Project

General

Profile

1 1365 Luisehahne
<?php
2
/**
3
 *
4 1529 Luisehahne
 * @category        framework
5 1698 Luisehahne
 * @package         frontend
6 1923 darkviper
 * @copyright       WebsiteBaker Org. e.V.
7
 * @author          Ryan Djurovich (2004-2009)
8
 * @author          Dietmar Wöllbrink (luisehahne)
9
 * @author          M.v.d.Decken (DarkViper)
10 1907 Luisehahne
 * @link            http://www.websitebaker.org/
11 1365 Luisehahne
 * @license         http://www.gnu.org/licenses/gpl.html
12
 * @platform        WebsiteBaker 2.8.x
13 1374 Luisehahne
 * @requirements    PHP 5.2.2 and higher
14 1365 Luisehahne
 * @version         $Id$
15 1907 Luisehahne
 * @filesource      $HeadURL$
16 1457 Luisehahne
 * @lastmodified    $Date$
17 1365 Luisehahne
 *
18
 */
19 1496 DarkViper
/* -------------------------------------------------------- */
20
// Must include code to stop this file being accessed directly
21 1499 DarkViper
if(!defined('WB_PATH')) {
22
	require_once(dirname(__FILE__).'/globalExceptionHandler.php');
23
	throw new IllegalFileException();
24
}
25 1496 DarkViper
/* -------------------------------------------------------- */
26 1365 Luisehahne
// Include PHPLIB template class
27 1808 Luisehahne
if(!class_exists('Template', false)){ include(WB_PATH.'/include/phplib/template.inc'); }
28 1365 Luisehahne
// Include new wbmailer class (subclass of PHPmailer)
29 1808 Luisehahne
if(!class_exists('wbmailer', false)){ include(WB_PATH.'/framework/class.wbmailer.php'); }
30 1365 Luisehahne
31
class wb extends SecureForm
32
{
33 1983 Luisehahne
/** @var object instance of the database object */
34
	protected $_oDb      = null;
35
/** @var object instance holds several values from the application global scope */
36
	protected $_oReg     = null;
37
/** @var object instance holds all of the translations */
38
	protected $_oTrans   = null;
39 1365 Luisehahne
40 1457 Luisehahne
 	public $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+\@\$\&\:';	// General initialization function
41 1782 Luisehahne
42 1365 Luisehahne
	// performed when frontend or backend is loaded.
43 1394 Luisehahne
	public function  __construct($mode = SecureForm::FRONTEND) {
44
		parent::__construct($mode);
45 1983 Luisehahne
46
		$this->_oDb    = WbDatabase::getInstance();
47
		$this->_oReg   = WbAdaptor::getInstance();
48
		$this->_oTrans = Translate::getInstance();
49 1365 Luisehahne
	}
50
51 1791 Luisehahne
/**
52
 *
53
 *
54 1983 Luisehahne
 * @return object instance of the database object of all visible languages with defined fields
55
 *
56
 */
57
	public function getAvailableLanguagesObjectInstance( ) {
58
59
			$sql = 'SELECT `directory`,`name` '
60
			     . 'FROM `'.$this->_oDb->TablePrefix.'addons` '
61
		         . 'WHERE `type` = \'language\' '
62
		         . 'ORDER BY `directory`';
63
        return ($this->_oDb->query($sql));
64
	}
65
66
67
/**
68
 *
69
 *
70
 * @return array of all visible languages with defined fields
71
 *
72
 */
73
	public function getAvailableLanguages( ) {
74
        $aRetval = array();
75
        if($oRes = $this->getAvailableLanguagesObjectInstance())
76
        {
77
            while($aRow = $oRes->fetchRow(MYSQL_ASSOC))
78
            {
79
                $aRetval[$aRow['directory']] = $aRow['name'];
80
            }
81
        }
82
83
        return ( $aRetval);
84
	}
85
86
/**
87
 *
88
 *
89 1791 Luisehahne
 * @return array of first visible language pages with defined fields
90
 *
91
 */
92 1983 Luisehahne
	public function getLanguagesDetailsInUsed ( ) {
93
//        global $database;
94 1796 Luisehahne
        $aRetval = array();
95 1983 Luisehahne
		$sql = 'SELECT DISTINCT `language`, `page_id`, `level`, `parent`, `root_parent`, '
96
			 .                 '`page_code`, `link`, `language`, `visibility`, '
97
			 .                 '`viewing_groups`,`viewing_users`,`position` '
98
			 . 'FROM `'.$this->_oDb->TablePrefix.'pages` '
99
			 . 'WHERE `level`= \'0\' '
100
			 .       'AND `root_parent`=`page_id` '
