assets/s2difunctions.php /// Art: Include /// Inhalt: Klasse session, Klasse format, Klasse xcrypt, Funktionen /// Beschreibung: Allgebräuchliche Funktionen, Session, Formatierung und Verschlüsselung /// Benötigt: config.php, db.php /// CCML-Parsing: nein /// ////////////////////////////////////////////////////////////////////////////////////////// /// /// Letzte Änderungen: /// 10.02.2009 Variable für Encryption geändert /// 22.09.2009 split -> explode /// shop to date 7 /// 09.12.2009 Cookiecheck hinzugefügt /// 27.01.2010 Plugin direkter Login /// ////////////////////////////////////////////////////////////////////////////////////////// ///<27.01.2010/7.0.0.11/> if (!defined('SHOP_TO_DATE')) die('Forbidden'); // Für Stripslash function de_slash(&$element) { if (is_scalar($element)) $element = stripslashes($element); else array_walk($element, "de_slash"); } // Magic quotes if (get_magic_quotes_gpc() && !defined('MAGIC_QUOTES_DONE')) { if (isset($_GET)) array_walk($_GET, "de_slash"); if (isset($_POST)) array_walk($_POST, "de_slash"); define('MAGIC_QUOTES_DONE', true); } // Klasse Session class session extends db { var $session_id = null; var $client_id = null; var $saveonmachine = false; var $affiliate_id = null; var $affiliate_subid = null; var $related_uids = array(); // Zuletzt angesehen var $basket_uids = array(); // Zuletzt in den Warenkorb var $no_remember = null; var $just_created = false; function session($http_session_id = null) { global $dbms; $this->db('sessions'); // Cookie einlesen $session_id = $this->get_cookie(COOKIE_SESSION, CHECK_ALPHANUM32); $client_id = $this->get_cookie(COOKIE_CLIENT, CHECK_SIGNETNUM); $securekey = $this->get_cookie(COOKIE_KEY, CHECK_ALPHANUM32); $this->no_remember = floor($this->get_cookie(COOKIE_NOREMEMBER, CHECK_ALL)); if ($ser = $this->get_cookie(COOKIE_ITEMS, CHECK_ALL)) $this->related_uids = unserialize($ser); if ($ser = $this->get_cookie(COOKIE_BASKETITEMS, CHECK_ALL)) $this->basket_uids = unserialize($ser); $this->affiliate_id = $this->get_cookie(COOKIE_AFFILIATE, CHECK_ALPHANUM) ? $this->get_cookie(COOKIE_AFFILIATE, CHECK_ALPHANUM) : null; $this->affiliate_subid = $this->get_cookie(COOKIE_AFFILIATESUB, CHECK_ALPHANUM) ? $this->get_cookie(COOKIE_AFFILIATESUB, CHECK_ALPHANUM) : null; // Wenn Session vorhanden und auf dem Server gefunden $object = $this->db_selectone(array('session_id', 'session_time', 'securekey'), array('session_id' => $session_id)); $success = false; if ($http_session_id && !$session_id) { // SSL Übergang $object = $this->db_selectone(array('session_id', 'session_time', 'securekey'), array('session_id' => $http_session_id)); if ($object) { $this->session_id = $http_session_id; $this->set_cookie(COOKIE_NAME.COOKIE_SESSION, $this->session_id, true); $success = true; } } else if ($session_id && $object) { // Zeit aktualisieren if (time() - $object->session_time > 60) $this->db_update(array('session_time' => time()), array('session_id' => $session_id)); $this->session_id = $session_id; if ($client_id && $securekey && $object->securekey && $securekey == md5($object->securekey)) { $this->client_id = $client_id; } $success = true; } // Neue Session anlegen if (!$success) { $this->session_id = md5(uniqid(rand())); $this->set_cookie(COOKIE_NAME.COOKIE_SESSION, $this->session_id, true); $this->db_insert(array( 'session_id' => $this->session_id, 'session_time' => time(), )); $this->just_created = true; } // Alte Sessions und Artikel im Warenkorb soweie Kunden ohne Konto löschen if (floor(mt_rand(1, 100)) == 1) { $this->db_select(array('session_id'), array('session_time < '.