Project

General

Profile

1
<?php
2
/**
3
 *
4
 * @category        framework
5
 * @package         frontend
6
 * @author          Ryan Djurovich (2004-2009), WebsiteBaker Project
7
 * @copyright       2009-2012, WebsiteBaker Org. e.V.
8
 * @link			http://www.websitebaker2.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11
 * @requirements    PHP 5.2.2 and higher
12
 * @version         $Id: class.wb.php 1872 2013-02-25 11:48:24Z Luisehahne $
13
 * @filesource		$HeadURL: svn://isteam.dynxs.de/wb-archiv/branches/2.8.x/wb/framework/class.wb.php $
14
 * @lastmodified    $Date: 2013-02-25 12:48:24 +0100 (Mon, 25 Feb 2013) $
15
 *
16
 */
17
/* -------------------------------------------------------- */
18
// Must include code to stop this file being accessed directly
19
if(!defined('WB_PATH')) {
20
	require_once(dirname(__FILE__).'/globalExceptionHandler.php');
21
	throw new IllegalFileException();
22
}
23
/* -------------------------------------------------------- */
24
// Include PHPLIB template class
25
if(!class_exists('Template', false)){ include(WB_PATH.'/include/phplib/template.inc'); }
26
// Include new wbmailer class (subclass of PHPmailer)
27
if(!class_exists('wbmailer', false)){ include(WB_PATH.'/framework/class.wbmailer.php'); }
28

    
29
class wb extends SecureForm
30
{
31

    
32
 	public $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+\@\$\&\:';	// General initialization function
33

    
34
	// performed when frontend or backend is loaded.
35
	public function  __construct($mode = SecureForm::FRONTEND) {
36
		parent::__construct($mode);
37
	}
38

    
39
/**
40
 *
41
 *
42
 * @return array of first visible language pages with defined fields
43
 *
44
 */
45
	public function GetLanguagesDetailsInUsed ( ) {
46
        global $database;
47
        $aRetval = array();
48
        $sql =
49
            'SELECT DISTINCT `language`'.
50
            ', `page_id`,`level`,`parent`,`root_parent`,`page_code`,`link`,`language`'.
51
            ', `visibility`,`viewing_groups`,`viewing_users`,`position` '.
52
            'FROM `'.TABLE_PREFIX.'pages` '.
53
            'WHERE `level`= \'0\' '.
54
              'AND `root_parent`=`page_id` '.
55
              'AND `visibility`!=\'none\' '.
56
              'AND `visibility`!=\'hidden\' '.
57
            'GROUP BY `language` '.
58
            'ORDER BY `position`';
59

    
60
            if($oRes = $database->query($sql))
61
            {
62
                while($page = $oRes->fetchRow(MYSQL_ASSOC))
63
                {
64
                    if(!$this->page_is_visible($page)) {continue;}
65
                    $aRetval[$page['language']] = $page;
66
                }
67
            }
68
        return $aRetval;
69
	}
70

    
71
/**
72
 *
73
 *
74
 * @return comma separate list of first visible languages
75
 *
76
 */
77
	public function GetLanguagesInUsed ( ) {
78
        return implode(',', array_keys($this->GetLanguagesDetailsInUsed()));
79
  	}
80

    
81

    
82
    /**
83
     * Created parse_url utf-8 compatible function
84
     * 
85
     * @param string $url The string to decode
86
     * @return array Associative array containing the different components
87
     * 
88
     */
89
    public function mb_parse_url($url) {
90
        $encodedUrl = preg_replace('%[^:/?#&=\.]+%usDe', 'urlencode(\'$0\')', $url);
91
        $components = parse_url($encodedUrl);
92
        foreach ($components as &$component)
93
            $component = urldecode($component);
94
        return $components;
95
    }
96

