Project

General

Profile

1 1365 Luisehahne
<?php
2
/**
3
 *
4 1529 Luisehahne
 * @category        framework
5 1698 Luisehahne
 * @package         frontend
6 1923 darkviper
 * @copyright       WebsiteBaker Org. e.V.
7
 * @author          Ryan Djurovich (2004-2009)
8
 * @author          Dietmar Wöllbrink (luisehahne)
9
 * @author          M.v.d.Decken (DarkViper)
10 1907 Luisehahne
 * @link            http://www.websitebaker.org/
11 1365 Luisehahne
 * @license         http://www.gnu.org/licenses/gpl.html
12
 * @platform        WebsiteBaker 2.8.x
13 1374 Luisehahne
 * @requirements    PHP 5.2.2 and higher
14 1365 Luisehahne
 * @version         $Id$
15 1907 Luisehahne
 * @filesource      $HeadURL$
16 1457 Luisehahne
 * @lastmodified    $Date$
17 1365 Luisehahne
 *
18
 */
19 1496 DarkViper
/* -------------------------------------------------------- */
20
// Must include code to stop this file being accessed directly
21 1499 DarkViper
if(!defined('WB_PATH')) {
22
	require_once(dirname(__FILE__).'/globalExceptionHandler.php');
23
	throw new IllegalFileException();
24
}
25 1496 DarkViper
/* -------------------------------------------------------- */
26 1365 Luisehahne
// Include PHPLIB template class
27 1808 Luisehahne
if(!class_exists('Template', false)){ include(WB_PATH.'/include/phplib/template.inc'); }
28 1365 Luisehahne
// Include new wbmailer class (subclass of PHPmailer)
29 1808 Luisehahne
if(!class_exists('wbmailer', false)){ include(WB_PATH.'/framework/class.wbmailer.php'); }
30 1365 Luisehahne
31
class wb extends SecureForm
32
{
33 1983 Luisehahne
/** @var object instance of the database object */
34
	protected $_oDb      = null;
35
/** @var object instance holds several values from the application global scope */
36
	protected $_oReg     = null;
37
/** @var object instance holds all of the translations */
38
	protected $_oTrans   = null;
39 1365 Luisehahne
40 1457 Luisehahne
 	public $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+\@\$\&\:';	// General initialization function
41 1782 Luisehahne
42 1365 Luisehahne
	// performed when frontend or backend is loaded.
43 1394 Luisehahne
	public function  __construct($mode = SecureForm::FRONTEND) {
44
		parent::__construct($mode);
45 1983 Luisehahne
46
		$this->_oDb    = WbDatabase::getInstance();
47
		$this->_oReg   = WbAdaptor::getInstance();
48
		$this->_oTrans = Translate::getInstance();
49 1365 Luisehahne
	}
50
51 1791 Luisehahne
/**
52
 *
53
 *
54 1983 Luisehahne
 * @return object instance of the database object of all visible languages with defined fields
55
 *
56
 */
57
	public function getAvailableLanguagesObjectInstance( ) {
58
59
			$sql = 'SELECT `directory`,`name` '
60
			     . 'FROM `'.$this->_oDb->TablePrefix.'addons` '
61
		         . 'WHERE `type` = \'language\' '
62
		         . 'ORDER BY `directory`';
63
        return ($this->_oDb->query($sql));
64
	}
65
66
67
/**
68
 *
69
 *
70
 * @return array of all visible languages with defined fields
71
 *
72
 */
73
	public function getAvailableLanguages( ) {
74
        $aRetval = array();
75
        if($oRes = $this->getAvailableLanguagesObjectInstance())
76
        {
77
            while($aRow = $oRes->fetchRow(MYSQL_ASSOC))
78
            {
79
                $aRetval[$aRow['directory']] = $aRow['name'];
80
            }
81
        }
82
83
        return ( $aRetval);
84
	}
85
86
/**
87
 *
88
 *
89 1791 Luisehahne
 * @return array of first visible language pages with defined fields
90
 *
91
 */
92 1983 Luisehahne
	public function getLanguagesDetailsInUsed ( ) {
93
//        global $database;
94 1796 Luisehahne
        $aRetval = array();
95 1983 Luisehahne
		$sql = 'SELECT DISTINCT `language`, `page_id`, `level`, `parent`, `root_parent`, '
96
			 .                 '`page_code`, `link`, `language`, `visibility`, '
97
			 .                 '`viewing_groups`,`viewing_users`,`position` '
98
			 . 'FROM `'.$this->_oDb->TablePrefix.'pages` '
99
			 . 'WHERE `level`= \'0\' '
100
			 .       'AND `root_parent`=`page_id` '
