PageRenderTime 57ms CodeModel.GetById 25ms RepoModel.GetById 0ms app.codeStats 0ms

/public/includes/application_top.php

https://bitbucket.org/kritik/bemileo
PHP | 519 lines | 380 code | 71 blank | 68 comment | 151 complexity | 8779a2c6daca28f5e1c231c01e9684e5 MD5 | raw file
Possible License(s): BSD-3-Clause 
    

  1. <?php

    2. 

  2. /*

    3. 

  3.   $Id: application_top.php 1833 2008-01-30 22:03:30Z hpdl $

    4. 

  4. 

    5. 

  5.   osCommerce, Open Source E-Commerce Solutions

    6. 

  6.   http://www.oscommerce.com

    7. 

  7. 

    8. 

  8.   Copyright (c) 2008 osCommerce

    9. 

  9. 

    10. 

  10.   Released under the GNU General Public License

    11. 

  11. */

    12. 

  12.   define('MAX_DESCR_1','75'); //

    13. 

  13.   define('MAX_DESCR_2','794'); //

    14. 

  14.   define('MAX_DESCR_BESTS','18'); //

    15. 

  15.   define('MAX_DESCR_REVIEWS','75'); //

    16. 

  16.   define('MAX_DESCR_BOX','45'); //  

    17. 

  17. // customization for the design layout

    18. 

  18.   define('MAIN_TABLE', 'main_table'); // class name main table

    19. 

  19.   define('BOX_WIDTH_TD_LEFT', 'box_width_td_left'); // how wide the boxes should be in pixels (default: 125)

    20. 

  20.   define('BOX_WIDTH_TD_RIGHT', 'box_width_td_right'); // how wide the boxes should be in pixels (default: 125)

    21. 

  21.   define('CONTENT_WIDTH_TD', 'content_width_td'); // how wide the boxes should be in pixels (default: 125)

    22. 

  22. 

    23. 

  23.   define('BOX_WIDTH_LEFT', 'box_width_left'); // how wide the boxes should be in pixels (default: 125)

    24. 

  24.   define('BOX_WIDTH_RIGHT', 'box_width_right'); // how wide the boxes should be in pixels (default: 125)

    25. 

  25. // start the timer for the page parse time log

    26. 

  26.   define('PAGE_PARSE_START_TIME', microtime());

    27. 

  27. 

    28. 

  28. // set the level of error reporting

    29. 

  29.   error_reporting(E_ALL & ~E_NOTICE);

    30. 

  30. 

    31. 

  31. // check support for register_globals

    32. 

  32.   if (function_exists('ini_get') && (ini_get('register_globals') == false) && (PHP_VERSION < 4.3) ) {

    33. 

  33.     exit('Server Requirement Error: register_globals is disabled in your PHP configuration. This can be enabled in your php.ini configuration file or in the .htaccess file in your catalog directory. Please use PHP 4.3+ if register_globals cannot be enabled on the server.');

    34. 

  34.   }

    35. 

  35. 

    36. 

  36. // Set the local configuration parameters - mainly for developers

    37. 

  37.   if (file_exists('includes/local/configure.php')) include('includes/local/configure.php');

    38. 

  38. 

    39. 

  39. // include server parameters

    40. 

  40.   require('includes/configure.php');

    41. 

  41. 

    42. 

  42.   if (strlen(DB_SERVER) < 1) {

    43. 

  43.     if (is_dir('install')) {

    44. 

  44.       header('Location: install/index.php');

    45. 

  45.     }

    46. 

  46.   }

    47. 

  47. 

    48. 

  48. // define the project version

    49. 

  49.   define('PROJECT_VERSION', 'osCommerce Online Merchant v2.2 RC2a');

    50. 

  50. 

    51. 

  51. // some code to solve compatibility issues

    52. 

  52.   require(DIR_WS_FUNCTIONS . 'compatibility.php');

    53. 

  53. 

    54. 

  54. // set the type of request (secure or not)

    55. 

  55.   $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

    56. 

  56. 

    57. 

  57. // set php_self in the local scope

    58. 

  58.   if (!isset($PHP_SELF)) $PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF'];

    59. 

  59. 

    60. 

  60.   if ($request_type == 'NONSSL') {

    61. 

