Neuigkeiten
  • Die modified eCommerce Shopsoftware ist kostenlos, aber nicht umsonst.
    Spenden
  • Damit wir die modified eCommerce Shopsoftware auch zukünftig kostenlos anbieten können:
    Spenden
  • Thema: Meldung in der errorlog.txt - was bedeutet das?

    Teichbau

    • Fördermitglied
    • Beiträge: 385
    • Geschlecht:
    Meldung in der errorlog.txt - was bedeutet das?
    am: 05. Dezember 2013, 08:51:48
    Hallo zusammen,
    wir haben in der errorlog.txt regelmäßig folgende Meldung:
    Code: XML  [Auswählen]
    [04-Dec-2013 21:22:29] PHP Fatal error:  Call to undefined function  xtc_hide_session_id() in /www/htdocs/w00f4cfd/shop/includes/modules/error_handler.php on line 31

    In der Datei error_handler.php sieht es so aus:
    Code: PHP  [Auswählen]
    <?php
    /* -----------------------------------------------------------------------------------------
       $Id: error_handler.php 949 2005-05-14 16:44:33Z hhgag $

       XT-Commerce - community made shopping
       http://www.(( Wir dulden keine kommerziellen Werbelinks - Bitte <a href="index.php?topic=3013.0">Forenregeln</a> beachten! ))

       Copyright (c) 2003 XT-Commerce

       Released under the GNU General Public License
       ---------------------------------------------------------------------------------------*/


        header( 'HTTP/1.0 404 Not Found' );
        header( 'Status: 404 Not Found' );
       
       
       $module_smarty= new Smarty;
       $module_smarty->assign('tpl_path','templates/'.CURRENT_TEMPLATE.'/');



      $module_smarty->assign('language', $_SESSION['language']);
      $module_smarty->assign('ERROR',$error);
    // BOF - Tomcraft - 2010-05-04 - Changed alternative text for the button
      //$module_smarty->assign('BUTTON','<a href="javascript:history.back(1)">'. xtc_image_button('button_back.gif', IMAGE_BUTTON_CONTINUE).'</a>');
      $module_smarty->assign('BUTTON','<a href="javascript:history.back(1)">'. xtc_image_button('button_back.gif', IMAGE_BUTTON_BACK).'</a>');
    // EOF - Tomcraft - 2010-05-04 - Changed alternative text for the button
      $module_smarty->assign('language', $_SESSION['language']);

      // search field
      $module_smarty->assign('FORM_ACTION',xtc_draw_form('new_find', xtc_href_link(FILENAME_ADVANCED_SEARCH_RESULT, '', 'NONSSL', false), 'get').xtc_hide_session_id());
      $module_smarty->assign('INPUT_SEARCH',xtc_draw_input_field('keywords', '', 'size="30" maxlength="30"'));
      $module_smarty->assign('BUTTON_SUBMIT',xtc_image_submit('button_quick_find.gif', IMAGE_BUTTON_SEARCH));
      $module_smarty->assign('LINK_ADVANCED',xtc_href_link(FILENAME_ADVANCED_SEARCH));
      $module_smarty->assign('FORM_END', '</form>');



      $module_smarty->caching = 0;
      $module_smarty->caching = 0;
      $module= $module_smarty->fetch(CURRENT_TEMPLATE.'/module/error_message.html');

      if (strstr($PHP_SELF, FILENAME_PRODUCT_INFO))  $product_info=$module;

      $smarty->assign('main_content',$module);
    ?>
     

    Kann mir jemand mitteilen, was das bedeutet und wie man das Problem abstellt?

    Gruß Teichbau

    modified eCommerce Shopsoftware v1.05 dated: 2010-07-18 SP1b

    Linkback: https://www.modified-shop.org/forum/index.php?topic=28573.0

    Marcus Kreusch

    • Fördermitglied
    • Beiträge: 312
    • Geschlecht:
    Re: Meldung in der errorlog.txt - was bedeutet das?
    Antwort #1 am: 05. Dezember 2013, 12:32:57
    Hallo,

    du kannst das ganz einfach beheben, indem du direkt vor die Zeile 31, wo die Funktion xtc_hide_session_id() das erste mal vorkommt, das hier setzt:

    Code: PHP  [Auswählen]
    require_once (DIR_FS_INC.'xtc_hide_session_id.inc.php');

    Viele Grüße
    Marcus

    jannemann

    • modified Team
    • Beiträge: 6.275
    • Geschlecht:
    Re: Meldung in der errorlog.txt - was bedeutet das?
    Antwort #2 am: 05. Dezember 2013, 12:46:40
    Hallo Teichbau,

    deine verwendete Shopversion solltest du dringend auf die aktuelle 1.06 rev 4642 updaten!

    Schöne Grüße,
    Jan

    Teichbau

    • Fördermitglied
    • Beiträge: 385
    • Geschlecht:
    Re: Meldung in der errorlog.txt - was bedeutet das?
    Antwort #3 am: 05. Dezember 2013, 14:27:08
    @ Marcus
    Hast Du es so gemeint?
    Code: PHP  [Auswählen]
     ...
     $module_smarty->assign('language', $_SESSION['language']);

      // search field
      require_once (DIR_FS_INC.'xtc_hide_session_id.inc.php');
      $module_smarty->assign('FORM_ACTION',xtc_draw_form('new_find', xtc_href_link(FILENAME_ADVANCED_SEARCH_RESULT, '', 'NONSSL', false), 'get').xtc_hide_session_id());
      $module_smarty->assign('INPUT_SEARCH',xtc_draw_input_field('keywords', '', 'size="30" maxlength="30"'));
      $module_smarty->assign('BUTTON_SUBMIT',xtc_image_submit('button_quick_find.gif', IMAGE_BUTTON_SEARCH));
      $module_smarty->assign('LINK_ADVANCED',xtc_href_link(FILENAME_ADVANCED_SEARCH));
      $module_smarty->assign('FORM_END', '</form>');
    ...

