| [ Index ] |
|
Code source de Zen Cart E-Commerce Shopping Cart 1.3.7.1 |
1 <?php 2 /** 3 * customer authorisation based on DOWN_FOR_MAINTENANCE and CUSTOMERS_APPROVAL_AUTHORIZATION settings 4 * see {@link http://www.zen-cart.com/wiki/index.php/Developers_API_Tutorials#InitSystem wikitutorials} for more details. 5 * 6 * @package initSystem 7 * @copyright Copyright 2003-2006 Zen Cart Development Team 8 * @copyright Portions Copyright 2003 osCommerce 9 * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0 10 * @version $Id: init_customer_auth.php 5031 2006-12-02 00:59:31Z drbyte $ 11 */ 12 if (!defined('IS_ADMIN_FLAG')) { 13 die('Illegal Access'); 14 } 15 $down_for_maint_flag = false; 16 /** 17 * do not let people get to down for maintenance page if not turned on unless is admin in IP list 18 */ 19 if (DOWN_FOR_MAINTENANCE=='false' and $_GET['main_page'] == DOWN_FOR_MAINTENANCE_FILENAME && !strstr(EXCLUDE_ADMIN_IP_FOR_MAINTENANCE, $_SERVER['REMOTE_ADDR'])){ 20 zen_redirect(zen_href_link(FILENAME_DEFAULT)); 21 } 22 /** 23 * see if DFM mode type is defined (strict means all pages blocked, relaxed means logoff/privacy/etc pages are usable) 24 */ 25 if (!defined('DOWN_FOR_MAINTENANCE_TYPE')) define(DOWN_FOR_MAINTENANCE_TYPE, 'relaxed'); 26 /** 27 * check to see if site is DFM, and set a flag for use later 28 */ 29 if (DOWN_FOR_MAINTENANCE == 'true') { 30 if (!strstr(EXCLUDE_ADMIN_IP_FOR_MAINTENANCE, $_SERVER['REMOTE_ADDR'])){ 31 if ($_GET['main_page'] != DOWN_FOR_MAINTENANCE_FILENAME) $down_for_maint_flag = true; 32 } 33 } 34 /** 35 * recheck customer status for authorization 36 */ 37 if (CUSTOMERS_APPROVAL_AUTHORIZATION > 0 && ($_SESSION['customer_id'] != '' and $_SESSION['customers_authorization'] != '0')) { 38 $check_customer_query = "select customers_id, customers_authorization 39 from " . TABLE_CUSTOMERS . " 40 where customers_id = '" . $_SESSION['customer_id'] . "'"; 41 $check_customer = $db->Execute($check_customer_query); 42 $_SESSION['customers_authorization'] = $check_customer->fields['customers_authorization']; 43 } 44 /** 45 * customer login status 46 * 0 = normal shopping 47 * 1 = Login to shop 48 * 2 = Can browse but no prices 49 * 50 * customer authorization status 51 * 0 = normal shopping 52 * 1 = customer authorization to shop 53 * 2 = customer authorization pending can browse but no prices 54 */ 55 switch (true) { 56 case ($down_for_maint_flag && DOWN_FOR_MAINTENANCE_TYPE == 'strict'): 57 // if DFM is in strict mode, then block access to all pages: 58 zen_redirect(zen_href_link(DOWN_FOR_MAINTENANCE_FILENAME)); 59 break; 60 61 case (!in_array($_GET['main_page'], array(FILENAME_LOGOFF, FILENAME_PRIVACY, FILENAME_CONTACT_US, FILENAME_CONDITIONS, FILENAME_SHIPPING))): 62 // on special pages, if DFM mode is "relaxed", allow access to these pages 63 if ($down_for_maint_flag && DOWN_FOR_MAINTENANCE_TYPE == 'relaxed') { 64 zen_redirect(zen_href_link(DOWN_FOR_MAINTENANCE_FILENAME)); 65 } 66 break; 67 68 case (in_array($_GET['main_page'], array(FILENAME_LOGOFF, FILENAME_PRIVACY, FILENAME_PASSWORD_FORGOTTEN, FILENAME_CONTACT_US, FILENAME_CONDITIONS, FILENAME_SHIPPING, FILENAME_UNSUBSCRIBE))): 69 // on special pages, allow customers to access regardless of store mode or cust auth mode 70 break; 71 72 /** 73 * if not down for maintenance check login status 74 */ 75 case (CUSTOMERS_APPROVAL == '1' and $_SESSION['customer_id'] == ''): 76 /** 77 * customer must be logged in to browse 78 */ 79 if (!in_array($_GET['main_page'], array(FILENAME_LOGIN, FILENAME_CREATE_ACCOUNT))) { 80 if (!isset($_GET['set_session_login'])) { 81 $_GET['set_session_login'] = 'true'; 82 $_SESSION['navigation']->set_snapshot(); 83 } 84 zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL')); 85 } 86 break; 87 case (CUSTOMERS_APPROVAL == '2' and $_SESSION['customer_id'] == ''): 88 /** 89 * customer may browse but no prices 90 */ 91 break; 92 default: 93 /** 94 * proceed normally 95 */ 96 break; 97 } 98 99 switch (true) { 100 case (CUSTOMERS_APPROVAL_AUTHORIZATION == '1' and $_SESSION['customer_id'] == ''): 101 /** 102 * customer must be logged in to browse 103 */ 104 if (!in_array($_GET['main_page'], array(FILENAME_LOGIN, FILENAME_CREATE_ACCOUNT))) { 105 if (!isset($_GET['set_session_login'])) { 106 $_GET['set_session_login'] = 'true'; 107 $_SESSION['navigation']->set_snapshot(); 108 } 109 zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL')); 110 } 111 break; 112 case (CUSTOMERS_APPROVAL_AUTHORIZATION == '2' and $_SESSION['customer_id'] == ''): 113 /** 114 * customer must be logged in to browse 115 */ 116 /* 117 if (!in_array($_GET['main_page'], array(FILENAME_LOGIN, FILENAME_CREATE_ACCOUNT))) { 118 if (!isset($_GET['set_session_login'])) { 119 $_GET['set_session_login'] = 'true'; 120 $_SESSION['navigation']->set_snapshot(); 121 } 122 zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL')); 123 } 124 */ 125 break; 126 case (CUSTOMERS_APPROVAL_AUTHORIZATION == '1' and $_SESSION['customers_authorization'] != '0'): 127 /** 128 * customer is pending approval 129 * customer must be logged in to browse 130 */ 131 if ($_GET['main_page'] != CUSTOMERS_AUTHORIZATION_FILENAME) { 132 zen_redirect(zen_href_link(CUSTOMERS_AUTHORIZATION_FILENAME)); 133 } 134 break; 135 case (CUSTOMERS_APPROVAL_AUTHORIZATION == '2' and $_SESSION['customers_authorization'] != '0'): 136 /** 137 * customer may browse but no prices 138 */ 139 break; 140 default: 141 /** 142 * proceed normally 143 */ 144 break; 145 } 146 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Mon Nov 26 16:45:43 2007 | par Balluche grâce à PHPXref 0.7 |
|
|