101
			 .       'AND `visibility`!=\'none\' '
102
			 .       'AND `visibility`!=\'hidden\' '
103
			 . 'GROUP BY `language` '
104
			 . 'ORDER BY `position`';
105
        if($oRes = $this->_oDb->query($sql))
106
        {
107
            while($aRow = $oRes->fetchRow(MYSQL_ASSOC))
108 1791 Luisehahne
            {
109 1983 Luisehahne
                if(!$this->page_is_visible($aRow)) {continue;}
110
                $aRetval[$aRow['language']] = $aRow;
111 1791 Luisehahne
            }
112 1983 Luisehahne
        }
113 1796 Luisehahne
        return $aRetval;
114 1782 Luisehahne
	}
115
116 1983 Luisehahne
117
118
119 1791 Luisehahne
/**
120
 *
121
 *
122
 * @return comma separate list of first visible languages
123
 *
124
 */
125 1983 Luisehahne
	public function getLanguagesInUsed ( ) {
126
        $aRetval = array_keys($this->getLanguagesDetailsInUsed()) ;
127
        if(sizeof($aRetval)==0) { return null; }
128
        return implode(',', $aRetval);
129 1796 Luisehahne
  	}
130 1782 Luisehahne
131
132 1834 Luisehahne
    /**
133
     * Created parse_url utf-8 compatible function
134
     *
135
     * @param string $url The string to decode
136
     * @return array Associative array containing the different components
137
     *
138
     */
139 1889 Luisehahne
		public function mb_parse_url($url) {
140
		$encodedUrl = preg_replace_callback('%[^:/?#&=\.]+%usD',
141
		              create_function('$aMatches', ';return urlencode($aMatches[0]);'),
142
/*		                           'urlencode(\'$0\')', */
143
		                           $url);
144
		$components = parse_url($encodedUrl);
145
		foreach ($components as &$component)
146
			$component = urldecode($component);
147
return $components;
148 1834 Luisehahne
    }
149
150 1373 Luisehahne
/* ****************
151 1440 Luisehahne
 * check if one or more group_ids are in both group_lists
152
 *
153
 * @access public
154
 * @param mixed $groups_list1: an array or a coma seperated list of group-ids
155
 * @param mixed $groups_list2: an array or a coma seperated list of group-ids
156
 * @param array &$matches: an array-var whitch will return possible matches
157
 * @return bool: true there is a match, otherwise false
158
 */
159 1698 Luisehahne
	public function is_group_match( $groups_list1 = '', $groups_list2 = '', &$matches = null )
160 1440 Luisehahne
	{
161
		if( $groups_list1 == '' ) { return false; }
162
		if( $groups_list2 == '' ) { return false; }
163 1889 Luisehahne
		if( !is_array($groups_list1) ) {
164 1440 Luisehahne
			$groups_list1 = explode(',', $groups_list1);
165
		}
166 1889 Luisehahne
		if( !is_array($groups_list2) ) {
167 1440 Luisehahne
			$groups_list2 = explode(',', $groups_list2);
168
		}
169
		$matches = array_intersect( $groups_list1, $groups_list2);
170
		return ( sizeof($matches) != 0 );
171
	}
172
/* ****************
173 1373 Luisehahne
 * check if current user is member of at least one of given groups
174
 * ADMIN (uid=1) always is treated like a member of any groups
175
 *
176
 * @access public
177
 * @param mixed $groups_list: an array or a coma seperated list of group-ids
178
 * @return bool: true if current user is member of one of this groups, otherwise false
179
 */
180 1698 Luisehahne
	public function ami_group_member( $groups_list = '' )
181 1373 Luisehahne
	{
182
		if( $this->get_user_id() == 1 ) { return true; }
183
		return $this->is_group_match( $groups_list, $this->get_groups_id() );
184
	}
185
186 1791 Luisehahne
// Check whether a page is visible or not.
187
// This will check page-visibility and user- and group-rights.
188
/* page_is_visible() returns
189
	false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
190
	true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
191
*/
192 1698 Luisehahne
	public function page_is_visible($page)
193 1365 Luisehahne
    {
194 1698 Luisehahne
		// First check if visibility is 'none', 'deleted'
195 1373 Luisehahne
		$show_it = false; // shall we show the page?
