Project

General

Profile

1
<?php
2

    
3
// $Id: save.php 915 2009-01-21 19:27:01Z Ruebenwurzel $
4

    
5
/*
6

    
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2009, Ryan Djurovich
9

    
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14

    
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19

    
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23

    
24
*/
25

    
26
// prevent this file from being accessed directly in the browser (would set all entries in DB settings table to '')
27
if(!isset($_POST['default_language']) || $_POST['default_language'] == '') die(header('Location: index.php'));  
28

    
29
// Find out if the user was view advanced options or not
30
if($_POST['advanced'] == 'yes' ? $advanced = '?advanced=yes' : $advanced = '');
31

    
32
// Print admin header
33
require('../../config.php');
34
require_once(WB_PATH.'/framework/class.admin.php');
35
if($advanced == '') {
36
	$admin = new admin('Settings', 'settings_basic');
37
	$_POST['database_password'] = DB_PASSWORD;
38
} else {
39
	$admin = new admin('Settings', 'settings_advanced');
40
}
41

    
42
// Create a javascript back link
43
$js_back = "javascript: history.go(-1);";
44

    
45
// Ensure that the specified default email is formally valid
46
if(isset($_POST['server_email'])) {
47
	$_POST['server_email'] = strip_tags($_POST['server_email']);
48
	if(!eregi("^([0-9a-zA-Z]+[-._+&])*[0-9a-zA-Z]+@([-0-9a-zA-Z]+[.])+[a-zA-Z]{2,6}$", $_POST['server_email'])) {
49
		$admin->print_error($MESSAGE['USERS']['INVALID_EMAIL'].
50
			'<br /><strong>Email: '.htmlentities($_POST['server_email']).'</strong>', $js_back);
51
	}
52
}
53

    
54
// Work-out file mode
55
if($advanced == '') {
56
	// Check if should be set to 777 or left alone
57
	if(isset($_POST['world_writeable']) AND $_POST['world_writeable'] == 'true') {
58
		$file_mode = '0777';
59
		$dir_mode = '0777';
60
	} else {
61
		$file_mode = STRING_FILE_MODE;
62
		$dir_mode = STRING_DIR_MODE;
63
	}
64
} else {
65
	// Work-out the octal value for file mode
66
	$u = 0;
67
	if(isset($_POST['file_u_r']) AND $_POST['file_u_r'] == 'true') {
68
		$u = $u+4;
69
	}
70
	if(isset($_POST['file_u_w']) AND $_POST['file_u_w'] == 'true') {
71
		$u = $u+2;
72
	}
73
	if(isset($_POST['file_u_e']) AND $_POST['file_u_e'] == 'true') {
74
		$u = $u+1;
75
	}
76
	$g = 0;
77
	if(isset($_POST['file_g_r']) AND $_POST['file_g_r'] == 'true') {
78
		$g = $g+4;
79
	}
80
	if(isset($_POST['file_g_w']) AND $_POST['file_g_w'] == 'true') {
81
		$g = $g+2;
82
	}
83
	if(isset($_POST['file_g_e']) AND $_POST['file_g_e'] == 'true') {
84
		$g = $g+1;
85
	}
86
	$o = 0;
87
	if(isset($_POST['file_o_r']) AND $_POST['file_o_r'] == 'true') {
88
		$o = $o+4;
89
	}
90
	if(isset($_POST['file_o_w']) AND $_POST['file_o_w'] == 'true') {
91
		$o = $o+2;
92
	}
93
	if(isset($_POST['file_o_e']) AND $_POST['file_o_e'] == 'true') {
94
		$o = $o+1;
95
	}
96
	$file_mode = "0".$u.$g.$o;
97
	// Work-out the octal value for dir mode
98
	$u = 0;
99
	if(isset($_POST['dir_u_r']) AND $_POST['dir_u_r'] == 'true') {
100
		$u = $u+4;
101
	}
102
	if(isset($_POST['dir_u_w']) AND $_POST['dir_u_w'] == 'true') {
103
		$u = $u+2;
104
	}
105
	if(isset($_POST['dir_u_e']) AND $_POST['dir_u_e'] == 'true') {
106
		$u = $u+1;
107
	}
108
	$g = 0;
109
	if(isset($_POST['dir_g_r']) AND $_POST['dir_g_r'] == 'true') {
110
		$g = $g+4;
111
	}
112
	if(isset($_POST['dir_g_w']) AND $_POST['dir_g_w'] == 'true') {
113
		$g = $g+2;
114
	}
115
	if(isset($_POST['dir_g_e']) AND $_POST['dir_g_e'] == 'true') {
116
		$g = $g+1;
117
	}
118
	$o = 0;
119
	if(isset($_POST['dir_o_r']) AND $_POST['dir_o_r'] == 'true') {
120
		$o = $o+4;
121
	}
122
	if(isset($_POST['dir_o_w']) AND $_POST['dir_o_w'] == 'true') {
123
		$o = $o+2;
124
	}
125
	if(isset($_POST['dir_o_e']) AND $_POST['dir_o_e'] == 'true') {
126
		$o = $o+1;
127
	}
128
	$dir_mode = "0".$u.$g.$o;
129
}
130

    
131
// Create new database object
132
$database = new database();
133

    
134
// Query current settings in the db, then loop through them and update the db with the new value
135
$query = "SELECT name FROM ".TABLE_PREFIX."settings";
136
$results = $database->query($query);
137
while($setting = $results->fetchRow()) {
138
	$setting_name = $setting['name'];
139
	$value = $admin->get_post($setting_name);
140
	if ($setting_name!='wb_version') {
141
		$allow_tags_in_fields = array('website_header', 'website_footer');
142
		if(!in_array($setting_name, $allow_tags_in_fields)) {
143
			$value = strip_tags($value);
144
		}
145
		switch ($setting_name) {
146
			case 'default_timezone':
147
				$value=$value*60*60;
148
				break;
149
			case 'string_dir_mode':
150
				$value=$dir_mode;
151
				break;
152
			case 'string_file_mode':
153
				$value=$file_mode;
154
				break;
155
			case 'pages_directory':
156
				if(trim($value)=='/') $value='';
157
				break;
158
		}
159
		$value = $admin->add_slashes($value);
160
		$database->query("UPDATE ".TABLE_PREFIX."settings SET value = '$value' WHERE name = '$setting_name'");
161
	}
162
}
163

    
164
// Query current search settings in the db, then loop through them and update the db with the new value
165
$query = "SELECT name, value FROM ".TABLE_PREFIX."search WHERE extra = ''";
166
$results = $database->query($query);
167
while($search_setting = $results->fetchRow()) {
168
	$old_value = $search_setting['value'];
169
	$setting_name = $search_setting['name'];
170
	$post_name = 'search_'.$search_setting['name'];
171
	if($admin->get_post($post_name) == '')
172
		$value = $old_value;
173
	else
174
		$value = $admin->get_post($post_name);
175
	$value = $admin->add_slashes($value);
176
	$database->query("UPDATE ".TABLE_PREFIX."search SET value = '$value' WHERE name = '$setting_name'");
177
}
178

    
179
// Check if there was an error updating the db
180
if($database->is_error()) {
181
	$admin->print_error($database->get_error, ADMIN_URL.'/settings/index.php'.$advanced);
182
	$admin->print_footer();
183
	exit();
184
}
185

    
186
$admin->print_success($MESSAGE['SETTINGS']['SAVED'], ADMIN_URL.'/settings/index.php'.$advanced);
187
$admin->print_footer();
188

    
189
?>
(2-2/2)