Jump to content

A little help

n1kko

By n1kko
in PHP Coding Help

Recommended Posts

n1kko Newbie

n1kko

Posted
Posted

Not really sure what the problem maybe with this, site will just not load unless I remove a couple of headers

 

Works with these lines removed,:confused:

 

 header( "Location: ".$sshopurl."secure/login.php?next={$_GET['next']}&shk&p={$_SERVER['PHP_SELF']}" );
        exit( );

 header( "Location: ".$adminurl."adlogin.php" );
        exit( );

 header( "Location: ".$adminurl."perms.php?noperm={$admin_dirs[$i]}" );
    exit( );

 

Full Code

<?php
function write_cache( $f_cache_data, $f_cache_file )
{
    if ( !( $fp = fopen( $f_cache_file, "w" ) ) )
    {
        trigger_error( "Error opening cache file" );
        exit( );
    }
    if ( !flock( $fp, LOCK_EX ) )
    {
        trigger_error( "Unable to lock file" );
        exit( );
    }
    if ( !fwrite( $fp, serialize( $f_cache_data ) ) )
    {
        trigger_error( "Error writing to cache file" );
        exit( );
    }
    flock( $fp, LOCK_UN );
    fclose( $fp );
}
function read_cache( $f_cache_file )
{
    if ( !file_exists( $f_cache_file ) )
    {
        trigger_error( "Invalid cache file" );
        exit( );
    }
    return unserialize( file_get_contents( $f_cache_file ) );
}
function list_options( $arrayname, $mode )
{
    global $row;
    global $row_2;
    $sarray = "";
    foreach ( $arrayname as $v )
    {
        if ( !isset( $row['salutation'] ) && $row['salutation'] == $v || isset( $row_2['salutation'] ) && $row_2['salutation'] == $v )
        {
            if ( !isset( $mode ) )
            {
                echo "<option value=\"".$v."\" selected>{$v}</option>\n";
            }
            else
            {
                $sarray .= "<option value=\"".$v."\" selected>{$v}</option>\n";
            }
        }
        else if ( !isset( $mode ) )
        {
            echo "<option value=\"".$v."\">{$v}</option>\n";
        }
        else
        {
            $sarray .= "<option value=\"".$v."\">{$v}</option>\n";
        }
    }
    return $sarray;
}
function genprevnext( $numrows, $position, $nresults, $scriptis, $extras )
{
    $disppages = intval( $numrows / $nresults );
    if ( $numrows % $nresults )
    {
        ++$disppages;
    }
    if ( $nresults <= $position )
    {
        $current_page_num = $position / $nresults + 1;
    }
    else
    {
        $current_page_num = 1;
    }
    if ( 1 < $disppages )
    {
        echo "(Viewing ".$current_page_num." of {$disppages} pages)<br /><br />";
    }
    if ( !( $numrows <= $nresults ) )
    {
        if ( "{$nresults}" <= $position )
        {
            $prevoffset = $position - $nresults;
            echo "<a href=\"".$shopur."{$scriptis}?position={$prevoffset}&nresults={$nresults}{$extras}\">« Prev</a>";
        }
        else
        {
            echo "<a href=\"#\">« Prev </a>";
        }
        $pages = intval( $numrows / $nresults );
        if ( $numrows % $nresults )
        {
            ++$pages;
        }
        $i = 1;
        for ( ; $i <= $pages; ++$i )
        {
            $newoffset = $nresults * ( $i - 1 );
            echo "<a href=\"".$http."{$scriptis}?position={$newoffset}&nresults={$nresults}{$extras}\">{$i}</a>";
        }
        if ( !( $offset / $nresults == $pages ) || $pages != 1 )
        {
            $newoffset = $position + $nresults;
            if ( $numrows <= $newoffset )
            {
                echo "<a href=\"#\">Next »</a>";
            }
            else
            {
                echo "<a href=\"".$shopur."{$scriptis}?position={$newoffset}&nresults={$nresults}{$extras}\">Next »</a>";
            }
        }
    }
}
function buildCategorySelect( )
{
    global $connection;
    global $category_id;
    $level = "0";
    $sql = "SELECT * from categories WHERE category_parent_id='deftl'";
