Project

General

Profile

1 1365 Luisehahne
<?php
2
/**
3
 *
4 1529 Luisehahne
 * @category        framework
5 1698 Luisehahne
 * @package         frontend
6 1782 Luisehahne
 * @author          Ryan Djurovich (2004-2009), WebsiteBaker Project
7 1698 Luisehahne
 * @copyright       2009-2012, WebsiteBaker Org. e.V.
8 1365 Luisehahne
 * @link			http://www.websitebaker2.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11 1374 Luisehahne
 * @requirements    PHP 5.2.2 and higher
12 1365 Luisehahne
 * @version         $Id$
13 1457 Luisehahne
 * @filesource		$HeadURL$
14
 * @lastmodified    $Date$
15 1365 Luisehahne
 *
16
 */
17 1496 DarkViper
/* -------------------------------------------------------- */
18
// Must include code to stop this file being accessed directly
19 1499 DarkViper
if(!defined('WB_PATH')) {
20
	require_once(dirname(__FILE__).'/globalExceptionHandler.php');
21
	throw new IllegalFileException();
22
}
23 1496 DarkViper
/* -------------------------------------------------------- */
24 1365 Luisehahne
// Include PHPLIB template class
25 1808 Luisehahne
if(!class_exists('Template', false)){ include(WB_PATH.'/include/phplib/template.inc'); }
26 1365 Luisehahne
// Include new wbmailer class (subclass of PHPmailer)
27 1808 Luisehahne
if(!class_exists('wbmailer', false)){ include(WB_PATH.'/framework/class.wbmailer.php'); }
28 1365 Luisehahne
29
class wb extends SecureForm
30
{
31
32 1457 Luisehahne
 	public $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+\@\$\&\:';	// General initialization function
33 1782 Luisehahne
34 1365 Luisehahne
	// performed when frontend or backend is loaded.
35 1394 Luisehahne
	public function  __construct($mode = SecureForm::FRONTEND) {
36
		parent::__construct($mode);
37 1365 Luisehahne
	}
38
39 1791 Luisehahne
/**
40
 *
41
 *
42
 * @return array of first visible language pages with defined fields
43
 *
44
 */
45
	public function GetLanguagesDetailsInUsed ( ) {
46
        global $database;
47 1796 Luisehahne
        $aRetval = array();
48 1791 Luisehahne
        $sql =
49
            'SELECT DISTINCT `language`'.
50
            ', `page_id`,`level`,`parent`,`root_parent`,`page_code`,`link`,`language`'.
51
            ', `visibility`,`viewing_groups`,`viewing_users`,`position` '.
52
            'FROM `'.TABLE_PREFIX.'pages` '.
53
            'WHERE `level`= \'0\' '.
54
              'AND `root_parent`=`page_id` '.
55
              'AND `visibility`!=\'none\' '.
56
              'AND `visibility`!=\'hidden\' '.
57
            'GROUP BY `language` '.