101
			 .       'AND `visibility`!=\'none\' '
102
			 .       'AND `visibility`!=\'hidden\' '
103
			 . 'GROUP BY `language` '
104
			 . 'ORDER BY `position`';
105
        if($oRes = $this->_oDb->query($sql))
106
        {
107
            while($aRow = $oRes->fetchRow(MYSQL_ASSOC))
108 1791 Luisehahne
            {
109 1983 Luisehahne
                if(!$this->page_is_visible($aRow)) {continue;}
110
                $aRetval[$aRow['language']] = $aRow;
111 1791 Luisehahne
            }
112 1983 Luisehahne
        }
113 1796 Luisehahne
        return $aRetval;
114 1782 Luisehahne
	}
115
116 1983 Luisehahne
117
118
119 1791 Luisehahne
/**
120
 *
121
 *
122
 * @return comma separate list of first visible languages
123
 *
124
 */
125 1983 Luisehahne
	public function getLanguagesInUsed ( ) {
126
        $aRetval = array_keys($this->getLanguagesDetailsInUsed()) ;
127
        if(sizeof($aRetval)==0) { return null; }
128
        return implode(',', $aRetval);
129 1796 Luisehahne
  	}
130 1782 Luisehahne
131
132 1834 Luisehahne
    /**
133
     * Created parse_url utf-8 compatible function
134
     *
135
     * @param string $url The string to decode
136
     * @return array Associative array containing the different components
137
     *
138
     */
139 1889 Luisehahne
		public function mb_parse_url($url) {
140
		$encodedUrl = preg_replace_callback('%[^:/?#&=\.]+%usD',
141
		              create_function('$aMatches', ';return urlencode($aMatches[0]);'),
142
/*		                           'urlencode(\'$0\')', */
143
		                           $url);
144
		$components = parse_url($encodedUrl);
145
		foreach ($components as &$component)
146
			$component = urldecode($component);
147
return $components;
148 1834 Luisehahne
    }
149
150 1373 Luisehahne
/* ****************
151 1440 Luisehahne
 * check if one or more group_ids are in both group_lists
152
 *
153
 * @access public
154
 * @param mixed $groups_list1: an array or a coma seperated list of group-ids
155
 * @param mixed $groups_list2: an array or a coma seperated list of group-ids
156
 * @param array &$matches: an array-var whitch will return possible matches
157
 * @return bool: true there is a match, otherwise false
158
 */
159 1698 Luisehahne
	public function is_group_match( $groups_list1 = '', $groups_list2 = '', &$matches = null )
160 1440 Luisehahne
	{
161
		if( $groups_list1 == '' ) { return false; }
162
		if( $groups_list2 == '' ) { return false; }
163 1889 Luisehahne
		if( !is_array($groups_list1) ) {
164 1440 Luisehahne
			$groups_list1 = explode(',', $groups_list1);
165
		}
166 1889 Luisehahne
		if( !is_array($groups_list2) ) {
167 1440 Luisehahne
			$groups_list2 = explode(',', $groups_list2);
168
		}
169
		$matches = array_intersect( $groups_list1, $groups_list2);
170
		return ( sizeof($matches) != 0 );
171
	}
172
/* ****************
173 1373 Luisehahne
 * check if current user is member of at least one of given groups
174
 * ADMIN (uid=1) always is treated like a member of any groups
175
 *
176
 * @access public
177
 * @param mixed $groups_list: an array or a coma seperated list of group-ids
178
 * @return bool: true if current user is member of one of this groups, otherwise false
179
 */
180 1698 Luisehahne
	public function ami_group_member( $groups_list = '' )
181 1373 Luisehahne
	{
182
		if( $this->get_user_id() == 1 ) { return true; }
183
		return $this->is_group_match( $groups_list, $this->get_groups_id() );
184
	}
185
186 1791 Luisehahne
// Check whether a page is visible or not.
187
// This will check page-visibility and user- and group-rights.
188
/* page_is_visible() returns
189
	false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
190
	true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
191
*/
192 1698 Luisehahne
	public function page_is_visible($page)
193 1365 Luisehahne
    {
194 1698 Luisehahne
		// First check if visibility is 'none', 'deleted'
195 1373 Luisehahne
		$show_it = false; // shall we show the page?
