Page isn't Redirecting Properly

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Page isn't Redirecting Properly

    Hi,

    This is causing page not to redirect properly
    Code:
     if ( $auth_ok_check != $_SESSION[auth_ok] )
        {
            header( "Location: ".$shopurl."secure/login.php?next={$_GET['next']}&shk&p={$_SERVER['PHP_SELF']}" );
            exit( );
        }
        if ( preg_match( "/secure/", "{$_SERVER['PHP_SELF']}" ) )
        {
            $isaccount = "1";
        }
    }
    if ( preg_match( "/".$adminDir."/", "{$_SERVER['PHP_SELF']}" ) && !preg_match( "/adlogin.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/forgetful.php/", "{$_SERVER['PHP_SELF']}" ) )
    {
        if ( $admin_ok_check != $_SESSION[admin_ok] )
        {
            header( "Location: ".$adminurl."adlogin.php" );
            exit( );
        }
        if ( preg_match( "/".$adminDir."/", "{$_SERVER['PHP_SELF']}" ) )
        {
            $isadmin = "1";
        }
    }
    $noadirs = count( $admin_dirs );
    $i = 0;
    for ( ; $i <= $noadirs; ++$i )
    {
        if ( !preg_match( "/admin\\/".$admin_dirs[$i]."/", "{$_SERVER['PHP_SELF']}" ) && preg_match( "/".$admin_dirs[$i]."/", "{$_SESSION['admin_type']}" ) )
        {
            continue;
        }
        header( "Location: ".$adminurl."perms.php?noperm={$admin_dirs[$i]}" );
        exit( );
    }
    If I remove the headers the page loads, what could the problem be?

    #2
    Hope this solves your problem
    PHP Code:
    if ( $auth_ok_check != $_SESSION['auth_ok'] )
        {
            
    header('Location:../'.$shopurl.'/secure/login.php?next='.$_GET['next'].'&amp;shk&amp;p='.$_SERVER['PHP_SELF']);
            exit;
        }
        if ( 
    preg_match('/secure/i'$_SERVER['PHP_SELF'] ) )
        {
            
    $isaccount 1;
        }
    }
    if ( 
    preg_match('/'.$adminDir.'/i'$_SERVER['PHP_SELF'] ) && !preg_match('/adlogin.php/i'$_SERVER['PHP_SELF']) || !preg_match('/forgetful.php/i'$_SERVER['PHP_SELF']))
    {
        if ( 
    $admin_ok_check != $_SESSION['admin_ok'] )
        {
            
    header('Location:../'.$adminurl.'/adlogin.php');
            exit;
        }
        if (
    preg_match('/'.$adminDir.'/i'$_SERVER['PHP_SELF'] ) )
        {
            
    $isadmin 1;
        }
    }
    $noadirs count$admin_dirs );
    $i 0;
    for ( ; 
    $i <= $noadirs; ++$i )
    {
        if (!
    preg_match("/admin\\/".$admin_dirs[$i]."/i"$_SERVER['PHP_SELF'] ) && preg_match("/".$admin_dirs[$i]."/i"$_SESSION['admin_type']))
        {
            continue;
        }
        
    header('Location:../'.$adminurl.'/perms.php?noperm='.$admin_dirs[$i]);
        exit;

    Last edited by s3nzo; 12.11.11, 08:40.
    libra.wen.ru

    Comment


      #3
      Many thanks for your help, this did not solve the problem so I have no idea what it is.
      This is the full code if you would kindly have a quick look?

      Code:
      <?php
      function seoclean_ad( $uc_string )
      {
          $seo_clean_string = strtolower( "{$uc_string}" );
          $seo_clean_string = str_replace( " ", "_".SS_SEOSPREP."", "{$seo_clean_string}" );
          $seo_clean_string = str_replace( "&", "and", "{$seo_clean_string}" );
          $seo_clean_string = preg_replace( "[^A-Za-z0-9_-]", "", $seo_clean_string );
          $seo_clean_string = "{$seo_clean_string}".SEO_SUFFIX."";
          return $seo_clean_string;
      }
      
      function prepare_template_output( $data )
      {
          if ( is_array( $data ) )
          {
              $ret = array( );
              foreach ( $data as $key => $value )
              {
                  $ret[$key] = prepare_template_output( $value );
              }
              return $ret;
          }
          if ( !is_numeric( $data ) )
          {
              $data = stripslashes( $data );
              $data = trim( $data );
              $data = htmlentities( $data );
          }
          return $data;
      }
      
      function ukDate( $inDate )
      {
          global $outDate;
          list( $uYear, $uMonth, $uDay ) = explode( "-", "{$inDate}" );
          $outDate = "{$uDay}-{$uMonth}-{$uYear}";
          return $outDate;
      }
      
      function write_cache( $f_cache_data, $f_cache_file )
      {
          if ( !( $fp = fopen( $f_cache_file, "w" ) ) )
          {
              trigger_error( "Error opening cache file" );
              exit( );
          }
          if ( !flock( $fp, LOCK_EX ) )
          {
              trigger_error( "Unable to lock file" );
              exit( );
          }
          if ( !fwrite( $fp, serialize( $f_cache_data ) ) )
          {
              trigger_error( "Error writing to cache file" );
              exit( );
          }
          flock( $fp, LOCK_UN );
          fclose( $fp );
      }
      
      function read_cache( $f_cache_file )
      {
          if ( !file_exists( $f_cache_file ) )
          {
              trigger_error( "Invalid cache file" );
              exit( );
          }
          return unserialize( file_get_contents( $f_cache_file ) );
      }
      
