= '5.1' && !empty($timezone)) { date_default_timezone_set($timezone); } if (isset($_SERVER['PHP_SELF'])) { define('PHP_SELF', $_SERVER['PHP_SELF']); } else { define('PHP_SELF', $_SERVER['SCRIPT_NAME']); } require(ROOT_PATH . 'includes/inc_constant.php'); require(ROOT_PATH . 'includes/cls_ecshop.php'); require(ROOT_PATH . 'includes/cls_error.php'); require(ROOT_PATH . 'includes/lib_time.php'); require(ROOT_PATH . 'includes/lib_base.php'); require(ROOT_PATH . 'includes/lib_common.php'); require(ROOT_PATH . 'includes/lib_supplier_common.php'); require(ROOT_PATH . ADMIN_PATH . '/includes/lib_main.php'); require(ROOT_PATH . ADMIN_PATH . '/includes/cls_exchange.php'); /* 对用户传入的变量进行转义操作。*/ if (!get_magic_quotes_gpc()) { if (!empty($_GET)) { $_GET = addslashes_deep($_GET); } if (!empty($_POST)) { $_POST = addslashes_deep($_POST); } $_COOKIE = addslashes_deep($_COOKIE); $_REQUEST = addslashes_deep($_REQUEST); } /* 对路径进行安全处理 */ if (strpos(PHP_SELF, '.php/') !== false) { ecs_header("Location:" . substr(PHP_SELF, 0, strpos(PHP_SELF, '.php/') + 4) . "\n"); exit(); } $ecs = new ECS($db_name, $prefix); define('DATA_DIR', $ecs->data_dir()); define('IMAGE_DIR', $ecs->image_dir()); /* 初始化数据库类 */ require(ROOT_PATH . 'includes/cls_mysql.php'); $db = new cls_mysql($db_host, $db_user, $db_pass, $db_name); $db_host = $db_user = $db_pass = $db_name = NULL; /* 创建错误处理对象 */ $err = new ecs_error('message.htm'); /* 初始化session */ //require(ROOT_PATH . 'includes/cls_session.php'); //$sess = new cls_session($db, $ecs->table('sessions'), $ecs->table('sessions_data'), 'ECSCP_ID'); session_start(); /* 初始化 action */ if (!isset($_REQUEST['act'])) { $_REQUEST['act'] = ''; } elseif (($_REQUEST['act'] == 'login' || $_REQUEST['act'] == 'logout' || $_REQUEST['act'] == 'signin' || $_REQUEST['act'] == 'rsignin') && strpos(PHP_SELF, '/privilege.php') === false) { $_REQUEST['act'] = ''; } elseif (($_REQUEST['act'] == 'forget_pwd' || $_REQUEST['act'] == 'reset_pwd' || $_REQUEST['act'] == 'get_pwd') && strpos(PHP_SELF, '/get_password.php') === false) { $_REQUEST['act'] = ''; } /* 载入系统参数 */ $_CFG = array_merge(load_config(),load_config_supplier()); // TODO : 登录部分准备拿出去做，到时候把以下操作一起挪过去 if ($_REQUEST['act'] == 'captcha') { include(ROOT_PATH . 'includes/cls_captcha.php'); $img = new captcha('../data/captcha/'); @ob_end_clean(); //清除之前出现的多余输入 $img->generate_image(); exit; } require(ROOT_PATH . 'languages/' .$_CFG['lang']. '/back/common.php'); require(ROOT_PATH . 'languages/' .$_CFG['lang']. '/back/log_action.php'); if (file_exists(ROOT_PATH . 'languages/' . $_CFG['lang'] . '/back/' . basename(PHP_SELF))) { include(ROOT_PATH . 'languages/' . $_CFG['lang'] . '/back/' . basename(PHP_SELF)); } if (!file_exists('../temp/caches')) { @mkdir('../temp/caches', 0777); @chmod('../temp/caches', 0777); } if (!file_exists('../temp/compiled/agent')) { @mkdir('../temp/compiled/agent', 0777); @chmod('../temp/compiled/agent', 0777); } clearstatcache(); /* 如果有新版本，升级 */ if (!isset($_CFG['ecs_version'])) { $_CFG['ecs_version'] = 'v2.0.5'; } /* 创建 Smarty 对象。*/ require(ROOT_PATH . 'includes/cls_template.php'); $smarty = new cls_template; $smarty->template_dir = ROOT_PATH . ADMIN_PATH . '/templates'; $smarty->compile_dir = ROOT_PATH . 