Project

General

Profile

1
<?php
2
/**
3
 *
4
 * @category        framework
5
 * @package         frontend
6
 * @author          Ryan Djurovich (2004-2009), WebsiteBaker Project
7
 * @copyright       2009-2012, WebsiteBaker Org. e.V.
8
 * @link			http://www.websitebaker2.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11
 * @requirements    PHP 5.2.2 and higher
12
 * @version         $Id: class.wb.php 1796 2012-10-24 14:12:02Z Luisehahne $
13
 * @filesource		$HeadURL: svn://isteam.dynxs.de/wb-archiv/branches/2.8.x/wb/framework/class.wb.php $
14
 * @lastmodified    $Date: 2012-10-24 16:12:02 +0200 (Wed, 24 Oct 2012) $
15
 *
16
 */
17
/* -------------------------------------------------------- */
18
// Must include code to stop this file being accessed directly
19
if(!defined('WB_PATH')) {
20
	require_once(dirname(__FILE__).'/globalExceptionHandler.php');
21
	throw new IllegalFileException();
22
}
23
/* -------------------------------------------------------- */
24
// Include PHPLIB template class
25
require_once(WB_PATH."/include/phplib/template.inc");
26
// Include new wbmailer class (subclass of PHPmailer)
27
require_once(WB_PATH."/framework/class.wbmailer.php");
28
//require_once(WB_PATH."/framework/SecureForm.php");
29

    
30
class wb extends SecureForm
31
{
32

    
33
 	public $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+\@\$\&\:';	// General initialization function
34

    
35
	// performed when frontend or backend is loaded.
36
	public function  __construct($mode = SecureForm::FRONTEND) {
37
		parent::__construct($mode);
38
	}
39

    
40
/**
41
 *
42
 *
43
 * @return array of first visible language pages with defined fields
44
 *
45
 */
46
	public function GetLanguagesDetailsInUsed ( ) {
47
        global $database;
48
        $aRetval = array();
49
        $sql =
50
            'SELECT DISTINCT `language`'.
51
            ', `page_id`,`level`,`parent`,`root_parent`,`page_code`,`link`,`language`'.
52
            ', `visibility`,`viewing_groups`,`viewing_users`,`position` '.
53
            'FROM `'.TABLE_PREFIX.'pages` '.
54
            'WHERE `level`= \'0\' '.
55
              'AND `root_parent`=`page_id` '.
56
              'AND `visibility`!=\'none\' '.
57
              'AND `visibility`!=\'hidden\' '.
58
            'GROUP BY `language` '.
59
            'ORDER BY `position`';
60

    
61
            if($oRes = $database->query($sql))
62
            {
63
                while($page = $oRes->fetchRow(MYSQL_ASSOC))
64
                {
65
                    if(!$this->page_is_visible($page)) {continue;}
66
                    $aRetval[$page['language']] = $page;
67
                }
68
            }
69
        return $aRetval;
70
	}
71

    
72
/**
73
 *
74
 *
75
 * @return comma separate list of first visible languages
76
 *
77
 */
78
	public function GetLanguagesInUsed ( ) {
79
        return implode(',', array_keys($this->GetLanguagesDetailsInUsed()));
80
  	}
81

