Projekt

Allgemein

Profil

Statistiken
| Revision:

testmodus / admin / includes / application_top.php @ 1

Historie | Anzeigen | Annotieren | Download (9,74 KB)

1 1 root
<?php
2
/* --------------------------------------------------------------
3
   $Id: application_top.php 13484 2021-04-01 08:50:12Z GTB $
4

5
   modified eCommerce Shopsoftware
6
   http://www.modified-shop.org
7

8
   Copyright (c) 2009 - 2013 [www.modified-shop.org]
9
   --------------------------------------------------------------
10
   based on:
11
   (c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
12
   (c) 2002-2003 osCommerce(application_top.php,v 1.158 2003/03/22); www.oscommerce.com
13
   (c) 2003 nextcommerce (application_top.php,v 1.46 2003/08/24); www.nextcommerce.org
14
   (c) 2006 XT-Commerce (application_top.php 1323 2005-10-27) ; www.xt-commerce.com
15

16
   Released under the GNU General Public License
17
   --------------------------------------------------------------
18
   Third Party contribution:
19

20
   Customers Status v3.x  (c) 2002-2003 Copyright Elari elari@free.fr | www.unlockgsm.com/dload-osc/ | CVS : http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/elari/?sortby=date#dirlist
21

22
   Credit Class/Gift Vouchers/Discount Coupons (Version 5.10)
23
   http://www.oscommerce.com/community/contributions,282
24
   Copyright (c) Strider | Strider@oscworks.com
25
   Copyright (c) Nick Stanko of UkiDev.com, nick@ukidev.com
26
   Copyright (c) Andre ambidex@gmx.net
27
   Copyright (c) 2001,2002 Ian C Wilson http://www.phesis.org
28

