Project

General

Profile

1 1365 Luisehahne
<?php
2
/**
3
 *
4 1529 Luisehahne
 * @category        framework
5 1698 Luisehahne
 * @package         frontend
6 1782 Luisehahne
 * @author          Ryan Djurovich (2004-2009), WebsiteBaker Project
7 1698 Luisehahne
 * @copyright       2009-2012, WebsiteBaker Org. e.V.
8 1365 Luisehahne
 * @link			http://www.websitebaker2.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11 1374 Luisehahne
 * @requirements    PHP 5.2.2 and higher
12 1365 Luisehahne
 * @version         $Id$
13 1457 Luisehahne
 * @filesource		$HeadURL$
14
 * @lastmodified    $Date$
15 1365 Luisehahne
 *
16
 */
17 1496 DarkViper
/* -------------------------------------------------------- */
18
// Must include code to stop this file being accessed directly
19 1499 DarkViper
if(!defined('WB_PATH')) {
20
	require_once(dirname(__FILE__).'/globalExceptionHandler.php');
21
	throw new IllegalFileException();
22
}
23 1496 DarkViper
/* -------------------------------------------------------- */
24 1365 Luisehahne
// Include PHPLIB template class
25
require_once(WB_PATH."/include/phplib/template.inc");
26
// Include new wbmailer class (subclass of PHPmailer)
27
require_once(WB_PATH."/framework/class.wbmailer.php");
28 1462 DarkViper
//require_once(WB_PATH."/framework/SecureForm.php");
29 1365 Luisehahne
30
class wb extends SecureForm
31
{
32
33 1457 Luisehahne
 	public $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+\@\$\&\:';	// General initialization function
34 1782 Luisehahne
35 1365 Luisehahne
	// performed when frontend or backend is loaded.
36 1394 Luisehahne
	public function  __construct($mode = SecureForm::FRONTEND) {
37
		parent::__construct($mode);
38 1365 Luisehahne
	}
39
40 1791 Luisehahne
/**
41
 *
42
 *
43
 * @return array of first visible language pages with defined fields
44
 *
45
 */
46
	public function GetLanguagesDetailsInUsed ( ) {
47
        global $database;
48
        $retVal = array();
49
        $sql =
50
            'SELECT DISTINCT `language`'.
51
            ', `page_id`,`level`,`parent`,`root_parent`,`page_code`,`link`,`language`'.
52
            ', `visibility`,`viewing_groups`,`viewing_users`,`position` '.
53
            'FROM `'.TABLE_PREFIX.'pages` '.
54
            'WHERE `level`= \'0\' '.
55
              'AND `root_parent`=`page_id` '.
56
              'AND `visibility`!=\'none\' '.
57
              'AND `visibility`!=\'hidden\' '.
58
            'GROUP BY `language` '.
59
            'ORDER BY `position`';
60 1782 Luisehahne
61 1791 Luisehahne
            if($oRes = $database->query($sql))
62
            {
63
                while($page = $oRes->fetchRow(MYSQL_ASSOC))
64
                {
65
                    if(!$this->page_is_visible($page)) {continue;}
66
                    $retVal[$page['language']] = $page;
67
                }
68
            }
69
        return $retVal;
70 1782 Luisehahne
	}
71
72 1791 Luisehahne
/**
73
 *
74
 *
75
 * @return comma separate list of first visible languages
76
 *
77
 */
78
	public function GetLanguagesInUsed ( ) {
79 1782 Luisehahne
		global $database;
80
        $retVal = '';
81
        $page = array();
82
        $sql =
83 1791 Luisehahne
            'SELECT DISTINCT `language`'.
84
            ', `page_id`,`level`,`parent`,`root_parent`,`page_code`,`link`,`language`'.
85
            ', `visibility`,`viewing_groups`,`viewing_users`,`position` '.
86
            'FROM `'.TABLE_PREFIX.'pages` '.
87
            'WHERE `level`= \'0\' '.
