testmodus / admin / includes / application_top.php @ 2
Historie | Anzeigen | Annotieren | Download (9,88 KB)
| 1 |
<?php
|
|---|---|
| 2 |
/* --------------------------------------------------------------
|
| 3 |
$Id: application_top.php 13484 2021-04-01 08:50:12Z GTB $
|
| 4 |
|
| 5 |
modified eCommerce Shopsoftware
|
| 6 |
http://www.modified-shop.org
|
| 7 |
|
| 8 |
Copyright (c) 2009 - 2013 [www.modified-shop.org]
|
| 9 |
--------------------------------------------------------------
|
| 10 |
based on:
|
| 11 |
(c) 2000-2001 The Exchange Project (earlier name of osCommerce)
|
| 12 |
(c) 2002-2003 osCommerce(application_top.php,v 1.158 2003/03/22); www.oscommerce.com
|
| 13 |
(c) 2003 nextcommerce (application_top.php,v 1.46 2003/08/24); www.nextcommerce.org
|
| 14 |
(c) 2006 XT-Commerce (application_top.php 1323 2005-10-27) ; www.xt-commerce.com
|
| 15 |
|
| 16 |
Released under the GNU General Public License
|
| 17 |
--------------------------------------------------------------
|
| 18 |
Third Party contribution:
|
| 19 |
|
| 20 |
Customers Status v3.x (c) 2002-2003 Copyright Elari elari@free.fr | www.unlockgsm.com/dload-osc/ | CVS : http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/elari/?sortby=date#dirlist
|
| 21 |
|
| 22 |
Credit Class/Gift Vouchers/Discount Coupons (Version 5.10)
|
| 23 |
http://www.oscommerce.com/community/contributions,282
|
| 24 |
Copyright (c) Strider | Strider@oscworks.com
|
| 25 |
Copyright (c) Nick Stanko of UkiDev.com, nick@ukidev.com
|
| 26 |
Copyright (c) Andre ambidex@gmx.net
|
| 27 |
Copyright (c) 2001,2002 Ian C Wilson http://www.phesis.org
|
| 28 |
|
| 29 |
Released under the GNU General Public License
|
| 30 |
--------------------------------------------------------------*/
|
| 31 |
|
| 32 |
//Run Mode
|
| 33 |
define('RUN_MODE_ADMIN',true); |
| 34 |
|
| 35 |
# TESTMODUS
|
| 36 |
if (file_exists('../includes/extra/testmodus/testmodus.php')) |
| 37 |
require_once('../includes/extra/testmodus/testmodus.php'); |
| 38 |
|
| 39 |
// Start the clock for the page parse time log
|
| 40 |
define('PAGE_PARSE_START_TIME', microtime(true)); |
| 41 |
|
| 42 |
// set the level of error reporting
|
| 43 |
@ini_set('display_errors', false); |
| 44 |
error_reporting(0); |
| 45 |
|
| 46 |
// security
|
| 47 |
define('_VALID_XTC',true); |
| 48 |
|
| 49 |
// Disable use_trans_sid as xtc_href_link() does this manually
|
| 50 |
if (function_exists('ini_set')) { |
| 51 |
@ini_set('session.use_trans_sid', 0); |
| 52 |
} |
| 53 |
|
| 54 |
// configuration parameters
|
| 55 |
if (file_exists('../includes/local/configure.php')) { |
| 56 |
include_once('../includes/local/configure.php'); |
| 57 |
} else {
|
| 58 |
include_once('../includes/configure.php'); |
| 59 |
} |
| 60 |
|
| 61 |
// minimum requirement
|
| 62 |
if (version_compare(PHP_VERSION, '5.6', '<')) { |
| 63 |
die('<h1>Minimum requirement PHP Version 5.6</h1>'); |
| 64 |
} |
| 65 |
|
| 66 |
// default time zone
|
| 67 |
date_default_timezone_set('Europe/Berlin');
|
| 68 |
|
| 69 |
// new error handling
|
| 70 |
if (is_file(DIR_FS_CATALOG.DIR_WS_INCLUDES.'error_reporting.php')) { |
| 71 |
require_once (DIR_FS_CATALOG.DIR_WS_INCLUDES.'error_reporting.php'); |
