[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
Zen Cart 源代码 application_top.php

Zen Cart 源代码 application_top.php




下载文件

文件名: application_top.php
文件类型: PHP文件
文件大小: 7.1 KiB
MD5: fefc6b269139d5455fb38385066251c2

application_top.php - 关闭高亮
  1. <?php
  2. /**
  3.  * application_top.php Common actions carried out at the start of each page invocation.
  4.  *
  5.  * Initializes common classes & methods. Controlled by an array which describes
  6.  * the elements to be initialised and the order in which that happens.
  7.  * see {@link  http://www.zen-cart.com/wiki/index.php/Developers_API_Tutorials#InitSystem wikitutorials} for more details.
  8.  *
  9.  * @package initSystem
  10.  * @copyright Copyright 2003-2013 Zen Cart Development Team
  11.  * @copyright Portions Copyright 2003 osCommerce
  12.  * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
  13.  * @version GIT: $Id: Author: Ian Wilson  Sun Dec 30 15:16:17 2012 +0000 Modified in v1.5.2 $
  14.  */
  15. /**
  16.  * inoculate against hack attempts which waste CPU cycles
  17.  */
  18. $contaminated = (isset($_FILES['GLOBALS']) || isset($_REQUEST['GLOBALS'])) ? true : false;
  19. $paramsToAvoid = array('GLOBALS', '_COOKIE', '_ENV', '_FILES', '_GET', '_POST', '_REQUEST', '_SERVER', '_SESSION', 'HTTP_COOKIE_VARS', 'HTTP_ENV_VARS', 'HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_POST_FILES', 'HTTP_RAW_POST_DATA', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS');
  20. $paramsToAvoid[] = 'autoLoadConfig';
  21. $paramsToAvoid[] = 'mosConfig_absolute_path';
  22. $paramsToAvoid[] = 'hash';
  23. $paramsToAvoid[] = 'main';
  24. foreach($paramsToAvoid as $key) {
  25.   if (isset($_GET[$key]) || isset($_POST[$key]) || isset($_COOKIE[$key])) {
  26.     $contaminated = true;
  27.     break;
  28.   }
  29. }
  30. $paramsToCheck = array('main_page', 'cPath', 'products_id', 'language', 'currency', 'action', 'manufacturers_id', 'pID', 'pid', 'reviews_id', 'filter_id', 'zenid', 'sort', 'number_of_uploads', 'notify', 'page_holder', 'chapter', 'alpha_filter_id', 'typefilter', 'disp_order', 'id', 'key', 'music_genre_id', 'record_company_id', 'set_session_login', 'faq_item', 'edit', 'delete', 'search_in_description', 'dfrom', 'pfrom', 'dto', 'pto', 'inc_subcat', 'payment_error', 'order', 'gv_no', 'pos', 'addr', 'error', 'count', 'error_message', 'info_message', 'cID', 'page', 'credit_class_error_code');
  31. if (!$contaminated) {
  32.   foreach($paramsToCheck as $key) {
  33.     if (isset($_GET[$key]) && !is_array($_GET[$key])) {
  34.       if (substr($_GET[$key], 0, 4) == 'http' || strstr($_GET[$key], '//')) {
  35.         $contaminated = true;
  36.         break;
  37.       }
  38.       $len = (in_array($key, array('zenid', 'error_message', 'payment_error'))) ? 255 : 43;
  39.       if (isset($_GET[$key]) && strlen($_GET[$key]) > $len) {
  40.         $contaminated = true;
  41.         break;
  42.       }
  43.     }
  44.   }
  45. }
  46. unset($paramsToCheck, $paramsToAvoid, $key);
  47. if ($contaminated)
  48. {
  49.   header('HTTP/1.1 406 Not Acceptable');
  50.   exit(0);
  51. }
  52. unset($contaminated, $len);
  53. /* *** END OF INNOCULATION *** */
  54. /**
  55.  * boolean used to see if we are in the admin script, obviously set to false here.
  56.  */
  57. define('IS_ADMIN_FLAG', false);
  58. /**
  59.  * integer saves the time at which the script started.
  60.  */
  61. define('PAGE_PARSE_START_TIME', microtime());
  62. //  define('DISPLAY_PAGE_PARSE_TIME', 'true');
  63. @ini_set("arg_separator.output","&");
  64. @ini_set("html_errors","0");
  65. /**
  66.  * Set the local configuration parameters - mainly for developers
  67.  */
  68. if (file_exists('includes/local/configure.php')) {
  69.   /**
  70.    * load any local(user created) configure file.
  71.    */
  72.   include('includes/local/configure.php');
  73. }
  74. /**
  75.  * boolean if true the autoloader scripts will be parsed and their output shown. For debugging purposes only.
  76.  */
  77. define('DEBUG_AUTOLOAD', false);
  78. /**
  79.  * set the level of error reporting
  80.  *
  81.  * Note STRICT_ERROR_REPORTING should never be set to true on a production site. <br />