    if ( !( $result = @mysql_query( $sql, $connection ) ) )
    {
        exit( "** COULD NOT BUILD CATEGORY DROP DOWN ** ".mysql_error( ) );
    }
    while ( $row = mysql_fetch_array( $result ) )
    {
        $parent = "{$row['category_id']}";
        $row[category_name] = stripslashes( "{$row['category_name']}" );
        if ( $category_id == $row[category_id] )
        {
            echo "<option value=\"".$row['category_id']."\" selected>+ {$row['category_name']}</option>\n";
        }
        else
        {
            echo "<option value=\"".$row['category_id']."\">+ {$row['category_name']}</option>\n";
        }
        getchildren( $parent, $level );
    }
}
function getChildren( $parent, $level )
{
    global $connection;
    global $category_id;
    ++$level;
    $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."' order by category_name";
    if ( !( $result1 = @mysql_query( $sql1, $connection ) ) )
    {
        exit( "Couldn't build category tree child part: ".mysql_error( ) );
    }
    while ( $row1 = mysql_fetch_array( $result1 ) )
    {
        $parent = "{$row1['category_id']}";
        if ( $category_id == $row1[category_id] )
        {
            echo "<option value=\"".$row1['category_id']."\" selected>";
        }
        else
        {
            echo "<option value=\"".$row1['category_id']."\">";
        }
        $i = 0;
        for ( ; $i < $level; ++$i )
        {
            echo "";
        }
        echo "|--[".$level."]";
        echo "".$row1['category_name']."</option>\n";
        getchildren( $parent, $level );
    }
}
function getChildrenSEL( $parent, $myparent, $level )
{
    global $connection;
    global $https;
    global $category_id;
    ++$level;
    $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."' order by category_name";
    if ( !( $result1 = @mysql_query( $sql1, $connection ) ) )
    {
        exit( "Couldn't build category tree child part: ".mysql_error( ) );
    }
    while ( $row1 = mysql_fetch_array( $result1 ) )
    {
        $parent = "{$row1['category_id']}";
        if ( $myparent == $row1[category_id] )
        {
            echo "<option value=\"".$row1['category_id']."\" selected>";
        }
        else if ( $category_id == $row1[category_id] )
        {
            echo "<option value=\"deftl\">";
        }
        else
        {
            echo "<option value=\"".$row1['category_id']."\">";
        }
        $i = 0;
        for ( ; $i < $level; ++$i )
        {
            echo "";
        }
        echo "|".$level."|";
        echo "{$row1['category_name']}</option>\n";
        getchildrensel( $parent, $myparent, $level );
    }
}
function makeCategoryMap( )
{
    global $connection;
    global $adminurl;
    $level = "0";
    $sql = "SELECT * from categories WHERE category_parent_id='deftl'";
    if ( !( $result = @mysql_query( $sql, $connection ) ) )
    {
        exit( "Couldn't build category tree parent part: ".mysql_error( ) );
    }
    while ( $row = mysql_fetch_array( $result ) )
    {
        $parent = "{$row['category_id']}";
        $sql3 = "SELECT product_id from products WHERE category_id='".$parent."'";
        if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
        {
            exit( "Couldn't get data from products db" );
        }
        $numrows = mysql_num_rows( $result3 );
        if ( $numrows < 1 )
        {
            $linker = "";
        }
        else
        {
            $linker = "<input type=\"button\" class=\"list\" onclick=\"location.href='".$adminurl."products/productlist.php?category_id={$row['category_id']}'\" value=\"Products ({$numrows})\" />";
        }
        $row[category_name] = stripslashes( "{$row['category_name']}" );
        echo "<tr>\n\t\t\t\t<td> + <a href=\"".$adminurl."products/editcategory.php?category_id={$row['category_id']}\" title=\"{$row['category_desc']}\">{$row['category_name']}</a> </td>\n\t\t\t\t<td>";
