| [ Index ] |
|
Code source de osCommerce 2.2ms2-060817 |
1 <?php 2 /* 3 $Id: application_top.php,v 1.280 2003/07/12 09:38:07 hpdl Exp $ 4 5 osCommerce, Open Source E-Commerce Solutions 6 http://www.oscommerce.com 7 8 Copyright (c) 2003 osCommerce 9 10 Released under the GNU General Public License 11 */ 12 13 // start the timer for the page parse time log 14 define('PAGE_PARSE_START_TIME', microtime()); 15 16 // set the level of error reporting 17 error_reporting(E_ALL & ~E_NOTICE); 18 19 // check if register_globals is enabled. 20 // since this is a temporary measure this message is hardcoded. The requirement will be removed before 2.2 is finalized. 21 if (function_exists('ini_get')) { 22 ini_get('register_globals') or exit('Server Requirement Error: register_globals is disabled in your PHP configuration. This can be enabled in your php.ini configuration file or in the .htaccess file in your catalog directory.'); 23 } 24 25 // Set the local configuration parameters - mainly for developers 26 if (file_exists('includes/local/configure.php')) include('includes/local/configure.php'); 27 28 // include server parameters 29 require('includes/configure.php'); 30 31 if (strlen(DB_SERVER) < 1) { 32 if (is_dir('install')) { 33 header('Location: install/index.php'); 34 } 35 } 36 37 // define the project version 38 define('PROJECT_VERSION', 'osCommerce 2.2-MS2'); 39 40 // set the type of request (secure or not) 41 $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; 42 43 // set php_self in the local scope 44 if (!isset($PHP_SELF)) $PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF']; 45 46 if ($request_type == 'NONSSL') { 47 define('DIR_WS_CATALOG', DIR_WS_HTTP_CATALOG); 48 } else { 49 define('DIR_WS_CATALOG', DIR_WS_HTTPS_CATALOG); 50 } 51 52 // include the list of project filenames 53 require (DIR_WS_INCLUDES . 'filenames.php'); 54 55 // include the list of project database tables 56 require (DIR_WS_INCLUDES . 'database_tables.php'); 57 58 // customization for the design layout 59 define('BOX_WIDTH', 125); // how wide the boxes should be in pixels (default: 125) 60 61 // include the database functions 62 require(DIR_WS_FUNCTIONS . 'database.php'); 63 64 // make a connection to the database... now 65 tep_db_connect() or die('Unable to connect to database server!'); 66 67 // set the application parameters 68 $configuration_query = tep_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION); 69 while ($configuration = tep_db_fetch_array($configuration_query)) { 70 define($configuration['cfgKey'], $configuration['cfgValue']); 71 } 72 73 // if gzip_compression is enabled, start to buffer the output 74 if ( (GZIP_COMPRESSION == 'true') && ($ext_zlib_loaded = extension_loaded('zlib')) && (PHP_VERSION >= '4') ) { 75 if (($ini_zlib_output_compression = (int)ini_get('zlib.output_compression')) < 1) { 76 if (PHP_VERSION >= '4.0.4') { 77 ob_start('ob_gzhandler'); 78 } else { 79 include(DIR_WS_FUNCTIONS . 