Project

General

Profile

1 1365 Luisehahne
<?php
2
/**
3
 *
4 1529 Luisehahne
 * @category        framework
5 1698 Luisehahne
 * @package         frontend
6 1782 Luisehahne
 * @author          Ryan Djurovich (2004-2009), WebsiteBaker Project
7 1698 Luisehahne
 * @copyright       2009-2012, WebsiteBaker Org. e.V.
8 1365 Luisehahne
 * @link			http://www.websitebaker2.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11 1374 Luisehahne
 * @requirements    PHP 5.2.2 and higher
12 1365 Luisehahne
 * @version         $Id$
13 1457 Luisehahne
 * @filesource		$HeadURL$
14
 * @lastmodified    $Date$
15 1365 Luisehahne
 *
16
 */
17 1496 DarkViper
/* -------------------------------------------------------- */
18
// Must include code to stop this file being accessed directly
19 1499 DarkViper
if(!defined('WB_PATH')) {
20
	require_once(dirname(__FILE__).'/globalExceptionHandler.php');
21
	throw new IllegalFileException();
22
}
23 1496 DarkViper
/* -------------------------------------------------------- */
24 1365 Luisehahne
// Include PHPLIB template class
25 1808 Luisehahne
if(!class_exists('Template', false)){ include(WB_PATH.'/include/phplib/template.inc'); }
26 1365 Luisehahne
// Include new wbmailer class (subclass of PHPmailer)
27 1808 Luisehahne
if(!class_exists('wbmailer', false)){ include(WB_PATH.'/framework/class.wbmailer.php'); }
28 1365 Luisehahne
29
class wb extends SecureForm
30
{
31
32 1457 Luisehahne
 	public $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+\@\$\&\:';	// General initialization function
33 1782 Luisehahne
34 1365 Luisehahne
	// performed when frontend or backend is loaded.
35 1394 Luisehahne
	public function  __construct($mode = SecureForm::FRONTEND) {
36
		parent::__construct($mode);
37 1365 Luisehahne
	}
38
39 1791 Luisehahne
/**
40
 *
41
 *
42
 * @return array of first visible language pages with defined fields
43
 *
44
 */
45
	public function GetLanguagesDetailsInUsed ( ) {
46
        global $database;
47 1796 Luisehahne
        $aRetval = array();
48 1791 Luisehahne
        $sql =
49
            'SELECT DISTINCT `language`'.
50
            ', `page_id`,`level`,`parent`,`root_parent`,`page_code`,`link`,`language`'.
51
            ', `visibility`,`viewing_groups`,`viewing_users`,`position` '.
52
            'FROM `'.TABLE_PREFIX.'pages` '.
53
            'WHERE `level`= \'0\' '.
54
              'AND `root_parent`=`page_id` '.
55
              'AND `visibility`!=\'none\' '.
56
              'AND `visibility`!=\'hidden\' '.
57
            'GROUP BY `language` '.