196 1698 Luisehahne
		switch( $page['visibility'] )
197
		{
198
			case 'none':
199
			case 'deleted':
200
				$show_it = false;
201
				break;
202
			case 'hidden':
203
			case 'public':
204
				$show_it = true;
205
				break;
206
			case 'private':
207
			case 'registered':
208
				if($this->is_authenticated() == true)
209
				{
210
					$show_it = ( $this->is_group_match($this->get_groups_id(), $page['viewing_groups']) ||
211
								 $this->is_group_match($this->get_user_id(), $page['viewing_users']) );
212
				}
213 1373 Luisehahne
		}
214
215 1365 Luisehahne
		return($show_it);
216
	}
217 1698 Luisehahne
218 1365 Luisehahne
	// Check if there is at least one active section on this page
219 1698 Luisehahne
	public function page_is_active($page)
220 1365 Luisehahne
    {
221
		global $database;
222
		$now = time();
223 1698 Luisehahne
		$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'sections` ';
224
		$sql .= 'WHERE ('.$now.' BETWEEN `publ_start` AND `publ_end`) OR ';
225
		$sql .=       '('.$now.' > `publ_start` AND `publ_end`=0) ';
226
		$sql .=       'AND `page_id`='.(int)$page['page_id'];
227
		return ($database->get_one($sql) != false);
228
   	}
229 1365 Luisehahne
230
	// Check whether we should show a page or not (for front-end)
231 1698 Luisehahne
	public function show_page($page)
232 1365 Luisehahne
    {
233 1698 Luisehahne
		if( !is_array($page) )
234
		{
235
			$sql  = 'SELECT `page_id`, `visibility`, `viewing_groups`, `viewing_users` ';
236
			$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page;
237
			if( ($res_pages = $database->query($sql))!= null )
238
			{
239
				if( !($page = $res_pages->fetchRow()) ) { return false; }
240
			}
241
		}
242
		return ($this->page_is_visible($page) && $this->page_is_active($page));
243 1365 Luisehahne
	}
244
245
	// Check if the user is already authenticated or not
246 1698 Luisehahne
	public function is_authenticated() {
247 1487 DarkViper
		$retval = ( isset($_SESSION['USER_ID']) AND
248
		            $_SESSION['USER_ID'] != "" AND
249
		            is_numeric($_SESSION['USER_ID']));
250
        return $retval;
251 1365 Luisehahne
	}
252
253
	// Modified addslashes function which takes into account magic_quotes
254
	function add_slashes($input) {
255 1487 DarkViper
		if( get_magic_quotes_gpc() || (!is_string($input)) ) {
256 1365 Luisehahne
			return $input;
257
		}
258 1487 DarkViper
		return addslashes($input);
259 1365 Luisehahne
	}
260
261
	// Ditto for stripslashes
262
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
263
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
264
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
265
	function strip_slashes($input) {
266
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
267
			return $input;
268
		}
269 1487 DarkViper
		return stripslashes($input);
270 1365 Luisehahne
	}
271
272
	// Escape backslashes for use with mySQL LIKE strings
273
	function escape_backslashes($input) {
274
		return str_replace("\\","\\\\",$input);
275
	}
276
277
	function page_link($link){
278
		// Check for :// in the link (used in URL's) as well as mailto:
279 1373 Luisehahne
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
280 1365 Luisehahne
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
281
		} else {
282
			return $link;
283
		}
284
	}
285 1698 Luisehahne
286 1365 Luisehahne
	// Get POST data
287
	function get_post($field) {
288 1487 DarkViper
		return (isset($_POST[$field]) ? $_POST[$field] : null);
289 1365 Luisehahne
	}
290
291
	// Get POST data and escape it
292
	function get_post_escaped($field) {
293
		$result = $this->get_post($field);
294
		return (is_null($result)) ? null : $this->add_slashes($result);
295
	}
296 1698 Luisehahne
297 1365 Luisehahne
	// Get GET data
298
	function get_get($field) {
299 1487 DarkViper
