include_once() ???

Discussion in 'PHP' started by guest3297, 22 Oct 2007.

  1. guest3297

    guest3297 Banned

    Joined:
    27 Jun 2006
    Messages:
    1,246
    Likes Received:
    639
    Reputations:
    817
    Тут есть баг?

    register_globals Off
    magic_quotes_gpc On

    Как заюзать?
    Собственно интересует первая строчка.
    Code:
    
    <?
    include_once($SITE_ROOT.'core/aid_codec.class.php');
    
    class user_session{
        public  $sid;
        public  $aid;
        public  $cookies_name;
        public  $data;
    
        public function /*user_session constructor*/__construct(){
            $this->cookies_name = 'USID';
            $this->data = array();
            if(!$this->check()){
                $this->create();
            }
            if(!$res = setcookie($this->cookies_name, $this->sid, time()+100000000,'/')){
                die('Session cookie error!');
            }
    
            $codec = new aid_codec();
            if(isset($_SERVER['QUERY_STRING'])){
                $aid = $codec->decoder($_SERVER['QUERY_STRING']);
                $aid = ($aid !== false) ? $aid : '';
            }
            //----------- Set affiliate ID
            $AfilliateID = (isset($_GET["aid"])) ? $_GET["aid"] : $aid;
            if($AfilliateID!=''){
                $_COOKIE['aid'] = $AfilliateID;
                setcookie('aid', $AfilliateID, time()+(3600*24*14));
            }
            else{
                if(isset($_COOKIE['aid'])) $AfilliateID  = $_COOKIE['aid'];
            }
            $this->aid = $AfilliateID;
    
            unset($res,$codec,$aid,$AfilliateID);
        }
    
        private function create(){
            global $SDATA, $SITE_ROOT;
            $this->sid = md5(uniqid(rand(), true));// only php5
            $this->data = array();
            $this->data['time'] = time();
            $this->data['aid']  = '';
    
            // Определяем символ валюты
            if($SDATA['MONEY_TYPES']['use'] === true){
                $vl = $SDATA['MONEY_TYPES']['default'];
                $ipvl = $_SERVER['REMOTE_ADDR'];
                $tmp = explode('.',$ipvl);
                $ipvl = $tmp[0]*256*256*256 + $tmp[1]*256*256 + $tmp[2]*256 + $tmp[3];
                // Читаем БД IP
                $iptable = file_get_contents($SITE_ROOT.'_cnf/'.$SDATA['MONEY_TYPES']['ip-table']);
                $ipstr = explode(';',$iptable);
                $cnt = count($ipstr);
                for($i=0;$i<$cnt;$i++){
                    if(trim($ipstr[$i]) != ''){
                        $tmp = explode(':',$ipstr[$i]);
                        if($ipvl >= trim($tmp[0]) && $ipvl < trim($tmp[1])){
                            $vl = trim($tmp[3]);
                            break;
                        }
                    }
                }
                unset($tmp,$ipvl,$iptable,$ipstr,$cnt,$i);
                if($vl == 'us' )$SDATA['MONEY_TYPES']['use'] = false;
                else $SDATA['MONEY_TYPES']['default'] = $vl;
                unset($vl);
    
            }
            $this->data['money_type'] = $SDATA['MONEY_TYPES']['default'];
            $index = 0;
            $cnt = count($SDATA['MONEY_TYPES']['types']);
            for($i=0;$i<$cnt;$i++){
                if($SDATA['MONEY_TYPES']['types'][$i] == $this->data['money_type']){
                    $this->data['money_type_prefix'] = $SDATA['MONEY_TYPES']['prefix'][$i];
                    break;
                }
            }
            unset($index,$cnt,$i);
        }
    
        private function check(){
            global $SITE_ROOT,$SDATA;
            $this->sid = 0;
            if(array_key_exists($this->cookies_name,$_COOKIE)) $this->sid = $_COOKIE[$this->cookies_name];
            else if(array_key_exists($this->cookies_name,$_GET))  $this->sid = $_GET[$this->cookies_name];
            else if(array_key_exists($this->cookies_name,$_POST)) $this->sid = $_POST[$this->cookies_name];
            if($this->sid != 0) return $this->read($this->sid);
            return false;
        }
    
        public function read($sid){
            global $SITE_ROOT,$SDATA;
            if(file_exists($SITE_ROOT.'temp/session.'.$sid)){
                $this->sid = $sid;
                $this->data = file_get_contents($SITE_ROOT.'temp/session.'.$sid);
                $this->data = unserialize($this->data);
                $this->data['oldtime'] = $this->data['time'];
                $this->data['time'] = time();
                return true;
            }
            return false;
        }
    
        public function save(){
            global $SITE_ROOT,$SDATA;
            $str = serialize($this->data);
            if(file_exists($SITE_ROOT.'temp/session.'.$this->sid))
                unlink($SITE_ROOT.'temp/session.'.$this->sid);
            if($fp = @fopen($SITE_ROOT.'temp/session.'.$this->sid,'a')){
                fwrite($fp,$str);
                fclose($fp);
                unset($str,$fp);
                return true;
            }
            unset($str,$fp);
            return false;
        }
    }
    ?>
     
    #1 guest3297, 22 Oct 2007
    Last edited: 22 Oct 2007
    2 people like this.
  2. Dr.Z3r0

    Dr.Z3r0 Leaders of the World

    Joined:
    6 Jul 2007
    Messages:
    284
    Likes Received:
    595
    Reputations:
    567
    Канешна... просто на своем хосте создай папку 'core' и засунь в нее 'aid_codec.class.php' и обратись к этому скрипту так http://site/script.php?SITE_ROOT=http://you_site/

    Блин написал это перед тем как ты добавил про register_globals Off.... значит никак ты не заюзаешь...
     
    #2 Dr.Z3r0, 22 Oct 2007
    Last edited: 22 Oct 2007
  3. sw04

    sw04 Elder - Старейшина

    Joined:
    10 Oct 2007
    Messages:
    44
    Likes Received:
    10
    Reputations:
    0
    А какую ошибку пишет?
    переменная $site_root имеется какое-то значение?
     
  4. The_HuliGun

    The_HuliGun Elder - Старейшина

    Joined:
    19 May 2007
    Messages:
    191
    Likes Received:
    84
    Reputations:
    11
    Без вариантов. При register_globals Off забудь.