    
82

    
83
/* ****************
84
 * check if one or more group_ids are in both group_lists
85
 *
86
 * @access public
87
 * @param mixed $groups_list1: an array or a coma seperated list of group-ids
88
 * @param mixed $groups_list2: an array or a coma seperated list of group-ids
89
 * @param array &$matches: an array-var whitch will return possible matches
90
 * @return bool: true there is a match, otherwise false
91
 */
92
	public function is_group_match( $groups_list1 = '', $groups_list2 = '', &$matches = null )
93
	{
94
		if( $groups_list1 == '' ) { return false; }
95
		if( $groups_list2 == '' ) { return false; }
96
		if( !is_array($groups_list1) )
97
		{
98
			$groups_list1 = explode(',', $groups_list1);
99
		}
100
		if( !is_array($groups_list2) )
101
		{
102
			$groups_list2 = explode(',', $groups_list2);
103
		}
104
		$matches = array_intersect( $groups_list1, $groups_list2);
105
		return ( sizeof($matches) != 0 );
106
	}
107
/* ****************
108
 * check if current user is member of at least one of given groups
109
 * ADMIN (uid=1) always is treated like a member of any groups
110
 *
111
 * @access public
112
 * @param mixed $groups_list: an array or a coma seperated list of group-ids
113
 * @return bool: true if current user is member of one of this groups, otherwise false
114
 */
115
	public function ami_group_member( $groups_list = '' )
116
	{
117
		if( $this->get_user_id() == 1 ) { return true; }
118
		return $this->is_group_match( $groups_list, $this->get_groups_id() );
119
	}
120

    
121
// Check whether a page is visible or not.
122
// This will check page-visibility and user- and group-rights.
123
/* page_is_visible() returns
124
	false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
125
	true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
126
*/
127
	public function page_is_visible($page)
128
    {
129
		// First check if visibility is 'none', 'deleted'
130
		$show_it = false; // shall we show the page?
131
		switch( $page['visibility'] )
132
		{
133
			case 'none':
134
			case 'deleted':
135
				$show_it = false;
136
				break;
137
			case 'hidden':
138
			case 'public':
139
				$show_it = true;
140
				break;
141
			case 'private':
142
			case 'registered':
143
				if($this->is_authenticated() == true)
144
				{
145
					$show_it = ( $this->is_group_match($this->get_groups_id(), $page['viewing_groups']) ||
146
								 $this->is_group_match($this->get_user_id(), $page['viewing_users']) );
147
				}
148
		}
149

    
150
		return($show_it);
151
	}
152

    
153
	// Check if there is at least one active section on this page
154
	public function page_is_active($page)
155
    {
156
		global $database;
157
		$now = time();
158
		$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'sections` ';
159
		$sql .= 'WHERE ('.$now.' BETWEEN `publ_start` AND `publ_end`) OR ';
160
		$sql .=       '('.$now.' > `publ_start` AND `publ_end`=0) ';
161
		$sql .=       'AND `page_id`='.(int)$page['page_id'];
162
		return ($database->get_one($sql) != false);
163
   	}
164

    
165
	// Check whether we should show a page or not (for front-end)
166
	public function show_page($page)
167
    {
168
		if( !is_array($page) )
169
		{
170
			$sql  = 'SELECT `page_id`, `visibility`, `viewing_groups`, `viewing_users` ';
171
			$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page;
172
			if( ($res_pages = $database->query($sql))!= null )
173
			{
174
				if( !($page = $res_pages->fetchRow()) ) { return false; }
175
			}
176
		}
177
		return ($this->page_is_visible($page) && $this->page_is_active($page));
178
	}
179

    
180
	// Check if the user is already authenticated or not
181
	public function is_authenticated() {
182
		$retval = ( isset($_SESSION['USER_ID']) AND
183
		            $_SESSION['USER_ID'] != "" AND
184
		            is_numeric($_SESSION['USER_ID']));
185
        return $retval;
186
	}
187

    
188
	// Modified addslashes function which takes into account magic_quotes
189
	function add_slashes($input) {
190
		if( get_magic_quotes_gpc() || (!is_string($input)) ) {
191
			return $input;
192
		}
193
		return addslashes($input);
194
	}
195

    
196
	// Ditto for stripslashes
197
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
198
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
199
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
200
	function strip_slashes($input) {
201
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
202
			return $input;
203
		}
204
		return stripslashes($input);
205
	}
206

    
207
	// Escape backslashes for use with mySQL LIKE strings
208
	function escape_backslashes($input) {
209
		return str_replace("\\","\\\\",$input);
210
	}
211

