testmodus / admin / includes / application_top.php @ 1
Historie | Anzeigen | Annotieren | Download (9,74 KB)
1 |
<?php
|
---|---|
2 |
/* --------------------------------------------------------------
|
3 |
$Id: application_top.php 13484 2021-04-01 08:50:12Z GTB $
|
4 |
|
5 |
modified eCommerce Shopsoftware
|
6 |
http://www.modified-shop.org
|
7 |
|
8 |
Copyright (c) 2009 - 2013 [www.modified-shop.org]
|
9 |
--------------------------------------------------------------
|
10 |
based on:
|
11 |
(c) 2000-2001 The Exchange Project (earlier name of osCommerce)
|
12 |
(c) 2002-2003 osCommerce(application_top.php,v 1.158 2003/03/22); www.oscommerce.com
|
13 |
(c) 2003 nextcommerce (application_top.php,v 1.46 2003/08/24); www.nextcommerce.org
|
14 |
(c) 2006 XT-Commerce (application_top.php 1323 2005-10-27) ; www.xt-commerce.com
|
15 |
|
16 |
Released under the GNU General Public License
|
17 |
--------------------------------------------------------------
|
18 |
Third Party contribution:
|
19 |
|
20 |
Customers Status v3.x (c) 2002-2003 Copyright Elari elari@free.fr | www.unlockgsm.com/dload-osc/ | CVS : http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/elari/?sortby=date#dirlist
|
21 |
|
22 |
Credit Class/Gift Vouchers/Discount Coupons (Version 5.10)
|
23 |
http://www.oscommerce.com/community/contributions,282
|
24 |
Copyright (c) Strider | Strider@oscworks.com
|
25 |
Copyright (c) Nick Stanko of UkiDev.com, nick@ukidev.com
|
26 |
Copyright (c) Andre ambidex@gmx.net
|
27 |
Copyright (c) 2001,2002 Ian C Wilson http://www.phesis.org
|
28 |
|
29 |
Released under the GNU General Public License
|
30 |
--------------------------------------------------------------*/
|
31 |
|
32 |
//Run Mode
|
33 |
define('RUN_MODE_ADMIN',true); |
34 |
|
35 |
// Start the clock for the page parse time log
|
36 |
define('PAGE_PARSE_START_TIME', microtime(true)); |
37 |
|
38 |
// set the level of error reporting
|
39 |
@ini_set('display_errors', false); |
40 |
error_reporting(0); |
41 |
|
42 |
// security
|
43 |
define('_VALID_XTC',true); |
44 |
|
45 |
// Disable use_trans_sid as xtc_href_link() does this manually
|
46 |
if (function_exists('ini_set')) { |
47 |
@ini_set('session.use_trans_sid', 0); |
48 |
} |
49 |
|
50 |
// configuration parameters
|
51 |
if (file_exists('../includes/local/configure.php')) { |
52 |
include_once('../includes/local/configure.php'); |
53 |
} else {
|
54 |
include_once('../includes/configure.php'); |
55 |
} |
56 |
|
57 |
// minimum requirement
|
58 |
if (version_compare(PHP_VERSION, '5.6', '<')) { |
59 |
die('<h1>Minimum requirement PHP Version 5.6</h1>'); |
60 |
} |
61 |
|
62 |
// default time zone
|
63 |
date_default_timezone_set('Europe/Berlin');
|
64 |
|
65 |
// new error handling
|
66 |
if (is_file(DIR_FS_CATALOG.DIR_WS_INCLUDES.'error_reporting.php')) { |
67 |
require_once (DIR_FS_CATALOG.DIR_WS_INCLUDES.'error_reporting.php'); |
68 |
} |
69 |
|
70 |
// security inputfilter for GET/POST/COOKIE
|
71 |
require (DIR_FS_CATALOG.DIR_WS_CLASSES.'inputfilter.php'); |
72 |
$inputfilter = new Inputfilter(); |
73 |
$_GET = $inputfilter->validate($_GET); |
74 |
$_POST = $inputfilter->validate($_POST); |
75 |
$_REQUEST = $inputfilter->validate($_REQUEST); |
76 |
|
77 |
// auto include
|
78 |
require_once (DIR_FS_INC . 'auto_include.inc.php'); |
79 |
|
80 |
// project versison
|
81 |
require_once (DIR_WS_INCLUDES.'version.php'); |
82 |
|
83 |
// Base/PHP_SELF/SSL-PROXY
|
84 |
require_once(DIR_FS_INC . 'set_php_self.inc.php'); |
85 |
$PHP_SELF = set_php_self();
|
86 |
|
87 |
define('TAX_DECIMAL_PLACES', 0); |
88 |
|
89 |
// include the list of project filenames
|
90 |
require (DIR_FS_ADMIN.DIR_WS_INCLUDES.'filenames.php'); |
91 |
|
92 |
// list of project database tables
|
93 |
require_once(DIR_FS_CATALOG.DIR_WS_INCLUDES.'database_tables.php'); |
94 |
|
95 |
// Database
|
96 |
require_once (DIR_FS_INC.'db_functions_'.DB_MYSQL_TYPE.'.inc.php'); |
97 |
require_once (DIR_FS_INC.'db_functions.inc.php'); |
98 |
|
99 |
