time())) { $XMAS = true; } // Set referral code if ($_REQUEST['refid']) { $refid = sql($_REQUEST['refid']); $acc_query = database_query($link_s, "SELECT id FROM contact WHERE referrer_code='$refid'"); if ($acc = mysqli_fetch_object($acc_query)) { $_SESSION['referrer_id'] = $acc->id; } } // Set voucher code for evaluation later if ($_REQUEST['vouchercode']) { $_SESSION['vouchercode'] = $_REQUEST['vouchercode']; } // Set 'tag' for orders in this session - request variable takes precedence over session and cookies (final order to be decided) if ($_REQUEST['tag'] || $_SESSION['source_tag'] || $_COOKIE['tag']) { if ($_REQUEST['tag']) { $_SESSION['source_tag'] = $_REQUEST['tag']; } elseif ($_COOKIE['tag']) { $_SESSION['source_tag'] = $_COOKIE['tag']; } elseif ($_SESSION['source_tag']) { $_SESSION['source_tag'] = $_SESSION['tag']; } setcookie("source_tag", $_SESSION['source_tag'], strtotime("+1 month"), '/'); } $compare_rem = sql($_REQUEST['compare_rem']); if ($compare_rem) { if (is_array($_SESSION['compare'])) { $key = array_search($compare_rem, $_SESSION['compare']); unset($_SESSION['compare'][$key]); } } if ($SITE_SETTING['gate_password']) { $bypass = false; if ($_REQUEST['version_ts']) { // Is the request within 100ms of the current server time if (($_REQUEST['version_ts'] < $CHECKSTART) and ($_REQUEST['version_ts'] + 1 > $CHECKSTART)) { $bypass = true; } } if (strpos($_SERVER['HTTP_USER_AGENT'], "RavenCrawler") !== false) { $bypass = true; } if ($url == "/cron.php") { $bypass = true; } if (!$bypass) { if (!$_SESSION['gate_authed']) { if (($_SERVER['PHP_AUTH_PW'] != $SITE_SETTING['gate_password']) or ($_SERVER['PHP_AUTH_USER'] != $SITE_SETTING['gate_username'])) { header('WWW-Authenticate: Basic realm="Enter Username and Password"'); header('HTTP/1.0 401 Unauthorized'); print "Unauthorized"; exit; } else { $_SESSION['gate_authed'] = true; } } } } $deep_links = ["listing" => "get_main_listing_url", "category" => "get_category_url", "brand" => "get_brand_url"]; foreach ($deep_links as $table => $function) { if (has_prefix($_SERVER["REQUEST_URI"], "/app/$table/")) { $id = sql(explode("/app/$table/", $_SERVER["REQUEST_URI"])[1]); if (is_numeric($id) && $deeplink_url = trim(call_user_func($function, $id), "/")) { // get_main_listing_url returns search.php if a listing isn't found, so ignore that and 404 properly further down. if ($deeplink_url != 'search.php') { header("Location: /$deeplink_url"); exit; } } } } $pos = strpos($url, $PATH); if ($pos === 0) { $url = substr($url, strlen($PATH), strlen($url) - strlen($PATH)); $url_expl = explode("?", $url); $url = reset($url_expl); if (($url == "") or ($url == "index." . $EXTN)) { $CAT_ID = $CATROOT; // Listing perma links if ($_REQUEST['lid'] || $_REQUEST['pid']) { if ($_REQUEST['lid']) { $opt_id = 0; $lid = sql($_REQUEST['lid']); } else { $pid = sql($_REQUEST['pid']); $listing_data = get_main_product_listing($pid); $lid = $listing_data['listing_id']; $opt_id = $listing_data['option_id']; } $review = sql($_REQUEST['review']); $osec = sql($_REQUEST['osec']); $pts = $_REQUEST['pts']; $phash = $_REQUEST['phash']; $perma_link = get_main_listing_url($lid); $url_query_parts = array(); $url_anchor = ""; if ($pts) { $url_query_parts[] = "lid=" . $_REQUEST['lid']; $url_query_parts[] = "pts=" . $_REQUEST['pts']; $url_query_parts[] = "phash=" . $_REQUEST['phash']; } if ($review) { $url_query_parts[] = "select_review_tab=1"; $url_anchor = "#reviews"; } if ($osec) { $url_query_parts[] = "osec=" . $osec; } if ($opt_id > 0) { $url_query_parts[] = "opt=" . $opt_id; } if (count($url_query_parts)) { $perma_link .