Project

General

Profile

1 1365 Luisehahne
<?php
2
/**
3
 *
4 1529 Luisehahne
 * @category        framework
5 1698 Luisehahne
 * @package         frontend
6 1782 Luisehahne
 * @author          Ryan Djurovich (2004-2009), WebsiteBaker Project
7 1698 Luisehahne
 * @copyright       2009-2012, WebsiteBaker Org. e.V.
8 1365 Luisehahne
 * @link			http://www.websitebaker2.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11 1374 Luisehahne
 * @requirements    PHP 5.2.2 and higher
12 1365 Luisehahne
 * @version         $Id$
13 1457 Luisehahne
 * @filesource		$HeadURL$
14
 * @lastmodified    $Date$
15 1365 Luisehahne
 *
16
 */
17 1496 DarkViper
/* -------------------------------------------------------- */
18
// Must include code to stop this file being accessed directly
19 1499 DarkViper
if(!defined('WB_PATH')) {
20
	require_once(dirname(__FILE__).'/globalExceptionHandler.php');
21
	throw new IllegalFileException();
22
}
23 1496 DarkViper
/* -------------------------------------------------------- */
24 1365 Luisehahne
// Include PHPLIB template class
25 1808 Luisehahne
if(!class_exists('Template', false)){ include(WB_PATH.'/include/phplib/template.inc'); }
26 1365 Luisehahne
// Include new wbmailer class (subclass of PHPmailer)
27 1808 Luisehahne
if(!class_exists('wbmailer', false)){ include(WB_PATH.'/framework/class.wbmailer.php'); }
28 1365 Luisehahne
29
class wb extends SecureForm
30
{
31
32 1457 Luisehahne
 	public $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+\@\$\&\:';	// General initialization function
33 1782 Luisehahne
34 1365 Luisehahne
	// performed when frontend or backend is loaded.
35 1394 Luisehahne
	public function  __construct($mode = SecureForm::FRONTEND) {
36
		parent::__construct($mode);
37 1365 Luisehahne
	}
38
39 1791 Luisehahne
/**
40
 *
41
 *
42
 * @return array of first visible language pages with defined fields
43
 *
44
 */
45
	public function GetLanguagesDetailsInUsed ( ) {
46
        global $database;
47 1796 Luisehahne
        $aRetval = array();
48 1791 Luisehahne
        $sql =
49
            'SELECT DISTINCT `language`'.
50
            ', `page_id`,`level`,`parent`,`root_parent`,`page_code`,`link`,`language`'.
51
            ', `visibility`,`viewing_groups`,`viewing_users`,`position` '.
52
            'FROM `'.TABLE_PREFIX.'pages` '.
53
            'WHERE `level`= \'0\' '.
54
              'AND `root_parent`=`page_id` '.
55
              'AND `visibility`!=\'none\' '.
56
              'AND `visibility`!=\'hidden\' '.
57
            'GROUP BY `language` '.
