Page isn't Redirecting Properly

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Page isn't Redirecting Properly

    Hi,

    This is causing page not to redirect properly
    Code:
     if ( $auth_ok_check != $_SESSION[auth_ok] )
    {
        header( "Location: ".$shopurl."secure/login.php?next={$_GET['next']}&shk&p={$_SERVER['PHP_SELF']}" );
        exit( );
    }
    if ( preg_match( "/secure/", "{$_SERVER['PHP_SELF']}" ) )
    {
        $isaccount = "1";
    }
}
if ( preg_match( "/".$adminDir."/", "{$_SERVER['PHP_SELF']}" ) && !preg_match( "/adlogin.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/forgetful.php/", "{$_SERVER['PHP_SELF']}" ) )
{
    if ( $admin_ok_check != $_SESSION[admin_ok] )
    {
        header( "Location: ".$adminurl."adlogin.php" );
        exit( );
    }
    if ( preg_match( "/".$adminDir."/", "{$_SERVER['PHP_SELF']}" ) )
    {
        $isadmin = "1";
    }
}
$noadirs = count( $admin_dirs );
$i = 0;
for ( ; $i <= $noadirs; ++$i )
{
    if ( !preg_match( "/admin\\/".$admin_dirs[$i]."/", "{$_SERVER['PHP_SELF']}" ) && preg_match( "/".$admin_dirs[$i]."/", "{$_SESSION['admin_type']}" ) )
    {
        continue;
    }
    header( "Location: ".$adminurl."perms.php?noperm={$admin_dirs[$i]}" );
    exit( );
}
    If I remove the headers the page loads, what could the problem be?
    Tags: None
    #2
    Hope this solves your problem
    PHP Code:
    if ( $auth_ok_check != $_SESSION['auth_ok'] )
        {
                header('Location:../'.$shopurl.'/secure/login.php?next='.$_GET['next'].'&amp;shk&amp;p='.$_SERVER['PHP_SELF']);
            exit;
        }
        if (     preg_match('/secure/i'$_SERVER['PHP_SELF'] ) )
        {
                $isaccount 1;
        }
    }
    if (     preg_match('/'.$adminDir.'/i'$_SERVER['PHP_SELF'] ) && !preg_match('/adlogin.php/i'$_SERVER['PHP_SELF']) || !preg_match('/forgetful.php/i'$_SERVER['PHP_SELF']))
    {
        if (     $admin_ok_check != $_SESSION['admin_ok'] )
        {
                header('Location:../'.$adminurl.'/adlogin.php');
            exit;
        }
        if (    preg_match('/'.$adminDir.'/i'$_SERVER['PHP_SELF'] ) )
        {
                $isadmin 1;
        }
    }
    $noadirs count$admin_dirs );
    $i 0;
    for ( ;     $i <= $noadirs; ++$i )
    {
        if (!    preg_match("/admin\\/".$admin_dirs[$i]."/i"$_SERVER['PHP_SELF'] ) && preg_match("/".$admin_dirs[$i]."/i"$_SESSION['admin_type']))
        {
            continue;
        }
            header('Location:../'.$adminurl.'/perms.php?noperm='.$admin_dirs[$i]);
        exit;
    Last edited by s3nzo; 12.11.11, 08:40.
    libra.wen.ru

    Comment

      #3
      Many thanks for your help, this did not solve the problem so I have no idea what it is.
      This is the full code if you would kindly have a quick look?

      Code:
      <?php
function seoclean_ad( $uc_string )
{
    $seo_clean_string = strtolower( "{$uc_string}" );
    $seo_clean_string = str_replace( " ", "_".SS_SEOSPREP."", "{$seo_clean_string}" );
    $seo_clean_string = str_replace( "&", "and", "{$seo_clean_string}" );
    $seo_clean_string = preg_replace( "[^A-Za-z0-9_-]", "", $seo_clean_string );
    $seo_clean_string = "{$seo_clean_string}".SEO_SUFFIX."";
    return $seo_clean_string;
}

function prepare_template_output( $data )
{
    if ( is_array( $data ) )
    {
        $ret = array( );
        foreach ( $data as $key => $value )
        {
            $ret[$key] = prepare_template_output( $value );
        }
        return $ret;
    }
    if ( !is_numeric( $data ) )
    {
        $data = stripslashes( $data );
        $data = trim( $data );
        $data = htmlentities( $data );
    }
    return $data;
}

function ukDate( $inDate )
{
    global $outDate;
    list( $uYear, $uMonth, $uDay ) = explode( "-", "{$inDate}" );
    $outDate = "{$uDay}-{$uMonth}-{$uYear}";
    return $outDate;
}

function write_cache( $f_cache_data, $f_cache_file )
{
    if ( !( $fp = fopen( $f_cache_file, "w" ) ) )
    {
        trigger_error( "Error opening cache file" );
        exit( );
    }
    if ( !flock( $fp, LOCK_EX ) )
    {
        trigger_error( "Unable to lock file" );
        exit( );
    }
    if ( !fwrite( $fp, serialize( $f_cache_data ) ) )
    {
        trigger_error( "Error writing to cache file" );
        exit( );
    }
    flock( $fp, LOCK_UN );
    fclose( $fp );
}

function read_cache( $f_cache_file )
{
    if ( !file_exists( $f_cache_file ) )
    {
        trigger_error( "Invalid cache file" );
        exit( );
    }
    return unserialize( file_get_contents( $f_cache_file ) );
}

