function xtc_href_link_from_admin($page = '', $parameters = '', $connection = 'NONSSL', $add_session_id = true, $search_engine_safe = true)
{
global $request_type, $session_started, $http_domain, $https_domain;
require_once DIR_FS_INC . 'xtc_check_agent.inc.php';
if (!xtc_not_null($page)) {
die('</td></tr></table></td></tr></table><br /><br /><font color="#ff0000"><strong>Error!</strong></font><br /><br /><strong>Unable to determine the page link (' . $page . ')!<br /><br />');
}
if ($connection == 'NONSSL') {
$link = HTTP_SERVER . DIR_WS_CATALOG;
} elseif ($connection == 'SSL') {
//BOF - DokuMan - 2011-12-20 - fix ticket #88
if (defined('ENABLE_SSL_CATALOG') && ENABLE_SSL_CATALOG == 'true') {
$link = (defined('HTTPS_CATALOG_SERVER') ? HTTPS_CATALOG_SERVER : HTTP_CATALOG_SERVER) . DIR_WS_CATALOG;
//EOF - DokuMan - 2011-12-20 - fix ticket #88
} else {
$link = HTTP_SERVER . DIR_WS_CATALOG;
}
} else {
die('</td></tr></table></td></tr></table><br /><br /><font color="#ff0000"><strong>Error!</strong></font><br /><br /><strong>Unable to determine connection method on a link!<br /><br />Known methods: NONSSL SSL</strong><br /><br />');
}
if (xtc_not_null($parameters)) {
$link .= $page . '?' . $parameters;
$separator = '&';
} else {
$link .= $page;
$separator = '?';
}
while (substr($link, -1) == '&' || substr($link, -1) == '?') {
$link = substr($link, 0, -1);
}
// Add the session ID when moving from different HTTP and HTTPS servers, or when SID is defined
if ($add_session_id == true && $session_started == true && SESSION_FORCE_COOKIE_USE == 'False') {
if (defined('SID') && xtc_not_null(SID)) {
$sid = SID;
} elseif ($request_type == 'NONSSL' && $connection == 'SSL' && ENABLE_SSL == true || $request_type == 'SSL' && $connection == 'NONSSL') {
if ($http_domain != $https_domain) {
$sid = session_name() . '=' . session_id();
}
}
}
//--- SEO Hartmut König -----------------------------------------//
if ($_REQUEST['test'] || SEARCH_ENGINE_FRIENDLY_URLS == 'true' && $search_engine_safe == true) {
require_once DIR_FS_INC . 'shopstat_functions.inc.php';
$seolink = shopstat_getSEO($page, $parameters, $connection, $add_session_id, $search_engine_safe, 'admin');
if ($seolink) {
$link = $seolink;
$elements = parse_url($link);
isset($elements['query']) ? $separator = '&' : ($separator = '?');
}
}
//--- SEO Hartmut König -----------------------------------------//
if (xtc_check_agent() == 1) {
$sid = NULL;
}
if (isset($sid)) {
$link .= $separator . $sid;
}
return $link;
}
function xtc_update_whos_online()
{
$crawler = 0;
if (isset($_SESSION['customer_id'])) {
$wo_customer_id = (int) $_SESSION['customer_id'];
$customer_query = xtc_db_query("select\n customers_firstname,\n customers_lastname\n from " . TABLE_CUSTOMERS . "\n where customers_id = '" . $wo_customer_id . "'");
$customer = xtc_db_fetch_array($customer_query);
$wo_full_name = xtc_db_prepare_input($customer['customers_firstname'] . ' ' . $customer['customers_lastname']);
} else {
$wo_customer_id = '';
$crawler = xtc_check_agent();
if ($crawler !== 0) {
$wo_full_name = '[' . TEXT_SEARCH_ENGINE_AGENT . ']';
} else {
$wo_full_name = TEXT_GUEST;
}
}
if ($crawler !== 0) {
$wo_session_id = '';
} else {
$wo_session_id = xtc_session_id();
}
$wo_ip_address = xtc_db_prepare_input($_SESSION['tracking']['ip']);
$wo_last_page_url = xtc_db_prepare_input(strip_tags($_SERVER['REQUEST_URI']));
$wo_referer = xtc_db_prepare_input(isset($_SERVER['HTTP_REFERER']) ? strip_tags($_SERVER['HTTP_REFERER']) : '---');
$current_time = time();
$time_last_click = 900;
if (defined('WHOS_ONLINE_TIME_LAST_CLICK')) {
$time_last_click = (int) WHOS_ONLINE_TIME_LAST_CLICK;
}
$xx_mins_ago = time() - $time_last_click;
// remove entries that have expired
xtc_db_query("delete from " . TABLE_WHOS_ONLINE . " where time_last_click < '" . $xx_mins_ago . "'");
$stored_customer_query = xtc_db_query("select count(*) as count from " . TABLE_WHOS_ONLINE . " where session_id = '" . $wo_session_id . "'");
$stored_customer = xtc_db_fetch_array($stored_customer_query);
$sql_data_array = array('customer_id' => $wo_customer_id, 'full_name' => xtc_db_prepare_input($wo_full_name), 'ip_address' => $wo_ip_address, 'time_last_click' => $current_time, 'last_page_url' => $wo_last_page_url);
if ($stored_customer['count'] > 0) {
xtc_db_perform(TABLE_WHOS_ONLINE, $sql_data_array, 'update', "session_id = '" . $wo_session_id . "'");
} else {
$sql_data_array['time_entry'] = $current_time;
$sql_data_array['session_id'] = $wo_session_id;
$sql_data_array['http_referer'] = $wo_referer;
xtc_db_perform(TABLE_WHOS_ONLINE, $sql_data_array);
}
}
// start the session
$session_started = false;
if (SESSION_FORCE_COOKIE_USE == 'True') {
xtc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 30, '/', $current_domain);
if (isset($_COOKIE['cookie_test'])) {
session_start();
$session_started = true;
}
} else {
session_start();
$session_started = true;
}
include DIR_WS_INCLUDES . 'tracking.php';
// check the Agent
$truncate_session_id = false;
if (CHECK_CLIENT_AGENT && xtc_check_agent() == 1) {
$truncate_session_id = true;
}
// verify the ssl_session_id if the feature is enabled
if ($request_type == 'SSL' && SESSION_CHECK_SSL_SESSION_ID == 'True' && ENABLE_SSL == true && $session_started == true) {
$ssl_session_id = getenv('SSL_SESSION_ID');
if (!isset($_SESSION['SSL_SESSION_ID'])) {
$_SESSION['SESSION_SSL_ID'] = $ssl_session_id;
}
if ($_SESSION['SESSION_SSL_ID'] != $ssl_session_id) {
session_destroy();
xtc_redirect(xtc_href_link(FILENAME_SSL_CHECK));
}
}
// verify the browser user agent if the feature is enabled
if (SESSION_CHECK_USER_AGENT == 'True') {