58
            'ORDER BY `position`';
59 1782 Luisehahne
60 1791 Luisehahne
            if($oRes = $database->query($sql))
61
            {
62
                while($page = $oRes->fetchRow(MYSQL_ASSOC))
63
                {
64
                    if(!$this->page_is_visible($page)) {continue;}
65 1796 Luisehahne
                    $aRetval[$page['language']] = $page;
66 1791 Luisehahne
                }
67
            }
68 1796 Luisehahne
        return $aRetval;
69 1782 Luisehahne
	}
70
71 1791 Luisehahne
/**
72
 *
73
 *
74
 * @return comma separate list of first visible languages
75
 *
76
 */
77
	public function GetLanguagesInUsed ( ) {
78 1796 Luisehahne
        return implode(',', array_keys($this->GetLanguagesDetailsInUsed()));
79
  	}
80 1782 Luisehahne
81
82 1834 Luisehahne
    /**
83
     * Created parse_url utf-8 compatible function
84
     *
85
     * @param string $url The string to decode
86
     * @return array Associative array containing the different components
87
     *
88
     */
89
    public function mb_parse_url($url) {
90
        $encodedUrl = preg_replace('%[^:/?#&=\.]+%usDe', 'urlencode(\'$0\')', $url);
91
        $components = parse_url($encodedUrl);
92
        foreach ($components as &$component)
93
            $component = urldecode($component);
94
        return $components;
95
    }
96
97 1373 Luisehahne
/* ****************
98 1440 Luisehahne
 * check if one or more group_ids are in both group_lists
99
 *
100
 * @access public
101
 * @param mixed $groups_list1: an array or a coma seperated list of group-ids
102
 * @param mixed $groups_list2: an array or a coma seperated list of group-ids
103
 * @param array &$matches: an array-var whitch will return possible matches
104
 * @return bool: true there is a match, otherwise false
105
 */
106 1698 Luisehahne
	public function is_group_match( $groups_list1 = '', $groups_list2 = '', &$matches = null )
107 1440 Luisehahne
	{
108
		if( $groups_list1 == '' ) { return false; }
109
		if( $groups_list2 == '' ) { return false; }
110
		if( !is_array($groups_list1) )
111
		{
112
			$groups_list1 = explode(',', $groups_list1);
113
		}
114
		if( !is_array($groups_list2) )
115
		{
116
			$groups_list2 = explode(',', $groups_list2);
117
		}
118
		$matches = array_intersect( $groups_list1, $groups_list2);
119
		return ( sizeof($matches) != 0 );
120
	}
121
/* ****************
122 1373 Luisehahne
 * check if current user is member of at least one of given groups
123
 * ADMIN (uid=1) always is treated like a member of any groups
124
 *
125
 * @access public
126
 * @param mixed $groups_list: an array or a coma seperated list of group-ids
127
 * @return bool: true if current user is member of one of this groups, otherwise false
128
 */
129 1698 Luisehahne
	public function ami_group_member( $groups_list = '' )
130 1373 Luisehahne
	{
131
		if( $this->get_user_id() == 1 ) { return true; }
132
		return $this->is_group_match( $groups_list, $this->get_groups_id() );
133
	}
134
135 1791 Luisehahne
// Check whether a page is visible or not.
136
// This will check page-visibility and user- and group-rights.
137
/* page_is_visible() returns
138
	false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
139
	true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
140
*/
141 1698 Luisehahne
	public function page_is_visible($page)
142 1365 Luisehahne
    {
143 1698 Luisehahne
		// First check if visibility is 'none', 'deleted'
144 1373 Luisehahne
		$show_it = false; // shall we show the page?
145 1698 Luisehahne
		switch( $page['visibility'] )
146
		{
147
			case 'none':
148
			case 'deleted':
149
				$show_it = false;
150
				break;
151
			case 'hidden':
152
			case 'public':
153
				$show_it = true;
154
				break;