		return (isset($_GET[$field]) ? $_GET[$field] : null);
300 1365 Luisehahne
	}
301
302
	// Get SESSION data
303
	function get_session($field) {
304 1487 DarkViper
		return (isset($_SESSION[$field]) ? $_SESSION[$field] : null);
305 1365 Luisehahne
	}
306
307
	// Get SERVER data
308
	function get_server($field) {
309 1487 DarkViper
		return (isset($_SERVER[$field]) ? $_SERVER[$field] : null);
310 1365 Luisehahne
	}
311
312
	// Get the current users id
313
	function get_user_id() {
314 1511 Luisehahne
		return $this->get_session('USER_ID');
315 1365 Luisehahne
	}
316
317 1373 Luisehahne
	// Get the current users group id
318 1365 Luisehahne
	function get_group_id() {
319 1511 Luisehahne
		return $this->get_session('GROUP_ID');
320 1365 Luisehahne
	}
321
322
	// Get the current users group ids
323
	function get_groups_id() {
324 1511 Luisehahne
		return explode(",", $this->get_session('GROUPS_ID'));
325 1365 Luisehahne
	}
326
327
	// Get the current users group name
328
	function get_group_name() {
329 1511 Luisehahne
		return implode(",", $this->get_session('GROUP_NAME'));
330 1365 Luisehahne
	}
331
332
	// Get the current users group name
333
	function get_groups_name() {
334 1511 Luisehahne
		return $this->get_session('GROUP_NAME');
335 1365 Luisehahne
	}
336
337
	// Get the current users username
338
	function get_username() {
339 1511 Luisehahne
		return $this->get_session('USERNAME');
340 1365 Luisehahne
	}
341
342
	// Get the current users display name
343
	function get_display_name() {
344 1511 Luisehahne
		return $this->get_session('DISPLAY_NAME');
345 1365 Luisehahne
	}
346
347
	// Get the current users email address
348
	function get_email() {
349 1511 Luisehahne
		return $this->get_session('EMAIL');
350 1365 Luisehahne
	}
351
352
	// Get the current users home folder
353
	function get_home_folder() {
354 1511 Luisehahne
		return $this->get_session('HOME_FOLDER');
355 1365 Luisehahne
	}
356
357
	// Get the current users timezone
358
	function get_timezone() {
359 1872 Luisehahne
360
		return (isset($_SESSION['USE_DEFAULT_TIMEZONE']) ? '-72000' : $this->get_session('TIMEZONE'));
361 1365 Luisehahne
	}
362
363 1373 Luisehahne
	// Validate supplied email address
364
	function validate_email($email) {
365
		if(function_exists('idn_to_ascii')){ /* use pear if available */
366
			$email = idn_to_ascii($email);
367
		}else {
368
			require_once(WB_PATH.'/include/idna_convert/idna_convert.class.php');
369
			$IDN = new idna_convert();
370
			$email = $IDN->encode($email);
371
			unset($IDN);
372 1372 Luisehahne
		}
373 1378 Luisehahne
		// regex from NorHei 2011-01-11
374
		$retval = preg_match("/^((([!#$%&'*+\\-\/\=?^_`{|}~\w])|([!#$%&'*+\\-\/\=?^_`{|}~\w][!#$%&'*+\\-\/\=?^_`{|}~\.\w]{0,}[!#$%&'*+\\-\/\=?^_`{|}~\w]))[@]\w+(([-.]|\-\-)\w+)*\.\w+(([-.]|\-\-)\w+)*)$/", $email);
375
		return ($retval != false);
376 1372 Luisehahne
	}
377
378 1698 Luisehahne
	/**
379
     * replace header('Location:...  with new method
380
	 * if header send failed you get a manuell redirected link, so script don't break
381 1777 Luisehahne
	 *
382 1698 Luisehahne
	 * @param string $location, redirected url
383
	 * @return void
384
	 */
385
	public function send_header ($location) {
386
		if(!headers_sent()) {
387
			header('Location: '.$location);
388
		    exit(0);
389
		} else {
390
//			$aDebugBacktrace = debug_backtrace();
391
//			array_walk( $aDebugBacktrace, create_function( '$a,$b', 'print "<br /><b>". basename( $a[\'file\'] ). "</b> &nbsp; <font color=\"red\">{$a[\'line\']}</font> &nbsp; <font color=\"green\">{$a[\'function\']} ()</font> &nbsp; -- ". dirname( $a[\'file\'] ). "/";' ) );
392
		    $msg =  "<div style=\"text-align:center;\"><h2>An error has occurred</h2><p>The <strong>Redirect</strong> could not be start automatically.\n" .
393
		         "Please click <a style=\"font-weight:bold;\" " .