     

    noRiddle (revilonetz)

    • Experte
    • Beiträge: 14.018
    • Geschlecht:
    Re: Meldung in der errorlog.txt - was bedeutet das?
    Antwort #4 am: 05. Dezember 2013, 23:33:12
    Die Funktion sollte in
    /templates/YOUR_TEMPLATE/source/boxes/currencies.php,
    ~/manufacturers.php und
    ~/search.php
    mit require_once() eingebunden sein.
    Ist das bei dir nicht der Fall hole es nach.
    Außerdem mal prüfen ob die Datei /inc/xtc_hide_session_id.inc.php vorhanden ist.

    Gruß,
    noRiddle

    Teichbau

    • Fördermitglied
    • Beiträge: 385
    • Geschlecht:
    Re: Meldung in der errorlog.txt - was bedeutet das?
    Antwort #5 am: 06. Dezember 2013, 08:52:09
    @ Marcus
    Vielen Dank, ich habe es jetzt so umgesetzt wie oben von mir angefragt:
    Code: PHP  [Auswählen]
      // search field
    require_once (DIR_FS_INC.'xtc_hide_session_id.inc.php');
    $module_smarty->..........................'get').xtc_hide_session_id());

    @noRiddle
    Ja, in den 3 von Dir angesprochenen Dateien ist die Funktion enthalten, ebenso ist auch die /inc/xtc_hide_session_id.inc.php vorhanden. Vielen Dank für den Hinweis.

    @Jan
    Welche Probleme siehst Du die ich nicht sehe, bezgl. Sicherheit, technisch..?
    Da wir diverse Änderungen am System machen lassen haben, ist der Aufwand auf aktuell upzudaten
    ziehmlich teuer.
    Und ich selbst habe ein Problem jeweils 3 Dateien (Original-geänderte-Update) zu vergleichen, da verliere ich schnell den Überblick und Fehler sind vorprogramiert. Mir ist WinMerge bekannt damit kann man aber nur 2 Dateien vergleichen.

    Vielen Dank und beste Grüße
    Teichbau

    web28

    • modified Team
    • Beiträge: 9.404
    Re: Meldung in der errorlog.txt - was bedeutet das?
    Antwort #6 am: 06. Dezember 2013, 11:26:50
    Die Funktion xtc_hide_session_id() wird in drei php Dateie includet:

    templates\TEMPLATE\source\boxes\currencies.php
    templates\TEMPLATE\source\boxes\search.php
    templates\TEMPLATE\source\boxes\manufacturers.php

    Falls man das Ladne dieser Dateien in
    templates\TEMPLATE\source\boxes.php
    auskommentiert hat, kommt es zu der Fehlermeldung.

    Abhilfe:
    in includes/application_top.php nach dem letzen Eintrag von require_once (DIR_FS_INC.... hinzufügen

    Code: PHP  [Auswählen]
    require_once (DIR_FS_INC.'xtc_hide_session_id.inc.php');

    Teichbau

    • Fördermitglied
    • Beiträge: 385
    • Geschlecht:
    Re: Meldung in der errorlog.txt - was bedeutet das?
    Antwort #7 am: 07. Dezember 2013, 10:12:03
    @ web28
    Guten Morgen,
    jetzt wird es für mich unübersichtlich, da das Grundwissen fehlt.
    Bitte zeige mir wo ich den Code
    Code: PHP  [Auswählen]
    require_once (DIR_FS_INC.'xtc_hide_session_id.inc.php');
    einfügen muß.

    Hier ist meine Datei:
    Code: PHP  [Auswählen]
    <?php

    /* -----------------------------------------------------------------------------------------
       $Id: application_top.php 1323 2005-10-27 17:58:08Z mz $

       XT-Commerce - community made shopping
       http://www.(( Wir dulden keine kommerziellen Werbelinks - Bitte <a href="index.php?topic=3013.0">Forenregeln</a> beachten! ))

       Copyright (c) 2003 XT-Commerce
       -----------------------------------------------------------------------------------------
       based on:
       (c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
       (c) 2002-2003 osCommerce(application_top.php,v 1.273 2003/05/19); www.oscommerce.com
       (c) 2003      nextcommerce (application_top.php,v 1.54 2003/08/25); www.nextcommerce.org

       Released under the GNU General Public License
       -----------------------------------------------------------------------------------------
       Third Party contribution:
       Add A Quickie v1.0 Autor  Harald Ponce de Leon

       Credit Class/Gift Vouchers/Discount Coupons (Version 5.10)
       http://www.oscommerce.com/community/contributions,282
       Copyright (c) Strider | Strider@oscworks.com
       Copyright (c  Nick Stanko of UkiDev.com, nick@ukidev.com
       Copyright (c) Andre ambidex@gmx.net
       Copyright (c) 2001,2002 Ian C Wilson http://www.phesis.org


       Released under the GNU General Public License
       ---------------------------------------------------------------------------------------*/

    // start the timer for the page parse time log
    define('PAGE_PARSE_START_TIME', microtime());

    // set the level of error reporting

    if (file_exists(DIR_FS_CATALOG.'export/_error_reporting.all') || file_exists(DIR_FS_CATALOG.'export/_error_reporting.shop')) {
      error_reporting(E_ALL & ~E_NOTICE);
      //error_reporting(-1); // Development value
    } else {
      error_reporting(0);
    }
    error_reporting(E_ALL & ~E_NOTICE);
    // Set the local configuration parameters - mainly for developers - if exists else the mainconfigure
    if (file_exists('includes/local/configure.php')) {
            include ('includes/local/configure.php');
    } else {
            include ('includes/configure.php');
    }


    // BOF - Tomcraft - 2009-11-08 - FIX for PHP5.3 date_default_timezone_set
      if (version_compare(PHP_VERSION, '5.1.0', '>=')) {
            date_default_timezone_set('Europe/Berlin');
      }
    // EOF - Tomcraft - 2009-11-08 - FIX for PHP5.3 date_default_timezone_set

    $php4_3_10 = (0 == version_compare(phpversion(), "4.3.10"));
    define('PHP4_3_10', $php4_3_10);
    // define the project version
    define('PROJECT_VERSION', 'modified eCommerce Shopsoftware');

