Project

General

Profile

1 1365 Luisehahne
<?php
2
/**
3
 *
4 1529 Luisehahne
 * @category        framework
5 1698 Luisehahne
 * @package         frontend
6 1923 darkviper
 * @copyright       WebsiteBaker Org. e.V.
7
 * @author          Ryan Djurovich (2004-2009)
8
 * @author          Dietmar Wöllbrink (luisehahne)
9
 * @author          M.v.d.Decken (DarkViper)
10 1907 Luisehahne
 * @link            http://www.websitebaker.org/
11 1365 Luisehahne
 * @license         http://www.gnu.org/licenses/gpl.html
12
 * @platform        WebsiteBaker 2.8.x
13 1374 Luisehahne
 * @requirements    PHP 5.2.2 and higher
14 1365 Luisehahne
 * @version         $Id$
15 1907 Luisehahne
 * @filesource      $HeadURL$
16 1457 Luisehahne
 * @lastmodified    $Date$
17 1365 Luisehahne
 *
18
 */
19 1496 DarkViper
/* -------------------------------------------------------- */
20
// Must include code to stop this file being accessed directly
21 1499 DarkViper
if(!defined('WB_PATH')) {
22
	require_once(dirname(__FILE__).'/globalExceptionHandler.php');
23
	throw new IllegalFileException();
24
}
25 1496 DarkViper
/* -------------------------------------------------------- */
26 1365 Luisehahne
// Include PHPLIB template class
27 1808 Luisehahne
if(!class_exists('Template', false)){ include(WB_PATH.'/include/phplib/template.inc'); }
28 1365 Luisehahne
29
class wb extends SecureForm
30
{
31 1983 Luisehahne
/** @var object instance of the database object */
32
	protected $_oDb      = null;
33
/** @var object instance holds several values from the application global scope */
34
	protected $_oReg     = null;
35
/** @var object instance holds all of the translations */
36
	protected $_oTrans   = null;
37 1365 Luisehahne
38 1457 Luisehahne
 	public $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+\@\$\&\:';	// General initialization function
39 1782 Luisehahne
40 1365 Luisehahne
	// performed when frontend or backend is loaded.
41 1394 Luisehahne
	public function  __construct($mode = SecureForm::FRONTEND) {
42
		parent::__construct($mode);
43 1983 Luisehahne
44
		$this->_oDb    = WbDatabase::getInstance();
45
		$this->_oReg   = WbAdaptor::getInstance();
46
		$this->_oTrans = Translate::getInstance();
47 1365 Luisehahne
	}
48
49 1791 Luisehahne
/**
50
 *
51
 *
52 1983 Luisehahne
 * @return object instance of the database object of all visible languages with defined fields
53
 *
54
 */
55
	public function getAvailableLanguagesObjectInstance( ) {
56
57
			$sql = 'SELECT `directory`,`name` '
58
			     . 'FROM `'.$this->_oDb->TablePrefix.'addons` '
59
		         . 'WHERE `type` = \'language\' '
60
		         . 'ORDER BY `directory`';
61
        return ($this->_oDb->query($sql));
62
	}
63
64
65
/**
66
 *
67
 *
68
 * @return array of all visible languages with defined fields
69
 *
70
 */
71
	public function getAvailableLanguages( ) {
72
        $aRetval = array();
73
        if($oRes = $this->getAvailableLanguagesObjectInstance())
74
        {
75
            while($aRow = $oRes->fetchRow(MYSQL_ASSOC))
76
            {
77
                $aRetval[$aRow['directory']] = $aRow['name'];
78
            }
79
        }
80
81
        return ( $aRetval);
82
	}
83
84
/**
85
 *
86
 *
87 1791 Luisehahne
 * @return array of first visible language pages with defined fields
88
 *
89
 */
90 1983 Luisehahne
	public function getLanguagesDetailsInUsed ( ) {
91
//        global $database;
92 1796 Luisehahne
        $aRetval = array();
93 1983 Luisehahne
		$sql = 'SELECT DISTINCT `language`, `page_id`, `level`, `parent`, `root_parent`, '
94
			 .                 '`page_code`, `link`, `language`, `visibility`, '
95
			 .                 '`viewing_groups`,`viewing_users`,`position` '
96
			 . 'FROM `'.$this->_oDb->TablePrefix.'pages` '
97
			 . 'WHERE `level`= \'0\' '
98
			 .       'AND `root_parent`=`page_id` '
99
			 .       'AND `visibility`!=\'none\' '
100
			 .       'AND `visibility`!=\'hidden\' '