      function list_options( $arrayname, $mode )
      {
          global $row;
          global $row_2;
          $sarray = "";
          foreach ( $arrayname as $v )
          {
              if ( !isset( $row['salutation'] ) && $row['salutation'] == $v || isset( $row_2['salutation'] ) && $row_2['salutation'] == $v )
              {
                  if ( !isset( $mode ) )
                  {
                      echo "<option value=\"".$v."\" selected>{$v}</option>\n";
                  }
                  else
                  {
                      $sarray .= "<option value=\"".$v."\" selected>{$v}</option>\n";
                  }
              }
              else if ( !isset( $mode ) )
              {
                  echo "<option value=\"".$v."\">{$v}</option>\n";
              }
              else
              {
                  $sarray .= "<option value=\"".$v."\">{$v}</option>\n";
              }
          }
          return $sarray;
      }
      
      function genprevnext( $total_pages, $position, $nresults, $scriptis, $extras )
      {
          global $shopurl;
          global $seoFriend;
          global $connection;
          global $instdir;
          global $smode;
          if ( !empty( $smode ) )
          {
              $smodebits = "{$smode}/";
          }
          else
          {
              $smodebits = "";
          }
          if ( !empty( $_GET['smode'] ) )
          {
              $smodebits = "".htmlentities( $_GET['smode'] )."/";
          }
          else
          {
              $smodebits = "";
          }
          $disppages = intval( $total_pages / $nresults );
          if ( $total_pages % $nresults )
          {
              ++$disppages;
          }
          if ( $nresults <= $position )
          {
              $current_page_num = $position / $nresults + 1;
          }
          else
          {
              $current_page_num = 1;
          }
          $limit = $nresults;
          $stages = 3;
          $position = $position;
          $page = $position / $nresults + 1;
          if ( $page )
          {
              $start = ( $page - 1 ) * $limit;
          }
          else
          {
              $start = 0;
          }
          if ( $page == 0 )
          {
              $page = 1;
          }
          $prev = $page - 1;
          $next = $page + 1;
          $lastpage = ceil( $total_pages / $limit );
          $LastPagem1 = $lastpage - 1;
          $paginglinks = "";
          if ( 1 < $lastpage )
          {
              if ( 1 < $page )
              {
                  $prevoffset = $position - $nresults;
                  $paginate .= "<a href=\"".$scriptis."?position={$prevoffset}&nresults={$nresults}{$extras}\">&laquo; Prev</a>";
              }
              else
              {
                  $paginate .= "<span class='pagination-disabled'>&laquo; Prev</span>";
              }
              if ( $lastpage < 7 + $stages * 2 )
              {
                  $counter = 1;
                  for ( ; 
       
       $counter <= $lastpage; ++$counter )
                      {
                          $newoffset = $counter * $limit - $limit;
                          if ( $counter == $page )
                          {
                              $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>";
                          }
                          else
                          {
                              $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>";
                          }
                          break;
                      }
                  } while ( 1 );
              }
              else if ( 5 + $stages * 2 < $lastpage )
              {
                  if ( $page < 1 + $stages * 2 )
                  {
                      $counter = 1;
                      for ( ; $counter < 4 + $stages * 2; ++$counter )
                      {
                          $newoffset = $counter * $limit - $limit;
                          if ( $counter == $page )
                          {
                              $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>";
                          }
                          else
                          {
                              $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>";
                          }
                      }
                      $paginglinks .= "...";
                      $newoffsetlm1 = $LastPagem1 * $limit - $limit;
                      $newoffsetlp = $lastpage * $limit - $limit;
                      $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlm1}&nresults={$nresults}{$extras}\">{$LastPagem1}</a>";
                      $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlp}&nresults={$nresults}{$extras}\">{$lastpage}</a>";
                  }
                  else if ( $page < $lastpage - $stages * 2 && $stages * 2 < $page )
                  {
                      $paginglinks .= "<a href=\"".$scriptis."?position=0&nresults={$nresults}{$extras}\">1</a>";
                      $paginglinks .= "<a href=\"".$scriptis."?position={$limit}&nresults={$nresults}{$extras}\">2</a>";
                      $paginglinks .= "...";
                      $counter = $page - $stages;
                      for ( ; $counter <= $page + $stages; ++$counter )
                      {
                          $newoffset = $counter * $limit - $limit;
                          if ( $counter == $page )
                          {
                              $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>";
                          }
                          else
                          {
                              $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>";
                          }
                      }
                      $paginglinks .= "...";
                      $newoffsetlm1 = $LastPagem1 * $limit - $limit;
                      $newoffsetlp = $lastpage * $limit - $limit;
                      $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlm1}&nresults={$nresults}{$extras}\">{$LastPagem1}</a>";
                      $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlp}&nresults={$nresults}{$extras}\">{$lastpage}</a>";
                  }
                  else
                  {
                      $paginglinks .= "<a href=\"".$scriptis."?position=0&nresults={$nresults}{$extras}\">1</a>";
                      $paginglinks .= "<a href=\"".$scriptis."?position={$limit}&nresults={$nresults}{$extras}\">2</a>";
                      $paginglinks .= "...";
                      $counter = $lastpage - ( 2 + $stages * 2 );
                      for ( ; $counter <= $lastpage; ++$counter )
                      {
                          $newoffset = $counter * $limit - $limit;
                          if ( $counter == $page )
                          {
                              $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>";
                          }
                          else
                          {
                              $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>";
                          }
                      }
                  }
              }
              $paginate .= $paginglinks;
              if ( $page < $counter - 1 )
              {
                  $newoffset = $position + $nresults;
                  $paginate .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">Next &raquo;</a>";
              }
              else
              {
                  $paginate .= "<span class=\"pagination-disabled\">Next &raquo;</span>";
              }
          }
          if ( $nresults < $total_pages )
          {
              echo $paginate;
          }
      
