			$show_it = true;
66
		} elseif($visibility == 'private' || $visibility == 'registered')
67
        {
68
			// Check if the user is logged in
69
			if($this->is_authenticated() == true)
70
            {
71
				// Now check if the user has perms to view the page
72
				$in_group = false;
73
				foreach($this->get_groups_id() as $cur_gid)
74
                {
75
				    if(in_array($cur_gid, explode(',', $viewing_groups)))
76
                    {
77
				        $in_group = true;
78
				    }
79
				}
80
				if($in_group || in_array($this->get_user_id(), explode(',', $viewing_users))) {
81
					$show_it = true;
82
				} else {
83
					$show_it = false;
84
				}
85
			} else {
86
				$show_it = false;
87
			}
88
		} elseif($visibility == 'public') {
89
			$show_it = true;
90
		} else {
91
			$show_it = false;
92
		}
93
		return($show_it);
94
	}
95
	// Check if there is at least one active section on this page
96
	function page_is_active($page)
97
    {
98
		global $database;
99
		$has_active_sections = false;
100
		$page_id = $page['page_id'];
101
		$now = time();
102
		$query_sections = $database->query("SELECT publ_start,publ_end FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id'");
103
		if($query_sections->numRows() != 0)
104
        {
105
			while($section = $query_sections->fetchRow())
106
            {
107
				if($now<$section['publ_end'] && ($now>$section['publ_start'] || $section['publ_start']==0) || $now>$section['publ_start'] && $section['publ_end']==0)
108
                {
109
					$has_active_sections = true;
110
					break;
111
				}
112
			}
113
		}
114
		return($has_active_sections);
115
	}
116

  
117
	// Check whether we should show a page or not (for front-end)
118
	function show_page($page)
119
    {
120
		if($this->page_is_visible($page) && $this->page_is_active($page))
121
        {
122
			return true;
123
		} else {
124
			return false;
125
		}
126
	}
127

  
128
	// Check if the user is already authenticated or not
129
	function is_authenticated() {
130
		if(isset($_SESSION['USER_ID']) AND $_SESSION['USER_ID'] != "" AND is_numeric($_SESSION['USER_ID']))
131
        {
132
			return true;
133
		} else {
134
			return false;
135
		}
136
	}
137

  
138
	// Modified addslashes function which takes into account magic_quotes
139
	function add_slashes($input) {
140
		if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
141
			return $input;
142
		}
143
		$output = addslashes($input);
144
		return $output;
145
	}
146

  
147
	// Ditto for stripslashes
148
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
149
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
150
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
151
	function strip_slashes($input) {
152
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
153
			return $input;
154
		}
155
		$output = stripslashes($input);
156
		return $output;
157
	}
158

  
159
	// Escape backslashes for use with mySQL LIKE strings
160
	function escape_backslashes($input) {
161
		return str_replace("\\","\\\\",$input);
162
	}
163

  
164
	function page_link($link){
165
		// Check for :// in the link (used in URL's) as well as mailto:
166
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
167
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
168
		} else {
169
			return $link;
170
		}
171
	}
172
	
173
	// Get POST data
174
	function get_post($field) {
175
		if(isset($_POST[$field])) {
176
			return $_POST[$field];
177
		} else {
178
			return null;
179
		}
180
	}
181

  
182
	// Get POST data and escape it
183
	function get_post_escaped($field) {
184
		$result = $this->get_post($field);
185
		return (is_null($result)) ? null : $this->add_slashes($result);
186
	}
187
	
188
	// Get GET data
189
	function get_get($field) {
190
		if(isset($_GET[$field])) {
191
			return $_GET[$field];
192
		} else {
193
			return null;
194
		}
195
	}
196

  
197
	// Get SESSION data
198
	function get_session($field) {
199
		if(isset($_SESSION[$field])) {
200
			return $_SESSION[$field];
201
		} else {
202
			return null;
203
		}
204
	}
205

  
206
	// Get SERVER data
207
	function get_server($field) {
208
		if(isset($_SERVER[$field])) {
209
			return $_SERVER[$field];
210
		} else {
211
			return null;
212
		}
213
	}
214

  
215
	// Get the current users id
216
	function get_user_id() {
217
		return $_SESSION['USER_ID'];
218
	}
219

  
220
	// Get the current users group id
221
	function get_group_id() {
222
		return $_SESSION['GROUP_ID'];
223
	}
224