101
			 . 'GROUP BY `language` '
102
			 . 'ORDER BY `position`';
103
        if($oRes = $this->_oDb->query($sql))
104
        {
105
            while($aRow = $oRes->fetchRow(MYSQL_ASSOC))
106 1791 Luisehahne
            {
107 1983 Luisehahne
                if(!$this->page_is_visible($aRow)) {continue;}
108
                $aRetval[$aRow['language']] = $aRow;
109 1791 Luisehahne
            }
110 1983 Luisehahne
        }
111 1796 Luisehahne
        return $aRetval;
112 1782 Luisehahne
	}
113
114 1983 Luisehahne
115
116
117 1791 Luisehahne
/**
118
 *
119
 *
120
 * @return comma separate list of first visible languages
121
 *
122
 */
123 1983 Luisehahne
	public function getLanguagesInUsed ( ) {
124
        $aRetval = array_keys($this->getLanguagesDetailsInUsed()) ;
125
        if(sizeof($aRetval)==0) { return null; }
126
        return implode(',', $aRetval);
127 1796 Luisehahne
  	}
128 1782 Luisehahne
129
130 1834 Luisehahne
    /**
131
     * Created parse_url utf-8 compatible function
132
     *
133
     * @param string $url The string to decode
134
     * @return array Associative array containing the different components
135
     *
136
     */
137 1889 Luisehahne
		public function mb_parse_url($url) {
138
		$encodedUrl = preg_replace_callback('%[^:/?#&=\.]+%usD',
139
		              create_function('$aMatches', ';return urlencode($aMatches[0]);'),
140
/*		                           'urlencode(\'$0\')', */
141
		                           $url);
142
		$components = parse_url($encodedUrl);
143
		foreach ($components as &$component)
144
			$component = urldecode($component);
145
return $components;
146 1834 Luisehahne
    }
147
148 1373 Luisehahne
/* ****************
149 1440 Luisehahne
 * check if one or more group_ids are in both group_lists
150
 *
151
 * @access public
152
 * @param mixed $groups_list1: an array or a coma seperated list of group-ids
153
 * @param mixed $groups_list2: an array or a coma seperated list of group-ids
154
 * @param array &$matches: an array-var whitch will return possible matches
155
 * @return bool: true there is a match, otherwise false
156
 */
157 1698 Luisehahne
	public function is_group_match( $groups_list1 = '', $groups_list2 = '', &$matches = null )
158 1440 Luisehahne
	{
159
		if( $groups_list1 == '' ) { return false; }
160
		if( $groups_list2 == '' ) { return false; }
161 1889 Luisehahne
		if( !is_array($groups_list1) ) {
162 1440 Luisehahne
			$groups_list1 = explode(',', $groups_list1);
163
		}
164 1889 Luisehahne
		if( !is_array($groups_list2) ) {
165 1440 Luisehahne
			$groups_list2 = explode(',', $groups_list2);
166
		}
167
		$matches = array_intersect( $groups_list1, $groups_list2);
168
		return ( sizeof($matches) != 0 );
169
	}
170
/* ****************
171 1373 Luisehahne
 * check if current user is member of at least one of given groups
172
 * ADMIN (uid=1) always is treated like a member of any groups
173
 *
174
 * @access public
175
 * @param mixed $groups_list: an array or a coma seperated list of group-ids
176
 * @return bool: true if current user is member of one of this groups, otherwise false
177
 */
178 1698 Luisehahne
	public function ami_group_member( $groups_list = '' )
179 1373 Luisehahne
	{
180
		if( $this->get_user_id() == 1 ) { return true; }
181
		return $this->is_group_match( $groups_list, $this->get_groups_id() );
182
	}
183
184 1791 Luisehahne
// Check whether a page is visible or not.
185
// This will check page-visibility and user- and group-rights.
186
/* page_is_visible() returns
187
	false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
188
	true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
189
*/
190 1698 Luisehahne
	public function page_is_visible($page)
191 1365 Luisehahne
    {
192 1698 Luisehahne
		// First check if visibility is 'none', 'deleted'
193 1373 Luisehahne
		$show_it = false; // shall we show the page?
