wayne/bnbweb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1f1919e4dd
bnbweb/back/includes/init.php
Wayne Hsu 8149aa8bde init
2022-11-15 01:31:15 +08:00

355 lines
9.0 KiB
PHP
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
if (!defined('IN_ECS'))
{
die('Hacking attempt');
}
define('ECS_ADMIN', true);
error_reporting(E_ALL);
if (__FILE__ == '')
{
die('Fatal error code: 0');
}
/* 初始化设置 */
@ini_set('memory_limit', '-1');
@ini_set('session.cache_expire', 86400);
@ini_set('session.use_trans_sid', 0);
@ini_set('session.use_cookies', 1);
@ini_set('session.auto_start', 1);
@ini_set('display_errors', 1);
//echo ini_get("session.gc_maxlifetime");
if (DIRECTORY_SEPARATOR == '\\')
{
@ini_set('include_path', '.;' . ROOT_PATH);
}
else
{
@ini_set('include_path', '.:' . ROOT_PATH);
}
/* 取得当前supplier所在的根目录 */
if(!defined('ADMIN_PATH'))
{
define('ADMIN_PATH','back');
}
if (file_exists('../data/config.php'))
{
include('../data/config.php');
}
else
{
include('../includes/config.php');
}
define('ROOT_PATH', str_replace(ADMIN_PATH . '/includes/init.php', '', str_replace('\\', '/', __FILE__)));
if (defined('DEBUG_MODE') == false)
{
define('DEBUG_MODE', 0);
}
if (PHP_VERSION >= '5.1' && !empty($timezone))
{
date_default_timezone_set($timezone);
}
if (isset($_SERVER['PHP_SELF']))
{
define('PHP_SELF', $_SERVER['PHP_SELF']);
}
else
{
define('PHP_SELF', $_SERVER['SCRIPT_NAME']);
}
require(ROOT_PATH . 'includes/inc_constant.php');
require(ROOT_PATH . 'includes/cls_ecshop.php');
require(ROOT_PATH . 'includes/cls_error.php');
require(ROOT_PATH . 'includes/lib_time.php');
require(ROOT_PATH . 'includes/lib_base.php');
require(ROOT_PATH . 'includes/lib_common.php');
require(ROOT_PATH . 'includes/lib_supplier_common.php');
require(ROOT_PATH . ADMIN_PATH . '/includes/lib_main.php');
require(ROOT_PATH . ADMIN_PATH . '/includes/cls_exchange.php');
/* 对用户传入的变量进行转义操作。*/
if (!get_magic_quotes_gpc())
{
if (!empty($_GET))
{
$_GET = addslashes_deep($_GET);
}
if (!empty($_POST))
{
$_POST = addslashes_deep($_POST);
}
$_COOKIE = addslashes_deep($_COOKIE);
$_REQUEST = addslashes_deep($_REQUEST);
}
/* 对路径进行安全处理 */
if (strpos(PHP_SELF, '.php/') !== false)
{
ecs_header("Location:" . substr(PHP_SELF, 0, strpos(PHP_SELF, '.php/') + 4) . "\n");
exit();
}
/* 创建 ECSHOP 对象 */
$ecs = new ECS($db_name, $prefix);
define('DATA_DIR', $ecs->data_dir());
define('IMAGE_DIR', $ecs->image_dir());
/* 初始化数据库类 */
require(ROOT_PATH . 'includes/cls_mysql.php');
$db = new cls_mysql($db_host, $db_user, $db_pass, $db_name);
$db_host = $db_user = $db_pass = $db_name = NULL;
/* 创建错误处理对象 */
$err = new ecs_error('message.htm');
/* 初始化session */
//require(ROOT_PATH . 'includes/cls_session.php');
//$sess = new cls_session($db, $ecs->table('sessions'), $ecs->table('sessions_data'), 'ECSCP_ID');
session_start();
/* 初始化 action */
if (!isset($_REQUEST['act']))
{
$_REQUEST['act'] = '';
}
elseif (($_REQUEST['act'] == 'login' || $_REQUEST['act'] == 'logout' || $_REQUEST['act'] == 'signin' || $_REQUEST['act'] == 'rsignin') &&
strpos(PHP_SELF, '/privilege.php') === false)
{
$_REQUEST['act'] = '';
}
elseif (($_REQUEST['act'] == 'forget_pwd' || $_REQUEST['act'] == 'reset_pwd' || $_REQUEST['act'] == 'get_pwd') &&
strpos(PHP_SELF, '/get_password.php') === false)
{
$_REQUEST['act'] = '';
}
/* 载入系统参数 */
$_CFG = array_merge(load_config(),load_config_supplier());
// TODO : 登录部分准备拿出去做,到时候把以下操作一起挪过去
if ($_REQUEST['act'] == 'captcha')
{
include(ROOT_PATH . 'includes/cls_captcha.php');
$img = new captcha('../data/captcha/');
@ob_end_clean(); //清除之前出现的多余输入
$img->generate_image();
exit;
}
require(ROOT_PATH . 'languages/' .$_CFG['lang']. '/back/common.php');
require(ROOT_PATH . 'languages/' .$_CFG['lang']. '/back/log_action.php');
if (file_exists(ROOT_PATH . 'languages/' . $_CFG['lang'] . '/back/' . basename(PHP_SELF)))
{
include(ROOT_PATH . 'languages/' . $_CFG['lang'] . '/back/' . basename(PHP_SELF));