  61.     define('DIR_WS_CATALOG', DIR_WS_HTTP_CATALOG);

    62. 

  62.   } else {

    63. 

  63.     define('DIR_WS_CATALOG', DIR_WS_HTTPS_CATALOG);

    64. 

  64.   }

    65. 

  65. 

    66. 

  66. // include the list of project filenames

    67. 

  67.   require(DIR_WS_INCLUDES . 'filenames.php');

    68. 

  68. 

    69. 

  69. // include the list of project database tables

    70. 

  70.   require(DIR_WS_INCLUDES . 'database_tables.php');

    71. 

  71. 

    72. 

  72. // include the database functions

    73. 

  73.   require(DIR_WS_FUNCTIONS . 'database.php');

    74. 

  74. 

    75. 

  75. // make a connection to the database... now

    76. 

  76.   tep_db_connect() or die('Unable to connect to database server!');

    77. 

  77. 

    78. 

  78. // set the application parameters

    79. 

  79.   $configuration_query = tep_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION);

    80. 

  80.   while ($configuration = tep_db_fetch_array($configuration_query)) {

    81. 

  81.     define($configuration['cfgKey'], $configuration['cfgValue']);

    82. 

  82.   }

    83. 

  83. 

    84. 

  84. // if gzip_compression is enabled, start to buffer the output

    85. 

  85.   if ( (GZIP_COMPRESSION == 'true') && ($ext_zlib_loaded = extension_loaded('zlib')) && (PHP_VERSION >= '4') ) {

    86. 

  86.     if (($ini_zlib_output_compression = (int)ini_get('zlib.output_compression')) < 1) {

    87. 

  87.       if (PHP_VERSION >= '4.0.4') {

    88. 

  88.         ob_start('ob_gzhandler');

    89. 

  89.       } else {

    90. 

  90.         include(DIR_WS_FUNCTIONS . 'gzip_compression.php');

    91. 

  91.         ob_start();

    92. 

  92.         ob_implicit_flush();

    93. 

  93.       }

    94. 

  94.     } else {

    95. 

  95.       ini_set('zlib.output_compression_level', GZIP_LEVEL);

    96. 

  96.     }

    97. 

  97.   }

    98. 

  98. 

    99. 

  99. // set the HTTP GET parameters manually if search_engine_friendly_urls is enabled

    100. 

  100.   if (SEARCH_ENGINE_FRIENDLY_URLS == 'true') {

    101. 

  101.     if (strlen(getenv('PATH_INFO')) > 1) {

    102. 

  102.       $GET_array = array();

    103. 

  103.       $PHP_SELF = str_replace(getenv('PATH_INFO'), '', $PHP_SELF);

    104. 

  104.       $vars = explode('/', substr(getenv('PATH_INFO'), 1));

    105. 

  105.       for ($i=0, $n=sizeof($vars); $i<$n; $i++) {

    106. 

  106.         if (strpos($vars[$i], '[]')) {

    107. 

  107.           $GET_array[substr($vars[$i], 0, -2)][] = $vars[$i+1];

    108. 

  108.         } else {

    109. 

  109.           $HTTP_GET_VARS[$vars[$i]] = $vars[$i+1];

    110. 

  110.         }

    111. 

  111.         $i++;

    112. 

  112.       }

    113. 

  113. 

    114. 

  114.       if (sizeof($GET_array) > 0) {

    115. 

  115.         while (list($key, $value) = each($GET_array)) {

    116. 

  116.           $HTTP_GET_VARS[$key] = $value;

    117. 

  117.         }

    118. 

  118.       }

    119. 

  119.     }

    120. 

  120.   }

    121. 

  121. 

    122. 

  122. // define general functions used application-wide

    123. 

  123.   require(DIR_WS_FUNCTIONS . 'general.php');

    124. 

  124.   require(DIR_WS_FUNCTIONS . 'html_output.php');

    125. 

  125. 

    126. 

  126. // set the cookie domain

    127. 

  127.   $cookie_domain = (($request_type == 'NONSSL') ? HTTP_COOKIE_DOMAIN : HTTPS_COOKIE_DOMAIN);

    128. 

  128.   $cookie_path = (($request_type == 'NONSSL') ? HTTP_COOKIE_PATH : HTTPS_COOKIE_PATH);

    129. 