'gzip_compression.php'); 80 ob_start(); 81 ob_implicit_flush(); 82 } 83 } else { 84 ini_set('zlib.output_compression_level', GZIP_LEVEL); 85 } 86 } 87 88 // set the HTTP GET parameters manually if search_engine_friendly_urls is enabled 89 if (SEARCH_ENGINE_FRIENDLY_URLS == 'true') { 90 if (strlen(getenv('PATH_INFO')) > 1) { 91 $GET_array = array(); 92 $PHP_SELF = str_replace(getenv('PATH_INFO'), '', $PHP_SELF); 93 $vars = explode('/', substr(getenv('PATH_INFO'), 1)); 94 for ($i=0, $n=sizeof($vars); $i<$n; $i++) { 95 if (strpos($vars[$i], '[]')) { 96 $GET_array[substr($vars[$i], 0, -2)][] = $vars[$i+1]; 97 } else { 98 $HTTP_GET_VARS[$vars[$i]] = $vars[$i+1]; 99 } 100 $i++; 101 } 102 103 if (sizeof($GET_array) > 0) { 104 while (list($key, $value) = each($GET_array)) { 105 $HTTP_GET_VARS[$key] = $value; 106 } 107 } 108 } 109 } 110 111 // define general functions used application-wide 112 require(DIR_WS_FUNCTIONS . 'general.php'); 113 require(DIR_WS_FUNCTIONS . 'html_output.php'); 114 115 // set the cookie domain 116 $cookie_domain = (($request_type == 'NONSSL') ? HTTP_COOKIE_DOMAIN : HTTPS_COOKIE_DOMAIN); 117 $cookie_path = (($request_type == 'NONSSL') ? HTTP_COOKIE_PATH : HTTPS_COOKIE_PATH); 118 119 // include cache functions if enabled 120 if (USE_CACHE == 'true') include(DIR_WS_FUNCTIONS . 'cache.php'); 121 122 // include shopping cart class 123 require(DIR_WS_CLASSES . 'shopping_cart.php'); 124 125 // include navigation history class 126 require(DIR_WS_CLASSES . 'navigation_history.php'); 127 128 // some code to solve compatibility issues 129 require(DIR_WS_FUNCTIONS . 'compatibility.php'); 130 131 // check if sessions are supported, otherwise use the php3 compatible session class 132 if (!function_exists('session_start')) { 133 define('PHP_SESSION_NAME', 'osCsid'); 134 define('PHP_SESSION_PATH', $cookie_path); 135 define('PHP_SESSION_DOMAIN', $cookie_domain); 136 define('PHP_SESSION_SAVE_PATH', SESSION_WRITE_DIRECTORY); 137 138 include(DIR_WS_CLASSES . 'sessions.php'); 139 } 140 141 // define how the session functions will be used 142 require(DIR_WS_FUNCTIONS . 'sessions.php'); 143 144 // set the session name and save path 145 tep_session_name('osCsid'); 146 tep_session_save_path(SESSION_WRITE_DIRECTORY); 147 148 // set the session cookie parameters 149 if (function_exists('session_set_cookie_params')) { 150 session_set_cookie_params(0, $cookie_path, $cookie_domain); 151 } elseif (function_exists('ini_set')) { 152 ini_set('session.cookie_lifetime', '0'); 153 ini_set('session.cookie_path', $cookie_path); 154 ini_set('session.cookie_domain', $cookie_domain); 155 } 156 157 // set the session ID if it exists 158 if (isset($HTTP_POST_VARS[tep_session_name()])) { 159 tep_session_id($HTTP_POST_VARS[tep_session_name()]); 160 } elseif ( ($request_type == 'SSL') && isset($HTTP_GET_VARS[tep_session_name()]) ) { 161 tep_session_id($HTTP_GET_VARS[tep_session_name()]); 162 } 163 164 // start the session 165 $session_started = false; 166 if (SESSION_FORCE_COOKIE_USE == 'True') { 167 tep_setcookie('cookie_test', 'please_accept_for_session', time()+60*60*24*30, $cookie_path, $cookie_domain); 168 169 if (isset($HTTP_COOKIE_VARS['cookie_test'])) { 170 tep_session_start(); 171 $session_started = true; 172 } 173 } elseif (SESSION_BLOCK_SPIDERS == 'True') { 174 $user_agent = strtolower(getenv('HTTP_USER_AGENT')); 175 $spider_flag = false; 176 177 if (tep_not_null($user_agent)) { 178 $spiders = file(DIR_WS_INCLUDES . 