// include needed functions
|
100 |
require_once(DIR_FS_INC . 'xtc_get_ip_address.inc.php'); |
101 |
require_once(DIR_FS_INC . 'xtc_setcookie.inc.php'); |
102 |
require_once(DIR_FS_INC . 'xtc_validate_email.inc.php'); |
103 |
require_once(DIR_FS_INC . 'xtc_not_null.inc.php'); |
104 |
require_once(DIR_FS_INC . 'xtc_add_tax.inc.php'); |
105 |
require_once(DIR_FS_INC . 'xtc_get_tax_rate.inc.php'); |
106 |
require_once(DIR_FS_INC . 'xtc_get_qty.inc.php'); |
107 |
require_once(DIR_FS_INC . 'xtc_product_link.inc.php'); |
108 |
require_once(DIR_FS_INC . 'xtc_cleanName.inc.php'); |
109 |
require_once(DIR_FS_INC . 'xtc_get_top_level_domain.inc.php'); |
110 |
require_once(DIR_FS_INC . 'html_encoding.php'); //new function for PHP5.4 |
111 |
require_once(DIR_FS_INC . 'xtc_backup_restore_configuration.php'); |
112 |
require_once(DIR_FS_INC . 'xtc_check_agent.inc.php'); |
113 |
require_once(DIR_FS_INC . 'xtc_parse_category_path.inc.php'); |
114 |
require_once(DIR_FS_INC . 'xtc_input_validation.inc.php'); |
115 |
require_once(DIR_FS_INC . 'xtc_get_category_path.inc.php'); |
116 |
|
117 |
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/functions/','php') as $file) require ($file); |
118 |
|
119 |
// design layout (wide of boxes in pixels) (default: 125)
|
120 |
define('BOX_WIDTH', 125); |
121 |
|
122 |
// make a connection to the database... now
|
123 |
xtc_db_connect() or die('Unable to connect to database server!'); |
124 |
|
125 |
// set application wide parameters
|
126 |
define('DB_CACHE', 'false'); |
127 |
$duplicate_configuration = array(); |
128 |
$configuration_query = xtc_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION . ''); |
129 |
while ($configuration = xtc_db_fetch_array($configuration_query)) { |
130 |
if ($configuration['cfgKey'] != 'DB_CACHE' && $configuration['cfgKey'] != 'STORE_DB_TRANSACTIONS') { |
131 |
if (!defined($configuration['cfgKey'])) { |
132 |
define($configuration['cfgKey'], stripslashes($configuration['cfgValue'])); |
133 |
} else {
|
134 |
$duplicate_configuration[] = $configuration['cfgKey']; |
135 |
} |
136 |
} |
137 |
} |
138 |
|
139 |
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/application_top/application_top_begin/','php') as $file) require ($file); |
140 |
|
141 |
define('FILENAME_IMAGEMANIPULATOR',IMAGE_MANIPULATOR); |
142 |
|
143 |
// initialize the logger class
|
144 |
require(DIR_WS_CLASSES . 'logger.php'); |
145 |
|
146 |
// shopping cart class
|
147 |
require(DIR_WS_CLASSES . 'shopping_cart.php'); |
148 |
|
149 |
// todo
|
150 |
require(DIR_WS_FUNCTIONS . 'general.php'); |
151 |
|
152 |
// define how the session functions will be used
|
153 |
require(DIR_WS_FUNCTIONS . 'sessions.php'); |
154 |
|
155 |
// define our general functions used application-wide
|
156 |
require(DIR_WS_FUNCTIONS . 'html_output.php'); |
157 |
|
158 |
// set the type of request (secure or not)
|
159 |
if (file_exists(DIR_WS_INCLUDES . 'request_type.php')) { |
160 |
include (DIR_WS_INCLUDES . 'request_type.php'); |
161 |
} else {
|
162 |
$request_type = 'NONSSL'; |
163 |
} |
164 |
|
165 |
// set the top level domains
|
166 |
$http_domain_arr = xtc_get_top_level_domain(HTTP_SERVER); |
167 |
$https_domain_arr = xtc_get_top_level_domain(HTTPS_SERVER); |
168 |
$http_domain = $http_domain_arr['domain']; |
169 |
$https_domain = $https_domain_arr['domain']; |
170 |
$current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain); |
171 |
|
172 |
// set the top level domains to delete
|
173 |
$current_domain_delete = (($request_type == 'NONSSL') ? $http_domain_arr['delete'] : $https_domain_arr['delete']); |
174 |
|
175 |
// set the session name and save path
|
176 |
// set the session cookie parameters
|
177 |
// set the session ID if it exists
|
178 |
// start the session
|
179 |
// Redirect search engines with session id to the same url without session id to prevent indexing session id urls
|
180 |
// check for Cookie usage
|
181 |
// check the Agent
|
182 |
include (DIR_FS_CATALOG.DIR_WS_MODULES.'set_session_and_cookie_parameters.php'); |