      
      function buildCategorySelect( )
      {
          global $connection;
          global $category_id;
          $level = "0";
          $sql = "SELECT * from categories WHERE category_parent_id='deftl'";
          if ( !( $result = @mysql_query( $sql, $connection ) ) )
          {
              exit( "** COULD NOT BUILD CATEGORY DROP DOWN ** ".mysql_error( ) );
          }
          while ( $row = mysql_fetch_array( $result ) )
          {
              $parent = "{$row['category_id']}";
              $row[category_name] = stripslashes( "{$row['category_name']}" );
              if ( $category_id == $row[category_id] )
              {
                  echo "<option value=\"".$row['category_id']."\" selected>+ {$row['category_name']}</option>\n";
              }
              else
              {
                  echo "<option value=\"".$row['category_id']."\">+ {$row['category_name']}</option>\n";
              }
              getchildren( $parent, $level );
          }
      }
      
      function getChildren( $parent, $level )
      {
          global $connection;
          global $category_id;
          ++$level;
          if ( !ctype_digit( $parent ) )
          {
              $parent = "";
          }
          $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."' order by category_name";
          if ( !( $result1 = @mysql_query( $sql1, $connection ) ) )
          {
              exit( "Couldn't build category tree child part: ".mysql_error( ) );
          }
          while ( $row1 = mysql_fetch_array( $result1 ) )
          {
              $parent = "{$row1['category_id']}";
              if ( $category_id == $row1[category_id] )
              {
                  echo "<option value=\"".$row1['category_id']."\" selected>";
              }
              else
              {
                  echo "<option value=\"".$row1['category_id']."\">";
              }
              $i = 0;
              for ( ; $i < $level; ++$i )
              {
                  echo " ";
              }
              echo "|--[".$level."]";
              echo " ".$row1['category_name']."</option>\n";
              getchildren( $parent, $level );
          }
      }
      
      function getChildrenSEL( $parent, $myparent, $level )
      {
          global $connection;
          global $https;
          global $category_id;
          ++$level;
          if ( !ctype_digit( $parent ) )
          {
              $parent = "";
          }
          $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."' order by category_name";
          if ( !( $result1 = @mysql_query( $sql1, $connection ) ) )
          {
              exit( "Couldn't build category tree child part: ".mysql_error( ) );
          }
          while ( $row1 = mysql_fetch_array( $result1 ) )
          {
              $parent = "{$row1['category_id']}";
              if ( $myparent == $row1[category_id] )
              {
                  echo "<option value=\"".$row1['category_id']."\" selected>";
              }
              else if ( $category_id == $row1[category_id] )
              {
                  echo "<option value=\"deftl\">";
              }
              else
              {
                  echo "<option value=\"".$row1['category_id']."\">";
              }
              $i = 0;
              for ( ; $i < $level; ++$i )
              {
                  echo " ";
              }
              echo "|".$level."|";
              echo "{$row1['category_name']}</option>\n";
              getchildrensel( $parent, $myparent, $level );
          }
      }
      
      function makeCategoryMap( )
      {
          global $connection;
          global $adminurl;
          $level = "0";
          $sql = "SELECT * from categories WHERE category_parent_id='deftl'";
          if ( !( $result = @mysql_query( $sql, $connection ) ) )
          {
              exit( "Couldn't build category tree parent part: ".mysql_error( ) );
          }
          while ( $row = mysql_fetch_array( $result ) )
          {
              $parent = "{$row['category_id']}";
              $sql3 = "SELECT product_id from products WHERE category_id='".$parent."'";
              if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
              {
                  exit( "Couldn't get data from products db" );
              }
              $numrows = mysql_num_rows( $result3 );
              if ( $numrows < 1 )
              {
                  $linker = "";
              }
              else
              {
                  $linker = "<input type=\"button\" class=\"list\" onclick=\"location.href='".$adminurl."products/productlist.php?category_id={$row['category_id']}'\" value=\"Products ({$numrows})\" />";
              }
              $row[category_name] = stripslashes( "{$row['category_name']}" );
              echo "<tr>\n\t\t\t\t<td> + <a href=\"".$adminurl."products/editcategory.php?category_id={$row['category_id']}\" title=\"{$row['category_desc']}\">{$row['category_name']}</a> </td>\n\t\t\t\t<td>";
              if ( $row[category_publish] == Y )
              {
                  echo "<input type=\"button\" class=\"deactivate\" value=\"(click to deactivate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row['category_id']}&act=N'\" />";
              }
              else
              {
                  echo "<input type=\"button\" class=\"activate\" value=\"(click to activate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row['category_id']}&act=Y'\" />";
              }
              echo "</td>\n\t\t\t\t<td> <input type=\"button\" class=\"add\" onclick=\"location.href='".$adminurl."products/addproduct.php?category_id={$row['category_id']}'\" value=\"Add\" /> {$linker} </td>\n\t\t\t\t<td> <input type=\"button\" class=\"edit\" onclick=\"location.href='{$adminurl}products/editcategory.php?category_id={$row['category_id']}'\" value=\"Edit\" /> <input type=\"button\" class=\"delete\" value=\"DELETE\" onclick='usr_conf(\"{$adminurl}products/bin/deletecategory.php\",\"category_id={$row['category_id']}\",\"Are you sure you want to delete this category?\");' /> </td>\n\t\t\t</tr>\n";
              getchildrenlist( $parent, $level );
          }
      }
      