  129. 

    130. 

  130. // include cache functions if enabled

    131. 

  131.   if (USE_CACHE == 'true') include(DIR_WS_FUNCTIONS . 'cache.php');

    132. 

  132. 

    133. 

  133. // include shopping cart class

    134. 

  134.   require(DIR_WS_CLASSES . 'shopping_cart.php');

    135. 

  135. 

    136. 

  136. // include navigation history class

    137. 

  137.   require(DIR_WS_CLASSES . 'navigation_history.php');

    138. 

  138. 

    139. 

  139. // check if sessions are supported, otherwise use the php3 compatible session class

    140. 

  140.   if (!function_exists('session_start')) {

    141. 

  141.     define('PHP_SESSION_NAME', 'osCsid');

    142. 

  142.     define('PHP_SESSION_PATH', $cookie_path);

    143. 

  143.     define('PHP_SESSION_DOMAIN', $cookie_domain);

    144. 

  144.     define('PHP_SESSION_SAVE_PATH', SESSION_WRITE_DIRECTORY);

    145. 

  145. 

    146. 

  146.     include(DIR_WS_CLASSES . 'sessions.php');

    147. 

  147.   }

    148. 

  148. 

    149. 

  149. // define how the session functions will be used

    150. 

  150.   require(DIR_WS_FUNCTIONS . 'sessions.php');

    151. 

  151. 

    152. 

  152. // set the session name and save path

    153. 

  153.   tep_session_name('osCsid');

    154. 

  154.   tep_session_save_path(SESSION_WRITE_DIRECTORY);

    155. 

  155. 

    156. 

  156. // set the session cookie parameters

    157. 

  157.    if (function_exists('session_set_cookie_params')) {

    158. 

  158.     session_set_cookie_params(0, $cookie_path, $cookie_domain);

    159. 

  159.   } elseif (function_exists('ini_set')) {

    160. 

  160.     ini_set('session.cookie_lifetime', '0');

    161. 

  161.     ini_set('session.cookie_path', $cookie_path);

    162. 

  162.     ini_set('session.cookie_domain', $cookie_domain);

    163. 

  163.   }

    164. 

  164. 

    165. 

  165. // set the session ID if it exists

    166. 

  166.    if (isset($HTTP_POST_VARS[tep_session_name()])) {

    167. 

  167.      tep_session_id($HTTP_POST_VARS[tep_session_name()]);

    168. 

  168.    } elseif ( ($request_type == 'SSL') && isset($HTTP_GET_VARS[tep_session_name()]) ) {

    169. 

  169.      tep_session_id($HTTP_GET_VARS[tep_session_name()]);

    170. 

  170.    }

    171. 

  171. 

    172. 

  172. // start the session

    173. 

  173.   $session_started = false;

    174. 

  174.   if (SESSION_FORCE_COOKIE_USE == 'True') {

    175. 

  175.     tep_setcookie('cookie_test', 'please_accept_for_session', time()+60*60*24*30, $cookie_path, $cookie_domain);

    176. 

  176. 

    177. 

  177.     if (isset($HTTP_COOKIE_VARS['cookie_test'])) {

    178. 

  178.       tep_session_start();

    179. 

  179.       $session_started = true;

    180. 

  180.     }

    181. 

  181.   } elseif (SESSION_BLOCK_SPIDERS == 'True') {

    182. 

  182.     $user_agent = strtolower(getenv('HTTP_USER_AGENT'));

    183. 

  183.     $spider_flag = false;

    184. 

  184. 

    185. 

  185.     if (tep_not_null($user_agent)) {

    186. 

  186.       $spiders = file(DIR_WS_INCLUDES . 'spiders.txt');

    187. 

  187. 

    188. 

  188.       for ($i=0, $n=sizeof($spiders); $i<$n; $i++) {

    189. 

  189.         if (tep_not_null($spiders[$i])) {

    190. 

  190.           if (is_integer(strpos($user_agent, trim($spiders[$i])))) {

    191. 

  191.             $spider_flag = true;

    192. 

  192.             break;

    193. 

  193.           }

    194. 

  194.         }

    195. 

  195.       }

    196. 

  196.     }

    197. 

  197. 

    198. 

  198.     if ($spider_flag == false) {

    199. 