    
97
/* ****************
98
 * check if one or more group_ids are in both group_lists
99
 *
100
 * @access public
101
 * @param mixed $groups_list1: an array or a coma seperated list of group-ids
102
 * @param mixed $groups_list2: an array or a coma seperated list of group-ids
103
 * @param array &$matches: an array-var whitch will return possible matches
104
 * @return bool: true there is a match, otherwise false
105
 */
106
	public function is_group_match( $groups_list1 = '', $groups_list2 = '', &$matches = null )
107
	{
108
		if( $groups_list1 == '' ) { return false; }
109
		if( $groups_list2 == '' ) { return false; }
110
		if( !is_array($groups_list1) )
111
		{
112
			$groups_list1 = explode(',', $groups_list1);
113
		}
114
		if( !is_array($groups_list2) )
115
		{
116
			$groups_list2 = explode(',', $groups_list2);
117
		}
118
		$matches = array_intersect( $groups_list1, $groups_list2);
119
		return ( sizeof($matches) != 0 );
120
	}
121
/* ****************
122
 * check if current user is member of at least one of given groups
123
 * ADMIN (uid=1) always is treated like a member of any groups
124
 *
125
 * @access public
126
 * @param mixed $groups_list: an array or a coma seperated list of group-ids
127
 * @return bool: true if current user is member of one of this groups, otherwise false
128
 */
129
	public function ami_group_member( $groups_list = '' )
130
	{
131
		if( $this->get_user_id() == 1 ) { return true; }
132
		return $this->is_group_match( $groups_list, $this->get_groups_id() );
133
	}
134

    
135
// Check whether a page is visible or not.
136
// This will check page-visibility and user- and group-rights.
137
/* page_is_visible() returns
138
	false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
139
	true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
140
*/
141
	public function page_is_visible($page)
142
    {
143
		// First check if visibility is 'none', 'deleted'
144
		$show_it = false; // shall we show the page?
145
		switch( $page['visibility'] )
146
		{
147
			case 'none':
148
			case 'deleted':
149
				$show_it = false;
150
				break;
151
			case 'hidden':
152
			case 'public':
153
				$show_it = true;
154
				break;
155
			case 'private':
156
			case 'registered':
157
				if($this->is_authenticated() == true)
158
				{
159
					$show_it = ( $this->is_group_match($this->get_groups_id(), $page['viewing_groups']) ||
160
								 $this->is_group_match($this->get_user_id(), $page['viewing_users']) );
161
				}
162
		}
163

    
164
		return($show_it);
165
	}
166

    
167
	// Check if there is at least one active section on this page
168
	public function page_is_active($page)
169
    {
170
		global $database;
171
		$now = time();
172
		$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'sections` ';
173
		$sql .= 'WHERE ('.$now.' BETWEEN `publ_start` AND `publ_end`) OR ';
174
		$sql .=       '('.$now.' > `publ_start` AND `publ_end`=0) ';
175
		$sql .=       'AND `page_id`='.(int)$page['page_id'];
176
		return ($database->get_one($sql) != false);
177
   	}
178

    
179
	// Check whether we should show a page or not (for front-end)
180
	public function show_page($page)
181
    {
182
		if( !is_array($page) )
183
		{
184
			$sql  = 'SELECT `page_id`, `visibility`, `viewing_groups`, `viewing_users` ';
185
			$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page;
186
			if( ($res_pages = $database->query($sql))!= null )
187
			{
188
				if( !($page = $res_pages->fetchRow()) ) { return false; }
189
			}
190
		}
191
		return ($this->page_is_visible($page) && $this->page_is_active($page));
192
	}
193

    
194
	// Check if the user is already authenticated or not
195
	public function is_authenticated() {
196
		$retval = ( isset($_SESSION['USER_ID']) AND
197
		            $_SESSION['USER_ID'] != "" AND
198
		            is_numeric($_SESSION['USER_ID']));
199
        return $retval;
200
	}
201

    
202
	// Modified addslashes function which takes into account magic_quotes
203
	function add_slashes($input) {
204
		if( get_magic_quotes_gpc() || (!is_string($input)) ) {
205
			return $input;
206
		}
207
		return addslashes($input);
208
	}
209

    
210
	// Ditto for stripslashes
211
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
212
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
213
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
214
	function strip_slashes($input) {
215
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
216
			return $input;
217
		}
218
		return stripslashes($input);
219
	}
220