  
225
	// Get the current users group ids
226
	function get_groups_id() {
227
		return explode(",", $_SESSION['GROUPS_ID']);
228
	}
229

  
230
	// Get the current users group name
231
	function get_group_name() {
232
		return implode(",", $_SESSION['GROUP_NAME']);
233
	}
234

  
235
	// Get the current users group name
236
	function get_groups_name() {
237
		return $_SESSION['GROUP_NAME'];
238
	}
239

  
240
	// Get the current users username
241
	function get_username() {
242
		return $_SESSION['USERNAME'];
243
	}
244

  
245
	// Get the current users display name
246
	function get_display_name() {
247
		return ($_SESSION['DISPLAY_NAME']);
248
	}
249

  
250
	// Get the current users email address
251
	function get_email() {
252
		return $_SESSION['EMAIL'];
253
	}
254

  
255
	// Get the current users home folder
256
	function get_home_folder() {
257
		return $_SESSION['HOME_FOLDER'];
258
	}
259

  
260
	// Get the current users timezone
261
	function get_timezone() {
262
		if(!isset($_SESSION['USE_DEFAULT_TIMEZONE'])) {
263
			return $_SESSION['TIMEZONE'];
264
		} else {
265
			return '-72000';
266
		}
267
	}
268

  
269
	// Validate supplied email address
270
	function validate_email($email) {
271
		if(preg_match('/^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$/', $email)) {
272
		return true;
273
		} else {
274
			return false;
275
		}
276
	}
277

  
278
	// Print a success message which then automatically redirects the user to another page
279
	function print_success( $message, $redirect = 'index.php' ) {
280
	    global $TEXT;
281
	    // fetch redirect timer for sucess messages from settings table
282
	    $redirect_timer = ((defined( 'REDIRECT_TIMER' )) && (REDIRECT_TIMER >= 1500)) ? REDIRECT_TIMER : 0;
283
	    // add template variables
284
	    $tpl = new Template( THEME_PATH.'/templates' );
285
	    $tpl->set_file( 'page', 'success.htt' );
286
	    $tpl->set_block( 'page', 'main_block', 'main' );
287
	    $tpl->set_block( 'main_block', 'show_redirect_block', 'show_redirect' );
288
	    $tpl->set_var( 'MESSAGE', $message );
289
	    $tpl->set_var( 'REDIRECT', $redirect );
290
	    $tpl->set_var( 'REDIRECT_TIMER', $redirect_timer );
291
	    $tpl->set_var( 'NEXT', $TEXT['NEXT'] );
292
	    $tpl->set_var( 'BACK', $TEXT['BACK'] );
293
	    if ($redirect_timer == 0) {
294
	        $tpl->set_block( 'show_redirect', '' );
295
	    }
296
	    else {
297
	        $tpl->parse( 'show_redirect', 'show_redirect_block', true );
298
	    }
299
	    $tpl->parse( 'main', 'main_block', false );
300
	    $tpl->pparse( 'output', 'page' );
301
	}
302

  
303
	// Print an error message
304
	function print_error($message, $link = 'index.php', $auto_footer = true) {
305
		global $TEXT;
306
		$success_template = new Template(THEME_PATH.'/templates');
307
		$success_template->set_file('page', 'error.htt');
308
		$success_template->set_block('page', 'main_block', 'main');
309
		$success_template->set_var('MESSAGE', $message);
310
		$success_template->set_var('LINK', $link);
311
		$success_template->set_var('BACK', $TEXT['BACK']);
312
		$success_template->parse('main', 'main_block', false);
313
		$success_template->pparse('output', 'page');
314
		if ( $auto_footer == true ) {
315
			if ( method_exists($this, "print_footer") ) {
316
				$this->print_footer();
317
			}
318
		}
319
		exit();
320
	}
321

  
322
	// Validate send email
323
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='') {
324
		/* 
325
			INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
326
			SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
327
			NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
328

  
329
			NOTE:
330
			To use SMTP for sending out mails, you have to specify the SMTP host of your domain
331
			via the Settings panel in the backend of Website Baker
332
		*/ 
333

  
334
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
335
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
336
		$subject = preg_replace('/[\r\n]/', '', $subject);
337
		$message_alt = $message;
338
		$message = preg_replace('/[\r\n]/', '<br \>', $message);
339
		
340
		// create PHPMailer object and define default settings
341
		$myMail = new wbmailer();
342