    
212
	function page_link($link){
213
		// Check for :// in the link (used in URL's) as well as mailto:
214
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
215
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
216
		} else {
217
			return $link;
218
		}
219
	}
220

    
221
	// Get POST data
222
	function get_post($field) {
223
		return (isset($_POST[$field]) ? $_POST[$field] : null);
224
	}
225

    
226
	// Get POST data and escape it
227
	function get_post_escaped($field) {
228
		$result = $this->get_post($field);
229
		return (is_null($result)) ? null : $this->add_slashes($result);
230
	}
231

    
232
	// Get GET data
233
	function get_get($field) {
234
		return (isset($_GET[$field]) ? $_GET[$field] : null);
235
	}
236

    
237
	// Get SESSION data
238
	function get_session($field) {
239
		return (isset($_SESSION[$field]) ? $_SESSION[$field] : null);
240
	}
241

    
242
	// Get SERVER data
243
	function get_server($field) {
244
		return (isset($_SERVER[$field]) ? $_SERVER[$field] : null);
245
	}
246

    
247
	// Get the current users id
248
	function get_user_id() {
249
		return $this->get_session('USER_ID');
250
	}
251

    
252
	// Get the current users group id
253
	function get_group_id() {
254
		return $this->get_session('GROUP_ID');
255
	}
256

    
257
	// Get the current users group ids
258
	function get_groups_id() {
259
		return explode(",", $this->get_session('GROUPS_ID'));
260
	}
261

    
262
	// Get the current users group name
263
	function get_group_name() {
264
		return implode(",", $this->get_session('GROUP_NAME'));
265
	}
266

    
267
	// Get the current users group name
268
	function get_groups_name() {
269
		return $this->get_session('GROUP_NAME');
270
	}
271

    
272
	// Get the current users username
273
	function get_username() {
274
		return $this->get_session('USERNAME');
275
	}
276

    
277
	// Get the current users display name
278
	function get_display_name() {
279
		return $this->get_session('DISPLAY_NAME');
280
	}
281

    
282
	// Get the current users email address
283
	function get_email() {
284
		return $this->get_session('EMAIL');
285
	}
286

    
287
	// Get the current users home folder
288
	function get_home_folder() {
289
		return $this->get_session('HOME_FOLDER');
290
	}
291

    
292
	// Get the current users timezone
293
	function get_timezone() {
294
		return (isset($_SESSION['USE_DEFAULT_TIMEZONE']) ? '-72000' : $_SESSION['TIMEZONE']);
295
	}
296

    
297
	// Validate supplied email address
298
	function validate_email($email) {
299
		if(function_exists('idn_to_ascii')){ /* use pear if available */
300
			$email = idn_to_ascii($email);
301
		}else {
302
			require_once(WB_PATH.'/include/idna_convert/idna_convert.class.php');
303
			$IDN = new idna_convert();
304
			$email = $IDN->encode($email);
305
			unset($IDN);
306
		}
307
		// regex from NorHei 2011-01-11
308
		$retval = preg_match("/^((([!#$%&'*+\\-\/\=?^_`{|}~\w])|([!#$%&'*+\\-\/\=?^_`{|}~\w][!#$%&'*+\\-\/\=?^_`{|}~\.\w]{0,}[!#$%&'*+\\-\/\=?^_`{|}~\w]))[@]\w+(([-.]|\-\-)\w+)*\.\w+(([-.]|\-\-)\w+)*)$/", $email);
309
		return ($retval != false);
310
	}
311