155
			case 'private':
156
			case 'registered':
157
				if($this->is_authenticated() == true)
158
				{
159
					$show_it = ( $this->is_group_match($this->get_groups_id(), $page['viewing_groups']) ||
160
								 $this->is_group_match($this->get_user_id(), $page['viewing_users']) );
161
				}
162 1373 Luisehahne
		}
163
164 1365 Luisehahne
		return($show_it);
165
	}
166 1698 Luisehahne
167 1365 Luisehahne
	// Check if there is at least one active section on this page
168 1698 Luisehahne
	public function page_is_active($page)
169 1365 Luisehahne
    {
170
		global $database;
171
		$now = time();
172 1698 Luisehahne
		$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'sections` ';
173
		$sql .= 'WHERE ('.$now.' BETWEEN `publ_start` AND `publ_end`) OR ';
174
		$sql .=       '('.$now.' > `publ_start` AND `publ_end`=0) ';
175
		$sql .=       'AND `page_id`='.(int)$page['page_id'];
176
		return ($database->get_one($sql) != false);
177
   	}
178 1365 Luisehahne
179
	// Check whether we should show a page or not (for front-end)
180 1698 Luisehahne
	public function show_page($page)
181 1365 Luisehahne
    {
182 1698 Luisehahne
		if( !is_array($page) )
183
		{
184
			$sql  = 'SELECT `page_id`, `visibility`, `viewing_groups`, `viewing_users` ';
185
			$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page;
186
			if( ($res_pages = $database->query($sql))!= null )
187
			{
188
				if( !($page = $res_pages->fetchRow()) ) { return false; }
189
			}
190
		}
191
		return ($this->page_is_visible($page) && $this->page_is_active($page));
192 1365 Luisehahne
	}
193
194
	// Check if the user is already authenticated or not
195 1698 Luisehahne
	public function is_authenticated() {
196 1487 DarkViper
		$retval = ( isset($_SESSION['USER_ID']) AND
197
		            $_SESSION['USER_ID'] != "" AND
198
		            is_numeric($_SESSION['USER_ID']));
199
        return $retval;
200 1365 Luisehahne
	}
201
202
	// Modified addslashes function which takes into account magic_quotes
203
	function add_slashes($input) {
204 1487 DarkViper
		if( get_magic_quotes_gpc() || (!is_string($input)) ) {
205 1365 Luisehahne
			return $input;
206
		}
207 1487 DarkViper
		return addslashes($input);
208 1365 Luisehahne
	}
209
210
	// Ditto for stripslashes
211
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
212
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
213
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
214
	function strip_slashes($input) {
215
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
216
			return $input;
217
		}
218 1487 DarkViper
		return stripslashes($input);
219 1365 Luisehahne
	}
220
221
	// Escape backslashes for use with mySQL LIKE strings
222
	function escape_backslashes($input) {
223
		return str_replace("\\","\\\\",$input);
224
	}
225
226
	function page_link($link){
227
		// Check for :// in the link (used in URL's) as well as mailto:
228 1373 Luisehahne
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
229 1365 Luisehahne
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
230
		} else {
231
			return $link;
232
		}
233
	}
234 1698 Luisehahne
235 1365 Luisehahne
	// Get POST data
236
	function get_post($field) {
237 1487 DarkViper
		return (isset($_POST[$field]) ? $_POST[$field] : null);
238 1365 Luisehahne
	}
239
240
	// Get POST data and escape it
241
	function get_post_escaped($field) {
242
		$result = $this->get_post($field);
243
		return (is_null($result)) ? null : $this->add_slashes($result);
244
	}
245 1698 Luisehahne
246 1365 Luisehahne
	// Get GET data
247
	function get_get($field) {
248 1487 DarkViper
		return (isset($_GET[$field]) ? $_GET[$field] : null);
249 1365 Luisehahne
	}
250
251
	// Get SESSION data
252
	function get_session($field) {