function list_options( $arrayname, $mode )
{
    global $row;
    global $row_2;
    $sarray = "";
    foreach ( $arrayname as $v )
    {
        if ( !isset( $row['salutation'] ) && $row['salutation'] == $v || isset( $row_2['salutation'] ) && $row_2['salutation'] == $v )
        {
            if ( !isset( $mode ) )
            {
                echo "<option value=\"".$v."\" selected>{$v}</option>\n";
            }
            else
            {
                $sarray .= "<option value=\"".$v."\" selected>{$v}</option>\n";
            }
        }
        else if ( !isset( $mode ) )
        {
            echo "<option value=\"".$v."\">{$v}</option>\n";
        }
        else
        {
            $sarray .= "<option value=\"".$v."\">{$v}</option>\n";
        }
    }
    return $sarray;
}

function genprevnext( $total_pages, $position, $nresults, $scriptis, $extras )
{
    global $shopurl;
    global $seoFriend;
    global $connection;
    global $instdir;
    global $smode;
    if ( !empty( $smode ) )
    {
        $smodebits = "{$smode}/";
    }
    else
    {
        $smodebits = "";
    }
    if ( !empty( $_GET['smode'] ) )
    {
        $smodebits = "".htmlentities( $_GET['smode'] )."/";
    }
    else
    {
        $smodebits = "";
    }
    $disppages = intval( $total_pages / $nresults );
    if ( $total_pages % $nresults )
    {
        ++$disppages;
    }
    if ( $nresults <= $position )
    {
        $current_page_num = $position / $nresults + 1;
    }
    else
    {
        $current_page_num = 1;
    }
    $limit = $nresults;
    $stages = 3;
    $position = $position;
    $page = $position / $nresults + 1;
    if ( $page )
    {
        $start = ( $page - 1 ) * $limit;
    }
    else
    {
        $start = 0;
    }
    if ( $page == 0 )
    {
        $page = 1;
    }
    $prev = $page - 1;
    $next = $page + 1;
    $lastpage = ceil( $total_pages / $limit );
    $LastPagem1 = $lastpage - 1;
    $paginglinks = "";
    if ( 1 < $lastpage )
    {
        if ( 1 < $page )
        {
            $prevoffset = $position - $nresults;
            $paginate .= "<a href=\"".$scriptis."?position={$prevoffset}&nresults={$nresults}{$extras}\">&laquo; Prev</a>";
        }
        else
        {
            $paginate .= "<span class='pagination-disabled'>&laquo; Prev</span>";
        }
        if ( $lastpage < 7 + $stages * 2 )
        {
            $counter = 1;
            for ( ; 
 
 $counter <= $lastpage; ++$counter )
                {
                    $newoffset = $counter * $limit - $limit;
                    if ( $counter == $page )
                    {
                        $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>";
                    }
                    else
                    {
                        $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>";
                    }
                    break;
                }
            } while ( 1 );
        }
        else if ( 5 + $stages * 2 < $lastpage )
        {
            if ( $page < 1 + $stages * 2 )
            {
                $counter = 1;
                for ( ; $counter < 4 + $stages * 2; ++$counter )
                {
                    $newoffset = $counter * $limit - $limit;
                    if ( $counter == $page )
                    {
                        $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>";
                    }
                    else
                    {
                        $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>";
                    }
                }
                $paginglinks .= "...";
                $newoffsetlm1 = $LastPagem1 * $limit - $limit;
                $newoffsetlp = $lastpage * $limit - $limit;
                $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlm1}&nresults={$nresults}{$extras}\">{$LastPagem1}</a>";
                $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlp}&nresults={$nresults}{$extras}\">{$lastpage}</a>";
            }
            else if ( $page < $lastpage - $stages * 2 && $stages * 2 < $page )
            {
                $paginglinks .= "<a href=\"".$scriptis."?position=0&nresults={$nresults}{$extras}\">1</a>";
                $paginglinks .= "<a href=\"".$scriptis."?position={$limit}&nresults={$nresults}{$extras}\">2</a>";
                $paginglinks .= "...";
                $counter = $page - $stages;
                for ( ; $counter <= $page + $stages; ++$counter )
                {
                    $newoffset = $counter * $limit - $limit;
                    if ( $counter == $page )
                    {
                        $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>";
                    }
                    else
                    {
                        $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>";
                    }
                }
                $paginglinks .= "...";
                $newoffsetlm1 = $LastPagem1 * $limit - $limit;
                $newoffsetlp = $lastpage * $limit - $limit;
                $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlm1}&nresults={$nresults}{$extras}\">{$LastPagem1}</a>";
                $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlp}&nresults={$nresults}{$extras}\">{$lastpage}</a>";
            }
            else
            {
                $paginglinks .= "<a href=\"".$scriptis."?position=0&nresults={$nresults}{$extras}\">1</a>";
                $paginglinks .= "<a href=\"".$scriptis."?position={$limit}&nresults={$nresults}{$extras}\">2</a>";
                $paginglinks .= "...";
                $counter = $lastpage - ( 2 + $stages * 2 );
                for ( ; $counter <= $lastpage; ++$counter )
                {
                    $newoffset = $counter * $limit - $limit;
                    if ( $counter == $page )
                    {
                        $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>";
                    }
                    else
                    {
                        $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>";
                    }
                }
            }
        }
        $paginate .= $paginglinks;
        if ( $page < $counter - 1 )
        {
            $newoffset = $position + $nresults;
            $paginate .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">Next &raquo;</a>";
        }
        else
        {
            $paginate .= "<span class=\"pagination-disabled\">Next &raquo;</span>";
        }
    }
    if ( $nresults < $total_pages )
    {
        echo $paginate;
    }