    
312
	/**
313
     * replace header('Location:...  with new method
314
	 * if header send failed you get a manuell redirected link, so script don't break
315
	 *
316
	 * @param string $location, redirected url
317
	 * @return void
318
	 */
319
	public function send_header ($location) {
320
		if(!headers_sent()) {
321
			header('Location: '.$location);
322
		    exit(0);
323
		} else {
324
//			$aDebugBacktrace = debug_backtrace();
325
//			array_walk( $aDebugBacktrace, create_function( '$a,$b', 'print "<br /><b>". basename( $a[\'file\'] ). "</b> &nbsp; <font color=\"red\">{$a[\'line\']}</font> &nbsp; <font color=\"green\">{$a[\'function\']} ()</font> &nbsp; -- ". dirname( $a[\'file\'] ). "/";' ) );
326
		    $msg =  "<div style=\"text-align:center;\"><h2>An error has occurred</h2><p>The <strong>Redirect</strong> could not be start automatically.\n" .
327
		         "Please click <a style=\"font-weight:bold;\" " .
328
		         "href=\"".$location."\">on this link</a> to continue!</p></div>\n";
329

    
330
			throw new AppException($msg);
331
		}
332
	}
333

    
334
/* ****************
335
 * set one or more bit in a integer value
336
 *
337
 * @access public
338
 * @param int $value: reference to the integer, containing the value
339
 * @param int $bits2set: the bitmask witch shall be added to value
340
 * @return void
341
 */
342
	function bit_set( &$value, $bits2set )
343
	{
344
		$value |= $bits2set;
345
	}
346

    
347
/* ****************
348
 * reset one or more bit from a integer value
349
 *
350
 * @access public
351
 * @param int $value: reference to the integer, containing the value
352
 * @param int $bits2reset: the bitmask witch shall be removed from value
353
 * @return void
354
 */
355
	function bit_reset( &$value, $bits2reset)
356
	{
357
		$value &= ~$bits2reset;
358
	}
359

    
360
/* ****************
361
 * check if one or more bit in a integer value are set
362
 *
363
 * @access public
364
 * @param int $value: reference to the integer, containing the value
365
 * @param int $bits2set: the bitmask witch shall be added to value
366
 * @return void
367
 */
368
	function bit_isset( $value, $bits2test )
369
	{
370
		return (($value & $bits2test) == $bits2test);
371
	}
372

    
373
	// Print a success message which then automatically redirects the user to another page
374
	function print_success( $message, $redirect = 'index.php' ) {
375
	    global $TEXT;
376
        if(is_array($message)) {
377
           $message = implode ('<br />',$message);
378
        }
379
	    // fetch redirect timer for sucess messages from settings table
380
	    $redirect_timer = ((defined( 'REDIRECT_TIMER' )) && (REDIRECT_TIMER <= 10000)) ? REDIRECT_TIMER : 0;
381
	    // add template variables
382
		// Setup template object, parse vars to it, then parse it
383
		$tpl = new Template(dirname($this->correct_theme_source('success.htt')));
384
	    $tpl->set_file( 'page', 'success.htt' );
385
	    $tpl->set_block( 'page', 'main_block', 'main' );
386
	    $tpl->set_block( 'main_block', 'show_redirect_block', 'show_redirect' );
387
	    $tpl->set_var( 'MESSAGE', $message );
388
	    $tpl->set_var( 'REDIRECT', $redirect );
389
	    $tpl->set_var( 'REDIRECT_TIMER', $redirect_timer );
390
	    $tpl->set_var( 'NEXT', $TEXT['NEXT'] );
391
	    $tpl->set_var( 'BACK', $TEXT['BACK'] );
392
	    if ($redirect_timer == -1) {
393
	        $tpl->set_block( 'show_redirect', '' );
394
	    }
395
	    else {
396
	        $tpl->parse( 'show_redirect', 'show_redirect_block', true );
397
	    }
398
	    $tpl->parse( 'main', 'main_block', false );
399
	    $tpl->pparse( 'output', 'page' );
400
	}
401

