WB 2.08.x

if(!defined('REVISION')) define('REVISION', '1502');

	$admin            = $wb;

	$default_link     = $wb->default_link;

	$page_trail       = $wb->page_trail;

	$page_description = $wb->page_description;

	$page_keywords    = $wb->page_keywords;

	$page_link        = $wb->link;

// check website baker platform (with WB 2.7, Admin-Tools were moved out of settings dialogue)

} else {

	$admintool_link = ADMIN_URL .'/settings/index.php?advanced=yes#administration_tools"';

	$admin = new admin('Settings', 'settings_advanced');

$droplet_id = $admin->checkIDKEY('droplet_id', false, 'GET');

$database->query("DELETE FROM ".TABLE_PREFIX."mod_droplets WHERE id = '$droplet_id' LIMIT 1");

$module_version = '1.1.0';

$module_home = 'http://www.websitebakers.com/pages/droplets/about-droplets.php';

$module_guid = '9F2AC2DF-C3E1-4E15-BA4C-2A86E37FE6E5';

// Must include code to stop this file being access directly

if(defined('WB_PATH') == false) { die("Cannot access this file directly"); }

?>

//:Emailfiltering on your output - output filtering with the options below - Mailto links can be encrypted by a Javascript

//:usage:  [[EmailFilter]] 

// You can configure the output filtering with the options below.

// Tip: Mailto links can be encrypted by a Javascript function. 

// To make use of this option, one needs to add the PHP code 

//       register_frontend_modfiles('js');

// into the <head> section of the index.php of your template. 

// Without this modification, only the @ character in the mailto part will be replaced.

// Basic Email Configuration: 

// Filter Email addresses in text 0 = no, 1 = yes - default 1

$filter_settings['email_filter'] = '1';

// Filter Email addresses in mailto links 0 = no, 1 = yes - default 1

$filter_settings['mailto_filter'] = '1';

// Email Replacements, replace the '@' and the '.' by default (at) and (dot)

$filter_settings['at_replacement']  = '(at)';

$filter_settings['dot_replacement'] = '(dot)';

// No need to change stuff underneatch unless you know what you are doing.

// work out the defined output filter mode: possible output filter modes: [0], 1, 2, 3, 6, 7

// 2^0 * (0.. disable, 1.. enable) filtering of mail addresses in text

// 2^1 * (0.. disable, 1.. enable) filtering of mail addresses in mailto links

// 2^2 * (0.. disable, 1.. enable) Javascript mailto encryption (only if mailto filtering enabled)

// only filter output if we are supposed to

if($filter_settings['email_filter'] != '1' && $filter_settings['mailto_filter'] != '1'){

	// nothing to do ...

	return true;

}

// check if non mailto mail addresses needs to be filtered

$output_filter_mode = ($filter_settings['email_filter'] == '1') ? 1 : 0;		// 0|1

// check if mailto mail addresses needs to be filtered

if($filter_settings['mailto_filter'] == '1')

{

	$output_filter_mode = $output_filter_mode + 2;								// 0|2

        // check if Javascript mailto encryption is enabled (call register_frontend_functions in the template)

        $search_pattern = '/<.*src=\".*\/mdcr.js.*>/iU';

        if(preg_match($search_pattern, $wb_page_data))

        {

          $output_filter_mode = $output_filter_mode + 4;       // 0|4

        }

}

// define some constants so we do not call the database in the callback function again

define('OUTPUT_FILTER_MODE', (int) $output_filter_mode);

define('OUTPUT_FILTER_AT_REPLACEMENT', $filter_settings['at_replacement']);

define('OUTPUT_FILTER_DOT_REPLACEMENT', $filter_settings['dot_replacement']);

// function to filter mail addresses embedded in text or mailto links before outputing them on the frontend

if (!function_exists('filter_mail_addresses')) {

	function filter_mail_addresses($match) { 

	// check if required output filter mode is defined

		if(!(defined('OUTPUT_FILTER_MODE') && defined('OUTPUT_FILTER_MODE') && defined('OUTPUT_FILTER_MODE'))) {

			return $match[0];