function buildCategorySelect( )
{
    global $connection;
    global $category_id;
    $level = "0";
    $sql = "SELECT * from categories WHERE category_parent_id='deftl'";
    if ( !( $result = @mysql_query( $sql, $connection ) ) )
    {
        exit( "** COULD NOT BUILD CATEGORY DROP DOWN ** ".mysql_error( ) );
    }
    while ( $row = mysql_fetch_array( $result ) )
    {
        $parent = "{$row['category_id']}";
        $row[category_name] = stripslashes( "{$row['category_name']}" );
        if ( $category_id == $row[category_id] )
        {
            echo "<option value=\"".$row['category_id']."\" selected>+ {$row['category_name']}</option>\n";
        }
        else
        {
            echo "<option value=\"".$row['category_id']."\">+ {$row['category_name']}</option>\n";
        }
        getchildren( $parent, $level );
    }
}

function getChildren( $parent, $level )
{
    global $connection;
    global $category_id;
    ++$level;
    if ( !ctype_digit( $parent ) )
    {
        $parent = "";
    }
    $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."' order by category_name";
    if ( !( $result1 = @mysql_query( $sql1, $connection ) ) )
    {
        exit( "Couldn't build category tree child part: ".mysql_error( ) );
    }
    while ( $row1 = mysql_fetch_array( $result1 ) )
    {
        $parent = "{$row1['category_id']}";
        if ( $category_id == $row1[category_id] )
        {
            echo "<option value=\"".$row1['category_id']."\" selected>";
        }
        else
        {
            echo "<option value=\"".$row1['category_id']."\">";
        }
        $i = 0;
        for ( ; $i < $level; ++$i )
        {
            echo " ";
        }
        echo "|--[".$level."]";
        echo " ".$row1['category_name']."</option>\n";
        getchildren( $parent, $level );
    }
}

function getChildrenSEL( $parent, $myparent, $level )
{
    global $connection;
    global $https;
    global $category_id;
    ++$level;
    if ( !ctype_digit( $parent ) )
    {
        $parent = "";
    }
    $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."' order by category_name";
    if ( !( $result1 = @mysql_query( $sql1, $connection ) ) )
    {
        exit( "Couldn't build category tree child part: ".mysql_error( ) );
    }
    while ( $row1 = mysql_fetch_array( $result1 ) )
    {
        $parent = "{$row1['category_id']}";
        if ( $myparent == $row1[category_id] )
        {
            echo "<option value=\"".$row1['category_id']."\" selected>";
        }
        else if ( $category_id == $row1[category_id] )
        {
            echo "<option value=\"deftl\">";
        }
        else
        {
            echo "<option value=\"".$row1['category_id']."\">";
        }
        $i = 0;
        for ( ; $i < $level; ++$i )
        {
            echo " ";
        }
        echo "|".$level."|";
        echo "{$row1['category_name']}</option>\n";
        getchildrensel( $parent, $myparent, $level );
    }
}

function makeCategoryMap( )
{
    global $connection;
    global $adminurl;
    $level = "0";
    $sql = "SELECT * from categories WHERE category_parent_id='deftl'";
    if ( !( $result = @mysql_query( $sql, $connection ) ) )
    {
        exit( "Couldn't build category tree parent part: ".mysql_error( ) );
    }
    while ( $row = mysql_fetch_array( $result ) )
    {
        $parent = "{$row['category_id']}";
        $sql3 = "SELECT product_id from products WHERE category_id='".$parent."'";
        if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
        {
            exit( "Couldn't get data from products db" );
        }
        $numrows = mysql_num_rows( $result3 );
        if ( $numrows < 1 )
        {
            $linker = "";
        }
        else
        {
            $linker = "<input type=\"button\" class=\"list\" onclick=\"location.href='".$adminurl."products/productlist.php?category_id={$row['category_id']}'\" value=\"Products ({$numrows})\" />";
        }
        $row[category_name] = stripslashes( "{$row['category_name']}" );
        echo "<tr>\n\t\t\t\t<td> + <a href=\"".$adminurl."products/editcategory.php?category_id={$row['category_id']}\" title=\"{$row['category_desc']}\">{$row['category_name']}</a> </td>\n\t\t\t\t<td>";
        if ( $row[category_publish] == Y )
        {
            echo "<input type=\"button\" class=\"deactivate\" value=\"(click to deactivate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row['category_id']}&act=N'\" />";
        }
        else
        {
            echo "<input type=\"button\" class=\"activate\" value=\"(click to activate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row['category_id']}&act=Y'\" />";
        }
        echo "</td>\n\t\t\t\t<td> <input type=\"button\" class=\"add\" onclick=\"location.href='".$adminurl."products/addproduct.php?category_id={$row['category_id']}'\" value=\"Add\" /> {$linker} </td>\n\t\t\t\t<td> <input type=\"button\" class=\"edit\" onclick=\"location.href='{$adminurl}products/editcategory.php?category_id={$row['category_id']}'\" value=\"Edit\" /> <input type=\"button\" class=\"delete\" value=\"DELETE\" onclick='usr_conf(\"{$adminurl}products/bin/deletecategory.php\",\"category_id={$row['category_id']}\",\"Are you sure you want to delete this category?\");' /> </td>\n\t\t\t</tr>\n";
        getchildrenlist( $parent, $level );
    }
}