    // BOF - Tomcraft - 2009-11-09 - Added missing definition for TAX_DECIMAL_PLACES
    define('TAX_DECIMAL_PLACES', 0);
    // EOF - Tomcraft - 2009-11-09 - Added missing definition for TAX_DECIMAL_PLACES

    // set the type of request (secure or not)
    //BOF - DokuMan - 2010-03-03 - added native support for SSL-proxy connections
    //$request_type = (getenv('HTTPS') == '1' || getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';
    $request_type = (getenv('HTTPS') == '1' || getenv('HTTPS') == 'on' || !empty($_SERVER['HTTP_X_FORWARDED_HOST'])) ? 'SSL' : 'NONSSL';
    //EOF - DokuMan - 2010-03-03 - added native support for SSL-proxy connections

    // set php_self in the local scope
    $PHP_SELF = $_SERVER['PHP_SELF'];
    //--- SHOPSTAT -------------------------//
    if (preg_match("/\.html$/",$PHP_SELF) )
        {
        if(!preg_match("/\.html$/",$_SERVER['SCRIPT_NAME']))
            {
            $PHP_SELF = $_SERVER['SCRIPT_NAME'];
            }
        elseif(!preg_match("/\.html$/",$_SERVER['SCRIPT_FILENAME']))
            {
            $PHP_SELF = $_SERVER['SCRIPT_FILENAME'];
            }
        }
    //--- SHOPSTAT -------------------------//

    // include the list of project filenames
    require (DIR_WS_INCLUDES.'filenames.php');

    // include the list of project database tables
    require (DIR_WS_INCLUDES.'database_tables.php');

    // SQL caching dir
    define('SQL_CACHEDIR', DIR_FS_CATALOG.'cache/');

    // Below are some defines which affect the way the discount coupon/gift voucher system work
    // Be careful when editing them.
    //
    // Set the length of the redeem code, the longer the more secure
    //define('SECURITY_CODE_LENGTH', '10');
    //
    // The settings below determine whether a new customer receives an incentive when they first signup
    //
    // Set the amount of a Gift Voucher that the new signup will receive, set to 0 for none
    //  define('NEW_SIGNUP_GIFT_VOUCHER_AMOUNT', '10');  // placed in the admin configuration mystore
    //
    // Set the coupon ID that will be sent by email to a new signup, if no id is set then no email :)
    //  define('NEW_SIGNUP_DISCOUNT_COUPON', '3'); // placed in the admin configuration mystore

    // Store DB-Querys in a Log File
    //BOF - DokuMan - 2010-02-25 - Constant STORE_DB_TRANSACTIONS already defined in DB
    //define('STORE_DB_TRANSACTIONS', 'false');
    //EOF - DokuMan - 2010-02-25 - Constant STORE_DB_TRANSACTIONS already defined in DB

    // graduated prices model or products assigned ?
    define('GRADUATED_ASSIGN', 'true');

    // include used functions

    // Database
    require_once (DIR_FS_INC.'xtc_db_connect.inc.php');
    require_once (DIR_FS_INC.'xtc_db_close.inc.php');
    require_once (DIR_FS_INC.'xtc_db_error.inc.php');
    require_once (DIR_FS_INC.'xtc_db_perform.inc.php');
    require_once (DIR_FS_INC.'xtc_db_query.inc.php');
    require_once (DIR_FS_INC.'xtc_db_queryCached.inc.php');
    require_once (DIR_FS_INC.'xtc_db_fetch_array.inc.php');
    require_once (DIR_FS_INC.'xtc_db_num_rows.inc.php');
    require_once (DIR_FS_INC.'xtc_db_data_seek.inc.php');
    require_once (DIR_FS_INC.'xtc_db_insert_id.inc.php');
    require_once (DIR_FS_INC.'xtc_db_free_result.inc.php');
    require_once (DIR_FS_INC.'xtc_db_fetch_fields.inc.php');
    require_once (DIR_FS_INC.'xtc_db_output.inc.php');
    require_once (DIR_FS_INC.'xtc_db_input.inc.php');
    require_once (DIR_FS_INC.'xtc_db_prepare_input.inc.php');
    require_once (DIR_FS_INC.'xtc_get_top_level_domain.inc.php');


    // html basics
    require_once (DIR_FS_INC.'xtc_href_link.inc.php');
    require_once (DIR_FS_INC.'xtc_php_mail.inc.php');

    require_once (DIR_FS_INC.'xtc_product_link.inc.php');
    require_once (DIR_FS_INC.'xtc_category_link.inc.php');
    require_once (DIR_FS_INC.'xtc_manufacturer_link.inc.php');

    // html functions
    require_once (DIR_FS_INC.'xtc_draw_checkbox_field.inc.php');
    require_once (DIR_FS_INC.'xtc_draw_form.inc.php');
    require_once (DIR_FS_INC.'xtc_draw_hidden_field.inc.php');
    require_once (DIR_FS_INC.'xtc_draw_input_field.inc.php');
    require_once (DIR_FS_INC.'xtc_draw_password_field.inc.php');
    require_once (DIR_FS_INC.'xtc_draw_pull_down_menu.inc.php');
    require_once (DIR_FS_INC.'xtc_draw_radio_field.inc.php');
    require_once (DIR_FS_INC.'xtc_draw_selection_field.inc.php');
    require_once (DIR_FS_INC.'xtc_draw_separator.inc.php');
    require_once (DIR_FS_INC.'xtc_draw_textarea_field.inc.php');
    require_once (DIR_FS_INC.'xtc_image_button.inc.php');

    require_once (DIR_FS_INC.'xtc_not_null.inc.php');
    require_once (DIR_FS_INC.'xtc_update_whos_online.inc.php');
    require_once (DIR_FS_INC.'xtc_activate_banners.inc.php');
    require_once (DIR_FS_INC.'xtc_expire_banners.inc.php');
    require_once (DIR_FS_INC.'xtc_expire_specials.inc.php');
    require_once (DIR_FS_INC.'xtc_parse_category_path.inc.php');
    require_once (DIR_FS_INC.'xtc_get_product_path.inc.php');