194 1698 Luisehahne
		switch( $page['visibility'] )
195
		{
196
			case 'none':
197
			case 'deleted':
198
				$show_it = false;
199
				break;
200
			case 'hidden':
201
			case 'public':
202
				$show_it = true;
203
				break;
204
			case 'private':
205
			case 'registered':
206
				if($this->is_authenticated() == true)
207
				{
208
					$show_it = ( $this->is_group_match($this->get_groups_id(), $page['viewing_groups']) ||
209
								 $this->is_group_match($this->get_user_id(), $page['viewing_users']) );
210
				}
211 1373 Luisehahne
		}
212
213 1365 Luisehahne
		return($show_it);
214
	}
215 1698 Luisehahne
216 1365 Luisehahne
	// Check if there is at least one active section on this page
217 1698 Luisehahne
	public function page_is_active($page)
218 1365 Luisehahne
    {
219
		global $database;
220
		$now = time();
221 1698 Luisehahne
		$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'sections` ';
222
		$sql .= 'WHERE ('.$now.' BETWEEN `publ_start` AND `publ_end`) OR ';
223
		$sql .=       '('.$now.' > `publ_start` AND `publ_end`=0) ';
224
		$sql .=       'AND `page_id`='.(int)$page['page_id'];
225
		return ($database->get_one($sql) != false);
226
   	}
227 1365 Luisehahne
228
	// Check whether we should show a page or not (for front-end)
229 1698 Luisehahne
	public function show_page($page)
230 1365 Luisehahne
    {
231 1698 Luisehahne
		if( !is_array($page) )
232
		{
233
			$sql  = 'SELECT `page_id`, `visibility`, `viewing_groups`, `viewing_users` ';
234
			$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page;
235
			if( ($res_pages = $database->query($sql))!= null )
236
			{
237
				if( !($page = $res_pages->fetchRow()) ) { return false; }
238
			}
239
		}
240
		return ($this->page_is_visible($page) && $this->page_is_active($page));
241 1365 Luisehahne
	}
242
243
	// Check if the user is already authenticated or not
244 1698 Luisehahne
	public function is_authenticated() {
245 1487 DarkViper
		$retval = ( isset($_SESSION['USER_ID']) AND
246
		            $_SESSION['USER_ID'] != "" AND
247
		            is_numeric($_SESSION['USER_ID']));
248
        return $retval;
249 1365 Luisehahne
	}
250
251
	// Modified addslashes function which takes into account magic_quotes
252
	function add_slashes($input) {
253 1487 DarkViper
		if( get_magic_quotes_gpc() || (!is_string($input)) ) {
254 1365 Luisehahne
			return $input;
255
		}
256 1487 DarkViper
		return addslashes($input);
257 1365 Luisehahne
	}
258
259
	// Ditto for stripslashes
260
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
261
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
262
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
263
	function strip_slashes($input) {
264
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
265
			return $input;
266
		}
267 1487 DarkViper
		return stripslashes($input);
268 1365 Luisehahne
	}
269
270
	// Escape backslashes for use with mySQL LIKE strings
271
	function escape_backslashes($input) {
272
		return str_replace("\\","\\\\",$input);
273
	}
274
275
	function page_link($link){
276
		// Check for :// in the link (used in URL's) as well as mailto:
277 1373 Luisehahne
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
278 1365 Luisehahne
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
279
		} else {
280
			return $link;
281
		}
282
	}
283 1698 Luisehahne
284 1365 Luisehahne
	// Get POST data
285
	function get_post($field) {
286 1487 DarkViper
		return (isset($_POST[$field]) ? $_POST[$field] : null);
287 1365 Luisehahne
	}
288
289
	// Get POST data and escape it
290
	function get_post_escaped($field) {
291
		$result = $this->get_post($field);
292
		return (is_null($result)) ? null : $this->add_slashes($result);
293
	}
294 1698 Luisehahne
295 1365 Luisehahne
	// Get GET data
296
	function get_get($field) {
297 1487 DarkViper