196 1698 Luisehahne
		switch( $page['visibility'] )
197
		{
198
			case 'none':
199
			case 'deleted':
200
				$show_it = false;
201
				break;
202
			case 'hidden':
203
			case 'public':
204
				$show_it = true;
205
				break;
206
			case 'private':
207
			case 'registered':
208
				if($this->is_authenticated() == true)
209
				{
210
					$show_it = ( $this->is_group_match($this->get_groups_id(), $page['viewing_groups']) ||
211
								 $this->is_group_match($this->get_user_id(), $page['viewing_users']) );
212
				}
213 1373 Luisehahne
		}
214
215 1365 Luisehahne
		return($show_it);
216
	}
217 1698 Luisehahne
218 1365 Luisehahne
	// Check if there is at least one active section on this page
219 1698 Luisehahne
	public function page_is_active($page)
220 1365 Luisehahne
    {
221
		global $database;
222
		$now = time();
223 1698 Luisehahne
		$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'sections` ';
224
		$sql .= 'WHERE ('.$now.' BETWEEN `publ_start` AND `publ_end`) OR ';
225
		$sql .=       '('.$now.' > `publ_start` AND `publ_end`=0) ';
226
		$sql .=       'AND `page_id`='.(int)$page['page_id'];
227
		return ($database->get_one($sql) != false);
228
   	}
229 1365 Luisehahne
230
	// Check whether we should show a page or not (for front-end)
231 1698 Luisehahne
	public function show_page($page)
232 1365 Luisehahne
    {
233 1698 Luisehahne
		if( !is_array($page) )
234
		{
235
			$sql  = 'SELECT `page_id`, `visibility`, `viewing_groups`, `viewing_users` ';
236
			$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page;
237
			if( ($res_pages = $database->query($sql))!= null )
238
			{
239
				if( !($page = $res_pages->fetchRow()) ) { return false; }
240
			}
241
		}
242
		return ($this->page_is_visible($page) && $this->page_is_active($page));
243 1365 Luisehahne
	}
244
245
	// Check if the user is already authenticated or not
246 1698 Luisehahne
	public function is_authenticated() {
247 1487 DarkViper
		$retval = ( isset($_SESSION['USER_ID']) AND
248
		            $_SESSION['USER_ID'] != "" AND
249
		            is_numeric($_SESSION['USER_ID']));
250
        return $retval;
251 1365 Luisehahne
	}
252
253
	// Modified addslashes function which takes into account magic_quotes
254
	function add_slashes($input) {
255 1487 DarkViper
		if( get_magic_quotes_gpc() || (!is_string($input)) ) {
256 1365 Luisehahne
			return $input;
257
		}
258 1487 DarkViper
		return addslashes($input);
259 1365 Luisehahne
	}
260
261
	// Ditto for stripslashes
262
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
263
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
264
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
265
	function strip_slashes($input) {
266
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
267
			return $input;
268
		}
269 1487 DarkViper
		return stripslashes($input);
270 1365 Luisehahne
	}
271
272
	// Escape backslashes for use with mySQL LIKE strings
273
	function escape_backslashes($input) {
274
		return str_replace("\\","\\\\",$input);
275
	}
276
277
	function page_link($link){
278
		// Check for :// in the link (used in URL's) as well as mailto:
279 1373 Luisehahne
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
280 1365 Luisehahne
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
281
		} else {
282
			return $link;
283
		}
284
	}
285 1698 Luisehahne
286 1365 Luisehahne
	// Get POST data
287
	function get_post($field) {
288 1487 DarkViper
		return (isset($_POST[$field]) ? $_POST[$field] : null);
289 1365 Luisehahne
	}
290
291
	// Get POST data and escape it
292
	function get_post_escaped($field) {
293
		$result = $this->get_post($field);
294
		return (is_null($result)) ? null : $this->add_slashes($result);
295
	}
296 1698 Luisehahne
297 1365 Luisehahne
	// Get GET data
298
	function get_get($field) {
299 1487 DarkViper
