From edd2128b605497d0730238daa1df0c40f23152fc Mon Sep 17 00:00:00 2001 From: Harald Ponce de Leon Date: Thu, 10 Apr 2014 12:04:00 +0200 Subject: [PATCH] Fix $PHP_SELF so it works in subdirectories (the use basename() produced invalid links when viewing pages in the ext/ directory) --- catalog/admin/includes/application_top.php | 5 +++-- catalog/admin/includes/classes/split_page_results.php | 6 +++--- catalog/includes/application_top.php | 11 ++++++----- catalog/includes/classes/navigation_history.php | 8 ++++---- catalog/includes/classes/split_page_results.php | 10 +++++----- catalog/includes/functions/general.php | 2 +- catalog/includes/modules/boxes/bm_currencies.php | 2 +- catalog/includes/modules/boxes/bm_languages.php | 2 +- catalog/includes/modules/boxes/bm_order_history.php | 2 +- .../modules/boxes/bm_product_notifications.php | 4 ++-- catalog/includes/modules/product_listing.php | 2 +- 11 files changed, 28 insertions(+), 26 deletions(-) diff --git a/catalog/admin/includes/application_top.php b/catalog/admin/includes/application_top.php index 6c63a429e..79c3eee70 100644 --- a/catalog/admin/includes/application_top.php +++ b/catalog/admin/includes/application_top.php @@ -35,7 +35,8 @@ require(DIR_WS_FUNCTIONS . 'compatibility.php'); // set php_self in the local scope - $PHP_SELF = (((strlen(ini_get('cgi.fix_pathinfo')) > 0) && ((bool)ini_get('cgi.fix_pathinfo') == false)) || !isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) ? basename($HTTP_SERVER_VARS['PHP_SELF']) : basename($HTTP_SERVER_VARS['SCRIPT_NAME']); + $req = parse_url($HTTP_SERVER_VARS['SCRIPT_NAME']); + $PHP_SELF = substr($req['path'], strlen(DIR_WS_ADMIN)); // Used in the "Backup Manager" to compress backups define('LOCAL_EXE_GZIP', 'gzip'); @@ -124,7 +125,7 @@ if (!tep_session_is_registered('admin')) { $redirect = false; - $current_page = basename($PHP_SELF); + $current_page = $PHP_SELF; // if the first page request is to the login page, set the current page to the index page // so the redirection on a successful login is not made to the login page again diff --git a/catalog/admin/includes/classes/split_page_results.php b/catalog/admin/includes/classes/split_page_results.php index f501e4613..7fd60b8a1 100644 --- a/catalog/admin/includes/classes/split_page_results.php +++ b/catalog/admin/includes/classes/split_page_results.php @@ -52,10 +52,10 @@ function display_links($query_numrows, $max_rows_per_page, $max_page_links, $cur } if ($num_pages > 1) { - $display_links = tep_draw_form('pages', basename($PHP_SELF), '', 'get'); + $display_links = tep_draw_form('pages', $PHP_SELF, '', 'get'); if ($current_page_number > 1) { - $display_links .= '' . PREVNEXT_BUTTON_PREV . '  '; + $display_links .= '' . PREVNEXT_BUTTON_PREV . '  '; } else { $display_links .= PREVNEXT_BUTTON_PREV . '  '; } @@ -63,7 +63,7 @@ function display_links($query_numrows, $max_rows_per_page, $max_page_links, $cur $display_links .= sprintf(TEXT_RESULT_PAGE, tep_draw_pull_down_menu($page_name, $pages_array, $current_page_number, 'onchange="this.form.submit();"'), $num_pages); if (($current_page_number < $num_pages) && ($num_pages != 1)) { - $display_links .= '  ' . PREVNEXT_BUTTON_NEXT . ''; + $display_links .= '  ' . PREVNEXT_BUTTON_NEXT . ''; } else { $display_links .= '  ' . PREVNEXT_BUTTON_NEXT; } diff --git a/catalog/includes/application_top.php b/catalog/includes/application_top.php index 8b7e5bc15..63d1151a6 100644 --- a/catalog/includes/application_top.php +++ b/catalog/includes/application_top.php @@ -44,7 +44,8 @@ $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; // set php_self in the local scope - $PHP_SELF = (((strlen(ini_get('cgi.fix_pathinfo')) > 0) && ((bool)ini_get('cgi.fix_pathinfo') == false)) || !isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) ? basename($HTTP_SERVER_VARS['PHP_SELF']) : basename($HTTP_SERVER_VARS['SCRIPT_NAME']); + $req = parse_url($HTTP_SERVER_VARS['SCRIPT_NAME']); + $PHP_SELF = substr($req['path'], ($request_type == 'NONSSL') ? strlen(DIR_WS_HTTP_CATALOG) : strlen(DIR_WS_HTTPS_CATALOG)); if ($request_type == 'NONSSL') { define('DIR_WS_CATALOG', DIR_WS_HTTP_CATALOG); @@ -314,7 +315,7 @@ $goto = FILENAME_SHOPPING_CART; $parameters = array('action', 'cPath', 'products_id', 'pid'); } else { - $goto = basename($PHP_SELF); + $goto = $PHP_SELF; if ($HTTP_GET_VARS['action'] == 