        if ( $row[category_publish] == Y )
        {
            echo "<input type=\"button\" class=\"deactivate\" value=\"(click to deactivate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row['category_id']}&act=N'\" />";
        }
        else
        {
            echo "<input type=\"button\" class=\"activate\" value=\"(click to activate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row['category_id']}&act=Y'\" />";
        }
        echo "</td>\n\t\t\t\t<td> <input type=\"button\" class=\"add\" onclick=\"location.href='".$adminurl."products/addproduct.php?category_id={$row['category_id']}'\" value=\"Add\" /> {$linker} </td>\n\t\t\t\t<td> <input type=\"button\" class=\"edit\" onclick=\"location.href='{$adminurl}products/editcategory.php?category_id={$row['category_id']}'\" value=\"Edit\" /> <input type=\"button\" class=\"delete\" value=\"DELETE\" onclick='usr_conf(\"{$adminurl}products/bin/deletecategory.php\",\"category_id={$row['category_id']}\",\"Are you sure you want to delete this category?\");' /> </td>\n\t\t\t</tr>\n";
        getchildrenlist( $parent, $level );
    }
}
function getChildrenList( $parent, $level )
{
    global $connection;
    global $adminurl;
    ++$level;
    $where_in_level = "0";
    $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."'";
    if ( !( $result1 = @mysql_query( $sql1, $connection ) ) )
    {
        exit( "Couldn't build category tree child part: ".mysql_error( ) );
    }
    while ( $row1 = mysql_fetch_array( $result1 ) )
    {
        ++$where_in_level;
        $parent = "{$row1['category_id']}";
        $level_indent = $level - 1;
        $i = 0;
        for ( ; $i < $level_indent; ++$i )
        {
            echo "";
        }
        if ( $last_level == $level )
        {
            echo "";
        }
        else
        {
            echo "";
        }
        $i = 0;
        for ( ; $i < $level; ++$i )
        {
            echo "";
        }
        $sql3 = "SELECT product_id from products WHERE category_id='".$parent."'";
        if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
        {
            exit( "Couldn't get data from products db" );
        }
        $numrows = mysql_num_rows( $result3 );
        if ( $numrows < 1 )
        {
            $linker = "";
        }
        else
        {
            $linker = "<input type=\"button\" class=\"list\" onclick=\"location.href='".$adminurl."products/productlist.php?category_id={$row1['category_id']}'\" value=\"Products ({$numrows})\" />";
        }
        echo "\t<tr>\n\t\t<td> » (".$level.") <a href=\"{$adminurl}products/editcategory.php?category_id={$row1['category_id']}\" title=\"{$row1['category_desc']}\">{$row1['category_name']}</a></td>\n\t\t\t<td>";
        if ( $row1[category_publish] == Y )
        {
            echo "<input type=\"button\" class=\"deactivate\" value=\"(click to deactivate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row1['category_id']}&act=N'\" />";
        }
        else
        {
            echo "<input type=\"button\" class=\"activate\" value=\"(click to activate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row1['category_id']}&act=Y'\" />";
        }
        echo "</td> \n\t\t\t<td><input type=\"button\" class=\"add\" onclick=\"location.href='".$adminurl."products/addproduct.php?category_id={$row1['category_id']}'\" value=\"Add\" /> {$linker}</td>\n\t\t\t<td> <input type=\"button\" class=\"edit\" onclick=\"location.href='{$adminurl}products/editcategory.php?category_id={$row1['category_id']}'\" value=\"Edit\" /> <input type=\"button\" class=\"delete\" value=\"DELETE\" onclick='usr_conf(\"{$adminurl}products/bin/deletecategory.php\",\"category_id={$row1['category_id']}\",\"Are you sure you want to delete this category?\");' /></td>\n\t</tr>\n";
