<?php
// echo $HTTP_REFERER;
if ( (strpos ( $HTTP_REFERER, "kennzeichenversand.de" ) == 0 && $HTTP_REFERER != "") /*|| $HTTP_REFERER == ""*/ )
{
unset ( $_GET["sid"] );
unset ( $_POST["sid"] );
}
/*
----------------------------------------------------------------------
CaupoShop Classic 2.18 (c) Caupo.Net GmbH
http://www.caupo.net/
----------------------------------------------------------------------
Hinweis:
Diese Software ist urheberechtlich geschuetzt- sie ist KEINE Freeware.
Die unerlaubte Vervielfaeltigung oder der unerlaubter Vertrieb dieser
Software oder Teile dieser Software, insbesondere die unerlaubte
Verbreitung auf CDs oder per Internet/FTP- Server ist nicht gestattet
und wird straf- als auch zivilrechtlich verfolgt.
Die unerlaubte Verwendung dieser Software ohne gueltigen
Lizenzschluessel ist ein ein Verstoss gegen die Lizenz-
bedingungen und wird straf- bzw. auch zivilrechtlich verfolgt.
Gemنك den geltenden Rechtsprechungen kann dies schwere Straf- und
Schadensersatzanforderungen zur Folge haben.
© 1999-2004 Caupo.Net GmbH, Freiburg - Germany
http://www.caupo.net/ - sales@caupo.net
----------------------------------------------------------------------
*/
require_once( "core/csinit.php" );
csInitCore("config.php", null);
require_once( $cs_config->coreDir."cssession.php");
csPageOpen( array("session", "user") );
$dispatcher = new CSDispatcher();
$dispatcher->start();
/**
* This class acts as a dispatcher to the requests. It find out the page (action)
* that has to perform the command. If a component of the page is specified, the command
* is invoked on the component instead. Actions can be chained - ie, login on success
* can redirect to some other page, but display an error message itself if the wrong credentials
* were given.
*/
class CSDispatcher
{
var $context = null;
var $initializedActions = array();
var $viewResults = array(); // the results to be displayed by the template engine
// must be put into this array
/**
* Navigation graph is used to find out what the logical entities (actions) map to.
* the syntax is "location/result" => "action"/"command"?["param"="value"]
*/
var $navigationGraph = array(
"index" => "start",
"startpage" => "startpage",
"search" => "search",
"list" => "list",
"list/home" => "list/home",
"order" => "order",
"order2" => "order2",
"basket" => "basket",
"register" => "register",
"forgot" => "forgot",
"showdetails" => "showdetails",
"userinfo" => "userinfo",
"contact" => "contact",
"template" => "template",
// pages which need authentification
"login/checkLogin" => "login/checkLogin?redirect=@",
// after login redirects
"login/success" => "login/redirect?redirect=@",
// after registration redirect (if we came from order page)
"register/success" => "order",
// logout redirects
"startpage/logout" => "start",
"userinfo/logout" => "start",
"address/logout" => "start",
"card/logout" => "start",
"order/logout" => "start",
"order2/logout" => "start",
"list/logout" => "start",
"search/logout" => "search",
"basket/logout" => "basket",
"showdetails/logout"=> "showdetails",
"forgot/logout" => "forgot",
"register/logout" => "register",
"contact/logout" => "contact",
"template/logout" => "template",
// mall
"mall" => "mall",
"mall/logout" => "mall",
"mallsearch" => "mallsearch",
"mallsearch/logout" => "mallsearch",
"list/selectCategory" => "list/selectCategory?component=categoryTree&categoryId=@",
);
/**
* the entry point to the dispatcher.
*/
function start()
{
global $cs_config;
$action = $this->context->getParameter("action");
$command = $this->context->getParameter("command");
$component = $this->context->getParameter("component");
if ($action == "") $action = $this->navigationGraph["index"];
$this->dispatch($action, $component, $command);
}
/**
* CSDispatcher constructor
*/
function CSDispatcher()
{
$this->context = &new CSContext();
}
/**
* This is the main dispatcher method. It handles the creation of action objects,
* finds and instantiates the component classes, invokes the commands on them,
* and depending on the execution results, either renders the page, or
* chains another action.