      function getChildrenList( $parent, $level )
      {
          global $connection;
          global $adminurl;
          ++$level;
          $where_in_level = "0";
          if ( !ctype_digit( $parent ) )
          {
              $parent = "";
          }
          $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."'";
          if ( !( $result1 = @mysql_query( $sql1, $connection ) ) )
          {
              exit( "Couldn't build category tree child part: ".mysql_error( ) );
          }
          while ( $row1 = mysql_fetch_array( $result1 ) )
          {
              ++$where_in_level;
              $parent = "{$row1['category_id']}";
              $level_indent = $level - 1;
              $i = 0;
              for ( ; $i < $level_indent; ++$i )
              {
                  echo " ";
              }
              if ( $last_level == $level )
              {
                  echo " ";
              }
              else
              {
                  echo " ";
              }
              $i = 0;
              for ( ; $i < $level; ++$i )
              {
                  echo " ";
              }
              $sql3 = "SELECT product_id from products WHERE category_id='".$parent."'";
              if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
              {
                  exit( "Couldn't get data from products db" );
              }
              $numrows = mysql_num_rows( $result3 );
              if ( $numrows < 1 )
              {
                  $linker = "";
              }
              else
              {
                  $linker = "<input type=\"button\" class=\"list\" onclick=\"location.href='".$adminurl."products/productlist.php?category_id={$row1['category_id']}'\" value=\"Products ({$numrows})\" />";
              }
              echo "\t<tr>\n\t\t<td> &raquo; (".$level.") <a href=\"{$adminurl}products/editcategory.php?category_id={$row1['category_id']}\" title=\"{$row1['category_desc']}\">{$row1['category_name']}</a></td>\n\t\t\t<td>";
              if ( $row1[category_publish] == Y )
              {
                  echo "<input type=\"button\" class=\"deactivate\" value=\"(click to deactivate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row1['category_id']}&act=N'\" />";
              }
              else
              {
                  echo "<input type=\"button\" class=\"activate\" value=\"(click to activate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row1['category_id']}&act=Y'\" />";
              }
              echo "</td> \n\t\t\t<td><input type=\"button\" class=\"add\" onclick=\"location.href='".$adminurl."products/addproduct.php?category_id={$row1['category_id']}'\" value=\"Add\" /> {$linker}</td>\n\t\t\t<td> <input type=\"button\" class=\"edit\" onclick=\"location.href='{$adminurl}products/editcategory.php?category_id={$row1['category_id']}'\" value=\"Edit\" /> <input type=\"button\" class=\"delete\" value=\"DELETE\" onclick='usr_conf(\"{$adminurl}products/bin/deletecategory.php\",\"category_id={$row1['category_id']}\",\"Are you sure you want to delete this category?\");' /></td>\n\t</tr>\n";
              getchildrenlist( $parent, $level );
              $last_level = $level;
          }
      }
      
      function productcheckcategories( )
      {
          global $connection;
          global $oktoadd;
          $sql3 = "SELECT * from categories";
          if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
          {
              exit( "Couldn't get data from category db" );
          }
          $numrows = mysql_num_rows( $result3 );
          if ( 1 <= $numrows )
          {
              $oktoadd = "Y";
          }
      }
      
      function countrycompareDD( $country_dd )
      {
          global $connection;
          echo "<select name=\"country\">";
          $sql3 = "SELECT country_short, country_long from country WHERE zone_id !='0'";
          if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
          {
              exit( "Couldn't execute request 1" );
          }
          while ( $row3 = mysql_fetch_array( $result3 ) )
          {
              if ( $row3[country_short] == $country_dd )
              {
                  echo "<option value=\"".$row3['country_short']."\" selected>{$row3['country_long']}</option>\n";
              }
              else
              {
                  echo "<option value=\"".$row3['country_short']."\">{$row3['country_long']}</option>\n";
              }
          }
          echo "</select>";
      }
      
      function alternatecolour( $level )
      {
          global $altclass;
          $class_1 = " class=altlight";
          $class_2 = " class=altdark";
          $altclass = $class_1;
          $level % 2 ? 0 : ( $altclass = $class_2 );
      }
      
      function check_email_address( $email )
      {
          if ( !preg_match( "/[^@]{1,64}@[^@]{1,255}/i", $email ) )
          {
              return FALSE;
          }
          $email_array = explode( "@", $email );
          $local_array = explode( ".", $email_array[0] );
          $i = 0;
          for ( ; $i < sizeof( $local_array ); ++$i )
          {
              if ( preg_match( ">^(([A-Za-z0-9!#\$%&'*+/=?^_`{|}~-][A-Za-z0-9!#\$%&'*+/=?^_`{|}~\\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))\$>i", $local_array[$i] ) )
              {
                  continue;
              }
              return FALSE;
          }
          if ( !preg_match( "/^\\[?[0-9\\.]+\\]?\$/i", $email_array[1] ) )
          {
              $domain_array = explode( ".", $email_array[1] );
              if ( sizeof( $domain_array ) < 2 )
              {
                  return FALSE;
              }
              $i = 0;
              for ( ; $i < sizeof( $domain_array ); ++$i )
              {
                  if ( preg_match( "/^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))\$/i", $domain_array[$i] ) )
                  {
                      continue;
                  }
                  return FALSE;
              }
          }
          return TRUE;
      }
      
