[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
Zen Cart 源代码 application_top.php

Zen Cart 源代码 application_top.php




下载文件

文件名: application_top.php
文件类型: PHP文件
文件大小: 6.75 KiB
MD5: 9da24cb56ab9de0228ca90acaaca0501

application_top.php - 关闭高亮
  1. <?php
  2. /**
  3.  * application_top.php Common actions carried out at the start of each page invocation.
  4.  *
  5.  * Initializes common classes & methods. Controlled by an array which describes
  6.  * the elements to be initialised and the order in which that happens.
  7.  * see {@link  http://www.zen-cart.com/wiki/index.php/Developers_API_Tutorials#InitSystem wikitutorials} for more details.
  8.  *
  9.  * @package initSystem
  10.  * @copyright Copyright 2003-2010 Zen Cart Development Team
  11.  * @copyright Portions Copyright 2003 osCommerce
  12.  * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
  13.  * @version $Id: application_top.php 15766 2010-03-31 20:17:56Z drbyte $
  14.  */
  15. /**
  16.  * inoculate against hack attempts which waste CPU cycles
  17.  */
  18. $contaminated = (isset($_FILES['GLOBALS']) || isset($_REQUEST['GLOBALS'])) ? true : false;
  19. $paramsToAvoid = array('GLOBALS', '_COOKIE', '_ENV', '_FILES', '_GET', '_POST', '_REQUEST', '_SERVER', '_SESSION', 'HTTP_COOKIE_VARS', 'HTTP_ENV_VARS', 'HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_POST_FILES', 'HTTP_RAW_POST_DATA', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS');
  20. $paramsToAvoid[] = 'autoLoadConfig';
  21. $paramsToAvoid[] = 'mosConfig_absolute_path';
  22. $paramsToAvoid[] = 'hash';
  23. $paramsToAvoid[] = 'main';
  24. foreach($paramsToAvoid as $key) {
  25.   if (isset($_GET[$key]) || isset($_POST[$key]) || isset($_COOKIE[$key])) {
  26.     $contaminated = true;
  27.     break;
  28.   }
  29. }
  30. $paramsToCheck = array('main_page', 'cPath', 'products_id', 'language', 'currency', 'action', 'manufacturers_id', 'pID', 'pid', 'reviews_id', 'filter_id', 'zenid', 'sort', 'number_of_uploads', 'notify', 'page_holder', 'chapter', 'alpha_filter_id', 'typefilter', 'disp_order', 'id', 'key', 'music_genre_id', 'record_company_id', 'set_session_login', 'faq_item', 'edit', 'delete', 'search_in_description', 'dfrom', 'pfrom', 'dto', 'pto', 'inc_subcat', 'payment_error', 'order', 'gv_no', 'pos', 'addr', 'error', 'count', 'error_message', 'info_message', 'cID', 'page', 'credit_class_error_code');
  31. if (!$contaminated) {
  32.   foreach($paramsToCheck as $key) {
  33.     if (isset($_GET[$key]) && !is_array($_GET[$key])) {
  34.       if (substr($_GET[$key], 0, 4) == 'http' || strstr($_GET[$key], '//')) {
  35.         $contaminated = true;
  36.         break;
  37.       }
  38.       if (isset($_GET[$key]) && strlen($_GET[$key]) > 43) {
  39.         $contaminated = true;
  40.         break;
  41.       }
  42.     }
  43.   }
  44. }
  45. unset($paramsToCheck, $paramsToAvoid, $key);
  46. if ($contaminated)
  47. {
  48.   header('HTTP/1.1 406 Not Acceptable');
  49.   exit(0);
  50. }
  51. unset($contaminated);
  52. /* *** END OF INNOCULATION *** */
  53. /**
  54.  * boolean used to see if we are in the admin script, obviously set to false here.
  55.  */
  56. define('IS_ADMIN_FLAG', false);
  57. /**
  58.  * integer saves the time at which the script started.
  59.  */
  60. define('PAGE_PARSE_START_TIME', microtime());
  61. //  define('DISPLAY_PAGE_PARSE_TIME', 'true');
  62. @ini_set("arg_separator.output","&");
  63. /**
  64.  * Set the local configuration parameters - mainly for developers
  65.  */
  66. if (file_exists('includes/local/configure.php')) {
  67.   /**
  68.    * load any local(user created) configure file.
  69.    */
  70.   include('includes/local/configure.php');
  71. }
  72. /**
  73.  * boolean if true the autoloader scripts will be parsed and their output shown. For debugging purposes only.
  74.  */
  75. define('DEBUG_AUTOLOAD', false);
  76. /**
  77.  * set the level of error reporting
  78.  *
  79.  * Note STRICT_ERROR_REPORTING should never be set to true on a production site. <br />