88
              'AND `root_parent`=`page_id` '.
89
              'AND `visibility`!=\'none\' '.
90
              'AND `visibility`!=\'hidden\' '.
91
            'GROUP BY `language` '.
92
            'ORDER BY `position`';
93 1782 Luisehahne
94 1791 Luisehahne
            if($oRes = $database->query($sql))
95 1782 Luisehahne
            {
96 1791 Luisehahne
                while($page = $oRes->fetchRow(MYSQL_ASSOC))
97
                {
98
                    if(!$this->page_is_visible($page)) {continue;}
99
                    $retVal .= $page['language'].',';
100
                }
101 1782 Luisehahne
            }
102 1791 Luisehahne
            return trim($retVal,',');
103 1782 Luisehahne
	}
104
105
106 1373 Luisehahne
/* ****************
107 1440 Luisehahne
 * check if one or more group_ids are in both group_lists
108
 *
109
 * @access public
110
 * @param mixed $groups_list1: an array or a coma seperated list of group-ids
111
 * @param mixed $groups_list2: an array or a coma seperated list of group-ids
112
 * @param array &$matches: an array-var whitch will return possible matches
113
 * @return bool: true there is a match, otherwise false
114
 */
115 1698 Luisehahne
	public function is_group_match( $groups_list1 = '', $groups_list2 = '', &$matches = null )
116 1440 Luisehahne
	{
117
		if( $groups_list1 == '' ) { return false; }
118
		if( $groups_list2 == '' ) { return false; }
119
		if( !is_array($groups_list1) )
120
		{
121
			$groups_list1 = explode(',', $groups_list1);
122
		}
123
		if( !is_array($groups_list2) )
124
		{
125
			$groups_list2 = explode(',', $groups_list2);
126
		}
127
		$matches = array_intersect( $groups_list1, $groups_list2);
128
		return ( sizeof($matches) != 0 );
129
	}
130
/* ****************
131 1373 Luisehahne
 * check if current user is member of at least one of given groups
132
 * ADMIN (uid=1) always is treated like a member of any groups
133
 *
134
 * @access public
135
 * @param mixed $groups_list: an array or a coma seperated list of group-ids
136
 * @return bool: true if current user is member of one of this groups, otherwise false
137
 */
138 1698 Luisehahne
	public function ami_group_member( $groups_list = '' )
139 1373 Luisehahne
	{
140
		if( $this->get_user_id() == 1 ) { return true; }
141
		return $this->is_group_match( $groups_list, $this->get_groups_id() );
142
	}
143
144 1791 Luisehahne
// Check whether a page is visible or not.
145
// This will check page-visibility and user- and group-rights.
146
/* page_is_visible() returns
147
	false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
148
	true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
149
*/
150 1698 Luisehahne
	public function page_is_visible($page)
151 1365 Luisehahne
    {
152 1698 Luisehahne
		// First check if visibility is 'none', 'deleted'
153 1373 Luisehahne
		$show_it = false; // shall we show the page?
