Project

General

Profile

1 552 thorn
<?php
2
3
// $Id$
4
5
/*
6
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2008, Ryan Djurovich
9
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23
24
*/
25
26
/*
27
28
wb class
29
30
This class is the basis for admin and frontend classes.
31
32
*/
33
34
// Include PHPLIB template class
35
require_once(WB_PATH."/include/phplib/template.inc");
36
37
require_once(WB_PATH.'/framework/class.database.php');
38
39
// Include new wbmailer class (subclass of PHPmailer)
40
require_once(WB_PATH."/framework/class.wbmailer.php");
41
42
class wb
43
{
44
	// General initialization function
45
	// performed when frontend or backend is loaded.
46
	function wb() {
47
	}
48
49
	// Check whether a page is visible or not.
50
	// This will check page-visibility and user- and group-rights.
51
	/* page_is_visible() returns
52
		false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
53
		true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
54
	*/
55
	function page_is_visible($page) {
56
		$show_it = false; // shall we show the page?
57
		$page_id = $page['page_id'];
58
		$visibility = $page['visibility'];
59
		$viewing_groups = $page['viewing_groups'];
60
		$viewing_users = $page['viewing_users'];
61
		// First check if visibility is 'none', 'deleted'
62
		if($visibility == 'none') {
63
			return(false);
64
		} elseif($visibility == 'deleted') {
65
			return(false);
66
		}
67
		// Now check if visibility is 'hidden', 'private' or 'registered'
68
		if($visibility == 'hidden') { // hidden: hide the menu-link, but show the page
69
			$show_it = true;
70
		} elseif($visibility == 'private' || $visibility == 'registered') {
71
			// Check if the user is logged in
72
			if($this->is_authenticated() == true) {
73
				// Now check if the user has perms to view the page
74
				$in_group = false;
75
				foreach($this->get_groups_id() as $cur_gid){
76
				    if(in_array($cur_gid, explode(',', $viewing_groups))) {
77
				        $in_group = true;
78
				    }
79
				}
80
				if($in_group || in_array($this->get_user_id(), explode(',', $viewing_users))) {
81
					$show_it = true;
82
				} else {
83
					$show_it = false;
84
				}
85
			} else {
86
				$show_it = false;
87
			}
88
		} elseif($visibility == 'public') {
89
			$show_it = true;
90
		} else {
91
			$show_it = false;
92
		}
93
		return($show_it);
94
	}
95
	// Check if there is at least one active section on this page
96
	function page_is_active($page) {
97
		global $database;
98
		$has_active_sections = false;
99
		$page_id = $page['page_id'];
100
		$now = time();
101
		$query_sections = $database->query("SELECT publ_start,publ_end FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id'");
102
		if($query_sections->numRows() != 0) {
103
			while($section = $query_sections->fetchRow()) {
104
				if($now<$section['publ_end'] && ($now>$section['publ_start'] || $section['publ_start']==0) || $now>$section['publ_start'] && $section['publ_end']==0) {
105
					$has_active_sections = true;
106
					break;
107
				}
108
			}
109
		}
110
		return($has_active_sections);
111
	}
112
113
	// Check whether we should show a page or not (for front-end)
114
	function show_page($page) {
115
		if($this->page_is_visible($page) && $this->page_is_active($page)) {
116
			return true;
117
		} else {
118
			return false;
119
		}
120
	}
121
122
	// Check if the user is already authenticated or not
123
	function is_authenticated() {
124
		if(isset($_SESSION['USER_ID']) AND $_SESSION['USER_ID'] != "" AND is_numeric($_SESSION['USER_ID'])) {
125
			return true;
126
		} else {
127
			return false;
128
		}
129
	}
130
	// Modified addslashes function which takes into account magic_quotes
131
	function add_slashes($input) {
132
		if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
133
			return $input;
134
		}
135
		$output = addslashes($input);
136
		return $output;
137
	}
138
139
	// Ditto for stripslashes
140
	function strip_slashes($input) {
141
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
142
			return $input;
143
		}
144
		$output = stripslashes($input);
145
		return $output;
146
	}
147
148
	// Escape backslashes for use with mySQL LIKE strings
149
	function escape_backslashes($input) {
150
		return str_replace("\\","\\\\",$input);
151
	}
152
153
	function page_link($link){
154
		// Check for :// in the link (used in URL's) as well as mailto:
155
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
156
			return WB_URL.PAGES_DIRECTORY.$link.'.php';
157
		} else {
158
			return $link;
159
		}
160
	}
161
162
	// Get POST data
163
	function get_post($field) {
164
		if(isset($_POST[$field])) {
165
			return $_POST[$field];
166
		} else {
167
			return null;
168
		}
169
	}
170
171
	// Get POST data and escape it
172
	function get_post_escaped($field) {
173
		$result = $this->get_post($field);
174
		return (is_null($result)) ? null : $this->add_slashes($result);
175
	}
176
177
	// Get GET data
178
	function get_get($field) {
179