    
221
	// Escape backslashes for use with mySQL LIKE strings
222
	function escape_backslashes($input) {
223
		return str_replace("\\","\\\\",$input);
224
	}
225

    
226
	function page_link($link){
227
		// Check for :// in the link (used in URL's) as well as mailto:
228
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
229
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
230
		} else {
231
			return $link;
232
		}
233
	}
234

    
235
	// Get POST data
236
	function get_post($field) {
237
		return (isset($_POST[$field]) ? $_POST[$field] : null);
238
	}
239

    
240
	// Get POST data and escape it
241
	function get_post_escaped($field) {
242
		$result = $this->get_post($field);
243
		return (is_null($result)) ? null : $this->add_slashes($result);
244
	}
245

    
246
	// Get GET data
247
	function get_get($field) {
248
		return (isset($_GET[$field]) ? $_GET[$field] : null);
249
	}
250

    
251
	// Get SESSION data
252
	function get_session($field) {
253
		return (isset($_SESSION[$field]) ? $_SESSION[$field] : null);
254
	}
255

    
256
	// Get SERVER data
257
	function get_server($field) {
258
		return (isset($_SERVER[$field]) ? $_SERVER[$field] : null);
259
	}
260

    
261
	// Get the current users id
262
	function get_user_id() {
263
		return $this->get_session('USER_ID');
264
	}
265

    
266
	// Get the current users group id
267
	function get_group_id() {
268
		return $this->get_session('GROUP_ID');
269
	}
270

    
271
	// Get the current users group ids
272
	function get_groups_id() {
273
		return explode(",", $this->get_session('GROUPS_ID'));
274
	}
275

    
276
	// Get the current users group name
277
	function get_group_name() {
278
		return implode(",", $this->get_session('GROUP_NAME'));
279
	}
280

    
281
	// Get the current users group name
282
	function get_groups_name() {
283
		return $this->get_session('GROUP_NAME');
284
	}
285

    
286
	// Get the current users username
287
	function get_username() {
288
		return $this->get_session('USERNAME');
289
	}
290

    
291
	// Get the current users display name
292
	function get_display_name() {
293
		return $this->get_session('DISPLAY_NAME');
294
	}
295

    
296
	// Get the current users email address
297
	function get_email() {
298
		return $this->get_session('EMAIL');
299
	}
300

    
301
	// Get the current users home folder
302
	function get_home_folder() {
303
		return $this->get_session('HOME_FOLDER');
304
	}
305

    
306
	// Get the current users timezone
307
	function get_timezone() {
308
		
309
		return (isset($_SESSION['USE_DEFAULT_TIMEZONE']) ? '-72000' : $this->get_session('TIMEZONE'));
310
	}
311

    
312
	// Validate supplied email address
313
	function validate_email($email) {
314
		if(function_exists('idn_to_ascii')){ /* use pear if available */
315
			$email = idn_to_ascii($email);
316
		}else {
317
			require_once(WB_PATH.'/include/idna_convert/idna_convert.class.php');
318
			$IDN = new idna_convert();
319
			$email = $IDN->encode($email);
320
			unset($IDN);
321
		}
322
		// regex from NorHei 2011-01-11
323
		$retval = preg_match("/^((([!#$%&'*+\\-\/\=?^_`{|}~\w])|([!#$%&'*+\\-\/\=?^_`{|}~\w][!#$%&'*+\\-\/\=?^_`{|}~\.\w]{0,}[!#$%&'*+\\-\/\=?^_`{|}~\w]))[@]\w+(([-.]|\-\-)\w+)*\.\w+(([-.]|\-\-)\w+)*)$/", $email);
324
		return ($retval != false);
325
	}
326