		return (isset($_GET[$field]) ? $_GET[$field] : null);
300 1365 Luisehahne
	}
301
302
	// Get SESSION data
303
	function get_session($field) {
304 1487 DarkViper
		return (isset($_SESSION[$field]) ? $_SESSION[$field] : null);
305 1365 Luisehahne
	}
306
307
	// Get SERVER data
308
	function get_server($field) {
309 1487 DarkViper
		return (isset($_SERVER[$field]) ? $_SERVER[$field] : null);
310 1365 Luisehahne
	}
311
312
	// Get the current users id
313
	function get_user_id() {
314 1511 Luisehahne
		return $this->get_session('USER_ID');
315 1365 Luisehahne
	}
316
317 1373 Luisehahne
	// Get the current users group id
318 1365 Luisehahne
	function get_group_id() {
319 1511 Luisehahne
		return $this->get_session('GROUP_ID');
320 1365 Luisehahne
	}
321
322
	// Get the current users group ids
323
	function get_groups_id() {
324 1511 Luisehahne
		return explode(",", $this->get_session('GROUPS_ID'));
325 1365 Luisehahne
	}
326
327
	// Get the current users group name
328
	function get_group_name() {
329 1511 Luisehahne
		return implode(",", $this->get_session('GROUP_NAME'));
330 1365 Luisehahne
	}
331
332
	// Get the current users group name
333
	function get_groups_name() {
334 1511 Luisehahne
		return $this->get_session('GROUP_NAME');
335 1365 Luisehahne
	}
336
337
	// Get the current users username
338
	function get_username() {
339 1511 Luisehahne
		return $this->get_session('USERNAME');
340 1365 Luisehahne
	}
341
342
	// Get the current users display name
343
	function get_display_name() {
344 1511 Luisehahne
		return $this->get_session('DISPLAY_NAME');
345 1365 Luisehahne
	}
346
347
	// Get the current users email address
348
	function get_email() {
349 1511 Luisehahne
		return $this->get_session('EMAIL');
350 1365 Luisehahne
	}
351
352
	// Get the current users home folder
353
	function get_home_folder() {
354 1511 Luisehahne
		return $this->get_session('HOME_FOLDER');
355 1365 Luisehahne
	}
356
357
	// Get the current users timezone
358
	function get_timezone() {
359 1872 Luisehahne
360
		return (isset($_SESSION['USE_DEFAULT_TIMEZONE']) ? '-72000' : $this->get_session('TIMEZONE'));
361 1365 Luisehahne
	}
362
363 1373 Luisehahne
	// Validate supplied email address
364
	function validate_email($email) {
365
		if(function_exists('idn_to_ascii')){ /* use pear if available */
366
			$email = idn_to_ascii($email);
367
		}else {
368
			require_once(WB_PATH.'/include/idna_convert/idna_convert.class.php');
369
			$IDN = new idna_convert();
370
			$email = $IDN->encode($email);
371
			unset($IDN);
372 1372 Luisehahne
		}
373 1378 Luisehahne
		// regex from NorHei 2011-01-11
374
		$retval = preg_match("/^((([!#$%&'*+\\-\/\=?^_`{|}~\w])|([!#$%&'*+\\-\/\=?^_`{|}~\w][!#$%&'*+\\-\/\=?^_`{|}~\.\w]{0,}[!#$%&'*+\\-\/\=?^_`{|}~\w]))[@]\w+(([-.]|\-\-)\w+)*\.\w+(([-.]|\-\-)\w+)*)$/", $email);
375
		return ($retval != false);
376 1372 Luisehahne
	}
377
378 1698 Luisehahne
	/**
379
     * replace header('Location:...  with new method
380
	 * if header send failed you get a manuell redirected link, so script don't break
381 1777 Luisehahne
	 *
382 1698 Luisehahne
	 * @param string $location, redirected url
383
	 * @return void
384
	 */
385
	public function send_header ($location) {
386
		if(!headers_sent()) {
387
			header('Location: '.$location);
388
		    exit(0);
389
		} else {
390
//			$aDebugBacktrace = debug_backtrace();
391
//			array_walk( $aDebugBacktrace, create_function( '$a,$b', 'print "<br /><b>". basename( $a[\'file\'] ). "</b> &nbsp; <font color=\"red\">{$a[\'line\']}</font> &nbsp; <font color=\"green\">{$a[\'function\']} ()</font> &nbsp; -- ". dirname( $a[\'file\'] ). "/";' ) );
392
		    $msg =  "<div style=\"text-align:center;\"><h2>An error has occurred</h2><p>The <strong>Redirect</strong> could not be start automatically.\n" .
393
		         "Please click <a style=\"font-weight:bold;\" " .