| 72 |
} |
| 73 |
|
| 74 |
// security inputfilter for GET/POST/COOKIE
|
| 75 |
require (DIR_FS_CATALOG.DIR_WS_CLASSES.'inputfilter.php'); |
| 76 |
$inputfilter = new Inputfilter(); |
| 77 |
$_GET = $inputfilter->validate($_GET); |
| 78 |
$_POST = $inputfilter->validate($_POST); |
| 79 |
$_REQUEST = $inputfilter->validate($_REQUEST); |
| 80 |
|
| 81 |
// auto include
|
| 82 |
require_once (DIR_FS_INC . 'auto_include.inc.php'); |
| 83 |
|
| 84 |
// project versison
|
| 85 |
require_once (DIR_WS_INCLUDES.'version.php'); |
| 86 |
|
| 87 |
// Base/PHP_SELF/SSL-PROXY
|
| 88 |
require_once(DIR_FS_INC . 'set_php_self.inc.php'); |
| 89 |
$PHP_SELF = set_php_self();
|
| 90 |
|
| 91 |
define('TAX_DECIMAL_PLACES', 0); |
| 92 |
|
| 93 |
// include the list of project filenames
|
| 94 |
require (DIR_FS_ADMIN.DIR_WS_INCLUDES.'filenames.php'); |
| 95 |
|
| 96 |
// list of project database tables
|
| 97 |
require_once(DIR_FS_CATALOG.DIR_WS_INCLUDES.'database_tables.php'); |
| 98 |
|
| 99 |
// Database
|
| 100 |
require_once (DIR_FS_INC.'db_functions_'.DB_MYSQL_TYPE.'.inc.php'); |
| 101 |
require_once (DIR_FS_INC.'db_functions.inc.php'); |
| 102 |
|
| 103 |
// include needed functions
|
| 104 |
require_once(DIR_FS_INC . 'xtc_get_ip_address.inc.php'); |
| 105 |
require_once(DIR_FS_INC . 'xtc_setcookie.inc.php'); |
| 106 |
require_once(DIR_FS_INC . 'xtc_validate_email.inc.php'); |
| 107 |
require_once(DIR_FS_INC . 'xtc_not_null.inc.php'); |
| 108 |
require_once(DIR_FS_INC . 'xtc_add_tax.inc.php'); |
| 109 |
require_once(DIR_FS_INC . 'xtc_get_tax_rate.inc.php'); |
| 110 |
require_once(DIR_FS_INC . 'xtc_get_qty.inc.php'); |
| 111 |
require_once(DIR_FS_INC . 'xtc_product_link.inc.php'); |
| 112 |
require_once(DIR_FS_INC . 'xtc_cleanName.inc.php'); |
| 113 |
require_once(DIR_FS_INC . 'xtc_get_top_level_domain.inc.php'); |
| 114 |
require_once(DIR_FS_INC . 'html_encoding.php'); //new function for PHP5.4 |
| 115 |
require_once(DIR_FS_INC . 'xtc_backup_restore_configuration.php'); |
| 116 |
require_once(DIR_FS_INC . 'xtc_check_agent.inc.php'); |
| 117 |
require_once(DIR_FS_INC . 'xtc_parse_category_path.inc.php'); |
| 118 |
require_once(DIR_FS_INC . 'xtc_input_validation.inc.php'); |
| 119 |
require_once(DIR_FS_INC . 'xtc_get_category_path.inc.php'); |
| 120 |
|
| 121 |
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/functions/','php') as $file) require ($file); |
| 122 |
|
| 123 |
// design layout (wide of boxes in pixels) (default: 125)
|
| 124 |
define('BOX_WIDTH', 125); |
| 125 |
|
| 126 |
// make a connection to the database... now
|
| 127 |
xtc_db_connect() or die('Unable to connect to database server!'); |
| 128 |
|
| 129 |
// set application wide parameters
|
| 130 |
define('DB_CACHE', 'false'); |
| 131 |
$duplicate_configuration = array(); |
| 132 |
$configuration_query = xtc_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION . ''); |
| 133 |
while ($configuration = xtc_db_fetch_array($configuration_query)) { |
| 134 |
if ($configuration['cfgKey'] != 'DB_CACHE' && $configuration['cfgKey'] != 'STORE_DB_TRANSACTIONS') { |
| 135 |
if (!defined($configuration['cfgKey'])) { |
| 136 |