= "?" . implode("&", $url_query_parts); } if ($url_anchor) { $perma_link .= $url_anchor; } header("Location: " . $perma_link); exit; } if ($GLOBAL['multi_category'] == 1) { $PAGE_query = database_query($cms_link, "SELECT site_url.*, site_pagetype.table FROM site_url JOIN site_url_category ON site_url.id = site_url_category.url_id JOIN site_pagetype ON site_pagetype.id = site_url.pagetype_id WHERE site_url_category.category_id = '1'"); } else { $page_query = database_query($cms_link, "SELECT site_url.*, site_pagetype.table FROM site_url, site_pagetype WHERE site_url.id='1' AND site_pagetype.id = site_url.pagetype_id"); } if ($PAGE = mysqli_fetch_object($page_query)) { $PAGE_ID = $PAGE->id; if ($PAGE->page_title) { $META_TITLE = $PAGE->page_title; } else { $META_TITLE = $PAGE->title . $PAGE_SUFFIX; } $META_DESC = $PAGE->meta_desc; $META_KEYS = $PAGE->meta_keys; if ($PAGE->table) { $content_query = database_query($cms_link, "SELECT * FROM $PAGE->table WHERE id='$PAGE->sub_id'"); $CONTENT = mysqli_fetch_object($content_query); } // Additional Fields if ($GLOBAL['use_additional_fields'] == 1) { // $field_query = database_query($cms_link, "SELECT id FROM additional_fields WHERE pagetype_id='$PAGE->pagetype_id' ORDER BY position"); // while($field = mysqli_fetch_object($field_query)){ // $field_ids[] = $field->id; // } // $ADDITIONAL = get_additional($PAGE->id, $field_ids); } // Grouped Additional Fields if ($GLOBAL['addl_group'] == 1) { $group_query = database_query($cms_link, "SELECT id FROM `group` WHERE pagetype_id='$PAGE->pagetype_id' AND parent_id = '-1'"); while ($group = mysqli_fetch_object($group_query)) { $group_ids[] = $group->id; } $GROUP = get_groups($PAGE->id, $group_ids); } } include_once("index.php"); exit; } if (!$SHOP_ENABLED) { include_once(trim($CMS_PATH, "/") . "/virtual.php"); exit; } if ((strpos($url, ".") === false) and (substr($url, -1, 1) != "/")) { $url = $url . "/"; } $url_parts = explode("/", $url); $page = array_pop($url_parts); if (count($url_parts) > 0) { $CAT_ID = find_categories($url_parts, $CATROOT); } else { $CAT_ID = $CATROOT; } if (($page == "") or ($page == "index." . $EXTN)) { if ($CAT_ID == $CATROOT) { if ($GLOBAL['multi_category'] == 1) { $page_query = database_query($cms_link, "SELECT site_url.*, site_pagetype.table FROM site_url JOIN site_url_category ON site_url.id = site_url_category.url_id JOIN site_pagetype ON site_pagetype.id = site_url.pagetype_id WHERE site_url_category.category_id = '1'"); } else { $page_query = database_query($cms_link, "SELECT site_url.