  82.  * It is mainly there to show php warnings during testing/bug fixing phases.<br />
  83.  */
  84. if (defined('STRICT_ERROR_REPORTING') && STRICT_ERROR_REPORTING == true) {
  85.   @ini_set('display_errors', TRUE);
  86.   error_reporting(version_compare(PHP_VERSION, 5.3, '>=') ? E_ALL & ~E_DEPRECATED & ~E_NOTICE : version_compare(PHP_VERSION, 5.4, '>=') ? E_ALL & ~E_DEPRECATED & ~E_NOTICE & ~E_STRICT : E_ALL & ~E_NOTICE);
  87. } else {
  88. }
  89. /*
  90.  * turn off magic-quotes support, for both runtime and sybase, as both will cause problems if enabled
  91.  */
  92. if (version_compare(PHP_VERSION, 5.3, '<') && function_exists('set_magic_quotes_runtime')) set_magic_quotes_runtime(0);
  93. if (version_compare(PHP_VERSION, 5.4, '<') && @ini_get('magic_quotes_sybase') != 0) @ini_set('magic_quotes_sybase', 0);
  94. /*
  95.  * Get time zone info from PHP config
  96.  */
  97. if (version_compare(PHP_VERSION, 5.3, '>='))
  98. {
  99.   @date_default_timezone_set(date_default_timezone_get());
  100. }
  101. /**
  102.  * check for and include load application parameters
  103.  */
  104. if (file_exists('includes/configure.php')) {
  105.   /**
  106.    * load the main configure file.
  107.    */
  108.   include('includes/configure.php');
  109. } else if (!defined('DIR_FS_CATALOG') && !defined('HTTP_SERVER') && !defined('DIR_WS_CATALOG') && !defined('DIR_WS_INCLUDES')) {
  110.   $problemString = 'includes/configure.php not found';
  111.   require('includes/templates/template_default/templates/tpl_zc_install_suggested_default.php');
  112.   exit;
  113. }
  114. /**
  115.  * if main configure file doesn't contain valid info (ie: is dummy or doesn't match filestructure, display assistance page to suggest running the installer)
  116.  */
  117. if (!defined('DIR_FS_CATALOG') || !is_dir(DIR_FS_CATALOG.'/includes/classes')) {
  118.   $problemString = 'includes/configure.php file contents invalid.  ie: DIR_FS_CATALOG not valid or not set';
  119.   require('includes/templates/template_default/templates/tpl_zc_install_suggested_default.php');
  120.   exit;
  121. }
  122. /**
  123.  * include the list of extra configure files
  124.  */
  125. if ($za_dir = @dir(DIR_WS_INCLUDES . 'extra_configures')) {
  126.   while ($zv_file = $za_dir->read()) {
  127.     if (preg_match('~^[^\._].*\.php$~i', $zv_file) > 0) {
  128.       /**
  129.        * load any user/contribution specific configuration files.
  130.        */
  131.       include(DIR_WS_INCLUDES . 'extra_configures/' . $zv_file);
  132.     }
  133.   }
  134.   $za_dir->close();
  135.   unset($za_dir);
  136. }
  137. $autoLoadConfig = array();
  138. if (isset($loaderPrefix)) {
  139.  $loaderPrefix = preg_replace('/[^a-z_]/', '', $loaderPrefix);
  140. } else {
  141.   $loaderPrefix = 'config';
  142. }
  143. $loader_file = $loaderPrefix . '.core.php';
  144. require('includes/initsystem.php');
  145. /**
  146.  * determine install status
  147.  */
  148. if (( (!file_exists('includes/configure.php') && !file_exists('includes/local/configure.php')) ) || (DB_TYPE == '') || (!file_exists('includes/classes/db/' .DB_TYPE . '/query_factory.php')) || !file_exists('includes/autoload_func.php')) {
  149.   $problemString = 'includes/configure.php file empty or file not found, OR wrong DB_TYPE set, OR cannot find includes/autoload_func.php which suggests paths are wrong or files were not uploaded correctly';
  150.   require('includes/templates/template_default/templates/tpl_zc_install_suggested_default.php');
  151.   header('location: zc_install/index.php');
  152.   exit;
  153. }
  154. /**
  155.  * load the autoloader interpreter code.
  156. */
  157. require('includes/autoload_func.php');
  158. /**
  159.  * load the counter code
  160. **/
  161. if ($spider_flag == false) {
  162. // counter and counter history
  163.   require(DIR_WS_INCLUDES . 'counter.php');
  164. }
  165. // get customers unique IP that paypal does not touch
  166. $customers_ip_address = $_SERVER['REMOTE_ADDR'];
  167. if (!isset($_SESSION['customers_ip_address'])) {
  168.   $_SESSION['customers_ip_address'] = $customers_ip_address;
  169. }
  170.  


cron