58
            'ORDER BY `position`';
59 1782 Luisehahne
60 1791 Luisehahne
            if($oRes = $database->query($sql))
61
            {
62
                while($page = $oRes->fetchRow(MYSQL_ASSOC))
63
                {
64
                    if(!$this->page_is_visible($page)) {continue;}
65 1796 Luisehahne
                    $aRetval[$page['language']] = $page;
66 1791 Luisehahne
                }
67
            }
68 1796 Luisehahne
        return $aRetval;
69 1782 Luisehahne
	}
70
71 1791 Luisehahne
/**
72
 *
73
 *
74
 * @return comma separate list of first visible languages
75
 *
76
 */
77
	public function GetLanguagesInUsed ( ) {
78 1796 Luisehahne
        return implode(',', array_keys($this->GetLanguagesDetailsInUsed()));
79
  	}
80 1782 Luisehahne
81
82 1373 Luisehahne
/* ****************
83 1440 Luisehahne
 * check if one or more group_ids are in both group_lists
84
 *
85
 * @access public
86
 * @param mixed $groups_list1: an array or a coma seperated list of group-ids
87
 * @param mixed $groups_list2: an array or a coma seperated list of group-ids
88
 * @param array &$matches: an array-var whitch will return possible matches
89
 * @return bool: true there is a match, otherwise false
90
 */
91 1698 Luisehahne
	public function is_group_match( $groups_list1 = '', $groups_list2 = '', &$matches = null )
92 1440 Luisehahne
	{
93
		if( $groups_list1 == '' ) { return false; }
94
		if( $groups_list2 == '' ) { return false; }
95
		if( !is_array($groups_list1) )
96
		{
97
			$groups_list1 = explode(',', $groups_list1);
98
		}
99
		if( !is_array($groups_list2) )
100
		{
101
			$groups_list2 = explode(',', $groups_list2);
102
		}
103
		$matches = array_intersect( $groups_list1, $groups_list2);
104
		return ( sizeof($matches) != 0 );
105
	}
106
/* ****************
107 1373 Luisehahne
 * check if current user is member of at least one of given groups
108
 * ADMIN (uid=1) always is treated like a member of any groups
109
 *
110
 * @access public
111
 * @param mixed $groups_list: an array or a coma seperated list of group-ids
112
 * @return bool: true if current user is member of one of this groups, otherwise false
113
 */
114 1698 Luisehahne
	public function ami_group_member( $groups_list = '' )
115 1373 Luisehahne
	{
116
		if( $this->get_user_id() == 1 ) { return true; }
117
		return $this->is_group_match( $groups_list, $this->get_groups_id() );
118
	}
119
120 1791 Luisehahne
// Check whether a page is visible or not.
121
// This will check page-visibility and user- and group-rights.
122
/* page_is_visible() returns
123
	false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
124
	true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
125
*/
126 1698 Luisehahne
	public function page_is_visible($page)
127 1365 Luisehahne
    {
128 1698 Luisehahne
		// First check if visibility is 'none', 'deleted'
129 1373 Luisehahne
		$show_it = false; // shall we show the page?
130 1698 Luisehahne
		switch( $page['visibility'] )
131
		{
132
			case 'none':
133
			case 'deleted':
134
				$show_it = false;
135
				break;
136
			case 'hidden':
137
			case 'public':
138
				$show_it = true;
139
				break;
140
			case 'private':
141
			case 'registered':
142
				if($this->is_authenticated() == true)
143
				{
144
					$show_it = ( $this->is_group_match($this->get_groups_id(), $page['viewing_groups']) ||
145
								 $this->is_group_match($this->get_user_id(), $page['viewing_users']) );
146
				}
147 1373 Luisehahne
		}
148
149 1365 Luisehahne
		return($show_it);
150
	}
151 1698 Luisehahne