58
            'ORDER BY `position`';
59 1782 Luisehahne
60 1791 Luisehahne
            if($oRes = $database->query($sql))
61
            {
62
                while($page = $oRes->fetchRow(MYSQL_ASSOC))
63
                {
64
                    if(!$this->page_is_visible($page)) {continue;}
65 1796 Luisehahne
                    $aRetval[$page['language']] = $page;
66 1791 Luisehahne
                }
67
            }
68 1796 Luisehahne
        return $aRetval;
69 1782 Luisehahne
	}
70
71 1791 Luisehahne
/**
72
 *
73
 *
74
 * @return comma separate list of first visible languages
75
 *
76
 */
77
	public function GetLanguagesInUsed ( ) {
78 1796 Luisehahne
        return implode(',', array_keys($this->GetLanguagesDetailsInUsed()));
79
  	}
80 1782 Luisehahne
81
82 1834 Luisehahne
    /**
83
     * Created parse_url utf-8 compatible function
84
     *
85
     * @param string $url The string to decode
86
     * @return array Associative array containing the different components
87
     *
88
     */
89
    public function mb_parse_url($url) {
90
        $encodedUrl = preg_replace('%[^:/?#&=\.]+%usDe', 'urlencode(\'$0\')', $url);
91
        $components = parse_url($encodedUrl);
92
        foreach ($components as &$component)
93
            $component = urldecode($component);
94
        return $components;
95
    }
96
97 1373 Luisehahne
/* ****************
98 1440 Luisehahne
 * check if one or more group_ids are in both group_lists
99
 *
100
 * @access public
101
 * @param mixed $groups_list1: an array or a coma seperated list of group-ids
102
 * @param mixed $groups_list2: an array or a coma seperated list of group-ids
103
 * @param array &$matches: an array-var whitch will return possible matches
104
 * @return bool: true there is a match, otherwise false
105
 */
106 1698 Luisehahne
	public function is_group_match( $groups_list1 = '', $groups_list2 = '', &$matches = null )
107 1440 Luisehahne
	{
108
		if( $groups_list1 == '' ) { return false; }
109
		if( $groups_list2 == '' ) { return false; }
110
		if( !is_array($groups_list1) )
111
		{
112
			$groups_list1 = explode(',', $groups_list1);
113
		}
114
		if( !is_array($groups_list2) )
115
		{
116
			$groups_list2 = explode(',', $groups_list2);
117
		}
118
		$matches = array_intersect( $groups_list1, $groups_list2);
119
		return ( sizeof($matches) != 0 );
120
	}
121
/* ****************
122 1373 Luisehahne
 * check if current user is member of at least one of given groups
123
 * ADMIN (uid=1) always is treated like a member of any groups
124
 *
125
 * @access public
126
 * @param mixed $groups_list: an array or a coma seperated list of group-ids
127
 * @return bool: true if current user is member of one of this groups, otherwise false
128
 */
129 1698 Luisehahne
	public function ami_group_member( $groups_list = '' )
130 1373 Luisehahne
	{
131
		if( $this->get_user_id() == 1 ) { return true; }
132
		return $this->is_group_match( $groups_list, $this->get_groups_id() );
133
	}
134
135 1791 Luisehahne
// Check whether a page is visible or not.
136
// This will check page-visibility and user- and group-rights.
137
/* page_is_visible() returns
138
	false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
139
	true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
140
*/
141 1698 Luisehahne
	public function page_is_visible($page)
142 1365 Luisehahne
    {
143 1698 Luisehahne
		// First check if visibility is 'none', 'deleted'
144 1373 Luisehahne
		$show_it = false; // shall we show the page?
145 1698 Luisehahne
		switch( $page['visibility'] )
146
		{
147
			case 'none':
148
			case 'deleted':
149
				$show_it = false;
150
				break;
151
			case 'hidden':
152
			case 'public':
153
				$show_it = true;
154
				break;