function getChildrenList( $parent, $level )
{
    global $connection;
    global $adminurl;
    ++$level;
    $where_in_level = "0";
    if ( !ctype_digit( $parent ) )
    {
        $parent = "";
    }
    $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."'";
    if ( !( $result1 = @mysql_query( $sql1, $connection ) ) )
    {
        exit( "Couldn't build category tree child part: ".mysql_error( ) );
    }
    while ( $row1 = mysql_fetch_array( $result1 ) )
    {
        ++$where_in_level;
        $parent = "{$row1['category_id']}";
        $level_indent = $level - 1;
        $i = 0;
        for ( ; $i < $level_indent; ++$i )
        {
            echo " ";
        }
        if ( $last_level == $level )
        {
            echo " ";
        }
        else
        {
            echo " ";
        }
        $i = 0;
        for ( ; $i < $level; ++$i )
        {
            echo " ";
        }
        $sql3 = "SELECT product_id from products WHERE category_id='".$parent."'";
        if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
        {
            exit( "Couldn't get data from products db" );
        }
        $numrows = mysql_num_rows( $result3 );
        if ( $numrows < 1 )
        {
            $linker = "";
        }
        else
        {
            $linker = "<input type=\"button\" class=\"list\" onclick=\"location.href='".$adminurl."products/productlist.php?category_id={$row1['category_id']}'\" value=\"Products ({$numrows})\" />";
        }
        echo "\t<tr>\n\t\t<td> &raquo; (".$level.") <a href=\"{$adminurl}products/editcategory.php?category_id={$row1['category_id']}\" title=\"{$row1['category_desc']}\">{$row1['category_name']}</a></td>\n\t\t\t<td>";
        if ( $row1[category_publish] == Y )
        {
            echo "<input type=\"button\" class=\"deactivate\" value=\"(click to deactivate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row1['category_id']}&act=N'\" />";
        }
        else
        {
            echo "<input type=\"button\" class=\"activate\" value=\"(click to activate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row1['category_id']}&act=Y'\" />";
        }
        echo "</td> \n\t\t\t<td><input type=\"button\" class=\"add\" onclick=\"location.href='".$adminurl."products/addproduct.php?category_id={$row1['category_id']}'\" value=\"Add\" /> {$linker}</td>\n\t\t\t<td> <input type=\"button\" class=\"edit\" onclick=\"location.href='{$adminurl}products/editcategory.php?category_id={$row1['category_id']}'\" value=\"Edit\" /> <input type=\"button\" class=\"delete\" value=\"DELETE\" onclick='usr_conf(\"{$adminurl}products/bin/deletecategory.php\",\"category_id={$row1['category_id']}\",\"Are you sure you want to delete this category?\");' /></td>\n\t</tr>\n";
        getchildrenlist( $parent, $level );
        $last_level = $level;
    }
}

function productcheckcategories( )
{
    global $connection;
    global $oktoadd;
    $sql3 = "SELECT * from categories";
    if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
    {
        exit( "Couldn't get data from category db" );
    }
    $numrows = mysql_num_rows( $result3 );
    if ( 1 <= $numrows )
    {
        $oktoadd = "Y";
    }
}

function countrycompareDD( $country_dd )
{
    global $connection;
    echo "<select name=\"country\">";
    $sql3 = "SELECT country_short, country_long from country WHERE zone_id !='0'";
    if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
    {
        exit( "Couldn't execute request 1" );
    }
    while ( $row3 = mysql_fetch_array( $result3 ) )
    {
        if ( $row3[country_short] == $country_dd )
        {
            echo "<option value=\"".$row3['country_short']."\" selected>{$row3['country_long']}</option>\n";
        }
        else
        {
            echo "<option value=\"".$row3['country_short']."\">{$row3['country_long']}</option>\n";
        }
    }
    echo "</select>";
}

function alternatecolour( $level )
{
    global $altclass;
    $class_1 = " class=altlight";
    $class_2 = " class=altdark";
    $altclass = $class_1;
    $level % 2 ? 0 : ( $altclass = $class_2 );
}

function check_email_address( $email )
{
    if ( !preg_match( "/[^@]{1,64}@[^@]{1,255}/i", $email ) )
    {
        return FALSE;
    }
    $email_array = explode( "@", $email );
    $local_array = explode( ".", $email_array[0] );
    $i = 0;
    for ( ; $i < sizeof( $local_array ); ++$i )
    {
        if ( preg_match( ">^(([A-Za-z0-9!#\$%&'*+/=?^_`{|}~-][A-Za-z0-9!#\$%&'*+/=?^_`{|}~\\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))\$>i", $local_array[$i] ) )
        {
            continue;
        }
        return FALSE;
    }
    if ( !preg_match( "/^\\[?[0-9\\.]+\\]?\$/i", $email_array[1] ) )
    {
        $domain_array = explode( ".", $email_array[1] );
        if ( sizeof( $domain_array ) < 2 )
        {
            return FALSE;
        }
        $i = 0;
        for ( ; $i < sizeof( $domain_array ); ++$i )
        {
            if ( preg_match( "/^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))\$/i", $domain_array[$i] ) )
            {
                continue;
            }
            return FALSE;
        }
    }
    return TRUE;
}