		return (isset($_GET[$field]) ? $_GET[$field] : null);
298 1365 Luisehahne
	}
299
300
	// Get SESSION data
301
	function get_session($field) {
302 1487 DarkViper
		return (isset($_SESSION[$field]) ? $_SESSION[$field] : null);
303 1365 Luisehahne
	}
304
305
	// Get SERVER data
306
	function get_server($field) {
307 1487 DarkViper
		return (isset($_SERVER[$field]) ? $_SERVER[$field] : null);
308 1365 Luisehahne
	}
309
310
	// Get the current users id
311
	function get_user_id() {
312 1511 Luisehahne
		return $this->get_session('USER_ID');
313 1365 Luisehahne
	}
314
315 1373 Luisehahne
	// Get the current users group id
316 1365 Luisehahne
	function get_group_id() {
317 1511 Luisehahne
		return $this->get_session('GROUP_ID');
318 1365 Luisehahne
	}
319
320
	// Get the current users group ids
321
	function get_groups_id() {
322 1511 Luisehahne
		return explode(",", $this->get_session('GROUPS_ID'));
323 1365 Luisehahne
	}
324
325
	// Get the current users group name
326
	function get_group_name() {
327 1511 Luisehahne
		return implode(",", $this->get_session('GROUP_NAME'));
328 1365 Luisehahne
	}
329
330
	// Get the current users group name
331
	function get_groups_name() {
332 1511 Luisehahne
		return $this->get_session('GROUP_NAME');
333 1365 Luisehahne
	}
334
335
	// Get the current users username
336
	function get_username() {
337 1511 Luisehahne
		return $this->get_session('USERNAME');
338 1365 Luisehahne
	}
339
340
	// Get the current users display name
341
	function get_display_name() {
342 1511 Luisehahne
		return $this->get_session('DISPLAY_NAME');
343 1365 Luisehahne
	}
344
345
	// Get the current users email address
346
	function get_email() {
347 1511 Luisehahne
		return $this->get_session('EMAIL');
348 1365 Luisehahne
	}
349
350
	// Get the current users home folder
351
	function get_home_folder() {
352 1511 Luisehahne
		return $this->get_session('HOME_FOLDER');
353 1365 Luisehahne
	}
354
355
	// Get the current users timezone
356
	function get_timezone() {
357 1872 Luisehahne
358
		return (isset($_SESSION['USE_DEFAULT_TIMEZONE']) ? '-72000' : $this->get_session('TIMEZONE'));
359 1365 Luisehahne
	}
360
361 1373 Luisehahne
	// Validate supplied email address
362
	function validate_email($email) {
363
		if(function_exists('idn_to_ascii')){ /* use pear if available */
364
			$email = idn_to_ascii($email);
365
		}else {
366
			require_once(WB_PATH.'/include/idna_convert/idna_convert.class.php');
367
			$IDN = new idna_convert();
368
			$email = $IDN->encode($email);
369
			unset($IDN);
370 1372 Luisehahne
		}
371 1378 Luisehahne
		// regex from NorHei 2011-01-11
372
		$retval = preg_match("/^((([!#$%&'*+\\-\/\=?^_`{|}~\w])|([!#$%&'*+\\-\/\=?^_`{|}~\w][!#$%&'*+\\-\/\=?^_`{|}~\.\w]{0,}[!#$%&'*+\\-\/\=?^_`{|}~\w]))[@]\w+(([-.]|\-\-)\w+)*\.\w+(([-.]|\-\-)\w+)*)$/", $email);
373
		return ($retval != false);
374 1372 Luisehahne
	}
375
376 1698 Luisehahne
	/**
377
     * replace header('Location:...  with new method
378
	 * if header send failed you get a manuell redirected link, so script don't break
379 1777 Luisehahne
	 *
380 1698 Luisehahne
	 * @param string $location, redirected url
381
	 * @return void
382
	 */
383
	public function send_header ($location) {
384
		if(!headers_sent()) {
385
			header('Location: '.$location);
386
		    exit(0);
387
		} else {
388
//			$aDebugBacktrace = debug_backtrace();
389
//			array_walk( $aDebugBacktrace, create_function( '$a,$b', 'print "<br /><b>". basename( $a[\'file\'] ). "</b> &nbsp; <font color=\"red\">{$a[\'line\']}</font> &nbsp; <font color=\"green\">{$a[\'function\']} ()</font> &nbsp; -- ". dirname( $a[\'file\'] ). "/";' ) );
390
		    $msg =  "<div style=\"text-align:center;\"><h2>An error has occurred</h2><p>The <strong>Redirect</strong> could not be start automatically.\n" .
391
		         "Please click <a style=\"font-weight:bold;\" " .