155
			case 'private':
156
			case 'registered':
157
				if($this->is_authenticated() == true)
158
				{
159
					$show_it = ( $this->is_group_match($this->get_groups_id(), $page['viewing_groups']) ||
160
								 $this->is_group_match($this->get_user_id(), $page['viewing_users']) );
161
				}
162 1373 Luisehahne
		}
163
164 1365 Luisehahne
		return($show_it);
165
	}
166 1698 Luisehahne
167 1365 Luisehahne
	// Check if there is at least one active section on this page
168 1698 Luisehahne
	public function page_is_active($page)
169 1365 Luisehahne
    {
170
		global $database;
171
		$now = time();
172 1698 Luisehahne
		$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'sections` ';
173
		$sql .= 'WHERE ('.$now.' BETWEEN `publ_start` AND `publ_end`) OR ';
174
		$sql .=       '('.$now.' > `publ_start` AND `publ_end`=0) ';
175
		$sql .=       'AND `page_id`='.(int)$page['page_id'];
176
		return ($database->get_one($sql) != false);
177
   	}
178 1365 Luisehahne
179
	// Check whether we should show a page or not (for front-end)
180 1698 Luisehahne
	public function show_page($page)
181 1365 Luisehahne
    {
182 1698 Luisehahne
		if( !is_array($page) )
183
		{
184
			$sql  = 'SELECT `page_id`, `visibility`, `viewing_groups`, `viewing_users` ';
185
			$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page;
186
			if( ($res_pages = $database->query($sql))!= null )
187
			{
188
				if( !($page = $res_pages->fetchRow()) ) { return false; }
189
			}
190
		}
191
		return ($this->page_is_visible($page) && $this->page_is_active($page));
192 1365 Luisehahne
	}
193
194
	// Check if the user is already authenticated or not
195 1698 Luisehahne
	public function is_authenticated() {
196 1487 DarkViper
		$retval = ( isset($_SESSION['USER_ID']) AND
197
		            $_SESSION['USER_ID'] != "" AND
198
		            is_numeric($_SESSION['USER_ID']));
199
        return $retval;
200 1365 Luisehahne
	}
201
202
	// Modified addslashes function which takes into account magic_quotes
203
	function add_slashes($input) {
204 1487 DarkViper
		if( get_magic_quotes_gpc() || (!is_string($input)) ) {
205 1365 Luisehahne
			return $input;
206
		}
207 1487 DarkViper
		return addslashes($input);
208 1365 Luisehahne
	}
209
210
	// Ditto for stripslashes
211
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
212
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
213
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
214
	function strip_slashes($input) {
215
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
216
			return $input;
217
		}
218 1487 DarkViper
		return stripslashes($input);
219 1365 Luisehahne
	}
220
221
	// Escape backslashes for use with mySQL LIKE strings
222
	function escape_backslashes($input) {
223
		return str_replace("\\","\\\\",$input);
224
	}
225
226
	function page_link($link){
227
		// Check for :// in the link (used in URL's) as well as mailto:
228 1373 Luisehahne
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
229 1365 Luisehahne
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
230
		} else {
231
			return $link;
232
		}
233
	}
234 1698 Luisehahne
235 1365 Luisehahne
	// Get POST data
236
	function get_post($field) {
237 1487 DarkViper
		return (isset($_POST[$field]) ? $_POST[$field] : null);
238 1365 Luisehahne
	}
239
240
	// Get POST data and escape it
241
	function get_post_escaped($field) {
242
		$result = $this->get_post($field);
243
		return (is_null($result)) ? null : $this->add_slashes($result);
244
	}
245 1698 Luisehahne
246 1365 Luisehahne
	// Get GET data
247
	function get_get($field) {
248 1487 DarkViper
		return (isset($_GET[$field]) ? $_GET[$field] : null);
249 1365 Luisehahne
	}
250
251
	// Get SESSION data
252