394
		         "href=\"".$location."\">on this link</a> to continue!</p></div>\n";
395
396
			throw new AppException($msg);
397
		}
398
	}
399
400 1372 Luisehahne
/* ****************
401 1365 Luisehahne
 * set one or more bit in a integer value
402
 *
403
 * @access public
404
 * @param int $value: reference to the integer, containing the value
405
 * @param int $bits2set: the bitmask witch shall be added to value
406
 * @return void
407
 */
408
	function bit_set( &$value, $bits2set )
409
	{
410
		$value |= $bits2set;
411
	}
412
413
/* ****************
414
 * reset one or more bit from a integer value
415
 *
416
 * @access public
417
 * @param int $value: reference to the integer, containing the value
418
 * @param int $bits2reset: the bitmask witch shall be removed from value
419
 * @return void
420
 */
421
	function bit_reset( &$value, $bits2reset)
422
	{
423
		$value &= ~$bits2reset;
424
	}
425
426
/* ****************
427
 * check if one or more bit in a integer value are set
428
 *
429
 * @access public
430
 * @param int $value: reference to the integer, containing the value
431
 * @param int $bits2set: the bitmask witch shall be added to value
432
 * @return void
433
 */
434
	function bit_isset( $value, $bits2test )
435
	{
436
		return (($value & $bits2test) == $bits2test);
437
	}
438
439
	// Print a success message which then automatically redirects the user to another page
440 1373 Luisehahne
	function print_success( $message, $redirect = 'index.php' ) {
441 1904 darkviper
		$oTrans = Translate::getInstance();
442
		$oTrans->disableAddon();
443 1443 Luisehahne
        if(is_array($message)) {
444
           $message = implode ('<br />',$message);
445
        }
446 1373 Luisehahne
	    // fetch redirect timer for sucess messages from settings table
447 1397 Luisehahne
	    $redirect_timer = ((defined( 'REDIRECT_TIMER' )) && (REDIRECT_TIMER <= 10000)) ? REDIRECT_TIMER : 0;
448 1365 Luisehahne
	    // add template variables
449 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
450 1625 Luisehahne
		$tpl = new Template(dirname($this->correct_theme_source('success.htt')));
451 1365 Luisehahne
	    $tpl->set_file( 'page', 'success.htt' );
452
	    $tpl->set_block( 'page', 'main_block', 'main' );
453 1373 Luisehahne
	    $tpl->set_block( 'main_block', 'show_redirect_block', 'show_redirect' );
454
	    $tpl->set_var( 'MESSAGE', $message );
455
	    $tpl->set_var( 'REDIRECT', $redirect );
456
	    $tpl->set_var( 'REDIRECT_TIMER', $redirect_timer );
457 1904 darkviper
	    $tpl->set_var( 'NEXT', $oTrans->TEXT_NEXT);
458
	    $tpl->set_var( 'BACK', $oTrans->TEXT_BACK);
459 1397 Luisehahne
	    if ($redirect_timer == -1) {
460 1365 Luisehahne
	        $tpl->set_block( 'show_redirect', '' );
461 1373 Luisehahne
	    }
462
	    else {
463 1365 Luisehahne
	        $tpl->parse( 'show_redirect', 'show_redirect_block', true );
464
	    }
465
	    $tpl->parse( 'main', 'main_block', false );
466
	    $tpl->pparse( 'output', 'page' );
467
	}
468
469
	// Print an error message
470 1373 Luisehahne
	function print_error($message, $link = 'index.php', $auto_footer = true) {
471 1904 darkviper
		$oTrans = Translate::getInstance();
472
		$oTrans->disableAddon();
473 1443 Luisehahne
        if(is_array($message)) {
474
           $message = implode ('<br />',$message);
475
        }
476 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
477 1625 Luisehahne
		$success_template = new Template(dirname($this->correct_theme_source('error.htt')));
478 1365 Luisehahne
		$success_template->set_file('page', 'error.htt');
479
		$success_template->set_block('page', 'main_block', 'main');
480
		$success_template->set_var('MESSAGE', $message);
481
		$success_template->set_var('LINK', $link);
482 1904 darkviper
		$success_template->set_var('BACK', $oTrans->TEXT_BACK);
483 1365 Luisehahne
		$success_template->parse('main', 'main_block', false);
484
		$success_template->pparse('output', 'page');
485
		if ( $auto_footer == true ) {
486
			if ( method_exists($this, "print_footer") ) {
487
				$this->print_footer();
488
			}
489