* @param action - the page object name
* @param component - the component the command should be executed on
* @param command - the command name
* @param params - the supplementary param string in the format paramName=value&...
*/
function dispatch($action, $component, $command, $params = false)
{ global $cs_config;
if ($action == "")
die ("empty actions are not allowed! probably you forgot to put a '/' in front of the command name!");
$this->context->setParameter("action", $action);
$actionObject = null;
if (!isset( $this->initializedActions[$action] ))
{ $action = $cs_config->getModuleClass($action, "");
$filename = $action.".php";
require_once($filename);
// determine the name of the page class
// if its a module we need to remove the path now from action
if( strstr( $action, "modules"))
{ // yep, this is a user defines module
$aPath = pathinfo( $action);
$action = $aPath['basename'];
}
$actionClassName = "cs".$action;
// create an instance of the page.
$actionObject = &new $actionClassName($this);
// simple caching mechanism
$this->initializedActions[$action] = &$actionObject;
}
else
{
$actionObject = &$this->initializedActions[$action];
}
// set context params, if any
if ($params)
{
$this->setContextParams($params);
}
// set the fields of the page object,
// that are defned in defaultParameters() and supportedParameters()
$this->setActionParams($actionObject);
$actionObject->action = $actionObject->pageName;
// invoke the init.
$actionObject->init($this->context);
// by default, we invoke the method 'start()';
if ($command == "")
$command = "start";
$resultingAction = "";
if ($component != "")
{
$theComponent = &$actionObject->findComponent($component);
// assertion to check if the component has been found
if ($theComponent == null) die("component \"$component\" not found!");
$resultingAction = $theComponent->$command();
}
else
$resultingAction = $actionObject->$command();
// get the objects that the action has prepared to view:
if ($resultingAction == "")
{
// do statistics
$statistics = &CSNewObject("BStatistics");
//$statistics->logPageVisit();
$templateName = $actionObject->render();
// put the "back" link to the database, so that we can track the click history
/*
if ($command != "back")
{
global $cs_session;
$clickHistory = &CSNewObject("BClickHistory");
$clickHistory = &CSNewObject("BClickHistory");
$result = $clickHistory->findLastClick($cs_session->id);
if (!$result || $clickHistory->link != $actionObject->backLink)
{
$clickHistory = &CSNewObject("BClickHistory");
$clickHistory->link = $actionObject->backLink;
$clickHistory->sid = $cs_session->id;
}
$clickHistory->save();
}
*/
csPageClose();
// show output
$smarty = getSmarty();
foreach($actionObject->viewResults as $viewName=>$viewData)
{ // show debbuging information
if( $cs_config->blDebug)
{ echo( "viewResults[$viewName] : \n");
print_r( $actionObject->viewResults[$viewName]);
}
$smarty->assign($viewName, $actionObject->viewResults[$viewName]);
}
// serial number
$snr = $cs_config->cs_serialnr;
$smarty->assign("snr", $snr);
// version
$ver = $cs_config->version;
$smarty->assign("ver", $ver);
// check if template dir exists
$file_name = $smarty->template_dir . $templateName;
if (!file_exists($file_name))
echo "<br><b>ERROR:</b> no such file <b>./$file_name</b> . <br><b>!!! Check if templates directory exist. !!!</b><br><br>";
$smarty->display($templateName);
exit();
}
$actionResultParams = "";
$tempArray = explode("?", $resultingAction);
$resultingAction = @$tempArray[0];
$actionResultParams = @$tempArray[1]; // @ means - if it's non existent, it's ok
if (substr($resultingAction, 0, 1) == "/")
$resultingAction = $actionObject->pageName.$resultingAction;
if (strlen($actionResultParams) > 0)
$this->setContextParams($actionResultParams);
// we have action chaining here. find out which action to call:
$resultingAction = $this->navigationGraph[$resultingAction];
// parse the resulting action
$tempArray = explode("?", $resultingAction);
$resultingAction = @$tempArray[0];
$actionResultParams = @$tempArray[1];
$tempArray = explode("/", $resultingAction);
$command = @$tempArray[1];
$action = (isset($tempArray[0]))?$tempArray[0]:$action;
$params = $this->setCommandParams($actionResultParams);
$paramArray = array();
parse_str($params, $paramArray);
// see if the component has been passed
if (array_key_exists("component", $paramArray))
$component = $paramArray["component"];
$this->dispatch($action, $component, $command, $params);
}
/**
* if a command execution resulted in some values getting returned,
* we set them on the context object
* @param params - the string in the format param=value&...