	function get_session($field) {
253 1487 DarkViper
		return (isset($_SESSION[$field]) ? $_SESSION[$field] : null);
254 1365 Luisehahne
	}
255
256
	// Get SERVER data
257
	function get_server($field) {
258 1487 DarkViper
		return (isset($_SERVER[$field]) ? $_SERVER[$field] : null);
259 1365 Luisehahne
	}
260
261
	// Get the current users id
262
	function get_user_id() {
263 1511 Luisehahne
		return $this->get_session('USER_ID');
264 1365 Luisehahne
	}
265
266 1373 Luisehahne
	// Get the current users group id
267 1365 Luisehahne
	function get_group_id() {
268 1511 Luisehahne
		return $this->get_session('GROUP_ID');
269 1365 Luisehahne
	}
270
271
	// Get the current users group ids
272
	function get_groups_id() {
273 1511 Luisehahne
		return explode(",", $this->get_session('GROUPS_ID'));
274 1365 Luisehahne
	}
275
276
	// Get the current users group name
277
	function get_group_name() {
278 1511 Luisehahne
		return implode(",", $this->get_session('GROUP_NAME'));
279 1365 Luisehahne
	}
280
281
	// Get the current users group name
282
	function get_groups_name() {
283 1511 Luisehahne
		return $this->get_session('GROUP_NAME');
284 1365 Luisehahne
	}
285
286
	// Get the current users username
287
	function get_username() {
288 1511 Luisehahne
		return $this->get_session('USERNAME');
289 1365 Luisehahne
	}
290
291
	// Get the current users display name
292
	function get_display_name() {
293 1511 Luisehahne
		return $this->get_session('DISPLAY_NAME');
294 1365 Luisehahne
	}
295
296
	// Get the current users email address
297
	function get_email() {
298 1511 Luisehahne
		return $this->get_session('EMAIL');
299 1365 Luisehahne
	}
300
301
	// Get the current users home folder
302
	function get_home_folder() {
303 1511 Luisehahne
		return $this->get_session('HOME_FOLDER');
304 1365 Luisehahne
	}
305
306
	// Get the current users timezone
307
	function get_timezone() {
308 1487 DarkViper
		return (isset($_SESSION['USE_DEFAULT_TIMEZONE']) ? '-72000' : $_SESSION['TIMEZONE']);
309 1365 Luisehahne
	}
310
311 1373 Luisehahne
	// Validate supplied email address
312
	function validate_email($email) {
313
		if(function_exists('idn_to_ascii')){ /* use pear if available */
314
			$email = idn_to_ascii($email);
315
		}else {
316
			require_once(WB_PATH.'/include/idna_convert/idna_convert.class.php');
317
			$IDN = new idna_convert();
318
			$email = $IDN->encode($email);
319
			unset($IDN);
320 1372 Luisehahne
		}
321 1378 Luisehahne
		// regex from NorHei 2011-01-11
322
		$retval = preg_match("/^((([!#$%&'*+\\-\/\=?^_`{|}~\w])|([!#$%&'*+\\-\/\=?^_`{|}~\w][!#$%&'*+\\-\/\=?^_`{|}~\.\w]{0,}[!#$%&'*+\\-\/\=?^_`{|}~\w]))[@]\w+(([-.]|\-\-)\w+)*\.\w+(([-.]|\-\-)\w+)*)$/", $email);
323
		return ($retval != false);
324 1372 Luisehahne
	}
325
326 1698 Luisehahne
	/**
327
     * replace header('Location:...  with new method
328
	 * if header send failed you get a manuell redirected link, so script don't break
329 1777 Luisehahne
	 *
330 1698 Luisehahne
	 * @param string $location, redirected url
331
	 * @return void
332
	 */
333
	public function send_header ($location) {
334
		if(!headers_sent()) {
335
			header('Location: '.$location);
336
		    exit(0);
337
		} else {
338
//			$aDebugBacktrace = debug_backtrace();
339
//			array_walk( $aDebugBacktrace, create_function( '$a,$b', 'print "<br /><b>". basename( $a[\'file\'] ). "</b> &nbsp; <font color=\"red\">{$a[\'line\']}</font> &nbsp; <font color=\"green\">{$a[\'function\']} ()</font> &nbsp; -- ". dirname( $a[\'file\'] ). "/";' ) );
340
		    $msg =  "<div style=\"text-align:center;\"><h2>An error has occurred</h2><p>The <strong>Redirect</strong> could not be start automatically.\n" .
341
		         "Please click <a style=\"font-weight:bold;\" " .