29
   Released under the GNU General Public License
30
   --------------------------------------------------------------*/
31
32
//Run Mode
33
define('RUN_MODE_ADMIN',true);
34
35
// Start the clock for the page parse time log
36
define('PAGE_PARSE_START_TIME', microtime(true));
37
38
// set the level of error reporting
39
@ini_set('display_errors', false);
40
error_reporting(0);
41
42
// security
43
define('_VALID_XTC',true);
44
45
// Disable use_trans_sid as xtc_href_link() does this manually
46
if (function_exists('ini_set')) {
47
  @ini_set('session.use_trans_sid', 0);
48
}
49
50
// configuration parameters
51
if (file_exists('../includes/local/configure.php')) {
52
  include_once('../includes/local/configure.php');
53
} else {
54
  include_once('../includes/configure.php');
55
}
56
57
// minimum requirement
58
if (version_compare(PHP_VERSION, '5.6', '<')) {
59
  die('<h1>Minimum requirement PHP Version 5.6</h1>');
60
}
61
62
// default time zone
63
date_default_timezone_set('Europe/Berlin');
64
65
// new error handling
66
if (is_file(DIR_FS_CATALOG.DIR_WS_INCLUDES.'error_reporting.php')) {
67
  require_once (DIR_FS_CATALOG.DIR_WS_INCLUDES.'error_reporting.php');
68
}
69
70
// security inputfilter for GET/POST/COOKIE
71
require (DIR_FS_CATALOG.DIR_WS_CLASSES.'inputfilter.php');
72
$inputfilter = new Inputfilter();
73
$_GET = $inputfilter->validate($_GET);
74
$_POST = $inputfilter->validate($_POST);
75
$_REQUEST = $inputfilter->validate($_REQUEST);
76
77
// auto include
78
require_once (DIR_FS_INC . 'auto_include.inc.php');
79
80
// project versison
81
require_once (DIR_WS_INCLUDES.'version.php');
82
83
// Base/PHP_SELF/SSL-PROXY
84
require_once(DIR_FS_INC . 'set_php_self.inc.php');
85
$PHP_SELF = set_php_self();
86
87
define('TAX_DECIMAL_PLACES', 0);
88
89
// include the list of project filenames
90
require (DIR_FS_ADMIN.DIR_WS_INCLUDES.'filenames.php');
91
92
// list of project database tables
93
require_once(DIR_FS_CATALOG.DIR_WS_INCLUDES.'database_tables.php');
94
95
// Database
96
require_once (DIR_FS_INC.'db_functions_'.DB_MYSQL_TYPE.'.inc.php');
97
require_once (DIR_FS_INC.'db_functions.inc.php');
98
99
// include needed functions
100
require_once(DIR_FS_INC . 'xtc_get_ip_address.inc.php');
101
require_once(DIR_FS_INC . 'xtc_setcookie.inc.php');
102
require_once(DIR_FS_INC . 'xtc_validate_email.inc.php');
103
require_once(DIR_FS_INC . 'xtc_not_null.inc.php');
104
require_once(DIR_FS_INC . 'xtc_add_tax.inc.php');
105
require_once(DIR_FS_INC . 'xtc_get_tax_rate.inc.php');
106
require_once(DIR_FS_INC . 'xtc_get_qty.inc.php');
107
require_once(DIR_FS_INC . 'xtc_product_link.inc.php');
108
require_once(DIR_FS_INC . 'xtc_cleanName.inc.php');
109
require_once(DIR_FS_INC . 'xtc_get_top_level_domain.inc.php');
110
require_once(DIR_FS_INC . 'html_encoding.php'); //new function for PHP5.4
111
require_once(DIR_FS_INC . 'xtc_backup_restore_configuration.php');
112
require_once(DIR_FS_INC . 'xtc_check_agent.inc.php');
113
require_once(DIR_FS_INC . 'xtc_parse_category_path.inc.php');
114
require_once(DIR_FS_INC . 'xtc_input_validation.inc.php');
115
require_once(DIR_FS_INC . 'xtc_get_category_path.inc.php');
116
117
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/functions/','php') as $file) require ($file);
118
119
// design layout (wide of boxes in pixels) (default: 125)
120
define('BOX_WIDTH', 125);
121
122
// make a connection to the database... now
123
xtc_db_connect() or die('Unable to connect to database server!');
124
125
// set application wide parameters
126
define('DB_CACHE', 'false');
127
$duplicate_configuration = array();
128
$configuration_query = xtc_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION . '');
129
while ($configuration = xtc_db_fetch_array($configuration_query)) {
130
  if ($configuration['cfgKey'] != 'DB_CACHE' && $configuration['cfgKey'] != 'STORE_DB_TRANSACTIONS') {
131
    if (!defined($configuration['cfgKey'])) {
132
      define($configuration['cfgKey'], stripslashes($configuration['cfgValue']));
133
    } else {
134
      $duplicate_configuration[] = $configuration['cfgKey'];
135
    }
136
  }
137
}
138
139
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/application_top/application_top_begin/','php') as $file) require ($file);
140
141
define('FILENAME_IMAGEMANIPULATOR',IMAGE_MANIPULATOR);
142
143
// initialize the logger class
144
require(DIR_WS_CLASSES . 'logger.php');
145
146
// shopping cart class
147
require(DIR_WS_CLASSES . 'shopping_cart.php');
148
149
// todo
150
require(DIR_WS_FUNCTIONS . 'general.php');
151
152
// define how the session functions will be used
153
require(DIR_WS_FUNCTIONS . 'sessions.php');
154
155
  // define our general functions used application-wide
156