*, site_pagetype.table FROM site_url, site_pagetype WHERE site_url.id='1' AND site_pagetype.id = site_url.pagetype_id"); } if ($PAGE = mysqli_fetch_object($page_query)) { $PAGE_ID = $PAGE->id; if ($PAGE->page_title) { $META_TITLE = $PAGE->page_title; } else { $META_TITLE = $PAGE->title . $PAGE_SUFFIX; } $META_DESC = $PAGE->meta_desc; $META_KEYS = $PAGE->meta_keys; if ($PAGE->table) { $content_query = database_query($cms_link, "SELECT * FROM $PAGE->table WHERE id='$PAGE->sub_id'"); $CONTENT = mysqli_fetch_object($content_query); } // Additional Fields if ($GLOBAL['use_additional_fields'] == 1) { // $field_query = database_query($cms_link, "SELECT id FROM additional_fields WHERE pagetype_id='$PAGE->pagetype_id' ORDER BY position"); // while($field = mysqli_fetch_object($field_query)){ // $field_ids[] = $field->id; // } // $ADDITIONAL = get_additional($PAGE->id, $field_ids); } // Grouped Additional Fields if ($GLOBAL['addl_group'] == 1) { $group_query = database_query($cms_link, "SELECT id FROM `group` WHERE pagetype_id='$PAGE->pagetype_id' AND parent_id = '-1'"); while ($group = mysqli_fetch_object($group_query)) { $group_ids[] = $group->id; } $GROUP = get_groups($PAGE->id, $group_ids); } } include_once("index.php"); exit; } if ($CAT_ID > 0) { $cat_query = database_query($link_s, "SELECT * FROM site_category WHERE id='$CAT_ID'"); if ($CAT = mysqli_fetch_object($cat_query)) { if ($CAT->title_page) { $CAT_TITLE = $CAT->title_page; } else { $CAT_TITLE = $CAT->name; } if ($CAT->seo_title) { $META_TITLE = $CAT->seo_title; } else { $META_TITLE = cat_to_root_simple($CAT_ID) . $PAGE_SUFFIX; } $META_KEYS = $CAT->meta_keywords; $META_DESC = $CAT->meta_description; $sub_cat_query = database_query($link_s, "SELECT id FROM site_category WHERE parent_id='$CAT_ID' AND enabled=1 AND deleted=0"); if (mysqli_num_rows($sub_cat_query) < 1) { $list_qty_query = database_query($link_s, "SELECT site_listing.id, site_listing.filename FROM site_listing_category, site_listing WHERE site_listing_category.category_id='$CAT_ID' AND site_listing.id=site_listing_category.listing_id AND site_listing.disabled='0' AND site_listing.deleted='0' AND (site_listing.availability = '5' OR (site_listing.availability = '1' AND site_listing.cache_availability = '1'))"); if (mysqli_num_rows($list_qty_query) < 0) { if ($list_qty = mysqli_fetch_object($list_qty_query)) { //Check to see if there is an enabled product on the listing before redirecting// $prod_q = database_query($link_s, "SELECT product.id FROM product, site_listing_option WHERE site_listing_option.product_id = product.id AND site_listing_option.site_listing_id = '{$list_qty->id}' AND product.deleted = 0 AND product.enabled = 1 AND product.price != 0"); if (mysqli_num_rows($prod_q)) { // There is 1 so forward header("Location: " . get_path_category($CAT_ID) . $list_qty->filename . "." . $EXTN); exit; } else { if ($CAT->type_id) { $cattype_q = database_query($link, "SELECT `include` FROM site_category_type WHERE id = '{$CAT->type_id}' AND enabled = '1'"); if ($cattype = mysqli_fetch_object($cattype_q)) { include_once($cattype->include); } else { include_once("category.php"); } } else { include_once("category.php"); } exit; } } else { // It's an empty category if ($CAT->type_id) { $cattype_q = database_query($link, "SELECT `include` FROM site_category_type WHERE id = '{$CAT->type_id}' AND enabled = '1'"); if ($cattype = mysqli_fetch_object($cattype_q)) { include_once($cattype->include); } else { include_once("category.php"); } } else { include_once("category.php"); } exit; } } } if ($CAT->type_id) { $cattype_q = database_query($link, "SELECT `include` FROM site_category_type WHERE id = '{$CAT->type_id}' AND enabled = '1'"); if ($cattype = mysqli_fetch_object($cattype_q)) { include_once($cattype->include); } else { include_once("category.php"); } } else { include_once("category.php"); } exit; } else { // CMS Virtual include_once(trim($CMS_PATH, "/") . "/virtual.php"); exit; } } else { if (strtolower($url_parts[0]) == 'brands') { $url_parts[1] = strtoupper($url_parts[1]); $brand_letter = sql($url_parts[1]); if ($brand_letter) { $letter_url = implode("/", $url_parts); $entered_url = rtrim($url, "/"); if ($entered_url !