        getchildrenlist( $parent, $level );
        $last_level = $level;
    }
}
function productcheckcategories( )
{
    global $connection;
    global $oktoadd;
    $sql3 = "SELECT * from categories";
    if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
    {
        exit( "Couldn't get data from category db" );
    }
    $numrows = mysql_num_rows( $result3 );
    if ( 1 <= $numrows )
    {
        $oktoadd = "Y";
    }
}
function countrycompareDD( $country_dd )
{
    global $connection;
    echo "<select name=\"country\">";
    $sql3 = "SELECT country_short, country_long from country WHERE zone_id !='0'";
    if ( !( $result3 = @mysql_query( $sql3, $connection ) ) )
    {
        exit( "Couldn't execute request 1" );
    }
    while ( $row3 = mysql_fetch_array( $result3 ) )
    {
        if ( $row3[country_short] == $country_dd )
        {
            echo "<option value=\"".$row3['country_short']."\" selected>{$row3['country_long']}</option>\n";
        }
        else
        {
            echo "<option value=\"".$row3['country_short']."\">{$row3['country_long']}</option>\n";
        }
    }
    echo "</select>";
}
function alternatecolour( $level )
{
    global $altclass;
    $class_1 = " class=altlight";
    $class_2 = " class=altdark";
    $altclass = $class_1;
    $level % 2 ? 0 : ( $altclass = $class_2 );
}
function check_email_address( $email )
{
    if ( !ereg( "[^@]{1,64}@[^@]{1,255}", $email ) )
    {
        return FALSE;
    }
    $email_array = explode( "@", $email );
    $local_array = explode( ".", $email_array[0] );
    $i = 0;
    for ( ; $i < sizeof( $local_array ); ++$i )
    {
        if ( ereg( "^(([A-Za-z0-9!#\$%&'*+/=?^_`{|}~-][A-Za-z0-9!#\$%&'*+/=?^_`{|}~\\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))\$", $local_array[$i] ) )
        {
            continue;
        }
        return FALSE;
    }
    if ( !ereg( "^\\[?[0-9\\.]+\\]?\$", $email_array[1] ) )
    {
        $domain_array = explode( ".", $email_array[1] );
        if ( sizeof( $domain_array ) < 2 )
        {
            return FALSE;
        }
        $i = 0;
        for ( ; $i < sizeof( $domain_array ); ++$i )
        {
            if ( ereg( "^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))\$", $domain_array[$i] ) )
            {
                continue;
            }
            return FALSE;
        }
    }
    return TRUE;
}
$sYear = "2007";
$cwd = dirname( __FILE__ );
$instdir = str_replace( "private", "", "{$cwd}" );
include( "{$instdir}private/config.php" );
include( "{$instdir}private/cache.php" );
if ( !$shopurl )
{
    header( "Location: install/" );
    exit( );
}
include( "{$instdir}private/db_connect.php" );
include( "{$instdir}private/messages.php" );
include( "{$instdir}private/shop_messages.php" );
$s_cache_file = "{$sscache_dir}key.txt";
if ( $sscache == "Y" && file_exists( $s_cache_file ) && time( ) - $sscache_exp < filemtime( $s_cache_file ) )
{
    $s_cache_data = read_cache( $s_cache_file );
}
else
{
    $sql = "SELECT copyRightKey,domainName FROM shop_settings";
    if ( !( $result = @mysql_query( $sql, $connection ) ) )
    {
        exit( "**COULD NOT GET COPYRIGHT KEYS**" );
    }
    while ( $row = mysql_fetch_array( $result ) )
    {
        $s_cache_data[] = $row;
    }
    if ( "".$sscache."" == "Y" && isset( $s_cache_data ) )
    {
        write_cache( $s_cache_data, $s_cache_file );
    }
}
if ( isset( $s_cache_data ) )
{
    foreach ( $s_cache_data as $key => $row )
    {
        $copyRightCode = "{$row['copyRightKey']}";
        $domainName = "{$row['domainName']}";
    }
    $s_cache_data = "";
}
$stylish = array( "" );
$admin_dirs = array( "settings", "orders", "newsletter", "reports", "shoppers", "products", "content" );
$mtta = array( "mail", "smtp" );
$ppgfields = array( "ppemail", "ppmerchantid", "ppsecret", "pptestmode", "ppinstid", "ppintip", "ppextip", "ppgiftaid", "ppApply3DSecure", "ppApplyAVSCV2", "ppauthmode", "ppsignature" );