		if(isset($_GET[$field])) {
180
			return $_GET[$field];
181
		} else {
182
			return null;
183
		}
184
	}
185
186
	// Get SESSION data
187
	function get_session($field) {
188
		if(isset($_SESSION[$field])) {
189
			return $_SESSION[$field];
190
		} else {
191
			return null;
192
		}
193
	}
194
195
	// Get SERVER data
196
	function get_server($field) {
197
		if(isset($_SERVER[$field])) {
198
			return $_SERVER[$field];
199
		} else {
200
			return null;
201
		}
202
	}
203
204
	// Get the current users id
205
	function get_user_id() {
206
		return $_SESSION['USER_ID'];
207
	}
208
209
	// Get the current users group id
210
	function get_group_id() {
211
		return $_SESSION['GROUP_ID'];
212
	}
213
214
	// Get the current users group ids
215
	function get_groups_id() {
216
		return split(",", $_SESSION['GROUPS_ID']);
217
	}
218
219
	// Get the current users group name
220
	function get_group_name() {
221
		return implode(",", $_SESSION['GROUP_NAME']);
222
	}
223
224
	// Get the current users group name
225
	function get_groups_name() {
226
		return $_SESSION['GROUP_NAME'];
227
	}
228
229
	// Get the current users username
230
	function get_username() {
231
		return $_SESSION['USERNAME'];
232
	}
233
234
	// Get the current users display name
235
	function get_display_name() {
236
		return ($_SESSION['DISPLAY_NAME']);
237
	}
238
239
	// Get the current users email address
240
	function get_email() {
241
		return $_SESSION['EMAIL'];
242
	}
243
244
	// Get the current users home folder
245
	function get_home_folder() {
246
		return $_SESSION['HOME_FOLDER'];
247
	}
248
249
	// Get the current users timezone
250
	function get_timezone() {
251
		if(!isset($_SESSION['USE_DEFAULT_TIMEZONE'])) {
252
			return $_SESSION['TIMEZONE'];
253
		} else {
254
			return '-72000';
255
		}
256
	}
257
258
	// Validate supplied email address
259
	function validate_email($email) {
260
		if(eregi("^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$", $email)) {
261
			return true;
262
		} else {
263
			return false;
264
		}
265
	}
266
267
	// Print a success message which then automatically redirects the user to another page
268
	function print_success($message, $redirect = 'index.php') {
269
		global $TEXT;
270
		$success_template = new Template(ADMIN_PATH.'/interface');
271
		$success_template->set_file('page', 'success.html');
272
		$success_template->set_block('page', 'main_block', 'main');
273
		$success_template->set_var('MESSAGE', $message);
274
		$success_template->set_var('REDIRECT', $redirect);
275
		$success_template->set_var('NEXT', $TEXT['NEXT']);
276
		$success_template->parse('main', 'main_block', false);
277
		$success_template->pparse('output', 'page');
278
	}
279
280
	// Print an error message
281
	function print_error($message, $link = 'index.php', $auto_footer = true) {
282
		global $TEXT;
283
		$success_template = new Template(ADMIN_PATH.'/interface');
284
		$success_template->set_file('page', 'error.html');
285
		$success_template->set_block('page', 'main_block', 'main');
286
		$success_template->set_var('MESSAGE', $message);
287
		$success_template->set_var('LINK', $link);
288
		$success_template->set_var('BACK', $TEXT['BACK']);
289
		$success_template->parse('main', 'main_block', false);
290
		$success_template->pparse('output', 'page');
291
		if($auto_footer == true) {
292
			$this->print_footer();
293
		}
294
		exit();
295
	}
296
297
	// Validate send email
298
	function mail($fromaddress, $toaddress, $subject, $message) {
299
		/*
300
			INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
301
			SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
302
			NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
303
304
			NOTE:
305
			To use SMTP for sending out mails, you have to specify the SMTP host of your domain
306
			via the Settings panel in the backend of Website Baker
307
		*/
308
309
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
310
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
311
		$subject = preg_replace('/[\r\n]/', '', $subject);
312
		$message = preg_replace('/[\r\n]/', '<br \>', $message);
313
314
		// create PHPMailer object and define default settings
315
		$myMail = new wbmailer();
316
317
		// set user defined from address
318
		if ($fromaddress!='') {
319
			$myMail->From = $fromaddress;                            // FROM:
320
			$myMail->AddReplyTo($fromaddress);                       // REPLY TO:
321
		}
322
323
		// define recepient and information to send out
324
		$myMail->AddAddress($toaddress);                            // TO:
325
		$myMail->Subject = $subject;                                // SUBJECT
326
		$myMail->Body = $message;                                   // CONTENT (HTML)
327
		$myMail->AltBody = strip_tags($message);                    // CONTENT (TEXT)
328
329
		// check if there are any send mail errors, otherwise say successful
330
		if (!$myMail->Send()) {
331
			return false;
332
		} else {
333
			return true;
334
		}
335
	}
336
337
}
338
?>