    require_once (DIR_FS_INC.'xtc_get_category_path.inc.php');

    require_once (DIR_FS_INC.'xtc_get_parent_categories.inc.php');
    require_once (DIR_FS_INC.'xtc_redirect.inc.php');
    require_once (DIR_FS_INC.'xtc_get_uprid.inc.php');
    require_once (DIR_FS_INC.'xtc_get_all_get_params.inc.php');
    require_once (DIR_FS_INC.'xtc_has_product_attributes.inc.php');
    require_once (DIR_FS_INC.'xtc_image.inc.php');
    require_once (DIR_FS_INC.'xtc_check_stock_attributes.inc.php');
    require_once (DIR_FS_INC.'xtc_currency_exists.inc.php');
    require_once (DIR_FS_INC.'xtc_remove_non_numeric.inc.php');
    require_once (DIR_FS_INC.'xtc_get_ip_address.inc.php');
    require_once (DIR_FS_INC.'xtc_setcookie.inc.php');
    require_once (DIR_FS_INC.'xtc_check_agent.inc.php');
    require_once (DIR_FS_INC.'xtc_count_cart.inc.php');
    require_once (DIR_FS_INC.'xtc_get_qty.inc.php');
    require_once (DIR_FS_INC.'create_coupon_code.inc.php');
    require_once (DIR_FS_INC.'xtc_gv_account_update.inc.php');
    require_once (DIR_FS_INC.'xtc_get_tax_rate_from_desc.inc.php');
    require_once (DIR_FS_INC.'xtc_get_tax_rate.inc.php');
    require_once (DIR_FS_INC.'xtc_add_tax.inc.php');
    require_once (DIR_FS_INC.'xtc_cleanName.inc.php');
    require_once (DIR_FS_INC.'xtc_calculate_tax.inc.php');
    require_once (DIR_FS_INC.'xtc_input_validation.inc.php');
    require_once (DIR_FS_INC.'xtc_js_lang.php');
    //  Button_css am 2012_07_29_vonxxxxxxxxxxxxx eingefügt
    require_once (DIR_FS_INC.'xtc_css_button.inc.php');
    // ENDE
     
    // make a connection to the database... now
    xtc_db_connect() or die('Unable to connect to database server!');

    $configuration_query = xtc_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from '.TABLE_CONFIGURATION);
    while ($configuration = xtc_db_fetch_array($configuration_query)) {
      if($configuration['cfgKey']=="CURRENT_TEMPLATE") {
        $template = $configuration['cfgValue'];
      } else {
        define($configuration['cfgKey'], $configuration['cfgValue']);
      }
    }
    // Set the length of the redeem code, the longer the more secure
    // Kommt eigentlich schon aus der Table configuration
    if(SECURITY_CODE_LENGTH=='')
      define('SECURITY_CODE_LENGTH', '10');

    require_once (DIR_WS_CLASSES.'class.phpmailer.php');
    if (EMAIL_TRANSPORT == 'smtp')
            require_once (DIR_WS_CLASSES.'class.smtp.php');
    require_once (DIR_FS_INC.'xtc_Security.inc.php');

    // set the application parameters

    function xtDBquery($query) {
            if (DB_CACHE == 'true') {
    //                      echo  'cached query: '.$query.'<br />';
                    $result = xtc_db_queryCached($query);
            } else {
    //                              echo '::'.$query .'<br />';
                    $result = xtc_db_query($query);

            }
            return $result;
    }

    function CacheCheck() {
            if (USE_CACHE == 'false') return false;
            if (!isset($_COOKIE['XTCsid'])) return false;
            return true;
    }

    // if gzip_compression is enabled, start to buffer the output
    if ((GZIP_COMPRESSION == 'true') && ($ext_zlib_loaded = extension_loaded('zlib')) && (PHP_VERSION >= '4')) {
            if (($ini_zlib_output_compression = (int) ini_get('zlib.output_compression')) < 1) {
                    ob_start('ob_gzhandler');
            } else {
                    ini_set('zlib.output_compression_level', GZIP_LEVEL);
            }
    }
    //--- SHOPSTAT -------------------------//
    /*
    // set the HTTP GET parameters manually if search_engine_friendly_urls is enabled
    if (SEARCH_ENGINE_FRIENDLY_URLS == 'true') {
    // BOF - Tomcraft - 2009-10-25 - made capable for 1und1
            $pathinfo=((getenv('PATH_INFO')=='')?$_SERVER['ORIG_PATH_INFO']:getenv('PATH_INFO'));
    // BOF - Tomcraft - 2009-10-25 - replaced deprecated function ereg with preg_match
    //      if(ereg('.php',$pathinfo)):
            if(preg_match('/.php/',$pathinfo)):
    // EOF - Tomcraft - 2009-10-25 - replaced deprecated function ereg with preg_match
                    $PATH_INFO = substr(stristr('.php', $pathinfo),1);
            else:
                    $PATH_INFO=$pathinfo;
            endif;
    // EOF - Tomcraft - 2009-10-25 - made capable for 1und1
            if (strlen(getenv('PATH_INFO')) > 1) {
                    $GET_array = array ();
                    $PHP_SELF = str_replace(getenv('PATH_INFO'), '', $PHP_SELF);
                    $vars = explode('/', substr(getenv('PATH_INFO'), 1));
                    for ($i = 0, $n = sizeof($vars); $i < $n; $i ++) {
                            if (strpos($vars[$i], '[]')) {
                                    $GET_array[substr($vars[$i], 0, -2)][] = $vars[$i +1];
                            } else {
    // BOF - Tomcraft - 2009-06-03 - fix magic quotes security issue
    //                                $_GET[$key] = $value;
                                    $_GET[$vars[$i]] = htmlspecialchars($vars[$i +1]);
                                    if(get_magic_quotes_gpc()) $_GET[$vars[$i]] = addslashes($_GET[$vars[$i]]); // security Patch 20.11.2008
    // EOF - Tomcraft - 2009-06-03 - fix magic quotes security issue
                            }
                            $i ++;
                    }

                    if (sizeof($GET_array) > 0) {
                            while (list ($key, $value) = each($GET_array)) {
                                    $_GET[$key] = htmlspecialchars($value);
    // BOF - Tomcraft - 2009-06-03 - fix magic quotes security issue
    //                                $_GET[$key] = $value;
                                    if(get_magic_quotes_gpc()) $_GET[$key] = addslashes($_GET[$key]); // security Patch 20.11.2008
    // EOF - Tomcraft - 2009-06-03 - fix magic quotes security issue
                            }
                    }
            }
    }
    */