		}

		$search = array('@', '.');

		$replace = array(OUTPUT_FILTER_AT_REPLACEMENT ,OUTPUT_FILTER_DOT_REPLACEMENT);

		// check if the match contains the expected number of subpatterns (6|8)

		if(count($match) == 8) {

			/**

				OUTPUT FILTER FOR EMAIL ADDRESSES EMBEDDED IN TEXT

			**/

			// 1.. text mails only, 3.. text mails + mailto (no JS), 7 text mails + mailto (JS)

			if(!in_array(OUTPUT_FILTER_MODE, array(1,3,7))) return $match[0];

			// do not filter mail addresses included in input tags (<input ... value = "test@mail)

			if (strpos($match[6], 'value') !== false) return $match[0];

			// filtering of non mailto email addresses enabled

			return str_replace($search, $replace, $match[0]);

		} elseif(count($match) == 6) {

			/**

				OUTPUT FILTER FOR EMAIL ADDRESSES EMBEDDED IN MAILTO LINKS

			**/

			// 2.. mailto only (no JS), 3.. text mails + mailto (no JS), 6.. mailto only (JS), 7.. all filters active

			if(!in_array(OUTPUT_FILTER_MODE, array(2,3,6,7))) return $match[0];

			// check if last part of the a href link: >xxxx</a> contains a email address we need to filter

			$pattern = '#[A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,4}#i';

			if(preg_match_all($pattern, $match[5], $matches)) {

				foreach($matches as $submatch) {

					foreach($submatch as $value) {

						// replace all . and all @ in email address parts by (dot) and (at) strings

						$match[5] = str_replace($value, str_replace($search, $replace, $value), $match[5]);

					}

				}

			}

			// check if Javascript encryption routine is enabled

			if(in_array(OUTPUT_FILTER_MODE, array(6,7))) {

				/** USE JAVASCRIPT ENCRYPTION FOR MAILTO LINKS **/

				// extract possible class and id attribute from ahref link

				preg_match('/class\s*?=\s*?("|\')(.*?)\1/ix', $match[0], $class_attr);

				$class_attr = empty($class_attr) ? '' : 'class="' . $class_attr[2] . '" ';

				preg_match('/id\s*?=\s*?("|\')(.*?)\1/ix', $match[0], $id_attr);

				$id_attr = empty($id_attr) ? '' : 'id="' . $id_attr[2] . '" ';

				// preprocess mailto link parts for further usage

				$search = array('@', '.', '_', '-'); $replace = array('F', 'Z', 'X', 'K');

				$email_address = str_replace($search, $replace, strtolower($match[2]));

				$email_subject = rawurlencode(html_entity_decode($match[3]));

				// create a random encryption key for the Caesar cipher

				mt_srand((double)microtime()*1000000);	// (PHP < 4.2.0)

				$shift = mt_rand(1, 25);

				// encrypt the email using an adapted Caesar cipher

		  		$encrypted_email = "";

				for($i = strlen($email_address) -1; $i > -1; $i--) {

					if(preg_match('#[FZXK0-9]#', $email_address[$i], $characters)) {

						$encrypted_email .= $email_address[$i];

					} else {	

						$encrypted_email .= chr((ord($email_address[$i]) -97 + $shift) % 26 + 97);

					}

				}

				$encrypted_email .= chr($shift + 97);

				// build the encrypted Javascript mailto link

				$mailto_link  = "<a {$class_attr}{$id_attr}href=\"javascript:mdcr('$encrypted_email','$email_subject')\">" .$match[5] ."</a>";

				return $mailto_link;	

			} else {

				/** DO NOT USE JAVASCRIPT ENCRYPTION FOR MAILTO LINKS **/

				// as minimum protection, replace replace @ in the mailto part by (at)

				// dots are not transformed as this would transform my.name@domain.com into: my(dot)name(at)domain(dot)com