394
		         "href=\"".$location."\">on this link</a> to continue!</p></div>\n";
395
396
			throw new AppException($msg);
397
		}
398
	}
399
400 1372 Luisehahne
/* ****************
401 1365 Luisehahne
 * set one or more bit in a integer value
402
 *
403
 * @access public
404
 * @param int $value: reference to the integer, containing the value
405
 * @param int $bits2set: the bitmask witch shall be added to value
406
 * @return void
407
 */
408
	function bit_set( &$value, $bits2set )
409
	{
410
		$value |= $bits2set;
411
	}
412
413
/* ****************
414
 * reset one or more bit from a integer value
415
 *
416
 * @access public
417
 * @param int $value: reference to the integer, containing the value
418
 * @param int $bits2reset: the bitmask witch shall be removed from value
419
 * @return void
420
 */
421
	function bit_reset( &$value, $bits2reset)
422
	{
423
		$value &= ~$bits2reset;
424
	}
425
426
/* ****************
427
 * check if one or more bit in a integer value are set
428
 *
429
 * @access public
430
 * @param int $value: reference to the integer, containing the value
431
 * @param int $bits2set: the bitmask witch shall be added to value
432
 * @return void
433
 */
434
	function bit_isset( $value, $bits2test )
435
	{
436
		return (($value & $bits2test) == $bits2test);
437
	}
438
439
	// Print a success message which then automatically redirects the user to another page
440 1373 Luisehahne
	function print_success( $message, $redirect = 'index.php' ) {
441 1904 darkviper
		$oTrans = Translate::getInstance();
442
		$oTrans->disableAddon();
443 1443 Luisehahne
        if(is_array($message)) {
444
           $message = implode ('<br />',$message);
445
        }
446 1373 Luisehahne
	    // fetch redirect timer for sucess messages from settings table
447 1397 Luisehahne
	    $redirect_timer = ((defined( 'REDIRECT_TIMER' )) && (REDIRECT_TIMER <= 10000)) ? REDIRECT_TIMER : 0;
448 1365 Luisehahne
	    // add template variables
449 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
450 1625 Luisehahne
		$tpl = new Template(dirname($this->correct_theme_source('success.htt')));
451 1365 Luisehahne
	    $tpl->set_file( 'page', 'success.htt' );
452
	    $tpl->set_block( 'page', 'main_block', 'main' );
453 1373 Luisehahne
	    $tpl->set_block( 'main_block', 'show_redirect_block', 'show_redirect' );
454
	    $tpl->set_var( 'MESSAGE', $message );
455
	    $tpl->set_var( 'REDIRECT', $redirect );
456
	    $tpl->set_var( 'REDIRECT_TIMER', $redirect_timer );
457 1904 darkviper
	    $tpl->set_var( 'NEXT', $oTrans->TEXT_NEXT);
458
	    $tpl->set_var( 'BACK', $oTrans->TEXT_BACK);
459 1397 Luisehahne
	    if ($redirect_timer == -1) {
460 1365 Luisehahne
	        $tpl->set_block( 'show_redirect', '' );
461 1373 Luisehahne
	    }
462
	    else {
463 1365 Luisehahne
	        $tpl->parse( 'show_redirect', 'show_redirect_block', true );
464
	    }
465
	    $tpl->parse( 'main', 'main_block', false );
466
	    $tpl->pparse( 'output', 'page' );
467
	}
468
469
	// Print an error message
470 1373 Luisehahne
	function print_error($message, $link = 'index.php', $auto_footer = true) {
471 1904 darkviper
		$oTrans = Translate::getInstance();
472
		$oTrans->disableAddon();
473 1443 Luisehahne
        if(is_array($message)) {
474
           $message = implode ('<br />',$message);
475
        }
476 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
477 1625 Luisehahne
		$success_template = new Template(dirname($this->correct_theme_source('error.htt')));
478 1365 Luisehahne
		$success_template->set_file('page', 'error.htt');
479
		$success_template->set_block('page', 'main_block', 'main');
480
		$success_template->set_var('MESSAGE', $message);
481
		$success_template->set_var('LINK', $link);
482 1904 darkviper
		$success_template->set_var('BACK', $oTrans->TEXT_BACK);
483 1365 Luisehahne
		$success_template->parse('main', 'main_block', false);
484
		$success_template->pparse('output', 'page');
485
		if ( $auto_footer == true ) {
486
			if ( method_exists($this, "print_footer") ) {