392
		         "href=\"".$location."\">on this link</a> to continue!</p></div>\n";
393
394
			throw new AppException($msg);
395
		}
396
	}
397
398 1372 Luisehahne
/* ****************
399 1365 Luisehahne
 * set one or more bit in a integer value
400
 *
401
 * @access public
402
 * @param int $value: reference to the integer, containing the value
403
 * @param int $bits2set: the bitmask witch shall be added to value
404
 * @return void
405
 */
406
	function bit_set( &$value, $bits2set )
407
	{
408
		$value |= $bits2set;
409
	}
410
411
/* ****************
412
 * reset one or more bit from a integer value
413
 *
414
 * @access public
415
 * @param int $value: reference to the integer, containing the value
416
 * @param int $bits2reset: the bitmask witch shall be removed from value
417
 * @return void
418
 */
419
	function bit_reset( &$value, $bits2reset)
420
	{
421
		$value &= ~$bits2reset;
422
	}
423
424
/* ****************
425
 * check if one or more bit in a integer value are set
426
 *
427
 * @access public
428
 * @param int $value: reference to the integer, containing the value
429
 * @param int $bits2set: the bitmask witch shall be added to value
430
 * @return void
431
 */
432
	function bit_isset( $value, $bits2test )
433
	{
434
		return (($value & $bits2test) == $bits2test);
435
	}
436
437
	// Print a success message which then automatically redirects the user to another page
438 1373 Luisehahne
	function print_success( $message, $redirect = 'index.php' ) {
439 1904 darkviper
		$oTrans = Translate::getInstance();
440
		$oTrans->disableAddon();
441 1443 Luisehahne
        if(is_array($message)) {
442
           $message = implode ('<br />',$message);
443
        }
444 1373 Luisehahne
	    // fetch redirect timer for sucess messages from settings table
445 1397 Luisehahne
	    $redirect_timer = ((defined( 'REDIRECT_TIMER' )) && (REDIRECT_TIMER <= 10000)) ? REDIRECT_TIMER : 0;
446 1365 Luisehahne
	    // add template variables
447 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
448 1625 Luisehahne
		$tpl = new Template(dirname($this->correct_theme_source('success.htt')));
449 1365 Luisehahne
	    $tpl->set_file( 'page', 'success.htt' );
450
	    $tpl->set_block( 'page', 'main_block', 'main' );
451 1373 Luisehahne
	    $tpl->set_block( 'main_block', 'show_redirect_block', 'show_redirect' );
452
	    $tpl->set_var( 'MESSAGE', $message );
453
	    $tpl->set_var( 'REDIRECT', $redirect );
454
	    $tpl->set_var( 'REDIRECT_TIMER', $redirect_timer );
455 1904 darkviper
	    $tpl->set_var( 'NEXT', $oTrans->TEXT_NEXT);
456
	    $tpl->set_var( 'BACK', $oTrans->TEXT_BACK);
457 1397 Luisehahne
	    if ($redirect_timer == -1) {
458 1365 Luisehahne
	        $tpl->set_block( 'show_redirect', '' );
459 1373 Luisehahne
	    }
460
	    else {
461 1365 Luisehahne
	        $tpl->parse( 'show_redirect', 'show_redirect_block', true );
462
	    }
463
	    $tpl->parse( 'main', 'main_block', false );
464
	    $tpl->pparse( 'output', 'page' );
465
	}
466
467
	// Print an error message
468 1373 Luisehahne
	function print_error($message, $link = 'index.php', $auto_footer = true) {
469 1904 darkviper
		$oTrans = Translate::getInstance();
470
		$oTrans->disableAddon();
471 1443 Luisehahne
        if(is_array($message)) {
472
           $message = implode ('<br />',$message);
473
        }
474 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
475 1625 Luisehahne
		$success_template = new Template(dirname($this->correct_theme_source('error.htt')));
476 1365 Luisehahne
		$success_template->set_file('page', 'error.htt');
477
		$success_template->set_block('page', 'main_block', 'main');
478
		$success_template->set_var('MESSAGE', $message);
479
		$success_template->set_var('LINK', $link);
480 1904 darkviper
		$success_template->set_var('BACK', $oTrans->TEXT_BACK);
481 1365 Luisehahne
		$success_template->parse('main', 'main_block', false);
482
		$success_template->pparse('output', 'page');
483
		if ( $auto_footer == true ) {
484
			if ( method_exists($this, "print_footer") ) {
485
				$this->print_footer();
486
			}
487
		}
488
		exit();
489
	}