152 1365 Luisehahne
	// Check if there is at least one active section on this page
153 1698 Luisehahne
	public function page_is_active($page)
154 1365 Luisehahne
    {
155
		global $database;
156
		$now = time();
157 1698 Luisehahne
		$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'sections` ';
158
		$sql .= 'WHERE ('.$now.' BETWEEN `publ_start` AND `publ_end`) OR ';
159
		$sql .=       '('.$now.' > `publ_start` AND `publ_end`=0) ';
160
		$sql .=       'AND `page_id`='.(int)$page['page_id'];
161
		return ($database->get_one($sql) != false);
162
   	}
163 1365 Luisehahne
164
	// Check whether we should show a page or not (for front-end)
165 1698 Luisehahne
	public function show_page($page)
166 1365 Luisehahne
    {
167 1698 Luisehahne
		if( !is_array($page) )
168
		{
169
			$sql  = 'SELECT `page_id`, `visibility`, `viewing_groups`, `viewing_users` ';
170
			$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page;
171
			if( ($res_pages = $database->query($sql))!= null )
172
			{
173
				if( !($page = $res_pages->fetchRow()) ) { return false; }
174
			}
175
		}
176
		return ($this->page_is_visible($page) && $this->page_is_active($page));
177 1365 Luisehahne
	}
178
179
	// Check if the user is already authenticated or not
180 1698 Luisehahne
	public function is_authenticated() {
181 1487 DarkViper
		$retval = ( isset($_SESSION['USER_ID']) AND
182
		            $_SESSION['USER_ID'] != "" AND
183
		            is_numeric($_SESSION['USER_ID']));
184
        return $retval;
185 1365 Luisehahne
	}
186
187
	// Modified addslashes function which takes into account magic_quotes
188
	function add_slashes($input) {
189 1487 DarkViper
		if( get_magic_quotes_gpc() || (!is_string($input)) ) {
190 1365 Luisehahne
			return $input;
191
		}
192 1487 DarkViper
		return addslashes($input);
193 1365 Luisehahne
	}
194
195
	// Ditto for stripslashes
196
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
197
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
198
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
199
	function strip_slashes($input) {
200
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
201
			return $input;
202
		}
203 1487 DarkViper
		return stripslashes($input);
204 1365 Luisehahne
	}
205
206
	// Escape backslashes for use with mySQL LIKE strings
207
	function escape_backslashes($input) {
208
		return str_replace("\\","\\\\",$input);
209
	}
210
211
	function page_link($link){
212
		// Check for :// in the link (used in URL's) as well as mailto:
213 1373 Luisehahne
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
214 1365 Luisehahne
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
215
		} else {
216
			return $link;
217
		}
218
	}
219 1698 Luisehahne
220 1365 Luisehahne
	// Get POST data
221
	function get_post($field) {
222 1487 DarkViper
		return (isset($_POST[$field]) ? $_POST[$field] : null);
223 1365 Luisehahne
	}
224
225
	// Get POST data and escape it
226
	function get_post_escaped($field) {
227
		$result = $this->get_post($field);
228
		return (is_null($result)) ? null : $this->add_slashes($result);
229
	}
230 1698 Luisehahne
231 1365 Luisehahne
	// Get GET data
232
	function get_get($field) {
233 1487 DarkViper
		return (isset($_GET[$field]) ? $_GET[$field] : null);
234 1365 Luisehahne
	}
235
236
	// Get SESSION data
237
	function get_session($field) {
238 1487 DarkViper
		return (isset($_SESSION[$field]) ? $_SESSION[$field] : null);
239 1365 Luisehahne
	}
240
241
	// Get SERVER data
242
	function get_server($field) {