342
		         "href=\"".$location."\">on this link</a> to continue!</p></div>\n";
343
344
			throw new AppException($msg);
345
		}
346
	}
347
348 1372 Luisehahne
/* ****************
349 1365 Luisehahne
 * set one or more bit in a integer value
350
 *
351
 * @access public
352
 * @param int $value: reference to the integer, containing the value
353
 * @param int $bits2set: the bitmask witch shall be added to value
354
 * @return void
355
 */
356
	function bit_set( &$value, $bits2set )
357
	{
358
		$value |= $bits2set;
359
	}
360
361
/* ****************
362
 * reset one or more bit from a integer value
363
 *
364
 * @access public
365
 * @param int $value: reference to the integer, containing the value
366
 * @param int $bits2reset: the bitmask witch shall be removed from value
367
 * @return void
368
 */
369
	function bit_reset( &$value, $bits2reset)
370
	{
371
		$value &= ~$bits2reset;
372
	}
373
374
/* ****************
375
 * check if one or more bit in a integer value are set
376
 *
377
 * @access public
378
 * @param int $value: reference to the integer, containing the value
379
 * @param int $bits2set: the bitmask witch shall be added to value
380
 * @return void
381
 */
382
	function bit_isset( $value, $bits2test )
383
	{
384
		return (($value & $bits2test) == $bits2test);
385
	}
386
387
	// Print a success message which then automatically redirects the user to another page
388 1373 Luisehahne
	function print_success( $message, $redirect = 'index.php' ) {
389 1365 Luisehahne
	    global $TEXT;
390 1443 Luisehahne
        if(is_array($message)) {
391
           $message = implode ('<br />',$message);
392
        }
393 1373 Luisehahne
	    // fetch redirect timer for sucess messages from settings table
394 1397 Luisehahne
	    $redirect_timer = ((defined( 'REDIRECT_TIMER' )) && (REDIRECT_TIMER <= 10000)) ? REDIRECT_TIMER : 0;
395 1365 Luisehahne
	    // add template variables
396 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
397 1625 Luisehahne
		$tpl = new Template(dirname($this->correct_theme_source('success.htt')));
398 1365 Luisehahne
	    $tpl->set_file( 'page', 'success.htt' );
399
	    $tpl->set_block( 'page', 'main_block', 'main' );
400 1373 Luisehahne
	    $tpl->set_block( 'main_block', 'show_redirect_block', 'show_redirect' );
401
	    $tpl->set_var( 'MESSAGE', $message );
402
	    $tpl->set_var( 'REDIRECT', $redirect );
403
	    $tpl->set_var( 'REDIRECT_TIMER', $redirect_timer );
404 1372 Luisehahne
	    $tpl->set_var( 'NEXT', $TEXT['NEXT'] );
405
	    $tpl->set_var( 'BACK', $TEXT['BACK'] );
406 1397 Luisehahne
	    if ($redirect_timer == -1) {
407 1365 Luisehahne
	        $tpl->set_block( 'show_redirect', '' );
408 1373 Luisehahne
	    }
409
	    else {
410 1365 Luisehahne
	        $tpl->parse( 'show_redirect', 'show_redirect_block', true );
411
	    }
412
	    $tpl->parse( 'main', 'main_block', false );
413
	    $tpl->pparse( 'output', 'page' );
414
	}
415
416
	// Print an error message
417 1373 Luisehahne
	function print_error($message, $link = 'index.php', $auto_footer = true) {
418 1365 Luisehahne
		global $TEXT;
419 1443 Luisehahne
        if(is_array($message)) {
420
           $message = implode ('<br />',$message);
421
        }
422 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
423 1625 Luisehahne
		$success_template = new Template(dirname($this->correct_theme_source('error.htt')));
424 1365 Luisehahne
		$success_template->set_file('page', 'error.htt');
425
		$success_template->set_block('page', 'main_block', 'main');
426
		$success_template->set_var('MESSAGE', $message);
427
		$success_template->set_var('LINK', $link);
428
		$success_template->set_var('BACK', $TEXT['BACK']);
429
		$success_template->parse('main', 'main_block', false);
430
		$success_template->pparse('output', 'page');
431
