function oos_copy_uploaded_file($filename, $target) { if (substr($target, -1) != '/') $target .= '/'; if (OOS_RANDOM_PICTURE_NAME == '1') { $picture_tempname = oos_get_random_picture_name(26); $picture_tempname .= '.'; $picture_tempname .= MyOOS_Utilities::getFileExtension($filename['name']); } else { $picture_tempname = $filename['name']; } $picture_name = oos_str_strip_all($picture_tempname); // Big Image // path for big image: $target_big = $target . OOS_POPUP_IMAGES; // If !path make it, if you have problems remove the line // if (!is_dir($target_big)) mkdir($target_big,0777); // Resize Big image $target_big .= $picture_name; if (OOS_WATERMARK == '1') { oos_watermark ($filename['tmp_name'], $target_big, OOS_WATERMARK_QUALITY); } else { if (OOS_BIGIMAGE_WIDTH || OOS_BIGIMAGE_HEIGHT ) { oos_resize_image($filename['tmp_name'], $target_big, OOS_BIGIMAGE_WIDTH, OOS_BIGIMAGE_HEIGHT, OOS_BIGIMAGE_WAY_OF_RESIZE); } else { copy($filename['tmp_name'], $target_big); } } $target_small = $target . $picture_name; oos_resize_image($filename['tmp_name'], $target_small, OOS_SMALL_IMAGE_WIDTH, OOS_SMALL_IMAGE_HEIGHT, OOS_SMALLIMAGE_WAY_OF_RESIZE); return $picture_name; }
function create_plugin_instance() { global $request_type, $spider_flag, $spider_kill_sid; $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); $spider_flag = false; $spider_kill_sid = '0'; // set the top level domains $http_domain = oos_server_get_top_level_domain(OOS_HTTP_SERVER); $https_domain = oos_server_get_top_level_domain(OOS_HTTPS_SERVER); $current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain); // set the session cookie parameters if (function_exists('session_set_cookie_params')) { session_set_cookie_params(0, '/', (!empty($current_domain) ? '.' . $current_domain : '')); } elseif (function_exists('ini_set')) { ini_set('session.cookie_lifetime', '0'); ini_set('session.cookie_path', '/'); ini_set('session.cookie_domain', (!empty($current_domain) ? '.' . $current_domain : '')); } // set the session ID if it exists if (isset($_POST[oos_session_name()]) && (ctype_alnum($_POST[oos_session_name()]))) { oos_session_id($_POST[oos_session_name()]); } elseif (isset($_GET[oos_session_name()]) && (ctype_alnum($_GET[oos_session_name()]))) { oos_session_id($_GET[oos_session_name()]); } if (empty($user_agent) === false) { $spider_agent = @parse_ini_file('includes/ini/spiders.ini'); foreach ($spider_agent as $spider) { if (empty($spider) === false) { if (strpos($user_agent, trim($spider)) !== false) { $spider_kill_sid = '1'; $spider_flag = true; break; } } } } if ($spider_flag === false) { if (!defined('MYOOS_SESSION_NAME')) { define('MYOOS_SESSION_NAME', 'MYOOS_SESSID'); } @ini_set('session.name', MYOOS_SESSION_NAME); if(ini_get('session.save_handler') == 'user') { @ini_set('session.save_handler', 'files'); @ini_set('session.save_path', ''); } if(ini_get('session.save_handler') == 'files') { $sessionPath = ini_get('session.save_path'); if (preg_match('/^[0-9]+;(.*)/', $sessionPath, $matches)) { $sessionPath = $matches[1]; } if (ini_get('safe_mode') || ini_get('open_basedir') || empty($sessionPath) || !@is_writable($sessionPath)) { $sessionPath = MYOOS_USER_PATH . '/tmp/sessions'; @ini_set('session.save_path', $sessionPath); if (!is_dir($sessionPath)) { @mkdir($sessionPath, 0755, true); if (!is_dir($sessionPath)) { die("Error: Unable to mkdir $sessionPath"); } } elseif (!@is_writable($sessionPath)) { die("Error: $sessionPath is not writable"); } } } // lets start our session oos_session_start(); } if (!isset($_SESSION)) { $_SESSION = array(); } // create the shopping cart if (!isset($_SESSION['cart'])) { $_SESSION['cart'] = new shoppingCart; } // navigation history if (!isset($_SESSION['navigation'])) { $_SESSION['navigation'] = new oosNavigationHistory; } $aPages = oos_get_pages(); // verify the browser user agent $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; if (!isset($_SESSION['session_user_agent'])) { $_SESSION['session_user_agent'] = $http_user_agent; } if ($_SESSION['session_user_agent'] != $http_user_agent) { unset($_SESSION['customer_id']); unset($_SESSION['session_user_agent']); $_SESSION['cart']->reset(); $_SESSION['member']->default_member(); MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } // verify the IP address if (!isset($_SESSION['session_ip_address'])) { $_SESSION['session_ip_address'] = MyOOS_Utilities::getRemoteHostAddress(); } if ($_SESSION['session_ip_address'] != MyOOS_Utilities::getRemoteHostAddress()) { unset($_SESSION['customer_id']); unset($_SESSION['session_ip_address']); $_SESSION['cart']->reset(); $_SESSION['member']->default_member(); MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } return true; }