				// rebuild the mailto link from the subpatterns (at the missing characters " and </a>")

				return $match[1] .str_replace('@', OUTPUT_FILTER_AT_REPLACEMENT, $match[2]) .$match[3] .'"' .$match[4] .$match[5] .'</a>';

				// if you want to protect both, @ and dots, comment out the line above and remove the comment from the line below

				// return $match[1] .str_replace($search, $replace, $match[2]) .$match[3] .'"' .$match[4] .$match[5] .'</a>';

			}

		}

		// number of subpatterns do not match the requirements ... do nothing

		return $match[0];

	}		

}

// first search part to find all mailto email addresses

$pattern = '#(<a[^<]*href\s*?=\s*?"\s*?mailto\s*?:\s*?)([A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,4})([^"]*?)"([^>]*>)(.*?)</a>';

// second part to find all non mailto email addresses

$pattern .= '|(value\s*=\s*"|\')??\b([A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,4})\b#i';

// Sub 1:\b(<a.[^<]*href\s*?=\s*?"\s*?mailto\s*?:\s*?)		-->	"<a id="yyy" class="xxx" href = " mailto :" ignoring white spaces

// Sub 2:([A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,4})		-->	the email address in the mailto: part of the mail link

// Sub 3:([^"]*?)"							--> possible ?Subject&cc... stuff attached to the mail address

// Sub 4:([^>]*>)							--> all class or id statements after the mailto but before closing ..>

// Sub 5:(.*?)</a>\b						--> the mailto text; all characters between >xxxxx</a>

// Sub 6:|\b([A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,4})\b		--> email addresses which may appear in the text (require word boundaries)

$content = $wb_page_data;			

// find all email addresses embedded in the content and filter them using a callback function

$content = preg_replace_callback($pattern, 'filter_mail_addresses', $content);

$wb_page_data = $content;

return true;

// Must include code to stop this file being access directly

if(defined('WB_PATH') == false) { die("Cannot access this file directly"); }

$table = TABLE_PREFIX .'mod_droplets';

$database->query("DROP TABLE IF EXISTS `$table`");

$database->query("CREATE TABLE `$table` (

	`id` INT NOT NULL auto_increment,

	`name` VARCHAR(32) NOT NULL,

	`code` LONGTEXT NOT NULL ,

	`description` TEXT NOT NULL,

	`modified_when` INT NOT NULL default '0',

	`modified_by` INT NOT NULL default '0',

	`active` INT NOT NULL default '0',

	`admin_edit` INT NOT NULL default '0',

	`admin_view` INT NOT NULL default '0',

	`show_wysiwyg` INT NOT NULL default '0',

	`comments` TEXT NOT NULL,

	PRIMARY KEY ( `id` )

	)"

);

$folder=opendir(WB_PATH.'/modules/droplets/example/.'); 

			$names[count($names)] = $file; 

		$database->query("INSERT INTO `$table`  

			(name, code, description, comments, active, modified_when, modified_by) 

			VALUES 

			('$name', '$droplet', '$description', '$comments', '1', '$modified_when', '$modified_by')");

	}  

	$data = "";

?>

<html>

	<head>

	<title>Droplets</title>

	<link href="readme.css" rel="stylesheet" type="text/css" media="screen" />

</head>

	<body>

		<small><font color="#7f7f7f">Droplets Help</font></small><br />

		<h2> <img src="../img/droplets_logo.png" alt="" width="297" height="81" border="0"></h2> <br />

		Droplets are small chunks of php code (just like the code module) that can be included in your template or any other content section. <br />

		Including a droplet is done by encapsulating the droplet name in double brackets. <br />

		If you want to use the droplet &quot;ModifiedWhen&quot; (to show the last modified date and time of the current page) you only need to add <b>[[ModifiedWhen]]</b> to your template or WYSIWYG contentpage. <br />

		<br />

		You are encouraged to create your own droplets and share them with the community. <br />

		<br />

		<h3>Installation</h3>

		<br />

		Droplets are installed as a admin tool. The installation is done using the normal &quot;Add module&quot; page in the WB backend. <br />