== $letter_url) { header("HTTP/1.1 301 Moved Permanently"); header("Location: " . $SITE['site'] . "/" . $letter_url . "/"); } $LETTER = $brand_letter; include_once("brands.php"); exit; } else { header("Location: " . $SITE['site'] . "/brands.htm"); exit; } } else { // Search for manufacturers/groups $manu_url = rtrim($url, "/"); if (strtolower($manu_url) !== $manu_url) { $manu_url = strtolower($manu_url); header("HTTP/1.1 301 Moved Permanently"); header("Location: " . $SITE['site'] . "/" . $manu_url . "/"); exit; } $manu_url = sql($manu_url); $manu_query = database_query($link_s, "SELECT site_manufacturer.id, name, title_page, url, content_intro, content_footer, image_id, meta_keywords, meta_description, seo_title FROM site_manufacturer, site_manufacturer_channel WHERE site_manufacturer.url='$manu_url' AND site_manufacturer.enabled = 1 AND site_manufacturer.deleted = 0 AND site_manufacturer_channel.manufacturer_id=site_manufacturer.id AND site_manufacturer_channel.channel_id='$CHANNEL'"); if ($MANU = mysqli_fetch_object($manu_query)) { $MANU_ID = $MANU->id; if ($MANU->title_page) { $MANU_TITLE = $MANU->title_page; } else { $MANU_TITLE = $MANU->name; } if ($MANU->seo_title) { $META_TITLE = $MANU->seo_title; } else { $META_TITLE = $MANU->name . $PAGE_SUFFIX; } $META_KEYS = $MANU->meta_keywords; $META_DESC = $MANU->meta_description; include_once("manufacturer.php"); exit; } else { // CMS Virtual include_once(trim($CMS_PATH, "/") . "/virtual.php"); exit; } } } } else { // Check for products $page_parts = explode(".", $page); $fname = reset($page_parts); // Check for static pages $page = sql($page); if ($CAT_ID == $CATROOT) { $static_query = database_query($link_s, "SELECT id, `name`, `type`, page_site, page_ftp, cache, https FROM site_static WHERE page_site='$page' AND (channel_id=0 OR channel_id='$CHANNEL') ORDER BY channel_id DESC LIMIT 1"); if ($static_res = mysqli_fetch_object($static_query)) { $CAT_ID = $CATROOT; if ($static_res->cache) { header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 1 * 60 * 60) . ' GMT', true); header("Pragma: public", true); header("Cache-Control: must-revalidate, post-check=0, pre-check=0", true); } // Check to make sure the include actually exists rather than include it blind. if (file_exists($static_res->page_ftp)) { $META_TITLE = $static_res->name . $PAGE_SUFFIX; header("Content-type: $static_res->type", true); include_once($static_res->page_ftp); } else { redirect(); $META_TITLE = 'Page Not Found' . $PAGE_SUFFIX; header("HTTP/1.0 404 Not Found"); include_once($GLOBAL_PATH . "404.php"); } exit; } } if (end($page_parts) == $EXTN) { $fname = sql($fname); $plid = $_REQUEST['lid']; $pts = $_REQUEST['pts']; $phash = $_REQUEST['phash']; $preview_timeout_valid = false; $preview_timeout = $SYSTEM_SETTING[1418]; $preview_expiry_time = new DateTime(); $preview_expiry_time->modify("-" . $preview_timeout); if ($pts > $preview_expiry_time->format("U")) { $preview_timeout_valid = true; } $p_check_md5 = md5($plid . "-MOWERPPREVIEW-" . $pts); if ($p_check_md5 != $phash || !