Project

General

Profile

1 451 Ruebenwurz
<?php
2
3
// $Id$
4
5
/*
6
7
 Website Baker Project <http://www.websitebaker.org/>
8 519 Ruebenwurz
 Copyright (C) 2004-2008, Ryan Djurovich
9 451 Ruebenwurz
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23
24
*/
25
26
/*
27
28
wb class
29
30
This class is the basis for admin and frontend classes.
31
32
*/
33
34
// Include PHPLIB template class
35
require_once(WB_PATH."/include/phplib/template.inc");
36
37
require_once(WB_PATH.'/framework/class.database.php');
38
39
// Include new wbmailer class (subclass of PHPmailer)
40
require_once(WB_PATH."/framework/class.wbmailer.php");
41
42
class wb
43
{
44
	// General initialization function
45
	// performed when frontend or backend is loaded.
46
	function wb() {
47
	}
48 543 thorn
49
	// Check whether a page is visible or not.
50
	// This will check page-visibility and user- and group-rights.
51
	/* page_is_visible() returns
52
		false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
53
		true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
54
	*/
55
	function page_is_visible($page) {
56
		$show_it = false; // shall we show the page?
57
		$page_id = $page['page_id'];
58
		$visibility = $page['visibility'];
59
		$viewing_groups = $page['viewing_groups'];
60
		$viewing_users = $page['viewing_users'];
61
		// First check if visibility is 'none', 'deleted'
62
		if($visibility == 'none') {
63
			return(false);
64
		} elseif($visibility == 'deleted') {
65
			return(false);
66
		}
67
		// Now check if visibility is 'hidden', 'private' or 'registered'
68
		if($visibility == 'hidden') { // hidden: hide the menu-link, but show the page
69
			$show_it = true;
70
		} elseif($visibility == 'private' || $visibility == 'registered') {
71
			// Check if the user is logged in
72
			if($this->is_authenticated() == true) {
73
				// Now check if the user has perms to view the page
74
				if(in_array($this->get_group_id(), explode(',', $viewing_groups)) || in_array($this->get_user_id(), explode(',', $viewing_users))) {
75
					$show_it = true;
76
				} else {
77
					$show_it = false;
78
				}
79
			} else {
80
				$show_it = false;
81
			}
82
		} elseif($visibility == 'public') {
83
			$show_it = true;
84
		} else {
85
			$show_it = false;
86
		}
87
		return($show_it);
88
	}
89 451 Ruebenwurz
90
	// Check whether we should show a page or not (for front-end)
91
	function show_page($page) {
92
		// First check if the page is set to private
93
		if($page['visibility'] == 'private' OR $page['visibility'] == 'registered') {
94
			// Check if the user is logged in
95
			if($this->is_authenticated() == true) {
96
				// Now check if the user has perms to view it
97
				$viewing_groups = explode(',', $page['viewing_groups']);
98
				$viewing_users = explode(',', $page['viewing_users']);
99 546 doc
				$in_group = FALSE;
100
				foreach($this->get_groups_id() as $cur_gid){
101
				    if (in_array($cur_gid, $viewing_groups)) {
102
				        $in_group = TRUE;
103
				    }
104
				}
105
				if(($in_group) OR is_numeric(array_search($this->get_user_id(), $viewing_users))) {
106 451 Ruebenwurz
					return true;
107
				} else {
108
					return false;
109
				}
110
			} else {
111
				return false;
112
			}
113
		} elseif($page['visibility'] == 'public') {
114
			return true;
115
		} else {
116
			return false;
117
		}
118
	}
119
120
	// Check if the user is already authenticated or not
121
	function is_authenticated() {
122
		if(isset($_SESSION['USER_ID']) AND $_SESSION['USER_ID'] != "" AND is_numeric($_SESSION['USER_ID'])) {
123
			return true;
124
		} else {
125
			return false;
126
		}
127
	}
128
	// Modified addslashes function which takes into account magic_quotes
129
	function add_slashes($input) {
130
		if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
131
			return $input;
132
		}
133
		$output = addslashes($input);
134
		return $output;
135
	}
136
137
	// Ditto for stripslashes
138
	function strip_slashes($input) {
139
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
140
			return $input;
141
		}
142
		$output = stripslashes($input);
143
		return $output;
144
	}
145
146
	// Escape backslashes for use with mySQL LIKE strings
147
	function escape_backslashes($input) {
148
		return str_replace("\\","\\\\",$input);
149
	}
150
151
	function page_link($link){
152
		// Check for :// in the link (used in URL's) as well as mailto:
153
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
154 547 Ruebenwurz
			return WB_URL.PAGES_DIRECTORY.$link.'.php';
155 451 Ruebenwurz
		} else {
156
			return $link;
157
		}
158
	}
159
160
	// Get POST data
161
	function get_post($field) {
162
		if(isset($_POST[$field])) {
163
			return $_POST[$field];
164
		} else {
165
			return null;
166
		}
167
	}
168
169
	// Get POST data and escape it
170
	function get_post_escaped($field) {
171
		$result = $this->get_post($field);
172
		return (is_null($result)) ? null : $this->add_slashes($result);
173
	}
174
175
	// Get GET data
176
	function get_get($field) {
177
		if(isset($_GET[$field])) {