  199.       tep_session_start();

    200. 

  200.       $session_started = true;

    201. 

  201.     }

    202. 

  202.   } else {

    203. 

  203.     tep_session_start();

    204. 

  204.     $session_started = true;

    205. 

  205.   }

    206. 

  206. 

    207. 

  207.   if ( ($session_started == true) && (PHP_VERSION >= 4.3) && function_exists('ini_get') && (ini_get('register_globals') == false) ) {

    208. 

  208.     extract($_SESSION, EXTR_OVERWRITE+EXTR_REFS);

    209. 

  209.   }

    210. 

  210. 

    211. 

  211. // set SID once, even if empty

    212. 

  212.   $SID = (defined('SID') ? SID : '');

    213. 

  213. 

    214. 

  214. // verify the ssl_session_id if the feature is enabled

    215. 

  215.   if ( ($request_type == 'SSL') && (SESSION_CHECK_SSL_SESSION_ID == 'True') && (ENABLE_SSL == true) && ($session_started == true) ) {

    216. 

  216.     $ssl_session_id = getenv('SSL_SESSION_ID');

    217. 

  217.     if (!tep_session_is_registered('SSL_SESSION_ID')) {

    218. 

  218.       $SESSION_SSL_ID = $ssl_session_id;

    219. 

  219.       tep_session_register('SESSION_SSL_ID');

    220. 

  220.     }

    221. 

  221. 

    222. 

  222.     if ($SESSION_SSL_ID != $ssl_session_id) {

    223. 

  223.       tep_session_destroy();

    224. 

  224.       tep_redirect(tep_href_link(FILENAME_SSL_CHECK));

    225. 

  225.     }

    226. 

  226.   }

    227. 

  227. 

    228. 

  228. // verify the browser user agent if the feature is enabled

    229. 

  229.   if (SESSION_CHECK_USER_AGENT == 'True') {

    230. 

  230.     $http_user_agent = getenv('HTTP_USER_AGENT');

    231. 

  231.     if (!tep_session_is_registered('SESSION_USER_AGENT')) {

    232. 

  232.       $SESSION_USER_AGENT = $http_user_agent;

    233. 

  233.       tep_session_register('SESSION_USER_AGENT');

    234. 

  234.     }

    235. 

  235. 

    236. 

  236.     if ($SESSION_USER_AGENT != $http_user_agent) {

    237. 

  237.       tep_session_destroy();

    238. 

  238.       tep_redirect(tep_href_link(FILENAME_LOGIN));

    239. 

  239.     }

    240. 

  240.   }

    241. 

  241. 

    242. 

  242. // verify the IP address if the feature is enabled

    243. 

  243.   if (SESSION_CHECK_IP_ADDRESS == 'True') {

    244. 

  244.     $ip_address = tep_get_ip_address();

    245. 

  245.     if (!tep_session_is_registered('SESSION_IP_ADDRESS')) {

    246. 

  246.       $SESSION_IP_ADDRESS = $ip_address;

    247. 

  247.       tep_session_register('SESSION_IP_ADDRESS');

    248. 

  248.     }

    249. 

  249. 

    250. 

  250.     if ($SESSION_IP_ADDRESS != $ip_address) {

    251. 

  251.       tep_session_destroy();

    252. 

  252.       tep_redirect(tep_href_link(FILENAME_LOGIN));

    253. 

  253.     }

    254. 

  254.   }

    255. 

  255. 

    256. 

  256. // create the shopping cart & fix the cart if necesary

    257. 

  257.   if (tep_session_is_registered('cart') && is_object($cart)) {

    258. 

  258.     if (PHP_VERSION < 4) {

    259. 

  259.       $broken_cart = $cart;

    260. 

  260.       $cart = new shoppingCart;

    261. 

  261.       $cart->unserialize($broken_cart);

    262. 

  262.     }

    263. 

  263.   } else {

    264. 

  264.     tep_session_register('cart');

    265. 

  265.     $cart = new shoppingCart;

    266. 

  266.   }

    267. 

  267. 

    268. 

  268. // include currencies class and create an instance

    269. 

  269.   require(DIR_WS_CLASSES . 'currencies.php');

    270. 

  270.   $currencies = new currencies();

    271. 

  271. 

    272. 

