include_once() ???

Discussion in 'PHP' started by guest3297, 22 Oct 2007.

  1. guest3297

    guest3297 Banned

    Joined:
    27 Jun 2006
    Messages:
    1,246
    Likes Received:
    639
    Reputations:
    817
    Тут есть баг?

    register_globals Off
    magic_quotes_gpc On

    Как заюзать?
    Собственно интересует первая строчка.
    Code:
    
<?
include_once($SITE_ROOT.'core/aid_codec.class.php');

class user_session{
    public  $sid;
    public  $aid;
    public  $cookies_name;
    public  $data;

    public function /*user_session constructor*/__construct(){
        $this->cookies_name = 'USID';
        $this->data = array();
        if(!$this->check()){
            $this->create();
        }
        if(!$res = setcookie($this->cookies_name, $this->sid, time()+100000000,'/')){
            die('Session cookie error!');
        }

        $codec = new aid_codec();
        if(isset($_SERVER['QUERY_STRING'])){
            $aid = $codec->decoder($_SERVER['QUERY_STRING']);
            $aid = ($aid !== false) ? $aid : '';
        }
        //----------- Set affiliate ID
        $AfilliateID = (isset($_GET["aid"])) ? $_GET["aid"] : $aid;
        if($AfilliateID!=''){
            $_COOKIE['aid'] = $AfilliateID;
            setcookie('aid', $AfilliateID, time()+(3600*24*14));
        }
        else{
            if(isset($_COOKIE['aid'])) $AfilliateID  = $_COOKIE['aid'];
        }
        $this->aid = $AfilliateID;

        unset($res,$codec,$aid,$AfilliateID);
    }

    private function create(){
        global $SDATA, $SITE_ROOT;
        $this->sid = md5(uniqid(rand(), true));// only php5
        $this->data = array();
        $this->data['time'] = time();
        $this->data['aid']  = '';

        // Определяем символ валюты
        if($SDATA['MONEY_TYPES']['use'] === true){
            $vl = $SDATA['MONEY_TYPES']['default'];
            $ipvl = $_SERVER['REMOTE_ADDR'];
            $tmp = explode('.',$ipvl);
            $ipvl = $tmp[0]*256*256*256 + $tmp[1]*256*256 + $tmp[2]*256 + $tmp[3];
            // Читаем БД IP
            $iptable = file_get_contents($SITE_ROOT.'_cnf/'.$SDATA['MONEY_TYPES']['ip-table']);
            $ipstr = explode(';',$iptable);
            $cnt = count($ipstr);
            for($i=0;$i<$cnt;$i++){
                if(trim($ipstr[$i]) != ''){
                    $tmp = explode(':',$ipstr[$i]);
                    if($ipvl >= trim($tmp[0]) && $ipvl < trim($tmp[1])){
                        $vl = trim($tmp[3]);
                        break;
                    }
                }
            }
            unset($tmp,$ipvl,$iptable,$ipstr,$cnt,$i);
            if($vl == 'us' )$SDATA['MONEY_TYPES']['use'] = false;
            else $SDATA['MONEY_TYPES']['default'] = $vl;
            unset($vl);

        }
        $this->data['money_type'] = $SDATA['MONEY_TYPES']['default'];
        $index = 0;
        $cnt = count($SDATA['MONEY_TYPES']['types']);
        for($i=0;$i<$cnt;$i++){
            if($SDATA['MONEY_TYPES']['types'][$i] == $this->data['money_type']){
                $this->data['money_type_prefix'] = $SDATA['MONEY_TYPES']['prefix'][$i];
                break;
            }
        }
        unset($index,$cnt,$i);
    }

    private function check(){
        global $SITE_ROOT,$SDATA;
        $this->sid = 0;
        if(array_key_exists($this->cookies_name,$_COOKIE)) $this->sid = $_COOKIE[$this->cookies_name];
        else if(array_key_exists($this->cookies_name,$_GET))  $this->sid = $_GET[$this->cookies_name];
        else if(array_key_exists($this->cookies_name,$_POST)) $this->sid = $_POST[$this->cookies_name];
        if($this->sid != 0) return $this->read($this->sid);
        return false;
    }

    public function read($sid){
        global $SITE_ROOT,$SDATA;
        if(file_exists($SITE_ROOT.'temp/session.'.$sid)){
            $this->sid = $sid;
            $this->data = file_get_contents($SITE_ROOT.'temp/session.'.$sid);
            $this->data = unserialize($this->data);
            $this->data['oldtime'] = $this->data['time'];
            $this->data['time'] = time();
            return true;
        }
        return false;
    }

    public function save(){
        global $SITE_ROOT,$SDATA;
        $str = serialize($this->data);
        if(file_exists($SITE_ROOT.'temp/session.'.$this->sid))
            unlink($SITE_ROOT.'temp/session.'.$this->sid);
        if($fp = @fopen($SITE_ROOT.'temp/session.'.$this->sid,'a')){
            fwrite($fp,$str);
            fclose($fp);
            unset($str,$fp);
            return true;
        }
        unset($str,$fp);
        return false;
    }
}
?>
     
    #1 guest3297, 22 Oct 2007
    Last edited: 22 Oct 2007
    2 people like this.
  2. Dr.Z3r0

    Dr.Z3r0 Leaders of the World

    Joined:
    6 Jul 2007
    Messages:
    284
    Likes Received:
    595
    Reputations:
    567
    Канешна... просто на своем хосте создай папку 'core' и засунь в нее 'aid_codec.class.php' и обратись к этому скрипту так http://site/script.php?SITE_ROOT=http://you_site/

    Блин написал это перед тем как ты добавил про register_globals Off.... значит никак ты не заюзаешь...
     
    #2 Dr.Z3r0, 22 Oct 2007
    Last edited: 22 Oct 2007
  3. sw04

    sw04 Elder - Старейшина

    Joined:
    10 Oct 2007
    Messages:
    44
    Likes Received:
    10
    Reputations:
    0
    А какую ошибку пишет?
    переменная $site_root имеется какое-то значение?
     
    #3 sw04, 22 Oct 2007
  4. The_HuliGun

    The_HuliGun Elder - Старейшина

    Joined:
    19 May 2007
    Messages:
    191
    Likes Received:
    84
    Reputations:
    11
    Без вариантов. При register_globals Off забудь.
     
    #4 The_HuliGun, 22 Oct 2007
(You must log in or sign up to post here.)
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.