154 1698 Luisehahne
		switch( $page['visibility'] )
155
		{
156
			case 'none':
157
			case 'deleted':
158
				$show_it = false;
159
				break;
160
			case 'hidden':
161
			case 'public':
162
				$show_it = true;
163
				break;
164
			case 'private':
165
			case 'registered':
166
				if($this->is_authenticated() == true)
167
				{
168
					$show_it = ( $this->is_group_match($this->get_groups_id(), $page['viewing_groups']) ||
169
								 $this->is_group_match($this->get_user_id(), $page['viewing_users']) );
170
				}
171 1373 Luisehahne
		}
172
173 1365 Luisehahne
		return($show_it);
174
	}
175 1698 Luisehahne
176 1365 Luisehahne
	// Check if there is at least one active section on this page
177 1698 Luisehahne
	public function page_is_active($page)
178 1365 Luisehahne
    {
179
		global $database;
180
		$now = time();
181 1698 Luisehahne
		$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'sections` ';
182
		$sql .= 'WHERE ('.$now.' BETWEEN `publ_start` AND `publ_end`) OR ';
183
		$sql .=       '('.$now.' > `publ_start` AND `publ_end`=0) ';
184
		$sql .=       'AND `page_id`='.(int)$page['page_id'];
185
		return ($database->get_one($sql) != false);
186
   	}
187 1365 Luisehahne
188
	// Check whether we should show a page or not (for front-end)
189 1698 Luisehahne
	public function show_page($page)
190 1365 Luisehahne
    {
191 1698 Luisehahne
		if( !is_array($page) )
192
		{
193
			$sql  = 'SELECT `page_id`, `visibility`, `viewing_groups`, `viewing_users` ';
194
			$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page;
195
			if( ($res_pages = $database->query($sql))!= null )
196
			{
197
				if( !($page = $res_pages->fetchRow()) ) { return false; }
198
			}
199
		}
200
		return ($this->page_is_visible($page) && $this->page_is_active($page));
201 1365 Luisehahne
	}
202
203
	// Check if the user is already authenticated or not
204 1698 Luisehahne
	public function is_authenticated() {
205 1487 DarkViper
		$retval = ( isset($_SESSION['USER_ID']) AND
206
		            $_SESSION['USER_ID'] != "" AND
207
		            is_numeric($_SESSION['USER_ID']));
208
        return $retval;
209 1365 Luisehahne
	}
210
211
	// Modified addslashes function which takes into account magic_quotes
212
	function add_slashes($input) {
213 1487 DarkViper
		if( get_magic_quotes_gpc() || (!is_string($input)) ) {
214 1365 Luisehahne
			return $input;
215
		}
216 1487 DarkViper
		return addslashes($input);
217 1365 Luisehahne
	}
218
219
	// Ditto for stripslashes
220
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
221
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
222
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
223
	function strip_slashes($input) {
224
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
225
			return $input;
226
		}
227 1487 DarkViper
		return stripslashes($input);
228 1365 Luisehahne
	}
229
230
	// Escape backslashes for use with mySQL LIKE strings
231
	function escape_backslashes($input) {
232
		return str_replace("\\","\\\\",$input);
233
	}
234
235
	function page_link($link){
236
		// Check for :// in the link (used in URL's) as well as mailto:
237 1373 Luisehahne
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
238 1365 Luisehahne
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
239
		} else {
240
			return $link;
241
		}
242
	}
243 1698 Luisehahne
244 1365 Luisehahne
	// Get POST data
245
	function get_post($field) {
246 1487 DarkViper
		return (isset($_POST[$field]) ? $_POST[$field] : null);
247 1365 Luisehahne
	}
248
249
	// Get POST data and escape it
250
	function get_post_escaped($field) {
251
		$result = $this->get_post($field);
252
		return (is_null($result)) ? null : $this->add_slashes($result);
253
	}
254 1698 Luisehahne
255 1365 Luisehahne
	// Get GET data
256
	function get_get($field) {
257 1487 DarkViper
