<?
/*
##################################################
#
# Filename..........: $RCSfile: master.inc,v $
# Original Author...: Anthony L. Awtrey
# Version...........: $Revision: 0.1 $
# Last Modified By..: $Author: aawtrey $
# Last Modified.....: $Date: 2006/09/21 01:30:22 $
#
# Copyright 2006 Anthony Awtrey
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
*/

/*
 * NOTE:
 * This file initializes all the necessary components of the website. Please
 * keep in mind when adding anything to this file as it is run by every
 * single page.
 */

// Define constants
define("ADODB_PATH",   "/usr/share/php/adodb/adodb.inc.php");
define("DB_HOST_NAME", "localhost");
define("DB_NAME",      "worship");
define("DB_USER_NAME", "worship");
define("DB_USER_PASS", "organizer");

/*
 * Php has a allows: http://site.com/this.php/this.php
 *                                   |SCRIPT |PATH_INFO
 * The extra /this.php is passed through Apache as a 'PATH_INFO'
 * environment variable and this code redirects the path back out.
 * I've seen search engines thrash on a site without this protection.
 */
if ( 
     $_SERVER['PATH_INFO'] != ''
   )
{
  $tmp_reg = "/".str_replace('/','\/',$_SERVER['PATH_INFO'])."$/";
  $tmp_url = preg_replace($tmp_reg, '', $_SERVER['REQUEST_URI']);
  header("HTTP/1.1 301 Moved Permanently");
  header("Location: $tmp_url");
  header("Connection: close");
  exit;
}

/*
 * Define the relative URL based on relpath and REQUEST_URI
 * This may seem odd, but it enables moving files around without having to
 * explicitly define an absolute path to the web root.
 */
define("RELPATH",$relpath);
$temp_uri = $_SERVER['SCRIPT_NAME'];
if (ereg("\?",$temp_uri)) { $temp_uri = ereg_replace("\?.*$","",$temp_uri); }
$temp_uri = ereg_replace("index\.php$","",$temp_uri);
$temp_uri = ereg_replace("\/$","",$temp_uri);
$temp_uri = ereg_replace("^\/","",$temp_uri);
$uri_array = explode("/", $temp_uri);
if ( is_file($uri_array[count($uri_array)-1]) ) {
  $relfile = array_pop($uri_array);
  define("RELFILE",$relfile);
}
for ($i = 0; $i < strlen(RELPATH) / 3; $i++ ) {
  array_pop($uri_array);
}
if ( is_array($uri_array) ) {
  $temp_uri = "/" . implode("/",$uri_array) . "/";
  $reluri = str_replace($temp_uri, "", $_SERVER['REQUEST_URI']);
  if ( $reluri == '/' ) { $reluri = "./"; }
  define("RELURI",$reluri);
}

// Block warnings/errors on live site
// Set E_ALL is for all errors, 0 is for none
//error_reporting(0);
//error_reporting(E_ALL);
error_reporting(E_ALL & ~E_NOTICE & ~E_WARNING);

// Start the session handler
session_start();

// Seed the randomizer
srand((double)microtime()*1000000);

/*
 * Clean POST and GET input. This removes 'dangerous' characters from input
 * data. Keep this in mind while coding, so user input may have to be
 * translated back to html from the entities stored in the data.
 * NOTE:
 * The POST processing function also sends an email for every POST request
 * to alert the site admin of suspicious activity that may need to be
 * addressed. (crackers / spammers / etc.)
 */
if ( $_SERVER['REQUEST_METHOD']=='POST' ) {
  foreach( $_POST as $key => $val) {
    if (!is_array($val)) {
      $val = stripslashes($val);
      $val = ereg_replace('\\|\\\\','',$val);
      $val = ereg_replace("'","\'",$val);
      $val = str2htmlentity($val);
      $_POST[$key] = $val;
      ${$key}      = $val;
    }
  }
  //sendEmailNotification('Someone Posted');
}
foreach( $_GET as $key => $val) {
  if (!is_array($val)) {
    $val = stripslashes($val);
    $val = ereg_replace('\\|\\\\','',$val);
    $val = ereg_replace("'","\'",$val);
    $val = str2htmlentity($val);
    $_GET[$key] = $val;
    ${$key}     = $val;
  }
}

/*
 * Load / create various classes and functions
 */

require_once("Data.class"); # Initialize data class
require_once("Page.class"); # Initialize page class