487
				$this->print_footer();
488
			}
489
		}
490
		exit();
491
	}
492 1684 Luisehahne
/*
493
 * @param string $message: the message to format
494
 * @param string $status:  ('ok' / 'error' / '') status defines the apereance of the box
495
 * @return string: the html-formatted message (using template 'message.htt')
496
 */
497
	public function format_message($message, $status = 'ok')
498
	{
499
		$id = uniqid('x');
500
		$tpl = new Template(dirname($this->correct_theme_source('message.htt')));
501
		$tpl->set_file('page', 'message.htt');
502
		$tpl->set_block('page', 'main_block', 'main');
503
		$tpl->set_var('MESSAGE', $message);
504
 	    $tpl->set_var( 'THEME_URL', THEME_URL );
505
		$tpl->set_var( 'ID', $id );
506
		if($status == 'ok' || $status == 'error' || $status = 'warning')
507
		{
508
			$tpl->set_var('BOX_STATUS', ' box-'.$status);
509
		}else
510
		{
511
			$tpl->set_var('BOX_STATUS', '');
512
		}
513
		$tpl->set_var('STATUS', $status);
514
		if(!defined('REDIRECT_TIMER') ) { define('REDIRECT_TIMER', -1); }
515
		$retval = '';
516
		if( $status != 'error' )
517
		{
518
			switch(REDIRECT_TIMER):
519
				case 0: // do not show message
520
					unset($tpl);
521
					break;
522
				case -1: // show message permanently
523
					$tpl->parse('main', 'main_block', false);
524
					$retval = $tpl->finish($tpl->parse('output', 'page', false));
525
					unset($tpl);
526
					break;
527
				default: // hide message after REDIRECTOR_TIMER milliseconds
528
					$retval = '<script type="text/javascript">/* <![CDATA[ */ function '.$id.'_hide() {'.
529
							  'document.getElementById(\''.$id.'\').style.display = \'none\';}'.
530
							  'window.setTimeout(\''.$id.'_hide()\', '.REDIRECT_TIMER.');/* ]]> */ </script>';
531
					$tpl->parse('main', 'main_block', false);
532
					$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
533
					unset($tpl);
534
			endswitch;
535
		}else
536
		{
537
			$tpl->parse('main', 'main_block', false);
538
			$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
539
			unset($tpl);
540
		}
541
		return $retval;
542
	}
543 1782 Luisehahne
/*
544
 * @param string $type: 'locked'(default)  or 'new'
545
 * @return void: terminates application
546
 * @description: 'locked' >> Show maintenance screen and terminate, if system is locked
547
 *               'new' >> Show 'new site under construction'(former print_under_construction)
548
 */
549
	public function ShowMaintainScreen($type = 'locked')
550
	{
551
		global $database, $MESSAGE;
552
		$CHECK_BACK = $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'];
553
		$BE_PATIENT = '';
554
		$LANGUAGE   = strtolower((isset($_SESSION['LANGUAGE']) ? $_SESSION['LANGUAGE'] : LANGUAGE ));
555 1365 Luisehahne
556 1782 Luisehahne
		$show_screen = false;
557
		if($type == 'locked')
558
		{
559
			$curr_user = (intval(isset($_SESSION['USER_ID']) ? $_SESSION['USER_ID'] : 0) ) ;
560
			if( (defined('SYSTEM_LOCKED') && (int)SYSTEM_LOCKED == 1) && ($curr_user != 1))
561
			{
562
				header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
563
	// first kick logged users out of the system
564
		// delete all remember keys from table 'user' except user_id=1
565
				$sql  = 'UPDATE `'.TABLE_PREFIX.'users` SET `remember_key`=\'\' ';
566
				$sql .= 'WHERE `user_id`<>1';
567
				$database->query($sql);
568
		// delete remember key-cookie if set
569
				if (isset($_COOKIE['REMEMBER_KEY'])) {
570
					setcookie('REMEMBER_KEY', '', time() - 3600, '/');
571
				}
572
		// overwrite session array
573
				$_SESSION = array();
574
		// delete session cookie if set
575
				if (ini_get("session.use_cookies")) {
576
					$params = session_get_cookie_params();
577
					setcookie(session_name(), '', time() - 42000, $params["path"],
578
						$params["domain"], $params["secure"], $params["httponly"]
579
					);
580
				}
581
		// delete the session itself
582
				session_destroy();
583
				$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_LOCKED'];
584