		if ( $auto_footer == true ) {
432
			if ( method_exists($this, "print_footer") ) {
433
				$this->print_footer();
434
			}
435
		}
436
		exit();
437
	}
438 1684 Luisehahne
/*
439
 * @param string $message: the message to format
440
 * @param string $status:  ('ok' / 'error' / '') status defines the apereance of the box
441
 * @return string: the html-formatted message (using template 'message.htt')
442
 */
443
	public function format_message($message, $status = 'ok')
444
	{
445
		$id = uniqid('x');
446
		$tpl = new Template(dirname($this->correct_theme_source('message.htt')));
447
		$tpl->set_file('page', 'message.htt');
448
		$tpl->set_block('page', 'main_block', 'main');
449
		$tpl->set_var('MESSAGE', $message);
450
 	    $tpl->set_var( 'THEME_URL', THEME_URL );
451
		$tpl->set_var( 'ID', $id );
452
		if($status == 'ok' || $status == 'error' || $status = 'warning')
453
		{
454
			$tpl->set_var('BOX_STATUS', ' box-'.$status);
455
		}else
456
		{
457
			$tpl->set_var('BOX_STATUS', '');
458
		}
459
		$tpl->set_var('STATUS', $status);
460
		if(!defined('REDIRECT_TIMER') ) { define('REDIRECT_TIMER', -1); }
461
		$retval = '';
462
		if( $status != 'error' )
463
		{
464
			switch(REDIRECT_TIMER):
465
				case 0: // do not show message
466
					unset($tpl);
467
					break;
468
				case -1: // show message permanently
469
					$tpl->parse('main', 'main_block', false);
470
					$retval = $tpl->finish($tpl->parse('output', 'page', false));
471
					unset($tpl);
472
					break;
473
				default: // hide message after REDIRECTOR_TIMER milliseconds
474
					$retval = '<script type="text/javascript">/* <![CDATA[ */ function '.$id.'_hide() {'.
475
							  'document.getElementById(\''.$id.'\').style.display = \'none\';}'.
476
							  'window.setTimeout(\''.$id.'_hide()\', '.REDIRECT_TIMER.');/* ]]> */ </script>';
477
					$tpl->parse('main', 'main_block', false);
478
					$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
479
					unset($tpl);
480
			endswitch;
481
		}else
482
		{
483
			$tpl->parse('main', 'main_block', false);
484
			$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
485
			unset($tpl);
486
		}
487
		return $retval;
488
	}
489 1782 Luisehahne
/*
490
 * @param string $type: 'locked'(default)  or 'new'
491
 * @return void: terminates application
492
 * @description: 'locked' >> Show maintenance screen and terminate, if system is locked
493
 *               'new' >> Show 'new site under construction'(former print_under_construction)
494
 */
495
	public function ShowMaintainScreen($type = 'locked')
496
	{
497
		global $database, $MESSAGE;
498
		$CHECK_BACK = $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'];
499
		$BE_PATIENT = '';
500
		$LANGUAGE   = strtolower((isset($_SESSION['LANGUAGE']) ? $_SESSION['LANGUAGE'] : LANGUAGE ));
501 1365 Luisehahne
502 1782 Luisehahne
		$show_screen = false;
503
		if($type == 'locked')
504
		{
505
			$curr_user = (intval(isset($_SESSION['USER_ID']) ? $_SESSION['USER_ID'] : 0) ) ;
506
			if( (defined('SYSTEM_LOCKED') && (int)SYSTEM_LOCKED == 1) && ($curr_user != 1))
507
			{
508
				header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
509
	// first kick logged users out of the system
510
		// delete all remember keys from table 'user' except user_id=1
511
				$sql  = 'UPDATE `'.TABLE_PREFIX.'users` SET `remember_key`=\'\' ';
512
				$sql .= 'WHERE `user_id`<>1';
513
				$database->query($sql);
514
		// delete remember key-cookie if set
515
				if (isset($_COOKIE['REMEMBER_KEY'])) {
516
					setcookie('REMEMBER_KEY', '', time() - 3600, '/');
517
				}
518
		// overwrite session array
519
				$_SESSION = array();
520
		// delete session cookie if set
521
				if (ini_get("session.use_cookies")) {
522
					$params = session_get_cookie_params();
523