243 1487 DarkViper
		return (isset($_SERVER[$field]) ? $_SERVER[$field] : null);
244 1365 Luisehahne
	}
245
246
	// Get the current users id
247
	function get_user_id() {
248 1511 Luisehahne
		return $this->get_session('USER_ID');
249 1365 Luisehahne
	}
250
251 1373 Luisehahne
	// Get the current users group id
252 1365 Luisehahne
	function get_group_id() {
253 1511 Luisehahne
		return $this->get_session('GROUP_ID');
254 1365 Luisehahne
	}
255
256
	// Get the current users group ids
257
	function get_groups_id() {
258 1511 Luisehahne
		return explode(",", $this->get_session('GROUPS_ID'));
259 1365 Luisehahne
	}
260
261
	// Get the current users group name
262
	function get_group_name() {
263 1511 Luisehahne
		return implode(",", $this->get_session('GROUP_NAME'));
264 1365 Luisehahne
	}
265
266
	// Get the current users group name
267
	function get_groups_name() {
268 1511 Luisehahne
		return $this->get_session('GROUP_NAME');
269 1365 Luisehahne
	}
270
271
	// Get the current users username
272
	function get_username() {
273 1511 Luisehahne
		return $this->get_session('USERNAME');
274 1365 Luisehahne
	}
275
276
	// Get the current users display name
277
	function get_display_name() {
278 1511 Luisehahne
		return $this->get_session('DISPLAY_NAME');
279 1365 Luisehahne
	}
280
281
	// Get the current users email address
282
	function get_email() {
283 1511 Luisehahne
		return $this->get_session('EMAIL');
284 1365 Luisehahne
	}
285
286
	// Get the current users home folder
287
	function get_home_folder() {
288 1511 Luisehahne
		return $this->get_session('HOME_FOLDER');
289 1365 Luisehahne
	}
290
291
	// Get the current users timezone
292
	function get_timezone() {
293 1487 DarkViper
		return (isset($_SESSION['USE_DEFAULT_TIMEZONE']) ? '-72000' : $_SESSION['TIMEZONE']);
294 1365 Luisehahne
	}
295
296 1373 Luisehahne
	// Validate supplied email address
297
	function validate_email($email) {
298
		if(function_exists('idn_to_ascii')){ /* use pear if available */
299
			$email = idn_to_ascii($email);
300
		}else {
301
			require_once(WB_PATH.'/include/idna_convert/idna_convert.class.php');
302
			$IDN = new idna_convert();
303
			$email = $IDN->encode($email);
304
			unset($IDN);
305 1372 Luisehahne
		}
306 1378 Luisehahne
		// regex from NorHei 2011-01-11
307
		$retval = preg_match("/^((([!#$%&'*+\\-\/\=?^_`{|}~\w])|([!#$%&'*+\\-\/\=?^_`{|}~\w][!#$%&'*+\\-\/\=?^_`{|}~\.\w]{0,}[!#$%&'*+\\-\/\=?^_`{|}~\w]))[@]\w+(([-.]|\-\-)\w+)*\.\w+(([-.]|\-\-)\w+)*)$/", $email);
308
		return ($retval != false);
309 1372 Luisehahne
	}
310
311 1698 Luisehahne
	/**
312
     * replace header('Location:...  with new method
313
	 * if header send failed you get a manuell redirected link, so script don't break
314 1777 Luisehahne
	 *
315 1698 Luisehahne
	 * @param string $location, redirected url
316
	 * @return void
317
	 */
318
	public function send_header ($location) {
319
		if(!headers_sent()) {
320
			header('Location: '.$location);
321
		    exit(0);
322
		} else {
323
//			$aDebugBacktrace = debug_backtrace();
324
//			array_walk( $aDebugBacktrace, create_function( '$a,$b', 'print "<br /><b>". basename( $a[\'file\'] ). "</b> &nbsp; <font color=\"red\">{$a[\'line\']}</font> &nbsp; <font color=\"green\">{$a[\'function\']} ()</font> &nbsp; -- ". dirname( $a[\'file\'] ). "/";' ) );
325
		    $msg =  "<div style=\"text-align:center;\"><h2>An error has occurred</h2><p>The <strong>Redirect</strong> could not be start automatically.\n" .
326
		         "Please click <a style=\"font-weight:bold;\" " .