'spiders.txt'); 179 180 for ($i=0, $n=sizeof($spiders); $i<$n; $i++) { 181 if (tep_not_null($spiders[$i])) { 182 if (is_integer(strpos($user_agent, trim($spiders[$i])))) { 183 $spider_flag = true; 184 break; 185 } 186 } 187 } 188 } 189 190 if ($spider_flag == false) { 191 tep_session_start(); 192 $session_started = true; 193 } 194 } else { 195 tep_session_start(); 196 $session_started = true; 197 } 198 199 // set SID once, even if empty 200 $SID = (defined('SID') ? SID : ''); 201 202 // verify the ssl_session_id if the feature is enabled 203 if ( ($request_type == 'SSL') && (SESSION_CHECK_SSL_SESSION_ID == 'True') && (ENABLE_SSL == true) && ($session_started == true) ) { 204 $ssl_session_id = getenv('SSL_SESSION_ID'); 205 if (!tep_session_is_registered('SSL_SESSION_ID')) { 206 $SESSION_SSL_ID = $ssl_session_id; 207 tep_session_register('SESSION_SSL_ID'); 208 } 209 210 if ($SESSION_SSL_ID != $ssl_session_id) { 211 tep_session_destroy(); 212 tep_redirect(tep_href_link(FILENAME_SSL_CHECK)); 213 } 214 } 215 216 // verify the browser user agent if the feature is enabled 217 if (SESSION_CHECK_USER_AGENT == 'True') { 218 $http_user_agent = getenv('HTTP_USER_AGENT'); 219 if (!tep_session_is_registered('SESSION_USER_AGENT')) { 220 $SESSION_USER_AGENT = $http_user_agent; 221 tep_session_register('SESSION_USER_AGENT'); 222 } 223 224 if ($SESSION_USER_AGENT != $http_user_agent) { 225 tep_session_destroy(); 226 tep_redirect(tep_href_link(FILENAME_LOGIN)); 227 } 228 } 229 230 // verify the IP address if the feature is enabled 231 if (SESSION_CHECK_IP_ADDRESS == 'True') { 232 $ip_address = tep_get_ip_address(); 233 if (!tep_session_is_registered('SESSION_IP_ADDRESS')) { 234 $SESSION_IP_ADDRESS = $ip_address; 235 tep_session_register('SESSION_IP_ADDRESS'); 236 } 237 238 if ($SESSION_IP_ADDRESS != $ip_address) { 239 tep_session_destroy(); 240 tep_redirect(tep_href_link(FILENAME_LOGIN)); 241 } 242 } 243 244 // create the shopping cart & fix the cart if necesary 245 if (tep_session_is_registered('cart') && is_object($cart)) { 246 if (PHP_VERSION < 4) { 247 $broken_cart = $cart; 248 $cart = new shoppingCart; 249 $cart->unserialize($broken_cart); 250 } 251 } else { 252 tep_session_register('cart'); 253 $cart = new shoppingCart; 254 } 255 256 // include currencies class and create an instance 257 require (DIR_WS_CLASSES . 'currencies.php'); 258 $currencies = new currencies(); 259 260 // include the mail classes 261 require(DIR_WS_CLASSES . 'mime.php'); 262 require(DIR_WS_CLASSES . 'email.php'); 263 264 // set the language 265 if (!tep_session_is_registered('language') || isset($HTTP_GET_VARS['language'])) { 266 if (!tep_session_is_registered('language')) { 267 tep_session_register('language'); 268 tep_session_register('languages_id'); 269 } 270 271 include(DIR_WS_CLASSES . 'language.php'); 272 $lng = new language(); 273 274 if (isset($HTTP_GET_VARS['language']) && tep_not_null($HTTP_GET_VARS['language'])) { 275 $lng->set_language($HTTP_GET_VARS['language']); 276 } else { 277 $lng->get_browser_language(); 278 } 279 280 $language = $lng->language['directory']; 281 $languages_id = $lng->language['id']; 282 } 283 284 // include the language translations 285 require(DIR_WS_LANGUAGES . $language . '.php'); 286 287 // currency 288 if (!tep_session_is_registered('currency') || isset($HTTP_GET_VARS['currency']) || ( (USE_DEFAULT_LANGUAGE_CURRENCY == 'true') && (LANGUAGE_CURRENCY != $currency) ) ) { 289 if (!tep_session_is_registered('currency')) tep_session_register('currency'); 290 291 if (isset($HTTP_GET_VARS['currency'])) { 292 if (!