Project

General

Profile

1 451 Ruebenwurz
<?php
2
3
// $Id$
4
5
/*
6
7
 Website Baker Project <http://www.websitebaker.org/>
8 519 Ruebenwurz
 Copyright (C) 2004-2008, Ryan Djurovich
9 451 Ruebenwurz
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23
24
*/
25
26
/*
27
28
wb class
29
30
This class is the basis for admin and frontend classes.
31
32
*/
33
34
// Include PHPLIB template class
35
require_once(WB_PATH."/include/phplib/template.inc");
36
37
require_once(WB_PATH.'/framework/class.database.php');
38
39
// Include new wbmailer class (subclass of PHPmailer)
40
require_once(WB_PATH."/framework/class.wbmailer.php");
41
42
class wb
43
{
44
	// General initialization function
45
	// performed when frontend or backend is loaded.
46
	function wb() {
47
	}
48 543 thorn
49
	// Check whether a page is visible or not.
50
	// This will check page-visibility and user- and group-rights.
51
	/* page_is_visible() returns
52
		false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
53
		true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
54
	*/
55
	function page_is_visible($page) {
56
		$show_it = false; // shall we show the page?
57
		$page_id = $page['page_id'];
58
		$visibility = $page['visibility'];
59
		$viewing_groups = $page['viewing_groups'];
60
		$viewing_users = $page['viewing_users'];
61
		// First check if visibility is 'none', 'deleted'
62
		if($visibility == 'none') {
63
			return(false);
64
		} elseif($visibility == 'deleted') {
65
			return(false);
66
		}
67
		// Now check if visibility is 'hidden', 'private' or 'registered'
68
		if($visibility == 'hidden') { // hidden: hide the menu-link, but show the page
69
			$show_it = true;
70
		} elseif($visibility == 'private' || $visibility == 'registered') {
71
			// Check if the user is logged in
72
			if($this->is_authenticated() == true) {
73
				// Now check if the user has perms to view the page
74
				if(in_array($this->get_group_id(), explode(',', $viewing_groups)) || in_array($this->get_user_id(), explode(',', $viewing_users))) {
75
					$show_it = true;
76
				} else {
77
					$show_it = false;
78
				}
79
			} else {
80
				$show_it = false;
81
			}
82
		} elseif($visibility == 'public') {
83
			$show_it = true;
84
		} else {
85
			$show_it = false;
86
		}
87
		return($show_it);
88
	}
89 451 Ruebenwurz
90
	// Check whether we should show a page or not (for front-end)
91
	function show_page($page) {
92
		// First check if the page is set to private
93
		if($page['visibility'] == 'private' OR $page['visibility'] == 'registered') {
94
			// Check if the user is logged in
95
			if($this->is_authenticated() == true) {
96
				// Now check if the user has perms to view it
97
				$viewing_groups = explode(',', $page['viewing_groups']);
98
				$viewing_users = explode(',', $page['viewing_users']);
99
				if(is_numeric(array_search($this->get_group_id(), $viewing_groups)) OR is_numeric(array_search($this->get_user_id(), $viewing_users))) {
100
					return true;
101
				} else {
102
					return false;
103
				}
104
			} else {
105
				return false;
106
			}
107
		} elseif($page['visibility'] == 'public') {
108
			return true;
109
		} else {
110
			return false;
111
		}
112
	}
113
114
	// Check if the user is already authenticated or not
115
	function is_authenticated() {
116
		if(isset($_SESSION['USER_ID']) AND $_SESSION['USER_ID'] != "" AND is_numeric($_SESSION['USER_ID'])) {
117
			return true;
118
		} else {
119
			return false;
120
		}
121
	}
122
	// Modified addslashes function which takes into account magic_quotes
123
	function add_slashes($input) {
124
		if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
125
			return $input;
126
		}
127
		$output = addslashes($input);
128
		return $output;
129
	}
130
131
	// Ditto for stripslashes
132
	function strip_slashes($input) {
133
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
134
			return $input;
135
		}
136
		$output = stripslashes($input);
137
		return $output;
138
	}
139
140
	// Escape backslashes for use with mySQL LIKE strings
141
	function escape_backslashes($input) {
142
		return str_replace("\\","\\\\",$input);
143
	}
144
145
	function page_link($link){
146
		// Check for :// in the link (used in URL's) as well as mailto:
147
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
148
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
149
		} else {
150
			return $link;
151
		}
152
	}
153
154
	// Get POST data
155
	function get_post($field) {
156
		if(isset($_POST[$field])) {
157
			return $_POST[$field];
158
		} else {
159
			return null;
160
		}
161
	}
162
163
	// Get POST data and escape it
164
	function get_post_escaped($field) {
165
		$result = $this->get_post($field);
166
		return (is_null($result)) ? null : $this->add_slashes($result);
167
	}
168
169