    
327
	/**
328
     * replace header('Location:...  with new method
329
	 * if header send failed you get a manuell redirected link, so script don't break
330
	 *
331
	 * @param string $location, redirected url
332
	 * @return void
333
	 */
334
	public function send_header ($location) {
335
		if(!headers_sent()) {
336
			header('Location: '.$location);
337
		    exit(0);
338
		} else {
339
//			$aDebugBacktrace = debug_backtrace();
340
//			array_walk( $aDebugBacktrace, create_function( '$a,$b', 'print "<br /><b>". basename( $a[\'file\'] ). "</b> &nbsp; <font color=\"red\">{$a[\'line\']}</font> &nbsp; <font color=\"green\">{$a[\'function\']} ()</font> &nbsp; -- ". dirname( $a[\'file\'] ). "/";' ) );
341
		    $msg =  "<div style=\"text-align:center;\"><h2>An error has occurred</h2><p>The <strong>Redirect</strong> could not be start automatically.\n" .
342
		         "Please click <a style=\"font-weight:bold;\" " .
343
		         "href=\"".$location."\">on this link</a> to continue!</p></div>\n";
344

    
345
			throw new AppException($msg);
346
		}
347
	}
348

    
349
/* ****************
350
 * set one or more bit in a integer value
351
 *
352
 * @access public
353
 * @param int $value: reference to the integer, containing the value
354
 * @param int $bits2set: the bitmask witch shall be added to value
355
 * @return void
356
 */
357
	function bit_set( &$value, $bits2set )
358
	{
359
		$value |= $bits2set;
360
	}
361

    
362
/* ****************
363
 * reset one or more bit from a integer value
364
 *
365
 * @access public
366
 * @param int $value: reference to the integer, containing the value
367
 * @param int $bits2reset: the bitmask witch shall be removed from value
368
 * @return void
369
 */
370
	function bit_reset( &$value, $bits2reset)
371
	{
372
		$value &= ~$bits2reset;
373
	}
374

    
375
/* ****************
376
 * check if one or more bit in a integer value are set
377
 *
378
 * @access public
379
 * @param int $value: reference to the integer, containing the value
380
 * @param int $bits2set: the bitmask witch shall be added to value
381
 * @return void
382
 */
383
	function bit_isset( $value, $bits2test )
384
	{
385
		return (($value & $bits2test) == $bits2test);
386
	}
387

    
388
	// Print a success message which then automatically redirects the user to another page
389
	function print_success( $message, $redirect = 'index.php' ) {
390
	    global $TEXT;
391
        if(is_array($message)) {
392
           $message = implode ('<br />',$message);
393
        }
394
	    // fetch redirect timer for sucess messages from settings table
395
	    $redirect_timer = ((defined( 'REDIRECT_TIMER' )) && (REDIRECT_TIMER <= 10000)) ? REDIRECT_TIMER : 0;
396
	    // add template variables
397
		// Setup template object, parse vars to it, then parse it
398
		$tpl = new Template(dirname($this->correct_theme_source('success.htt')));
399
	    $tpl->set_file( 'page', 'success.htt' );
400
	    $tpl->set_block( 'page', 'main_block', 'main' );
401
	    $tpl->set_block( 'main_block', 'show_redirect_block', 'show_redirect' );
402
	    $tpl->set_var( 'MESSAGE', $message );
403
	    $tpl->set_var( 'REDIRECT', $redirect );
404
	    $tpl->set_var( 'REDIRECT_TIMER', $redirect_timer );
405
	    $tpl->set_var( 'NEXT', $TEXT['NEXT'] );
406
	    $tpl->set_var( 'BACK', $TEXT['BACK'] );
407
	    if ($redirect_timer == -1) {
408
	        $tpl->set_block( 'show_redirect', '' );
409
	    }
410
	    else {
411
	        $tpl->parse( 'show_redirect', 'show_redirect_block', true );
412
	    }
413
	    $tpl->parse( 'main', 'main_block', false );
414
	    $tpl->pparse( 'output', 'page' );
415
	}
416

