admin = $admin; if($this->admin) { include_once('admin/admin_site_class.php'); $this->site = new Admin_site($db); } else { include_once('classes/site_class.php'); $this->site = new Site($db); } $site = $this->site; // Discover the product type if(!$this->discover_type($db)) { if(!$this->admin) { // If front side then display an error message echo "".$this->error_message.""; exit; } } // Auctions if($this->product_type == 1) { $this->current_table = $site->auctions_table; /* $this->current_url = $site->configuration_data['classifieds_url']; $this->current_file_name = $site->configuration_data['auctions_file_name']; $this->current_ssl_url = $site->configuration_data['auctions_ssl_url']; $this->current_configuration_table = "geodesic_auctions_ad_configuration"; */ $this->current_url = $site->configuration_data['classifieds_url']; $this->current_file_name = $site->configuration_data['auctions_file_name']; $this->current_ssl_url = $site->configuration_data['auctions_ssl_url']; $this->current_configuration_table = "geodesic_auctions_ad_configuration"; } // Classifieds elseif($this->product_type == 2) { $this->current_table = $site->classifieds_table; /* $this->current_url = $site->configuration_data['classifieds_url']; $this->current_file_name = $site->configuration_data['classifieds_file_name']; $this->current_ssl_url = $site->configuration_data['classifieds_ssl_url']; $this->current_configuration_table = "geodesic_classifieds_ad_configuration"; */ $this->current_url = $site->configuration_data['classifieds_url']; $this->current_file_name = $site->configuration_data['classifieds_file_name']; $this->current_ssl_url = $site->configuration_data['classifieds_ssl_url']; $this->current_configuration_table = "geodesic_classifieds_ad_configuration"; } // ClassAuctions elseif($this->product_type == 4) { // Default it to classifieds // TODO may change later $this->current_table = $site->classifieds_table; $this->current_url = $site->configuration_data['classifieds_url']; $this->current_file_name = $site->configuration_data['classifieds_file_name']; $this->current_ssl_url = $site->configuration_data['classifieds_ssl_url']; $this->current_configuration_table = "geodesic_classifieds_ad_configuration"; } else { //product_type does not exist // or it is the admin without a license } } //%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function switch_product() { $site = $this->site; // Note: This function is not used for the time being // Could be used possibly by calling it in the site class constructor // when an admin turns on or off the auctions or classifieds functionality } //%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function is_class_auctions() { if($this->product_type == 4) return true; else return false; } //%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function is_auctions() { $site = $this->site; if($this->product_type == 1) return true; else return false; } //%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function is_classifieds() { $site = $this->site; if($this->product_type == 2) return true; else return false; } //%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function set_type($type) { $this->product_type = $type; $site = $this->site; // Classifieds $this->current_table = $site->classifieds_table; $this->current_url = $site->configuration_data['classifieds_url']; $this->current_file_name = $site->configuration_data['classifieds_file_name']; $this->current_ssl_url = $site->configuration_data['classifieds_ssl_url']; $this->current_configuration_table = "geodesic_classifieds_ad_configuration"; } //%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function discover_type($db) { if ($this->debug_product) { echo "
TOP OF DISCOVER_TYPE
\n"; echo $this->site->configuration_data['license']." is site->configuration_data[license]
\n"; echo $_SERVER['SERVER_NAME']." is the server_name
\n"; } if(!$this->site->configuration_data['license']) { // License hasn't been fetched yet $sql_query = "select license from geodesic_classifieds_configuration"; $result = $db->Execute($sql_query); if(!$result) { $this->error_message = "Error reading license
".$db->ErrorMsg(); return false; } $license = $result->FetchRow(); // Check for a blank license key if(!$license['license']) { $this->error_message = "You have not entered a license"; return false; } $unencrypted_license = $license['license']; } else { // Check for a blank license key if(!$this->site->configuration_data['license']) die("You have not entered a license"); // Is in site class $unencrypted_license = $this->site->configuration_data['license']; } // Verify that license is correct // Below is a sample of what it should return: // "return array('product_type' => 4);"// account for SERVER_NAME's with www. prefix $decrypted_license = decrypt($unencrypted_license, 32, $_SERVER['SERVER_NAME']); if(!