      if ( get_magic_quotes_gpc( ) )
      {
          $in = array(
              $GLOBALS['_GET'],
              $GLOBALS['_POST'],
              $GLOBALS['_COOKIE']
          );
          while ( list( $k, $v ) = each( &$in ) )
          {
              foreach ( $v as $key => $val )
              {
                  if ( !is_array( $val ) )
                  {
                      $in[$k][$key] = stripslashes( $val );
                  }
                  else
                  {
                      $in[] =& $in[$k][$key];
                  }
              }
          }
          unset( $in );
      }
      if ( isset( $_POST ) || isset( $_GET ) )
      {
          $in = array(
              $GLOBALS['_GET'],
              $GLOBALS['_POST']
          );
          while ( list( $k, $v ) = each( &$in ) )
          {
              foreach ( $v as $key => $val )
              {
                  if ( !is_array( $val ) )
                  {
                      if ( ( $key == "txtContent" || $key == "category_desc" || !( $key == "metaadd" ) && !( $admin_ok_check == $_SESSION[admin_ok] ) ) || !preg_match( "/".$adminDir."/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/paypalcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/updatecurrency.php/", "{$_SERVER['PHP_SELF']}" ) )
                      {
                          if ( !preg_match( "/createcurrency.php/", "{$_SERVER['PHP_SELF']}" ) )
                          {
                              $val = preg_replace( "/\\s+/", " ", $val );
                              $in[$k][$key] = htmlentities( trim( $val ) );
                          }
                      }
                  }
                  else
                  {
                      $in[] =& $in[$k][$key];
                  }
              }
          }
          unset( $in );
      }
      $sYear = "2007";
      $cwd = dirname( __FILE__ );
      $instdir = str_replace( "private", "", "{$cwd}" );
      include( "{$instdir}private/config.php" );
      include( "{$instdir}private/cache.php" );
      include( "{$instdir}private/pca_config.php" );
      if ( empty( $shopurl ) )
      {
          header( "Location: install/" );
          exit( );
      }
      include( "{$instdir}private/db_connect.php" );
      include( "{$instdir}private/messages.php" );
      include( "{$instdir}private/shop_messages.php" );
      $s_cache_file = "{$sscache_dir}key.txt";
      if ( $sscache == "Y" && file_exists( $s_cache_file ) && time( ) - $sscache_exp < filemtime( $s_cache_file ) )
      {
          $s_cache_data = read_cache( $s_cache_file );
      }
      else
      {
          $sql = "SELECT copyRightKey,domainName FROM shop_settings";
          if ( !( $result = @mysql_query( $sql, $connection ) ) )
          {
              exit( "**COULD NOT GET COPYRIGHT KEYS**" );
          }
          while ( $row = mysql_fetch_array( $result ) )
          {
              $s_cache_data[] = $row;
          }
          if ( "".$sscache."" == "Y" && isset( $s_cache_data ) )
          {
              write_cache( $s_cache_data, $s_cache_file );
          }
      }
      if ( isset( $s_cache_data ) )
      {
          foreach ( $s_cache_data as $key => $row )
          {
              $copyRightCode = "{$row['copyRightKey']}";
              $domainName = "{$row['domainName']}";
          }
          $s_cache_data = "";
      }
      $stylish = array( "tuxdiscs.com_CC66BD976A919DBA1D389EA030F1C98E", "homeheatgas.co.uk_7E3987914C37A595611AA2B02647AB3E", "htcshop.co.uk_D1463A8E25B25DBBF2828A05F1A4C786", "creativegiftcompany.co.uk_A0084DC13CAD4EF04745341D7B2859A0", "satnavnow.com_CB37C0E975D7C997C02DD8C2A903CCCE", "officesource.co.uk_D1F94EC11C220D3607897126CF0FC60B", "snapitshowit.com_EA669BA712152AC7604824CC4C821810", "englandathome.co.uk_FA3831E23466E7B22D4A17076C0795FC", "ellisofficefurniture.co.uk_B36B5A3FBEB39CF965EDE33C4F6607EE", "myweddingbox.co.uk_4856BFB9DBF37F90C0FA492CE087154E", "dukkaan.net_AA339C99F82BCD6C7DB0CB38A1A2D35C", "sosophisticated.co.uk_524D866DF422AB6211030E0400408957", "pure-beauty.co.uk_8DF947D81601F80C75A6109FD8E14DDA", "pure-beauty_31B643B484171B66354FC78FB2C272AA", "goodiessweetshop.co.uk_77489A3F2430FB4AF433250B9BFF9F71", "whiskcooking.co.uk_DDEB2054E47603FA9183BF8C91FD703D", "bodychef.co.uk_9F2D61781FA3B2F70EFDD3992604A551", "athenaflooring.co.uk_E7D0D322B5F23A3A2BFBB010001AB21B", "partyshop-mold.co.uk_41E26ED3FA379384B2EB103F60EDD059", "thegolfzone.net_86A65F7F8E7355649A4BA1B78462A60B", "littlereddogshop.co.uk_03B59361FD76EC594037262FEB44EAD3", "furnituregiant.co.uk_8C2C781A7C590FF3239182ED3DC24368", "dancevinyls.com_0999AB3CEAF33D53C7599BF2AFB9D804", "brainegg.com_A76ADAE00F80DA87C83C1C6B7939809E", "mrbates.co.uk_B24D6A529B75FD6BC256EB4FF8FAA28A", "metrosales.co.uk_3F507226A07DF97E8DAD87FED2BD7C25", "2pic1.co.uk_2FD2A963331EE04AFE7882AC447F3D53", "thingsonline.co.uk_340520B537817C03E4EEE71765A9769D", "tenpinshop.com_9ACBC1B6E153F74E2E8D58DF4AFFFE37", "drakepneumatics.co.uk_282A7137E3AAA0E7FA1A3A8E42899C49", "ipendpoints.co.uk_7470912986F50101ED255A5AF8679DB3" );