    //--- SHOPSTAT -------------------------//

    // check GET/POST/COOKIE VARS
    require (DIR_WS_CLASSES.'class.inputfilter.php');
    $InputFilter = new InputFilter();

    // BOF - Hetfield - 2009-08-16 - correct inputfilter security-patch and remove double replacing
    //$_GET = $InputFilter->process($_GET, true);
    //$_POST = $InputFilter->process($_POST);
    $_GET = $InputFilter->process($_GET);
    $_POST = $InputFilter->process($_POST);
    $_REQUEST = $InputFilter->process($_REQUEST);
    $_GET = $InputFilter->safeSQL($_GET);
    $_POST = $InputFilter->safeSQL($_POST);
    $_REQUEST = $InputFilter->safeSQL($_REQUEST);
    // EOF - Hetfield - 2009-08-16 - correct inputfilter security-patch and remove double replacing

    // set the top level domains
    $http_domain = xtc_get_top_level_domain(HTTP_SERVER);
    $https_domain = xtc_get_top_level_domain(HTTPS_SERVER);
    $current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain);

    // include shopping cart class
    require (DIR_WS_CLASSES.'shopping_cart.php');

    // include navigation history class
    require (DIR_WS_CLASSES.'navigation_history.php');

    // some code to solve compatibility issues
    require (DIR_WS_FUNCTIONS.'compatibility.php');

    // define how the session functions will be used
    require (DIR_WS_FUNCTIONS.'sessions.php');

    // set the session name and save path
    session_name('XTCsid');
    if (STORE_SESSIONS != 'mysql') session_save_path(SESSION_WRITE_DIRECTORY);

    // set the session cookie parameters
    if (function_exists('session_set_cookie_params')) {
            session_set_cookie_params(0, '/', (xtc_not_null($current_domain) ? '.'.$current_domain : ''));
    }
    elseif (function_exists('ini_set')) {
            ini_set('session.cookie_lifetime', '0');
            ini_set('session.cookie_path', '/');
            ini_set('session.cookie_domain', (xtc_not_null($current_domain) ? '.'.$current_domain : ''));
    }

    // set the session ID if it exists
    if (isset ($_POST[session_name()])) {
            session_id($_POST[session_name()]);
    }
    elseif (($request_type == 'SSL') && isset ($_GET[session_name()])) {
            session_id($_GET[session_name()]);
    }

    // start the session
    $session_started = false;
    if (SESSION_FORCE_COOKIE_USE == 'True') {
            xtc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 30, '/', $current_domain);

            if (isset ($_COOKIE['cookie_test'])) {
                    session_start();
                    include (DIR_WS_INCLUDES.'tracking.php');
                    $session_started = true;
            }
    } else {
            session_start();
            include (DIR_WS_INCLUDES.'tracking.php');
            $session_started = true;
    }

    // check the Agent
    $truncate_session_id = false;
    if (CHECK_CLIENT_AGENT) {
            if (xtc_check_agent() == 1) {
                    $truncate_session_id = true;
            }
    }

      if ($_SERVER["HTTP_HOST"] == str_replace("http://", "", MOBILE_HTTP_HOST)){
        $_SESSION['tpl'] ='mobile';
      }else{
        $_SESSION['tpl'] ='clear';
      }
      if(isset($_GET["tpl"])) {
        $_SESSION["tpl"] = $_GET["tpl"];
      }
      if(isset($_SESSION["tpl"]) && file_exists(DIR_FS_CATALOG."templates/".$_SESSION["tpl"])) {
        define("CURRENT_TEMPLATE", $_SESSION["tpl"]);
      } else {
        define("CURRENT_TEMPLATE", $template);
      }

    // verify the ssl_session_id if the feature is enabled
    if (($request_type == 'SSL') && (SESSION_CHECK_SSL_SESSION_ID == 'True') && (ENABLE_SSL == true) && ($session_started == true)) {
            $ssl_session_id = getenv('SSL_SESSION_ID');
            if (!isset($_SESSION['SSL_SESSION_ID'])) { // Hetfield - 2009-08-19 - removed deprecated function session_is_registered to be ready for PHP >= 5.3
                    $_SESSION['SESSION_SSL_ID'] = $ssl_session_id;
            }

            if ($_SESSION['SESSION_SSL_ID'] != $ssl_session_id) {
                    session_destroy();
                    xtc_redirect(xtc_href_link(FILENAME_SSL_CHECK));
            }
    }

    // verify the browser user agent if the feature is enabled
    if (SESSION_CHECK_USER_AGENT == 'True') {
            $http_user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
            $http_user_agent2 = strtolower(getenv("HTTP_USER_AGENT"));
            $http_user_agent = ($http_user_agent == $http_user_agent2) ? $http_user_agent : $http_user_agent.';'.$http_user_agent2;
            if (!isset ($_SESSION['SESSION_USER_AGENT'])) {
                    $_SESSION['SESSION_USER_AGENT'] = $http_user_agent;
            }

            if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) {
                    session_destroy();
                    xtc_redirect(xtc_href_link(FILENAME_LOGIN));
            }
    }

    // verify the IP address if the feature is enabled
    if (SESSION_CHECK_IP_ADDRESS == 'True') {
            $ip_address = xtc_get_ip_address();
            if (!isset ($_SESSION['SESSION_IP_ADDRESS'])) {
                    $_SESSION['SESSION_IP_ADDRESS'] = $ip_address;
            }

            if ($_SESSION['SESSION_IP_ADDRESS'] != $ip_address) {
                    session_destroy();
                    xtc_redirect(xtc_href_link(FILENAME_LOGIN));
            }
    }