    
417
	// Print an error message
418
	function print_error($message, $link = 'index.php', $auto_footer = true) {
419
		global $TEXT;
420
        if(is_array($message)) {
421
           $message = implode ('<br />',$message);
422
        }
423
		// Setup template object, parse vars to it, then parse it
424
		$success_template = new Template(dirname($this->correct_theme_source('error.htt')));
425
		$success_template->set_file('page', 'error.htt');
426
		$success_template->set_block('page', 'main_block', 'main');
427
		$success_template->set_var('MESSAGE', $message);
428
		$success_template->set_var('LINK', $link);
429
		$success_template->set_var('BACK', $TEXT['BACK']);
430
		$success_template->parse('main', 'main_block', false);
431
		$success_template->pparse('output', 'page');
432
		if ( $auto_footer == true ) {
433
			if ( method_exists($this, "print_footer") ) {
434
				$this->print_footer();
435
			}
436
		}
437
		exit();
438
	}
439
/*
440
 * @param string $message: the message to format
441
 * @param string $status:  ('ok' / 'error' / '') status defines the apereance of the box
442
 * @return string: the html-formatted message (using template 'message.htt')
443
 */
444
	public function format_message($message, $status = 'ok')
445
	{
446
		$id = uniqid('x');
447
		$tpl = new Template(dirname($this->correct_theme_source('message.htt')));
448
		$tpl->set_file('page', 'message.htt');
449
		$tpl->set_block('page', 'main_block', 'main');
450
		$tpl->set_var('MESSAGE', $message);
451
 	    $tpl->set_var( 'THEME_URL', THEME_URL );
452
		$tpl->set_var( 'ID', $id );
453
		if($status == 'ok' || $status == 'error' || $status = 'warning')
454
		{
455
			$tpl->set_var('BOX_STATUS', ' box-'.$status);
456
		}else
457
		{
458
			$tpl->set_var('BOX_STATUS', '');
459
		}
460
		$tpl->set_var('STATUS', $status);
461
		if(!defined('REDIRECT_TIMER') ) { define('REDIRECT_TIMER', -1); }
462
		$retval = '';
463
		if( $status != 'error' )
464
		{
465
			switch(REDIRECT_TIMER):
466
				case 0: // do not show message
467
					unset($tpl);
468
					break;
469
				case -1: // show message permanently
470
					$tpl->parse('main', 'main_block', false);
471
					$retval = $tpl->finish($tpl->parse('output', 'page', false));
472
					unset($tpl);
473
					break;
474
				default: // hide message after REDIRECTOR_TIMER milliseconds
475
					$retval = '<script type="text/javascript">/* <![CDATA[ */ function '.$id.'_hide() {'.
476
							  'document.getElementById(\''.$id.'\').style.display = \'none\';}'.
477
							  'window.setTimeout(\''.$id.'_hide()\', '.REDIRECT_TIMER.');/* ]]> */ </script>';
478
					$tpl->parse('main', 'main_block', false);
479
					$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
480
					unset($tpl);
481
			endswitch;
482
		}else
483
		{
484
			$tpl->parse('main', 'main_block', false);
485
			$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
486
			unset($tpl);
487
		}
488
		return $retval;
489
	}
490
/*
491
 * @param string $type: 'locked'(default)  or 'new'
492
 * @return void: terminates application
493
 * @description: 'locked' >> Show maintenance screen and terminate, if system is locked
494
 *               'new' >> Show 'new site under construction'(former print_under_construction)
495
 */
496
	public function ShowMaintainScreen($type = 'locked')
497
	{
498
		global $database, $MESSAGE;
499
		$CHECK_BACK = $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'];
500
		$BE_PATIENT = '';
501
		$LANGUAGE   = strtolower((isset($_SESSION['LANGUAGE']) ? $_SESSION['LANGUAGE'] : LANGUAGE ));
502