253 1487 DarkViper
		return (isset($_SESSION[$field]) ? $_SESSION[$field] : null);
254 1365 Luisehahne
	}
255
256
	// Get SERVER data
257
	function get_server($field) {
258 1487 DarkViper
		return (isset($_SERVER[$field]) ? $_SERVER[$field] : null);
259 1365 Luisehahne
	}
260
261
	// Get the current users id
262
	function get_user_id() {
263 1511 Luisehahne
		return $this->get_session('USER_ID');
264 1365 Luisehahne
	}
265
266 1373 Luisehahne
	// Get the current users group id
267 1365 Luisehahne
	function get_group_id() {
268 1511 Luisehahne
		return $this->get_session('GROUP_ID');
269 1365 Luisehahne
	}
270
271
	// Get the current users group ids
272
	function get_groups_id() {
273 1511 Luisehahne
		return explode(",", $this->get_session('GROUPS_ID'));
274 1365 Luisehahne
	}
275
276
	// Get the current users group name
277
	function get_group_name() {
278 1511 Luisehahne
		return implode(",", $this->get_session('GROUP_NAME'));
279 1365 Luisehahne
	}
280
281
	// Get the current users group name
282
	function get_groups_name() {
283 1511 Luisehahne
		return $this->get_session('GROUP_NAME');
284 1365 Luisehahne
	}
285
286
	// Get the current users username
287
	function get_username() {
288 1511 Luisehahne
		return $this->get_session('USERNAME');
289 1365 Luisehahne
	}
290
291
	// Get the current users display name
292
	function get_display_name() {
293 1511 Luisehahne
		return $this->get_session('DISPLAY_NAME');
294 1365 Luisehahne
	}
295
296
	// Get the current users email address
297
	function get_email() {
298 1511 Luisehahne
		return $this->get_session('EMAIL');
299 1365 Luisehahne
	}
300
301
	// Get the current users home folder
302
	function get_home_folder() {
303 1511 Luisehahne
		return $this->get_session('HOME_FOLDER');
304 1365 Luisehahne
	}
305
306
	// Get the current users timezone
307
	function get_timezone() {
308 1872 Luisehahne
309
		return (isset($_SESSION['USE_DEFAULT_TIMEZONE']) ? '-72000' : $this->get_session('TIMEZONE'));
310 1365 Luisehahne
	}
311
312 1373 Luisehahne
	// Validate supplied email address
313
	function validate_email($email) {
314
		if(function_exists('idn_to_ascii')){ /* use pear if available */
315
			$email = idn_to_ascii($email);
316
		}else {
317
			require_once(WB_PATH.'/include/idna_convert/idna_convert.class.php');
318
			$IDN = new idna_convert();
319
			$email = $IDN->encode($email);
320
			unset($IDN);
321 1372 Luisehahne
		}
322 1378 Luisehahne
		// regex from NorHei 2011-01-11
323
		$retval = preg_match("/^((([!#$%&'*+\\-\/\=?^_`{|}~\w])|([!#$%&'*+\\-\/\=?^_`{|}~\w][!#$%&'*+\\-\/\=?^_`{|}~\.\w]{0,}[!#$%&'*+\\-\/\=?^_`{|}~\w]))[@]\w+(([-.]|\-\-)\w+)*\.\w+(([-.]|\-\-)\w+)*)$/", $email);
324
		return ($retval != false);
325 1372 Luisehahne
	}
326
327 1698 Luisehahne
	/**
328
     * replace header('Location:...  with new method
329
	 * if header send failed you get a manuell redirected link, so script don't break
330 1777 Luisehahne
	 *
331 1698 Luisehahne
	 * @param string $location, redirected url
332
	 * @return void
333
	 */
334
	public function send_header ($location) {
335
		if(!headers_sent()) {
336
			header('Location: '.$location);
337
		    exit(0);
338
		} else {
339
//			$aDebugBacktrace = debug_backtrace();
340
//			array_walk( $aDebugBacktrace, create_function( '$a,$b', 'print "<br /><b>". basename( $a[\'file\'] ). "</b> &nbsp; <font color=\"red\">{$a[\'line\']}</font> &nbsp; <font color=\"green\">{$a[\'function\']} ()</font> &nbsp; -- ". dirname( $a[\'file\'] ). "/";' ) );
341
		    $msg =  "<div style=\"text-align:center;\"><h2>An error has occurred</h2><p>The <strong>Redirect</strong> could not be start automatically.\n" .
342
		         "Please click <a style=\"font-weight:bold;\" " .
