testmodus / admin / includes / application_top.php
Historie | Anzeigen | Annotieren | Download (9,88 KB)
1 |
<?php
|
---|---|
2 |
/* --------------------------------------------------------------
|
3 |
$Id: application_top.php 13484 2021-04-01 08:50:12Z GTB $
|
4 |
|
5 |
modified eCommerce Shopsoftware
|
6 |
http://www.modified-shop.org
|
7 |
|
8 |
Copyright (c) 2009 - 2013 [www.modified-shop.org]
|
9 |
--------------------------------------------------------------
|
10 |
based on:
|
11 |
(c) 2000-2001 The Exchange Project (earlier name of osCommerce)
|
12 |
(c) 2002-2003 osCommerce(application_top.php,v 1.158 2003/03/22); www.oscommerce.com
|
13 |
(c) 2003 nextcommerce (application_top.php,v 1.46 2003/08/24); www.nextcommerce.org
|
14 |
(c) 2006 XT-Commerce (application_top.php 1323 2005-10-27) ; www.xt-commerce.com
|
15 |
|
16 |
Released under the GNU General Public License
|
17 |
--------------------------------------------------------------
|
18 |
Third Party contribution:
|
19 |
|
20 |
Customers Status v3.x (c) 2002-2003 Copyright Elari elari@free.fr | www.unlockgsm.com/dload-osc/ | CVS : http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/elari/?sortby=date#dirlist
|
21 |
|
22 |
Credit Class/Gift Vouchers/Discount Coupons (Version 5.10)
|
23 |
http://www.oscommerce.com/community/contributions,282
|
24 |
Copyright (c) Strider | Strider@oscworks.com
|
25 |
Copyright (c) Nick Stanko of UkiDev.com, nick@ukidev.com
|
26 |
Copyright (c) Andre ambidex@gmx.net
|
27 |
Copyright (c) 2001,2002 Ian C Wilson http://www.phesis.org
|
28 |
|
29 |
Released under the GNU General Public License
|
30 |
--------------------------------------------------------------*/
|
31 |
|
32 |
//Run Mode
|
33 |
define('RUN_MODE_ADMIN',true); |
34 |
|
35 |
# TESTMODUS
|
36 |
if (file_exists('../includes/extra/testmodus/testmodus.php')) |
37 |
require_once('../includes/extra/testmodus/testmodus.php'); |
38 |
|
39 |
// Start the clock for the page parse time log
|
40 |
define('PAGE_PARSE_START_TIME', microtime(true)); |
41 |
|
42 |
// set the level of error reporting
|
43 |
@ini_set('display_errors', false); |
44 |
error_reporting(0); |
45 |
|
46 |
// security
|
47 |
define('_VALID_XTC',true); |
48 |
|
49 |
// Disable use_trans_sid as xtc_href_link() does this manually
|
50 |
if (function_exists('ini_set')) { |
51 |
@ini_set('session.use_trans_sid', 0); |
52 |
} |
53 |
|
54 |
// configuration parameters
|
55 |
if (file_exists('../includes/local/configure.php')) { |
56 |
include_once('../includes/local/configure.php'); |
57 |
} else {
|
58 |
include_once('../includes/configure.php'); |
59 |
} |
60 |
|
61 |
// minimum requirement
|
62 |
if (version_compare(PHP_VERSION, '5.6', '<')) { |
63 |
die('<h1>Minimum requirement PHP Version 5.6</h1>'); |
64 |
} |
65 |
|
66 |
// default time zone
|
67 |
date_default_timezone_set('Europe/Berlin');
|
68 |
|
69 |
// new error handling
|
70 |
if (is_file(DIR_FS_CATALOG.DIR_WS_INCLUDES.'error_reporting.php')) { |
71 |
require_once (DIR_FS_CATALOG.DIR_WS_INCLUDES.'error_reporting.php'); |
72 |
} |
73 |
|
74 |
// security inputfilter for GET/POST/COOKIE
|
75 |
require (DIR_FS_CATALOG.DIR_WS_CLASSES.'inputfilter.php'); |
76 |
$inputfilter = new Inputfilter(); |
77 |
$_GET = $inputfilter->validate($_GET); |
78 |
$_POST = $inputfilter->validate($_POST); |
79 |
$_REQUEST = $inputfilter->validate($_REQUEST); |
80 |
|
81 |
// auto include
|
82 |
require_once (DIR_FS_INC . 'auto_include.inc.php'); |
83 |
|
84 |
// project versison
|
85 |
require_once (DIR_WS_INCLUDES.'version.php'); |
86 |
|
87 |
// Base/PHP_SELF/SSL-PROXY
|
88 |
require_once(DIR_FS_INC . 'set_php_self.inc.php'); |
89 |
$PHP_SELF = set_php_self();
|
90 |
|
91 |
define('TAX_DECIMAL_PLACES', 0); |
92 |
|
93 |
// include the list of project filenames
|
94 |
require (DIR_FS_ADMIN.DIR_WS_INCLUDES.'filenames.php'); |
95 |
|
96 |
// list of project database tables
|
97 |
require_once(DIR_FS_CATALOG.DIR_WS_INCLUDES.'database_tables.php'); |
98 |
|
99 |
// Database
|
100 |
require_once (DIR_FS_INC.'db_functions_'.DB_MYSQL_TYPE.'.inc.php'); |