  272. // include the mail classes

    273. 

  273.   require(DIR_WS_CLASSES . 'mime.php');

    274. 

  274.   require(DIR_WS_CLASSES . 'email.php');

    275. 

  275. 

    276. 

  276. // set the language

    277. 

  277.   if (!tep_session_is_registered('language') || isset($HTTP_GET_VARS['language'])) {

    278. 

  278.     if (!tep_session_is_registered('language')) {

    279. 

  279.       tep_session_register('language');

    280. 

  280.       tep_session_register('languages_id');

    281. 

  281.     }

    282. 

  282. 

    283. 

  283.     include(DIR_WS_CLASSES . 'language.php');

    284. 

  284.     $lng = new language();

    285. 

  285. 

    286. 

  286.     if (isset($HTTP_GET_VARS['language']) && tep_not_null($HTTP_GET_VARS['language'])) {

    287. 

  287.       $lng->set_language($HTTP_GET_VARS['language']);

    288. 

  288.     } else {

    289. 

  289.       $lng->get_browser_language();

    290. 

  290.     }

    291. 

  291. 

    292. 

  292.     $language = $lng->language['directory'];

    293. 

  293.     $languages_id = $lng->language['id'];

    294. 

  294.   }

    295. 

  295. 

    296. 

  296. // include the language translations

    297. 

  297.   require(DIR_WS_LANGUAGES . $language . '.php');

    298. 

  298. 

    299. 

  299. // currency

    300. 

  300.   if (!tep_session_is_registered('currency') || isset($HTTP_GET_VARS['currency']) || ( (USE_DEFAULT_LANGUAGE_CURRENCY == 'true') && (LANGUAGE_CURRENCY != $currency) ) ) {

    301. 

  301.     if (!tep_session_is_registered('currency')) tep_session_register('currency');

    302. 

  302. 

    303. 

  303.     if (isset($HTTP_GET_VARS['currency']) && $currencies->is_set($HTTP_GET_VARS['currency'])) {

    304. 

  304.       $currency = $HTTP_GET_VARS['currency'];

    305. 

  305.     } else {

    306. 

  306.       $currency = (USE_DEFAULT_LANGUAGE_CURRENCY == 'true') ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY;

    307. 

  307.     }

    308. 

  308.   }

    309. 

  309. 

    310. 

  310. // navigation history

    311. 

  311.   if (tep_session_is_registered('navigation')) {

    312. 

  312.     if (PHP_VERSION < 4) {

    313. 

  313.       $broken_navigation = $navigation;

    314. 

  314.       $navigation = new navigationHistory;

    315. 

  315.       $navigation->unserialize($broken_navigation);

    316. 

  316.     }

    317. 

  317.   } else {

    318. 

  318.     tep_session_register('navigation');

    319. 

  319.     $navigation = new navigationHistory;

    320. 

  320.   }

    321. 

  321.   $navigation->add_current_page();

    322. 

  322. 

    323. 

  323. // Shopping cart actions

    324. 

  324.   if (isset($HTTP_GET_VARS['action'])) {

    325. 

  325. // redirect the customer to a friendly cookie-must-be-enabled page if cookies are disabled

    326. 

  326.     if ($session_started == false) {

    327. 

  327.       tep_redirect(tep_href_link(FILENAME_COOKIE_USAGE));

    328. 

  328.     }

    329. 

  329. 

    330. 

  330.     if (DISPLAY_CART == 'true') {

    331. 

  331.       $goto =  FILENAME_SHOPPING_CART;

    332. 

  332.       $parameters = array('action', 'cPath', 'products_id', 'pid');

    333. 

  333.     } else {

    334. 

  334.       $goto = basename($PHP_SELF);

    335. 

  335.       if ($HTTP_GET_VARS['action'] == 'buy_now') {

    336. 

  336.         $parameters = array('action', 'pid', 'products_id');

    337. 

  337.       } else {

    338. 

  338.         $parameters = array('action', 'pid');

    339. 

  339.       }

    340. 

  340.     }

    341. 

  341.     switch ($HTTP_GET_VARS['action']) {

    342. 

  342.       // customer wants to update the product quantity in their shopping cart

    343. 

  343.       case 'update_product' : for ($i=0, $n=sizeof($HTTP_POST_VARS['products_id']); $i<$n; $i++) {

    344. 