343
		         "href=\"".$location."\">on this link</a> to continue!</p></div>\n";
344
345
			throw new AppException($msg);
346
		}
347
	}
348
349 1372 Luisehahne
/* ****************
350 1365 Luisehahne
 * set one or more bit in a integer value
351
 *
352
 * @access public
353
 * @param int $value: reference to the integer, containing the value
354
 * @param int $bits2set: the bitmask witch shall be added to value
355
 * @return void
356
 */
357
	function bit_set( &$value, $bits2set )
358
	{
359
		$value |= $bits2set;
360
	}
361
362
/* ****************
363
 * reset one or more bit from a integer value
364
 *
365
 * @access public
366
 * @param int $value: reference to the integer, containing the value
367
 * @param int $bits2reset: the bitmask witch shall be removed from value
368
 * @return void
369
 */
370
	function bit_reset( &$value, $bits2reset)
371
	{
372
		$value &= ~$bits2reset;
373
	}
374
375
/* ****************
376
 * check if one or more bit in a integer value are set
377
 *
378
 * @access public
379
 * @param int $value: reference to the integer, containing the value
380
 * @param int $bits2set: the bitmask witch shall be added to value
381
 * @return void
382
 */
383
	function bit_isset( $value, $bits2test )
384
	{
385
		return (($value & $bits2test) == $bits2test);
386
	}
387
388
	// Print a success message which then automatically redirects the user to another page
389 1373 Luisehahne
	function print_success( $message, $redirect = 'index.php' ) {
390 1365 Luisehahne
	    global $TEXT;
391 1443 Luisehahne
        if(is_array($message)) {
392
           $message = implode ('<br />',$message);
393
        }
394 1373 Luisehahne
	    // fetch redirect timer for sucess messages from settings table
395 1397 Luisehahne
	    $redirect_timer = ((defined( 'REDIRECT_TIMER' )) && (REDIRECT_TIMER <= 10000)) ? REDIRECT_TIMER : 0;
396 1365 Luisehahne
	    // add template variables
397 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
398 1625 Luisehahne
		$tpl = new Template(dirname($this->correct_theme_source('success.htt')));
399 1365 Luisehahne
	    $tpl->set_file( 'page', 'success.htt' );
400
	    $tpl->set_block( 'page', 'main_block', 'main' );
401 1373 Luisehahne
	    $tpl->set_block( 'main_block', 'show_redirect_block', 'show_redirect' );
402
	    $tpl->set_var( 'MESSAGE', $message );
403
	    $tpl->set_var( 'REDIRECT', $redirect );
404
	    $tpl->set_var( 'REDIRECT_TIMER', $redirect_timer );
405 1372 Luisehahne
	    $tpl->set_var( 'NEXT', $TEXT['NEXT'] );
406
	    $tpl->set_var( 'BACK', $TEXT['BACK'] );
407 1397 Luisehahne
	    if ($redirect_timer == -1) {
408 1365 Luisehahne
	        $tpl->set_block( 'show_redirect', '' );
409 1373 Luisehahne
	    }
410
	    else {
411 1365 Luisehahne
	        $tpl->parse( 'show_redirect', 'show_redirect_block', true );
412
	    }
413
	    $tpl->parse( 'main', 'main_block', false );
414
	    $tpl->pparse( 'output', 'page' );
415
	}
416
417
	// Print an error message
418 1373 Luisehahne
	function print_error($message, $link = 'index.php', $auto_footer = true) {
419 1365 Luisehahne
		global $TEXT;
420 1443 Luisehahne
        if(is_array($message)) {
421
           $message = implode ('<br />',$message);
422
        }
423 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
424 1625 Luisehahne
		$success_template = new Template(dirname($this->correct_theme_source('error.htt')));
425 1365 Luisehahne
		$success_template->set_file('page', 'error.htt');
426
		$success_template->set_block('page', 'main_block', 'main');
427
		$success_template->set_var('MESSAGE', $message);
428
		$success_template->set_var('LINK', $link);
429
		$success_template->set_var('BACK', $TEXT['BACK']);
430
		$success_template->parse('main', 'main_block', false);
431
		$success_template->pparse('output', 'page');
432