(time() - CC_SITE_DTL * 86400))); $item = new item(); $client = new client(); while($s = $this->db_fetch()) { $this->db_delete(array('session_id' => $s->session_id)); $item->db_delete(array('order_id' => $s->session_id)); $client->db_delete(array('password' => $s->session_id)); } $this->db_free(); } } // Cookie auslesen function get_cookie($cookie_name, $check) { $value = null; if (isset($_COOKIE[COOKIE_NAME.$cookie_name])) { $value = stripslashes($_COOKIE[COOKIE_NAME.$cookie_name]); if (!preg_match($check, $value)) $value = null; } return $value; } // Cookie setzen function set_cookie($cookie_name, $data, $live) { $cookie_path = '/'; $cookie_domain = ''; $cookie_ssl = 0; if ($live) $cookie_time = time() + CC_SITE_DTL * 86400; else $cookie_time = 0; setcookie($cookie_name, $data, $cookie_time, $cookie_path, $cookie_domain, $cookie_ssl); } // Kunde einloggen function set_client($client_id, $name, $live) { $this->saveonmachine = $live; $this->client_id = $client_id; $this->set_cookie(COOKIE_NAME.COOKIE_CLIENT, $this->client_id, $live); $this->set_cookie(COOKIE_NAME.COOKIE_CLIENTNAME, $name, $live); $this->securekey = md5(uniqid(rand(), true)); $this->set_cookie(COOKIE_NAME.COOKIE_KEY, md5($this->securekey), $live); $this->db_update(array('securekey' => $this->securekey), array('session_id' => $this->session_id)); } // Zuletzt angesehen speichern function remember_item($uid) { array_unshift($this->related_uids, $uid); if (count($this->related_uids) > MAX_REMEMBER_ITEMS) array_pop($this->related_uids); $this->set_cookie(COOKIE_NAME.COOKIE_ITEMS, serialize($this->related_uids), true); } // In den Warenkorb speichern function basket_item($uid) { array_unshift($this->basket_uids, $uid); if (count($this->basket_uids) > MAX_REMEMBER_ITEMS) array_pop($this->basket_uids); $this->set_cookie(COOKIE_NAME.COOKIE_BASKETITEMS, serialize($this->basket_uids), true); } // Zuletzt angesehen ein-/ausschalten function toggle_remember($rem) { $this->no_remember = $rem; $this->set_cookie(COOKIE_NAME.COOKIE_NOREMEMBER, $this->no_remember); } // Affiliate IDs setzen function set_affiliate($affiliate_id, $affiliate_subid) { $this->affiliate_id = $affiliate_id; $this->affiliate_subid = $affiliate_subid; // Zugriffe zählen $today = date("Y-m-d"); $affiliate = new abstractdb(TABLE_AFFILIATE, $this->affiliate_id, array('date' => $today)); if (isset($affiliate->hits)) { $affiliate->hits++; $affiliate->store(null, array('date' => $today)); } else { $affiliate->date = $today; $affiliate->hits = 1; $affiliate->store(true); } // Cookie setzen $this->set_cookie(COOKIE_NAME.COOKIE_AFFILIATE, $affiliate_id, true); $this->set_cookie(COOKIE_NAME.COOKIE_AFFILIATESUB, $affiliate_subid, true); } // Shopbetreiber einloggen function set_shopadmin() { $this->set_client(-1, null, false); } // Shopbetreiber abfragen function is_shopadmin() { return $this->client_id == -1; } // Session beenden function unset_client() { $this->db_update(array('securekey' => NULL), array('session_id' => $this->session_id)); $this->set_cookie(COOKIE_NAME.COOKIE_CLIENT, '', false); $this->set_cookie(COOKIE_NAME.COOKIE_CLIENTNAME, '', false); $this->set_cookie(COOKIE_NAME.COOKIE_KEY, '', false); $this->client_id = null; } // Affiliate beenden function unset_affiliate() { $this->set_cookie(COOKIE_NAME.COOKIE_AFFILIATE, '', false); $this->set_cookie(COOKIE_NAME.COOKIE_AFFILIATESUB, '', false); } } //////////////////////////////////////////////////////////////////////////// // Klasse für Formatierungen class format { // Basisfunktionalität function baseformat($n, $s, $t = true) { return number_format(round(floatval($n), $s), $s, CC_SITE_DECIMALSEPARATOR, $t ? CC_SITE_THOUSANDSOPERATOR : ''); } // Preis ohne Währung function cleanprice($num) { return format::baseformat($num, 2, false); } // Gewicht mit Einheit function weight($num) { return format::baseformat($num, 2).' '.CC_SITE_WEIGHTUNIT; } // USt mit Einheit function vat($num) { return format::baseformat($num, 2).'