		When the installation is successfull, there is a new tool added to the Admin-Tools menu. <br />

		Clicking the tool will display the current installed droplets, and a button to create your own. <br />

		<br />

		<h3>Getting Droplets</h3>

		<br />

		A fast growing number of Droplets are available for use, you can use the <a href="http://www.websitebakers.com/pages/droplets/official-library.php" target="_new">Official Droplets Library</a> in the AMASP project website, or you can search the WB Forum. <br />

		<br />

		<h3>Coding Droplets</h3>

		<br />

		Droplets run in PHP mode, no <font color="#ff0000">&lt;?php</font> or <font color="#ff0000">?&gt;</font> is allowed in the code! If any of these tags are found in the code they will be removed. Your code will not run as expected. <br />

		The droplet code can NOT echo or print data to the output stream directly. The Droplet name is replaced by the return value of the PHP code.<br />

		Example: [[HelloWorld]] <br />

		<br />

		<font color="#ff0000">Wrong code:</font> echo &quot;Hello World&quot;; <br />

		<font color="#339966">Correct code:</font> return &quot;Hello World&quot;; <br />

		<br />

		Since version 0.3 Droplets can modify the complete page content. <br />

		When the Droplet is called, an extra variable ($wb_page_data) is made available. 

		This variable holds all the content of your current generated webpage.

		You can modify any part of this content simply by replacing it in the variable. There is no need to return this variable, the Droplet code will process changed content automatically.<br /><br />

		Since version 0.3 Droplets will check the PHP code you have saved for validity. <br />

		When the code will not execute correctly a red flashing icon will apear in the backend Droplets list. <br />

		The standard blue icon is no guarantee that the Droplets does what you would expect it to do, it will just tell you if the code is valid PHP code.<br /><br />

		Since version 0.3 Droplets you do not need to return any data. When you end your code with <pre>return true;</pre> there will not be an errormessage. The processed Droplet tag will be removed.<br />

		<br />

		<h3>PHP color coding</h3>

		<br />

		The Droplets edit page is ready to use the EditArea module. This module creates a color coded editor for PHP code. <br />

		EditArea comes as a seperate module (installed as an admin tool). <br />

		Use the WB Forum or the <a href="http://www.websitebakers.com/" target="_new">AMASP</a> project to find the latest EditArea download. <br />

		<br />

		<h3>More Information</h3>

		<br />

		More information (including localized help) can be found on the <a href="http://www.websitebakers.com/pages/droplets/about-droplets.php" target="_new">Droplets pages</a> of the AMASP project website. <br />

		<br />

		<br />

		<br />

	</body>

// prevent this file from being accessed directly

if(!defined('WB_PATH')) die(header('Location: ../index.php'));

$table = TABLE_PREFIX .'mod_droplets';

$database->query("DROP TABLE IF EXISTS `$table`");

?>

// Must include code to stop this file being access directly

if(defined('WB_PATH') == false) { die("Cannot access this file directly"); }

$loggedin_user = $admin->get_user_id();

$database->query("DELETE FROM ".TABLE_PREFIX."mod_droplets WHERE name=''");

// if ($loggedin_user == '1') {

if ($admin_user) {

	$query_droplets = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_droplets ORDER BY modified_when DESC");

} else { 

	$query_droplets = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_droplets WHERE admin_view <> '1' ORDER BY modified_when DESC");

		if ($unique_droplet === false) $comments = '<font color=\'red\'><strong>'.$DR_TEXT['NOTUNIQUE'].'</strong></font><br /><br />'.$comments;

				<a href="<?php echo WB_URL; ?>/modules/droplets/modify_droplet.php?droplet_id=<?php echo $admin->getIDKEY($droplet['id']); ?>" title="<?php echo $TEXT['MODIFY']; ?>">

					<img src="<?php echo THEME_URL; ?>/images/modify_16.png" border="0" alt="Modify" /> 

				<a href="<?php echo WB_URL; ?>/modules/droplets/modify_droplet.php?droplet_id=<?php echo $admin->getIDKEY($droplet['id']); ?>" class="tooltip">

