[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
Zen Cart 源代码 application_top.php

Zen Cart 源代码 application_top.php




下载文件

文件名: application_top.php
文件类型: PHP文件
文件大小: 6.7 KiB
MD5: 3935173a3123a580a58d87e883c9779b

application_top.php - 关闭高亮
  1. <?php
  2. /**
  3.  * application_top.php Common actions carried out at the start of each page invocation.
  4.  *
  5.  * Initializes common classes & methods. Controlled by an array which describes
  6.  * the elements to be initialised and the order in which that happens.
  7.  * see {@link  http://www.zen-cart.com/wiki/index.php/Developers_API_Tutorials#InitSystem wikitutorials} for more details.
  8.  *
  9.  * @package initSystem
  10.  * @copyright Copyright 2003-2012 Zen Cart Development Team
  11.  * @copyright Portions Copyright 2003 osCommerce
  12.  * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
  13.  * @version GIT: $Id: Author: DrByte  Fri Jul 6 11:57:44 2012 -0400 Modified in v1.5.1 $
  14.  */
  15. /**
  16.  * inoculate against hack attempts which waste CPU cycles
  17.  */
  18. $contaminated = (isset($_FILES['GLOBALS']) || isset($_REQUEST['GLOBALS'])) ? true : false;
  19. $paramsToAvoid = array('GLOBALS', '_COOKIE', '_ENV', '_FILES', '_GET', '_POST', '_REQUEST', '_SERVER', '_SESSION', 'HTTP_COOKIE_VARS', 'HTTP_ENV_VARS', 'HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_POST_FILES', 'HTTP_RAW_POST_DATA', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS');
  20. $paramsToAvoid[] = 'autoLoadConfig';
  21. $paramsToAvoid[] = 'mosConfig_absolute_path';
  22. $paramsToAvoid[] = 'hash';
  23. $paramsToAvoid[] = 'main';
  24. foreach($paramsToAvoid as $key) {
  25.   if (isset($_GET[$key]) || isset($_POST[$key]) || isset($_COOKIE[$key])) {
  26.     $contaminated = true;
  27.     break;
  28.   }
  29. }
  30. $paramsToCheck = array('main_page', 'cPath', 'products_id', 'language', 'currency', 'action', 'manufacturers_id', 'pID', 'pid', 'reviews_id', 'filter_id', 'zenid', 'sort', 'number_of_uploads', 'notify', 'page_holder', 'chapter', 'alpha_filter_id', 'typefilter', 'disp_order', 'id', 'key', 'music_genre_id', 'record_company_id', 'set_session_login', 'faq_item', 'edit', 'delete', 'search_in_description', 'dfrom', 'pfrom', 'dto', 'pto', 'inc_subcat', 'payment_error', 'order', 'gv_no', 'pos', 'addr', 'error', 'count', 'error_message', 'info_message', 'cID', 'page', 'credit_class_error_code');
  31. if (!$contaminated) {
  32.   foreach($paramsToCheck as $key) {
  33.     if (isset($_GET[$key]) && !is_array($_GET[$key])) {
  34.       if (substr($_GET[$key], 0, 4) == 'http' || strstr($_GET[$key], '//')) {
  35.         $contaminated = true;
  36.         break;
  37.       }
  38.       if (isset($_GET[$key]) && strlen($_GET[$key]) > 43) {
  39.         $contaminated = true;
  40.         break;
  41.       }
  42.     }
  43.   }
  44. }
  45. unset($paramsToCheck, $paramsToAvoid, $key);
  46. if ($contaminated)
  47. {
  48.   header('HTTP/1.1 406 Not Acceptable');
  49.   exit(0);
  50. }
  51. unset($contaminated);
  52. /* *** END OF INNOCULATION *** */
  53. /**
  54.  * boolean used to see if we are in the admin script, obviously set to false here.
  55.  */
  56. define('IS_ADMIN_FLAG', false);
  57. /**
  58.  * integer saves the time at which the script started.
  59.  */
  60. define('PAGE_PARSE_START_TIME', microtime());
  61. //  define('DISPLAY_PAGE_PARSE_TIME', 'true');
  62. @ini_set("arg_separator.output","&");
  63. /**
  64.  * Set the local configuration parameters - mainly for developers
  65.  */
  66. if (file_exists('includes/local/configure.php')) {
  67.   /**
  68.    * load any local(user created) configure file.
  69.    */
  70.   include('includes/local/configure.php');
  71. }
  72. /**
  73.  * boolean if true the autoloader scripts will be parsed and their output shown. For debugging purposes only.
  74.  */
  75. define('DEBUG_AUTOLOAD', false);
  76. /**
  77.  * set the level of error reporting