		return (isset($_GET[$field]) ? $_GET[$field] : null);
258 1365 Luisehahne
	}
259
260
	// Get SESSION data
261
	function get_session($field) {
262 1487 DarkViper
		return (isset($_SESSION[$field]) ? $_SESSION[$field] : null);
263 1365 Luisehahne
	}
264
265
	// Get SERVER data
266
	function get_server($field) {
267 1487 DarkViper
		return (isset($_SERVER[$field]) ? $_SERVER[$field] : null);
268 1365 Luisehahne
	}
269
270
	// Get the current users id
271
	function get_user_id() {
272 1511 Luisehahne
		return $this->get_session('USER_ID');
273 1365 Luisehahne
	}
274
275 1373 Luisehahne
	// Get the current users group id
276 1365 Luisehahne
	function get_group_id() {
277 1511 Luisehahne
		return $this->get_session('GROUP_ID');
278 1365 Luisehahne
	}
279
280
	// Get the current users group ids
281
	function get_groups_id() {
282 1511 Luisehahne
		return explode(",", $this->get_session('GROUPS_ID'));
283 1365 Luisehahne
	}
284
285
	// Get the current users group name
286
	function get_group_name() {
287 1511 Luisehahne
		return implode(",", $this->get_session('GROUP_NAME'));
288 1365 Luisehahne
	}
289
290
	// Get the current users group name
291
	function get_groups_name() {
292 1511 Luisehahne
		return $this->get_session('GROUP_NAME');
293 1365 Luisehahne
	}
294
295
	// Get the current users username
296
	function get_username() {
297 1511 Luisehahne
		return $this->get_session('USERNAME');
298 1365 Luisehahne
	}
299
300
	// Get the current users display name
301
	function get_display_name() {
302 1511 Luisehahne
		return $this->get_session('DISPLAY_NAME');
303 1365 Luisehahne
	}
304
305
	// Get the current users email address
306
	function get_email() {
307 1511 Luisehahne
		return $this->get_session('EMAIL');
308 1365 Luisehahne
	}
309
310
	// Get the current users home folder
311
	function get_home_folder() {
312 1511 Luisehahne
		return $this->get_session('HOME_FOLDER');
313 1365 Luisehahne
	}
314
315
	// Get the current users timezone
316
	function get_timezone() {
317 1487 DarkViper
		return (isset($_SESSION['USE_DEFAULT_TIMEZONE']) ? '-72000' : $_SESSION['TIMEZONE']);
318 1365 Luisehahne
	}
319
320 1373 Luisehahne
	// Validate supplied email address
321
	function validate_email($email) {
322
		if(function_exists('idn_to_ascii')){ /* use pear if available */
323
			$email = idn_to_ascii($email);
324
		}else {
325
			require_once(WB_PATH.'/include/idna_convert/idna_convert.class.php');
326
			$IDN = new idna_convert();
327
			$email = $IDN->encode($email);
328
			unset($IDN);
329 1372 Luisehahne
		}
330 1378 Luisehahne
		// regex from NorHei 2011-01-11
331
		$retval = preg_match("/^((([!#$%&'*+\\-\/\=?^_`{|}~\w])|([!#$%&'*+\\-\/\=?^_`{|}~\w][!#$%&'*+\\-\/\=?^_`{|}~\.\w]{0,}[!#$%&'*+\\-\/\=?^_`{|}~\w]))[@]\w+(([-.]|\-\-)\w+)*\.\w+(([-.]|\-\-)\w+)*)$/", $email);
332
		return ($retval != false);
333 1372 Luisehahne
	}
334
335 1698 Luisehahne
	/**
336
     * replace header('Location:...  with new method
337
	 * if header send failed you get a manuell redirected link, so script don't break
338 1777 Luisehahne
	 *
339 1698 Luisehahne
	 * @param string $location, redirected url
340
	 * @return void
341
	 */
342
	public function send_header ($location) {
343
		if(!headers_sent()) {
344
			header('Location: '.$location);
345
		    exit(0);
346
		} else {
347
//			$aDebugBacktrace = debug_backtrace();
348
//			array_walk( $aDebugBacktrace, create_function( '$a,$b', 'print "<br /><b>". basename( $a[\'file\'] ). "</b> &nbsp; <font color=\"red\">{$a[\'line\']}</font> &nbsp; <font color=\"green\">{$a[\'function\']} ()</font> &nbsp; -- ". dirname( $a[\'file\'] ). "/";' ) );
349
		    $msg =  "<div style=\"text-align:center;\"><h2>An error has occurred</h2><p>The <strong>Redirect</strong> could not be start automatically.\n" .
350
		         "Please click <a style=\"font-weight:bold;\" " .