$preview_timeout_valid) { $preview_check = "AND site_listing.disabled='0'"; } else { $preview_lid = sql($plid); $preview_check = "AND site_listing.id = '{$preview_lid}'"; } $list_query = database_query($link_s, "SELECT site_listing.id, site_listing.nogroup, title, title_sub, detailed, overview, shortdesc, offer, `availability`, `disabled`, meta_keywords, meta_description, site_listing_type.include, option_level1, option_level2, site_listing_category.id as category_listing_id, site_listing.seo_title, site_listing.title_page FROM site_listing_category, site_listing, site_listing_type, site_listing_option WHERE site_listing_category.category_id='$CAT_ID' AND site_listing.id=site_listing_category.listing_id AND site_listing.filename='$fname' {$preview_check} AND site_listing.deleted='0' AND site_listing_type.id=site_listing.type_id AND site_listing_option.site_listing_id = site_listing.id"); if ($LISTING = mysqli_fetch_object($list_query)) { $LISTING_ID = $LISTING->id; if ($LISTING->seo_title) { $META_TITLE = $LISTING->seo_title; } else { $cate = cat_to_root_simple($CAT_ID, 0); $META_TITLE = $cate . $LISTING->title . $PAGE_SUFFIX; if (strlen($META_TITLE) > 70) { $META_TITLE = $LISTING->title . $PAGE_SUFFIX; } } $META_KEYS = $LISTING->meta_keywords; $META_DESC = $LISTING->meta_description; // Find out if listing has active products (only look at first level options as can't get to second level if these are disabled). If not, 404. $prod_q = database_query($link_s, "SELECT product.id FROM site_listing_option LEFT JOIN product ON site_listing_option.product_id = product.id AND product.deleted = 0 AND product.enabled = 1 LEFT JOIN site_listing ON site_listing.id = site_listing_option.site_listing_id WHERE site_listing_option.site_listing_id = '{$LISTING->id}' $future_listings_query AND (product_id IS NOT NULL OR (site_listing_option.xvc = 1 AND site_listing_option.xvc_values != ''))"); if (!mysqli_num_rows($prod_q)) { redirect(); $CAT_ID = $CATROOT; $META_TITLE = 'Page Not Found' . $PAGE_SUFFIX; header("HTTP/1.0 404 Not Found"); include_once($GLOBAL_PATH . "404.php"); exit; } // Check for a unique order code to fetch information $osec = sql($_REQUEST['osec']); if ($osec) { $order_check_q = database_query($link, "SELECT id, email, firstname, lastname, phone_1, contact_id FROM `order` WHERE unique_code = '{$osec}' LIMIT 1"); if ($order_check = mysqli_fetch_object($order_check_q)) { $osec_contact_id = $order_check->contact_id; $osec_order_id = $order_check->id; $osec_firstname = $order_check->firstname; $osec_lastname = $order_check->lastname; $osec_email = $order_check->email; $osec_phone = $order_check->phone_1; } } if ($LISTING->title_page) { $LISTING_TITLE = $LISTING->title_page; } else { $LISTING_TITLE = $LISTING->title; } include_once($LISTING->include); exit; } else { // CMS Virtual include_once(trim($CMS_PATH, "/") . "/virtual.php"); exit; } } else { // CMS Virtual include_once(trim($CMS_PATH, "/") . "/virtual.php"); exit; } } } else { print "Cant Find Location - check PATH setting is correct"; exit; }