327
		         "href=\"".$location."\">on this link</a> to continue!</p></div>\n";
328
329
			throw new AppException($msg);
330
		}
331
	}
332
333 1372 Luisehahne
/* ****************
334 1365 Luisehahne
 * set one or more bit in a integer value
335
 *
336
 * @access public
337
 * @param int $value: reference to the integer, containing the value
338
 * @param int $bits2set: the bitmask witch shall be added to value
339
 * @return void
340
 */
341
	function bit_set( &$value, $bits2set )
342
	{
343
		$value |= $bits2set;
344
	}
345
346
/* ****************
347
 * reset one or more bit from a integer value
348
 *
349
 * @access public
350
 * @param int $value: reference to the integer, containing the value
351
 * @param int $bits2reset: the bitmask witch shall be removed from value
352
 * @return void
353
 */
354
	function bit_reset( &$value, $bits2reset)
355
	{
356
		$value &= ~$bits2reset;
357
	}
358
359
/* ****************
360
 * check if one or more bit in a integer value are set
361
 *
362
 * @access public
363
 * @param int $value: reference to the integer, containing the value
364
 * @param int $bits2set: the bitmask witch shall be added to value
365
 * @return void
366
 */
367
	function bit_isset( $value, $bits2test )
368
	{
369
		return (($value & $bits2test) == $bits2test);
370
	}
371
372
	// Print a success message which then automatically redirects the user to another page
373 1373 Luisehahne
	function print_success( $message, $redirect = 'index.php' ) {
374 1365 Luisehahne
	    global $TEXT;
375 1443 Luisehahne
        if(is_array($message)) {
376
           $message = implode ('<br />',$message);
377
        }
378 1373 Luisehahne
	    // fetch redirect timer for sucess messages from settings table
379 1397 Luisehahne
	    $redirect_timer = ((defined( 'REDIRECT_TIMER' )) && (REDIRECT_TIMER <= 10000)) ? REDIRECT_TIMER : 0;
380 1365 Luisehahne
	    // add template variables
381 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
382 1625 Luisehahne
		$tpl = new Template(dirname($this->correct_theme_source('success.htt')));
383 1365 Luisehahne
	    $tpl->set_file( 'page', 'success.htt' );
384
	    $tpl->set_block( 'page', 'main_block', 'main' );
385 1373 Luisehahne
	    $tpl->set_block( 'main_block', 'show_redirect_block', 'show_redirect' );
386
	    $tpl->set_var( 'MESSAGE', $message );
387
	    $tpl->set_var( 'REDIRECT', $redirect );
388
	    $tpl->set_var( 'REDIRECT_TIMER', $redirect_timer );
389 1372 Luisehahne
	    $tpl->set_var( 'NEXT', $TEXT['NEXT'] );
390
	    $tpl->set_var( 'BACK', $TEXT['BACK'] );
391 1397 Luisehahne
	    if ($redirect_timer == -1) {
392 1365 Luisehahne
	        $tpl->set_block( 'show_redirect', '' );
393 1373 Luisehahne
	    }
394
	    else {
395 1365 Luisehahne
	        $tpl->parse( 'show_redirect', 'show_redirect_block', true );
396
	    }
397
	    $tpl->parse( 'main', 'main_block', false );
398
	    $tpl->pparse( 'output', 'page' );
399
	}
400
401
	// Print an error message
402 1373 Luisehahne
	function print_error($message, $link = 'index.php', $auto_footer = true) {
403 1365 Luisehahne
		global $TEXT;
404 1443 Luisehahne
        if(is_array($message)) {
405
           $message = implode ('<br />',$message);
406
        }
407 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
408 1625 Luisehahne
		$success_template = new Template(dirname($this->correct_theme_source('error.htt')));
409 1365 Luisehahne
		$success_template->set_file('page', 'error.htt');
410
		$success_template->set_block('page', 'main_block', 'main');
411
		$success_template->set_var('MESSAGE', $message);
412
		$success_template->set_var('LINK', $link);
413
		$success_template->set_var('BACK', $TEXT['BACK']);
414
		$success_template->parse('main', 'main_block', false);
415
		$success_template->pparse('output', 'page');
416