351
		         "href=\"".$location."\">on this link</a> to continue!</p></div>\n";
352
353
			throw new AppException($msg);
354
		}
355
	}
356
357 1372 Luisehahne
/* ****************
358 1365 Luisehahne
 * set one or more bit in a integer value
359
 *
360
 * @access public
361
 * @param int $value: reference to the integer, containing the value
362
 * @param int $bits2set: the bitmask witch shall be added to value
363
 * @return void
364
 */
365
	function bit_set( &$value, $bits2set )
366
	{
367
		$value |= $bits2set;
368
	}
369
370
/* ****************
371
 * reset one or more bit from a integer value
372
 *
373
 * @access public
374
 * @param int $value: reference to the integer, containing the value
375
 * @param int $bits2reset: the bitmask witch shall be removed from value
376
 * @return void
377
 */
378
	function bit_reset( &$value, $bits2reset)
379
	{
380
		$value &= ~$bits2reset;
381
	}
382
383
/* ****************
384
 * check if one or more bit in a integer value are set
385
 *
386
 * @access public
387
 * @param int $value: reference to the integer, containing the value
388
 * @param int $bits2set: the bitmask witch shall be added to value
389
 * @return void
390
 */
391
	function bit_isset( $value, $bits2test )
392
	{
393
		return (($value & $bits2test) == $bits2test);
394
	}
395
396
	// Print a success message which then automatically redirects the user to another page
397 1373 Luisehahne
	function print_success( $message, $redirect = 'index.php' ) {
398 1365 Luisehahne
	    global $TEXT;
399 1443 Luisehahne
        if(is_array($message)) {
400
           $message = implode ('<br />',$message);
401
        }
402 1373 Luisehahne
	    // fetch redirect timer for sucess messages from settings table
403 1397 Luisehahne
	    $redirect_timer = ((defined( 'REDIRECT_TIMER' )) && (REDIRECT_TIMER <= 10000)) ? REDIRECT_TIMER : 0;
404 1365 Luisehahne
	    // add template variables
405 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
406 1625 Luisehahne
		$tpl = new Template(dirname($this->correct_theme_source('success.htt')));
407 1365 Luisehahne
	    $tpl->set_file( 'page', 'success.htt' );
408
	    $tpl->set_block( 'page', 'main_block', 'main' );
409 1373 Luisehahne
	    $tpl->set_block( 'main_block', 'show_redirect_block', 'show_redirect' );
410
	    $tpl->set_var( 'MESSAGE', $message );
411
	    $tpl->set_var( 'REDIRECT', $redirect );
412
	    $tpl->set_var( 'REDIRECT_TIMER', $redirect_timer );
413 1372 Luisehahne
	    $tpl->set_var( 'NEXT', $TEXT['NEXT'] );
414
	    $tpl->set_var( 'BACK', $TEXT['BACK'] );
415 1397 Luisehahne
	    if ($redirect_timer == -1) {
416 1365 Luisehahne
	        $tpl->set_block( 'show_redirect', '' );
417 1373 Luisehahne
	    }
418
	    else {
419 1365 Luisehahne
	        $tpl->parse( 'show_redirect', 'show_redirect_block', true );
420
	    }
421
	    $tpl->parse( 'main', 'main_block', false );
422
	    $tpl->pparse( 'output', 'page' );
423
	}
424
425
	// Print an error message
426 1373 Luisehahne
	function print_error($message, $link = 'index.php', $auto_footer = true) {
427 1365 Luisehahne
		global $TEXT;
428 1443 Luisehahne
        if(is_array($message)) {
429
           $message = implode ('<br />',$message);
430
        }
431 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
432 1625 Luisehahne
		$success_template = new Template(dirname($this->correct_theme_source('error.htt')));
433 1365 Luisehahne
		$success_template->set_file('page', 'error.htt');
434
		$success_template->set_block('page', 'main_block', 'main');
435
		$success_template->set_var('MESSAGE', $message);
436
		$success_template->set_var('LINK', $link);
437
		$success_template->set_var('BACK', $TEXT['BACK']);
438
		$success_template->parse('main', 'main_block', false);