		}
490
		exit();
491
	}
492 1684 Luisehahne
/*
493
 * @param string $message: the message to format
494
 * @param string $status:  ('ok' / 'error' / '') status defines the apereance of the box
495
 * @return string: the html-formatted message (using template 'message.htt')
496
 */
497
	public function format_message($message, $status = 'ok')
498
	{
499
		$id = uniqid('x');
500
		$tpl = new Template(dirname($this->correct_theme_source('message.htt')));
501
		$tpl->set_file('page', 'message.htt');
502
		$tpl->set_block('page', 'main_block', 'main');
503
		$tpl->set_var('MESSAGE', $message);
504
 	    $tpl->set_var( 'THEME_URL', THEME_URL );
505
		$tpl->set_var( 'ID', $id );
506
		if($status == 'ok' || $status == 'error' || $status = 'warning')
507
		{
508
			$tpl->set_var('BOX_STATUS', ' box-'.$status);
509
		}else
510
		{
511
			$tpl->set_var('BOX_STATUS', '');
512
		}
513
		$tpl->set_var('STATUS', $status);
514
		if(!defined('REDIRECT_TIMER') ) { define('REDIRECT_TIMER', -1); }
515
		$retval = '';
516
		if( $status != 'error' )
517
		{
518
			switch(REDIRECT_TIMER):
519
				case 0: // do not show message
520
					unset($tpl);
521
					break;
522
				case -1: // show message permanently
523
					$tpl->parse('main', 'main_block', false);
524
					$retval = $tpl->finish($tpl->parse('output', 'page', false));
525
					unset($tpl);
526
					break;
527
				default: // hide message after REDIRECTOR_TIMER milliseconds
528
					$retval = '<script type="text/javascript">/* <![CDATA[ */ function '.$id.'_hide() {'.
529
							  'document.getElementById(\''.$id.'\').style.display = \'none\';}'.
530
							  'window.setTimeout(\''.$id.'_hide()\', '.REDIRECT_TIMER.');/* ]]> */ </script>';
531
					$tpl->parse('main', 'main_block', false);
532
					$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
533
					unset($tpl);
534
			endswitch;
535
		}else
536
		{
537
			$tpl->parse('main', 'main_block', false);
538
			$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
539
			unset($tpl);
540
		}
541
		return $retval;
542
	}
543 1782 Luisehahne
/*
544
 * @param string $type: 'locked'(default)  or 'new'
545
 * @return void: terminates application
546
 * @description: 'locked' >> Show maintenance screen and terminate, if system is locked
547
 *               'new' >> Show 'new site under construction'(former print_under_construction)
548
 */
549
	public function ShowMaintainScreen($type = 'locked')
550
	{
551
		global $database, $MESSAGE;
552
		$LANGUAGE   = strtolower((isset($_SESSION['LANGUAGE']) ? $_SESSION['LANGUAGE'] : LANGUAGE ));
553 2001 Luisehahne
		$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'];
554
		$PAGE_ICON  = 'negative';
555 1782 Luisehahne
		$show_screen = false;
556
		if($type == 'locked')
557
		{
558
			$curr_user = (intval(isset($_SESSION['USER_ID']) ? $_SESSION['USER_ID'] : 0) ) ;
559
			if( (defined('SYSTEM_LOCKED') && (int)SYSTEM_LOCKED == 1) && ($curr_user != 1))
560
			{
561
				header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
562
	// first kick logged users out of the system
563
		// delete all remember keys from table 'user' except user_id=1
564
				$sql  = 'UPDATE `'.TABLE_PREFIX.'users` SET `remember_key`=\'\' ';
565
				$sql .= 'WHERE `user_id`<>1';
566
				$database->query($sql);
567
		// delete remember key-cookie if set
568
				if (isset($_COOKIE['REMEMBER_KEY'])) {
569
					setcookie('REMEMBER_KEY', '', time() - 3600, '/');
570
				}
571
		// overwrite session array
572
				$_SESSION = array();
573
		// delete session cookie if set
574
				if (ini_get("session.use_cookies")) {
575
					$params = session_get_cookie_params();
576
					setcookie(session_name(), '', time() - 42000, $params["path"],
577
						$params["domain"], $params["secure"], $params["httponly"]
578
					);
579
				}
580
		// delete the session itself
581
				session_destroy();
582
				$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_LOCKED'];
583
				$PAGE_ICON  = 'system';
584
				$show_screen = true;
585
			}
586
		} else {
587
			header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