($full_license = @eval($decrypted_license))) { // Strip off www prefix from SERVER_NAME and try to decrypt if(preg_match("/^www\./", $_SERVER['SERVER_NAME'])) $sName = preg_replace("/^www\./", "", $_SERVER['SERVER_NAME']); $decrypted_license = decrypt($unencrypted_license, 32, $sName); if(!($full_license = @eval($decrypted_license))) { // Decryption was not successful // Add www prefix to SERVER_NAME and try to decrypt again $decrypted_license = decrypt($unencrypted_license, 32, "www.".$_SERVER['SERVER_NAME']); if(!($full_license = @eval($decrypted_license))) { // Decryption was not successful // Remove subdomain portion from SERVER_NAME and try to decrypt again $server_name = preg_replace("/^[a-z0-9_-]+\./i", "", $_SERVER['SERVER_NAME'], 1); $decrypted_license = decrypt($unencrypted_license, 32, $server_name); if(!($full_license = @eval($decrypted_license))) { // Decryption was not successful // Start accounting for licenses on multiple subdomains and multiple top-level domains $server_name = $_SERVER['SERVER_NAME']; // Remove suffix if two domain extensions are found in SERVER_NAME if(preg_match("/\.(co|me|org|net|idv)\./", $server_name)) $server_name = preg_replace("/\.[a-z]+\$/", "", $server_name); /*// If there's still a prefix and a suffix, remove the prefix if(preg_match("/^.*\..*\..*\$/", $server_name)) $server_name = preg_replace("/^[a-z0-9_-]*\./i", "", $server_name);*/ // Remove the suffix $server_name = preg_replace("/^(.+)\..*\$/", "$1", $server_name); // Remove all prefixes $server_name = preg_replace("/^(.*\.){1,}(.+)\$/", "$2", $server_name); // Try to decrypt license again using stripped-down SERVER_NAME $decrypted_license = decrypt($unencrypted_license, 32, $server_name); if(!($full_license = @eval($decrypted_license))) { // The license is invalid $this->error_message = "Your license is invalid or your software is installed on the wrong domain.
"; return false; } elseif(!$this->check_subdomain($full_license)) { // License is invalid return false; } } else { if(!$this->check_subdomain($full_license)) { // License was invalid return false; } } } } } // If so then lets set the product type $this->product_type = $full_license['product_type']; // Executed and completed so lets return true return true; } //%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function check_subdomain($full_license) { if(!$full_license['multi_domain_license']) { // The user is not allowed to have multiple domains $this->error_message = "Your license does not allow you to have multiple domains. Please contact Geodesic Solutions for an upgraded license.
"; return false; } else { return true; } } //%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function set_license($db, $license_key=0) { if($license_key) { $sql_query = "update geodesic_classifieds_configuration set license = \"".$license_key."\""; $result = $db->Execute($sql_query); if($result) return true; else return false; } else return false; } //%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function verify_license($db) { if($this->discover_type($db)) return true; else return false; } } /** * Manages cookies and databases for user sessions * This class is primarily used for login, registration, and logout operations, but it also has a few utility functions * specific to user sessions. * * @author John Syrinek */ class Session { var $db; var $sessionId; var $languageId; var $userId; function Session(&$db) { if(is_object($db)) $this->db = $db; if (isset($HTTP_COOKIE_VARS)) $_COOKIE = $HTTP_COOKIE_VARS; } /** * Returns the classified_session cookie * * @return string session ID */ function getSessionId() { return isset($_COOKIE['classified_session']) ? $_COOKIE['classified_session'] : false; } /** * Purge the database of sessions that are more than an hour old * * @param integer $currentTime Unix timestamp representing the current time */ function cleanSessions($currentTime=null) { if($currentTime === null) $currentTime = $this->shiftedTime(); $query = "delete from geodesic_sessions WHERE last_time < ".($currentTime - 3600); $this->db->Execute($query); } /** * Manually close a session * * @param string $sessionId */ function closeSession($sessionId=null) { if($sessionId === null) $sessionId = $_COOKIE['classified_session']; $sql_query = "delete from geodesic_sessions where classified_session = '".$sessionId."'"; $this->db->Execute($sql_query); } /** * Return a unique session ID * * @return string The session ID */ function uniqueSessionId() { $sid = null; do { $sid = md5(uniqid(rand(),1)); $sid = substr($sid, 0,32); $query = "select classified_session from geodesic_sessions where classified_session = '".$sid."'"; $result = $this->db->Execute($query) or die($this->db->ErrorMsg()); } while ($result->RecordCount() > 0); return $sid; } /** * Update the timestamp for a user's session * This is similar to Unix's touch command * * @param string $sessionId * @todo Everything */ function touchSession($sessionId=null) { if($sessionId === null) $sessionId = $_COOKIE['classified_session']; } /** * Initializes a session, stores a user ID and returns the session ID * Use Session::getUserId() to retrieve the user ID associated with the session (if any) * * @param string $redirectURL Location to return to (may be deprecated) * @return string The session ID of the new session */ function initSession($redirectURL) { $classified_session = null; $current_time = $this->shiftedTime(); if (!