      $admin_dirs = array( "settings", "orders", "newsletter", "reports", "shoppers", "products", "content" );
      $mtta = array( "mail", "smtp" );
      $ppgfields = array( "ppemail", "ppmerchantid", "ppsecret", "pptestmode", "ppinstid", "ppintip", "ppextip", "ppgiftaid", "ppApply3DSecure", "ppApplyAVSCV2", "ppauthmode", "ppsignature" );
      $category_style = array( "List with Thumbnail", "List no Thumbnail", "Grid" );
      $category_sort_order = array( "Alphabetical", "Newest Items First", "Newest Items Last", "Featured Items First", "Custom Sort", "Price Low - High", "Price High - Low" );
      $sf_style = array( "List", "Grid" );
      $sf_sort_order = array( "Alphabetical", "By ID", "Randomised" );
      $cf_sort_order = array( "Alphabetical", "By ID", "Custom" );
      $allow_next = array( "selectdeliveryaddress.php", "revieworder.php", "reviewproduct.php", "revieworder.php?clearptid=Y", "orders.php" );
      if ( $_GET[next] && !in_array( "{$_GET['next']}", $allow_next ) )
      {
          echo "Not allowed!";
          exit( );
      }
      if ( !ctype_digit( $_GET[cmsid] ) )
      {
          $GLOBALS['_GET'][cmsid] = "";
      }
      $GLOBALS['_GET'][cmsid] = mysql_real_escape_string( "{$_GET['cmsid']}" );
      if ( !ctype_digit( $_GET[category_id] ) )
      {
          $GLOBALS['_GET'][category_id] = "";
      }
      $GLOBALS['_GET'][category_id] = mysql_real_escape_string( "{$_GET['category_id']}" );
      if ( !ctype_digit( $_GET[product_id] ) )
      {
          $GLOBALS['_GET'][product_id] = "";
      }
      $GLOBALS['_GET'][product_id] = mysql_real_escape_string( "{$_GET['product_id']}" );
      if ( !ctype_digit( $_GET[product_xo_id] ) )
      {
          $GLOBALS['_GET'][product_xo_id] = "";
      }
      $GLOBALS['_GET'][product_xo_id] = mysql_real_escape_string( "{$_GET['product_xo_id']}" );
      if ( !ctype_digit( $_GET[o_id] ) )
      {
          $GLOBALS['_GET'][o_id] = "";
      }
      $GLOBALS['_GET'][o_id] = mysql_real_escape_string( "{$_GET['o_id']}" );
      if ( !ctype_digit( $_GET[p_id] ) )
      {
          $GLOBALS['_GET'][p_id] = "";
      }
      $GLOBALS['_GET'][p_id] = mysql_real_escape_string( "{$_GET['p_id']}" );
      if ( !ctype_digit( $_GET[a_id] ) )
      {
          $GLOBALS['_GET'][a_id] = "";
      }
      $GLOBALS['_GET'][a_id] = mysql_real_escape_string( "{$_GET['a_id']}" );
      $GLOBALS['_POST'][query_string] = mysql_real_escape_string( "{$_POST['query_string']}" );
      if ( !ctype_digit( $_POST[pre_xo_id] ) )
      {
          $GLOBALS['_POST'][pre_xo_id] = "";
      }
      $GLOBALS['_POST'][pre_xo_id] = mysql_real_escape_string( "{$_POST['pre_xo_id']}" );
      if ( !ctype_digit( $_POST[p_id] ) )
      {
          $GLOBALS['_POST'][p_id] = "";
      }
      $GLOBALS['_POST'][p_id] = mysql_real_escape_string( "{$_POST['p_id']}" );
      if ( !ctype_digit( $_POST[qty] ) )
      {
          $GLOBALS['_POST'][qty] = "";
      }
      $GLOBALS['_POST'][qty] = mysql_real_escape_string( "{$_POST['qty']}" );
      $GLOBALS['_POST'][loginemail] = mysql_real_escape_string( "{$_POST['loginemail']}" );
      $GLOBALS['_POST'][loginpass] = mysql_real_escape_string( "{$_POST['loginpass']}" );
      if ( $_POST[mail_outs] != "Y" && $_POST[mail_outs] != "N" )
      {
          $GLOBALS['_POST'][mail_outs] = "Y";
      }
      $GLOBALS['_POST'][mail_outs] = mysql_real_escape_string( "{$_POST['mail_outs']}" );
      $GLOBALS['_POST'][old_password] = mysql_real_escape_string( "{$_POST['old_password']}" );
      $GLOBALS['_POST'][confirm_password] = mysql_real_escape_string( "{$_POST['confirm_password']}" );
      $search = array( "@<script[^>]*?>.*?</script>@si", "@<[\\/\\!]*?[^<>]*?>@si", "@&(quot|#34);@i", "@&(amp|#38);@i", "@&(lt|#60);@i", "@&(gt|#62);@i", "@&(nbsp|#160);@i", "@&(iexcl|#161);@i", "@&(cent|#162);@i", "@&(pound|#163);@i", "@&(copy|#169);@i", "@&#(\\d+);@e" );
      $replace = array(
          "",
          "",
          "\\1",
          "\"",
          "&",
          "<",
          ">",
          " ",
          chr( 161 ),
          chr( 162 ),
          chr( 163 ),
          chr( 169 ),
          "chr(\\1)"
      );
      $GLOBALS['_POST'][company] = mysql_real_escape_string( "{$_POST['company']}" );
      $GLOBALS['_POST'][company] = mysql_real_escape_string( "{$_POST['company']}" );
      $GLOBALS['_POST'][company] = preg_replace( $search, $replace, $_POST[company] );
      $GLOBALS['_POST'][first_name] = mysql_real_escape_string( "{$_POST['first_name']}" );
      $GLOBALS['_POST'][first_name] = preg_replace( $search, $replace, $_POST[first_name] );
      $GLOBALS['_POST'][last_name] = mysql_real_escape_string( "{$_POST['last_name']}" );
      $GLOBALS['_POST'][last_name] = preg_replace( $search, $replace, $_POST[last_name] );
      $GLOBALS['_POST'][email] = mysql_real_escape_string( "{$_POST['email']}" );
      $GLOBALS['_POST'][email] = preg_replace( $search, $replace, $_POST[email] );
      $GLOBALS['_POST'][no_name] = mysql_real_escape_string( "{$_POST['no_name']}" );