    
503
		$show_screen = false;
504
		if($type == 'locked')
505
		{
506
			$curr_user = (intval(isset($_SESSION['USER_ID']) ? $_SESSION['USER_ID'] : 0) ) ;
507
			if( (defined('SYSTEM_LOCKED') && (int)SYSTEM_LOCKED == 1) && ($curr_user != 1))
508
			{
509
				header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
510
	// first kick logged users out of the system
511
		// delete all remember keys from table 'user' except user_id=1
512
				$sql  = 'UPDATE `'.TABLE_PREFIX.'users` SET `remember_key`=\'\' ';
513
				$sql .= 'WHERE `user_id`<>1';
514
				$database->query($sql);
515
		// delete remember key-cookie if set
516
				if (isset($_COOKIE['REMEMBER_KEY'])) {
517
					setcookie('REMEMBER_KEY', '', time() - 3600, '/');
518
				}
519
		// overwrite session array
520
				$_SESSION = array();
521
		// delete session cookie if set
522
				if (ini_get("session.use_cookies")) {
523
					$params = session_get_cookie_params();
524
					setcookie(session_name(), '', time() - 42000, $params["path"],
525
						$params["domain"], $params["secure"], $params["httponly"]
526
					);
527
				}
528
		// delete the session itself
529
				session_destroy();
530
				$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_LOCKED'];
531
				$BE_PATIENT = $MESSAGE['GENERIC_BE_PATIENT'];
532
				$PAGE_ICON  = 'system';
533
				$show_screen = true;
534
			}
535
		} else {
536
			header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
537
			$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'];
538
			$PAGE_ICON  = 'negative';
539
			$show_screen = true;
540
		}
541
		if($show_screen)
542
		{
543
            $sMaintanceFile = $this->correct_theme_source('maintenance.htt');
544
    		if(file_exists($sMaintanceFile))
545
    		{
546
                $tpl = new Template(dirname( $sMaintanceFile ));
547
    		    $tpl->set_file( 'page', 'maintenance.htt' );
548
    		    $tpl->set_block( 'page', 'main_block', 'main' );
549

    
550
    			if(defined('DEFAULT_CHARSET'))
551
    			{
552
    				$charset=DEFAULT_CHARSET;
553
    			} else {
554
    				$charset='utf-8';
555
    			}
556
    		    $tpl->set_var( 'PAGE_TITLE', $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'] );
557
    	 	    $tpl->set_var( 'CHECK_BACK', $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'] );
558
    	 	    $tpl->set_var( 'CHARSET', $charset );
559
    	 	    $tpl->set_var( 'WB_URL', WB_URL );
560
    	 	    $tpl->set_var( 'BE_PATIENT', $BE_PATIENT );
561
    	 	    $tpl->set_var( 'THEME_URL', THEME_URL );
562
    			$tpl->set_var( 'PAGE_ICON', $PAGE_ICON);
563
    			$tpl->set_var( 'LANGUAGE', strtolower(LANGUAGE));
564
    		    $tpl->parse( 'main', 'main_block', false );
565
    		    $tpl->pparse( 'output', 'page' );
566
                exit();
567
    		} else {
568
    		 require_once(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php');
569
    		echo '<!DOCTYPE html PUBLIC "-W3CDTD XHTML 1.0 TransitionalEN" "http:www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
570
    		<head><title>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</title>
571
    		<style type="text/css"><!-- body{ font-family: Verdana, Arial, Helvetica, sans-serif;font-size: 12px; background-image: url("'.WB_URL.'/templates/'.DEFAULT_THEME.'/images/background.png");background-repeat: repeat-x; background-color: #A8BCCB; text-align: center; }
572
    		h1 { margin: 0; padding: 0; font-size: 18px; color: #000; text-transform: uppercase;}--></style></head><body>
573
    		<br /><h1>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</h1><br />
574
    		'.$MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'].'</body></html>';
575
    		}
576
    		flush();
577
            exit();
578
		}
579
	}
580

    
581
	// Validate send email
582
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='', $replyTo='') {
583
/*
584
	INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
585
	SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
586
	NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
587

    
588
	NOTE:
589
	To use SMTP for sending out mails, you have to specify the SMTP host of your domain
590
	via the Settings panel in the backend of Website Baker
591
*/
592

    
593
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
594
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
595
		$subject = preg_replace('/[\r\n]/', '', $subject);
596
		$replyTo = preg_replace('/[\r\n]/', '', $replyTo);
597
		// $message_alt = $message;
598
		// $message = preg_replace('/[\r\n]/', '<br \>', $message);
599