101 |
require_once (DIR_FS_INC.'db_functions.inc.php'); |
102 |
|
103 |
// include needed functions
|
104 |
require_once(DIR_FS_INC . 'xtc_get_ip_address.inc.php'); |
105 |
require_once(DIR_FS_INC . 'xtc_setcookie.inc.php'); |
106 |
require_once(DIR_FS_INC . 'xtc_validate_email.inc.php'); |
107 |
require_once(DIR_FS_INC . 'xtc_not_null.inc.php'); |
108 |
require_once(DIR_FS_INC . 'xtc_add_tax.inc.php'); |
109 |
require_once(DIR_FS_INC . 'xtc_get_tax_rate.inc.php'); |
110 |
require_once(DIR_FS_INC . 'xtc_get_qty.inc.php'); |
111 |
require_once(DIR_FS_INC . 'xtc_product_link.inc.php'); |
112 |
require_once(DIR_FS_INC . 'xtc_cleanName.inc.php'); |
113 |
require_once(DIR_FS_INC . 'xtc_get_top_level_domain.inc.php'); |
114 |
require_once(DIR_FS_INC . 'html_encoding.php'); //new function for PHP5.4 |
115 |
require_once(DIR_FS_INC . 'xtc_backup_restore_configuration.php'); |
116 |
require_once(DIR_FS_INC . 'xtc_check_agent.inc.php'); |
117 |
require_once(DIR_FS_INC . 'xtc_parse_category_path.inc.php'); |
118 |
require_once(DIR_FS_INC . 'xtc_input_validation.inc.php'); |
119 |
require_once(DIR_FS_INC . 'xtc_get_category_path.inc.php'); |
120 |
|
121 |
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/functions/','php') as $file) require ($file); |
122 |
|
123 |
// design layout (wide of boxes in pixels) (default: 125)
|
124 |
define('BOX_WIDTH', 125); |
125 |
|
126 |
// make a connection to the database... now
|
127 |
xtc_db_connect() or die('Unable to connect to database server!'); |
128 |
|
129 |
// set application wide parameters
|
130 |
define('DB_CACHE', 'false'); |
131 |
$duplicate_configuration = array(); |
132 |
$configuration_query = xtc_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION . ''); |
133 |
while ($configuration = xtc_db_fetch_array($configuration_query)) { |
134 |
if ($configuration['cfgKey'] != 'DB_CACHE' && $configuration['cfgKey'] != 'STORE_DB_TRANSACTIONS') { |
135 |
if (!defined($configuration['cfgKey'])) { |
136 |
define($configuration['cfgKey'], stripslashes($configuration['cfgValue'])); |
137 |
} else {
|
138 |
$duplicate_configuration[] = $configuration['cfgKey']; |
139 |
} |
140 |
} |
141 |
} |
142 |
|
143 |
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/application_top/application_top_begin/','php') as $file) require ($file); |
144 |
|
145 |
define('FILENAME_IMAGEMANIPULATOR',IMAGE_MANIPULATOR); |
146 |
|
147 |
// initialize the logger class
|
148 |
require(DIR_WS_CLASSES . 'logger.php'); |
149 |
|
150 |
// shopping cart class
|
151 |
require(DIR_WS_CLASSES . 'shopping_cart.php'); |
152 |
|
153 |
// todo
|
154 |
require(DIR_WS_FUNCTIONS . 'general.php'); |
155 |
|
156 |
// define how the session functions will be used
|
157 |
require(DIR_WS_FUNCTIONS . 'sessions.php'); |
158 |
|
159 |
// define our general functions used application-wide
|
160 |
require(DIR_WS_FUNCTIONS . 'html_output.php'); |
161 |
|
162 |
// set the type of request (secure or not)
|
163 |
if (file_exists(DIR_WS_INCLUDES . 'request_type.php')) { |
164 |
include (DIR_WS_INCLUDES . 'request_type.php'); |
165 |
} else {
|
166 |
$request_type = 'NONSSL'; |
167 |
} |
168 |
|
169 |
// set the top level domains
|
170 |
$http_domain_arr = xtc_get_top_level_domain(HTTP_SERVER); |
171 |
$https_domain_arr = xtc_get_top_level_domain(HTTPS_SERVER); |
172 |
$http_domain = $http_domain_arr['domain']; |
173 |
$https_domain = $https_domain_arr['domain']; |
174 |
$current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain); |
175 |
|
176 |
// set the top level domains to delete
|
177 |
$current_domain_delete = (($request_type == 'NONSSL') ? $http_domain_arr['delete'] : $https_domain_arr['delete']); |
178 |
|
179 |
// set the session name and save path
|
180 |
// set the session cookie parameters
|
181 |
// set the session ID if it exists
|
182 |
// start the session
|
183 |
// Redirect search engines with session id to the same url without session id to prevent indexing session id urls
|
184 |
// check for Cookie usage
|
185 |
// check the Agent