  
343
		// set user defined from address
344
		if ($fromaddress!='') {
345
			if($fromname!='') $myMail->FromName = $fromname;         // FROM-NAME
346
			$myMail->From = $fromaddress;                            // FROM:
347
			$myMail->AddReplyTo($fromaddress);                       // REPLY TO:
348
		}
349
		
350
		// define recepient and information to send out
351
		$myMail->AddAddress($toaddress);                            // TO:
352
		$myMail->Subject = $subject;                                // SUBJECT
353
		$myMail->Body = $message;                                   // CONTENT (HTML)
354
		$myMail->AltBody = strip_tags($message_alt);				// CONTENT (TEXT)
355
		
356
		// check if there are any send mail errors, otherwise say successful
357
		if (!$myMail->Send()) {
358
			return false;
359
		} else {
360
			return true;
361
		}
362
	}
363

  
364
}
1
<?php
2
/**
3
 *
4
 * @category        frontend
5
 * @package         framework
6
 * @author          WebsiteBaker Project
7
 * @copyright       2004-2009, Ryan Djurovich
8
 * @copyright       2009-2011, Website Baker Org. e.V.
9
 * @link			http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.x
12
 * @requirements    PHP 5.2.2 and higher
13
 * @version         $Id$
14
 * @filesource		$HeadURL: $
15
 * @lastmodified    $Date:  $
16
 *
17
 */
18

  
19
// Include PHPLIB template class
20
require_once(WB_PATH."/include/phplib/template.inc");
21

  
22
require_once(WB_PATH.'/framework/class.database.php');
23

  
24
// Include new wbmailer class (subclass of PHPmailer)
25
require_once(WB_PATH."/framework/class.wbmailer.php");
26

  
27
require_once(WB_PATH."/framework/class.secureform.php");
28

  
29
class wb extends SecureForm
30
{
31

  
32
	var $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+';
33
	// General initialization function
34
	// performed when frontend or backend is loaded.
35

  
36
	function wb() {
37
	}
38

  
39
/* ****************
40
 * check if current user is member of at least one of given groups
41
 * ADMIN (uid=1) always is treated like a member of any groups
42
 *
43
 * @access public
44
 * @param mixed $groups_list: an array or a coma seperated list of group-ids
45
 * @return bool: true if current user is member of one of this groups, otherwise false
46
 */
47
	function ami_group_member( $groups_list = '' )
48
	{
49
		if( $this->get_user_id() == 1 ) { return true; }
50
		return $this->is_group_match( $groups_list, $this->get_groups_id() );
51
	}
52

  
53
	// Check whether a page is visible or not.
54
	// This will check page-visibility and user- and group-rights.
55
	/* page_is_visible() returns
56
		false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
57
		true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
58
	*/
59
	function page_is_visible($page)
60
    {
61
		$show_it = false; // shall we show the page?
62
		$page_id = $page['page_id'];
63
		$visibility = $page['visibility'];
64
		$viewing_groups = $page['viewing_groups'];
65
		$viewing_users = $page['viewing_users'];
66

  
67
		// First check if visibility is 'none', 'deleted'
68
		if($visibility == 'none')
69
        {
70
			return(false);
71
		} elseif($visibility == 'deleted')
72
        {
73
			return(false);
74
		}
75

  
76
		// Now check if visibility is 'hidden', 'private' or 'registered'
77
		if($visibility == 'hidden') { // hidden: hide the menu-link, but show the page
78
			$show_it = true;
79
		} elseif($visibility == 'private' || $visibility == 'registered')
80
        {
81
			// Check if the user is logged in
82
			if($this->is_authenticated() == true)
83
            {
84
				// Now check if the user has perms to view the page
85
				$in_group = false;
86
				foreach($this->get_groups_id() as $cur_gid)
87
                {
88
				    if(in_array($cur_gid, explode(',', $viewing_groups)))
89
                    {
90
				        $in_group = true;
91
				    }
92
				}
93
				if($in_group || in_array($this->get_user_id(), explode(',', $viewing_users))) {
94
					$show_it = true;
95
				} else {
96
					$show_it = false;
97
				}
98
			} else {
99
				$show_it = false;
100
			}
101
		} elseif($visibility == 'public') {
102
			$show_it = true;
103
		} else {
104
			$show_it = false;
105
		}
106
		return($show_it);
107
	}
108
	// Check if there is at least one active section on this page
109
	function page_is_active($page)
110
    {
111
		global $database;
112
		$has_active_sections = false;
113
		$page_id = $page['page_id'];
114
		$now = time();
115
		$query_sections = $database->query("SELECT publ_start,publ_end FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id'");
116
		if($query_sections->numRows() != 0)
117
        {
118
			while($section = $query_sections->fetchRow())
119
            {
120
				if($now<$section['publ_end'] && ($now>$section['publ_start'] || $section['publ_start']==0) || $now>$section['publ_start'] && $section['publ_end']==0)
121
                {
122
					$has_active_sections = true;
123
					break;
124
				}
125
			}
126
		}
127
		return($has_active_sections);
128
	}
129