function create_plugin_instance() { global $request_type, $spider_flag, $spider_kill_sid; $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); $spider_flag = false; $spider_kill_sid = '0'; // set the top level domains $http_domain = oos_server_get_top_level_domain(OOS_HTTP_SERVER); $https_domain = oos_server_get_top_level_domain(OOS_HTTPS_SERVER); $current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain); // set the session cookie parameters if (function_exists('session_set_cookie_params')) { session_set_cookie_params(0, '/', (!empty($current_domain) ? '.' . $current_domain : '')); } elseif (function_exists('ini_set')) { ini_set('session.cookie_lifetime', '0'); ini_set('session.cookie_path', '/'); ini_set('session.cookie_domain', (!empty($current_domain) ? '.' . $current_domain : '')); } // set the session ID if it exists if (isset($_POST[oos_session_name()]) && (ctype_alnum($_POST[oos_session_name()]))) { oos_session_id($_POST[oos_session_name()]); } elseif (isset($_GET[oos_session_name()]) && (ctype_alnum($_GET[oos_session_name()]))) { oos_session_id($_GET[oos_session_name()]); } if (empty($user_agent) === false) { $spider_agent = @parse_ini_file('includes/ini/spiders.ini'); foreach ($spider_agent as $spider) { if (empty($spider) === false) { if (strpos($user_agent, trim($spider)) !== false) { $spider_kill_sid = '1'; $spider_flag = true; break; } } } } if ($spider_flag === false) { // lets start our session oos_session_start(); } if (!isset($_SESSION)) { $_SESSION = array(); } // create the shopping cart if (!isset($_SESSION['cart'])) { $_SESSION['cart'] = new shoppingCart; } // navigation history if (!isset($_SESSION['navigation'])) { $_SESSION['navigation'] = new oosNavigationHistory; } if (!isset($_SESSION['error_cart_msg'])) { $_SESSION['error_cart_msg'] = ''; } $aPages = oos_get_pages(); // verify the browser user agent $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; if (!isset($_SESSION['session_user_agent'])) { $_SESSION['session_user_agent'] = $http_user_agent; } if ($_SESSION['session_user_agent'] != $http_user_agent) { unset($_SESSION['customer_id']); unset($_SESSION['session_user_agent']); $_SESSION['cart']->reset(); $_SESSION['member']->default_member(); MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } // verify the IP address if (!isset($_SESSION['session_ip_address'])) { $_SESSION['session_ip_address'] = MyOOS_Utilities::getRemoteHostAddress(); } if ($_SESSION['session_ip_address'] != MyOOS_Utilities::getRemoteHostAddress()) { unset($_SESSION['customer_id']); unset($_SESSION['session_ip_address']); $_SESSION['cart']->reset(); $_SESSION['member']->default_member(); MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } return true; }
/** * Return the address of the remote host. * @return string the remote host address (or null) */ public static function getRemoteHostAddress() { $addr = null; if (isset($_SERVER['REMOTE_ADDR'])) { $addr = $_SERVER['REMOTE_ADDR']; if (MyOOS_Utilities::isTrustedProxy($addr)) { foreach (array('HTTP_X_FORWARDED_FOR', 'HTTP_CLIENT_IP') as $key) { if (isset($_SERVER[$key]) && preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $_SERVER[$key])) { $addr = $_SERVER[$key]; break; } } } } return $addr; }
/** * get client ip * * @copyright (C) 2003 by osCommerce. * @license GPL <http://www.gnu.org/licenses/gpl.html> * @link http://www.oscommerce.com * @access public * @return string client ip */ function oos_server_get_remote() { return MyOOS_Utilities::getRemoteHostAddress(); }