$category_style = array( "List with Thumbnail", "List no Thumbnail", "Grid 2 Across", "Grid 3 Across", "Grid 4 Across", "Grid 5 Across" );
$category_sort_order = array( "Alphabetical", "Newest Items First", "Newest Items Last", "Featured Items First", "Custom Sort", "Price Low - High", "Price High - Low" );
$sf_style = array( "List", "Grid 2 Across", "Grid 3 Across", "Grid 4 Across", "Grid 5 Across" );
$sf_sort_order = array( "Alphabetical", "By ID", "Randomised" );
$cf_sort_order = array( "Alphabetical", "By ID", "Custom" );
$allow_next = array( "selectdeliveryaddress.php", "revieworder.php", "reviewproduct.php", "revieworder.php?clearptid=Y", "orders.php" );
if ( $_GET[next] && !in_array( "{$_GET['next']}", $allow_next ) )
{
    echo "Not allowed!";
    exit( );
}
$GLOBALS['_GET'][category_id] = mysql_real_escape_string( "{$_GET['category_id']}" );
$GLOBALS['_GET'][product_id] = mysql_real_escape_string( "{$_GET['product_id']}" );
$GLOBALS['_GET'][product_xo_id] = mysql_real_escape_string( "{$_GET['product_xo_id']}" );
$GLOBALS['_GET'][o_id] = mysql_real_escape_string( "{$_GET['o_id']}" );
$GLOBALS['_GET'][p_id] = mysql_real_escape_string( "{$_GET['p_id']}" );
$GLOBALS['_GET'][a_id] = mysql_real_escape_string( "{$_GET['a_id']}" );
$GLOBALS['_POST'][query_string] = mysql_real_escape_string( "{$_POST['query_string']}" );
$GLOBALS['_POST'][new_currency_id] = mysql_real_escape_string( "{$_POST['new_currency_id']}" );
$GLOBALS['_POST'][pre_xo_id] = mysql_real_escape_string( "{$_POST['pre_xo_id']}" );
$GLOBALS['_POST'][p_id] = mysql_real_escape_string( "{$_POST['p_id']}" );
$GLOBALS['_POST'][qty] = mysql_real_escape_string( "{$_POST['qty']}" );
$GLOBALS['_POST'][loginemail] = mysql_real_escape_string( "{$_POST['loginemail']}" );
$GLOBALS['_POST'][loginpass] = mysql_real_escape_string( "{$_POST['loginpass']}" );
$GLOBALS['_POST'][mail_outs] = mysql_real_escape_string( "{$_POST['mail_outs']}" );
$GLOBALS['_POST'][old_password] = mysql_real_escape_string( "{$_POST['old_password']}" );
$GLOBALS['_POST'][confirm_password] = mysql_real_escape_string( "{$_POST['confirm_password']}" );
$GLOBALS['_GET'][category_id] = mysql_real_escape_string( "{$_GET['category_id']}" );
$GLOBALS['_GET'][product_id] = mysql_real_escape_string( "{$_GET['product_id']}" );
$GLOBALS['_GET'][new_currency_id] = mysql_real_escape_string( "{$_GET['new_currency_id']}" );
$GLOBALS['_GET'][new_currency_id] = mysql_real_escape_string( "{$_GET['new_currency_id']}" );
$search = array( "@<script[^>]*?>.*?</script>@si", "@<[\\/\\!]*?[^<>]*?>@si", "@&(quot|#34);@i", "@&(amp|#38);@i", "@&(lt|#60);@i", "@&(gt|#62);@i", "@&(nbsp|#160);@i", "@&(iexcl|#161);@i", "@&(cent|#162);@i", "@&(pound|#163);@i", "@&(copy|#169);@i", "@&#(\\d+);@e" );
$replace = array(
    "",
    "",
    "\\1",
    "\"",
    "&",
    "<",
    ">",
    "",
    chr( 161 ),
    chr( 162 ),
    chr( 163 ),
    chr( 169 ),
    "chr(\\1)"
);
$GLOBALS['_POST'][company] = mysql_real_escape_string( "{$_POST['company']}" );
$GLOBALS['_POST'][company] = preg_replace( $search, $replace, $_POST[company] );
$GLOBALS['_POST'][first_name] = mysql_real_escape_string( "{$_POST['first_name']}" );
$GLOBALS['_POST'][first_name] = preg_replace( $search, $replace, $_POST[first_name] );
$GLOBALS['_POST'][last_name] = mysql_real_escape_string( "{$_POST['last_name']}" );
$GLOBALS['_POST'][last_name] = preg_replace( $search, $replace, $_POST[last_name] );
$GLOBALS['_POST'][email] = mysql_real_escape_string( "{$_POST['email']}" );
$GLOBALS['_POST'][email] = preg_replace( $search, $replace, $_POST[email] );
$GLOBALS['_POST'][no_name] = mysql_real_escape_string( "{$_POST['no_name']}" );
$GLOBALS['_POST'][no_name] = preg_replace( $search, $replace, $_POST[no_name] );
$GLOBALS['_POST'][street] = mysql_real_escape_string( "{$_POST['street']}" );
