Skip to content

Commit

Permalink
Fix $PHP_SELF so it works in subdirectories (the use basename() produ…
Browse files Browse the repository at this point in the history 
…ced invalid links when viewing pages in the ext/ directory)
  • Loading branch information
@haraldpdl
haraldpdl committed May 28, 2014
1 parent 0e9f9c2 commit edd2128
Show file tree
Hide file tree
Showing 11 changed files with 28 additions and 26 deletions.
5 changes: 3 additions & 2 deletions catalog/admin/includes/application_top.php
View file
Expand Up @@ -35,7 +35,8 @@
require(DIR_WS_FUNCTIONS . 'compatibility.php');

// set php_self in the local scope
$PHP_SELF = (((strlen(ini_get('cgi.fix_pathinfo')) > 0) && ((bool)ini_get('cgi.fix_pathinfo') == false)) || !isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) ? basename($HTTP_SERVER_VARS['PHP_SELF']) : basename($HTTP_SERVER_VARS['SCRIPT_NAME']);
$req = parse_url($HTTP_SERVER_VARS['SCRIPT_NAME']);
$PHP_SELF = substr($req['path'], strlen(DIR_WS_ADMIN));

// Used in the "Backup Manager" to compress backups
define('LOCAL_EXE_GZIP', 'gzip');
Expand Down Expand Up @@ -124,7 +125,7 @@
if (!tep_session_is_registered('admin')) {
$redirect = false;

$current_page = basename($PHP_SELF);
$current_page = $PHP_SELF;

// if the first page request is to the login page, set the current page to the index page
// so the redirection on a successful login is not made to the login page again
Expand Down
6 changes: 3 additions & 3 deletions catalog/admin/includes/classes/split_page_results.php
View file
Expand Up @@ -52,18 +52,18 @@ function display_links($query_numrows, $max_rows_per_page, $max_page_links, $cur
}

if ($num_pages > 1) {
$display_links = tep_draw_form('pages', basename($PHP_SELF), '', 'get');
$display_links = tep_draw_form('pages', $PHP_SELF, '', 'get');

if ($current_page_number > 1) {
$display_links .= '<a href="' . tep_href_link(basename($PHP_SELF), $parameters . $page_name . '=' . ($current_page_number - 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_PREV . '</a>&nbsp;&nbsp;';
$display_links .= '<a href="' . tep_href_link($PHP_SELF, $parameters . $page_name . '=' . ($current_page_number - 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_PREV . '</a>&nbsp;&nbsp;';
} else {
$display_links .= PREVNEXT_BUTTON_PREV . '&nbsp;&nbsp;';
}

$display_links .= sprintf(TEXT_RESULT_PAGE, tep_draw_pull_down_menu($page_name, $pages_array, $current_page_number, 'onchange="this.form.submit();"'), $num_pages);

if (($current_page_number < $num_pages) && ($num_pages != 1)) {
$display_links .= '&nbsp;&nbsp;<a href="' . tep_href_link(basename($PHP_SELF), $parameters . $page_name . '=' . ($current_page_number + 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_NEXT . '</a>';
$display_links .= '&nbsp;&nbsp;<a href="' . tep_href_link($PHP_SELF, $parameters . $page_name . '=' . ($current_page_number + 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_NEXT . '</a>';
} else {
$display_links .= '&nbsp;&nbsp;' . PREVNEXT_BUTTON_NEXT;
}
Expand Down
11 changes: 6 additions & 5 deletions catalog/includes/application_top.php
View file
Expand Up @@ -44,7 +44,8 @@
$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