		if ( $auto_footer == true ) {
417
			if ( method_exists($this, "print_footer") ) {
418
				$this->print_footer();
419
			}
420
		}
421
		exit();
422
	}
423 1684 Luisehahne
/*
424
 * @param string $message: the message to format
425
 * @param string $status:  ('ok' / 'error' / '') status defines the apereance of the box
426
 * @return string: the html-formatted message (using template 'message.htt')
427
 */
428
	public function format_message($message, $status = 'ok')
429
	{
430
		$id = uniqid('x');
431
		$tpl = new Template(dirname($this->correct_theme_source('message.htt')));
432
		$tpl->set_file('page', 'message.htt');
433
		$tpl->set_block('page', 'main_block', 'main');
434
		$tpl->set_var('MESSAGE', $message);
435
 	    $tpl->set_var( 'THEME_URL', THEME_URL );
436
		$tpl->set_var( 'ID', $id );
437
		if($status == 'ok' || $status == 'error' || $status = 'warning')
438
		{
439
			$tpl->set_var('BOX_STATUS', ' box-'.$status);
440
		}else
441
		{
442
			$tpl->set_var('BOX_STATUS', '');
443
		}
444
		$tpl->set_var('STATUS', $status);
445
		if(!defined('REDIRECT_TIMER') ) { define('REDIRECT_TIMER', -1); }
446
		$retval = '';
447
		if( $status != 'error' )
448
		{
449
			switch(REDIRECT_TIMER):
450
				case 0: // do not show message
451
					unset($tpl);
452
					break;
453
				case -1: // show message permanently
454
					$tpl->parse('main', 'main_block', false);
455
					$retval = $tpl->finish($tpl->parse('output', 'page', false));
456
					unset($tpl);
457
					break;
458
				default: // hide message after REDIRECTOR_TIMER milliseconds
459
					$retval = '<script type="text/javascript">/* <![CDATA[ */ function '.$id.'_hide() {'.
460
							  'document.getElementById(\''.$id.'\').style.display = \'none\';}'.
461
							  'window.setTimeout(\''.$id.'_hide()\', '.REDIRECT_TIMER.');/* ]]> */ </script>';
462
					$tpl->parse('main', 'main_block', false);
463
					$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
464
					unset($tpl);
465
			endswitch;
466
		}else
467
		{
468
			$tpl->parse('main', 'main_block', false);
469
			$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
470
			unset($tpl);
471
		}
472
		return $retval;
473
	}
474 1782 Luisehahne
/*
475
 * @param string $type: 'locked'(default)  or 'new'
476
 * @return void: terminates application
477
 * @description: 'locked' >> Show maintenance screen and terminate, if system is locked
478
 *               'new' >> Show 'new site under construction'(former print_under_construction)
479
 */
480
	public function ShowMaintainScreen($type = 'locked')
481
	{
482
		global $database, $MESSAGE;
483
		$CHECK_BACK = $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'];
484
		$BE_PATIENT = '';
485
		$LANGUAGE   = strtolower((isset($_SESSION['LANGUAGE']) ? $_SESSION['LANGUAGE'] : LANGUAGE ));
486 1365 Luisehahne
487 1782 Luisehahne
		$show_screen = false;
488
		if($type == 'locked')
489
		{
490
			$curr_user = (intval(isset($_SESSION['USER_ID']) ? $_SESSION['USER_ID'] : 0) ) ;
491
			if( (defined('SYSTEM_LOCKED') && (int)SYSTEM_LOCKED == 1) && ($curr_user != 1))
492
			{
493
				header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
494
	// first kick logged users out of the system
495
		// delete all remember keys from table 'user' except user_id=1
496
				$sql  = 'UPDATE `'.TABLE_PREFIX.'users` SET `remember_key`=\'\' ';
497
				$sql .= 'WHERE `user_id`<>1';
498
				$database->query($sql);
499
		// delete remember key-cookie if set
500
				if (isset($_COOKIE['REMEMBER_KEY'])) {
501
					setcookie('REMEMBER_KEY', '', time() - 3600, '/');
502
				}
503
		// overwrite session array
504
				$_SESSION = array();
505
		// delete session cookie if set
506
				if (ini_get("session.use_cookies")) {
507
					$params = session_get_cookie_params();
508
