Projekt

Allgemein

Profil

Statistiken
| Revision:

testmodus / admin / includes / application_top.php

Historie | Anzeigen | Annotieren | Download (9,88 KB)

1
<?php
2
/* --------------------------------------------------------------
3
   $Id: application_top.php 13484 2021-04-01 08:50:12Z GTB $
4

5
   modified eCommerce Shopsoftware
6
   http://www.modified-shop.org
7

8
   Copyright (c) 2009 - 2013 [www.modified-shop.org]
9
   --------------------------------------------------------------
10
   based on:
11
   (c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
12
   (c) 2002-2003 osCommerce(application_top.php,v 1.158 2003/03/22); www.oscommerce.com
13
   (c) 2003 nextcommerce (application_top.php,v 1.46 2003/08/24); www.nextcommerce.org
14
   (c) 2006 XT-Commerce (application_top.php 1323 2005-10-27) ; www.xt-commerce.com
15

16
   Released under the GNU General Public License
17
   --------------------------------------------------------------
18
   Third Party contribution:
19

20
   Customers Status v3.x  (c) 2002-2003 Copyright Elari elari@free.fr | www.unlockgsm.com/dload-osc/ | CVS : http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/elari/?sortby=date#dirlist
21

22
   Credit Class/Gift Vouchers/Discount Coupons (Version 5.10)
23
   http://www.oscommerce.com/community/contributions,282
24
   Copyright (c) Strider | Strider@oscworks.com
25
   Copyright (c) Nick Stanko of UkiDev.com, nick@ukidev.com
26
   Copyright (c) Andre ambidex@gmx.net
27
   Copyright (c) 2001,2002 Ian C Wilson http://www.phesis.org
28

29
   Released under the GNU General Public License
30
   --------------------------------------------------------------*/
31

    
32
//Run Mode
33
define('RUN_MODE_ADMIN',true);
34

    
35
# TESTMODUS
36
if (file_exists('../includes/extra/testmodus/testmodus.php'))
37
 require_once('../includes/extra/testmodus/testmodus.php');
38
 
39
// Start the clock for the page parse time log
40
define('PAGE_PARSE_START_TIME', microtime(true));
41

    
42
// set the level of error reporting
43
@ini_set('display_errors', false);
44
error_reporting(0);
45

    
46
// security
47
define('_VALID_XTC',true);
48

    
49
// Disable use_trans_sid as xtc_href_link() does this manually
50
if (function_exists('ini_set')) {
51
  @ini_set('session.use_trans_sid', 0);
52
}
53

    
54
// configuration parameters
55
if (file_exists('../includes/local/configure.php')) {
56
  include_once('../includes/local/configure.php');
57
} else {
58
  include_once('../includes/configure.php');
59
}
60

    
61
// minimum requirement
62
if (version_compare(PHP_VERSION, '5.6', '<')) {
63
  die('<h1>Minimum requirement PHP Version 5.6</h1>');
64
}
65

    
66
// default time zone
67
date_default_timezone_set('Europe/Berlin');
68

    
69
// new error handling
70
if (is_file(DIR_FS_CATALOG.DIR_WS_INCLUDES.'error_reporting.php')) {
71
  require_once (DIR_FS_CATALOG.DIR_WS_INCLUDES.'error_reporting.php');
72
}
73

    
74
// security inputfilter for GET/POST/COOKIE
75
require (DIR_FS_CATALOG.DIR_WS_CLASSES.'inputfilter.php');
76
$inputfilter = new Inputfilter();
77
$_GET = $inputfilter->validate($_GET);
78
$_POST = $inputfilter->validate($_POST);
79
$_REQUEST = $inputfilter->validate($_REQUEST);
80

    
81
// auto include
82
require_once (DIR_FS_INC . 'auto_include.inc.php');
83

    
84
// project versison
85
require_once (DIR_WS_INCLUDES.'version.php');
86

    
87
// Base/PHP_SELF/SSL-PROXY
88
require_once(DIR_FS_INC . 'set_php_self.inc.php');
89
$PHP_SELF = set_php_self();
90

    
91
define('TAX_DECIMAL_PLACES', 0);
92

    
93
// include the list of project filenames
94
require (DIR_FS_ADMIN.DIR_WS_INCLUDES.'filenames.php');
95

    
96
// list of project database tables
97
require_once(DIR_FS_CATALOG.DIR_WS_INCLUDES.'database_tables.php');
98