      $GLOBALS['_POST'][no_name] = preg_replace( $search, $replace, $_POST[no_name] );
      $GLOBALS['_POST'][street] = mysql_real_escape_string( "{$_POST['street']}" );
      $GLOBALS['_POST'][street] = preg_replace( $search, $replace, $_POST[street] );
      $GLOBALS['_POST'][town] = mysql_real_escape_string( "{$_POST['town']}" );
      $GLOBALS['_POST'][town] = preg_replace( $search, $replace, $_POST[town] );
      $GLOBALS['_POST'][county] = mysql_real_escape_string( "{$_POST['county']}" );
      $GLOBALS['_POST'][county] = preg_replace( $search, $replace, $_POST[county] );
      $GLOBALS['_POST'][postcode] = mysql_real_escape_string( "{$_POST['postcode']}" );
      $GLOBALS['_POST'][postcode] = preg_replace( $search, $replace, $_POST[postcode] );
      $GLOBALS['_POST'][country] = mysql_real_escape_string( "{$_POST['country']}" );
      $GLOBALS['_POST'][country] = preg_replace( $search, $replace, $_POST[country] );
      $GLOBALS['_POST'][day_tel] = mysql_real_escape_string( "{$_POST['day_tel']}" );
      $GLOBALS['_POST'][day_tel] = preg_replace( $search, $replace, $_POST[day_tel] );
      $GLOBALS['_POST'][eve_tel] = mysql_real_escape_string( "{$_POST['eve_tel']}" );
      $GLOBALS['_POST'][eve_tel] = preg_replace( $search, $replace, $_POST[eve_tel] );
      $GLOBALS['_POST'][mobile] = mysql_real_escape_string( "{$_POST['mobile']}" );
      $GLOBALS['_POST'][mobile] = preg_replace( $search, $replace, $_POST[mobile] );
      $GLOBALS['_POST'][fax] = mysql_real_escape_string( "{$_POST['fax']}" );
      $GLOBALS['_POST'][fax] = preg_replace( $search, $replace, $_POST[fax] );
      $GLOBALS['_POST'][emailaddress] = mysql_real_escape_string( "{$_POST['emailaddress']}" );
      $GLOBALS['_POST'][emailaddress] = preg_replace( $search, $replace, $_POST[emailaddress] );
      $GLOBALS['_POST'][password] = mysql_real_escape_string( "{$_POST['password']}" );
      $GLOBALS['_POST'][password] = preg_replace( $search, $replace, $_POST[password] );
      $GLOBALS['_POST'][review] = mysql_real_escape_string( "{$_POST['review']}" );
      $GLOBALS['_POST'][review] = preg_replace( $search, $replace, $_POST[review] );
      $GLOBALS['_POST'][rating] = mysql_real_escape_string( "{$_POST['rating']}" );
      $GLOBALS['_POST'][rating] = preg_replace( $search, $replace, $_POST[rating] );
      $GLOBALS['_POST'][smode] = mysql_real_escape_string( "{$_POST['smode']}" );
      $GLOBALS['_POST'][smode] = preg_replace( $search, $replace, $_POST[smode] );
      if ( !ctype_digit( $_POST[ship_addr] ) )
      {
          $GLOBALS['_POST'][ship_addr] = "";
      }
      $GLOBALS['_POST'][ship_addr] = mysql_real_escape_string( "{$_POST['ship_addr']}" );
      $GLOBALS['_POST'][ship_addr] = preg_replace( $search, $replace, $_POST[ship_addr] );
      if ( !ctype_digit( $_GET[ship_addr] ) )
      {
          $GLOBALS['_GET'][ship_addr] = "";
      }
      $GLOBALS['_GET'][ship_addr] = mysql_real_escape_string( "{$_GET['ship_addr']}" );
      $GLOBALS['_GET'][ship_addr] = preg_replace( $search, $replace, $_GET[ship_addr] );
      if ( $_GET['sssess'] )
      {
          session_id( $_GET['sssess'] );
      }
      session_start( );
      header( "cache-control: private" );
      if ( isset( $_GET['redeempoints'] ) && $_GET['redeempoints'] == "Y" )
      {
          $_SESSION['redeemer'] = "Y";
      }
      if ( $_POST['purchaseorder'] )
      {
          $_SESSION['po'] = mysql_real_escape_string( "{$_POST['purchaseorder']}" );
      }
      if ( !$_SESSION['loginemail'] )
      {
          $_SESSION['loginemail'] = "noemail@email";
      }
      if ( !$_SESSION['adminemail'] )
      {
          $_SESSION['adminemail'] = "noadmin@email";
      }
      if ( !empty( $_POST['discode'] ) )
      {
          $_SESSION['discode'] = htmlentities( trim( $_POST['discode'] ) );
      }
      $auth_ok_check = md5( "{$_SESSION['loginemail']}.{$hash}" );
      $admin_ok_check = md5( "{$_SESSION['adminemail']}.{$hash}" );
      if ( isset( $_GET['oidref'] ) )
      {
          $GLOBALS['_GET']['oidref'] = mysql_real_escape_string( $_GET['oidref'] );
          $sql = "SELECT o_id FROM order_list WHERE ref='".$_GET['oidref']."' AND unh='{$_GET['oidref']}'";
          if ( !( $result = @mysql_query( $sql, $connection ) ) )
          {
              exit( "**COULD NOT GET COPYRIGHT KEYS**" );
          }
          if ( $row = mysql_fetch_array( $result ) )
          {
              $_SESSION['unh'] = $_GET['oidref'];
              header( "location: ".$sshopurl."orderdetails_os.php?o_id={$row['o_id']}" );
              exit( );
          }
          if ( $_SESSION['auth_ok'] == $auth_ok_check )
          {
              header( "location: ".$sshopurl."secure/orders.php" );
              exit( );
          }
          header( "location: ".$sshopurl."secure/login.php?next=orders.php" );
          exit( );
      }