// set php_self in the local scope
$PHP_SELF = (((strlen(ini_get('cgi.fix_pathinfo')) > 0) && ((bool)ini_get('cgi.fix_pathinfo') == false)) || !isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) ? basename($HTTP_SERVER_VARS['PHP_SELF']) : basename($HTTP_SERVER_VARS['SCRIPT_NAME']);
$req = parse_url($HTTP_SERVER_VARS['SCRIPT_NAME']);
$PHP_SELF = substr($req['path'], ($request_type == 'NONSSL') ? strlen(DIR_WS_HTTP_CATALOG) : strlen(DIR_WS_HTTPS_CATALOG));

if ($request_type == 'NONSSL') {
define('DIR_WS_CATALOG', DIR_WS_HTTP_CATALOG);
Expand Down Expand Up @@ -314,7 +315,7 @@
$goto = FILENAME_SHOPPING_CART;
$parameters = array('action', 'cPath', 'products_id', 'pid');
} else {
$goto = basename($PHP_SELF);
$goto = $PHP_SELF;
if ($HTTP_GET_VARS['action'] == 'buy_now') {
$parameters = array('action', 'pid', 'products_id');
} else {
Expand Down Expand Up @@ -364,7 +365,7 @@
} elseif (isset($HTTP_POST_VARS['notify'])) {
$notify = $HTTP_POST_VARS['notify'];
} else {
tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action', 'notify'))));
tep_redirect(tep_href_link($PHP_SELF, tep_get_all_get_params(array('action', 'notify'))));
}
if (!is_array($notify)) $notify = array($notify);
for ($i=0, $n=sizeof($notify); $i<$n; $i++) {
Expand All @@ -374,7 +375,7 @@
tep_db_query("insert into " . TABLE_PRODUCTS_NOTIFICATIONS . " (products_id, customers_id, date_added) values ('" . (int)$notify[$i] . "', '" . (int)$customer_id . "', now())");
}
}
tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action', 'notify'))));
tep_redirect(tep_href_link($PHP_SELF, tep_get_all_get_params(array('action', 'notify'))));
} else {
$navigation->set_snapshot();
tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
Expand All @@ -386,7 +387,7 @@
if ($check['count'] > 0) {
tep_db_query("delete from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and customers_id = '" . (int)$customer_id . "'");
}
tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action'))));
tep_redirect(tep_href_link($PHP_SELF, tep_get_all_get_params(array('action'))));
} else {
$navigation->set_snapshot();
tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
Expand Down
8 changes: 4 additions & 4 deletions catalog/includes/classes/navigation_history.php
View file
Expand Up @@ -27,7 +27,7 @@ function add_current_page() {

$set = 'true';
for ($i=0, $n=sizeof($this->path); $i<$n; $i++) {
if ( ($this->path[$i]['page'] == basename($PHP_SELF)) ) {
if ($this->path[$i]['page'] == $PHP_SELF) {
if (isset($cPath)) {
if (!isset($this->path[$i]['get']['cPath'])) {
continue;
Expand Down Expand Up @@ -58,7 +58,7 @@ function add_current_page() {
}

if ($set == 'true') {
$this->path[] = array('page' => basename($PHP_SELF),
$this->path[] = array('page' => $PHP_SELF,
'mode' => $request_type,
'get' => $this->filter_parameters($HTTP_GET_VARS),
'post' => $this->filter_parameters($HTTP_POST_VARS));
Expand All @@ -69,7 +69,7 @@ function remove_current_page() {
global $PHP_SELF;

$last_entry_position = sizeof($this->path) - 1;
if ($this->path[$last_entry_position]['page'] == basename($PHP_SELF)) {
if ($this->path[$last_entry_position]['page'] == $PHP_SELF) {
unset($this->path[$last_entry_position]);
}
}
Expand All @@ -83,7 +83,7 @@ function set_snapshot($page = '') {
'get' => $this->filter_parameters($page['get']),
'post' => $this->filter_parameters($page['post']));
} else {
$this->snapshot = array('page' => basename($PHP_SELF),
$this->snapshot = array('page' => $PHP_SELF,
'mode' => $request_type,
'get' => $this->filter_parameters($HTTP_GET_VARS),
'post' => $this->filter_parameters($HTTP_POST_VARS));
Expand Down
10 changes: 5 additions & 5 deletions catalog/includes/classes/split_page_results.php
View file
Expand Up @@ -80,7 +80,7 @@ function display_links($max_page_links, $parameters = '') {
if (tep_not_null($parameters) && (substr($parameters, -1) != '&')) $parameters .= '&';