'temp/compiled/agent'; if ((DEBUG_MODE & 2) == 2) { $smarty->force_compile = true; } $smarty->assign('lang', $_LANG); if(isset($_CFG['enable_order_check'])) // 为了从旧版本顺利升级到2.5.0 { $smarty->assign('enable_order_check', $_CFG['enable_order_check']); } else { $smarty->assign('enable_order_check', 0); } /* 验证管理员身份 */ if ((!isset($_SESSION['user_id']) || intval($_SESSION['user_id']) <= 0) && $_REQUEST['act'] != 'login' && $_REQUEST['act'] != 'signin' && $_REQUEST['act'] != 'rsignin') { /* session 不存在，检查cookie */ if (!empty($_COOKIE['ECSCP']['user_id']) && !empty($_COOKIE['ECSCP']['user_pass'])) { $sql = 'SELECT * ' . ' FROM ' .$ecs->table('users') . " WHERE user_id = '" . intval($_COOKIE['ECSCP']['user_id']) . "'"; $row = $db->GetRow($sql); if (!$row) { // 没有找到这个记录 setcookie($_COOKIE['ECSCP']['user_id'], '', 1); setcookie($_COOKIE['ECSCP']['user_pass'], '', 1); if (!empty($_REQUEST['is_ajax'])) { make_json_error($_LANG['priv_error']); } else { // echo '231'; // exit; ecs_header("Location: privilege.php?act=login\n"); } exit; } else { // 检查密码是否正确 if (md5($row['password'] . $_CFG['hash_code']) == $_COOKIE['ECSCP']['user_pass']) { !isset($row['last_time']) && $row['last_time'] = ''; $_SESSION['user_id'] = $row['user_id']; $_SESSION['user_name'] = $row['user_name']; // set_admin_session($row['user_id'], $row['user_name'], $row['action_list'], $row['last_time']); // 更新最后登录时间和IP $db->query('UPDATE ' . $ecs->table('users') . " SET last_login = '" . gmtime() . "', last_ip = '" . real_ip() . "'" . " WHERE user_id = '" . $_SESSION['user_id'] . "'"); } else { setcookie($_COOKIE['ECSCP']['agent_id'], '', 1); setcookie($_COOKIE['ECSCP']['agent_pass'], '', 1); if (!empty($_REQUEST['is_ajax'])) { make_json_error($_LANG['priv_error']); } else { //echo '266'; //exit; ecs_header("Location: privilege.php?act=login\n"); } exit; } } } else { if (!empty($_REQUEST['is_ajax'])) { make_json_error($_LANG['priv_error']); } else { // echo '283'; // exit; ecs_header("Location: privilege.php?act=login\n"); } exit; } } //$smarty->assign('token', $_CFG['token']); /* if ($_REQUEST['act'] != 'login' && $_REQUEST['act'] != 'signin' && $_REQUEST['act'] != 'rsignin' && $_REQUEST['act'] != 'forget_pwd' && $_REQUEST['act'] != 'reset_pwd' && $_REQUEST['act'] != 'check_order') { $admin_path = preg_replace('/:\d+/', '', $ecs->url()) . ADMIN_PATH; if (!empty($_SERVER['HTTP_REFERER']) && strpos(preg_replace('/:\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false) { if (!empty($_REQUEST['is_ajax'])) { make_json_error($_LANG['priv_error']); } else { ecs_header("Location: privilege.php?act=login\n"); } exit; } } */ /* 管理员登录后可在任何页面使用 act=phpinfo 显示 phpinfo() 信息 */ if ($_REQUEST['act'] == 'phpinfo' && function_exists('phpinfo')) { phpinfo(); exit; } //header('Cache-control: private'); header('content-type: text/html; charset=' . EC_CHARSET); header('Expires: Fri, 14 Mar 1980 20:53:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); if ((DEBUG_MODE & 1) == 1) { error_reporting(E_ALL); } else { error_reporting(E_ALL ^ E_NOTICE); } if ((DEBUG_MODE & 4) == 4) { include(ROOT_PATH . 'includes/lib.debug.php'); } /* 判断是否支持gzip模式 */ if (gzip_enabled()) { ob_start('ob_gzhandler'); } else { ob_start(); } create_shop_settiongs(); ?>