$_COOKIE["classified_session"]) { //set session in db $custom_id = $this->uniqueSessionId(); $sql_query = "insert into geodesic_sessions (classified_session,user_id,last_time,ip,level) values ('".$custom_id."',0,".$current_time.",'0',0)"; if(!$this->db->Execute($sql_query)) return false; $expires = time() + 31536000; $this->userId = 0; $user_level = 0; $classified_session = $custom_id; header("Set-Cookie: classified_session=".$custom_id."; path=/; domain=".$_SERVER["HTTP_HOST"]."; expires=".gmstrftime("%A, %d-%b-%Y %H:%M:%S GMT",$expires)); } else { //get session information $sql_query = "SELECT * FROM geodesic_sessions WHERE classified_session = ".$this->db->qstr($_COOKIE["classified_session"], get_magic_quotes_gpc()); $session_result = $this->db->Execute($sql_query); if ($session_result === false) return false; $show = $session_result->FetchRow(); if ($session_result->RecordCount() == 1) { $current_ip = 0; $sql_query = "update geodesic_sessions set last_time = ".$current_time." where classified_session = ".$this->db->qstr($_COOKIE["classified_session"], get_magic_quotes_gpc()); if($this->db->Execute($sql_query) === false) return false; if (($show["last_time"] < ($current_time + 60)) && ($current_ip == $show["ip"])) { $this->userId = $show["user_id"]; $user_level = $show["level"]; } else { //change session setcookie("classified_session","",0,"/","$HTTP_HOST"); $this->closeSession(); if ($_REQUEST["a"] && $_REQUEST["b"] && !$_REQUEST["c"] && !$_REQUEST["d"] && !$_REQUEST["e"]) header("Location: ".$URL."?a=".$_REQUEST["a"]."&b=".$_REQUEST["b"]); else header("Location: ".$URL."?".$_SERVER["QUERY_STRING"]); } } else { $ip = 0; $sql_query = "insert into geodesic_sessions (classified_session,user_id,last_time,ip,level) values (".$this->db->qstr($_COOKIE["classified_session"], get_magic_quotes_gpc()).",0,".$current_time.",'".$ip."',0)"; if($this->db->Execute($sql_query) === false) return false; if (($_REQUEST["a"]) && ($_REQUEST["b"]) && (!$_REQUEST["c"]) && (!$_REQUEST["d"]) && (!$_REQUEST["e"])) header("Location: ".$URL."?a=".$_REQUEST["a"]."&b=".$_REQUEST["b"]); else header("Location: ".$URL."?".$_SERVER["QUERY_STRING"]); } $classified_session = $_COOKIE["classified_session"]; } return $classified_session; } /** * Return the user ID stored in the Session object * * @return integer User ID */ function getUserId() { return $this->userId ? $this->userId : 0; } /** * Return a unix timestamp representing the time-shifted time * The time is adjusted using the server's time zone offset * * @return integer */ function shiftedTime() { $query = "select time_shift from ".$this->site_configuration_table; $result = $this->db->Execute($query); if($result === false) return time(); else $time = $result->FetchRow(); return time() + (3600 * $time['time_shift']); } /** * Sets the language in a cookie * If a language ID is passed in, it takes precedence * */ function setLanguage($languageId=null) { if($languageId !== null) { setcookie("language_id", $languageId, $expires); $this->languageId = $languageId; } elseif ($_REQUEST["set_language_cookie"]) { $expires = time() + 31536000; setcookie("language_id", $_REQUEST["set_language_cookie"], $expires); $this->languageId = $_REQUEST["set_language_cookie"]; //$auth->reset_language($db,$_REQUEST["set_language_cookie"]); } elseif ($_COOKIE["language_id"]) { $this->languageId = $_COOKIE["language_id"]; } else { //get default language $sql_query = "SELECT language_id FROM geodesic_pages_languages where default_language = 1"; $result = $this->db->Execute($sql_query); if ($result && $result->RecordCount() == 1) { $row = $result->FetchRow(); $expires = time() + 31536000; setcookie("language_id", $row["language_id"], $expires); $this->languageId = $row['language_id']; } } } /** * Returns the language ID stored in the Session object * * @return integer */ function getLanguage() { return $this->languageId ? $this->languageId : 1; } } //%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // WARNING DO NOT EDIT BELOW THIS LINE!!!!!!!!!!!!!!! //-------------------------------------------------------------- function decrypt($enc_text, $iv_len = 32,$server_name) { //echo $server_name." is server_name
\n"; $key = $server_name; $enc_text = base64_decode($enc_text); $n = strlen($enc_text); $i = $iv_len; $plain_text = ''; $iv = substr($key ^ substr($enc_text, 0, $iv_len), 0, 512); while ($i < $n) { $block = substr($enc_text, $i, 16); $plain_text .= $block ^ pack('H*', md5($iv)); $iv = substr($block . $iv, 0, 512) ^ $key; $i += 16; } return preg_replace('/\\x13\\x00*$/', '', $plain_text); } ?> could not connect to database