  344.                                 if (in_array($HTTP_POST_VARS['products_id'][$i], (is_array($HTTP_POST_VARS['cart_delete']) ? $HTTP_POST_VARS['cart_delete'] : array()))) {

    345. 

  345.                                   $cart->remove($HTTP_POST_VARS['products_id'][$i]);

    346. 

  346.                                 } else {

    347. 

  347.                                   if (PHP_VERSION < 4) {

    348. 

  348.                                     // if PHP3, make correction for lack of multidimensional array.

    349. 

  349.                                     reset($HTTP_POST_VARS);

    350. 

  350.                                     while (list($key, $value) = each($HTTP_POST_VARS)) {

    351. 

  351.                                       if (is_array($value)) {

    352. 

  352.                                         while (list($key2, $value2) = each($value)) {

    353. 

  353.                                           if (ereg ("(.*)\]\[(.*)", $key2, $var)) {

    354. 

  354.                                             $id2[$var[1]][$var[2]] = $value2;

    355. 

  355.                                           }

    356. 

  356.                                         }

    357. 

  357.                                       }

    358. 

  358.                                     }

    359. 

  359.                                     $attributes = ($id2[$HTTP_POST_VARS['products_id'][$i]]) ? $id2[$HTTP_POST_VARS['products_id'][$i]] : '';

    360. 

  360.                                   } else {

    361. 

  361.                                     $attributes = ($HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]]) ? $HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]] : '';

    362. 

  362.                                   }

    363. 

  363.                                   $cart->add_cart($HTTP_POST_VARS['products_id'][$i], $HTTP_POST_VARS['cart_quantity'][$i], $attributes, false);

    364. 

  364.                                 }

    365. 

  365.                               }

    366. 

  366.                               tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));

    367. 

  367.                               break;

    368. 

  368.       // customer adds a product from the products page

    369. 

  369.       case 'add_product' :    if (isset($HTTP_POST_VARS['products_id']) && is_numeric($HTTP_POST_VARS['products_id'])) {

    370. 

  370.                                 $cart->add_cart($HTTP_POST_VARS['products_id'], $cart->get_quantity(tep_get_uprid($HTTP_POST_VARS['products_id'], $HTTP_POST_VARS['id']))+1, $HTTP_POST_VARS['id']);

    371. 

  371.                               }

    372. 

  372.                               tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));

    373. 

  373.                               break;

    374. 

  374.       // performed by the 'buy now' button in product listings and review page

    375. 

  375.       case 'buy_now' :        if (isset($HTTP_GET_VARS['products_id'])) {

    376. 

  376.                                 if (tep_has_product_attributes($HTTP_GET_VARS['products_id'])) {

    377. 

  377.                                   tep_redirect(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['products_id']));

    378. 

  378.                                 } else {

    379. 

  379.                                   $cart->add_cart($HTTP_GET_VARS['products_id'], $cart->get_quantity($HTTP_GET_VARS['products_id'])+1);

    380. 

  380.                                 }

    381. 

  381.                               }

    382. 

  382.                               tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));

    383. 

  383.                               break;

    384. 

  384.       case 'notify' :         if (tep_session_is_registered('customer_id')) {

    385. 

  385.                                 if (isset($HTTP_GET_VARS['products_id'])) {

    386. 

  386.                                   $notify = $HTTP_GET_VARS['products_id'];

    387. 

  387.                                 } elseif (isset($HTTP_GET_VARS['notify'])) {

    388. 

  388.                                   $notify = $HTTP_GET_VARS['notify'];

    389. 

  389.                                 } elseif (isset($HTTP_POST_VARS['notify'])) {

    390. 

  390.                                   $notify = $HTTP_POST_VARS['notify'];

    391. 

  391.                                 } else {

    392. 

  392.                                   tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action', 'notify'))));

    393. 

  393.                                 }

    394. 

  394.                                 if (!is_array($notify)) $notify = array($notify);

    395. 

  395.                                 for ($i=0, $n=sizeof($notify); $i<$n; $i++) {

    396. 

  396.                                   $check_query = tep_db_query("select count(*) as count from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . $notify[$i] . "' and customers_id = '" . $customer_id . "'");

    397. 