      if ( preg_match( "/secure/", "{$_SERVER['PHP_SELF']}" ) && !preg_match( "/cardsavehostedredirectcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/charityclearcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/forgetful.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/ewayukcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/ewaynzcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/sagepay/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/sagepayformcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/sagepayservercallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/getpassword.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/realexcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/totalwebsolutionsecommerchantcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/doqreg.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/qreg.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/paypointmetachargecallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/voicepaycallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/secpaysecpagecallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/vps_handle_protx_response.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/protx/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/protxformcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/protxcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/worldpaycallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/securetradingcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/barclayscpicallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/paypalcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/moneybookerscallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/nochexcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/offlinecallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/doregister.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/register.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/doprereg.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/login.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/dologin.php/", "{$_SERVER['PHP_SELF']}" ) )
      {
          if ( $auth_ok_check != $_SESSION['auth_ok'] )
          {
              header('Location:'.$shopurl.'/secure/login.php?next='.$_GET['next'].'&amp;shk&amp;p='.$_SERVER['PHP_SELF']);
              exit;
          }
          if ( preg_match('/secure/i', $_SERVER['PHP_SELF'] ) )
          {
              $isaccount = 1;
          }
      }
      if ( preg_match('/'.$adminDir.'/i', $_SERVER['PHP_SELF'] ) && !preg_match('/adlogin.php/i', $_SERVER['PHP_SELF']) || !preg_match('/forgetful.php/i', $_SERVER['PHP_SELF']))
      {
          if ( $admin_ok_check != $_SESSION['admin_ok'] )
          {
              header('Location:'.$adminurl.'/adlogin.php');
              exit;
          }
          if (preg_match('/'.$adminDir.'/i', $_SERVER['PHP_SELF'] ) )
          {
              $isadmin = 1;
          }
      }
      $noadirs = count( $admin_dirs );
      $i = 0;
      for ( ; $i <= $noadirs; ++$i )
      {
          if (!preg_match("/admin\\/".$admin_dirs[$i]."/i", $_SERVER['PHP_SELF'] ) && preg_match("/".$admin_dirs[$i]."/i", $_SESSION['admin_type']))
          {
              continue;
          }
          header('Location:'.$adminurl.'/perms.php?noperm='.$admin_dirs[$i]);
          exit;
      }  
      if ( !$_SESSION['shopper_type'] )
      {
          $_SESSION['shopper_type'] = "1";
      }
      if ( $_GET['setcurrency'] == "1" )
      {
          if ( ctype_digit( $_GET['new_currency_id'] ) )
          {
              $GLOBALS['_POST']['new_currency_id'] = $_GET['new_currency_id'];
          }
          if ( ctype_digit( $_POST['new_currency_id'] ) )
          {
              $sql3 = "SELECT currency_id from currency WHERE currency_id='".$_POST['new_currency_id']."'";
              if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
              {
                  exit( "Couldn't check for valid currency" );
              }
              while ( $row3 = mysql_fetch_array( $result3 ) )
              {
                  $_SESSION['currency_id'] = $row3['currency_id'];
              }
          }
      }
      if ( $_GET['clearptid'] == "Y" )
      {
          unset( $_SESSION['ptid'] );
      }
      if ( $_GET[selectpostage] == 1 )
      {
          if ( $_POST[selptid] == Free || $_POST[selptid] == free )
          {
              unset( $_SESSION['ptid'] );
          }
          else if ( isset( $_POST[selptid] ) )
          {
              $_SESSION['ptid'] = $_POST[selptid];
          }
          else
          {
              unset( $_SESSION['ptid'] );
          }
          $GLOBALS['_POST'][selptid] = mysql_real_escape_string( $_POST[selptid] );
          $sql1 = "UPDATE basket SET ptid='".$_POST['selptid']."' WHERE session_id='".session_id( )."'";
          if ( !( $result1 = @mysql_query( $sql1, $connection ) ) )
          {
              exit( "Couldn't execute request 1" );
          }
      }
      ?>

      Comment


        #4
        it's your host problem.it doesn't support this ---->>>> header('Location:.. etc (php header)

        Comment

        Working...
        X