function cw_session_start($sess_id = '') { global $APP_SESSION_VARS, $APP_SESS_ID; global $tables, $config; # $sess_id should contain only '0'..'9' or 'a'..'z' or 'A'..'Z' if (strlen($sess_id) > 32 || !empty($sess_id) && !preg_match('!^[0-9a-zA-Z]+$!S', $sess_id)) { $sess_id = ''; } $APP_SESSION_VARS = array(); $l = 0; if (isset($_SERVER['REMOTE_PORT'])) { $l = $_SERVER['REMOTE_PORT']; } list($usec, $sec) = explode(' ', microtime()); srand((double) $sec + (double) $usec * 1000000 + (double) $l); $curtime = cw_core_get_time(); $expiry_time = $curtime + USE_SESSION_LENGTH; if ($sess_id) { $sess_data = cw_query_first("select * from {$tables['sessions_data']} where sess_id='{$sess_id}' and expiry>{$curtime}"); if (!$sess_data) { $sess_id = ''; } } if (empty($sess_id)) { do { $sess_id = md5(uniqid(rand())); $already_exists = false; $already_exists = cw_query_first_cell("select count(*) from {$tables['sessions_data']} where sess_id='{$sess_id}'") > 0; } while ($already_exists); } if ($sess_data) { $APP_SESSION_VARS = unserialize($sess_data['data']); } else { if (!defined("NEW_SESSION")) { define("NEW_SESSION", true); } db_query("REPLACE INTO {$tables['sessions_data']} (sess_id, start, expiry, data) VALUES('{$sess_id}', '{$curtime}', '{$expiry_time}', '')"); } $APP_SESS_ID = $sess_id; global $app_config_file; setcookie(APP_SESSION_NAME, $APP_SESS_ID, 0, with_leading_slash_only($app_config_file['web']['web_dir'], true), $app_config_file['web']['http_host'], 0); if ($app_config_file['web']['http_host'] != $app_config_file['web']['https_host']) { setcookie(APP_SESSION_NAME, $APP_SESS_ID, 0, with_leading_slash_only($app_config_file['web']['web_dir'], true), $app_config_file['web']['https_host'], 0); } }
function cw_md_domain_update($domain_id, $data) { global $addons; $data['languages'] = serialize($data['languages']); $data['skin'] = with_leading_slash_only($data['skin']); $data['web_dir'] = with_leading_slash_only($data['web_dir']); $fields = array('name', 'http_host', 'https_host', 'http_alias_hosts', 'web_dir', 'skin', 'language', 'languages'); if (isset($data['attribute'])) { cw_call('cw_attributes_save', array('item_id' => $domain_id, 'item_type' => 'DM', 'attributes' => $data['attribute'])); } cw_array2update('domains', $data, "domain_id='{$domain_id}'", $fields); return cw_md_check_skin($data['skin']); }
cw_include('include/templater/templater.php'); $cw_allowed_tunnels = array_merge((array) $cw_allowed_tunnels, array('cw_accounting_get_category_types', 'cw_attributes_get_all_classes_for_products', 'cw_attributes_get_all_for_products', 'cw_attributes_get_types', 'cw_barcode_get_templates', 'cw_category_get_short_list', 'cw_clean_url_get_html_page_url', 'cw_core_get_meta', 'cw_currency_get_list', 'cw_doc_get_order_status_color', 'cw_doc_get_order_status_email', 'cw_doc_get_products_aspects', 'cw_doc_get_shipping_causes', 'cw_get_langvar_by_name', 'cw_import_smarty_layouts', 'cw_localization_get_list', 'cw_manufacturer_get', 'cw_manufacturer_get_list_smarty', 'cw_manufacturer_get_smarty', 'cw_map_get_counties_smarty', 'cw_map_get_regions_smarty', 'cw_map_get_states_smarty', 'cw_md_get_domains', 'cw_pos_get_list_smarty', 'cw_product_classes_list', 'cw_product_get', 'cw_product_get_types', 'cw_pt_get_tab_content', 'cw_salesman_get_list_smarty', 'cw_user_get_addresses_smarty', 'cw_user_get_departments', 'cw_user_get_usertypes', 'cw_warehouse_get_divisions', 'cw_web_get_layout_elements', 'cw_web_get_product_layout_elements', 'cw_config_advanced_search_attributes', 'cw_attributes_get')); global $smarty; $smarty = new Templater(); // Redefine smarty properties if (!empty($app_config_file['smarty'])) { foreach ($app_config_file['smarty'] as $param => $value) { $smarty->{$param} = $value; } } $smarty->use_sub_dirs = false; $smarty->request_use_auto_globals = false; $smarty->template_dir = cw_func_call('cw_code_get_template_dir'); foreach ((array) $smarty->template_dir as $s) { cw_addons_scan_skin($s); } $skin_name = with_leading_slash_only(is_array($smarty->template_dir) ? basename($smarty->template_dir[0]) : basename($smarty->template_dir)); $var_dirs['templates'] .= $skin_name; $var_dirs['cache'] .= $skin_name; $var_dirs_web['cache'] .= $skin_name; $smarty->compile_dir = $var_dirs['templates']; $smarty->config_dir = $app_dir . $app_config_file['web']['skin']; $smarty->cache_dir = $var_dirs['cache']; $smarty->secure_dir[] = $app_dir . $app_config_file['web']['skin']; $smarty->secure_dir[] = $app_dir . '/upgrade'; $smarty->debug_tpl = 'file:debug/debug_templates.tpl'; $smarty->assign('ImagesDir', $app_web_dir . $app_config_file['web']['skin'] . '/images'); $smarty->assign('SkinDir', $app_web_dir . $app_config_file['web']['skin']); $smarty->assign('template_dir', $smarty->template_dir); $smarty->assign('APP_SESS_NAME', APP_SESSION_NAME); $smarty->assign('APP_SESS_ID', $APP_SESS_ID);
$_include_addon_file = 'addons/' . $adn['addon'] . '/init.php'; cw_include($_include_addon_file); } } unset($active_addons, $adn, $_include_addon_file, $_current_hook_order); cw_include('init/post_init.php'); // Strip tags in all html_* var which are not in trusted list foreach ($request_prepared as $__var => $__res) { if (strpos($__var, 'html_') === 0 && (!in_array($__var, $cw_trusted_variables) || cw_have_script_tag($__res))) { $__res = cw_strip_tags($__res); ${$__var} = $request_prepared[$__var] = $__res; } } // Remove trailing slash and add leading slash $app_config_file['web']['web_dir'] = with_leading_slash_only($app_config_file['web']['web_dir']); $app_config_file['web']['skin'] = with_leading_slash_only($app_config_file['web']['skin']); $app_skin_dir = $app_config_file['web']['skin']; $app_web_dir = $app_config_file['web']['web_dir']; $http_location = 'http://' . $app_config_file['web']['http_host'] . $app_config_file['web']['web_dir']; $https_location = 'https://' . $app_config_file['web']['https_host'] . $app_config_file['web']['web_dir']; cw_include('init/https_detect.php'); $current_location = $HTTPS ? $https_location : $http_location; $current_host_location = $HTTPS ? 'https://' . $app_config_file['web']['https_host'] : 'http://' . $app_config_file['web']['http_host']; cw_include('include/logging.php'); cw_include('init/smarty.php'); // Get var_dirs items from addons $cw_var_dirs = $var_dirs; cw_call('on_build_var_dirs', array(&$cw_var_dirs)); // Recreate service folders in var dir foreach ($cw_var_dirs as $k => $v) { $var_dirs[$k] = $v['path'];