$currency = tep_currency_exists($HTTP_GET_VARS['currency'])) $currency = (USE_DEFAULT_LANGUAGE_CURRENCY == 'true') ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY; 293 } else { 294 $currency = (USE_DEFAULT_LANGUAGE_CURRENCY == 'true') ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY; 295 } 296 } 297 298 // navigation history 299 if (tep_session_is_registered('navigation')) { 300 if (PHP_VERSION < 4) { 301 $broken_navigation = $navigation; 302 $navigation = new navigationHistory; 303 $navigation->unserialize($broken_navigation); 304 } 305 } else { 306 tep_session_register('navigation'); 307 $navigation = new navigationHistory; 308 } 309 $navigation->add_current_page(); 310 311 // Shopping cart actions 312 if (isset($HTTP_GET_VARS['action'])) { 313 // redirect the customer to a friendly cookie-must-be-enabled page if cookies are disabled 314 if ($session_started == false) { 315 tep_redirect(tep_href_link(FILENAME_COOKIE_USAGE)); 316 } 317 318 if (DISPLAY_CART == 'true') { 319 $goto = FILENAME_SHOPPING_CART; 320 $parameters = array('action', 'cPath', 'products_id', 'pid'); 321 } else { 322 $goto = basename($PHP_SELF); 323 if ($HTTP_GET_VARS['action'] == 'buy_now') { 324 $parameters = array('action', 'pid', 'products_id'); 325 } else { 326 $parameters = array('action', 'pid'); 327 } 328 } 329 switch ($HTTP_GET_VARS['action']) { 330 // customer wants to update the product quantity in their shopping cart 331 case 'update_product' : for ($i=0, $n=sizeof($HTTP_POST_VARS['products_id']); $i<$n; $i++) { 332 if (in_array($HTTP_POST_VARS['products_id'][$i], (is_array($HTTP_POST_VARS['cart_delete']) ? $HTTP_POST_VARS['cart_delete'] : array()))) { 333 $cart->remove($HTTP_POST_VARS['products_id'][$i]); 334 } else { 335 if (PHP_VERSION < 4) { 336 // if PHP3, make correction for lack of multidimensional array. 337 reset($HTTP_POST_VARS); 338 while (list($key, $value) = each($HTTP_POST_VARS)) { 339 if (is_array($value)) { 340 while (list($key2, $value2) = each($value)) { 341 if (ereg ("(.*)\]\[(.*)", $key2, $var)) { 342 $id2[$var[1]][$var[2]] = $value2; 343 } 344 } 345 } 346 } 347 $attributes = ($id2[$HTTP_POST_VARS['products_id'][$i]]) ? $id2[$HTTP_POST_VARS['products_id'][$i]] : ''; 348 } else { 349 $attributes = ($HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]]) ? $HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]] : ''; 350 } 351 $cart->add_cart($HTTP_POST_VARS['products_id'][$i], $HTTP_POST_VARS['cart_quantity'][$i], $attributes, false); 352 } 353 } 354 tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters))); 355 break; 356 // customer adds a product from the products page 357 case 'add_product' : if (isset($HTTP_POST_VARS['products_id']) && is_numeric($HTTP_POST_VARS['products_id'])) { 358 $cart->add_cart($HTTP_POST_VARS['products_id'], $cart->get_quantity(tep_get_uprid($HTTP_POST_VARS['products_id'], $HTTP_POST_VARS['id']))+1, $HTTP_POST_VARS['id']); 359 } 360 tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters))); 361 break; 362 // performed by the 'buy now' button in product listings and review page 363 case 'buy_now' : if (isset($HTTP_GET_VARS['products_id'])) { 364 if (tep_has_product_attributes($HTTP_GET_VARS['products_id'])) { 