		if ( $auto_footer == true ) {
433
			if ( method_exists($this, "print_footer") ) {
434
				$this->print_footer();
435
			}
436
		}
437
		exit();
438
	}
439 1684 Luisehahne
/*
440
 * @param string $message: the message to format
441
 * @param string $status:  ('ok' / 'error' / '') status defines the apereance of the box
442
 * @return string: the html-formatted message (using template 'message.htt')
443
 */
444
	public function format_message($message, $status = 'ok')
445
	{
446
		$id = uniqid('x');
447
		$tpl = new Template(dirname($this->correct_theme_source('message.htt')));
448
		$tpl->set_file('page', 'message.htt');
449
		$tpl->set_block('page', 'main_block', 'main');
450
		$tpl->set_var('MESSAGE', $message);
451
 	    $tpl->set_var( 'THEME_URL', THEME_URL );
452
		$tpl->set_var( 'ID', $id );
453
		if($status == 'ok' || $status == 'error' || $status = 'warning')
454
		{
455
			$tpl->set_var('BOX_STATUS', ' box-'.$status);
456
		}else
457
		{
458
			$tpl->set_var('BOX_STATUS', '');
459
		}
460
		$tpl->set_var('STATUS', $status);
461
		if(!defined('REDIRECT_TIMER') ) { define('REDIRECT_TIMER', -1); }
462
		$retval = '';
463
		if( $status != 'error' )
464
		{
465
			switch(REDIRECT_TIMER):
466
				case 0: // do not show message
467
					unset($tpl);
468
					break;
469
				case -1: // show message permanently
470
					$tpl->parse('main', 'main_block', false);
471
					$retval = $tpl->finish($tpl->parse('output', 'page', false));
472
					unset($tpl);
473
					break;
474
				default: // hide message after REDIRECTOR_TIMER milliseconds
475
					$retval = '<script type="text/javascript">/* <![CDATA[ */ function '.$id.'_hide() {'.
476
							  'document.getElementById(\''.$id.'\').style.display = \'none\';}'.
477
							  'window.setTimeout(\''.$id.'_hide()\', '.REDIRECT_TIMER.');/* ]]> */ </script>';
478
					$tpl->parse('main', 'main_block', false);
479
					$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
480
					unset($tpl);
481
			endswitch;
482
		}else
483
		{
484
			$tpl->parse('main', 'main_block', false);
485
			$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
486
			unset($tpl);
487
		}
488
		return $retval;
489
	}
490 1782 Luisehahne
/*
491
 * @param string $type: 'locked'(default)  or 'new'
492
 * @return void: terminates application
493
 * @description: 'locked' >> Show maintenance screen and terminate, if system is locked
494
 *               'new' >> Show 'new site under construction'(former print_under_construction)
495
 */
496
	public function ShowMaintainScreen($type = 'locked')
497
	{
498
		global $database, $MESSAGE;
499
		$CHECK_BACK = $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'];
500
		$BE_PATIENT = '';
501
		$LANGUAGE   = strtolower((isset($_SESSION['LANGUAGE']) ? $_SESSION['LANGUAGE'] : LANGUAGE ));
502 1365 Luisehahne
503 1782 Luisehahne
		$show_screen = false;
504
		if($type == 'locked')
505
		{
506
			$curr_user = (intval(isset($_SESSION['USER_ID']) ? $_SESSION['USER_ID'] : 0) ) ;
507
			if( (defined('SYSTEM_LOCKED') && (int)SYSTEM_LOCKED == 1) && ($curr_user != 1))
508
			{
509
				header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
510
	// first kick logged users out of the system
511
		// delete all remember keys from table 'user' except user_id=1
512
				$sql  = 'UPDATE `'.TABLE_PREFIX.'users` SET `remember_key`=\'\' ';
513
				$sql .= 'WHERE `user_id`<>1';
514
				$database->query($sql);
515
		// delete remember key-cookie if set
516
				if (isset($_COOKIE['REMEMBER_KEY'])) {
517
					setcookie('REMEMBER_KEY', '', time() - 3600, '/');
518
				}
519
		// overwrite session array
520
				$_SESSION = array();
521
		// delete session cookie if set
522
				if (ini_get("session.use_cookies")) {
523
					$params = session_get_cookie_params();
524