%'; } // Währung mit Einheit function price($num, $currency) { return format::baseformat($num, 2).' '.$currency; } // Datum formatiert function date($date) { if ($date) return date(CC_SITE_DATEFORMAT, strtotime($date)); } // Datum aus timestamp function todate($timestamp) { return format::date(date('Y-m-d', $timestamp)); } // Menge je nach Nachkommastellen function quantity($quantity, $precision) { return format::baseformat($quantity, $precision, false); } // Menge mit nur den max. erforderlichen Naschkommastellen function quantityall($quantity) { $text = strval($quantity); if (preg_match('/\./', $text)) { while ($text[strlen($text) - 1] == '0') $text = substr(0, strlen($text - 1)); return format::baseformat(floatval($text), strlen($text) - strpos($text, '.') - 1, false); } else return format::baseformat($quantity, 0, false); } // Type in Ganzzahl konvertieren function to_int(&$obj, $fields) { foreach($fields as $f) if ($obj->$f !== null) $obj->$f = floor(intval($obj->$f)); } // Type in absolut Ganzzahl konvertieren function to_abs(&$obj, $fields) { foreach($fields as $f) if ($obj->$f !== null) $obj->$f = abs(floor(intval($obj->$f))); } // Type in float konvertieren function to_float(&$obj, $fields, $precision = null) { foreach($fields as $f) if ($obj->$f !== null) { if ($precision === null) $obj->$f = round(floatval($obj->$f)); else $obj->$f = round(floatval($obj->$f), $precision); } } } //////////////////////////////////////////////////////////////////////////// XOR Verschlüsselung für Dateien // Klasse für die Verschlüsselung class xcrypt { var $key = CC_SITE_ENCRYPTIONKEY; var $text; var $after; function xcrypt($text) { $this->text = $text; } // Verschlüsseln function encrypt() { return $this->after = $this->str2hex($this->x_cryption($this->text)); } // Entschlüsseln function decrypt() { return $this->after = $this->x_cryption($this->hex2str($this->text)); } // Länge ermitteln in Hex function get_length() { $my_length = strlen($this->after); $my_length = dechex($my_length); while (strlen($my_length) < 6) $my_length = "0".$my_length; return $my_length; } // Checksumme ermitteln in Hex function get_checksum() { $i = 0; $n = 0; $rtn = ""; $my_string = strtoupper($this->after); for ($i = 0; $i < 8; $i++) $myCount[$i] = pow(2, $i); for ($i = 0; $i < strlen($my_string); $i++){ $myAsc = ord(substr($my_string, $i, 1)); if ($n == 8) $n=0; $rtn = $rtn + $myCount[$n] * $myAsc; if ($rtn > 32767) $rtn = -32768 + ($rtn - 32767); $n++; } $my_sum = abs($rtn); $my_sum = dechex($my_sum); while (strlen($my_sum) < 6) $my_sum = "0" . $my_sum; return $my_sum; } // PRIVAT Verschlüsselung durchführen function x_cryption($my_string) { $pos = 0; $rtn = ""; for ($i = 0; $i < strlen($my_string); $i++){ if ($pos >= strlen($this->key)) $pos = 0; $rtn .= substr($my_string, $i, 1) ^ substr($this->key, $pos, 1); $pos++; } return $rtn; } // STATISCH Entschlüsseln ohne Objekt function xdecrypt($text) { $crypt = new xcrypt($text); return $crypt->decrypt(); } // STATISCH Verschlüsseln ohne Objekt function xencrypt($text) { $crypt = new xcrypt($text); return $crypt->encrypt(); } // Minimalverschlüsselung function str2hex($str) { $hex = ''; $str = strrev($str); for ($i = 0; $i < strlen($str); $i++) $hex .= sprintf("%02x", ord(substr($str, $i, 1))); return $hex; } // Minimalentschlüsselung function hex2str($hex) { $str = ''; for ($i = 0; $i < strlen($hex); $i += 2) $str .