    
99
// Database
100
require_once (DIR_FS_INC.'db_functions_'.DB_MYSQL_TYPE.'.inc.php');
101
require_once (DIR_FS_INC.'db_functions.inc.php');
102

    
103
// include needed functions
104
require_once(DIR_FS_INC . 'xtc_get_ip_address.inc.php');
105
require_once(DIR_FS_INC . 'xtc_setcookie.inc.php');
106
require_once(DIR_FS_INC . 'xtc_validate_email.inc.php');
107
require_once(DIR_FS_INC . 'xtc_not_null.inc.php');
108
require_once(DIR_FS_INC . 'xtc_add_tax.inc.php');
109
require_once(DIR_FS_INC . 'xtc_get_tax_rate.inc.php');
110
require_once(DIR_FS_INC . 'xtc_get_qty.inc.php');
111
require_once(DIR_FS_INC . 'xtc_product_link.inc.php');
112
require_once(DIR_FS_INC . 'xtc_cleanName.inc.php');
113
require_once(DIR_FS_INC . 'xtc_get_top_level_domain.inc.php');
114
require_once(DIR_FS_INC . 'html_encoding.php'); //new function for PHP5.4
115
require_once(DIR_FS_INC . 'xtc_backup_restore_configuration.php');
116
require_once(DIR_FS_INC . 'xtc_check_agent.inc.php');
117
require_once(DIR_FS_INC . 'xtc_parse_category_path.inc.php');
118
require_once(DIR_FS_INC . 'xtc_input_validation.inc.php');
119
require_once(DIR_FS_INC . 'xtc_get_category_path.inc.php');
120

    
121
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/functions/','php') as $file) require ($file);
122

    
123
// design layout (wide of boxes in pixels) (default: 125)
124
define('BOX_WIDTH', 125);
125

    
126
// make a connection to the database... now
127
xtc_db_connect() or die('Unable to connect to database server!');
128

    
129
// set application wide parameters
130
define('DB_CACHE', 'false');
131
$duplicate_configuration = array();
132
$configuration_query = xtc_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION . '');
133
while ($configuration = xtc_db_fetch_array($configuration_query)) {
134
  if ($configuration['cfgKey'] != 'DB_CACHE' && $configuration['cfgKey'] != 'STORE_DB_TRANSACTIONS') {
135
    if (!defined($configuration['cfgKey'])) {
136
      define($configuration['cfgKey'], stripslashes($configuration['cfgValue']));
137
    } else {
138
      $duplicate_configuration[] = $configuration['cfgKey'];
139
    }
140
  }
141
}
142

    
143
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/application_top/application_top_begin/','php') as $file) require ($file);
144

    
145
define('FILENAME_IMAGEMANIPULATOR',IMAGE_MANIPULATOR);
146

    
147
// initialize the logger class
148
require(DIR_WS_CLASSES . 'logger.php');
149

    
150
// shopping cart class
151
require(DIR_WS_CLASSES . 'shopping_cart.php');
152

    
153
// todo
154
require(DIR_WS_FUNCTIONS . 'general.php');
155

    
156
// define how the session functions will be used
157
require(DIR_WS_FUNCTIONS . 'sessions.php');
158

    
159
  // define our general functions used application-wide
160
require(DIR_WS_FUNCTIONS . 'html_output.php');
161

    
162
// set the type of request (secure or not)
163
if (file_exists(DIR_WS_INCLUDES . 'request_type.php')) {
164
  include (DIR_WS_INCLUDES . 'request_type.php');
165
} else {
166
  $request_type = 'NONSSL';
167
}
168

    
169
// set the top level domains
170
$http_domain_arr = xtc_get_top_level_domain(HTTP_SERVER);
171
$https_domain_arr = xtc_get_top_level_domain(HTTPS_SERVER);
172
$http_domain = $http_domain_arr['domain'];
173
$https_domain = $https_domain_arr['domain'];
174
$current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain);
175

    
176
// set the top level domains to delete
177
$current_domain_delete = (($request_type == 'NONSSL') ? $http_domain_arr['delete'] : $https_domain_arr['delete']);
178

    
179
// set the session name and save path
180
// set the session cookie parameters
181
// set the session ID if it exists
182
// start the session
183
// Redirect search engines with session id to the same url without session id to prevent indexing session id urls
184
// check for Cookie usage
185
// check the Agent
186
include (DIR_FS_CATALOG.DIR_WS_MODULES.'set_session_and_cookie_parameters.php');
187

