Project

General

Profile

1
<?php
2

    
3
// $Id: class.wb.php 929 2009-02-15 15:05:07Z doc $
4

    
5
/*
6

    
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2009, Ryan Djurovich
9

    
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14

    
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19

    
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23

    
24
*/
25

    
26
/*
27

    
28
wb class
29

    
30
This class is the basis for admin and frontend classes.
31

    
32
*/
33

    
34
// Include PHPLIB template class
35
require_once(WB_PATH."/include/phplib/template.inc");
36

    
37
require_once(WB_PATH.'/framework/class.database.php');
38

    
39
// Include new wbmailer class (subclass of PHPmailer)
40
require_once(WB_PATH."/framework/class.wbmailer.php");
41

    
42
class wb
43
{
44
	// General initialization function 
45
	// performed when frontend or backend is loaded.
46
	function wb() {
47
	}
48
	
49
	// Check whether a page is visible or not.
50
	// This will check page-visibility and user- and group-rights.
51
	/* page_is_visible() returns
52
		false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
53
		true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
54
	*/
55
	function page_is_visible($page) {
56
		$show_it = false; // shall we show the page?
57
		$page_id = $page['page_id'];
58
		$visibility = $page['visibility'];
59
		$viewing_groups = $page['viewing_groups'];
60
		$viewing_users = $page['viewing_users'];
61
		// First check if visibility is 'none', 'deleted'
62
		if($visibility == 'none') {
63
			return(false);
64
		} elseif($visibility == 'deleted') {
65
			return(false);
66
		}
67
		// Now check if visibility is 'hidden', 'private' or 'registered'
68
		if($visibility == 'hidden') { // hidden: hide the menu-link, but show the page
69
			$show_it = true;
70
		} elseif($visibility == 'private' || $visibility == 'registered') {
71
			// Check if the user is logged in
72
			if($this->is_authenticated() == true) {
73
				// Now check if the user has perms to view the page
74
				$in_group = false;
75
				foreach($this->get_groups_id() as $cur_gid){
76
				    if(in_array($cur_gid, explode(',', $viewing_groups))) {
77
				        $in_group = true;
78
				    }
79
				}
80
				if($in_group || in_array($this->get_user_id(), explode(',', $viewing_users))) {
81
					$show_it = true;
82
				} else {
83
					$show_it = false;
84
				}
85
			} else {
86
				$show_it = false;
87
			}
88
		} elseif($visibility == 'public') {
89
			$show_it = true;
90
		} else {
91
			$show_it = false;
92
		}
93
		return($show_it);
94
	}
95
	// Check if there is at least one active section on this page
96
	function page_is_active($page) {
97
		global $database;
98
		$has_active_sections = false;
99
		$page_id = $page['page_id'];
100
		$now = time();
101
		$query_sections = $database->query("SELECT publ_start,publ_end FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id'");
102
		if($query_sections->numRows() != 0) {
103
			while($section = $query_sections->fetchRow()) {
104
				if($now<$section['publ_end'] && ($now>$section['publ_start'] || $section['publ_start']==0) || $now>$section['publ_start'] && $section['publ_end']==0) {
105
					$has_active_sections = true;
106
					break;
107
				}
108
			}
109
		}
110
		return($has_active_sections);
111
	}
112

    
113
	// Check whether we should show a page or not (for front-end)
114
	function show_page($page) {
115
		if($this->page_is_visible($page) && $this->page_is_active($page)) {
116
			return true;
117
		} else {
118
			return false;
119
		}
120
	}
121

    
122
	// Check if the user is already authenticated or not
123
	function is_authenticated() {
124
		if(isset($_SESSION['USER_ID']) AND $_SESSION['USER_ID'] != "" AND is_numeric($_SESSION['USER_ID'])) {
125
			return true;
126
		} else {
127
			return false;
128
		}
129
	}
130
	// Modified addslashes function which takes into account magic_quotes
131
	function add_slashes($input) {
132
		if ( get_magic_quotes_gpc() || ( !is_string($input) ) ) {
133
			return $input;
134
		}
135
		$output = addslashes($input);
136
		return $output;
137
	}
138

    
139
	// Ditto for stripslashes
140
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
141
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
142
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
143
	function strip_slashes($input) {
144
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
145
			return $input;
146
		}
147
		$output = stripslashes($input);
148
		return $output;
149
	}
150

    
151
	// Escape backslashes for use with mySQL LIKE strings
152
	function escape_backslashes($input) {
153
		return str_replace("\\","\\\\",$input);
154
	}
155

    
156
	function page_link($link){
157
		// Check for :// in the link (used in URL's) as well as mailto:
158
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
159
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
160
		} else {
161
			return $link;
162
		}
163
	}
164
	
165
	// Get POST data
166
	function get_post($field) {
167
		if(isset($_POST[$field])) {
168
			return $_POST[$field];
169
		} else {
170
			return null;
171
		}
172
	}
173

    
174
	// Get POST data and escape it
175
	function get_post_escaped($field) {
176
		$result = $this->get_post($field);
177
		return (is_null($result)) ? null : $this->add_slashes($result);
178
	}
179
	
180
	// Get GET data
181
	function get_get($field) {
182
		if(isset($_GET[$field])) {
183
			return $_GET[$field];
184
		} else {
185
			return null;
186
		}
187
	}
188