$GLOBALS['_POST'][street] = preg_replace( $search, $replace, $_POST[street] );
$GLOBALS['_POST'][town] = mysql_real_escape_string( "{$_POST['town']}" );
$GLOBALS['_POST'][town] = preg_replace( $search, $replace, $_POST[town] );
$GLOBALS['_POST'][county] = mysql_real_escape_string( "{$_POST['county']}" );
$GLOBALS['_POST'][county] = preg_replace( $search, $replace, $_POST[county] );
$GLOBALS['_POST'][postcode] = mysql_real_escape_string( "{$_POST['postcode']}" );
$GLOBALS['_POST'][postcode] = preg_replace( $search, $replace, $_POST[postcode] );
$GLOBALS['_POST'][country] = mysql_real_escape_string( "{$_POST['country']}" );
$GLOBALS['_POST'][country] = preg_replace( $search, $replace, $_POST[country] );
$GLOBALS['_POST'][day_tel] = mysql_real_escape_string( "{$_POST['day_tel']}" );
$GLOBALS['_POST'][day_tel] = preg_replace( $search, $replace, $_POST[day_tel] );
$GLOBALS['_POST'][eve_tel] = mysql_real_escape_string( "{$_POST['eve_tel']}" );
$GLOBALS['_POST'][eve_tel] = preg_replace( $search, $replace, $_POST[eve_tel] );
$GLOBALS['_POST'][mobile] = mysql_real_escape_string( "{$_POST['mobile']}" );
$GLOBALS['_POST'][mobile] = preg_replace( $search, $replace, $_POST[mobile] );
$GLOBALS['_POST'][fax] = mysql_real_escape_string( "{$_POST['fax']}" );
$GLOBALS['_POST'][fax] = preg_replace( $search, $replace, $_POST[fax] );
$GLOBALS['_POST'][emailaddress] = mysql_real_escape_string( "{$_POST['emailaddress']}" );
$GLOBALS['_POST'][emailaddress] = preg_replace( $search, $replace, $_POST[emailaddress] );
$GLOBALS['_POST'][password] = mysql_real_escape_string( "{$_POST['password']}" );
$GLOBALS['_POST'][password] = preg_replace( $search, $replace, $_POST[password] );
if ( $_GET[sssess] )
{
    session_id( $_GET[sssess] );
}
session_start( );
header( "cache-control: private" );
if ( isset( $_GET[redeempoints] ) && $_GET[redeempoints] == "Y" )
{
    $_SESSION[redeemer] = "Y";
}
if ( $_POST[purchaseorder] )
{
    $_SESSION[po] = "{$_POST['purchaseorder']}";
}
if ( !$_SESSION[loginemail] )
{
    $_SESSION[loginemail] = "noemail@site";
}
if ( !$_SESSION[adminemail] )
{
    $_SESSION[adminemail] = "noadmin@site";
}
if ( $_POST[discode] )
{
    $_SESSION[discode] = trim( "{$_POST['discode']}" );
}
$auth_ok_check = md5( "{$_SESSION['loginemail']}.{$hash}" );
$admin_ok_check = md5( "{$_SESSION['adminemail']}.{$hash}" );
if ( isset( $_GET['oidref'] ) )
{
    $GLOBALS['_GET']['oidref'] = mysql_real_escape_string( $_GET['oidref'] );
    $sql = "SELECT o_id FROM order_list WHERE ref='".$_GET['oidref']."' AND unh='{$_GET['oidref']}'";
    if ( !( $result = @mysql_query( $sql, $connection ) ) )
    {
        exit( "**COULD NOT GET COPYRIGHT KEYS**" );
    }
    if ( $row = mysql_fetch_array( $result ) )
    {
        $_SESSION['unh'] = $_GET['oidref'];
        header( "Location: ".$sshopurl."orderdetails_os.php?o_id={$row['o_id']}" );
        exit( );
    }
    if ( $_SESSION['auth_ok'] == $auth_ok_check )
    {
        header( "Location: ".$sshopurl."secure/orders.php" );
        exit( );
    }
    header( "Location: ".$sshopurl."secure/login.php?next=orders.php" );
    exit( );
}
if ( preg_match( "/secure/", "{$_SERVER['PHP_SELF']}" ) && !preg_match( "/doqreg.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/qreg.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/voicepaycallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/secpaysecpagecallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/vps_handle_protx_response.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/protx/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/protxformcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/protxcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/worldpaycallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/securetradingcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/barclayscpicallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/paypalcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/moneybookerscallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/nochexcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/offlinecallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/doregister.