    //BOF - DokuMan - 2010-05-20
    // Redirect search engines with session id to the same url without session id to prevent indexing session id urls
    if ( $truncate_session_id == true ) {
        if (preg_match('/' . xtc_session_name() . '/i', $_SERVER['REQUEST_URI']) ){
            $location = xtc_href_link(basename($_SERVER['SCRIPT_NAME']), xtc_get_all_get_params(array(xtc_session_name())), 'NONSSL', false);
            header("HTTP/1.0 301 Moved Permanently");
            header("Location: $location");
        }
    }

    if (!(preg_match('/^[a-z0-9]{26}$/i', session_id()) || preg_match('/^[a-z0-9]{32}$/i', session_id()))) {
        // Thanks to HHGAG ;-)
        session_regenerate_id(true);
    }
    //EOF - DokuMan - 2010-05-20

    // set the language
    if (!isset ($_SESSION['language']) || isset ($_GET['language'])) {

            include (DIR_WS_CLASSES.'language.php');
            $lng = new language(xtc_input_validation($_GET['language'], 'char', ''));

            if (!isset ($_GET['language']))
                    $lng->get_browser_language();

            $_SESSION['language'] = $lng->language['directory'];
            $_SESSION['languages_id'] = $lng->language['id'];
            $_SESSION['language_charset'] = $lng->language['language_charset'];
            $_SESSION['language_code'] = $lng->language['code'];
    }

    if (isset($_SESSION['language']) && !isset($_SESSION['language_charset'])) {
           
            include (DIR_WS_CLASSES.'language.php');
            $lng = new language(xtc_input_validation($_SESSION['language'], 'char', ''));


            $_SESSION['language'] = $lng->language['directory'];
            $_SESSION['languages_id'] = $lng->language['id'];
            $_SESSION['language_charset'] = $lng->language['language_charset'];
            $_SESSION['language_code'] = $lng->language['code'];
           
    }

    // include the language translations
    require (DIR_WS_LANGUAGES.$_SESSION['language'].'/'.$_SESSION['language'].'.php');

    // currency
    if (!isset ($_SESSION['currency']) || isset ($_GET['currency']) || ((USE_DEFAULT_LANGUAGE_CURRENCY == 'true') && (LANGUAGE_CURRENCY != $_SESSION['currency']))) {

            if (isset ($_GET['currency'])) {
                    if (!$_SESSION['currency'] = xtc_currency_exists($_GET['currency']))
                            $_SESSION['currency'] = (USE_DEFAULT_LANGUAGE_CURRENCY == 'true') ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY;
            } else {
                    $_SESSION['currency'] = (USE_DEFAULT_LANGUAGE_CURRENCY == 'true') ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY;
            }
    }
    if (isset ($_SESSION['currency']) && $_SESSION['currency'] == '') {
            $_SESSION['currency'] = DEFAULT_CURRENCY;
    }

    // write customers status in session
    require (DIR_WS_INCLUDES.'write_customers_status.php');

    // testing new price class

    require (DIR_WS_CLASSES.'main.php');
    $main = new main();

    require (DIR_WS_CLASSES.'xtcPrice.php');
    $xtPrice = new xtcPrice($_SESSION['currency'], $_SESSION['customers_status']['customers_status_id']);

    //--- SHOPSTAT -------------------------//
        $shopstat_ref = __FILE__;
        require("shopstat/shopstat.php");
    //--- SHOPSTAT -------------------------//

    // econda tracking
    if (TRACKING_ECONDA_ACTIVE=='true') {          
            require(DIR_WS_INCLUDES . 'econda/class.econda304SP2.php');
            $econda = new econda();
    }

    // BOF - web28 - 2010-05-06 - PayPal API Modul
    require_once (DIR_WS_CLASSES.'paypal_checkout.php');
    $o_paypal = new paypal_checkout();
    // EOF -  web28 - 2010-05-06 - PayPal API Modul

    require (DIR_WS_INCLUDES.FILENAME_CART_ACTIONS);
    // create the shopping cart & fix the cart if necesary
    if (!isset($_SESSION['cart']) || !is_object($_SESSION['cart'])) { //DokuMan - 2010-02-28 - set undefined variable cart
            $_SESSION['cart'] = new shoppingCart();
    }

     


            if(isset($_GET["bid"]) && $_GET["bid"] != 0){
          $bid = (int)$_GET["bid"];
         
          $q = "SELECT * FROM xxxxxxxxxxxxx WHERE xxxxxxxxxxxxx_id = $bid";
          $rs = mysql_query($q);
          $xxxxxxxxxxxxx_infos = mysql_fetch_array($rs);
          $xxxxxxxxxxxxx_add = ' für '.$xxxxxxxxxxxxx_infos["marke"].' '.$xxxxxxxxxxxxx_infos["modell"]." ".$xxxxxxxxxxxxx_infos["motor"]." (".$xxxxxxxxxxxxx_infos["einschrankung"].")";
          define(xxxxxxxxxxxxx_URL_ADD, $xxxxxxxxxxxxx_add);
         
      }elseif(isset($_GET["eid"]) && $_GET["eid"] != 0){
          $eid = (int)$_GET["eid"];
         
          $q = "SELECT * FROM xxxxxxxxxxxxx WHERE xxxxxxxxxxxxx_id = $eid";
          $rs = mysql_query($q);
          $xxxxxxxxxxxxx_infos = mysql_fetch_array($rs);
          $xxxxxxxxxxxxx_add = ' für '.$xxxxxxxxxxxxx_infos["marke"].' '.$xxxxxxxxxxxxx_infos["fahrzeug"]." ".$xxxxxxxxxxxxx_infos["modell"]." (".$xxxxxxxxxxxxx_infos["baujahr"].")";

          define(xxxxxxxxxxxxx_URL_ADD, $xxxxxxxxxxxxx_add);
      } else{
          define(xxxxxxxxxxxxx_URL_ADD, false);
      }

    // include the who's online functions
    xtc_update_whos_online();

    // split-page-results
    require (DIR_WS_CLASSES.'split_page_results.php');

    // infobox
    require (DIR_WS_CLASSES.'boxes.php');