439
		$success_template->pparse('output', 'page');
440
		if ( $auto_footer == true ) {
441
			if ( method_exists($this, "print_footer") ) {
442
				$this->print_footer();
443
			}
444
		}
445
		exit();
446
	}
447 1684 Luisehahne
/*
448
 * @param string $message: the message to format
449
 * @param string $status:  ('ok' / 'error' / '') status defines the apereance of the box
450
 * @return string: the html-formatted message (using template 'message.htt')
451
 */
452
	public function format_message($message, $status = 'ok')
453
	{
454
		$id = uniqid('x');
455
		$tpl = new Template(dirname($this->correct_theme_source('message.htt')));
456
		$tpl->set_file('page', 'message.htt');
457
		$tpl->set_block('page', 'main_block', 'main');
458
		$tpl->set_var('MESSAGE', $message);
459
 	    $tpl->set_var( 'THEME_URL', THEME_URL );
460
		$tpl->set_var( 'ID', $id );
461
		if($status == 'ok' || $status == 'error' || $status = 'warning')
462
		{
463
			$tpl->set_var('BOX_STATUS', ' box-'.$status);
464
		}else
465
		{
466
			$tpl->set_var('BOX_STATUS', '');
467
		}
468
		$tpl->set_var('STATUS', $status);
469
		if(!defined('REDIRECT_TIMER') ) { define('REDIRECT_TIMER', -1); }
470
		$retval = '';
471
		if( $status != 'error' )
472
		{
473
			switch(REDIRECT_TIMER):
474
				case 0: // do not show message
475
					unset($tpl);
476
					break;
477
				case -1: // show message permanently
478
					$tpl->parse('main', 'main_block', false);
479
					$retval = $tpl->finish($tpl->parse('output', 'page', false));
480
					unset($tpl);
481
					break;
482
				default: // hide message after REDIRECTOR_TIMER milliseconds
483
					$retval = '<script type="text/javascript">/* <![CDATA[ */ function '.$id.'_hide() {'.
484
							  'document.getElementById(\''.$id.'\').style.display = \'none\';}'.
485
							  'window.setTimeout(\''.$id.'_hide()\', '.REDIRECT_TIMER.');/* ]]> */ </script>';
486
					$tpl->parse('main', 'main_block', false);
487
					$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
488
					unset($tpl);
489
			endswitch;
490
		}else
491
		{
492
			$tpl->parse('main', 'main_block', false);
493
			$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
494
			unset($tpl);
495
		}
496
		return $retval;
497
	}
498 1782 Luisehahne
/*
499
 * @param string $type: 'locked'(default)  or 'new'
500
 * @return void: terminates application
501
 * @description: 'locked' >> Show maintenance screen and terminate, if system is locked
502
 *               'new' >> Show 'new site under construction'(former print_under_construction)
503
 */
504
	public function ShowMaintainScreen($type = 'locked')
505
	{
506
		global $database, $MESSAGE;
507
		$CHECK_BACK = $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'];
508
		$BE_PATIENT = '';
509
		$LANGUAGE   = strtolower((isset($_SESSION['LANGUAGE']) ? $_SESSION['LANGUAGE'] : LANGUAGE ));
510 1365 Luisehahne
511 1782 Luisehahne
		$show_screen = false;
512
		if($type == 'locked')
513
		{
514
			$curr_user = (intval(isset($_SESSION['USER_ID']) ? $_SESSION['USER_ID'] : 0) ) ;
515
			if( (defined('SYSTEM_LOCKED') && (int)SYSTEM_LOCKED == 1) && ($curr_user != 1))
516
			{
517
				header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
518
	// first kick logged users out of the system
519
		// delete all remember keys from table 'user' except user_id=1
520
				$sql  = 'UPDATE `'.TABLE_PREFIX.'users` SET `remember_key`=\'\' ';
521
				$sql .= 'WHERE `user_id`<>1';
522
				$database->query($sql);
523
		// delete remember key-cookie if set
524
				if (isset($_COOKIE['REMEMBER_KEY'])) {
525
					setcookie('REMEMBER_KEY', '', time() - 3600, '/');
526
				}
527
		// overwrite session array
528
				$_SESSION = array();
529