    
402
	// Print an error message
403
	function print_error($message, $link = 'index.php', $auto_footer = true) {
404
		global $TEXT;
405
        if(is_array($message)) {
406
           $message = implode ('<br />',$message);
407
        }
408
		// Setup template object, parse vars to it, then parse it
409
		$success_template = new Template(dirname($this->correct_theme_source('error.htt')));
410
		$success_template->set_file('page', 'error.htt');
411
		$success_template->set_block('page', 'main_block', 'main');
412
		$success_template->set_var('MESSAGE', $message);
413
		$success_template->set_var('LINK', $link);
414
		$success_template->set_var('BACK', $TEXT['BACK']);
415
		$success_template->parse('main', 'main_block', false);
416
		$success_template->pparse('output', 'page');
417
		if ( $auto_footer == true ) {
418
			if ( method_exists($this, "print_footer") ) {
419
				$this->print_footer();
420
			}
421
		}
422
		exit();
423
	}
424
/*
425
 * @param string $message: the message to format
426
 * @param string $status:  ('ok' / 'error' / '') status defines the apereance of the box
427
 * @return string: the html-formatted message (using template 'message.htt')
428
 */
429
	public function format_message($message, $status = 'ok')
430
	{
431
		$id = uniqid('x');
432
		$tpl = new Template(dirname($this->correct_theme_source('message.htt')));
433
		$tpl->set_file('page', 'message.htt');
434
		$tpl->set_block('page', 'main_block', 'main');
435
		$tpl->set_var('MESSAGE', $message);
436
 	    $tpl->set_var( 'THEME_URL', THEME_URL );
437
		$tpl->set_var( 'ID', $id );
438
		if($status == 'ok' || $status == 'error' || $status = 'warning')
439
		{
440
			$tpl->set_var('BOX_STATUS', ' box-'.$status);
441
		}else
442
		{
443
			$tpl->set_var('BOX_STATUS', '');
444
		}
445
		$tpl->set_var('STATUS', $status);
446
		if(!defined('REDIRECT_TIMER') ) { define('REDIRECT_TIMER', -1); }
447
		$retval = '';
448
		if( $status != 'error' )
449
		{
450
			switch(REDIRECT_TIMER):
451
				case 0: // do not show message
452
					unset($tpl);
453
					break;
454
				case -1: // show message permanently
455
					$tpl->parse('main', 'main_block', false);
456
					$retval = $tpl->finish($tpl->parse('output', 'page', false));
457
					unset($tpl);
458
					break;
459
				default: // hide message after REDIRECTOR_TIMER milliseconds
460
					$retval = '<script type="text/javascript">/* <![CDATA[ */ function '.$id.'_hide() {'.
461
							  'document.getElementById(\''.$id.'\').style.display = \'none\';}'.
462
							  'window.setTimeout(\''.$id.'_hide()\', '.REDIRECT_TIMER.');/* ]]> */ </script>';
463
					$tpl->parse('main', 'main_block', false);
464
					$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
465
					unset($tpl);
466
			endswitch;
467
		}else
468
		{
469
			$tpl->parse('main', 'main_block', false);
470
			$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
471
			unset($tpl);
472
		}
473
		return $retval;
474
	}
475
/*
476
 * @param string $type: 'locked'(default)  or 'new'
477
 * @return void: terminates application
478
 * @description: 'locked' >> Show maintenance screen and terminate, if system is locked
479
 *               'new' >> Show 'new site under construction'(former print_under_construction)
480
 */
481
	public function ShowMaintainScreen($type = 'locked')
482
	{
483
		global $database, $MESSAGE;
484
		$CHECK_BACK = $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'];
485
		$BE_PATIENT = '';
486
		$LANGUAGE   = strtolower((isset($_SESSION['LANGUAGE']) ? $_SESSION['LANGUAGE'] : LANGUAGE ));
487