  397.                                   $check = tep_db_fetch_array($check_query);

    398. 

  398.                                   if ($check['count'] < 1) {

    399. 

  399.                                     tep_db_query("insert into " . TABLE_PRODUCTS_NOTIFICATIONS . " (products_id, customers_id, date_added) values ('" . $notify[$i] . "', '" . $customer_id . "', now())");

    400. 

  400.                                   }

    401. 

  401.                                 }

    402. 

  402.                                 tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action', 'notify'))));

    403. 

  403.                               } else {

    404. 

  404.                                 $navigation->set_snapshot();

    405. 

  405.                                 tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));

    406. 

  406.                               }

    407. 

  407.                               break;

    408. 

  408.       case 'notify_remove' :  if (tep_session_is_registered('customer_id') && isset($HTTP_GET_VARS['products_id'])) {

    409. 

  409.                                 $check_query = tep_db_query("select count(*) as count from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . $HTTP_GET_VARS['products_id'] . "' and customers_id = '" . $customer_id . "'");

    410. 

  410.                                 $check = tep_db_fetch_array($check_query);

    411. 

  411.                                 if ($check['count'] > 0) {

    412. 

  412.                                   tep_db_query("delete from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . $HTTP_GET_VARS['products_id'] . "' and customers_id = '" . $customer_id . "'");

    413. 

  413.                                 }

    414. 

  414.                                 tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action'))));

    415. 

  415.                               } else {

    416. 

  416.                                 $navigation->set_snapshot();

    417. 

  417.                                 tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));

    418. 

  418.                               }

    419. 

  419.                               break;

    420. 

  420.       case 'cust_order' :     if (tep_session_is_registered('customer_id') && isset($HTTP_GET_VARS['pid'])) {

    421. 

  421.                                 if (tep_has_product_attributes($HTTP_GET_VARS['pid'])) {

    422. 

  422.                                   tep_redirect(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['pid']));

    423. 

  423.                                 } else {

    424. 

  424.                                   $cart->add_cart($HTTP_GET_VARS['pid'], $cart->get_quantity($HTTP_GET_VARS['pid'])+1);

    425. 

  425.                                 }

    426. 

  426.                               }

    427. 

  427.                               tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));

    428. 

  428.                               break;

    429. 

  429.     }

    430. 

  430.   }

    431. 

  431. 

    432. 

  432. // include the who's online functions

    433. 

  433.   require(DIR_WS_FUNCTIONS . 'whos_online.php');

    434. 

  434.   tep_update_whos_online();

    435. 

  435. 

    436. 

  436. // include the password crypto functions

    437. 

  437.   require(DIR_WS_FUNCTIONS . 'password_funcs.php');

    438. 

  438. 

    439. 

  439. // include validation functions (right now only email address)

    440. 

  440.   require(DIR_WS_FUNCTIONS . 'validations.php');

    441. 

  441. 

    442. 

  442. // split-page-results

    443. 

  443.   require(DIR_WS_CLASSES . 'split_page_results.php');

    444. 

  444. 

    445. 

  445. // infobox

    446. 

  446.   require(DIR_WS_CLASSES . 'boxes.php');

    447. 

  447. 

    448. 

  448. // auto activate and expire banners

    449. 

  449.   require(DIR_WS_FUNCTIONS . 'banner.php');

    450. 

  450.   tep_activate_banners();

    451. 

  451.   tep_expire_banners();

    452. 

  452. 

    453. 

  453. // auto expire special products

    454. 

  454.   require(DIR_WS_FUNCTIONS . 'specials.php');

    455. 

  455.   tep_expire_specials();

    456. 

  456. 

    457. 

  457. // calculate category path

    458. 

  458.   if (isset($HTTP_GET_VARS['cPath'])) {

    459. 

  459.     $cPath = $HTTP_GET_VARS['cPath'];

    460. 

  460.   } elseif (isset($HTTP_GET_VARS['products_id']) && !isset($HTTP_GET_VARS['manufacturers_id'])) {

    461. 

  461.     $cPath = tep_get_product_path($HTTP_GET_VARS['products_id']);

    462. 

  462.   } else {

    463. 

  463.     $cPath = '';

    464. 

  464.   }

    465. 

  465. 

    466. 