}
if (!file_exists('../temp/caches'))
{
@mkdir('../temp/caches', 0777);
@chmod('../temp/caches', 0777);
}
if (!file_exists('../temp/compiled/agent'))
{
@mkdir('../temp/compiled/agent', 0777);
@chmod('../temp/compiled/agent', 0777);
}
clearstatcache();
/* 如果有新版本,升级 */
if (!isset($_CFG['ecs_version']))
{
$_CFG['ecs_version'] = 'v2.0.5';
}
/* 创建 Smarty 对象。*/
require(ROOT_PATH . 'includes/cls_template.php');
$smarty = new cls_template;
$smarty->template_dir = ROOT_PATH . ADMIN_PATH . '/templates';
$smarty->compile_dir = ROOT_PATH . 'temp/compiled/agent';
if ((DEBUG_MODE & 2) == 2)
{
$smarty->force_compile = true;
}
$smarty->assign('lang', $_LANG);
if(isset($_CFG['enable_order_check'])) // 为了从旧版本顺利升级到2.5.0
{
$smarty->assign('enable_order_check', $_CFG['enable_order_check']);
}
else
{
$smarty->assign('enable_order_check', 0);
}
/* 验证管理员身份 */
if ((!isset($_SESSION['user_id']) || intval($_SESSION['user_id']) <= 0) &&
$_REQUEST['act'] != 'login' && $_REQUEST['act'] != 'signin' && $_REQUEST['act'] != 'rsignin')
{
/* session 不存在检查cookie */
if (!empty($_COOKIE['ECSCP']['user_id']) && !empty($_COOKIE['ECSCP']['user_pass']))
{
$sql = 'SELECT * ' .
' FROM ' .$ecs->table('users') .
" WHERE user_id = '" . intval($_COOKIE['ECSCP']['user_id']) . "'";
$row = $db->GetRow($sql);
if (!$row)
{
// 没有找到这个记录
setcookie($_COOKIE['ECSCP']['user_id'], '', 1);
setcookie($_COOKIE['ECSCP']['user_pass'], '', 1);
if (!empty($_REQUEST['is_ajax']))
{
make_json_error($_LANG['priv_error']);
}
else
{
// echo '231';
// exit;
ecs_header("Location: privilege.php?act=login\n");
}
exit;
}
else
{
// 检查密码是否正确
if (md5($row['password'] . $_CFG['hash_code']) == $_COOKIE['ECSCP']['user_pass'])
{
!isset($row['last_time']) && $row['last_time'] = '';
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['user_name'] = $row['user_name'];
// set_admin_session($row['user_id'], $row['user_name'], $row['action_list'], $row['last_time']);
// 更新最后登录时间和IP
$db->query('UPDATE ' . $ecs->table('users') .
" SET last_login = '" . gmtime() . "', last_ip = '" . real_ip() . "'" .
" WHERE user_id = '" . $_SESSION['user_id'] . "'");
}
else
{
setcookie($_COOKIE['ECSCP']['agent_id'], '', 1);
setcookie($_COOKIE['ECSCP']['agent_pass'], '', 1);
if (!empty($_REQUEST['is_ajax']))
{
make_json_error($_LANG['priv_error']);
}
else
{
//echo '266';
//exit;
ecs_header("Location: privilege.php?act=login\n");
}
exit;
}
}
}
else
{
if (!empty($_REQUEST['is_ajax']))
{
make_json_error($_LANG['priv_error']);
}
else
{
// echo '283';
// exit;
ecs_header("Location: privilege.php?act=login\n");
}
exit;
}
}
//$smarty->assign('token', $_CFG['token']);
/*
if ($_REQUEST['act'] != 'login' && $_REQUEST['act'] != 'signin' && $_REQUEST['act'] != 'rsignin' &&
$_REQUEST['act'] != 'forget_pwd' && $_REQUEST['act'] != 'reset_pwd' && $_REQUEST['act'] != 'check_order')
{
$admin_path = preg_replace('/:\d+/', '', $ecs->url()) . ADMIN_PATH;
if (!empty($_SERVER['HTTP_REFERER']) &&
strpos(preg_replace('/:\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false)
{
if (!empty($_REQUEST['is_ajax']))
{
make_json_error($_LANG['priv_error']);
}
else
{
ecs_header("Location: privilege.php?act=login\n");
}
exit;
}
}
*/
/* 管理员登录后可在任何页面使用 act=phpinfo 显示 phpinfo() 信息 */
if ($_REQUEST['act'] == 'phpinfo' && function_exists('phpinfo'))
{
phpinfo();
exit;
}
//header('Cache-control: private');
header('content-type: text/html; charset=' . EC_CHARSET);
header('Expires: Fri, 14 Mar 1980 20:53:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
header('Pragma: no-cache');
if ((DEBUG_MODE & 1) == 1)
{
error_reporting(E_ALL);
}
else
{
error_reporting(E_ALL ^ E_NOTICE);
}
if ((DEBUG_MODE & 4) == 4)
{
include(ROOT_PATH . 'includes/lib.debug.php');
}
/* 判断是否支持gzip模式 */
if (gzip_enabled())
{
ob_start('ob_gzhandler');
}
else
{
ob_start();
}
create_shop_settiongs();
?>
Reference in New Issue View Git Blame Copy Permalink