  78.  *
  79.  * Note STRICT_ERROR_REPORTING should never be set to true on a production site. <br />
  80.  * It is mainly there to show php warnings during testing/bug fixing phases.<br />
  81.  */
  82. if (defined('STRICT_ERROR_REPORTING') && STRICT_ERROR_REPORTING == true) {
  83.   @ini_set('display_errors', TRUE);
  84.   error_reporting(version_compare(PHP_VERSION, 5.3, '>=') ? E_ALL & ~E_DEPRECATED & ~E_NOTICE : version_compare(PHP_VERSION, 5.4, '>=') ? E_ALL & ~E_DEPRECATED & ~E_NOTICE & ~E_STRICT : E_ALL & ~E_NOTICE);
  85. } else {
  86. }
  87. /*
  88.  * turn off magic-quotes support, for both runtime and sybase, as both will cause problems if enabled
  89.  */
  90. if (version_compare(PHP_VERSION, 5.3, '<') && function_exists('set_magic_quotes_runtime')) set_magic_quotes_runtime(0);
  91. if (version_compare(PHP_VERSION, 5.4, '<') && @ini_get('magic_quotes_sybase') != 0) @ini_set('magic_quotes_sybase', 0);
  92. /**
  93.  * check for and include load application parameters
  94.  */
  95. if (file_exists('includes/configure.php')) {
  96.   /**
  97.    * load the main configure file.
  98.    */
  99.   include('includes/configure.php');
  100. } else {
  101.   $problemString = 'includes/configure.php not found';
  102.   require('includes/templates/template_default/templates/tpl_zc_install_suggested_default.php');
  103.   exit;
  104. }
  105. /**
  106.  * if main configure file doesn't contain valid info (ie: is dummy or doesn't match filestructure, display assistance page to suggest running the installer)
  107.  */
  108. if (!defined('DIR_FS_CATALOG') || !is_dir(DIR_FS_CATALOG.'/includes/classes')) {
  109.   $problemString = 'includes/configure.php file contents invalid.  ie: DIR_FS_CATALOG not valid or not set';
  110.   require('includes/templates/template_default/templates/tpl_zc_install_suggested_default.php');
  111.   exit;
  112. }
  113. /**
  114.  * include the list of extra configure files
  115.  */
  116. if ($za_dir = @dir(DIR_WS_INCLUDES . 'extra_configures')) {
  117.   while ($zv_file = $za_dir->read()) {
  118.     if (preg_match('~^[^\._].*\.php$~i', $zv_file) > 0) {
  119.       /**
  120.        * load any user/contribution specific configuration files.
  121.        */
  122.       include(DIR_WS_INCLUDES . 'extra_configures/' . $zv_file);
  123.     }
  124.   }
  125.   $za_dir->close();
  126.   unset($za_dir);
  127. }
  128. $autoLoadConfig = array();
  129. if (isset($loaderPrefix)) {
  130.  $loaderPrefix = preg_replace('/[^a-z_]/', '', $loaderPrefix);
  131. } else {
  132.   $loaderPrefix = 'config';
  133. }
  134. $loader_file = $loaderPrefix . '.core.php';
  135. require('includes/initsystem.php');
  136. /**
  137.  * determine install status
  138.  */
  139. if (( (!file_exists('includes/configure.php') && !file_exists('includes/local/configure.php')) ) || (DB_TYPE == '') || (!file_exists('includes/classes/db/' .DB_TYPE . '/query_factory.php')) || !file_exists('includes/autoload_func.php')) {
  140.   $problemString = 'includes/configure.php file empty or file not found, OR wrong DB_TYPE set, OR cannot find includes/autoload_func.php which suggests paths are wrong or files were not uploaded correctly';
  141.   require('includes/templates/template_default/templates/tpl_zc_install_suggested_default.php');
  142.   header('location: zc_install/index.php');
  143.   exit;
  144. }
  145. /**
  146.  * load the autoloader interpreter code.
  147. */
  148. require('includes/autoload_func.php');
  149. /**
  150.  * load the counter code
  151. **/
  152. if ($spider_flag == false) {
  153. // counter and counter history
  154.   require(DIR_WS_INCLUDES . 'counter.php');
  155. }
  156. // get customers unique IP that paypal does not touch
  157. $customers_ip_address = $_SERVER['REMOTE_ADDR'];
  158. if (!isset($_SESSION['customers_ip_address'])) {
  159.   $_SESSION['customers_ip_address'] = $customers_ip_address;
  160. }
  161.  


cron