if ( get_magic_quotes_gpc( ) )
{
    $in = array(
        $GLOBALS['_GET'],
        $GLOBALS['_POST'],
        $GLOBALS['_COOKIE']
    );
    while ( list( $k, $v ) = each( &$in ) )
    {
        foreach ( $v as $key => $val )
        {
            if ( !is_array( $val ) )
            {
                $in[$k][$key] = stripslashes( $val );
            }
            else
            {
                $in[] =& $in[$k][$key];
            }
        }
    }
    unset( $in );
}
if ( isset( $_POST ) || isset( $_GET ) )
{
    $in = array(
        $GLOBALS['_GET'],
        $GLOBALS['_POST']
    );
    while ( list( $k, $v ) = each( &$in ) )
    {
        foreach ( $v as $key => $val )
        {
            if ( !is_array( $val ) )
            {
                if ( ( $key == "txtContent" || $key == "category_desc" || !( $key == "metaadd" ) && !( $admin_ok_check == $_SESSION[admin_ok] ) ) || !preg_match( "/".$adminDir."/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/paypalcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/updatecurrency.php/", "{$_SERVER['PHP_SELF']}" ) )
                {
                    if ( !preg_match( "/createcurrency.php/", "{$_SERVER['PHP_SELF']}" ) )
                    {
                        $val = preg_replace( "/\\s+/", " ", $val );
                        $in[$k][$key] = htmlentities( trim( $val ) );
                    }
                }
            }
            else
            {
                $in[] =& $in[$k][$key];
            }
        }
    }
    unset( $in );
}
$sYear = "2007";
$cwd = dirname( __FILE__ );
$instdir = str_replace( "private", "", "{$cwd}" );
include( "{$instdir}private/config.php" );
include( "{$instdir}private/cache.php" );
include( "{$instdir}private/pca_config.php" );
if ( empty( $shopurl ) )
{
    header( "Location: install/" );
    exit( );
}
include( "{$instdir}private/db_connect.php" );
include( "{$instdir}private/messages.php" );
include( "{$instdir}private/shop_messages.php" );
$s_cache_file = "{$sscache_dir}key.txt";
if ( $sscache == "Y" && file_exists( $s_cache_file ) && time( ) - $sscache_exp < filemtime( $s_cache_file ) )
{
    $s_cache_data = read_cache( $s_cache_file );
}
else
{
    $sql = "SELECT copyRightKey,domainName FROM shop_settings";
    if ( !( $result = @mysql_query( $sql, $connection ) ) )
    {
        exit( "**COULD NOT GET COPYRIGHT KEYS**" );
    }
    while ( $row = mysql_fetch_array( $result ) )
    {
        $s_cache_data[] = $row;
    }
    if ( "".$sscache."" == "Y" && isset( $s_cache_data ) )
    {
        write_cache( $s_cache_data, $s_cache_file );
    }
}
if ( isset( $s_cache_data ) )
{
    foreach ( $s_cache_data as $key => $row )
    {
        $copyRightCode = "{$row['copyRightKey']}";
        $domainName = "{$row['domainName']}";
    }
    $s_cache_data = "";
}
$stylish = array( "tuxdiscs.com_CC66BD976A919DBA1D389EA030F1C98E", "homeheatgas.co.uk_7E3987914C37A595611AA2B02647AB3E", "htcshop.co.uk_D1463A8E25B25DBBF2828A05F1A4C786", "creativegiftcompany.co.uk_A0084DC13CAD4EF04745341D7B2859A0", "satnavnow.com_CB37C0E975D7C997C02DD8C2A903CCCE", "officesource.co.uk_D1F94EC11C220D3607897126CF0FC60B", "snapitshowit.com_EA669BA712152AC7604824CC4C821810", "englandathome.co.uk_FA3831E23466E7B22D4A17076C0795FC", "ellisofficefurniture.co.uk_B36B5A3FBEB39CF965EDE33C4F6607EE", "myweddingbox.co.uk_4856BFB9DBF37F90C0FA492CE087154E", "dukkaan.net_AA339C99F82BCD6C7DB0CB38A1A2D35C", "sosophisticated.co.uk_524D866DF422AB6211030E0400408957", "pure-beauty.co.uk_8DF947D81601F80C75A6109FD8E14DDA", "pure-beauty_31B643B484171B66354FC78FB2C272AA", "goodiessweetshop.co.uk_77489A3F2430FB4AF433250B9BFF9F71", "whiskcooking.co.uk_DDEB2054E47603FA9183BF8C91FD703D", "bodychef.co.uk_9F2D61781FA3B2F70EFDD3992604A551", "athenaflooring.co.uk_E7D0D322B5F23A3A2BFBB010001AB21B", "partyshop-mold.co.uk_41E26ED3FA379384B2EB103F60EDD059", "thegolfzone.net_86A65F7F8E7355649A4BA1B78462A60B", "littlereddogshop.co.uk_03B59361FD76EC594037262FEB44EAD3", "furnituregiant.co.uk_8C2C781A7C590FF3239182ED3DC24368", "dancevinyls.com_0999AB3CEAF33D53C7599BF2AFB9D804", "brainegg.com_A76ADAE00F80DA87C83C1C6B7939809E", "mrbates.co.uk_B24D6A529B75FD6BC256EB4FF8FAA28A", "metrosales.co.uk_3F507226A07DF97E8DAD87FED2BD7C25", "2pic1.co.uk_2FD2A963331EE04AFE7882AC447F3D53", "thingsonline.co.uk_340520B537817C03E4EEE71765A9769D", "tenpinshop.com_9ACBC1B6E153F74E2E8D58DF4AFFFE37", "drakepneumatics.co.uk_282A7137E3AAA0E7FA1A3A8E42899C49", "ipendpoints.co.uk_7470912986F50101ED255A5AF8679DB3" );