require(DIR_WS_FUNCTIONS . 'html_output.php');
157
158
// set the type of request (secure or not)
159
if (file_exists(DIR_WS_INCLUDES . 'request_type.php')) {
160
  include (DIR_WS_INCLUDES . 'request_type.php');
161
} else {
162
  $request_type = 'NONSSL';
163
}
164
165
// set the top level domains
166
$http_domain_arr = xtc_get_top_level_domain(HTTP_SERVER);
167
$https_domain_arr = xtc_get_top_level_domain(HTTPS_SERVER);
168
$http_domain = $http_domain_arr['domain'];
169
$https_domain = $https_domain_arr['domain'];
170
$current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain);
171
172
// set the top level domains to delete
173
$current_domain_delete = (($request_type == 'NONSSL') ? $http_domain_arr['delete'] : $https_domain_arr['delete']);
174
175
// set the session name and save path
176
// set the session cookie parameters
177
// set the session ID if it exists
178
// start the session
179
// Redirect search engines with session id to the same url without session id to prevent indexing session id urls
180
// check for Cookie usage
181
// check the Agent
182
include (DIR_FS_CATALOG.DIR_WS_MODULES.'set_session_and_cookie_parameters.php');
183
184
// verify the ssl_session_id if the feature is enabled
185
// verify the browser user agent if the feature is enabled
186
// verify the IP address if the feature is enabled
187
include (DIR_FS_CATALOG.DIR_WS_MODULES.'verify_session.php');
188
189
// set the language
190
include (DIR_FS_CATALOG.DIR_WS_MODULES.'set_language_sessions.php');
191
192
// include the language translations
193
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/'.$_SESSION['language'] . '.php');
194
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/buttons.php');
195
$current_page = basename($PHP_SELF);
196
if (is_file(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/' . $current_page)) {
197
  require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/' . $current_page);
198
}
199
200
// write customers status in session
201
require(DIR_FS_CATALOG.DIR_WS_INCLUDES.'write_customers_status.php');
202
203
// call from filemanager
204
if (defined('_IS_FILEMANAGER')) return;
205
206
// check permission
207
if (is_file(DIR_FS_ADMIN.$current_page) == false || $_SESSION['customers_status']['customers_status_id'] !== '0') {
208
  xtc_redirect(xtc_catalog_href_link(FILENAME_LOGIN));
209
}
210
211
// define our localization functions
212
require(DIR_WS_FUNCTIONS . 'localization.php');
213
214
// setup our boxes
215
require(DIR_WS_CLASSES . 'table_block.php');
216
require(DIR_WS_CLASSES . 'box.php');
217
218
// initialize the message stack for output messages
219
require(DIR_WS_CLASSES . 'message_stack.php');
220
$messageStack = new messageStack();
221
222
// verfiy CSRF Token
223
if (CSRF_TOKEN_SYSTEM == 'true') {
224
  require_once(DIR_FS_INC . 'csrf_token.inc.php');
225
}
226
227
// split-page-results
228
require(DIR_WS_CLASSES . 'split_page_results.php');
229
230
// entry/item info classes
231
require(DIR_WS_CLASSES . 'object_info.php');
232
233
// file uploading class
234
require(DIR_WS_CLASSES . 'upload.php');
235
236
// content, product, category - sql group_check/fsk_lock
237
require (DIR_FS_CATALOG.DIR_WS_INCLUDES.'define_conditions.php');
238
239
// add_select
240
require (DIR_FS_CATALOG.DIR_WS_INCLUDES.'define_add_select.php');
241
242
// calculate category path
243
$cPath = isset($_GET['cPath']) ? $_GET['cPath'] : '';
244
if (strlen($cPath) > 0) {
245
  $cPath_array = xtc_parse_category_path($cPath);
246
  $current_category_id = end($cPath_array);
247
} else {
248
  $current_category_id = 0;
249
}
250
251
// check if a default currency is set
252
if (!defined('DEFAULT_CURRENCY')) {
253
  $messageStack->add(ERROR_NO_DEFAULT_CURRENCY_DEFINED, 'error');
254
}
255
256
// check if a default language is set
257
if (!defined('DEFAULT_LANGUAGE')) {
258
  $messageStack->add(ERROR_NO_DEFAULT_LANGUAGE_DEFINED, 'error');
259
}
260
261
// for Customers Status
262
xtc_get_customers_statuses();
263
264
$pagename = strtok($current_page, '.');
265
if (!isset($_SESSION['customer_id'])) {
266
  xtc_redirect(xtc_catalog_href_link(FILENAME_LOGIN));
267
}
268
269
xtc_check_permission($pagename);
270
271
// set which precautions should be checked
272
defined('WARN_CONFIG_WRITEABLE') OR define('WARN_CONFIG_WRITEABLE', 'true');
273
defined('WARN_FILES_WRITEABLE') OR define('WARN_FILES_WRITEABLE', 'true');
274
defined('WARN_DIRS_WRITEABLE') OR define('WARN_DIRS_WRITEABLE', 'true');
275
276
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/application_top/application_top_end/','php') as $file) require ($file);
277
278
//compatibility for modified eCommerce Shopsoftware 1.06 files
279
defined('DIR_WS_BASE') OR define('DIR_WS_BASE', '');
280
?>