    // auto activate and expire banners
    xtc_activate_banners();
    xtc_expire_banners();

    // auto expire special products
    xtc_expire_specials();
    require (DIR_WS_CLASSES.'product.php');
    // new p URLS
    if (isset ($_GET['info'])) {
            $site = explode('_', $_GET['info']);
            $pID = $site[0];
            $actual_products_id = (int) str_replace('p', '', $pID);
            $product = new product($actual_products_id);
    } // also check for old 3.0.3 URLS
    elseif (isset($_GET['products_id'])) {
            $actual_products_id = (int) $_GET['products_id'];
            $product = new product($actual_products_id);
           
    }
    //BOF - DokuMan - 2010-02-25 - check for defined variable: product
    //if (!is_object($product)) {
    if (!isset($product) || !is_object($product)) {
    //EOF - DokuMan - 2010-02-25 - check for defined variable: product
            $product = new product();      
    }

    // new c URLS
    if (isset ($_GET['cat'])) {
            $site = explode('_', $_GET['cat']);
            $cID = $site[0];
            $cID = str_replace('c', '', $cID);
            $_GET['cPath'] = xtc_get_category_path($cID);
    }
    // new m URLS
    if (isset ($_GET['manu'])) {
            $site = explode('_', $_GET['manu']);
            $mID = $site[0];
            $mID = (int)str_replace('m', '', $mID);
            $_GET['manufacturers_id'] = $mID;
    }

    // calculate category path
    if (isset ($_GET['cPath'])) {
            $cPath = xtc_input_validation($_GET['cPath'], 'cPath', '');
    }
    elseif (is_object($product) && !isset ($_GET['manufacturers_id'])) {
            if ($product->isProduct()) {
                    $cPath = xtc_get_product_path($actual_products_id);
            } else {
                    $cPath = '';
            }
    } else {
            $cPath = '';
    }

    if (xtc_not_null($cPath)) {
            $cPath_array = xtc_parse_category_path($cPath);
            $cPath = implode('_', $cPath_array);
            $current_category_id = $cPath_array[(sizeof($cPath_array) - 1)];
    } else {
            $current_category_id = 0;
    }

    // include the breadcrumb class and start the breadcrumb trail
    require (DIR_WS_CLASSES.'breadcrumb.php');
    $breadcrumb = new breadcrumb;

    $breadcrumb->add(HEADER_TITLE_TOP, HTTP_SERVER);
    $breadcrumb->add(HEADER_TITLE_CATALOG, xtc_href_link(FILENAME_DEFAULT));

    // add category names or the manufacturer name to the breadcrumb trail
    if (isset ($cPath_array)) {
            for ($i = 0, $n = sizeof($cPath_array); $i < $n; $i ++) {
                    if (GROUP_CHECK == 'true') {
                            $group_check = "and c.group_permission_".$_SESSION['customers_status']['customers_status_id']."=1 ";
                    }
                    $categories_query = xtDBquery("select cd.categories_name
                                                               from "
    .TABLE_CATEGORIES_DESCRIPTION." cd,
                                                                    "
    .TABLE_CATEGORIES." c
                                                               where cd.categories_id = '"
    .$cPath_array[$i]."'
                                                               and c.categories_id=cd.categories_id
                                                                    "
    .$group_check."
                                                               and cd.language_id='"
    .(int) $_SESSION['languages_id']."'");
                    if (xtc_db_num_rows($categories_query,true) > 0) {
                            $categories = xtc_db_fetch_array($categories_query,true);

                            $breadcrumb->add($categories['categories_name'], xtc_href_link(FILENAME_DEFAULT, xtc_category_link($cPath_array[$i], $categories['categories_name'])));
                    } else {
                            break;
                    }
            }
    }
    //elseif (xtc_not_null($_GET['manufacturers_id'])) {
    elseif (isset($_GET['manufacturers_id']) && xtc_not_null($_GET['manufacturers_id'])) { //DokuMan - 2010-02-26 - set undefined variable manufacturers_id
            $manufacturers_query = xtDBquery("select manufacturers_name from ".TABLE_MANUFACTURERS." where manufacturers_id = '".(int) $_GET['manufacturers_id']."'");
            $manufacturers = xtc_db_fetch_array($manufacturers_query, true);

            $breadcrumb->add($manufacturers['manufacturers_name'], xtc_href_link(FILENAME_DEFAULT, xtc_manufacturer_link((int) $_GET['manufacturers_id'], $manufacturers['manufacturers_name'])));

    }

    // add the products model/name to the breadcrumb trail
    if ($product->isProduct()) {
    // BOF - Tomcraft - 2009-10-25 - replaced model-number with products_name in breadcrumb navigation
    //      $breadcrumb->add($product->getBreadcrumbModel(), xtc_href_link(FILENAME_PRODUCT_INFO, xtc_product_link($product->data['products_id'], $product->data['products_name'])));
            $breadcrumb->add($product->data['products_name'], xtc_href_link(FILENAME_PRODUCT_INFO, xtc_product_link($product->data['products_id'], $product->data['products_name'])));
    // EOF - Tomcraft - 2009-10-25 - replaced model-number with products_name in breadcrumb navigation
    }


    // initialize the message stack for output messages
    require (DIR_WS_CLASSES.'message_stack.php');
    $messageStack = new messageStack;

    // set which precautions should be checked
    define('WARN_INSTALL_EXISTENCE', 'true');
    define('WARN_CONFIG_WRITEABLE', 'true');
    define('WARN_SESSION_DIRECTORY_NOT_WRITEABLE', 'true');
    define('WARN_SESSION_AUTO_START', 'true');
    define('WARN_DOWNLOAD_DIRECTORY_NOT_READABLE', 'true');