		// delete session cookie if set
530
				if (ini_get("session.use_cookies")) {
531
					$params = session_get_cookie_params();
532
					setcookie(session_name(), '', time() - 42000, $params["path"],
533
						$params["domain"], $params["secure"], $params["httponly"]
534
					);
535
				}
536
		// delete the session itself
537
				session_destroy();
538
				$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_LOCKED'];
539
				$BE_PATIENT = $MESSAGE['GENERIC_BE_PATIENT'];
540
				$PAGE_ICON  = 'system';
541
				$show_screen = true;
542
			}
543
		} else {
544
			header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
545
			$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'];
546
			$PAGE_ICON  = 'negative';
547
			$show_screen = true;
548
		}
549
		if($show_screen)
550
		{
551
            $sMaintanceFile = $this->correct_theme_source('maintance.htt');
552
    		if(file_exists($sMaintanceFile))
553
    		{
554
                $tpl = new Template(dirname( $sMaintanceFile ));
555
    		    $tpl->set_file( 'page', 'maintance.htt' );
556
    		    $tpl->set_block( 'page', 'main_block', 'main' );
557
558
    			if(defined('DEFAULT_CHARSET'))
559
    			{
560
    				$charset=DEFAULT_CHARSET;
561
    			} else {
562
    				$charset='utf-8';
563
    			}
564
    		    $tpl->set_var( 'PAGE_TITLE', $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'] );
565
    	 	    $tpl->set_var( 'CHECK_BACK', $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'] );
566
    	 	    $tpl->set_var( 'CHARSET', $charset );
567
    	 	    $tpl->set_var( 'WB_URL', WB_URL );
568
    	 	    $tpl->set_var( 'BE_PATIENT', $BE_PATIENT );
569
    	 	    $tpl->set_var( 'THEME_URL', THEME_URL );
570
    			$tpl->set_var( 'PAGE_ICON', $PAGE_ICON);
571
    			$tpl->set_var( 'LANGUAGE', strtolower(LANGUAGE));
572
    		    $tpl->parse( 'main', 'main_block', false );
573
    		    $tpl->pparse( 'output', 'page' );
574
                exit();
575
    		} else {
576
    		 require_once(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php');
577
    		echo '<!DOCTYPE html PUBLIC "-W3CDTD XHTML 1.0 TransitionalEN" "http:www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
578
    		<head><title>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</title>
579
    		<style type="text/css"><!-- body{ font-family: Verdana, Arial, Helvetica, sans-serif;font-size: 12px; background-image: url("'.WB_URL.'/templates/'.DEFAULT_THEME.'/images/background.png");background-repeat: repeat-x; background-color: #A8BCCB; text-align: center; }
580
    		h1 { margin: 0; padding: 0; font-size: 18px; color: #000; text-transform: uppercase;}--></style></head><body>
581
    		<br /><h1>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</h1><br />
582
    		'.$MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'].'</body></html>';
583
    		}
584
    		flush();
585
            exit();
586
		}
587
	}
588
589 1365 Luisehahne
	// Validate send email
590 1650 darkviper
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='', $replyTo='') {
591 1698 Luisehahne
/*
592 1487 DarkViper
	INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
593
	SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
594
	NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
595 1365 Luisehahne
596 1487 DarkViper
	NOTE:
597
	To use SMTP for sending out mails, you have to specify the SMTP host of your domain
598
	via the Settings panel in the backend of Website Baker
599 1698 Luisehahne
*/
600 1365 Luisehahne
601
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
602
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
603
		$subject = preg_replace('/[\r\n]/', '', $subject);
604 1650 darkviper