					setcookie(session_name(), '', time() - 42000, $params["path"],
525
						$params["domain"], $params["secure"], $params["httponly"]
526
					);
527
				}
528
		// delete the session itself
529
				session_destroy();
530
				$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_LOCKED'];
531
				$BE_PATIENT = $MESSAGE['GENERIC_BE_PATIENT'];
532
				$PAGE_ICON  = 'system';
533
				$show_screen = true;
534
			}
535
		} else {
536
			header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
537
			$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'];
538
			$PAGE_ICON  = 'negative';
539
			$show_screen = true;
540
		}
541
		if($show_screen)
542
		{
543 1808 Luisehahne
            $sMaintanceFile = $this->correct_theme_source('maintenance.htt');
544 1782 Luisehahne
    		if(file_exists($sMaintanceFile))
545
    		{
546
                $tpl = new Template(dirname( $sMaintanceFile ));
547 1808 Luisehahne
    		    $tpl->set_file( 'page', 'maintenance.htt' );
548 1782 Luisehahne
    		    $tpl->set_block( 'page', 'main_block', 'main' );
549
550
    			if(defined('DEFAULT_CHARSET'))
551
    			{
552
    				$charset=DEFAULT_CHARSET;
553
    			} else {
554
    				$charset='utf-8';
555
    			}
556
    		    $tpl->set_var( 'PAGE_TITLE', $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'] );
557
    	 	    $tpl->set_var( 'CHECK_BACK', $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'] );
558
    	 	    $tpl->set_var( 'CHARSET', $charset );
559
    	 	    $tpl->set_var( 'WB_URL', WB_URL );
560
    	 	    $tpl->set_var( 'BE_PATIENT', $BE_PATIENT );
561
    	 	    $tpl->set_var( 'THEME_URL', THEME_URL );
562
    			$tpl->set_var( 'PAGE_ICON', $PAGE_ICON);
563
    			$tpl->set_var( 'LANGUAGE', strtolower(LANGUAGE));
564
    		    $tpl->parse( 'main', 'main_block', false );
565
    		    $tpl->pparse( 'output', 'page' );
566
                exit();
567
    		} else {
568
    		 require_once(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php');
569
    		echo '<!DOCTYPE html PUBLIC "-W3CDTD XHTML 1.0 TransitionalEN" "http:www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
570
    		<head><title>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</title>
571
    		<style type="text/css"><!-- body{ font-family: Verdana, Arial, Helvetica, sans-serif;font-size: 12px; background-image: url("'.WB_URL.'/templates/'.DEFAULT_THEME.'/images/background.png");background-repeat: repeat-x; background-color: #A8BCCB; text-align: center; }
572
    		h1 { margin: 0; padding: 0; font-size: 18px; color: #000; text-transform: uppercase;}--></style></head><body>
573
    		<br /><h1>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</h1><br />
574
    		'.$MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'].'</body></html>';
575
    		}
576
    		flush();
577
            exit();
578
		}
579
	}
580
581 1365 Luisehahne
	// Validate send email
582 1650 darkviper
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='', $replyTo='') {
583 1698 Luisehahne
/*
584 1487 DarkViper
	INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
585
	SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
586
	NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
587 1365 Luisehahne
588 1487 DarkViper
	NOTE:
589
	To use SMTP for sending out mails, you have to specify the SMTP host of your domain
590
	via the Settings panel in the backend of Website Baker
591 1698 Luisehahne
*/
592 1365 Luisehahne
593
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
594
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
595
		$subject = preg_replace('/[\r\n]/', '', $subject);
596 1650 darkviper
		$replyTo = preg_replace('/[\r\n]/', '', $replyTo);
597 1463 Luisehahne
		// $message_alt = $message;
598
		// $message = preg_replace('/[\r\n]/', '<br \>', $message);
599
600 1365 Luisehahne