= chr(hexdec(substr($hex, $i, 2))); return strrev($str); } } //////////////////////////////////////////////////////////////////////////// // Beim Zusammensetzen von Pfaden ggf. doppelte Slashes entfernen function clean_url($url) { return preg_replace('/^[\.\/]+/', '', $url); } // Weiterleitung function redirect($first, $back = '') { if ($back) { $back = xcrypt::str2hex($back); if (strstr($first, '?')) $first = "$first&".PARAMETER_REDIRECT."=$back"; else $first = "$first?".PARAMETER_REDIRECT."=$back"; } if (ini_get('sendmail_from') == 'preview@webtodatepreview.local') { if (!strstr($first, 'http')) $server_name = CC_SITE_LOCALURL; else $server_name = ''; } else { if (!strstr($first, 'http')) $server_name = trim(CC_SITE_SSLURL ? CC_SITE_SSLURL : CC_SITE_HTTPURL); else $server_name = ''; } $first = trim($first); // Weiterleitung über HTTP header('Location: '.$server_name.clean_url($first)); exit; } // Verwendung für Länder function get_countries() { global $country_options; if (!count($country_options)) $country_options = array( "DE,DEU,276:Deutschland", "AF,AFG,004:Afghanistan", "EG,EGY,818:Ägypten" ); return $country_options; } // Verwendung für Anreden function get_salutations() { $salutation_options = array( CC_RESSOURCE_MR, CC_RESSOURCE_MRS, CC_RESSOURCE_COMPANY ); return $salutation_options; } // Funktion zum abziehen von Feldern function array_diff_keys($array1, $array2) { $diff = array(); foreach ($array1 as $key => $value) if (!array_key_exists($key, $array2)) $diff[$key] = $value; return $diff; } // Gibt POST Daten zurück function post($index, $check = null) { return getpost($_POST, $index, $check); } // Falls vorhanden POST Parameter sonst NULL function postornull($index, $check = null) { $p = getpost($_POST, $index, $check); return $p ? $p : null; } // Gibt GET Daten zurück function get($index, $check = null) { return getpost($_GET, $index, $check); } function noentities($value) { return preg_replace('/["\'<>]/', '', $value); } // Holt POST Daten und überprüft diese, zur Sicherheit einige Zeichen entfernen function getpost(&$arr, $index, $check) { $value = isset($arr[$index]) ? $arr[$index] : null; $value = noentities($value); if ($check && $value && !preg_match($check, $value)) { if (DEBUG) script_die(CC_RESSOURCE_FORBIDDEN.' Regex:'.$check.', Key:'.$index.', Wert:'.$value); else script_die(CC_RESSOURCE_FORBIDDEN); } if ($check == CHECK_BOOL) $value = $value ? 1 : 0; return $value; } // Prüft auf POST Daten function is_post($index) { return isset($_POST[$index]); } // Prüft auf GET Daten function is_get($index) { return isset($_GET[$index]); } // Skriptende wegen Fehler function script_die($error, $file = '?', $line = '?', $sql = '', $sql_error = '') { global $x2dws; if (DEBUG) $die = "$error
\n
\nDebug Mode
\nFile: $file
\nLine: $line
\n".($sql ? "SLQ: $sql
\nError: $sql_error" : ""); else $die = $error; if ($x2dws) $x2dws->error_response(strip_tags($die)); else die($die); exit; } // Umsatzsteueranpassung Spanien // Liefert die von der Provinz des Kunden abhängigen Umsatzsteuerersetzungen function get_vat_adaption(&$client) { global $provinces; $adaption = array(); if ($zip = $client->get_zip()) foreach ($provinces as $p) if ($zip == $p['zip']) if ($set = $p['vat']) foreach(explode(' ', $set) as $vat) { list($old, $new) = explode('=', $vat); $adaption[$old] = $new; } return $adaption; } // Speichert Daten in eine Dtei function save_to_file($filename, $content) { if (!$file_handle = fopen($filename, 'a')) script_die('Can not open file'); if (!fwrite($file_handle, $content)) script_die('Can not write to file'); if (!fclose($file_handle)) script_die('Can not close file'); } ?>