183 |
|
184 |
// verify the ssl_session_id if the feature is enabled
|
185 |
// verify the browser user agent if the feature is enabled
|
186 |
// verify the IP address if the feature is enabled
|
187 |
include (DIR_FS_CATALOG.DIR_WS_MODULES.'verify_session.php'); |
188 |
|
189 |
// set the language
|
190 |
include (DIR_FS_CATALOG.DIR_WS_MODULES.'set_language_sessions.php'); |
191 |
|
192 |
// include the language translations
|
193 |
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/'.$_SESSION['language'] . '.php'); |
194 |
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/buttons.php'); |
195 |
$current_page = basename($PHP_SELF); |
196 |
if (is_file(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/' . $current_page)) { |
197 |
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/' . $current_page); |
198 |
} |
199 |
|
200 |
// write customers status in session
|
201 |
require(DIR_FS_CATALOG.DIR_WS_INCLUDES.'write_customers_status.php'); |
202 |
|
203 |
// call from filemanager
|
204 |
if (defined('_IS_FILEMANAGER')) return; |
205 |
|
206 |
// check permission
|
207 |
if (is_file(DIR_FS_ADMIN.$current_page) == false || $_SESSION['customers_status']['customers_status_id'] !== '0') { |
208 |
xtc_redirect(xtc_catalog_href_link(FILENAME_LOGIN));
|
209 |
} |
210 |
|
211 |
// define our localization functions
|
212 |
require(DIR_WS_FUNCTIONS . 'localization.php'); |
213 |
|
214 |
// setup our boxes
|
215 |
require(DIR_WS_CLASSES . 'table_block.php'); |
216 |
require(DIR_WS_CLASSES . 'box.php'); |
217 |
|
218 |
// initialize the message stack for output messages
|
219 |
require(DIR_WS_CLASSES . 'message_stack.php'); |
220 |
$messageStack = new messageStack(); |
221 |
|
222 |
// verfiy CSRF Token
|
223 |
if (CSRF_TOKEN_SYSTEM == 'true') { |
224 |
require_once(DIR_FS_INC . 'csrf_token.inc.php'); |
225 |
} |
226 |
|
227 |
// split-page-results
|
228 |
require(DIR_WS_CLASSES . 'split_page_results.php'); |
229 |
|
230 |
// entry/item info classes
|
231 |
require(DIR_WS_CLASSES . 'object_info.php'); |
232 |
|
233 |
// file uploading class
|
234 |
require(DIR_WS_CLASSES . 'upload.php'); |
235 |
|
236 |
// content, product, category - sql group_check/fsk_lock
|
237 |
require (DIR_FS_CATALOG.DIR_WS_INCLUDES.'define_conditions.php'); |
238 |
|
239 |
// add_select
|
240 |
require (DIR_FS_CATALOG.DIR_WS_INCLUDES.'define_add_select.php'); |
241 |
|
242 |
// calculate category path
|
243 |
$cPath = isset($_GET['cPath']) ? $_GET['cPath'] : ''; |
244 |
if (strlen($cPath) > 0) { |
245 |
$cPath_array = xtc_parse_category_path($cPath); |
246 |
$current_category_id = end($cPath_array); |
247 |
} else {
|
248 |
$current_category_id = 0; |
249 |
} |
250 |
|
251 |
// check if a default currency is set
|
252 |
if (!defined('DEFAULT_CURRENCY')) { |
253 |
$messageStack->add(ERROR_NO_DEFAULT_CURRENCY_DEFINED, 'error'); |
254 |
} |
255 |
|
256 |
// check if a default language is set
|
257 |
if (!defined('DEFAULT_LANGUAGE')) { |
258 |
$messageStack->add(ERROR_NO_DEFAULT_LANGUAGE_DEFINED, 'error'); |
259 |
} |
260 |
|
261 |
// for Customers Status
|
262 |
xtc_get_customers_statuses(); |
263 |
|
264 |
$pagename = strtok($current_page, '.'); |
265 |
if (!isset($_SESSION['customer_id'])) { |
266 |
xtc_redirect(xtc_catalog_href_link(FILENAME_LOGIN));
|
267 |
} |
268 |
|
269 |
xtc_check_permission($pagename);
|
270 |
|
271 |
// set which precautions should be checked
|
272 |
defined('WARN_CONFIG_WRITEABLE') OR define('WARN_CONFIG_WRITEABLE', 'true'); |
273 |
defined('WARN_FILES_WRITEABLE') OR define('WARN_FILES_WRITEABLE', 'true'); |
274 |
defined('WARN_DIRS_WRITEABLE') OR define('WARN_DIRS_WRITEABLE', 'true'); |
275 |
|
276 |
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/application_top/application_top_end/','php') as $file) require ($file); |
277 |
|
278 |
//compatibility for modified eCommerce Shopsoftware 1.06 files
|
279 |
defined('DIR_WS_BASE') OR define('DIR_WS_BASE', ''); |
280 |
?>
|