define($configuration['cfgKey'], stripslashes($configuration['cfgValue'])); |
| 137 |
} else {
|
| 138 |
$duplicate_configuration[] = $configuration['cfgKey']; |
| 139 |
} |
| 140 |
} |
| 141 |
} |
| 142 |
|
| 143 |
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/application_top/application_top_begin/','php') as $file) require ($file); |
| 144 |
|
| 145 |
define('FILENAME_IMAGEMANIPULATOR',IMAGE_MANIPULATOR); |
| 146 |
|
| 147 |
// initialize the logger class
|
| 148 |
require(DIR_WS_CLASSES . 'logger.php'); |
| 149 |
|
| 150 |
// shopping cart class
|
| 151 |
require(DIR_WS_CLASSES . 'shopping_cart.php'); |
| 152 |
|
| 153 |
// todo
|
| 154 |
require(DIR_WS_FUNCTIONS . 'general.php'); |
| 155 |
|
| 156 |
// define how the session functions will be used
|
| 157 |
require(DIR_WS_FUNCTIONS . 'sessions.php'); |
| 158 |
|
| 159 |
// define our general functions used application-wide
|
| 160 |
require(DIR_WS_FUNCTIONS . 'html_output.php'); |
| 161 |
|
| 162 |
// set the type of request (secure or not)
|
| 163 |
if (file_exists(DIR_WS_INCLUDES . 'request_type.php')) { |
| 164 |
include (DIR_WS_INCLUDES . 'request_type.php'); |
| 165 |
} else {
|
| 166 |
$request_type = 'NONSSL'; |
| 167 |
} |
| 168 |
|
| 169 |
// set the top level domains
|
| 170 |
$http_domain_arr = xtc_get_top_level_domain(HTTP_SERVER); |
| 171 |
$https_domain_arr = xtc_get_top_level_domain(HTTPS_SERVER); |
| 172 |
$http_domain = $http_domain_arr['domain']; |
| 173 |
$https_domain = $https_domain_arr['domain']; |
| 174 |
$current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain); |
| 175 |
|
| 176 |
// set the top level domains to delete
|
| 177 |
$current_domain_delete = (($request_type == 'NONSSL') ? $http_domain_arr['delete'] : $https_domain_arr['delete']); |
| 178 |
|
| 179 |
// set the session name and save path
|
| 180 |
// set the session cookie parameters
|
| 181 |
// set the session ID if it exists
|
| 182 |
// start the session
|
| 183 |
// Redirect search engines with session id to the same url without session id to prevent indexing session id urls
|
| 184 |
// check for Cookie usage
|
| 185 |
// check the Agent
|
| 186 |
include (DIR_FS_CATALOG.DIR_WS_MODULES.'set_session_and_cookie_parameters.php'); |
| 187 |
|
| 188 |
// verify the ssl_session_id if the feature is enabled
|
| 189 |
// verify the browser user agent if the feature is enabled
|
| 190 |
// verify the IP address if the feature is enabled
|
| 191 |
include (DIR_FS_CATALOG.DIR_WS_MODULES.'verify_session.php'); |
| 192 |
|
| 193 |
// set the language
|
| 194 |
include (DIR_FS_CATALOG.DIR_WS_MODULES.'set_language_sessions.php'); |
| 195 |
|
| 196 |
// include the language translations
|
| 197 |
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/'.$_SESSION['language'] . '.php'); |
| 198 |
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/buttons.php'); |
| 199 |
$current_page = basename($PHP_SELF); |
| 200 |
if (is_file(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/' . $current_page)) { |
| 201 |
require_once(DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/' . $current_page); |
| 202 |
} |
| 203 |
|
| 204 |
// write customers status in session
|
| 205 |