/*
 * This function will provide an email containing all session, POST and GET
 * information when called (see form input cleaning function above)
 */
function sendEmailNotification($subject='Email From Website') {
  $email_body  = "This is the session data:\n\n";
  foreach( $_SESSION as $key => $val) {
    $email_body .= '  ' . $key . ': ' . $val . "\n";
  }
  $email_body .= "\n";
  $email_body .= "This is the post data:\n\n";
  foreach( $_POST as $key => $val) {
    $email_body .= '  ' . $key . ': ' . $val . "\n";
  }
  $email_body .= "\n";
  $email_body .= "This is the get data:\n\n";
  foreach( $_GET as $key => $val) {
    $email_body .= '  ' . $key . ': ' . $val . "\n";
  }
  $email_body .= "\n";
  $email_body .= "This is the server, browser and connection information:\n\n";
  foreach( $_SERVER as $key => $val) {
    $email_body .= '  ' . $key . ': ' . $val . "\n";
  }
  include_once('Email.class');
  $email = new Email('tony@awtrey.com','webmaster@awtrey.com',$subject,$email_body);
  $email->send();
}

/*
 * Yes, I know PHP has a built-in function that does this. It has some oddness
 * depending on the version of PHP amoung other issues. See the PHP Manual
 * for lots of people offering their version of an entity conversion script.
 * I just want the 4 items here converted, so I did just wrote a function that
 * does only what I want it to do.
 */
function str2htmlentity($string) {
  $string = ereg_replace('"', '&quot;', $string);
  $string = ereg_replace('<', '&lt;',   $string);
  $string = ereg_replace('>', '&gt;',   $string);
  $string = ereg_replace('&', '&amp;',  $string);
  return($string);
}

function htmlentity2str($string) {
  $string = ereg_replace('&quot;', '"', $string);
  $string = ereg_replace('&lt;',   '<', $string);
  $string = ereg_replace('&gt;',   '>', $string);
  $string = ereg_replace('&amp;',  '&', $string);
  return($string);
}

/*
 * This is a handy function that truncates a string of text at the first space
 * character before the specified length.
 */
function truncate_string($string,$length='300') {
  if ( strlen($string) > $length ) {
    $string = preg_replace('/\s+?(\S+)?$/', '', substr($string, 0, $length+1));
    return substr($string, 0, $length);
  } else {
    return $string;
  }
}

/*
 * Function to properly handle HTTP Location: redirects.
 */
function redirect($location='') {
  if ( $location == '' ) { $location = RELPATH; }
  header("HTTP/1.1 302 Moved Temporarily");
  header("Location: $location");
  header("Connection: close");
  exit;
}

/*
 * Site login function
 */
function login($inLogin,$inPassword) {
  $account = new Data("account");
  if ( $login = $account->return_array("SELECT * FROM account WHERE login='$inLogin' AND password='$inPassword'") )
  {
    $_SESSION['login'] = $login[0]['id'];
    return true;
  } else {
    return false;
  }
}

/*
 * Site logout function
 */
function logout() {
  if ($_SESSION['login']) {
    $_SESSION = array();
    if (isset($_COOKIE[session_name()])) {
      setcookie(session_name(), '', time()-42000, '/');
    }
    session_destroy();
  }
}

/*
 * Just like print_r but returns a string instead echoing directly to the browser
 */
function print_readable($pr_var, $pr_ret = false, $pr_level = 0)
{
  $pr_prefix = str_repeat(" ", $pr_level * 4);

  if ((is_array($pr_var)) or (is_object($pr_var))) {
    if ($pr_level == 0) {
      $pr_base = true;
      if (is_array($pr_var)) { $pr_ret = $pr_prefix . "Array\n"; } else { $pr_ret = $pr_prefix . get_class($pr_var) . " Object\n"; }
      $pr_ret .= $pr_prefix . "(\n";
      $pr_level += 1; $pr_prefix = str_repeat(" ", ($pr_level) * 4);
    } else {
      $pr_base = false;
      $pr_level += 1; $pr_prefix = str_repeat(" ", ($pr_level) * 4);
      $pr_ret .= $pr_prefix . "(\n";
      $pr_level += 1; $pr_prefix = str_repeat(" ", ($pr_level) * 4);
    }

    foreach($pr_var as $pr_var_key=>$pr_var_value) {
      $pr_ret .= $pr_prefix . '[' . $pr_var_key . "] => ";
      if (is_array($pr_var_value)) {
        $pr_ret .= "Array\n";
        $pr_ret .= print_readable($pr_var_value, $pr_print, $pr_level);
      } elseif (is_object($pr_var_value)){
        $pr_ret .= get_class($pr_var_value) . " Object\n";
        $pr_ret .= print_readable($pr_var_value, $pr_print, $pr_level);
      } else {
        $pr_ret .= $pr_var_value."\n";
      }
    }
    $pr_level -= 1; $pr_prefix = str_repeat(" ", ($pr_level) * 4);
    $pr_ret .= $pr_prefix . ")\n";
    if ($pr_base = false) $pr_level -= 1;
  }  else {
    $pr_ret = $pr_prefix."$var\n";
  }
  $pr_ret .= "\n";

  if (($level = 0) and ($ret == true)) {
    return($pr_ret);
  } else {
    return($pr_ret);
  }
}

?>