365 tep_redirect(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['products_id'])); 366 } else { 367 $cart->add_cart($HTTP_GET_VARS['products_id'], $cart->get_quantity($HTTP_GET_VARS['products_id'])+1); 368 } 369 } 370 tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters))); 371 break; 372 case 'notify' : if (tep_session_is_registered('customer_id')) { 373 if (isset($HTTP_GET_VARS['products_id'])) { 374 $notify = $HTTP_GET_VARS['products_id']; 375 } elseif (isset($HTTP_GET_VARS['notify'])) { 376 $notify = $HTTP_GET_VARS['notify']; 377 } elseif (isset($HTTP_POST_VARS['notify'])) { 378 $notify = $HTTP_POST_VARS['notify']; 379 } else { 380 tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action', 'notify')))); 381 } 382 if (!is_array($notify)) $notify = array($notify); 383 for ($i=0, $n=sizeof($notify); $i<$n; $i++) { 384 $check_query = tep_db_query("select count(*) as count from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . $notify[$i] . "' and customers_id = '" . $customer_id . "'"); 385 $check = tep_db_fetch_array($check_query); 386 if ($check['count'] < 1) { 387 tep_db_query("insert into " . TABLE_PRODUCTS_NOTIFICATIONS . " (products_id, customers_id, date_added) values ('" . $notify[$i] . "', '" . $customer_id . "', now())"); 388 } 389 } 390 tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action', 'notify')))); 391 } else { 392 $navigation->set_snapshot(); 393 tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); 394 } 395 break; 396 case 'notify_remove' : if (tep_session_is_registered('customer_id') && isset($HTTP_GET_VARS['products_id'])) { 397 $check_query = tep_db_query("select count(*) as count from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . $HTTP_GET_VARS['products_id'] . "' and customers_id = '" . $customer_id . "'"); 398 $check = tep_db_fetch_array($check_query); 399 if ($check['count'] > 0) { 400 tep_db_query("delete from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . $HTTP_GET_VARS['products_id'] . "' and customers_id = '" . $customer_id . "'"); 401 } 402 tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')))); 403 } else { 404 $navigation->set_snapshot(); 405 tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); 406 } 407 break; 408 case 'cust_order' : if (tep_session_is_registered('customer_id') && isset($HTTP_GET_VARS['pid'])) { 409 if (tep_has_product_attributes($HTTP_GET_VARS['pid'])) { 410 tep_redirect(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['pid'])); 411 } else { 412 $cart->add_cart($HTTP_GET_VARS['pid'], $cart->get_quantity($HTTP_GET_VARS['pid'])+1); 413 } 414 } 415 tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters))); 416 break; 417 } 418 } 419 420 // include the who's online functions 421 require(DIR_WS_FUNCTIONS . 'whos_online.php'); 422 tep_update_whos_online(); 423 424 // include the password crypto functions 425 require(DIR_WS_FUNCTIONS . 'password_funcs.php'); 426 427 // include validation functions (right now only email address) 428 require(DIR_WS_FUNCTIONS . 'validations.php'); 429 430 // split-page-results 431 require(DIR_WS_CLASSES . 'split_page_results.php'); 432 433 // infobox 434 require(DIR_WS_CLASSES . 'boxes.php'); 435 436 // auto activate and expire banners 437 require(DIR_WS_FUNCTIONS . 