588
			$show_screen = true;
589
		}
590
		if($show_screen)
591
		{
592 1808 Luisehahne
            $sMaintanceFile = $this->correct_theme_source('maintenance.htt');
593 1782 Luisehahne
    		if(file_exists($sMaintanceFile))
594
    		{
595
                $tpl = new Template(dirname( $sMaintanceFile ));
596 1808 Luisehahne
    		    $tpl->set_file( 'page', 'maintenance.htt' );
597 1782 Luisehahne
    		    $tpl->set_block( 'page', 'main_block', 'main' );
598
599
    			if(defined('DEFAULT_CHARSET'))
600
    			{
601
    				$charset=DEFAULT_CHARSET;
602
    			} else {
603
    				$charset='utf-8';
604
    			}
605 2001 Luisehahne
    		    $tpl->set_var( 'PAGE_TITLE', $PAGE_TITLE );
606 1782 Luisehahne
    	 	    $tpl->set_var( 'CHECK_BACK', $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'] );
607
    	 	    $tpl->set_var( 'CHARSET', $charset );
608
    	 	    $tpl->set_var( 'WB_URL', WB_URL );
609 2001 Luisehahne
    	 	    $tpl->set_var( 'BE_PATIENT', $MESSAGE['GENERIC_BE_PATIENT'] );
610 1782 Luisehahne
    	 	    $tpl->set_var( 'THEME_URL', THEME_URL );
611
    			$tpl->set_var( 'PAGE_ICON', $PAGE_ICON);
612 2001 Luisehahne
    			$tpl->set_var( 'LANGUAGE', $LANGUAGE);
613 1782 Luisehahne
    		    $tpl->parse( 'main', 'main_block', false );
614
    		    $tpl->pparse( 'output', 'page' );
615
                exit();
616
    		} else {
617
    		 require_once(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php');
618
    		echo '<!DOCTYPE html PUBLIC "-W3CDTD XHTML 1.0 TransitionalEN" "http:www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
619
    		<head><title>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</title>
620
    		<style type="text/css"><!-- body{ font-family: Verdana, Arial, Helvetica, sans-serif;font-size: 12px; background-image: url("'.WB_URL.'/templates/'.DEFAULT_THEME.'/images/background.png");background-repeat: repeat-x; background-color: #A8BCCB; text-align: center; }
621
    		h1 { margin: 0; padding: 0; font-size: 18px; color: #000; text-transform: uppercase;}--></style></head><body>
622
    		<br /><h1>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</h1><br />
623
    		'.$MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'].'</body></html>';
624
    		}
625
    		flush();
626
            exit();
627
		}
628
	}
629
630 1365 Luisehahne
	// Validate send email
631 1650 darkviper
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='', $replyTo='') {
632 1698 Luisehahne
/*
633 1487 DarkViper
	INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
634
	SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
635
	NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
636 1365 Luisehahne
637 1487 DarkViper
	NOTE:
638
	To use SMTP for sending out mails, you have to specify the SMTP host of your domain
639
	via the Settings panel in the backend of Website Baker
640 1698 Luisehahne
*/
641 1365 Luisehahne
642
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
643
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
644
		$subject = preg_replace('/[\r\n]/', '', $subject);
645 1650 darkviper
		$replyTo = preg_replace('/[\r\n]/', '', $replyTo);
646 1463 Luisehahne
		// $message_alt = $message;
647
		// $message = preg_replace('/[\r\n]/', '<br \>', $message);
648
649 1365 Luisehahne
		// create PHPMailer object and define default settings
650 2058 darkviper
		$myMail = new WbMailer();
651 1365 Luisehahne
		// set user defined from address
652
		if ($fromaddress!='') {
653 1487 DarkViper
			if($fromname!='') $myMail->FromName = $fromname;  // FROM-NAME
654
			$myMail->From = $fromaddress;                     // FROM:
655 1650 darkviper
//			$myMail->AddReplyTo($fromaddress);                // REPLY TO:
656
		}
657
		if($replyTo) {
658 1655 Luisehahne
			$myMail->AddReplyTo($replyTo);                // REPLY TO:
659 1365 Luisehahne
		}
660
		// define recepient and information to send out
661 1487 DarkViper
		$myMail->AddAddress($toaddress);                      // TO:
662
		$myMail->Subject = $subject;                          // SUBJECT