require(DIR_FS_CATALOG.DIR_WS_INCLUDES.'write_customers_status.php'); |
| 206 |
|
| 207 |
// call from filemanager
|
| 208 |
if (defined('_IS_FILEMANAGER')) return; |
| 209 |
|
| 210 |
// check permission
|
| 211 |
if (is_file(DIR_FS_ADMIN.$current_page) == false || $_SESSION['customers_status']['customers_status_id'] !== '0') { |
| 212 |
xtc_redirect(xtc_catalog_href_link(FILENAME_LOGIN));
|
| 213 |
} |
| 214 |
|
| 215 |
// define our localization functions
|
| 216 |
require(DIR_WS_FUNCTIONS . 'localization.php'); |
| 217 |
|
| 218 |
// setup our boxes
|
| 219 |
require(DIR_WS_CLASSES . 'table_block.php'); |
| 220 |
require(DIR_WS_CLASSES . 'box.php'); |
| 221 |
|
| 222 |
// initialize the message stack for output messages
|
| 223 |
require(DIR_WS_CLASSES . 'message_stack.php'); |
| 224 |
$messageStack = new messageStack(); |
| 225 |
|
| 226 |
// verfiy CSRF Token
|
| 227 |
if (CSRF_TOKEN_SYSTEM == 'true') { |
| 228 |
require_once(DIR_FS_INC . 'csrf_token.inc.php'); |
| 229 |
} |
| 230 |
|
| 231 |
// split-page-results
|
| 232 |
require(DIR_WS_CLASSES . 'split_page_results.php'); |
| 233 |
|
| 234 |
// entry/item info classes
|
| 235 |
require(DIR_WS_CLASSES . 'object_info.php'); |
| 236 |
|
| 237 |
// file uploading class
|
| 238 |
require(DIR_WS_CLASSES . 'upload.php'); |
| 239 |
|
| 240 |
// content, product, category - sql group_check/fsk_lock
|
| 241 |
require (DIR_FS_CATALOG.DIR_WS_INCLUDES.'define_conditions.php'); |
| 242 |
|
| 243 |
// add_select
|
| 244 |
require (DIR_FS_CATALOG.DIR_WS_INCLUDES.'define_add_select.php'); |
| 245 |
|
| 246 |
// calculate category path
|
| 247 |
$cPath = isset($_GET['cPath']) ? $_GET['cPath'] : ''; |
| 248 |
if (strlen($cPath) > 0) { |
| 249 |
$cPath_array = xtc_parse_category_path($cPath); |
| 250 |
$current_category_id = end($cPath_array); |
| 251 |
} else {
|
| 252 |
$current_category_id = 0; |
| 253 |
} |
| 254 |
|
| 255 |
// check if a default currency is set
|
| 256 |
if (!defined('DEFAULT_CURRENCY')) { |
| 257 |
$messageStack->add(ERROR_NO_DEFAULT_CURRENCY_DEFINED, 'error'); |
| 258 |
} |
| 259 |
|
| 260 |
// check if a default language is set
|
| 261 |
if (!defined('DEFAULT_LANGUAGE')) { |
| 262 |
$messageStack->add(ERROR_NO_DEFAULT_LANGUAGE_DEFINED, 'error'); |
| 263 |
} |
| 264 |
|
| 265 |
// for Customers Status
|
| 266 |
xtc_get_customers_statuses(); |
| 267 |
|
| 268 |
$pagename = strtok($current_page, '.'); |
| 269 |
if (!isset($_SESSION['customer_id'])) { |
| 270 |
xtc_redirect(xtc_catalog_href_link(FILENAME_LOGIN));
|
| 271 |
} |
| 272 |
|
| 273 |
xtc_check_permission($pagename);
|
| 274 |
|
| 275 |
// set which precautions should be checked
|
| 276 |
defined('WARN_CONFIG_WRITEABLE') OR define('WARN_CONFIG_WRITEABLE', 'true'); |
| 277 |
defined('WARN_FILES_WRITEABLE') OR define('WARN_FILES_WRITEABLE', 'true'); |
| 278 |
defined('WARN_DIRS_WRITEABLE') OR define('WARN_DIRS_WRITEABLE', 'true'); |
| 279 |
|
| 280 |
foreach(auto_include(DIR_FS_ADMIN.'includes/extra/application_top/application_top_end/','php') as $file) require ($file); |
| 281 |
|
| 282 |
//compatibility for modified eCommerce Shopsoftware 1.06 files
|
| 283 |
defined('DIR_WS_BASE') OR define('DIR_WS_BASE', ''); |
| 284 |
?>
|