	// Get GET data
170
	function get_get($field) {
171
		if(isset($_GET[$field])) {
172
			return $_GET[$field];
173
		} else {
174
			return null;
175
		}
176
	}
177
178
	// Get SESSION data
179
	function get_session($field) {
180
		if(isset($_SESSION[$field])) {
181
			return $_SESSION[$field];
182
		} else {
183
			return null;
184
		}
185
	}
186
187
	// Get SERVER data
188
	function get_server($field) {
189
		if(isset($_SERVER[$field])) {
190
			return $_SERVER[$field];
191
		} else {
192
			return null;
193
		}
194
	}
195
196
	// Get the current users id
197
	function get_user_id() {
198
		return $_SESSION['USER_ID'];
199
	}
200
201
	// Get the current users group id
202
	function get_group_id() {
203
		return $_SESSION['GROUP_ID'];
204
	}
205
206
	// Get the current users group name
207
	function get_group_name() {
208
		return $_SESSION['GROUP_NAME'];
209
	}
210
211
	// Get the current users username
212
	function get_username() {
213
		return $_SESSION['USERNAME'];
214
	}
215
216
	// Get the current users display name
217
	function get_display_name() {
218
		return ($_SESSION['DISPLAY_NAME']);
219
	}
220
221
	// Get the current users email address
222
	function get_email() {
223
		return $_SESSION['EMAIL'];
224
	}
225
226
	// Get the current users home folder
227
	function get_home_folder() {
228
		return $_SESSION['HOME_FOLDER'];
229
	}
230
231
	// Get the current users timezone
232
	function get_timezone() {
233
		if(!isset($_SESSION['USE_DEFAULT_TIMEZONE'])) {
234
			return $_SESSION['TIMEZONE'];
235
		} else {
236
			return '-72000';
237
		}
238
	}
239
240
	// Validate supplied email address
241
	function validate_email($email) {
242
		if(eregi("^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$", $email)) {
243
			return true;
244
		} else {
245
			return false;
246
		}
247
	}
248
249
	// Print a success message which then automatically redirects the user to another page
250
	function print_success($message, $redirect = 'index.php') {
251
		global $TEXT;
252
		$success_template = new Template(ADMIN_PATH.'/interface');
253
		$success_template->set_file('page', 'success.html');
254
		$success_template->set_block('page', 'main_block', 'main');
255
		$success_template->set_var('MESSAGE', $message);
256
		$success_template->set_var('REDIRECT', $redirect);
257
		$success_template->set_var('NEXT', $TEXT['NEXT']);
258
		$success_template->parse('main', 'main_block', false);
259
		$success_template->pparse('output', 'page');
260
	}
261
262
	// Print an error message
263
	function print_error($message, $link = 'index.php', $auto_footer = true) {
264
		global $TEXT;
265
		$success_template = new Template(ADMIN_PATH.'/interface');
266
		$success_template->set_file('page', 'error.html');
267
		$success_template->set_block('page', 'main_block', 'main');
268
		$success_template->set_var('MESSAGE', $message);
269
		$success_template->set_var('LINK', $link);
270
		$success_template->set_var('BACK', $TEXT['BACK']);
271
		$success_template->parse('main', 'main_block', false);
272
		$success_template->pparse('output', 'page');
273
		if($auto_footer == true) {
274
			$this->print_footer();
275
		}
276
		exit();
277
	}
278
279
	// Validate send email
280
	function mail($fromaddress, $toaddress, $subject, $message) {
281
		/*
282
			INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
283
			SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
284
			NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
285
286
			NOTE:
287
			To use SMTP for sending out mails, you have to specify the SMTP host of your domain
288
			via the Settings panel in the backend of Website Baker
289
		*/
290
291
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
292
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
293
		$subject = preg_replace('/[\r\n]/', '', $subject);
294
		$message = preg_replace('/[\r\n]/', '<br \>', $message);
295
296
		// create PHPMailer object and define default settings
297
		$myMail = new wbmailer();
298
299
		// set user defined from address
300
		if ($fromaddress!='') {
301
			$myMail->From = $fromaddress;                            // FROM:
302
			$myMail->AddReplyTo($fromaddress);                       // REPLY TO:
303
		}
304
305
		// define recepient and information to send out
306
		$myMail->AddAddress($toaddress);                            // TO:
307
		$myMail->Subject = $subject;                                // SUBJECT
308
		$myMail->Body = $message;                                   // CONTENT (HTML)
309
		$myMail->AltBody = strip_tags($message);                    // CONTENT (TEXT)
310
311
		// check if there are any send mail errors, otherwise say successful
312
		if (!$myMail->Send()) {
313
			return false;
314
		} else {
315
			return true;
316
		}
317
	}
318
319
}
320 543 thorn
?>