					setcookie(session_name(), '', time() - 42000, $params["path"],
524
						$params["domain"], $params["secure"], $params["httponly"]
525
					);
526
				}
527
		// delete the session itself
528
				session_destroy();
529
				$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_LOCKED'];
530
				$BE_PATIENT = $MESSAGE['GENERIC_BE_PATIENT'];
531
				$PAGE_ICON  = 'system';
532
				$show_screen = true;
533
			}
534
		} else {
535
			header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
536
			$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'];
537
			$PAGE_ICON  = 'negative';
538
			$show_screen = true;
539
		}
540
		if($show_screen)
541
		{
542 1808 Luisehahne
            $sMaintanceFile = $this->correct_theme_source('maintenance.htt');
543 1782 Luisehahne
    		if(file_exists($sMaintanceFile))
544
    		{
545
                $tpl = new Template(dirname( $sMaintanceFile ));
546 1808 Luisehahne
    		    $tpl->set_file( 'page', 'maintenance.htt' );
547 1782 Luisehahne
    		    $tpl->set_block( 'page', 'main_block', 'main' );
548
549
    			if(defined('DEFAULT_CHARSET'))
550
    			{
551
    				$charset=DEFAULT_CHARSET;
552
    			} else {
553
    				$charset='utf-8';
554
    			}
555
    		    $tpl->set_var( 'PAGE_TITLE', $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'] );
556
    	 	    $tpl->set_var( 'CHECK_BACK', $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'] );
557
    	 	    $tpl->set_var( 'CHARSET', $charset );
558
    	 	    $tpl->set_var( 'WB_URL', WB_URL );
559
    	 	    $tpl->set_var( 'BE_PATIENT', $BE_PATIENT );
560
    	 	    $tpl->set_var( 'THEME_URL', THEME_URL );
561
    			$tpl->set_var( 'PAGE_ICON', $PAGE_ICON);
562
    			$tpl->set_var( 'LANGUAGE', strtolower(LANGUAGE));
563
    		    $tpl->parse( 'main', 'main_block', false );
564
    		    $tpl->pparse( 'output', 'page' );
565
                exit();
566
    		} else {
567
    		 require_once(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php');
568
    		echo '<!DOCTYPE html PUBLIC "-W3CDTD XHTML 1.0 TransitionalEN" "http:www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
569
    		<head><title>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</title>
570
    		<style type="text/css"><!-- body{ font-family: Verdana, Arial, Helvetica, sans-serif;font-size: 12px; background-image: url("'.WB_URL.'/templates/'.DEFAULT_THEME.'/images/background.png");background-repeat: repeat-x; background-color: #A8BCCB; text-align: center; }
571
    		h1 { margin: 0; padding: 0; font-size: 18px; color: #000; text-transform: uppercase;}--></style></head><body>
572
    		<br /><h1>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</h1><br />
573
    		'.$MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'].'</body></html>';
574
    		}
575
    		flush();
576
            exit();
577
		}
578
	}
579
580 1365 Luisehahne
	// Validate send email
581 1650 darkviper
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='', $replyTo='') {
582 1698 Luisehahne
/*
583 1487 DarkViper
	INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
584
	SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
585
	NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
586 1365 Luisehahne
587 1487 DarkViper
	NOTE:
588
	To use SMTP for sending out mails, you have to specify the SMTP host of your domain
589
	via the Settings panel in the backend of Website Baker
590 1698 Luisehahne
*/
591 1365 Luisehahne
592
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
593
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
594
		$subject = preg_replace('/[\r\n]/', '', $subject);
595 1650 darkviper
		$replyTo = preg_replace('/[\r\n]/', '', $replyTo);
596 1463 Luisehahne
		// $message_alt = $message;
597
		// $message = preg_replace('/[\r\n]/', '<br \>', $message);
598
599 1365 Luisehahne