					setcookie(session_name(), '', time() - 42000, $params["path"],
509
						$params["domain"], $params["secure"], $params["httponly"]
510
					);
511
				}
512
		// delete the session itself
513
				session_destroy();
514
				$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_LOCKED'];
515
				$BE_PATIENT = $MESSAGE['GENERIC_BE_PATIENT'];
516
				$PAGE_ICON  = 'system';
517
				$show_screen = true;
518
			}
519
		} else {
520
			header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
521
			$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'];
522
			$PAGE_ICON  = 'negative';
523
			$show_screen = true;
524
		}
525
		if($show_screen)
526
		{
527 1808 Luisehahne
            $sMaintanceFile = $this->correct_theme_source('maintenance.htt');
528 1782 Luisehahne
    		if(file_exists($sMaintanceFile))
529
    		{
530
                $tpl = new Template(dirname( $sMaintanceFile ));
531 1808 Luisehahne
    		    $tpl->set_file( 'page', 'maintenance.htt' );
532 1782 Luisehahne
    		    $tpl->set_block( 'page', 'main_block', 'main' );
533
534
    			if(defined('DEFAULT_CHARSET'))
535
    			{
536
    				$charset=DEFAULT_CHARSET;
537
    			} else {
538
    				$charset='utf-8';
539
    			}
540
    		    $tpl->set_var( 'PAGE_TITLE', $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'] );
541
    	 	    $tpl->set_var( 'CHECK_BACK', $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'] );
542
    	 	    $tpl->set_var( 'CHARSET', $charset );
543
    	 	    $tpl->set_var( 'WB_URL', WB_URL );
544
    	 	    $tpl->set_var( 'BE_PATIENT', $BE_PATIENT );
545
    	 	    $tpl->set_var( 'THEME_URL', THEME_URL );
546
    			$tpl->set_var( 'PAGE_ICON', $PAGE_ICON);
547
    			$tpl->set_var( 'LANGUAGE', strtolower(LANGUAGE));
548
    		    $tpl->parse( 'main', 'main_block', false );
549
    		    $tpl->pparse( 'output', 'page' );
550
                exit();
551
    		} else {
552
    		 require_once(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php');
553
    		echo '<!DOCTYPE html PUBLIC "-W3CDTD XHTML 1.0 TransitionalEN" "http:www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
554
    		<head><title>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</title>
555
    		<style type="text/css"><!-- body{ font-family: Verdana, Arial, Helvetica, sans-serif;font-size: 12px; background-image: url("'.WB_URL.'/templates/'.DEFAULT_THEME.'/images/background.png");background-repeat: repeat-x; background-color: #A8BCCB; text-align: center; }
556
    		h1 { margin: 0; padding: 0; font-size: 18px; color: #000; text-transform: uppercase;}--></style></head><body>
557
    		<br /><h1>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</h1><br />
558
    		'.$MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'].'</body></html>';
559
    		}
560
    		flush();
561
            exit();
562
		}
563
	}
564
565 1365 Luisehahne
	// Validate send email
566 1650 darkviper
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='', $replyTo='') {
567 1698 Luisehahne
/*
568 1487 DarkViper
	INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
569
	SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
570
	NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
571 1365 Luisehahne
572 1487 DarkViper
	NOTE:
573
	To use SMTP for sending out mails, you have to specify the SMTP host of your domain
574
	via the Settings panel in the backend of Website Baker
575 1698 Luisehahne
*/
576 1365 Luisehahne
577
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
578
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
579
		$subject = preg_replace('/[\r\n]/', '', $subject);
580 1650 darkviper
		$replyTo = preg_replace('/[\r\n]/', '', $replyTo);
581 1463 Luisehahne
		// $message_alt = $message;
582
		// $message = preg_replace('/[\r\n]/', '<br \>', $message);
583
584 1365 Luisehahne