$admin_dirs = array( "settings", "orders", "newsletter", "reports", "shoppers", "products", "content" );
$mtta = array( "mail", "smtp" );
$ppgfields = array( "ppemail", "ppmerchantid", "ppsecret", "pptestmode", "ppinstid", "ppintip", "ppextip", "ppgiftaid", "ppApply3DSecure", "ppApplyAVSCV2", "ppauthmode", "ppsignature" );
$category_style = array( "List with Thumbnail", "List no Thumbnail", "Grid" );
$category_sort_order = array( "Alphabetical", "Newest Items First", "Newest Items Last", "Featured Items First", "Custom Sort", "Price Low - High", "Price High - Low" );
$sf_style = array( "List", "Grid" );
$sf_sort_order = array( "Alphabetical", "By ID", "Randomised" );
$cf_sort_order = array( "Alphabetical", "By ID", "Custom" );
$allow_next = array( "selectdeliveryaddress.php", "revieworder.php", "reviewproduct.php", "revieworder.php?clearptid=Y", "orders.php" );
if ( $_GET[next] && !in_array( "{$_GET['next']}", $allow_next ) )
{
    echo "Not allowed!";
    exit( );
}
if ( !ctype_digit( $_GET[cmsid] ) )
{
    $GLOBALS['_GET'][cmsid] = "";
}
$GLOBALS['_GET'][cmsid] = mysql_real_escape_string( "{$_GET['cmsid']}" );
if ( !ctype_digit( $_GET[category_id] ) )
{
    $GLOBALS['_GET'][category_id] = "";
}
$GLOBALS['_GET'][category_id] = mysql_real_escape_string( "{$_GET['category_id']}" );
if ( !ctype_digit( $_GET[product_id] ) )
{
    $GLOBALS['_GET'][product_id] = "";
}
$GLOBALS['_GET'][product_id] = mysql_real_escape_string( "{$_GET['product_id']}" );
if ( !ctype_digit( $_GET[product_xo_id] ) )
{
    $GLOBALS['_GET'][product_xo_id] = "";
}
$GLOBALS['_GET'][product_xo_id] = mysql_real_escape_string( "{$_GET['product_xo_id']}" );
if ( !ctype_digit( $_GET[o_id] ) )
{
    $GLOBALS['_GET'][o_id] = "";
}
$GLOBALS['_GET'][o_id] = mysql_real_escape_string( "{$_GET['o_id']}" );
if ( !ctype_digit( $_GET[p_id] ) )
{
    $GLOBALS['_GET'][p_id] = "";
}
$GLOBALS['_GET'][p_id] = mysql_real_escape_string( "{$_GET['p_id']}" );
if ( !ctype_digit( $_GET[a_id] ) )
{
    $GLOBALS['_GET'][a_id] = "";
}
$GLOBALS['_GET'][a_id] = mysql_real_escape_string( "{$_GET['a_id']}" );
$GLOBALS['_POST'][query_string] = mysql_real_escape_string( "{$_POST['query_string']}" );
if ( !ctype_digit( $_POST[pre_xo_id] ) )
{
    $GLOBALS['_POST'][pre_xo_id] = "";
}
$GLOBALS['_POST'][pre_xo_id] = mysql_real_escape_string( "{$_POST['pre_xo_id']}" );
if ( !ctype_digit( $_POST[p_id] ) )
{
    $GLOBALS['_POST'][p_id] = "";
}
$GLOBALS['_POST'][p_id] = mysql_real_escape_string( "{$_POST['p_id']}" );
if ( !ctype_digit( $_POST[qty] ) )
{
    $GLOBALS['_POST'][qty] = "";
}
$GLOBALS['_POST'][qty] = mysql_real_escape_string( "{$_POST['qty']}" );
$GLOBALS['_POST'][loginemail] = mysql_real_escape_string( "{$_POST['loginemail']}" );
$GLOBALS['_POST'][loginpass] = mysql_real_escape_string( "{$_POST['loginpass']}" );
if ( $_POST[mail_outs] != "Y" && $_POST[mail_outs] != "N" )
{
    $GLOBALS['_POST'][mail_outs] = "Y";
}
$GLOBALS['_POST'][mail_outs] = mysql_real_escape_string( "{$_POST['mail_outs']}" );
$GLOBALS['_POST'][old_password] = mysql_real_escape_string( "{$_POST['old_password']}" );
$GLOBALS['_POST'][confirm_password] = mysql_real_escape_string( "{$_POST['confirm_password']}" );
$search = array( "@<script[^>]*?>.*?</script>@si", "@<[\\/\\!]*?[^<>]*?>@si", "@&(quot|#34);@i", "@&(amp|#38);@i", "@&(lt|#60);@i", "@&(gt|#62);@i", "@&(nbsp|#160);@i", "@&(iexcl|#161);@i", "@&(cent|#162);@i", "@&(pound|#163);@i", "@&(copy|#169);@i", "@&#(\\d+);@e" );
$replace = array(
    "",
    "",
    "\\1",
    "\"",
    "&",
    "<",
    ">",
    " ",
    chr( 161 ),
    chr( 162 ),
    chr( 163 ),
    chr( 169 ),
    "chr(\\1)"
);
$GLOBALS['_POST'][company] = mysql_real_escape_string( "{$_POST['company']}" );
$GLOBALS['_POST'][company] = mysql_real_escape_string( "{$_POST['company']}" );
$GLOBALS['_POST'][company] = preg_replace( $search, $replace, $_POST[company] );
$GLOBALS['_POST'][first_name] = mysql_real_escape_string( "{$_POST['first_name']}" );
$GLOBALS['_POST'][first_name] = preg_replace( $search, $replace, $_POST[first_name] );
$GLOBALS['_POST'][last_name] = mysql_real_escape_string( "{$_POST['last_name']}" );
$GLOBALS['_POST'][last_name] = preg_replace( $search, $replace, $_POST[last_name] );
$GLOBALS['_POST'][email] = mysql_real_escape_string( "{$_POST['email']}" );
$GLOBALS['_POST'][email] = preg_replace( $search, $replace, $_POST[email] );
$GLOBALS['_POST'][no_name] = mysql_real_escape_string( "{$_POST['no_name']}" );
$GLOBALS['_POST'][no_name] = preg_replace( $search, $replace, $_POST[no_name] );