		$replyTo = preg_replace('/[\r\n]/', '', $replyTo);
605 1463 Luisehahne
		// $message_alt = $message;
606
		// $message = preg_replace('/[\r\n]/', '<br \>', $message);
607
608 1365 Luisehahne
		// create PHPMailer object and define default settings
609
		$myMail = new wbmailer();
610
		// set user defined from address
611
		if ($fromaddress!='') {
612 1487 DarkViper
			if($fromname!='') $myMail->FromName = $fromname;  // FROM-NAME
613
			$myMail->From = $fromaddress;                     // FROM:
614 1650 darkviper
//			$myMail->AddReplyTo($fromaddress);                // REPLY TO:
615
		}
616
		if($replyTo) {
617 1655 Luisehahne
			$myMail->AddReplyTo($replyTo);                // REPLY TO:
618 1365 Luisehahne
		}
619
		// define recepient and information to send out
620 1487 DarkViper
		$myMail->AddAddress($toaddress);                      // TO:
621
		$myMail->Subject = $subject;                          // SUBJECT
622
		$myMail->Body = nl2br($message);                      // CONTENT (HTML)
623
		$myMail->AltBody = strip_tags($message);              // CONTENT (TEXT)
624 1365 Luisehahne
		// check if there are any send mail errors, otherwise say successful
625
		if (!$myMail->Send()) {
626
			return false;
627
		} else {
628
			return true;
629
		}
630
	}
631
632 1625 Luisehahne
	 /**
633
	  * checks if there is an alternative Theme template
634
	  *
635
	  * @param string $sThemeFile set the template.htt
636
	  * @return string the relative theme path
637
	  *
638
	  */
639
        function correct_theme_source($sThemeFile = 'start.htt') {
640
		$sRetval = $sThemeFile;
641
		if (file_exists(THEME_PATH.'/templates/'.$sThemeFile )) {
642
			$sRetval = THEME_PATH.'/templates/'.$sThemeFile;
643
		} else {
644 1641 Luisehahne
			if (file_exists(ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile ) ) {
645
			$sRetval = ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile;
646 1625 Luisehahne
			} else {
647
				throw new InvalidArgumentException('missing template file '.$sThemeFile);
648
			}
649
		}
650
		return $sRetval;
651
        }
652 1529 Luisehahne
653
	/**
654
	 * Check if a foldername doesn't have invalid characters
655
	 *
656
	 * @param String $str to check
657
	 * @return Bool
658
	 */
659
	function checkFolderName($str){
660
		return !( preg_match('#\^|\\\|\/|\.|\?|\*|"|\'|\<|\>|\:|\|#i', $str) ? TRUE : FALSE );
661
	}
662
663
	/**
664
	 * Check the given path to make sure current path is within given basedir
665
	 * normally document root
666
	 *
667
	 * @param String $sCurrentPath
668
	 * @param String $sBaseDir
669
	 * @return $sCurrentPath or FALSE
670
	 */
671
	function checkpath($sCurrentPath, $sBaseDir = WB_PATH){
672
		// Clean the cuurent path
673
        $sCurrentPath = rawurldecode($sCurrentPath);
674
        $sCurrentPath = realpath($sCurrentPath);
675
        $sBaseDir = realpath($sBaseDir);
676
		// $sBaseDir needs to exist in the $sCurrentPath
677
		$pos = stripos ($sCurrentPath, $sBaseDir );
678
679
		if ( $pos === FALSE ){
680
			return false;
681
		} elseif( $pos == 0 ) {
682
			return $sCurrentPath;
683
		} else {
684
			return false;
685
		}
686
	}
687
688 1777 Luisehahne
	/**
689
     *
690
     * remove [[text]], link, script, scriptblock and styleblock from a given string
691
     * and return the cleaned string
692
	 *
693
	 * @param string $sValue
694
     * @returns
695
     *    false: if @param is not a string
696
     *    string: cleaned string
697
	 */
698
	public function StripCodeFromText($sValue){
699
        if(!is_string($sValue)) { return false; }
700
        $sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU';
701
        return (preg_replace ($sPattern, '', $sValue));
702
	}
703
704
705 1365 Luisehahne
}