490 1684 Luisehahne
/*
491
 * @param string $message: the message to format
492
 * @param string $status:  ('ok' / 'error' / '') status defines the apereance of the box
493
 * @return string: the html-formatted message (using template 'message.htt')
494
 */
495
	public function format_message($message, $status = 'ok')
496
	{
497
		$id = uniqid('x');
498
		$tpl = new Template(dirname($this->correct_theme_source('message.htt')));
499
		$tpl->set_file('page', 'message.htt');
500
		$tpl->set_block('page', 'main_block', 'main');
501
		$tpl->set_var('MESSAGE', $message);
502
 	    $tpl->set_var( 'THEME_URL', THEME_URL );
503
		$tpl->set_var( 'ID', $id );
504
		if($status == 'ok' || $status == 'error' || $status = 'warning')
505
		{
506
			$tpl->set_var('BOX_STATUS', ' box-'.$status);
507
		}else
508
		{
509
			$tpl->set_var('BOX_STATUS', '');
510
		}
511
		$tpl->set_var('STATUS', $status);
512
		if(!defined('REDIRECT_TIMER') ) { define('REDIRECT_TIMER', -1); }
513
		$retval = '';
514
		if( $status != 'error' )
515
		{
516
			switch(REDIRECT_TIMER):
517
				case 0: // do not show message
518
					unset($tpl);
519
					break;
520
				case -1: // show message permanently
521
					$tpl->parse('main', 'main_block', false);
522
					$retval = $tpl->finish($tpl->parse('output', 'page', false));
523
					unset($tpl);
524
					break;
525
				default: // hide message after REDIRECTOR_TIMER milliseconds
526
					$retval = '<script type="text/javascript">/* <![CDATA[ */ function '.$id.'_hide() {'.
527
							  'document.getElementById(\''.$id.'\').style.display = \'none\';}'.
528
							  'window.setTimeout(\''.$id.'_hide()\', '.REDIRECT_TIMER.');/* ]]> */ </script>';
529
					$tpl->parse('main', 'main_block', false);
530
					$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
531
					unset($tpl);
532
			endswitch;
533
		}else
534
		{
535
			$tpl->parse('main', 'main_block', false);
536
			$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
537
			unset($tpl);
538
		}
539
		return $retval;
540
	}
541 1782 Luisehahne
/*
542
 * @param string $type: 'locked'(default)  or 'new'
543
 * @return void: terminates application
544
 * @description: 'locked' >> Show maintenance screen and terminate, if system is locked
545
 *               'new' >> Show 'new site under construction'(former print_under_construction)
546
 */
547
	public function ShowMaintainScreen($type = 'locked')
548
	{
549
		global $database, $MESSAGE;
550
		$LANGUAGE   = strtolower((isset($_SESSION['LANGUAGE']) ? $_SESSION['LANGUAGE'] : LANGUAGE ));
551 2001 Luisehahne
		$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'];
552
		$PAGE_ICON  = 'negative';
553 1782 Luisehahne
		$show_screen = false;
554
		if($type == 'locked')
555
		{
556
			$curr_user = (intval(isset($_SESSION['USER_ID']) ? $_SESSION['USER_ID'] : 0) ) ;
557
			if( (defined('SYSTEM_LOCKED') && (int)SYSTEM_LOCKED == 1) && ($curr_user != 1))
558
			{
559
				header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
560
	// first kick logged users out of the system
561
		// delete all remember keys from table 'user' except user_id=1
562
				$sql  = 'UPDATE `'.TABLE_PREFIX.'users` SET `remember_key`=\'\' ';
563
				$sql .= 'WHERE `user_id`<>1';
564
				$database->query($sql);
565
		// delete remember key-cookie if set
566
				if (isset($_COOKIE['REMEMBER_KEY'])) {
567
					setcookie('REMEMBER_KEY', '', time() - 3600, '/');
568
				}
569
		// overwrite session array
570
				$_SESSION = array();
571
		// delete session cookie if set
572
				if (ini_get("session.use_cookies")) {
573
					$params = session_get_cookie_params();
574
					setcookie(session_name(), '', time() - 42000, $params["path"],
575
						$params["domain"], $params["secure"], $params["httponly"]
576
					);
577
				}
578
		// delete the session itself
579
				session_destroy();
580
				$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_LOCKED'];
581
				$PAGE_ICON  = 'system';
582
				$show_screen = true;
583
			}
584
		} else {
585
			header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
586
			$show_screen = true;
587
		}
588
		if($show_screen)