// previous button - not displayed on first page
if ($this->current_page_number > 1) $display_links_string .= '<a href="' . tep_href_link(basename($PHP_SELF), $parameters . $this->page_name . '=' . ($this->current_page_number - 1), $request_type) . '" class="pageResults" title=" ' . PREVNEXT_TITLE_PREVIOUS_PAGE . ' "><u>' . PREVNEXT_BUTTON_PREV . '</u></a>&nbsp;&nbsp;';
if ($this->current_page_number > 1) $display_links_string .= '<a href="' . tep_href_link($PHP_SELF, $parameters . $this->page_name . '=' . ($this->current_page_number - 1), $request_type) . '" class="pageResults" title=" ' . PREVNEXT_TITLE_PREVIOUS_PAGE . ' "><u>' . PREVNEXT_BUTTON_PREV . '</u></a>&nbsp;&nbsp;';

// check if number_of_pages > $max_page_links
$cur_window_num = intval($this->current_page_number / $max_page_links);
Expand All @@ -90,22 +90,22 @@ function display_links($max_page_links, $parameters = '') {
if ($this->number_of_pages % $max_page_links) $max_window_num++;

// previous window of pages
if ($cur_window_num > 1) $display_links_string .= '<a href="' . tep_href_link(basename($PHP_SELF), $parameters . $this->page_name . '=' . (($cur_window_num - 1) * $max_page_links), $request_type) . '" class="pageResults" title=" ' . sprintf(PREVNEXT_TITLE_PREV_SET_OF_NO_PAGE, $max_page_links) . ' ">...</a>';
if ($cur_window_num > 1) $display_links_string .= '<a href="' . tep_href_link($PHP_SELF, $parameters . $this->page_name . '=' . (($cur_window_num - 1) * $max_page_links), $request_type) . '" class="pageResults" title=" ' . sprintf(PREVNEXT_TITLE_PREV_SET_OF_NO_PAGE, $max_page_links) . ' ">...</a>';

// page nn button
for ($jump_to_page = 1 + (($cur_window_num - 1) * $max_page_links); ($jump_to_page <= ($cur_window_num * $max_page_links)) && ($jump_to_page <= $this->number_of_pages); $jump_to_page++) {
if ($jump_to_page == $this->current_page_number) {
$display_links_string .= '&nbsp;<strong>' . $jump_to_page . '</strong>&nbsp;';
} else {
$display_links_string .= '&nbsp;<a href="' . tep_href_link(basename($PHP_SELF), $parameters . $this->page_name . '=' . $jump_to_page, $request_type) . '" class="pageResults" title=" ' . sprintf(PREVNEXT_TITLE_PAGE_NO, $jump_to_page) . ' "><u>' . $jump_to_page . '</u></a>&nbsp;';
$display_links_string .= '&nbsp;<a href="' . tep_href_link($PHP_SELF, $parameters . $this->page_name . '=' . $jump_to_page, $request_type) . '" class="pageResults" title=" ' . sprintf(PREVNEXT_TITLE_PAGE_NO, $jump_to_page) . ' "><u>' . $jump_to_page . '</u></a>&nbsp;';
}
}

// next window of pages
if ($cur_window_num < $max_window_num) $display_links_string .= '<a href="' . tep_href_link(basename($PHP_SELF), $parameters . $this->page_name . '=' . (($cur_window_num) * $max_page_links + 1), $request_type) . '" class="pageResults" title=" ' . sprintf(PREVNEXT_TITLE_NEXT_SET_OF_NO_PAGE, $max_page_links) . ' ">...</a>&nbsp;';
if ($cur_window_num < $max_window_num) $display_links_string .= '<a href="' . tep_href_link($PHP_SELF, $parameters . $this->page_name . '=' . (($cur_window_num) * $max_page_links + 1), $request_type) . '" class="pageResults" title=" ' . sprintf(PREVNEXT_TITLE_NEXT_SET_OF_NO_PAGE, $max_page_links) . ' ">...</a>&nbsp;';