  466.   if (tep_not_null($cPath)) {

    467. 

  467.     $cPath_array = tep_parse_category_path($cPath);

    468. 

  468.     $cPath = implode('_', $cPath_array);

    469. 

  469.     $current_category_id = $cPath_array[(sizeof($cPath_array)-1)];

    470. 

  470.   } else {

    471. 

  471.     $current_category_id = 0;

    472. 

  472.   }

    473. 

  473. 

    474. 

  474. // include the breadcrumb class and start the breadcrumb trail

    475. 

  475.   require(DIR_WS_CLASSES . 'breadcrumb.php');

    476. 

  476.   $breadcrumb = new breadcrumb;

    477. 

  477. 

    478. 

  478.   $breadcrumb->add(HEADER_TITLE_TOP, HTTP_SERVER);

    479. 

  479.   $breadcrumb->add(HEADER_TITLE_CATALOG, tep_href_link(FILENAME_DEFAULT));

    480. 

  480. 

    481. 

  481. // add category names or the manufacturer name to the breadcrumb trail

    482. 

  482.   if (isset($cPath_array)) {

    483. 

  483.     for ($i=0, $n=sizeof($cPath_array); $i<$n; $i++) {

    484. 

  484.       $categories_query = tep_db_query("select categories_name from " . TABLE_CATEGORIES_DESCRIPTION . " where categories_id = '" . (int)$cPath_array[$i] . "' and language_id = '" . (int)$languages_id . "'");

    485. 

  485.       if (tep_db_num_rows($categories_query) > 0) {

    486. 

  486.         $categories = tep_db_fetch_array($categories_query);

    487. 

  487.         $breadcrumb->add($categories['categories_name'], tep_href_link(FILENAME_DEFAULT, 'cPath=' . implode('_', array_slice($cPath_array, 0, ($i+1)))));

    488. 

  488.       } else {

    489. 

  489.         break;

    490. 

  490.       }

    491. 

  491.     }

    492. 

  492.   } elseif (isset($HTTP_GET_VARS['manufacturers_id'])) {

    493. 

  493.     $manufacturers_query = tep_db_query("select manufacturers_name from " . TABLE_MANUFACTURERS . " where manufacturers_id = '" . (int)$HTTP_GET_VARS['manufacturers_id'] . "'");

    494. 

  494.     if (tep_db_num_rows($manufacturers_query)) {

    495. 

  495.       $manufacturers = tep_db_fetch_array($manufacturers_query);

    496. 

  496.       $breadcrumb->add($manufacturers['manufacturers_name'], tep_href_link(FILENAME_DEFAULT, 'manufacturers_id=' . $HTTP_GET_VARS['manufacturers_id']));

    497. 

  497.     }

    498. 

  498.   }

    499. 

  499. 

    500. 

  500. // add the products model to the breadcrumb trail

    501. 

  501.   if (isset($HTTP_GET_VARS['products_id'])) {

    502. 

  502.     $model_query = tep_db_query("select products_model from " . TABLE_PRODUCTS . " where products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "'");

    503. 

  503.     if (tep_db_num_rows($model_query)) {

    504. 

  504.       $model = tep_db_fetch_array($model_query);

    505. 

  505.       $breadcrumb->add($model['products_model'], tep_href_link(FILENAME_PRODUCT_INFO, 'cPath=' . $cPath . '&products_id=' . $HTTP_GET_VARS['products_id']));

    506. 

  506.     }

    507. 

  507.   }

    508. 

  508. 

    509. 

  509. // initialize the message stack for output messages

    510. 

  510.   require(DIR_WS_CLASSES . 'message_stack.php');

    511. 

  511.   $messageStack = new messageStack;

    512. 

  512. 

    513. 

  513. // set which precautions should be checked

    514. 

  514.   define('WARN_INSTALL_EXISTENCE', 'true');

    515. 

  515.   define('WARN_CONFIG_WRITEABLE', 'true');

    516. 

  516.   define('WARN_SESSION_DIRECTORY_NOT_WRITEABLE', 'true');

    517. 

  517.   define('WARN_SESSION_AUTO_START', 'true');

    518. 

  518.   define('WARN_DOWNLOAD_DIRECTORY_NOT_READABLE', 'true');

    519. 

  519. ?>

    520. 

  520.