  80.  * It is mainly there to show php warnings during testing/bug fixing phases.<br />
  81.  * note for strict error reporting we also turn on show_errors as this may be disabled<br />
  82.  * in php.ini. Otherwise we respect the php.ini setting
  83.  *
  84.  */
  85. if (defined('STRICT_ERROR_REPORTING') && STRICT_ERROR_REPORTING == true) {
  86.   @ini_set('display_errors', TRUE);
  87.   error_reporting(version_compare(PHP_VERSION, 5.3, '>=') ? E_ALL & ~E_DEPRECATED & ~E_NOTICE : version_compare(PHP_VERSION, 6.0, '>=') ? E_ALL & ~E_DEPRECATED & ~E_NOTICE & ~E_STRICT : E_ALL & ~E_NOTICE);
  88. } else {
  89. }
  90. /*
  91.  * turn off magic-quotes support, for both runtime and sybase, as both will cause problems if enabled
  92.  */
  93. if (version_compare(PHP_VERSION, 5.3, '<') && function_exists('set_magic_quotes_runtime')) set_magic_quotes_runtime(0);
  94. if (@ini_get('magic_quotes_sybase') != 0) @ini_set('magic_quotes_sybase', 0);
  95. /**
  96.  * check for and include load application parameters
  97.  */
  98. if (file_exists('includes/configure.php')) {
  99.   /**
  100.    * load the main configure file.
  101.    */
  102.   include('includes/configure.php');
  103. } else {
  104.   $problemString = 'includes/configure.php not found';
  105.   require('includes/templates/template_default/templates/tpl_zc_install_suggested_default.php');
  106.   exit;
  107. }
  108. /**
  109.  * if main configure file doesn't contain valid info (ie: is dummy or doesn't match filestructure, display assistance page to suggest running the installer)
  110.  */
  111. if (!defined('DIR_FS_CATALOG') || !is_dir(DIR_FS_CATALOG.'/includes/classes')) {
  112.   $problemString = 'includes/configure.php file contents invalid.  ie: DIR_FS_CATALOG not valid or not set';
  113.   require('includes/templates/template_default/templates/tpl_zc_install_suggested_default.php');
  114.   exit;
  115. }
  116. /**
  117.  * include the list of extra configure files
  118.  */
  119. if ($za_dir = @dir(DIR_WS_INCLUDES . 'extra_configures')) {
  120.   while ($zv_file = $za_dir->read()) {
  121.     if (preg_match('/\.php$/', $zv_file) > 0) {
  122.       /**
  123.        * load any user/contribution specific configuration files.
  124.        */
  125.       include(DIR_WS_INCLUDES . 'extra_configures/' . $zv_file);
  126.     }
  127.   }
  128.   $za_dir->close();
  129.   unset($za_dir);
  130. }
  131. $autoLoadConfig = array();
  132. if (isset($loaderPrefix)) {
  133.  $loaderPrefix = preg_replace('/[a-z_]^/', '', $loaderPrefix);
  134. } else {
  135.   $loaderPrefix = 'config';
  136. }
  137. $loader_file = $loaderPrefix . '.core.php';
  138. require('includes/initsystem.php');
  139. /**
  140.  * determine install status
  141.  */
  142. if (( (!file_exists('includes/configure.php') && !file_exists('includes/local/configure.php')) ) || (DB_TYPE == '') || (!file_exists('includes/classes/db/' .DB_TYPE . '/query_factory.php')) || !file_exists('includes/autoload_func.php')) {
  143.   $problemString = 'includes/configure.php file empty or file not found, OR wrong DB_TYPE set, OR cannot find includes/autoload_func.php which suggests paths are wrong or files were not uploaded correctly';
  144.   require('includes/templates/template_default/templates/tpl_zc_install_suggested_default.php');
  145.   header('location: zc_install/index.php');
  146.   exit;
  147. }
  148. /**
  149.  * load the autoloader interpreter code.
  150. */
  151. require('includes/autoload_func.php');
  152. /**
  153.  * load the counter code
  154. **/
  155. if ($spider_flag == false) {
  156. // counter and counter history
  157.   require(DIR_WS_INCLUDES . 'counter.php');
  158. }
  159. // get customers unique IP that paypal does not touch
  160. $customers_ip_address = $_SERVER['REMOTE_ADDR'];
  161. if (!isset($_SESSION['customers_ip_address'])) {
  162.   $_SESSION['customers_ip_address'] = $customers_ip_address;
  163. }
  164.  


cron