// next button
if (($this->current_page_number < $this->number_of_pages) && ($this->number_of_pages != 1)) $display_links_string .= '&nbsp;<a href="' . tep_href_link(basename($PHP_SELF), $parameters . 'page=' . ($this->current_page_number + 1), $request_type) . '" class="pageResults" title=" ' . PREVNEXT_TITLE_NEXT_PAGE . ' "><u>' . PREVNEXT_BUTTON_NEXT . '</u></a>&nbsp;';
if (($this->current_page_number < $this->number_of_pages) && ($this->number_of_pages != 1)) $display_links_string .= '&nbsp;<a href="' . tep_href_link($PHP_SELF, $parameters . 'page=' . ($this->current_page_number + 1), $request_type) . '" class="pageResults" title=" ' . PREVNEXT_TITLE_NEXT_PAGE . ' "><u>' . PREVNEXT_BUTTON_NEXT . '</u></a>&nbsp;';

return $display_links_string;
}
Expand Down
2 changes: 1 addition & 1 deletion catalog/includes/functions/general.php
View file
Expand Up @@ -893,7 +893,7 @@ function tep_create_sort_heading($sortby, $colnum, $heading) {
$sort_suffix = '';

if ($sortby) {
$sort_prefix = '<a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('page', 'info', 'sort')) . 'page=1&sort=' . $colnum . ($sortby == $colnum . 'a' ? 'd' : 'a')) . '" title="' . tep_output_string(TEXT_SORT_PRODUCTS . ($sortby == $colnum . 'd' || substr($sortby, 0, 1) != $colnum ? TEXT_ASCENDINGLY : TEXT_DESCENDINGLY) . TEXT_BY . $heading) . '" class="productListing-heading">' ;
$sort_prefix = '<a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('page', 'info', 'sort')) . 'page=1&sort=' . $colnum . ($sortby == $colnum . 'a' ? 'd' : 'a')) . '" title="' . tep_output_string(TEXT_SORT_PRODUCTS . ($sortby == $colnum . 'd' || substr($sortby, 0, 1) != $colnum ? TEXT_ASCENDINGLY : TEXT_DESCENDINGLY) . TEXT_BY . $heading) . '" class="productListing-heading">' ;
$sort_suffix = (substr($sortby, 0, 1) == $colnum ? (substr($sortby, 1, 1) == 'a' ? '+' : '-') : '') . '</a>';
}

Expand Down
2 changes: 1 addition & 1 deletion catalog/includes/modules/boxes/bm_currencies.php
View file
Expand Up @@ -52,7 +52,7 @@ function execute() {
$data = '<div class="ui-widget infoBoxContainer">' .
' <div class="ui-widget-header infoBoxHeading">' . MODULE_BOXES_CURRENCIES_BOX_TITLE . '</div>' .
' <div class="ui-widget-content infoBoxContents">' .
' ' . tep_draw_form('currencies', tep_href_link(basename($PHP_SELF), '', $request_type, false), 'get') .
' ' . tep_draw_form('currencies', tep_href_link($PHP_SELF, '', $request_type, false), 'get') .
' ' . tep_draw_pull_down_menu('currency', $currencies_array, $currency, 'onchange="this.form.submit();" style="width: 100%"') . $hidden_get_variables . tep_hide_session_id() . '</form>' .
' </div>' .
'</div>';
Expand Down
2 changes: 1 addition & 1 deletion catalog/includes/modules/boxes/bm_languages.php
View file
Expand Up @@ -43,7 +43,7 @@ function execute() {
$languages_string = '';
reset($lng->catalog_languages);
while (list($key, $value) = each($lng->catalog_languages)) {
$languages_string .= ' <a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('language', 'currency')) . 'language=' . $key, $request_type) . '">' . tep_image(DIR_WS_LANGUAGES . $value['directory'] . '/images/' . $value['image'], $value['name']) . '</a> ';
$languages_string .= ' <a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('language', 'currency')) . 'language=' . $key, $request_type) . '">' . tep_image(DIR_WS_LANGUAGES . $value['directory'] . '/images/' . $value['image'], $value['name']) . '</a> ';
}