178
			return $_GET[$field];
179
		} else {
180
			return null;
181
		}
182
	}
183
184
	// Get SESSION data
185
	function get_session($field) {
186
		if(isset($_SESSION[$field])) {
187
			return $_SESSION[$field];
188
		} else {
189
			return null;
190
		}
191
	}
192
193
	// Get SERVER data
194
	function get_server($field) {
195
		if(isset($_SERVER[$field])) {
196
			return $_SERVER[$field];
197
		} else {
198
			return null;
199
		}
200
	}
201
202
	// Get the current users id
203
	function get_user_id() {
204
		return $_SESSION['USER_ID'];
205
	}
206
207
	// Get the current users group id
208
	function get_group_id() {
209
		return $_SESSION['GROUP_ID'];
210
	}
211
212 546 doc
	// Get the current users group ids
213
	function get_groups_id() {
214
		return split(",", $_SESSION['GROUPS_ID']);
215
	}
216
217 451 Ruebenwurz
	// Get the current users group name
218
	function get_group_name() {
219 546 doc
		return implode(",", $_SESSION['GROUP_NAME']);
220
	}
221
222
	// Get the current users group name
223
	function get_groups_name() {
224 451 Ruebenwurz
		return $_SESSION['GROUP_NAME'];
225
	}
226
227
	// Get the current users username
228
	function get_username() {
229
		return $_SESSION['USERNAME'];
230
	}
231
232
	// Get the current users display name
233
	function get_display_name() {
234
		return ($_SESSION['DISPLAY_NAME']);
235
	}
236
237
	// Get the current users email address
238
	function get_email() {
239
		return $_SESSION['EMAIL'];
240
	}
241
242
	// Get the current users home folder
243
	function get_home_folder() {
244
		return $_SESSION['HOME_FOLDER'];
245
	}
246
247
	// Get the current users timezone
248
	function get_timezone() {
249
		if(!isset($_SESSION['USE_DEFAULT_TIMEZONE'])) {
250
			return $_SESSION['TIMEZONE'];
251
		} else {
252
			return '-72000';
253
		}
254
	}
255
256
	// Validate supplied email address
257
	function validate_email($email) {
258
		if(eregi("^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$", $email)) {
259
			return true;
260
		} else {
261
			return false;
262
		}
263
	}
264
265
	// Print a success message which then automatically redirects the user to another page
266
	function print_success($message, $redirect = 'index.php') {
267
		global $TEXT;
268
		$success_template = new Template(ADMIN_PATH.'/interface');
269
		$success_template->set_file('page', 'success.html');
270
		$success_template->set_block('page', 'main_block', 'main');
271
		$success_template->set_var('MESSAGE', $message);
272
		$success_template->set_var('REDIRECT', $redirect);
273
		$success_template->set_var('NEXT', $TEXT['NEXT']);
274
		$success_template->parse('main', 'main_block', false);
275
		$success_template->pparse('output', 'page');
276
	}
277
278
	// Print an error message
279
	function print_error($message, $link = 'index.php', $auto_footer = true) {
280
		global $TEXT;
281
		$success_template = new Template(ADMIN_PATH.'/interface');
282
		$success_template->set_file('page', 'error.html');
283
		$success_template->set_block('page', 'main_block', 'main');
284
		$success_template->set_var('MESSAGE', $message);
285
		$success_template->set_var('LINK', $link);
286
		$success_template->set_var('BACK', $TEXT['BACK']);
287
		$success_template->parse('main', 'main_block', false);
288
		$success_template->pparse('output', 'page');
289
		if($auto_footer == true) {
290
			$this->print_footer();
291
		}
292
		exit();
293
	}
294
295
	// Validate send email
296
	function mail($fromaddress, $toaddress, $subject, $message) {
297
		/*
298
			INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
299
			SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
300
			NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
301
302
			NOTE:
303
			To use SMTP for sending out mails, you have to specify the SMTP host of your domain
304
			via the Settings panel in the backend of Website Baker
305
		*/
306
307
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
308
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
309
		$subject = preg_replace('/[\r\n]/', '', $subject);
310
		$message = preg_replace('/[\r\n]/', '<br \>', $message);
311
312
		// create PHPMailer object and define default settings
313
		$myMail = new wbmailer();
314
315
		// set user defined from address
316
		if ($fromaddress!='') {
317
			$myMail->From = $fromaddress;                            // FROM:
318
			$myMail->AddReplyTo($fromaddress);                       // REPLY TO:
319
		}
320
321
		// define recepient and information to send out
322
		$myMail->AddAddress($toaddress);                            // TO:
323
		$myMail->Subject = $subject;                                // SUBJECT
324
		$myMail->Body = $message;                                   // CONTENT (HTML)
325
		$myMail->AltBody = strip_tags($message);                    // CONTENT (TEXT)
326
327
		// check if there are any send mail errors, otherwise say successful
328
		if (!$myMail->Send()) {
329
			return false;
330
		} else {
331
			return true;
332
		}
333
	}
334
335
}
336 543 thorn
?>