				<a href="javascript: confirm_link('<?php echo $TEXT['ARE_YOU_SURE']; ?>', '<?php echo WB_URL; ?>/modules/droplets/delete_droplet.php?droplet_id=<?php echo $admin->getIDKEY($droplet['id']); ?>');" title="<?php echo $TEXT['DELETE']; ?>">

	$query_droplets = $database->query("SELECT name FROM ".TABLE_PREFIX."mod_droplets WHERE name = '$name'");

	return ($query_droplets->numRows() == 1);

$droplet_id = $admin->checkIDKEY('droplet_id', false, 'GET');

 $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $module_edit_link);

 exit();

$modified_by = $admin->get_user_id();

$query_content = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_droplets WHERE id = '$droplet_id'");

	<a href="<?php echo $admintool_link;?>"><?php echo $HEADING['ADMINISTRATION_TOOLS']; ?></a>

	<a href="<?php echo $module_edit_link;?>">Droplet Edit</a>

<input type="hidden" name="droplet_id" value="<?php echo $droplet_id; ?>" />

?>

$admin = new admin('admintools','admintools',false,false);

	$admin = new admin('admintools', 'admintools');

	$modified_by = $admin->get_user_id();

	$database->query("INSERT INTO ".TABLE_PREFIX."mod_droplets (active,modified_when,modified_by) VALUES ('1','$modified_when','$modified_by' )");

	$droplet_id = $database->get_one("SELECT LAST_INSERT_ID()");

	// Print admin footer

	$admin->print_footer();

	die(header('Location: ../../index.php'));

} 

?>

$id = $admin->checkIDKEY('id', false, 'GET');

 exit();

	<a href="<?php echo $admintool_link;?>"><?php echo $HEADING['ADMINISTRATION_TOOLS']; ?></a>

	<a href="<?php echo $module_edit_link;?>">Droplets</a>

$query_droplets = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_droplets ORDER BY modified_when DESC");

$admin->print_footer();

if(!defined('WB_PATH')) die(header('Location: ../../index.php'));

$table = TABLE_PREFIX .'mod_droplets';

$info = $database->query("SELECT * from `$table` limit 0,1" );

$fields = $info->fetchRow();

if (!array_key_exists("admin_edit", $fields)) {

	/**

	 *	Call from the upgrade-script

	 */

	if (function_exists('db_add_field')) {

		db_add_field("admin_edit", 'mod_droplets', "INT NOT NULL default '0'");

		db_add_field("admin_view", 'mod_droplets', "INT NOT NULL default '0'");

		db_add_field("show_wysiwyg", 'mod_droplets', "INT NOT NULL default '0'");

	} else {

		/**

		 * Not call by the upgrade-script

		 */

		$database->query("ALTER TABLE `$table` (

			`admin_edit` INT NOT NULL default '0',

			`admin_view` INT NOT NULL default '0',

			`show_wysiwyg` INT NOT NULL default '0'

			)");

	}

}

?>

// check website baker platform (with WB 2.7, Admin-Tools were moved out of settings dialogue)

if(file_exists(ADMIN_PATH .'/admintools/tool.php')) {

	$admintool_link = ADMIN_URL .'/admintools/index.php';

	$admin = new admin('admintools', 'admintools',false);

} else {

	$admintool_link = ADMIN_URL .'/settings/index.php?advanced=yes#administration_tools"';

	$admin = new admin('Settings', 'settings_advanced',false);

}

if (!$admin->checkFTAN())

{

	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $module_edit_link);

	$modified_by = (int) $admin->get_user_id(); 

$database->query("UPDATE ".TABLE_PREFIX."mod_droplets SET name = '$title', active = '$active', admin_view = '$admin_view', admin_edit = '$admin_edit', show_wysiwyg = '$show_wysiwyg', description = '$description', code = '$content', comments = '$comments', modified_when = '$modified_when', modified_by = '$modified_by' WHERE id = '$droplet_id'");