				$BE_PATIENT = $MESSAGE['GENERIC_BE_PATIENT'];
585
				$PAGE_ICON  = 'system';
586
				$show_screen = true;
587
			}
588
		} else {
589
			header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
590
			$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'];
591
			$PAGE_ICON  = 'negative';
592
			$show_screen = true;
593
		}
594
		if($show_screen)
595
		{
596 1808 Luisehahne
            $sMaintanceFile = $this->correct_theme_source('maintenance.htt');
597 1782 Luisehahne
    		if(file_exists($sMaintanceFile))
598
    		{
599
                $tpl = new Template(dirname( $sMaintanceFile ));
600 1808 Luisehahne
    		    $tpl->set_file( 'page', 'maintenance.htt' );
601 1782 Luisehahne
    		    $tpl->set_block( 'page', 'main_block', 'main' );
602
603
    			if(defined('DEFAULT_CHARSET'))
604
    			{
605
    				$charset=DEFAULT_CHARSET;
606
    			} else {
607
    				$charset='utf-8';
608
    			}
609
    		    $tpl->set_var( 'PAGE_TITLE', $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'] );
610
    	 	    $tpl->set_var( 'CHECK_BACK', $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'] );
611
    	 	    $tpl->set_var( 'CHARSET', $charset );
612
    	 	    $tpl->set_var( 'WB_URL', WB_URL );
613
    	 	    $tpl->set_var( 'BE_PATIENT', $BE_PATIENT );
614
    	 	    $tpl->set_var( 'THEME_URL', THEME_URL );
615
    			$tpl->set_var( 'PAGE_ICON', $PAGE_ICON);
616
    			$tpl->set_var( 'LANGUAGE', strtolower(LANGUAGE));
617
    		    $tpl->parse( 'main', 'main_block', false );
618
    		    $tpl->pparse( 'output', 'page' );
619
                exit();
620
    		} else {
621
    		 require_once(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php');
622
    		echo '<!DOCTYPE html PUBLIC "-W3CDTD XHTML 1.0 TransitionalEN" "http:www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
623
    		<head><title>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</title>
624
    		<style type="text/css"><!-- body{ font-family: Verdana, Arial, Helvetica, sans-serif;font-size: 12px; background-image: url("'.WB_URL.'/templates/'.DEFAULT_THEME.'/images/background.png");background-repeat: repeat-x; background-color: #A8BCCB; text-align: center; }
625
    		h1 { margin: 0; padding: 0; font-size: 18px; color: #000; text-transform: uppercase;}--></style></head><body>
626
    		<br /><h1>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</h1><br />
627
    		'.$MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'].'</body></html>';
628
    		}
629
    		flush();
630
            exit();
631
		}
632
	}
633
634 1365 Luisehahne
	// Validate send email
635 1650 darkviper
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='', $replyTo='') {
636 1698 Luisehahne
/*
637 1487 DarkViper
	INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
638
	SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
639
	NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
640 1365 Luisehahne
641 1487 DarkViper
	NOTE:
642
	To use SMTP for sending out mails, you have to specify the SMTP host of your domain
643
	via the Settings panel in the backend of Website Baker
644 1698 Luisehahne
*/
645 1365 Luisehahne
646
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
647
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
648
		$subject = preg_replace('/[\r\n]/', '', $subject);
649 1650 darkviper
		$replyTo = preg_replace('/[\r\n]/', '', $replyTo);
650 1463 Luisehahne
		// $message_alt = $message;
651
		// $message = preg_replace('/[\r\n]/', '<br \>', $message);
652
653 1365 Luisehahne
		// create PHPMailer object and define default settings
654
		$myMail = new wbmailer();
655
		// set user defined from address
656
		if ($fromaddress!='') {
657 1487 DarkViper
			if($fromname!='') $myMail->FromName = $fromname;  // FROM-NAME
658
			$myMail->From = $fromaddress;                     // FROM:
659 1650 darkviper
//			$myMail->AddReplyTo($fromaddress);                // REPLY TO:
660
		}
661
		if($replyTo) {
662 1655 Luisehahne
			$myMail->AddReplyTo($replyTo);                // REPLY TO:
663 1365 Luisehahne
		}
664
		// define recepient and information to send out
665 1487 DarkViper
		$myMail->AddAddress($toaddress);                      // TO:
666
		$myMail->Subject = $subject;                          // SUBJECT
667
		$myMail->Body = nl2br($message);                      // CONTENT (HTML)
668
		$myMail->AltBody = strip_tags($message);              // CONTENT (TEXT)
669 1365 Luisehahne
		// check if there are any send mail errors, otherwise say successful
670
		if (!$myMail->Send()) {
671
			return false;
672
		} else {
673
			return true;
674
		}
675
	}
676
677 1904 darkviper
/**
678
 * checks if there is an alternative Theme template
679
 *
680
 * @param string $sThemeFile set the template.htt
681
 * @return string the relative theme path
682
 *
683
 */
684 1625 Luisehahne
        function correct_theme_source($sThemeFile = 'start.htt') {
685
		$sRetval = $sThemeFile;
686
		if (file_exists(THEME_PATH.'/templates/'.$sThemeFile )) {
687
			$sRetval = THEME_PATH.'/templates/'.$sThemeFile;
688
		} else {
689 1641 Luisehahne
			if (file_exists(ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile ) ) {
690
			$sRetval = ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile;
691 1625 Luisehahne
			} else {
692
				throw new InvalidArgumentException('missing template file '.$sThemeFile);
693
			}
694
		}
695
		return $sRetval;
696
        }
697 1529 Luisehahne
698 1904 darkviper
/**
699
 * Check if a foldername doesn't have invalid characters
700
 *
701
 * @param String $str to check
702
 * @return Bool
703
 */
704 1529 Luisehahne
	function checkFolderName($str){
705
		return !( preg_match('#\^|\\\|\/|\.|\?|\*|"|\'|\<|\>|\:|\|#i', $str) ? TRUE : FALSE );
706
	}
707
708 1904 darkviper
/**
709
 * Check the given path to make sure current path is within given basedir
710
 * normally document root
711
 *
712
 * @param String $sCurrentPath
713
 * @param String $sBaseDir
714
 * @return $sCurrentPath or FALSE
715
 */
716 1529 Luisehahne
	function checkpath($sCurrentPath, $sBaseDir = WB_PATH){
717
		// Clean the cuurent path
718
        $sCurrentPath = rawurldecode($sCurrentPath);
719
        $sCurrentPath = realpath($sCurrentPath);
720
        $sBaseDir = realpath($sBaseDir);
721
		// $sBaseDir needs to exist in the $sCurrentPath
722
		$pos = stripos ($sCurrentPath, $sBaseDir );
723
724
		if ( $pos === FALSE ){
725
			return false;
726
		} elseif( $pos == 0 ) {
727
			return $sCurrentPath;
728
		} else {
729
			return false;
730
		}
731
	}
732
733 1904 darkviper
/**
734
 * remove <?php code ?>, [[text]], link, script, scriptblock and styleblock from a given string
735
 * and return the cleaned string
736
 *
737
 * @param string $sValue
738
 * @returns
739
 *    false: if @param is not a string
740
 *    string: cleaned string
741
 */
742 1808 Luisehahne
	public function StripCodeFromText($sValue, $bPHPCode=false){
743 1777 Luisehahne
        if(!is_string($sValue)) { return false; }
744 1808 Luisehahne
        $sValue = ( ($bPHPCode==true) ? preg_replace ('/\[\[.*?\]\]\s*?|<\?php\s+.*\?>\s*?/isU', '', $sValue ) : $sValue );
745 1777 Luisehahne
        $sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU';
746
        return (preg_replace ($sPattern, '', $sValue));
747
	}
748
749 1904 darkviper
/**
750
 * ReplaceAbsoluteMediaUrl
751
 * @param string $sContent
752
 * @return string
753
 * @description Replace URLs witch are pointing into MEDIA_DIRECTORY with an URL
754
 *              independend placeholder
755
 */
756
	public function ReplaceAbsoluteMediaUrl($sContent){
757
		if(ini_get('magic_quotes_gpc')==true){
758
			$sContent = $this->strip_slashes($sContent);
759
		}
760
		if(is_string($sContent)) {
761
			$sMediaUrl = WB_URL.MEDIA_DIRECTORY;
762
			$searchfor = '@(<[^>]*=\s*")('.preg_quote($sMediaUrl).')([^">]*".*>)@siU';
763
			$sContent = preg_replace($searchfor, '$1{SYSVAR:MEDIA_REL}$3', $sContent );
764
		}
765
		return $sContent;
766
	}
767 1777 Luisehahne
768 1904 darkviper
769
770 1365 Luisehahne
}