*/
function setContextParams($params)
{
$keywords = preg_split ("/[&]+/", $params);
// add array handling here
foreach($keywords as $keyword)
{
$results = explode("=", $keyword);
// $aKey = substr($keyword, 0, strcspn($keyword, "="));
// $aValue = substr($keyword, strpos($keyword, "=") +1);
if ($results[1] != "@")
$this->context->setParameter($results[0], $results[1]);
}
}
/**
* if a page object declares it's supported parameters (see functions defaultParameters()
* and supportedParameters(), these values are retrieved from the context, and set as
* properties on the page object.
* @param page the page object to set the properties to
*/
function setActionParams(&$page)
{
// set the params of the page.
$params = array_merge($page->defaultParameters(), $page->supportedParameters());
foreach($params as $paramName => $paramType)
{
// we try to get the param from the context.
$page->$paramName = $this->context->getParameter($paramName);
if ($page->$paramName == "" && ($paramType == "int" || $paramType == "float"))
$page->$paramName = null;
}
}
/**
* This is a utility method to embed the context variables in a string.
* If you have a string of format param1=hardcoded_value¶m2=@, @is treated
* like a variable. It is replaced by the 'param2' value, taken from the context
* @param params - the string in the format param=value&...
*/
function setCommandParams($params)
{
$appliedParams = "";
$keywords = preg_split ("/[&]+/", $params);
foreach($keywords as $keyword)
{
if (strpos($keyword, "@"))
{
$aKey = substr($keyword, 0, strcspn($keyword, "="));
if (!strpos($keyword, "[]"))
{
// it's a simple variable
$val = $this->context->getParameter($aKey);
if (isset($val))
{
$appliedParams .= "$aKey=".$val."&";
}
else
{
die("integrity errror!");
}
}
else
{
// it's an array
$aKey = substr($aKey, 0, strcspn($aKey, "[]"));
$val = $this->context->getParameter($aKey);
if (isset($val))
if (is_array($val))
foreach($val as $arrayElement)
$appliedParams .= "$aKey=".$arrayElement."&";
else
{
die("integrity errror!");
}
}
}
else
{
$appliedParams .= "$keyword&";
}
}
$appliedParams = substr($appliedParams, 0, strlen($appliedParams) -1); // remove the last ampersand (&)
return $appliedParams;
}
}
/**
* The context class. It allows to store the properties dynamically,
* and to retrieve the values from the $_GET, $_POST and the session arrays
*/
class CSContext
{
var $contextParams = array();
/**
* @returns the value of the parameter
*/
function getParameter($paramName)
{
global $cs_session;
// get the param from the session
$paramValue = null;
if (isset($this->contextParams[$paramName]))
$paramValue = $this->contextParams[$paramName];
else if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST[$paramName]))
$paramValue = $_POST[$paramName];
else if ($_SERVER["REQUEST_METHOD"] == "GET" && isset($_GET[$paramName]))
$paramValue = $_GET[$paramName];
else if ($cs_session->hasVar($paramName))
$paramValue = $cs_session->getVar($paramName);
else
$paramValue = null;
return $paramValue;
}
/**
* Sets the value of the parameter in the dynamic parameters array.
* It takes precedence over $_REQUEST and session variables
* @param paramName - the name of the parameter
* @param paramValue - the value of the parameter
*/
function setParameter($paramName, $paramValue)
{
$this->contextParams[$paramName] = $paramValue;
}
}
?>