		// create PHPMailer object and define default settings
600
		$myMail = new wbmailer();
601
		// set user defined from address
602
		if ($fromaddress!='') {
603 1487 DarkViper
			if($fromname!='') $myMail->FromName = $fromname;  // FROM-NAME
604
			$myMail->From = $fromaddress;                     // FROM:
605 1650 darkviper
//			$myMail->AddReplyTo($fromaddress);                // REPLY TO:
606
		}
607
		if($replyTo) {
608 1655 Luisehahne
			$myMail->AddReplyTo($replyTo);                // REPLY TO:
609 1365 Luisehahne
		}
610
		// define recepient and information to send out
611 1487 DarkViper
		$myMail->AddAddress($toaddress);                      // TO:
612
		$myMail->Subject = $subject;                          // SUBJECT
613
		$myMail->Body = nl2br($message);                      // CONTENT (HTML)
614
		$myMail->AltBody = strip_tags($message);              // CONTENT (TEXT)
615 1365 Luisehahne
		// check if there are any send mail errors, otherwise say successful
616
		if (!$myMail->Send()) {
617
			return false;
618
		} else {
619
			return true;
620
		}
621
	}
622
623 1625 Luisehahne
	 /**
624
	  * checks if there is an alternative Theme template
625
	  *
626
	  * @param string $sThemeFile set the template.htt
627
	  * @return string the relative theme path
628
	  *
629
	  */
630
        function correct_theme_source($sThemeFile = 'start.htt') {
631
		$sRetval = $sThemeFile;
632
		if (file_exists(THEME_PATH.'/templates/'.$sThemeFile )) {
633
			$sRetval = THEME_PATH.'/templates/'.$sThemeFile;
634
		} else {
635 1641 Luisehahne
			if (file_exists(ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile ) ) {
636
			$sRetval = ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile;
637 1625 Luisehahne
			} else {
638
				throw new InvalidArgumentException('missing template file '.$sThemeFile);
639
			}
640
		}
641
		return $sRetval;
642
        }
643 1529 Luisehahne
644
	/**
645
	 * Check if a foldername doesn't have invalid characters
646
	 *
647
	 * @param String $str to check
648
	 * @return Bool
649
	 */
650
	function checkFolderName($str){
651
		return !( preg_match('#\^|\\\|\/|\.|\?|\*|"|\'|\<|\>|\:|\|#i', $str) ? TRUE : FALSE );
652
	}
653
654
	/**
655
	 * Check the given path to make sure current path is within given basedir
656
	 * normally document root
657
	 *
658
	 * @param String $sCurrentPath
659
	 * @param String $sBaseDir
660
	 * @return $sCurrentPath or FALSE
661
	 */
662
	function checkpath($sCurrentPath, $sBaseDir = WB_PATH){
663
		// Clean the cuurent path
664
        $sCurrentPath = rawurldecode($sCurrentPath);
665
        $sCurrentPath = realpath($sCurrentPath);
666
        $sBaseDir = realpath($sBaseDir);
667
		// $sBaseDir needs to exist in the $sCurrentPath
668
		$pos = stripos ($sCurrentPath, $sBaseDir );
669
670
		if ( $pos === FALSE ){
671
			return false;
672
		} elseif( $pos == 0 ) {
673
			return $sCurrentPath;
674
		} else {
675
			return false;
676
		}
677
	}
678
679 1777 Luisehahne
	/**
680
     *
681 1801 Luisehahne
     * remove <?php code ?>, [[text]], link, script, scriptblock and styleblock from a given string
682 1777 Luisehahne
     * and return the cleaned string
683
	 *
684
	 * @param string $sValue
685
     * @returns
686
     *    false: if @param is not a string
687
     *    string: cleaned string
688
	 */
689 1808 Luisehahne
	public function StripCodeFromText($sValue, $bPHPCode=false){
690 1777 Luisehahne
        if(!is_string($sValue)) { return false; }
691 1808 Luisehahne
        $sValue = ( ($bPHPCode==true) ? preg_replace ('/\[\[.*?\]\]\s*?|<\?php\s+.*\?>\s*?/isU', '', $sValue ) : $sValue );
692 1777 Luisehahne
        $sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU';
693
        return (preg_replace ($sPattern, '', $sValue));
694
	}
695
696
697 1365 Luisehahne
}