$GLOBALS['_POST'][street] = mysql_real_escape_string( "{$_POST['street']}" );
$GLOBALS['_POST'][street] = preg_replace( $search, $replace, $_POST[street] );
$GLOBALS['_POST'][town] = mysql_real_escape_string( "{$_POST['town']}" );
$GLOBALS['_POST'][town] = preg_replace( $search, $replace, $_POST[town] );
$GLOBALS['_POST'][county] = mysql_real_escape_string( "{$_POST['county']}" );
$GLOBALS['_POST'][county] = preg_replace( $search, $replace, $_POST[county] );
$GLOBALS['_POST'][postcode] = mysql_real_escape_string( "{$_POST['postcode']}" );
$GLOBALS['_POST'][postcode] = preg_replace( $search, $replace, $_POST[postcode] );
$GLOBALS['_POST'][country] = mysql_real_escape_string( "{$_POST['country']}" );
$GLOBALS['_POST'][country] = preg_replace( $search, $replace, $_POST[country] );
$GLOBALS['_POST'][day_tel] = mysql_real_escape_string( "{$_POST['day_tel']}" );
$GLOBALS['_POST'][day_tel] = preg_replace( $search, $replace, $_POST[day_tel] );
$GLOBALS['_POST'][eve_tel] = mysql_real_escape_string( "{$_POST['eve_tel']}" );
$GLOBALS['_POST'][eve_tel] = preg_replace( $search, $replace, $_POST[eve_tel] );
$GLOBALS['_POST'][mobile] = mysql_real_escape_string( "{$_POST['mobile']}" );
$GLOBALS['_POST'][mobile] = preg_replace( $search, $replace, $_POST[mobile] );
$GLOBALS['_POST'][fax] = mysql_real_escape_string( "{$_POST['fax']}" );
$GLOBALS['_POST'][fax] = preg_replace( $search, $replace, $_POST[fax] );
$GLOBALS['_POST'][emailaddress] = mysql_real_escape_string( "{$_POST['emailaddress']}" );
$GLOBALS['_POST'][emailaddress] = preg_replace( $search, $replace, $_POST[emailaddress] );
$GLOBALS['_POST'][password] = mysql_real_escape_string( "{$_POST['password']}" );
$GLOBALS['_POST'][password] = preg_replace( $search, $replace, $_POST[password] );
$GLOBALS['_POST'][review] = mysql_real_escape_string( "{$_POST['review']}" );
$GLOBALS['_POST'][review] = preg_replace( $search, $replace, $_POST[review] );
$GLOBALS['_POST'][rating] = mysql_real_escape_string( "{$_POST['rating']}" );
$GLOBALS['_POST'][rating] = preg_replace( $search, $replace, $_POST[rating] );
$GLOBALS['_POST'][smode] = mysql_real_escape_string( "{$_POST['smode']}" );
$GLOBALS['_POST'][smode] = preg_replace( $search, $replace, $_POST[smode] );
if ( !ctype_digit( $_POST[ship_addr] ) )
{
    $GLOBALS['_POST'][ship_addr] = "";
}
$GLOBALS['_POST'][ship_addr] = mysql_real_escape_string( "{$_POST['ship_addr']}" );
$GLOBALS['_POST'][ship_addr] = preg_replace( $search, $replace, $_POST[ship_addr] );
if ( !ctype_digit( $_GET[ship_addr] ) )
{
    $GLOBALS['_GET'][ship_addr] = "";
}
$GLOBALS['_GET'][ship_addr] = mysql_real_escape_string( "{$_GET['ship_addr']}" );
$GLOBALS['_GET'][ship_addr] = preg_replace( $search, $replace, $_GET[ship_addr] );
if ( $_GET['sssess'] )
{
    session_id( $_GET['sssess'] );
}
session_start( );
header( "cache-control: private" );
if ( isset( $_GET['redeempoints'] ) && $_GET['redeempoints'] == "Y" )
{
    $_SESSION['redeemer'] = "Y";
}
if ( $_POST['purchaseorder'] )
{
    $_SESSION['po'] = mysql_real_escape_string( "{$_POST['purchaseorder']}" );
}
if ( !$_SESSION['loginemail'] )
{
    $_SESSION['loginemail'] = "noemail@email";
}
if ( !$_SESSION['adminemail'] )
{
    $_SESSION['adminemail'] = "noadmin@email";
}
if ( !empty( $_POST['discode'] ) )
{
    $_SESSION['discode'] = htmlentities( trim( $_POST['discode'] ) );
}
$auth_ok_check = md5( "{$_SESSION['loginemail']}.{$hash}" );
$admin_ok_check = md5( "{$_SESSION['adminemail']}.{$hash}" );
if ( isset( $_GET['oidref'] ) )
{
    $GLOBALS['_GET']['oidref'] = mysql_real_escape_string( $_GET['oidref'] );
    $sql = "SELECT o_id FROM order_list WHERE ref='".$_GET['oidref']."' AND unh='{$_GET['oidref']}'";
    if ( !( $result = @mysql_query( $sql, $connection ) ) )
    {
        exit( "**COULD NOT GET COPYRIGHT KEYS**" );
    }
    if ( $row = mysql_fetch_array( $result ) )
    {
        $_SESSION['unh'] = $_GET['oidref'];
        header( "location: ".$sshopurl."orderdetails_os.php?o_id={$row['o_id']}" );
        exit( );
    }
    if ( $_SESSION['auth_ok'] == $auth_ok_check )
    {
        header( "location: ".$sshopurl."secure/orders.php" );
        exit( );
    }
    header( "location: ".$sshopurl."secure/login.php?next=orders.php" );
    exit( );
}