|
186 |
include (DIR_FS_CATALOG.DIR_WS_MODULES.'set_session_and_cookie_parameters.php'); |
187 |
|
188 |
// verify the ssl_session_id if the feature is enabled
|
189 |
// verify the browser user agent if the feature is enabled
|
190 |
// verify the IP address if the feature is enabled
|
191 |
include (DIR_FS_CATALOG.DIR_WS_MODULES.'verify_session.php'); |
192 |
|
193 |
// set the language
|
194 |
include (DIR_FS_CATALOG.DIR_WS_MODULES.'set_language_sessions.php'); |
195 |
|
196 |
// include the language translations
|
197 |
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/'.$_SESSION['language'] . '.php'); |
198 |
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/buttons.php'); |
199 |
$current_page = basename($PHP_SELF); |
200 |
if (is_file(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/' . $current_page)) { |
201 |
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/' . $current_page); |
202 |
} |
203 |
|
204 |
// write customers status in session
|
205 |
require(DIR_FS_CATALOG.DIR_WS_INCLUDES.'write_customers_status.php'); |
206 |
|
207 |
// call from filemanager
|
208 |
if (defined('_IS_FILEMANAGER')) return; |
209 |
|
210 |
// check permission
|
211 |
if (is_file(DIR_FS_ADMIN.$current_page) == false || $_SESSION['customers_status']['customers_status_id'] !== '0') { |
212 |
xtc_redirect(xtc_catalog_href_link(FILENAME_LOGIN));
|
213 |
} |
214 |
|
215 |
// define our localization functions
|
216 |
require(DIR_WS_FUNCTIONS . 'localization.php'); |
217 |
|
218 |
// setup our boxes
|
219 |
require(DIR_WS_CLASSES . 'table_block.php'); |
220 |
require(DIR_WS_CLASSES . 'box.php'); |
221 |
|
222 |
// initialize the message stack for output messages
|
223 |
require(DIR_WS_CLASSES . 'message_stack.php'); |
224 |
$messageStack = new messageStack(); |
225 |
|
226 |
// verfiy CSRF Token
|
227 |
if (CSRF_TOKEN_SYSTEM == 'true') { |
228 |
require_once(DIR_FS_INC . 'csrf_token.inc.php'); |
229 |
} |
230 |
|
231 |
// split-page-results
|
232 |
require(DIR_WS_CLASSES . 'split_page_results.php'); |
233 |
|
234 |
// entry/item info classes
|
235 |
require(DIR_WS_CLASSES . 'object_info.php'); |
236 |
|
237 |
// file uploading class
|
238 |
require(DIR_WS_CLASSES . 'upload.php'); |
239 |
|
240 |
// content, product, category - sql group_check/fsk_lock
|
241 |
require (DIR_FS_CATALOG.DIR_WS_INCLUDES.'define_conditions.php'); |
242 |
|
243 |
// add_select
|
244 |
require (DIR_FS_CATALOG.DIR_WS_INCLUDES.'define_add_select.php'); |
245 |
|
246 |
// calculate category path
|
247 |
$cPath = isset($_GET['cPath']) ? $_GET['cPath'] : ''; |
248 |
if (strlen($cPath) > 0) { |
249 |
$cPath_array = xtc_parse_category_path($cPath); |
250 |
$current_category_id = end($cPath_array); |
251 |
} else {
|
252 |
$current_category_id = 0; |
253 |
} |
254 |
|
255 |
// check if a default currency is set
|
256 |
if (!defined('DEFAULT_CURRENCY')) { |
257 |
$messageStack->add(ERROR_NO_DEFAULT_CURRENCY_DEFINED, 'error'); |
258 |
} |
259 |
|
260 |
// check if a default language is set
|
261 |
if (!defined('DEFAULT_LANGUAGE')) { |
262 |
$messageStack->add(ERROR_NO_DEFAULT_LANGUAGE_DEFINED, 'error'); |
263 |
} |
264 |
|
265 |
// for Customers Status
|
266 |
xtc_get_customers_statuses(); |
267 |
|
268 |
$pagename = strtok($current_page, '.'); |
269 |
if (!isset($_SESSION['customer_id'])) { |
270 |
xtc_redirect(xtc_catalog_href_link(FILENAME_LOGIN));
|
271 |
} |
272 |
|
273 |
xtc_check_permission($pagename);
|
274 |
|
275 |
// set which precautions should be checked
|
276 |
defined('WARN_CONFIG_WRITEABLE') OR define('WARN_CONFIG_WRITEABLE', 'true'); |
277 |
defined('WARN_FILES_WRITEABLE') OR define('WARN_FILES_WRITEABLE', 'true'); |
278 |
defined('WARN_DIRS_WRITEABLE') OR define('WARN_DIRS_WRITEABLE', 'true'); |
279 |
|
280 |
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/application_top/application_top_end/','php') as $file) require ($file); |
281 |
|
282 |
//compatibility for modified eCommerce Shopsoftware 1.06 files
|
283 |
defined('DIR_WS_BASE') OR define('DIR_WS_BASE', ''); |
284 |
?>
|