/** * Process registered shutdown actions. */ function performShutdownActions() { if (isset($this->_shutdownActions)) { foreach ($this->_shutdownActions as $action) { $ret = @call_user_func_array($action[0], $action[1]); if ($this->getDebug() || class_exists('GalleryTestCase')) { /* Ignore errors unless debug is on */ if (is_array($ret) && MyOOS_Utilities::isA($ret[0], 'GalleryStatus')) { $ret = $ret[0]; } else { if (!MyOOS_Utilities::isA($ret, 'GalleryStatus')) { $ret = null; } } if (isset($ret) && $ret) { $this->debug('Error from shutdown action:'); $this->debug_r($action); $this->debug_r($ret); } } } } }
function get_browser_language() { if (isset($_COOKIE['language'])) { if ($this->exists($_COOKIE['language'])) { $this->set($_COOKIE['language']); return true; } } $browser_languages = array('deu' => 'de([-_][[:alpha:]]{2})?|german', 'eng' => 'en([-_][[:alpha:]]{2})?|english', 'spa' => 'es([-_][[:alpha:]]{2})?|spanish', 'fra' => 'fr([-_][[:alpha:]]{2})?|french', 'ita' => 'it|italian', 'nld' => 'nl([-_][[:alpha:]]{2})?|dutch', 'pol' => 'pl|polish', 'rus' => 'ru|russian'); $httpAcceptLanguage = MyOOS_Utilities::getServerVar('HTTP_ACCEPT_LANGUAGE'); if (!empty($httpAcceptLanguage)) { foreach (explode(',', $httpAcceptLanguage) as $code) { foreach ($browser_languages as $key => $value) { if (preg_match('/^(' . $value . ')(;q=[0-9]\\.[0-9])?$/', $code) && $this->exists($key)) { $this->set($key); return true; } } } } $this->set(DEFAULT_LANGUAGE); }
//Ping Ask.com $sPingUrl = "http://submissions.ask.com/ping?sitemap=" . urlencode($pingUrl); $pingres = MyOOS_Utilities::RemoteOpen($sPingUrl); if ($pingres == NULL || $pingres === false || strpos($pingres,"successfully received and added")===false) { //Ask.com returns 200 OK even if there was an error, so we need to check the content. trigger_error("Failed to ping Ask.com: " . htmlspecialchars(strip_tags($pingres)),E_USER_NOTICE); } //Ping YAHOO if (!oos_empty(YAHOOKEY)) { $sPingUrl = "http://search.yahooapis.com/SiteExplorerService/V1/updateNotification?appid=" . YAHOOKEY . "&url=" . urlencode($pingUrl); $pingres = MyOOS_Utilities::RemoteOpen($sPingUrl); if ($pingres==NULL || $pingres===false || strpos(strtolower($pingres),"success")===false) { trigger_error("Failed to ping YAHOO: " . htmlspecialchars(strip_tags($pingres)),E_USER_NOTICE); } } //Ping Bing $sPingUrl = "http://www.bing.com/webmaster/ping.aspx?siteMap=" . urlencode($pingUrl); $pingres = MyOOS_Utilities::RemoteOpen($sPingUrl); if ($pingres==NULL || $pingres===false || strpos($pingres,"Thanks for submitting your sitemap")===false) { trigger_error("Failed to ping Bing: " . htmlspecialchars(strip_tags($pingres)),E_USER_NOTICE); } } else { print_r($oSitemap->debug); } echo '</pre>'; require_once MYOOS_INCLUDE_PATH . '/includes/oos_nice_exit.php';
/** * Return a sanitized version of the given variable from the _COOKIE superglobal. * @param string $key the key in the _COOKIE superglobal * @return string the value */ function getCookieVar($key) { if (!isset($_COOKIE[$key])) { return null; } $value = $_COOKIE[$key]; MyOOS_Utilities::sanitizeInputValues($value); return $value; }
. " SET customers_image = ?" . " WHERE customers_id = ?"; $result =& $dbconn->Execute($query, array('', (int)$_SESSION['customer_id'])); } require_once 'includes/classes/class_upload.php'; if (!empty($_FILES['id']['tmp_name']) and ($_FILES['id']['tmp_name'] != 'none')) { $customers_image_file = new upload('id'); $customers_image_file->set_destination(OOS_ABSOLUTE_PATH . OOS_IMAGES . OOS_CUSTOMERS_IMAGES); if ($customers_image_file->parse()) { if (isset($_SESSION['customer_id'])) { $extension = MyOOS_Utilities::getFileExtension($_FILES['id']['name']); $picture_tempname = oos_get_random_picture_name(26, $extension); $customers_image_file->set_filename($picture_tempname); $customerstable = $oostable['customers']; $query = "UPDATE $customerstable" . " SET customers_image = ?" . " WHERE customers_id = ?"; $result =& $dbconn->Execute($query, array((string)$picture_tempname, (int)$_SESSION['customer_id'])); $customers_image_file->save(); } } } }