589
		{
590 1808 Luisehahne
            $sMaintanceFile = $this->correct_theme_source('maintenance.htt');
591 1782 Luisehahne
    		if(file_exists($sMaintanceFile))
592
    		{
593
                $tpl = new Template(dirname( $sMaintanceFile ));
594 1808 Luisehahne
    		    $tpl->set_file( 'page', 'maintenance.htt' );
595 1782 Luisehahne
    		    $tpl->set_block( 'page', 'main_block', 'main' );
596
597
    			if(defined('DEFAULT_CHARSET'))
598
    			{
599
    				$charset=DEFAULT_CHARSET;
600
    			} else {
601
    				$charset='utf-8';
602
    			}
603 2001 Luisehahne
    		    $tpl->set_var( 'PAGE_TITLE', $PAGE_TITLE );
604 1782 Luisehahne
    	 	    $tpl->set_var( 'CHECK_BACK', $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'] );
605
    	 	    $tpl->set_var( 'CHARSET', $charset );
606
    	 	    $tpl->set_var( 'WB_URL', WB_URL );
607 2001 Luisehahne
    	 	    $tpl->set_var( 'BE_PATIENT', $MESSAGE['GENERIC_BE_PATIENT'] );
608 1782 Luisehahne
    	 	    $tpl->set_var( 'THEME_URL', THEME_URL );
609
    			$tpl->set_var( 'PAGE_ICON', $PAGE_ICON);
610 2001 Luisehahne
    			$tpl->set_var( 'LANGUAGE', $LANGUAGE);
611 1782 Luisehahne
    		    $tpl->parse( 'main', 'main_block', false );
612
    		    $tpl->pparse( 'output', 'page' );
613
                exit();
614
    		} else {
615
    		 require_once(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php');
616
    		echo '<!DOCTYPE html PUBLIC "-W3CDTD XHTML 1.0 TransitionalEN" "http:www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
617
    		<head><title>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</title>
618
    		<style type="text/css"><!-- body{ font-family: Verdana, Arial, Helvetica, sans-serif;font-size: 12px; background-image: url("'.WB_URL.'/templates/'.DEFAULT_THEME.'/images/background.png");background-repeat: repeat-x; background-color: #A8BCCB; text-align: center; }
619
    		h1 { margin: 0; padding: 0; font-size: 18px; color: #000; text-transform: uppercase;}--></style></head><body>
620
    		<br /><h1>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</h1><br />
621
    		'.$MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'].'</body></html>';
622
    		}
623
    		flush();
624
            exit();
625
		}
626
	}
627
628 1365 Luisehahne
	// Validate send email
629 1650 darkviper
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='', $replyTo='') {
630 1698 Luisehahne
/*
631 1487 DarkViper
	INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
632
	SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
633
	NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
634 1365 Luisehahne
635 1487 DarkViper
	NOTE:
636
	To use SMTP for sending out mails, you have to specify the SMTP host of your domain
637
	via the Settings panel in the backend of Website Baker
638 1698 Luisehahne
*/
639 1365 Luisehahne
640
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
641
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
642
		$subject = preg_replace('/[\r\n]/', '', $subject);
643 1650 darkviper
		$replyTo = preg_replace('/[\r\n]/', '', $replyTo);
644 1463 Luisehahne
		// $message_alt = $message;
645
		// $message = preg_replace('/[\r\n]/', '<br \>', $message);
646
647 1365 Luisehahne
		// create PHPMailer object and define default settings
648 2058 darkviper
		$myMail = new WbMailer();
649 1365 Luisehahne
		// set user defined from address
650
		if ($fromaddress!='') {
651 1487 DarkViper
			if($fromname!='') $myMail->FromName = $fromname;  // FROM-NAME
652
			$myMail->From = $fromaddress;                     // FROM:
653 1650 darkviper
//			$myMail->AddReplyTo($fromaddress);                // REPLY TO:
654
		}
655
		if($replyTo) {
656 1655 Luisehahne
			$myMail->AddReplyTo($replyTo);                // REPLY TO:
657 1365 Luisehahne
		}
658
		// define recepient and information to send out
659 1487 DarkViper
		$myMail->AddAddress($toaddress);                      // TO:
660
		$myMail->Subject = $subject;                          // SUBJECT
661
		$myMail->Body = nl2br($message);                      // CONTENT (HTML)
662