if ( preg_match( "/secure/", "{$_SERVER['PHP_SELF']}" ) && !preg_match( "/cardsavehostedredirectcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/charityclearcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/forgetful.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/ewayukcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/ewaynzcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/sagepay/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/sagepayformcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/sagepayservercallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/getpassword.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/realexcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/totalwebsolutionsecommerchantcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/doqreg.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/qreg.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/paypointmetachargecallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/voicepaycallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/secpaysecpagecallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/vps_handle_protx_response.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/protx/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/protxformcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/protxcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/worldpaycallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/securetradingcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/barclayscpicallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/paypalcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/moneybookerscallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/nochexcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/offlinecallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/doregister.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/register.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/doprereg.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/login.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/dologin.php/", "{$_SERVER['PHP_SELF']}" ) )
{
    if ( $auth_ok_check != $_SESSION['auth_ok'] )
    {
        header('Location:'.$shopurl.'/secure/login.php?next='.$_GET['next'].'&amp;shk&amp;p='.$_SERVER['PHP_SELF']);
        exit;
    }
    if ( preg_match('/secure/i', $_SERVER['PHP_SELF'] ) )
    {
        $isaccount = 1;
    }
}
if ( preg_match('/'.$adminDir.'/i', $_SERVER['PHP_SELF'] ) && !preg_match('/adlogin.php/i', $_SERVER['PHP_SELF']) || !preg_match('/forgetful.php/i', $_SERVER['PHP_SELF']))
{
    if ( $admin_ok_check != $_SESSION['admin_ok'] )
    {
        header('Location:'.$adminurl.'/adlogin.php');
        exit;
    }
    if (preg_match('/'.$adminDir.'/i', $_SERVER['PHP_SELF'] ) )
    {
        $isadmin = 1;
    }
}
$noadirs = count( $admin_dirs );
$i = 0;
for ( ; $i <= $noadirs; ++$i )
{
    if (!preg_match("/admin\\/".$admin_dirs[$i]."/i", $_SERVER['PHP_SELF'] ) && preg_match("/".$admin_dirs[$i]."/i", $_SESSION['admin_type']))
    {
        continue;
    }
    header('Location:'.$adminurl.'/perms.php?noperm='.$admin_dirs[$i]);
    exit;
}  
if ( !$_SESSION['shopper_type'] )
{
    $_SESSION['shopper_type'] = "1";
}
if ( $_GET['setcurrency'] == "1" )
{
    if ( ctype_digit( $_GET['new_currency_id'] ) )
    {
        $GLOBALS['_POST']['new_currency_id'] = $_GET['new_currency_id'];
    }
    if ( ctype_digit( $_POST['new_currency_id'] ) )
    {
        $sql3 = "SELECT currency_id from currency WHERE currency_id='".$_POST['new_currency_id']."'";
        if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
        {
            exit( "Couldn't check for valid currency" );
        }
        while ( $row3 = mysql_fetch_array( $result3 ) )
        {
            $_SESSION['currency_id'] = $row3['currency_id'];
        }
    }
}
if ( $_GET['clearptid'] == "Y" )
{
    unset( $_SESSION['ptid'] );
}
if ( $_GET[selectpostage] == 1 )
{
    if ( $_POST[selptid] == Free || $_POST[selptid] == free )
    {
        unset( $_SESSION['ptid'] );
    }
    else if ( isset( $_POST[selptid] ) )
    {
        $_SESSION['ptid'] = $_POST[selptid];
    }
    else
    {
        unset( $_SESSION['ptid'] );
    }
    $GLOBALS['_POST'][selptid] = mysql_real_escape_string( $_POST[selptid] );
    $sql1 = "UPDATE basket SET ptid='".$_POST['selptid']."' WHERE session_id='".session_id( )."'";
    if ( !( $result1 = @mysql_query( $sql1, $connection ) ) )
    {
        exit( "Couldn't execute request 1" );
    }
}
?>

      Comment

        #4
        it's your host problem.it doesn't support this ---->>>> header('Location:.. etc (php header)

        Comment

        Previous template Next
        Working...
        X