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/register.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/doprereg.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/login.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/dologin.php/", "{$_SERVER['PHP_SELF']}" ) )
{
    if ( $auth_ok_check != $_SESSION[auth_ok] )
    {
        header( "Location: ".$sshopurl."secure/login.php?next={$_GET['next']}&shk&p={$_SERVER['PHP_SELF']}" );
        exit( );
    }
    if ( preg_match( "/secure/", "{$_SERVER['PHP_SELF']}" ) )
    {
        $isaccount = "1";
    }
}
if ( preg_match( "/".$adminDir."/", "{$_SERVER['PHP_SELF']}" ) && !preg_match( "/adlogin.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/forgetful.php/", "{$_SERVER['PHP_SELF']}" ) )
{
    if ( $admin_ok_check != $_SESSION[admin_ok] )
    {
        header( "Location: ".$adminurl."adlogin.php" );
        exit( );
    }
    if ( preg_match( "/".$adminDir."/", "{$_SERVER['PHP_SELF']}" ) )
    {
        $isadmin = "1";
    }
}
$noadirs = count( $admin_dirs );
$i = 0;
for ( ; $i <= $noadirs; ++$i )
{
    if ( !preg_match( "/admin\\/".$admin_dirs[$i]."/", "{$_SERVER['PHP_SELF']}" ) && preg_match( "/".$admin_dirs[$i]."/", "{$_SESSION['admin_type']}" ) )
    {
        continue;
    }
    header( "Location: ".$adminurl."perms.php?noperm={$admin_dirs[$i]}" );
    exit( );
}
if ( !$_SESSION[shopper_type] )
{
    $_SESSION[shopper_type] = "1";
}
if ( $_GET[setcurrency] == 1 )
{
    if ( $_GET[new_currency_id] )
    {
        $GLOBALS['_POST'][new_currency_id] = $_GET[new_currency_id];
    }
    $_SESSION['currency_id'] = $_POST[new_currency_id];
}
if ( $_GET[clearptid] == Y )
{
    session_unregister( "ptid" );
}
if ( $_GET[selectpostage] == 1 )
{
    if ( $_POST[selptid] == Free || $_POST[selptid] == free )
    {
        session_unregister( "ptid" );
    }
    else if ( isset( $_POST[selptid] ) )
    {
        $_SESSION['ptid'] = $_POST[selptid];
    }
    else
    {
        session_unregister( "ptid" );
    }
    $GLOBALS['_POST'][selptid] = mysql_real_escape_string( $_POST[selptid] );
    $sql1 = "UPDATE basket SET ptid='".$_POST['selptid']."' WHERE session_id='".session_id( )."'";
    if ( !( $result1 = @mysql_query( $sql1, $connection ) ) )
    {
        exit( "Couldn't execute request 1" );}}
?>

 

Link to comment
https://forums.phpfreaks.com/topic/218430-a-little-help/
Share on other sites
n1kko Newbie

n1kko

Posted
  • Author
Posted

Thanks guys,

 

Yes headers are sent

 

Warning: Cannot modify header information - headers already sent by (output started at /home/xxxxx/public_html/private/messages.php:53) in /home/xxxxx/public_html/private/corefunctions.php on line 522

 

 

Warning: Cannot modify header information - headers already sent by (output started at /home/xxxxx/public_html/private/messages.php:53) in /home/xxxxx/public_html/private/corefunctions.php on line 571

 

messages.php line 53: $SHOPPERS_accexists = "There is already an account on the system that uses the email address ".$_GET['emailaddress'].", please remove that account and try again or use a different address!";

 

corefunctions.php line 522: header( "cache-control: private" );

corefunctions.php line 571: header( "Location: ".$sshopurl."secure/login.php?next={$_GET['next']}&shk&p={$_SERVER['PHP_SELF']}" );

 

I have tried to fix but not a coder and really struggling,

 

Thanks

Link to comment
https://forums.phpfreaks.com/topic/218430-a-little-help/#findComment-1133193
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.