  
130
	// Check whether we should show a page or not (for front-end)
131
	function show_page($page)
132
    {
133
		if($this->page_is_visible($page) && $this->page_is_active($page))
134
        {
135
			return true;
136
		} else {
137
			return false;
138
		}
139
	}
140

  
141
	// Check if the user is already authenticated or not
142
	function is_authenticated() {
143
		if(isset($_SESSION['USER_ID']) AND $_SESSION['USER_ID'] != "" AND is_numeric($_SESSION['USER_ID']))
144
        {
145
			return true;
146
		} else {
147
			return false;
148
		}
149
	}
150

  
151
	// Modified addslashes function which takes into account magic_quotes
152
	function add_slashes($input) {
153
		if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
154
			return $input;
155
		}
156
		$output = addslashes($input);
157
		return $output;
158
	}
159

  
160
	// Ditto for stripslashes
161
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
162
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
163
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
164
	function strip_slashes($input) {
165
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
166
			return $input;
167
		}
168
		$output = stripslashes($input);
169
		return $output;
170
	}
171

  
172
	// Escape backslashes for use with mySQL LIKE strings
173
	function escape_backslashes($input) {
174
		return str_replace("\\","\\\\",$input);
175
	}
176

  
177
	function page_link($link){
178
		// Check for :// in the link (used in URL's) as well as mailto:
179
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
180
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
181
		} else {
182
			return $link;
183
		}
184
	}
185
	
186
	// Get POST data
187
	function get_post($field) {
188
		if(isset($_POST[$field])) {
189
			return $_POST[$field];
190
		} else {
191
			return null;
192
		}
193
	}
194

  
195
	// Get POST data and escape it
196
	function get_post_escaped($field) {
197
		$result = $this->get_post($field);
198
		return (is_null($result)) ? null : $this->add_slashes($result);
199
	}
200
	
201
	// Get GET data
202
	function get_get($field) {
203
		if(isset($_GET[$field])) {
204
			return $_GET[$field];
205
		} else {
206
			return null;
207
		}
208
	}
209

  
210
	// Get SESSION data
211
	function get_session($field) {
212
		if(isset($_SESSION[$field])) {
213
			return $_SESSION[$field];
214
		} else {
215
			return null;
216
		}
217
	}
218

  
219
	// Get SERVER data
220
	function get_server($field) {
221
		if(isset($_SERVER[$field])) {
222
			return $_SERVER[$field];
223
		} else {
224
			return null;
225
		}
226
	}
227

  
228
	// Get the current users id
229
	function get_user_id() {
230
		return $_SESSION['USER_ID'];
231
	}
232

  
233
	// Get the current users group id
234
	function get_group_id() {
235
		return $_SESSION['GROUP_ID'];
236
	}
237

  
238
	// Get the current users group ids
239
	function get_groups_id() {
240
		return explode(",", $_SESSION['GROUPS_ID']);
241
	}
242

  
243
	// Get the current users group name
244
	function get_group_name() {
245
		return implode(",", $_SESSION['GROUP_NAME']);
246
	}
247

  
248
	// Get the current users group name
249
	function get_groups_name() {
250
		return $_SESSION['GROUP_NAME'];
251
	}
252

  
253
	// Get the current users username
254
	function get_username() {
255
		return $_SESSION['USERNAME'];
256
	}
257

  
258
	// Get the current users display name
259
	function get_display_name() {
260
		return ($_SESSION['DISPLAY_NAME']);
261
	}
262

  
263
	// Get the current users email address
264
	function get_email() {
265
		return $_SESSION['EMAIL'];
266
	}
267

  
268
	// Get the current users home folder
269
	function get_home_folder() {
270
		return $_SESSION['HOME_FOLDER'];
271
	}
272

  
273
	// Get the current users timezone
274
	function get_timezone() {
... This diff was truncated because it exceeds the maximum size that can be displayed.

Also available in: Unified diff