    
188
// verify the ssl_session_id if the feature is enabled
189
// verify the browser user agent if the feature is enabled
190
// verify the IP address if the feature is enabled
191
include (DIR_FS_CATALOG.DIR_WS_MODULES.'verify_session.php');
192

    
193
// set the language
194
include (DIR_FS_CATALOG.DIR_WS_MODULES.'set_language_sessions.php');
195

    
196
// include the language translations
197
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/'.$_SESSION['language'] . '.php');
198
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/buttons.php');
199
$current_page = basename($PHP_SELF);
200
if (is_file(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/' . $current_page)) {
201
  require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/' . $current_page);
202
}
203

    
204
// write customers status in session
205
require(DIR_FS_CATALOG.DIR_WS_INCLUDES.'write_customers_status.php');
206

    
207
// call from filemanager
208
if (defined('_IS_FILEMANAGER')) return;
209

    
210
// check permission
211
if (is_file(DIR_FS_ADMIN.$current_page) == false || $_SESSION['customers_status']['customers_status_id'] !== '0') {
212
  xtc_redirect(xtc_catalog_href_link(FILENAME_LOGIN));
213
}
214

    
215
// define our localization functions
216
require(DIR_WS_FUNCTIONS . 'localization.php');
217

    
218
// setup our boxes
219
require(DIR_WS_CLASSES . 'table_block.php');
220
require(DIR_WS_CLASSES . 'box.php');
221

    
222
// initialize the message stack for output messages
223
require(DIR_WS_CLASSES . 'message_stack.php');
224
$messageStack = new messageStack();
225

    
226
// verfiy CSRF Token
227
if (CSRF_TOKEN_SYSTEM == 'true') {
228
  require_once(DIR_FS_INC . 'csrf_token.inc.php');
229
}
230

    
231
// split-page-results
232
require(DIR_WS_CLASSES . 'split_page_results.php');
233

    
234
// entry/item info classes
235
require(DIR_WS_CLASSES . 'object_info.php');
236

    
237
// file uploading class
238
require(DIR_WS_CLASSES . 'upload.php');
239

    
240
// content, product, category - sql group_check/fsk_lock
241
require (DIR_FS_CATALOG.DIR_WS_INCLUDES.'define_conditions.php');
242

    
243
// add_select
244
require (DIR_FS_CATALOG.DIR_WS_INCLUDES.'define_add_select.php');
245

    
246
// calculate category path
247
$cPath = isset($_GET['cPath']) ? $_GET['cPath'] : '';
248
if (strlen($cPath) > 0) {
249
  $cPath_array = xtc_parse_category_path($cPath);
250
  $current_category_id = end($cPath_array);
251
} else {
252
  $current_category_id = 0;
253
}
254

    
255
// check if a default currency is set
256
if (!defined('DEFAULT_CURRENCY')) {
257
  $messageStack->add(ERROR_NO_DEFAULT_CURRENCY_DEFINED, 'error');
258
}
259

    
260
// check if a default language is set
261
if (!defined('DEFAULT_LANGUAGE')) {
262
  $messageStack->add(ERROR_NO_DEFAULT_LANGUAGE_DEFINED, 'error');
263
}
264

    
265
// for Customers Status
266
xtc_get_customers_statuses();
267

    
268
$pagename = strtok($current_page, '.');
269
if (!isset($_SESSION['customer_id'])) {
270
  xtc_redirect(xtc_catalog_href_link(FILENAME_LOGIN));
271
}
272

    
273
xtc_check_permission($pagename);
274

    
275
// set which precautions should be checked
276
defined('WARN_CONFIG_WRITEABLE') OR define('WARN_CONFIG_WRITEABLE', 'true');
277
defined('WARN_FILES_WRITEABLE') OR define('WARN_FILES_WRITEABLE', 'true');
278
defined('WARN_DIRS_WRITEABLE') OR define('WARN_DIRS_WRITEABLE', 'true');
279

    
280
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/application_top/application_top_end/','php') as $file) require ($file);
281

    
282
//compatibility for modified eCommerce Shopsoftware 1.06 files
283
defined('DIR_WS_BASE') OR define('DIR_WS_BASE', '');
284
?>