663
		$myMail->Body = nl2br($message);                      // CONTENT (HTML)
664
		$myMail->AltBody = strip_tags($message);              // CONTENT (TEXT)
665 1365 Luisehahne
		// check if there are any send mail errors, otherwise say successful
666
		if (!$myMail->Send()) {
667
			return false;
668
		} else {
669
			return true;
670
		}
671
	}
672
673 1904 darkviper
/**
674
 * checks if there is an alternative Theme template
675
 *
676
 * @param string $sThemeFile set the template.htt
677
 * @return string the relative theme path
678
 *
679
 */
680 1625 Luisehahne
        function correct_theme_source($sThemeFile = 'start.htt') {
681
		$sRetval = $sThemeFile;
682
		if (file_exists(THEME_PATH.'/templates/'.$sThemeFile )) {
683
			$sRetval = THEME_PATH.'/templates/'.$sThemeFile;
684
		} else {
685 1641 Luisehahne
			if (file_exists(ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile ) ) {
686
			$sRetval = ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile;
687 1625 Luisehahne
			} else {
688
				throw new InvalidArgumentException('missing template file '.$sThemeFile);
689
			}
690
		}
691
		return $sRetval;
692
        }
693 1529 Luisehahne
694 1904 darkviper
/**
695
 * Check if a foldername doesn't have invalid characters
696
 *
697
 * @param String $str to check
698
 * @return Bool
699
 */
700 1529 Luisehahne
	function checkFolderName($str){
701
		return !( preg_match('#\^|\\\|\/|\.|\?|\*|"|\'|\<|\>|\:|\|#i', $str) ? TRUE : FALSE );
702
	}
703
704 1904 darkviper
/**
705
 * Check the given path to make sure current path is within given basedir
706
 * normally document root
707
 *
708
 * @param String $sCurrentPath
709
 * @param String $sBaseDir
710
 * @return $sCurrentPath or FALSE
711
 */
712 1529 Luisehahne
	function checkpath($sCurrentPath, $sBaseDir = WB_PATH){
713
		// Clean the cuurent path
714
        $sCurrentPath = rawurldecode($sCurrentPath);
715
        $sCurrentPath = realpath($sCurrentPath);
716
        $sBaseDir = realpath($sBaseDir);
717
		// $sBaseDir needs to exist in the $sCurrentPath
718
		$pos = stripos ($sCurrentPath, $sBaseDir );
719
720
		if ( $pos === FALSE ){
721
			return false;
722
		} elseif( $pos == 0 ) {
723
			return $sCurrentPath;
724
		} else {
725
			return false;
726
		}
727
	}
728
729 1904 darkviper
/**
730
 * remove <?php code ?>, [[text]], link, script, scriptblock and styleblock from a given string
731
 * and return the cleaned string
732
 *
733
 * @param string $sValue
734
 * @returns
735
 *    false: if @param is not a string
736
 *    string: cleaned string
737
 */
738 1808 Luisehahne
	public function StripCodeFromText($sValue, $bPHPCode=false){
739 1777 Luisehahne
        if(!is_string($sValue)) { return false; }
740 1808 Luisehahne
        $sValue = ( ($bPHPCode==true) ? preg_replace ('/\[\[.*?\]\]\s*?|<\?php\s+.*\?>\s*?/isU', '', $sValue ) : $sValue );
741 1777 Luisehahne
        $sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU';
742
        return (preg_replace ($sPattern, '', $sValue));
743
	}
744
745 1904 darkviper
/**
746
 * ReplaceAbsoluteMediaUrl
747
 * @param string $sContent
748
 * @return string
749
 * @description Replace URLs witch are pointing into MEDIA_DIRECTORY with an URL
750
 *              independend placeholder
751
 */
752
	public function ReplaceAbsoluteMediaUrl($sContent){
753 2058 darkviper
        $oReg = WbAdaptor::getInstance();
754 1904 darkviper
		if(ini_get('magic_quotes_gpc')==true){
755
			$sContent = $this->strip_slashes($sContent);
756
		}
757
		if(is_string($sContent)) {
758 2058 darkviper
			$aSearchfor = array('@(<[^>]*=\s*")('.preg_quote($oReg->AppUrl.$oReg->MediaDir).')([^">]*".*>)@siU',
759
			                    '@(<[^>]*=\s*")('.preg_quote($oReg->AppUrl).')([^">]*".*>)@siU');
760
			$aReplacements = array('$1{SYSVAR:AppUrl.MediaDir}$3',
761
			                       '$1{SYSVAR:AppUrl}$3');
762 2007 darkviper
			$sContent = preg_replace($aSearchfor, $aReplacements, $sContent );
763 1904 darkviper
		}
764
		return $sContent;
765
	}
766 1777 Luisehahne
767 1904 darkviper
768
769 1365 Luisehahne
}