    
600
		// create PHPMailer object and define default settings
601
		$myMail = new wbmailer();
602
		// set user defined from address
603
		if ($fromaddress!='') {
604
			if($fromname!='') $myMail->FromName = $fromname;  // FROM-NAME
605
			$myMail->From = $fromaddress;                     // FROM:
606
//			$myMail->AddReplyTo($fromaddress);                // REPLY TO:
607
		}
608
		if($replyTo) {
609
			$myMail->AddReplyTo($replyTo);                // REPLY TO:
610
		}
611
		// define recepient and information to send out
612
		$myMail->AddAddress($toaddress);                      // TO:
613
		$myMail->Subject = $subject;                          // SUBJECT
614
		$myMail->Body = nl2br($message);                      // CONTENT (HTML)
615
		$myMail->AltBody = strip_tags($message);              // CONTENT (TEXT)
616
		// check if there are any send mail errors, otherwise say successful
617
		if (!$myMail->Send()) {
618
			return false;
619
		} else {
620
			return true;
621
		}
622
	}
623

    
624
	 /**
625
	  * checks if there is an alternative Theme template
626
	  *
627
	  * @param string $sThemeFile set the template.htt
628
	  * @return string the relative theme path
629
	  *
630
	  */
631
        function correct_theme_source($sThemeFile = 'start.htt') {
632
		$sRetval = $sThemeFile;
633
		if (file_exists(THEME_PATH.'/templates/'.$sThemeFile )) {
634
			$sRetval = THEME_PATH.'/templates/'.$sThemeFile;
635
		} else {
636
			if (file_exists(ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile ) ) {
637
			$sRetval = ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile;
638
			} else {
639
				throw new InvalidArgumentException('missing template file '.$sThemeFile);
640
			}
641
		}
642
		return $sRetval;
643
        }
644

    
645
	/**
646
	 * Check if a foldername doesn't have invalid characters
647
	 *
648
	 * @param String $str to check
649
	 * @return Bool
650
	 */
651
	function checkFolderName($str){
652
		return !( preg_match('#\^|\\\|\/|\.|\?|\*|"|\'|\<|\>|\:|\|#i', $str) ? TRUE : FALSE );
653
	}
654

    
655
	/**
656
	 * Check the given path to make sure current path is within given basedir
657
	 * normally document root
658
	 *
659
	 * @param String $sCurrentPath
660
	 * @param String $sBaseDir
661
	 * @return $sCurrentPath or FALSE
662
	 */
663
	function checkpath($sCurrentPath, $sBaseDir = WB_PATH){
664
		// Clean the cuurent path
665
        $sCurrentPath = rawurldecode($sCurrentPath);
666
        $sCurrentPath = realpath($sCurrentPath);
667
        $sBaseDir = realpath($sBaseDir);
668
		// $sBaseDir needs to exist in the $sCurrentPath
669
		$pos = stripos ($sCurrentPath, $sBaseDir );
670

    
671
		if ( $pos === FALSE ){
672
			return false;
673
		} elseif( $pos == 0 ) {
674
			return $sCurrentPath;
675
		} else {
676
			return false;
677
		}
678
	}
679

    
680
	/**
681
     *
682
     * remove <?php code ?>, [[text]], link, script, scriptblock and styleblock from a given string
683
     * and return the cleaned string
684
	 *
685
	 * @param string $sValue
686
     * @returns
687
     *    false: if @param is not a string
688
     *    string: cleaned string
689
	 */
690
	public function StripCodeFromText($sValue, $bPHPCode=false){
691
        if(!is_string($sValue)) { return false; }
692
        $sValue = ( ($bPHPCode==true) ? preg_replace ('/\[\[.*?\]\]\s*?|<\?php\s+.*\?>\s*?/isU', '', $sValue ) : $sValue );
693
        $sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU';
694
        return (preg_replace ($sPattern, '', $sValue));
695
	}
696

    
697

    
698
}
(21-21/30)