    
189
	// Get SESSION data
190
	function get_session($field) {
191
		if(isset($_SESSION[$field])) {
192
			return $_SESSION[$field];
193
		} else {
194
			return null;
195
		}
196
	}
197

    
198
	// Get SERVER data
199
	function get_server($field) {
200
		if(isset($_SERVER[$field])) {
201
			return $_SERVER[$field];
202
		} else {
203
			return null;
204
		}
205
	}
206

    
207
	// Get the current users id
208
	function get_user_id() {
209
		return $_SESSION['USER_ID'];
210
	}
211

    
212
	// Get the current users group id
213
	function get_group_id() {
214
		return $_SESSION['GROUP_ID'];
215
	}
216

    
217
	// Get the current users group ids
218
	function get_groups_id() {
219
		return split(",", $_SESSION['GROUPS_ID']);
220
	}
221

    
222
	// Get the current users group name
223
	function get_group_name() {
224
		return implode(",", $_SESSION['GROUP_NAME']);
225
	}
226

    
227
	// Get the current users group name
228
	function get_groups_name() {
229
		return $_SESSION['GROUP_NAME'];
230
	}
231

    
232
	// Get the current users username
233
	function get_username() {
234
		return $_SESSION['USERNAME'];
235
	}
236

    
237
	// Get the current users display name
238
	function get_display_name() {
239
		return ($_SESSION['DISPLAY_NAME']);
240
	}
241

    
242
	// Get the current users email address
243
	function get_email() {
244
		return $_SESSION['EMAIL'];
245
	}
246

    
247
	// Get the current users home folder
248
	function get_home_folder() {
249
		return $_SESSION['HOME_FOLDER'];
250
	}
251

    
252
	// Get the current users timezone
253
	function get_timezone() {
254
		if(!isset($_SESSION['USE_DEFAULT_TIMEZONE'])) {
255
			return $_SESSION['TIMEZONE'];
256
		} else {
257
			return '-72000';
258
		}
259
	}
260

    
261
	// Validate supplied email address
262
	function validate_email($email) {
263
		if(eregi("^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$", $email)) {
264
			return true;
265
		} else {
266
			return false;
267
		}
268
	}
269

    
270
	// Print a success message which then automatically redirects the user to another page
271
	function print_success($message, $redirect = 'index.php') {
272
		global $TEXT, $database;
273
		
274
		// fetch redirect timer for sucess messages from settings table
275
		$table = TABLE_PREFIX . 'settings';
276
		$results = @$database->get_one("SELECT `value` FROM `$table` WHERE `name` = 'redirect_timer'");
277
		$redirect_timer = ($results) ? $results : '1500';
278

    
279
		// add template variables
280
		$success_template = new Template(ADMIN_PATH.'/interface');
281
		$success_template->set_file('page', 'success.html');
282
		$success_template->set_block('page', 'main_block', 'main');
283
		$success_template->set_var('MESSAGE', $message);
284
		$success_template->set_var('REDIRECT', $redirect);
285
		$success_template->set_var('REDIRECT_TIMER', $redirect_timer);
286
		$success_template->set_var('NEXT', $TEXT['NEXT']);
287
		$success_template->parse('main', 'main_block', false);
288
		$success_template->pparse('output', 'page');
289
	}
290
	
291
	// Print an error message
292
	function print_error($message, $link = 'index.php', $auto_footer = true) {
293
		global $TEXT;
294
		$success_template = new Template(ADMIN_PATH.'/interface');
295
		$success_template->set_file('page', 'error.html');
296
		$success_template->set_block('page', 'main_block', 'main');
297
		$success_template->set_var('MESSAGE', $message);
298
		$success_template->set_var('LINK', $link);
299
		$success_template->set_var('BACK', $TEXT['BACK']);
300
		$success_template->parse('main', 'main_block', false);
301
		$success_template->pparse('output', 'page');
302
		if($auto_footer == true) {
303
			$this->print_footer();
304
		}
305
		exit();
306
	}
307

    
308
	// Validate send email
309
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='') {
310
		/* 
311
			INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
312
			SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
313
			NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
314

    
315
			NOTE:
316
			To use SMTP for sending out mails, you have to specify the SMTP host of your domain
317
			via the Settings panel in the backend of Website Baker
318
		*/ 
319

    
320
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
321
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
322
		$subject = preg_replace('/[\r\n]/', '', $subject);
323
		$message_alt = $message;
324
		$message = preg_replace('/[\r\n]/', '<br \>', $message);
325
		
326
		// create PHPMailer object and define default settings
327
		$myMail = new wbmailer();
328

    
329
		// set user defined from address
330
		if ($fromaddress!='') {
331
			if($fromname!='') $myMail->FromName = $fromname;         // FROM-NAME
332
			$myMail->From = $fromaddress;                            // FROM:
333
			$myMail->AddReplyTo($fromaddress);                       // REPLY TO:
334
		}
335
		
336
		// define recepient and information to send out
337
		$myMail->AddAddress($toaddress);                            // TO:
338
		$myMail->Subject = $subject;                                // SUBJECT
339
		$myMail->Body = $message;                                   // CONTENT (HTML)
340
		$myMail->AltBody = strip_tags($message_alt);				// CONTENT (TEXT)
341
		
342
		// check if there are any send mail errors, otherwise say successful
343
		if (!$myMail->Send()) {
344
			return false;
345
		} else {
346
			return true;
347
		}
348
	}
349

    
350
}
351
?>
(8-8/15)