		// create PHPMailer object and define default settings
585
		$myMail = new wbmailer();
586
		// set user defined from address
587
		if ($fromaddress!='') {
588 1487 DarkViper
			if($fromname!='') $myMail->FromName = $fromname;  // FROM-NAME
589
			$myMail->From = $fromaddress;                     // FROM:
590 1650 darkviper
//			$myMail->AddReplyTo($fromaddress);                // REPLY TO:
591
		}
592
		if($replyTo) {
593 1655 Luisehahne
			$myMail->AddReplyTo($replyTo);                // REPLY TO:
594 1365 Luisehahne
		}
595
		// define recepient and information to send out
596 1487 DarkViper
		$myMail->AddAddress($toaddress);                      // TO:
597
		$myMail->Subject = $subject;                          // SUBJECT
598
		$myMail->Body = nl2br($message);                      // CONTENT (HTML)
599
		$myMail->AltBody = strip_tags($message);              // CONTENT (TEXT)
600 1365 Luisehahne
		// check if there are any send mail errors, otherwise say successful
601
		if (!$myMail->Send()) {
602
			return false;
603
		} else {
604
			return true;
605
		}
606
	}
607
608 1625 Luisehahne
	 /**
609
	  * checks if there is an alternative Theme template
610
	  *
611
	  * @param string $sThemeFile set the template.htt
612
	  * @return string the relative theme path
613
	  *
614
	  */
615
        function correct_theme_source($sThemeFile = 'start.htt') {
616
		$sRetval = $sThemeFile;
617
		if (file_exists(THEME_PATH.'/templates/'.$sThemeFile )) {
618
			$sRetval = THEME_PATH.'/templates/'.$sThemeFile;
619
		} else {
620 1641 Luisehahne
			if (file_exists(ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile ) ) {
621
			$sRetval = ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile;
622 1625 Luisehahne
			} else {
623
				throw new InvalidArgumentException('missing template file '.$sThemeFile);
624
			}
625
		}
626
		return $sRetval;
627
        }
628 1529 Luisehahne
629
	/**
630
	 * Check if a foldername doesn't have invalid characters
631
	 *
632
	 * @param String $str to check
633
	 * @return Bool
634
	 */
635
	function checkFolderName($str){
636
		return !( preg_match('#\^|\\\|\/|\.|\?|\*|"|\'|\<|\>|\:|\|#i', $str) ? TRUE : FALSE );
637
	}
638
639
	/**
640
	 * Check the given path to make sure current path is within given basedir
641
	 * normally document root
642
	 *
643
	 * @param String $sCurrentPath
644
	 * @param String $sBaseDir
645
	 * @return $sCurrentPath or FALSE
646
	 */
647
	function checkpath($sCurrentPath, $sBaseDir = WB_PATH){
648
		// Clean the cuurent path
649
        $sCurrentPath = rawurldecode($sCurrentPath);
650
        $sCurrentPath = realpath($sCurrentPath);
651
        $sBaseDir = realpath($sBaseDir);
652
		// $sBaseDir needs to exist in the $sCurrentPath
653
		$pos = stripos ($sCurrentPath, $sBaseDir );
654
655
		if ( $pos === FALSE ){
656
			return false;
657
		} elseif( $pos == 0 ) {
658
			return $sCurrentPath;
659
		} else {
660
			return false;
661
		}
662
	}
663
664 1777 Luisehahne
	/**
665
     *
666 1801 Luisehahne
     * remove <?php code ?>, [[text]], link, script, scriptblock and styleblock from a given string
667 1777 Luisehahne
     * and return the cleaned string
668
	 *
669
	 * @param string $sValue
670
     * @returns
671
     *    false: if @param is not a string
672
     *    string: cleaned string
673
	 */
674 1808 Luisehahne
	public function StripCodeFromText($sValue, $bPHPCode=false){
675 1777 Luisehahne
        if(!is_string($sValue)) { return false; }
676 1808 Luisehahne
        $sValue = ( ($bPHPCode==true) ? preg_replace ('/\[\[.*?\]\]\s*?|<\?php\s+.*\?>\s*?/isU', '', $sValue ) : $sValue );
677 1777 Luisehahne
        $sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU';
678
        return (preg_replace ($sPattern, '', $sValue));
679
	}
680
681
682 1365 Luisehahne
}