    
488
		$show_screen = false;
489
		if($type == 'locked')
490
		{
491
			$curr_user = (intval(isset($_SESSION['USER_ID']) ? $_SESSION['USER_ID'] : 0) ) ;
492
			if( (defined('SYSTEM_LOCKED') && (int)SYSTEM_LOCKED == 1) && ($curr_user != 1))
493
			{
494
				header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
495
	// first kick logged users out of the system
496
		// delete all remember keys from table 'user' except user_id=1
497
				$sql  = 'UPDATE `'.TABLE_PREFIX.'users` SET `remember_key`=\'\' ';
498
				$sql .= 'WHERE `user_id`<>1';
499
				$database->query($sql);
500
		// delete remember key-cookie if set
501
				if (isset($_COOKIE['REMEMBER_KEY'])) {
502
					setcookie('REMEMBER_KEY', '', time() - 3600, '/');
503
				}
504
		// overwrite session array
505
				$_SESSION = array();
506
		// delete session cookie if set
507
				if (ini_get("session.use_cookies")) {
508
					$params = session_get_cookie_params();
509
					setcookie(session_name(), '', time() - 42000, $params["path"],
510
						$params["domain"], $params["secure"], $params["httponly"]
511
					);
512
				}
513
		// delete the session itself
514
				session_destroy();
515
				$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_LOCKED'];
516
				$BE_PATIENT = $MESSAGE['GENERIC_BE_PATIENT'];
517
				$PAGE_ICON  = 'system';
518
				$show_screen = true;
519
			}
520
		} else {
521
			header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
522
			$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'];
523
			$PAGE_ICON  = 'negative';
524
			$show_screen = true;
525
		}
526
		if($show_screen)
527
		{
528
            $sMaintanceFile = $this->correct_theme_source('maintance.htt');
529
    		if(file_exists($sMaintanceFile))
530
    		{
531
                $tpl = new Template(dirname( $sMaintanceFile ));
532
    		    $tpl->set_file( 'page', 'maintance.htt' );
533
    		    $tpl->set_block( 'page', 'main_block', 'main' );
534

    
535
    			if(defined('DEFAULT_CHARSET'))
536
    			{
537
    				$charset=DEFAULT_CHARSET;
538
    			} else {
539
    				$charset='utf-8';
540
    			}
541
    		    $tpl->set_var( 'PAGE_TITLE', $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'] );
542
    	 	    $tpl->set_var( 'CHECK_BACK', $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'] );
543
    	 	    $tpl->set_var( 'CHARSET', $charset );
544
    	 	    $tpl->set_var( 'WB_URL', WB_URL );
545
    	 	    $tpl->set_var( 'BE_PATIENT', $BE_PATIENT );
546
    	 	    $tpl->set_var( 'THEME_URL', THEME_URL );
547
    			$tpl->set_var( 'PAGE_ICON', $PAGE_ICON);
548
    			$tpl->set_var( 'LANGUAGE', strtolower(LANGUAGE));
549
    		    $tpl->parse( 'main', 'main_block', false );
550
    		    $tpl->pparse( 'output', 'page' );
551
                exit();
552
    		} else {
553
    		 require_once(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php');
554
    		echo '<!DOCTYPE html PUBLIC "-W3CDTD XHTML 1.0 TransitionalEN" "http:www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
555
    		<head><title>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</title>
556
    		<style type="text/css"><!-- body{ font-family: Verdana, Arial, Helvetica, sans-serif;font-size: 12px; background-image: url("'.WB_URL.'/templates/'.DEFAULT_THEME.'/images/background.png");background-repeat: repeat-x; background-color: #A8BCCB; text-align: center; }
557
    		h1 { margin: 0; padding: 0; font-size: 18px; color: #000; text-transform: uppercase;}--></style></head><body>
558
    		<br /><h1>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</h1><br />
559
    		'.$MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'].'</body></html>';
560
    		}
561
    		flush();
562
            exit();
563
		}
564
	}
565

    
566
	// Validate send email
567
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='', $replyTo='') {
568
/*
569
	INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
570
	SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
571
	NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
572

    
573
	NOTE:
574
	To use SMTP for sending out mails, you have to specify the SMTP host of your domain
575
	via the Settings panel in the backend of Website Baker
576
*/
577