		// create PHPMailer object and define default settings
601
		$myMail = new wbmailer();
602
		// set user defined from address
603
		if ($fromaddress!='') {
604 1487 DarkViper
			if($fromname!='') $myMail->FromName = $fromname;  // FROM-NAME
605
			$myMail->From = $fromaddress;                     // FROM:
606 1650 darkviper
//			$myMail->AddReplyTo($fromaddress);                // REPLY TO:
607
		}
608
		if($replyTo) {
609 1655 Luisehahne
			$myMail->AddReplyTo($replyTo);                // REPLY TO:
610 1365 Luisehahne
		}
611
		// define recepient and information to send out
612 1487 DarkViper
		$myMail->AddAddress($toaddress);                      // TO:
613
		$myMail->Subject = $subject;                          // SUBJECT
614
		$myMail->Body = nl2br($message);                      // CONTENT (HTML)
615
		$myMail->AltBody = strip_tags($message);              // CONTENT (TEXT)
616 1365 Luisehahne
		// check if there are any send mail errors, otherwise say successful
617
		if (!$myMail->Send()) {
618
			return false;
619
		} else {
620
			return true;
621
		}
622
	}
623
624 1625 Luisehahne
	 /**
625
	  * checks if there is an alternative Theme template
626
	  *
627
	  * @param string $sThemeFile set the template.htt
628
	  * @return string the relative theme path
629
	  *
630
	  */
631
        function correct_theme_source($sThemeFile = 'start.htt') {
632
		$sRetval = $sThemeFile;
633
		if (file_exists(THEME_PATH.'/templates/'.$sThemeFile )) {
634
			$sRetval = THEME_PATH.'/templates/'.$sThemeFile;
635
		} else {
636 1641 Luisehahne
			if (file_exists(ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile ) ) {
637
			$sRetval = ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile;
638 1625 Luisehahne
			} else {
639
				throw new InvalidArgumentException('missing template file '.$sThemeFile);
640
			}
641
		}
642
		return $sRetval;
643
        }
644 1529 Luisehahne
645
	/**
646
	 * Check if a foldername doesn't have invalid characters
647
	 *
648
	 * @param String $str to check
649
	 * @return Bool
650
	 */
651
	function checkFolderName($str){
652
		return !( preg_match('#\^|\\\|\/|\.|\?|\*|"|\'|\<|\>|\:|\|#i', $str) ? TRUE : FALSE );
653
	}
654
655
	/**
656
	 * Check the given path to make sure current path is within given basedir
657
	 * normally document root
658
	 *
659
	 * @param String $sCurrentPath
660
	 * @param String $sBaseDir
661
	 * @return $sCurrentPath or FALSE
662
	 */
663
	function checkpath($sCurrentPath, $sBaseDir = WB_PATH){
664
		// Clean the cuurent path
665
        $sCurrentPath = rawurldecode($sCurrentPath);
666
        $sCurrentPath = realpath($sCurrentPath);
667
        $sBaseDir = realpath($sBaseDir);
668
		// $sBaseDir needs to exist in the $sCurrentPath
669
		$pos = stripos ($sCurrentPath, $sBaseDir );
670
671
		if ( $pos === FALSE ){
672
			return false;
673
		} elseif( $pos == 0 ) {
674
			return $sCurrentPath;
675
		} else {
676
			return false;
677
		}
678
	}
679
680 1777 Luisehahne
	/**
681
     *
682 1801 Luisehahne
     * remove <?php code ?>, [[text]], link, script, scriptblock and styleblock from a given string
683 1777 Luisehahne
     * and return the cleaned string
684
	 *
685
	 * @param string $sValue
686
     * @returns
687
     *    false: if @param is not a string
688
     *    string: cleaned string
689
	 */
690 1808 Luisehahne
	public function StripCodeFromText($sValue, $bPHPCode=false){
691 1777 Luisehahne
        if(!is_string($sValue)) { return false; }
692 1808 Luisehahne
        $sValue = ( ($bPHPCode==true) ? preg_replace ('/\[\[.*?\]\]\s*?|<\?php\s+.*\?>\s*?/isU', '', $sValue ) : $sValue );
693 1777 Luisehahne
        $sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU';
694
        return (preg_replace ($sPattern, '', $sValue));
695
	}
696
697
698 1365 Luisehahne
}