$data = '<div class="ui-widget infoBoxContainer">' .
Expand Down
2 changes: 1 addition & 1 deletion catalog/includes/modules/boxes/bm_order_history.php
View file
Expand Up @@ -48,7 +48,7 @@ function execute() {
while ($products = tep_db_fetch_array($products_query)) {
$customer_orders_string .= ' <tr>' .
' <td><a href="' . tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $products['products_id']) . '">' . $products['products_name'] . '</a></td>' .
' <td align="right" valign="top"><a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=cust_order&pid=' . $products['products_id']) . '">' . tep_image(DIR_WS_ICONS . 'cart.gif', ICON_CART) . '</a></td>' .
' <td align="right" valign="top"><a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=cust_order&pid=' . $products['products_id']) . '">' . tep_image(DIR_WS_ICONS . 'cart.gif', ICON_CART) . '</a></td>' .
' </tr>';
}
$customer_orders_string .= '</table>';
Expand Down
4 changes: 2 additions & 2 deletions catalog/includes/modules/boxes/bm_product_notifications.php
View file
Expand Up @@ -46,9 +46,9 @@ function execute() {
$notif_contents = '';

if ($notification_exists == true) {
$notif_contents = '<table border="0" cellspacing="0" cellpadding="2" class="ui-widget-content infoBoxContents"><tr><td><a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=notify_remove', $request_type) . '">' . tep_image(DIR_WS_IMAGES . 'box_products_notifications_remove.gif', IMAGE_BUTTON_REMOVE_NOTIFICATIONS) . '</a></td><td><a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=notify_remove', $request_type) . '">' . sprintf(MODULE_BOXES_PRODUCT_NOTIFICATIONS_BOX_NOTIFY_REMOVE, tep_get_products_name($HTTP_GET_VARS['products_id'])) .'</a></td></tr></table>';
$notif_contents = '<table border="0" cellspacing="0" cellpadding="2" class="ui-widget-content infoBoxContents"><tr><td><a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=notify_remove', $request_type) . '">' . tep_image(DIR_WS_IMAGES . 'box_products_notifications_remove.gif', IMAGE_BUTTON_REMOVE_NOTIFICATIONS) . '</a></td><td><a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=notify_remove', $request_type) . '">' . sprintf(MODULE_BOXES_PRODUCT_NOTIFICATIONS_BOX_NOTIFY_REMOVE, tep_get_products_name($HTTP_GET_VARS['products_id'])) .'</a></td></tr></table>';
} else {
$notif_contents = '<table border="0" cellspacing="0" cellpadding="2" class="ui-widget-content infoBoxContents"><tr><td><a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=notify', $request_type) . '">' . tep_image(DIR_WS_IMAGES . 'box_products_notifications.gif', IMAGE_BUTTON_NOTIFICATIONS) . '</a></td><td><a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=notify', $request_type) . '">' . sprintf(MODULE_BOXES_PRODUCT_NOTIFICATIONS_BOX_NOTIFY, tep_get_products_name($HTTP_GET_VARS['products_id'])) .'</a></td></tr></table>';
$notif_contents = '<table border="0" cellspacing="0" cellpadding="2" class="ui-widget-content infoBoxContents"><tr><td><a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=notify', $request_type) . '">' . tep_image(DIR_WS_IMAGES . 'box_products_notifications.gif', IMAGE_BUTTON_NOTIFICATIONS) . '</a></td><td><a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=notify', $request_type) . '">' . sprintf(MODULE_BOXES_PRODUCT_NOTIFICATIONS_BOX_NOTIFY, tep_get_products_name($HTTP_GET_VARS['products_id'])) .'</a></td></tr></table>';
}

$data = '<div class="ui-widget infoBoxContainer">' .
Expand Down
2 changes: 1 addition & 1 deletion catalog/includes/modules/product_listing.php
View file
Expand Up @@ -132,7 +132,7 @@
}
break;
case 'PRODUCT_LIST_BUY_NOW':
$prod_list_contents .= ' <td align="center">' . tep_draw_button(IMAGE_BUTTON_BUY_NOW, 'cart', tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=buy_now&products_id=' . $listing['products_id'])) . '</td>';
$prod_list_contents .= ' <td align="center">' . tep_draw_button(IMAGE_BUTTON_BUY_NOW, 'cart', tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=buy_now&products_id=' . $listing['products_id'])) . '</td>';
break;
}
}
Expand Down

0 comments on commit edd2128

Please sign in to comment.