'banner.php'); 438 tep_activate_banners(); 439 tep_expire_banners(); 440 441 // auto expire special products 442 require(DIR_WS_FUNCTIONS . 'specials.php'); 443 tep_expire_specials(); 444 445 // calculate category path 446 if (isset($HTTP_GET_VARS['cPath'])) { 447 $cPath = $HTTP_GET_VARS['cPath']; 448 } elseif (isset($HTTP_GET_VARS['products_id']) && !isset($HTTP_GET_VARS['manufacturers_id'])) { 449 $cPath = tep_get_product_path($HTTP_GET_VARS['products_id']); 450 } else { 451 $cPath = ''; 452 } 453 454 if (tep_not_null($cPath)) { 455 $cPath_array = tep_parse_category_path($cPath); 456 $cPath = implode('_', $cPath_array); 457 $current_category_id = $cPath_array[(sizeof($cPath_array)-1)]; 458 } else { 459 $current_category_id = 0; 460 } 461 462 // include the breadcrumb class and start the breadcrumb trail 463 require(DIR_WS_CLASSES . 'breadcrumb.php'); 464 $breadcrumb = new breadcrumb; 465 466 $breadcrumb->add(HEADER_TITLE_TOP, HTTP_SERVER); 467 $breadcrumb->add(HEADER_TITLE_CATALOG, tep_href_link(FILENAME_DEFAULT)); 468 469 // add category names or the manufacturer name to the breadcrumb trail 470 if (isset($cPath_array)) { 471 for ($i=0, $n=sizeof($cPath_array); $i<$n; $i++) { 472 $categories_query = tep_db_query("select categories_name from " . TABLE_CATEGORIES_DESCRIPTION . " where categories_id = '" . (int)$cPath_array[$i] . "' and language_id = '" . (int)$languages_id . "'"); 473 if (tep_db_num_rows($categories_query) > 0) { 474 $categories = tep_db_fetch_array($categories_query); 475 $breadcrumb->add($categories['categories_name'], tep_href_link(FILENAME_DEFAULT, 'cPath=' . implode('_', array_slice($cPath_array, 0, ($i+1))))); 476 } else { 477 break; 478 } 479 } 480 } elseif (isset($HTTP_GET_VARS['manufacturers_id'])) { 481 $manufacturers_query = tep_db_query("select manufacturers_name from " . TABLE_MANUFACTURERS . " where manufacturers_id = '" . (int)$HTTP_GET_VARS['manufacturers_id'] . "'"); 482 if (tep_db_num_rows($manufacturers_query)) { 483 $manufacturers = tep_db_fetch_array($manufacturers_query); 484 $breadcrumb->add($manufacturers['manufacturers_name'], tep_href_link(FILENAME_DEFAULT, 'manufacturers_id=' . $HTTP_GET_VARS['manufacturers_id'])); 485 } 486 } 487 488 // add the products model to the breadcrumb trail 489 if (isset($HTTP_GET_VARS['products_id'])) { 490 $model_query = tep_db_query("select products_model from " . TABLE_PRODUCTS . " where products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "'"); 491 if (tep_db_num_rows($model_query)) { 492 $model = tep_db_fetch_array($model_query); 493 $breadcrumb->add($model['products_model'], tep_href_link(FILENAME_PRODUCT_INFO, 'cPath=' . $cPath . '&products_id=' . $HTTP_GET_VARS['products_id'])); 494 } 495 } 496 497 // initialize the message stack for output messages 498 require(DIR_WS_CLASSES . 'message_stack.php'); 499 $messageStack = new messageStack; 500 501 // set which precautions should be checked 502 define('WARN_INSTALL_EXISTENCE', 'true'); 503 define('WARN_CONFIG_WRITEABLE', 'true'); 504 define('WARN_SESSION_DIRECTORY_NOT_WRITEABLE', 'true'); 505 define('WARN_SESSION_AUTO_START', 'true'); 506 define('WARN_DOWNLOAD_DIRECTORY_NOT_READABLE', 'true'); 507 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Mon Nov 26 19:48:25 2007 | par Balluche grâce à PHPXref 0.7 |
|
|