Project

General

Profile

1
<?php
2

    
3
// $Id: class.wb.php 547 2008-01-17 19:38:05Z Ruebenwurzel $
4

    
5
/*
6

    
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2008, Ryan Djurovich
9

    
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14

    
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19

    
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23

    
24
*/
25

    
26
/*
27

    
28
wb class
29

    
30
This class is the basis for admin and frontend classes.
31

    
32
*/
33

    
34
// Include PHPLIB template class
35
require_once(WB_PATH."/include/phplib/template.inc");
36

    
37
require_once(WB_PATH.'/framework/class.database.php');
38

    
39
// Include new wbmailer class (subclass of PHPmailer)
40
require_once(WB_PATH."/framework/class.wbmailer.php");
41

    
42
class wb
43
{
44
	// General initialization function 
45
	// performed when frontend or backend is loaded.
46
	function wb() {
47
	}
48
	
49
	// Check whether a page is visible or not.
50
	// This will check page-visibility and user- and group-rights.
51
	/* page_is_visible() returns
52
		false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
53
		true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
54
	*/
55
	function page_is_visible($page) {
56
		$show_it = false; // shall we show the page?
57
		$page_id = $page['page_id'];
58
		$visibility = $page['visibility'];
59
		$viewing_groups = $page['viewing_groups'];
60
		$viewing_users = $page['viewing_users'];
61
		// First check if visibility is 'none', 'deleted'
62
		if($visibility == 'none') {
63
			return(false);
64
		} elseif($visibility == 'deleted') {
65
			return(false);
66
		}
67
		// Now check if visibility is 'hidden', 'private' or 'registered'
68
		if($visibility == 'hidden') { // hidden: hide the menu-link, but show the page
69
			$show_it = true;
70
		} elseif($visibility == 'private' || $visibility == 'registered') {
71
			// Check if the user is logged in
72
			if($this->is_authenticated() == true) {
73
				// Now check if the user has perms to view the page
74
				if(in_array($this->get_group_id(), explode(',', $viewing_groups)) || in_array($this->get_user_id(), explode(',', $viewing_users))) {
75
					$show_it = true;
76
				} else {
77
					$show_it = false;
78
				}
79
			} else {
80
				$show_it = false;
81
			}
82
		} elseif($visibility == 'public') {
83
			$show_it = true;
84
		} else {
85
			$show_it = false;
86
		}
87
		return($show_it);
88
	}
89

    
90
	// Check whether we should show a page or not (for front-end)
91
	function show_page($page) {
92
		// First check if the page is set to private
93
		if($page['visibility'] == 'private' OR $page['visibility'] == 'registered') {
94
			// Check if the user is logged in
95
			if($this->is_authenticated() == true) {
96
				// Now check if the user has perms to view it
97
				$viewing_groups = explode(',', $page['viewing_groups']);
98
				$viewing_users = explode(',', $page['viewing_users']);
99
				$in_group = FALSE;
100
				foreach($this->get_groups_id() as $cur_gid){
101
				    if (in_array($cur_gid, $viewing_groups)) {
102
				        $in_group = TRUE;
103
				    }
104
				}
105
				if(($in_group) OR is_numeric(array_search($this->get_user_id(), $viewing_users))) {
106
					return true;
107
				} else {
108
					return false;
109
				}
110
			} else {
111
				return false;
112
			}
113
		} elseif($page['visibility'] == 'public') {
114
			return true;
115
		} else {
116
			return false;
117
		}
118
	}
119

    
120
	// Check if the user is already authenticated or not
121
	function is_authenticated() {
122
		if(isset($_SESSION['USER_ID']) AND $_SESSION['USER_ID'] != "" AND is_numeric($_SESSION['USER_ID'])) {
123
			return true;
124
		} else {
125
			return false;
126
		}
127
	}
128
	// Modified addslashes function which takes into account magic_quotes
129
	function add_slashes($input) {
130
		if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
131
			return $input;
132
		}
133
		$output = addslashes($input);
134
		return $output;
135
	}
136

    
137
	// Ditto for stripslashes
138
	function strip_slashes($input) {
139
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
140
			return $input;
141
		}
142
		$output = stripslashes($input);
143
		return $output;
144
	}
145

    
146
	// Escape backslashes for use with mySQL LIKE strings
147
	function escape_backslashes($input) {
148
		return str_replace("\\","\\\\",$input);
149
	}
150

    
151
	function page_link($link){
152
		// Check for :// in the link (used in URL's) as well as mailto:
153
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
154
			return WB_URL.PAGES_DIRECTORY.$link.'.php';
155
		} else {
156
			return $link;
157
		}
158
	}
159
	
160
	// Get POST data
161
	function get_post($field) {
162
		if(isset($_POST[$field])) {
163
			return $_POST[$field];
164
		} else {
165
			return null;
166
		}
167
	}
168

    
169
	// Get POST data and escape it
170
	function get_post_escaped($field) {
171
		$result = $this->get_post($field);
172
		return (is_null($result)) ? null : $this->add_slashes($result);
173
	}
174
	