		$myMail->AltBody = strip_tags($message);              // CONTENT (TEXT)
663 1365 Luisehahne
		// check if there are any send mail errors, otherwise say successful
664
		if (!$myMail->Send()) {
665 2062 darkviper
            if (DEBUG) { msgQueue::add('PHPMailer Error: '.$myMail->ErrorInfo); }
666 1365 Luisehahne
			return false;
667
		} else {
668
			return true;
669
		}
670
	}
671
672 1904 darkviper
/**
673
 * checks if there is an alternative Theme template
674
 *
675
 * @param string $sThemeFile set the template.htt
676
 * @return string the relative theme path
677
 *
678
 */
679 1625 Luisehahne
        function correct_theme_source($sThemeFile = 'start.htt') {
680
		$sRetval = $sThemeFile;
681
		if (file_exists(THEME_PATH.'/templates/'.$sThemeFile )) {
682
			$sRetval = THEME_PATH.'/templates/'.$sThemeFile;
683
		} else {
684 1641 Luisehahne
			if (file_exists(ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile ) ) {
685
			$sRetval = ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile;
686 1625 Luisehahne
			} else {
687
				throw new InvalidArgumentException('missing template file '.$sThemeFile);
688
			}
689
		}
690
		return $sRetval;
691
        }
692 1529 Luisehahne
693 1904 darkviper
/**
694
 * Check if a foldername doesn't have invalid characters
695
 *
696
 * @param String $str to check
697
 * @return Bool
698
 */
699 1529 Luisehahne
	function checkFolderName($str){
700
		return !( preg_match('#\^|\\\|\/|\.|\?|\*|"|\'|\<|\>|\:|\|#i', $str) ? TRUE : FALSE );
701
	}
702
703 1904 darkviper
/**
704
 * Check the given path to make sure current path is within given basedir
705
 * normally document root
706
 *
707
 * @param String $sCurrentPath
708
 * @param String $sBaseDir
709
 * @return $sCurrentPath or FALSE
710
 */
711 1529 Luisehahne
	function checkpath($sCurrentPath, $sBaseDir = WB_PATH){
712
		// Clean the cuurent path
713
        $sCurrentPath = rawurldecode($sCurrentPath);
714
        $sCurrentPath = realpath($sCurrentPath);
715
        $sBaseDir = realpath($sBaseDir);
716
		// $sBaseDir needs to exist in the $sCurrentPath
717
		$pos = stripos ($sCurrentPath, $sBaseDir );
718
719
		if ( $pos === FALSE ){
720
			return false;
721
		} elseif( $pos == 0 ) {
722
			return $sCurrentPath;
723
		} else {
724
			return false;
725
		}
726
	}
727
728 1904 darkviper
/**
729
 * remove <?php code ?>, [[text]], link, script, scriptblock and styleblock from a given string
730
 * and return the cleaned string
731
 *
732
 * @param string $sValue
733
 * @returns
734
 *    false: if @param is not a string
735
 *    string: cleaned string
736
 */
737 1808 Luisehahne
	public function StripCodeFromText($sValue, $bPHPCode=false){
738 1777 Luisehahne
        if(!is_string($sValue)) { return false; }
739 1808 Luisehahne
        $sValue = ( ($bPHPCode==true) ? preg_replace ('/\[\[.*?\]\]\s*?|<\?php\s+.*\?>\s*?/isU', '', $sValue ) : $sValue );
740 1777 Luisehahne
        $sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU';
741
        return (preg_replace ($sPattern, '', $sValue));
742
	}
743
744 1904 darkviper
/**
745
 * ReplaceAbsoluteMediaUrl
746
 * @param string $sContent
747
 * @return string
748
 * @description Replace URLs witch are pointing into MEDIA_DIRECTORY with an URL
749
 *              independend placeholder
750
 */
751
	public function ReplaceAbsoluteMediaUrl($sContent){
752 2058 darkviper
        $oReg = WbAdaptor::getInstance();
753 1904 darkviper
		if(ini_get('magic_quotes_gpc')==true){
754
			$sContent = $this->strip_slashes($sContent);
755
		}
756
		if(is_string($sContent)) {
757 2058 darkviper
			$aSearchfor = array('@(<[^>]*=\s*")('.preg_quote($oReg->AppUrl.$oReg->MediaDir).')([^">]*".*>)@siU',
758
			                    '@(<[^>]*=\s*")('.preg_quote($oReg->AppUrl).')([^">]*".*>)@siU');
759
			$aReplacements = array('$1{SYSVAR:AppUrl.MediaDir}$3',
760
			                       '$1{SYSVAR:AppUrl}$3');
761 2007 darkviper
			$sContent = preg_replace($aSearchfor, $aReplacements, $sContent );
762 1904 darkviper
		}
763
		return $sContent;
764
	}
765 1777 Luisehahne
766 1904 darkviper
767
768 1365 Luisehahne
}