    // Include Template Engine
    // BOF - Tomcraft - 2009-05-26 - update smarty template engine to 2.6.26
    //require (DIR_WS_CLASSES.'Smarty_2.6.22/Smarty.class.php');
    require (DIR_WS_CLASSES.'Smarty_2.6.26/Smarty.class.php');
    // EOF - Tomcraft - 2009-05-26 - update smarty template engine to 2.6.26

    if (isset ($_SESSION['customer_id'])) {
            $account_type_query = xtc_db_query("SELECT account_type,
                                                 customers_default_address_id
                                                      FROM "
    .TABLE_CUSTOMERS."
                                                      WHERE customers_id = '"
    .(int) $_SESSION['customer_id']."'");
            $account_type = xtc_db_fetch_array($account_type_query);

            // check if zone id is unset bug #0000169
            if (!isset ($_SESSION['customer_country_id'])) {
                    $zone_query = xtc_db_query("SELECT entry_country_id
                                                            FROM "
    .TABLE_ADDRESS_BOOK."
                                                            WHERE customers_id='"
    .(int) $_SESSION['customer_id']."'
                                                            AND address_book_id='"
    .$account_type['customers_default_address_id']."'");

                    $zone = xtc_db_fetch_array($zone_query);
                    $_SESSION['customer_country_id'] = $zone['entry_country_id'];
            }
            $_SESSION['account_type'] = $account_type['account_type'];
    } else {
            $_SESSION['account_type'] = '0';
    }

    // modification for nre graduated system
    unset ($_SESSION['actual_content']);

    // econda tracking
    if (TRACKING_ECONDA_ACTIVE=='true') {  
           
            require(DIR_WS_INCLUDES . 'econda/emos.php');
    }

    xtc_count_cart();

    function decrypt($string, $key="ABDCFCCEBCD") {
      $result = '';
      $string = base64_decode($string);
     
      for($i=0; $i<strlen($string); $i++) {
        $char = substr($string, $i, 1);
        $keychar = substr($key, ($i % strlen($key))-1, 1);
        $char = chr(ord($char)-ord($keychar));
        $result.=$char;
      }
      $result = base64_decode($result);
      $result = base64_decode($result);
      $result = base64_decode($result);
      $result = base64_decode($result);
      $result = (int)$result/743;
      return $result;
    }
     
      function encrypt($string, $key="ABDCFCCEBCD") {
      $string = (int)$string*743;
      $result = '';

      $string = base64_encode($string);
      $string = base64_encode($string);
      $string = base64_encode($string);
      $string = base64_encode($string);
      for($i=0; $i<strlen ($string); $i++) {
        $char = substr($string, $i, 1);
        $keychar = substr($key, ($i % strlen($key))-1, 1);
        $char = chr(ord($char)+ord($keychar));
        $result.=$char;
      }

      return base64_encode($result);
    }

    function mobile_data_link($oid){
       
        $ret = '<a href="'.xtc_href_link('mobile_data.php', 'token='.encrypt($oid)).'">'.MD_PLEASE_ENTER_DATA.'</a>';
        return $ret;
    }

    function mobile_data_link_plain($oid){
       
        $ret = xtc_href_link('mobile_data.php', 'token='.encrypt($oid));
        return $ret;
    }

    function tvhURLencode($str){
        return urlencode(str_replace('/', '|', $str));
    }

    function tvhURLdecode($str){
        return str_replace('|', '/', str_replace('--', '/', $str));
    }
    //echo mobile_data_link(10078);

    /* @t10 Referer eingefügt am 2013_09_23_vonxxxxxxxxxxxxx */
    if(!empty($_SERVER['HTTP_REFERER'])) {
            require_once(DIR_FS_INC . 't10.search_query.inc.php');
            $search_query = t10_search_query();
            if($search_query['keyword']) {
        $url                      = parse_url($_SERVER['REQUEST_URI']);
        $current_page             = $url['path'];
        $search_query['keyword']  = utf8_decode($search_query['keyword']);

                    $exist = xtDBquery("SELECT id, count, landing_page FROM " . TABLE_T10_REFERER . " WHERE host = '".$search_query['host']."' AND keyword = '".xtc_db_input($search_query['keyword'])."'");
                    if(xtc_db_num_rows($exist) > 0) {
                            $result = xtc_db_fetch_array($exist);

                            $new_count = $result['count'] + 1;

                $landing_page = unserialize($result['landing_page']);
               
                if(array_key_exists($current_page, $landing_page)) {
                    $landing_page[$current_page]['count']++;
                    $landing_page[$current_page]['time'][] = time();
                } else {
                    $landing_page[$current_page]['count'] = 1;
                    $landing_page[$current_page]['time'][] = time();
                }

                $landing_page = serialize($landing_page);

                            xtDBquery("UPDATE " . TABLE_T10_REFERER . " SET count = '". $new_count ."', landing_page = '".$landing_page."' WHERE host = '".$search_query['host']."' AND keyword = '".xtc_db_input($search_query['keyword'])."'");
                    } else {
                            $landing_page = serialize(array($current_page => array('count' => 1, 'time' => array(time()))));
                            xtDBquery("INSERT INTO " . TABLE_T10_REFERER . " (host, keyword, count, landing_page) VALUES ('".xtc_db_input($search_query['host'])."', '".xtc_db_input($search_query['keyword'])."', 1, '".$landing_page."')");
                    }
            }
    }
    /* @t10 END */

    ?>
     

    Für Deine Mühe bedanke ich mich vorab.

    Gruß Teichbau

    web28

    • modified Team
    • Beiträge: 9.404
    Re: Meldung in der errorlog.txt - was bedeutet das?
    Antwort #8 am: 07. Dezember 2013, 11:37:03
    Der letzte Eintrag lautet

    Code: PHP  [Auswählen]
    require_once (DIR_FS_INC.'xtc_css_button.inc.php');

    Danach einfügen

    Teichbau

    • Fördermitglied
    • Beiträge: 385
    • Geschlecht:
    Re: Meldung in der errorlog.txt - was bedeutet das?
    Antwort #9 am: 07. Dezember 2013, 12:09:40
    Vielen Dank.
    6 Antworten
    2460 Aufrufe
    07. März 2017, 09:34:28 von lohkaes1
    1 Antworten
    2275 Aufrufe
    10. Oktober 2012, 19:45:25 von eddyexp
    24 Antworten
    6523 Aufrufe
    01. September 2021, 19:03:29 von Chemnitzer
               
    anything