175
	// Get GET data
176
	function get_get($field) {
177
		if(isset($_GET[$field])) {
178
			return $_GET[$field];
179
		} else {
180
			return null;
181
		}
182
	}
183

    
184
	// Get SESSION data
185
	function get_session($field) {
186
		if(isset($_SESSION[$field])) {
187
			return $_SESSION[$field];
188
		} else {
189
			return null;
190
		}
191
	}
192

    
193
	// Get SERVER data
194
	function get_server($field) {
195
		if(isset($_SERVER[$field])) {
196
			return $_SERVER[$field];
197
		} else {
198
			return null;
199
		}
200
	}
201

    
202
	// Get the current users id
203
	function get_user_id() {
204
		return $_SESSION['USER_ID'];
205
	}
206

    
207
	// Get the current users group id
208
	function get_group_id() {
209
		return $_SESSION['GROUP_ID'];
210
	}
211

    
212
	// Get the current users group ids
213
	function get_groups_id() {
214
		return split(",", $_SESSION['GROUPS_ID']);
215
	}
216

    
217
	// Get the current users group name
218
	function get_group_name() {
219
		return implode(",", $_SESSION['GROUP_NAME']);
220
	}
221

    
222
	// Get the current users group name
223
	function get_groups_name() {
224
		return $_SESSION['GROUP_NAME'];
225
	}
226

    
227
	// Get the current users username
228
	function get_username() {
229
		return $_SESSION['USERNAME'];
230
	}
231

    
232
	// Get the current users display name
233
	function get_display_name() {
234
		return ($_SESSION['DISPLAY_NAME']);
235
	}
236

    
237
	// Get the current users email address
238
	function get_email() {
239
		return $_SESSION['EMAIL'];
240
	}
241

    
242
	// Get the current users home folder
243
	function get_home_folder() {
244
		return $_SESSION['HOME_FOLDER'];
245
	}
246

    
247
	// Get the current users timezone
248
	function get_timezone() {
249
		if(!isset($_SESSION['USE_DEFAULT_TIMEZONE'])) {
250
			return $_SESSION['TIMEZONE'];
251
		} else {
252
			return '-72000';
253
		}
254
	}
255

    
256
	// Validate supplied email address
257
	function validate_email($email) {
258
		if(eregi("^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$", $email)) {
259
			return true;
260
		} else {
261
			return false;
262
		}
263
	}
264

    
265
	// Print a success message which then automatically redirects the user to another page
266
	function print_success($message, $redirect = 'index.php') {
267
		global $TEXT;
268
		$success_template = new Template(ADMIN_PATH.'/interface');
269
		$success_template->set_file('page', 'success.html');
270
		$success_template->set_block('page', 'main_block', 'main');
271
		$success_template->set_var('MESSAGE', $message);
272
		$success_template->set_var('REDIRECT', $redirect);
273
		$success_template->set_var('NEXT', $TEXT['NEXT']);
274
		$success_template->parse('main', 'main_block', false);
275
		$success_template->pparse('output', 'page');
276
	}
277
	
278
	// Print an error message
279
	function print_error($message, $link = 'index.php', $auto_footer = true) {
280
		global $TEXT;
281
		$success_template = new Template(ADMIN_PATH.'/interface');
282
		$success_template->set_file('page', 'error.html');
283
		$success_template->set_block('page', 'main_block', 'main');
284
		$success_template->set_var('MESSAGE', $message);
285
		$success_template->set_var('LINK', $link);
286
		$success_template->set_var('BACK', $TEXT['BACK']);
287
		$success_template->parse('main', 'main_block', false);
288
		$success_template->pparse('output', 'page');
289
		if($auto_footer == true) {
290
			$this->print_footer();
291
		}
292
		exit();
293
	}
294

    
295
	// Validate send email
296
	function mail($fromaddress, $toaddress, $subject, $message) {
297
		/* 
298
			INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
299
			SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
300
			NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
301

    
302
			NOTE:
303
			To use SMTP for sending out mails, you have to specify the SMTP host of your domain
304
			via the Settings panel in the backend of Website Baker
305
		*/ 
306

    
307
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
308
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
309
		$subject = preg_replace('/[\r\n]/', '', $subject);
310
		$message = preg_replace('/[\r\n]/', '<br \>', $message);
311
		
312
		// create PHPMailer object and define default settings
313
		$myMail = new wbmailer();
314
      
315
		// set user defined from address
316
		if ($fromaddress!='') {
317
			$myMail->From = $fromaddress;                            // FROM:
318
			$myMail->AddReplyTo($fromaddress);                       // REPLY TO:
319
		}
320
		
321
		// define recepient and information to send out
322
		$myMail->AddAddress($toaddress);                            // TO:
323
		$myMail->Subject = $subject;                                // SUBJECT
324
		$myMail->Body = $message;                                   // CONTENT (HTML)
325
		$myMail->AltBody = strip_tags($message);                    // CONTENT (TEXT)
326
		
327
		// check if there are any send mail errors, otherwise say successful
328
		if (!$myMail->Send()) {
329
			return false;
330
		} else {
331
			return true;
332
		}
333
	}
334

    
335
}
336
?>
(7-7/13)