    
578
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
579
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
580
		$subject = preg_replace('/[\r\n]/', '', $subject);
581
		$replyTo = preg_replace('/[\r\n]/', '', $replyTo);
582
		// $message_alt = $message;
583
		// $message = preg_replace('/[\r\n]/', '<br \>', $message);
584

    
585
		// create PHPMailer object and define default settings
586
		$myMail = new wbmailer();
587
		// set user defined from address
588
		if ($fromaddress!='') {
589
			if($fromname!='') $myMail->FromName = $fromname;  // FROM-NAME
590
			$myMail->From = $fromaddress;                     // FROM:
591
//			$myMail->AddReplyTo($fromaddress);                // REPLY TO:
592
		}
593
		if($replyTo) {
594
			$myMail->AddReplyTo($replyTo);                // REPLY TO:
595
		}
596
		// define recepient and information to send out
597
		$myMail->AddAddress($toaddress);                      // TO:
598
		$myMail->Subject = $subject;                          // SUBJECT
599
		$myMail->Body = nl2br($message);                      // CONTENT (HTML)
600
		$myMail->AltBody = strip_tags($message);              // CONTENT (TEXT)
601
		// check if there are any send mail errors, otherwise say successful
602
		if (!$myMail->Send()) {
603
			return false;
604
		} else {
605
			return true;
606
		}
607
	}
608

    
609
	 /**
610
	  * checks if there is an alternative Theme template
611
	  *
612
	  * @param string $sThemeFile set the template.htt
613
	  * @return string the relative theme path
614
	  *
615
	  */
616
        function correct_theme_source($sThemeFile = 'start.htt') {
617
		$sRetval = $sThemeFile;
618
		if (file_exists(THEME_PATH.'/templates/'.$sThemeFile )) {
619
			$sRetval = THEME_PATH.'/templates/'.$sThemeFile;
620
		} else {
621
			if (file_exists(ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile ) ) {
622
			$sRetval = ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile;
623
			} else {
624
				throw new InvalidArgumentException('missing template file '.$sThemeFile);
625
			}
626
		}
627
		return $sRetval;
628
        }
629

    
630
	/**
631
	 * Check if a foldername doesn't have invalid characters
632
	 *
633
	 * @param String $str to check
634
	 * @return Bool
635
	 */
636
	function checkFolderName($str){
637
		return !( preg_match('#\^|\\\|\/|\.|\?|\*|"|\'|\<|\>|\:|\|#i', $str) ? TRUE : FALSE );
638
	}
639

    
640
	/**
641
	 * Check the given path to make sure current path is within given basedir
642
	 * normally document root
643
	 *
644
	 * @param String $sCurrentPath
645
	 * @param String $sBaseDir
646
	 * @return $sCurrentPath or FALSE
647
	 */
648
	function checkpath($sCurrentPath, $sBaseDir = WB_PATH){
649
		// Clean the cuurent path
650
        $sCurrentPath = rawurldecode($sCurrentPath);
651
        $sCurrentPath = realpath($sCurrentPath);
652
        $sBaseDir = realpath($sBaseDir);
653
		// $sBaseDir needs to exist in the $sCurrentPath
654
		$pos = stripos ($sCurrentPath, $sBaseDir );
655

    
656
		if ( $pos === FALSE ){
657
			return false;
658
		} elseif( $pos == 0 ) {
659
			return $sCurrentPath;
660
		} else {
661
			return false;
662
		}
663
	}
664

    
665
	/**
666
     *
667
     * remove [[text]], link, script, scriptblock and styleblock from a given string
668
     * and return the cleaned string
669
	 *
670
	 * @param string $sValue
671
     * @returns
672
     *    false: if @param is not a string
673
     *    string: cleaned string
674
	 */
675
	public function StripCodeFromText($sValue){
676
        if(!is_string($sValue)) { return false; }
677
        $sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU';
678
        return (preg_replace ($sPattern, '', $sValue));
679
	}
680

    
681

    
682
}
(16-16/25)