'buy_now') { $parameters = array('action', 'pid', 'products_id'); } else { @@ -364,7 +365,7 @@ } elseif (isset($HTTP_POST_VARS['notify'])) { $notify = $HTTP_POST_VARS['notify']; } else { - tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action', 'notify')))); + tep_redirect(tep_href_link($PHP_SELF, tep_get_all_get_params(array('action', 'notify')))); } if (!is_array($notify)) $notify = array($notify); for ($i=0, $n=sizeof($notify); $i<$n; $i++) { @@ -374,7 +375,7 @@ tep_db_query("insert into " . TABLE_PRODUCTS_NOTIFICATIONS . " (products_id, customers_id, date_added) values ('" . (int)$notify[$i] . "', '" . (int)$customer_id . "', now())"); } } - tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action', 'notify')))); + tep_redirect(tep_href_link($PHP_SELF, tep_get_all_get_params(array('action', 'notify')))); } else { $navigation->set_snapshot(); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); @@ -386,7 +387,7 @@ if ($check['count'] > 0) { tep_db_query("delete from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and customers_id = '" . (int)$customer_id . "'"); } - tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')))); + tep_redirect(tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')))); } else { $navigation->set_snapshot(); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); diff --git a/catalog/includes/classes/navigation_history.php b/catalog/includes/classes/navigation_history.php index e9aa919f8..63d1853a8 100644 --- a/catalog/includes/classes/navigation_history.php +++ b/catalog/includes/classes/navigation_history.php @@ -27,7 +27,7 @@ function add_current_page() { $set = 'true'; for ($i=0, $n=sizeof($this->path); $i<$n; $i++) { - if ( ($this->path[$i]['page'] == basename($PHP_SELF)) ) { + if ($this->path[$i]['page'] == $PHP_SELF) { if (isset($cPath)) { if (!isset($this->path[$i]['get']['cPath'])) { continue; @@ -58,7 +58,7 @@ function add_current_page() { } if ($set == 'true') { - $this->path[] = array('page' => basename($PHP_SELF), + $this->path[] = array('page' => $PHP_SELF, 'mode' => $request_type, 'get' => $this->filter_parameters($HTTP_GET_VARS), 'post' => $this->filter_parameters($HTTP_POST_VARS)); @@ -69,7 +69,7 @@ function remove_current_page() { global $PHP_SELF; $last_entry_position = sizeof($this->path) - 1; - if ($this->path[$last_entry_position]['page'] == basename($PHP_SELF)) { + if ($this->path[$last_entry_position]['page'] == $PHP_SELF) { unset($this->path[$last_entry_position]); } } @@ -83,7 +83,7 @@ function set_snapshot($page = '') { 'get' => $this->filter_parameters($page['get']), 'post' => $this->filter_parameters($page['post'])); } else { - $this->snapshot = array('page' => basename($PHP_SELF), + $this->snapshot = array('page' => $PHP_SELF, 'mode' => $request_type, 'get' => $this->filter_parameters($HTTP_GET_VARS), 'post' => $this->filter_parameters($HTTP_POST_VARS)); diff --git a/catalog/includes/classes/split_page_results.php b/catalog/includes/classes/split_page_results.php index 895d3f027..6ccb1f7ad 100644 --- a/catalog/includes/classes/split_page_results.php +++ b/catalog/includes/classes/split_page_results.php @@ -80,7 +80,7 @@ function display_links($max_page_links, $parameters = '') { if (tep_not_null($parameters) && (substr($parameters, -1) != '&')) $parameters .= '&'; // previous button - not displayed on first page - if ($this->current_page_number > 1) $display_links_string .= '' . PREVNEXT_BUTTON_PREV . '  '; + if ($this->current_page_number > 1) $display_links_string .= '' . PREVNEXT_BUTTON_PREV . '  '; // check if number_of_pages > $max_page_links $cur_window_num = intval($this->current_page_number / $max_page_links); @@ -90,22 +90,22 @@ function display_links($max_page_links, $parameters = '') { if ($this->number_of_pages % $max_page_links) $max_window_num++; // previous window of pages - if ($cur_window_num > 1) $display_links_string .= '...'; + if ($cur_window_num > 1) $display_links_string .= '...'; // page nn button for ($jump_to_page = 1 + (($cur_window_num - 1) * $max_page_links); ($jump_to_page <= ($cur_window_num * $max_page_links)) && ($jump_to_page <= $this->number_of_pages); $jump_to_page++) { if ($jump_to_page == $this->current_page_number) { $display_links_string .= ' ' . $jump_to_page . ' '; } else { - $display_links_string .= ' ' . $jump_to_page . ' '; + $display_links_string .= ' ' . $jump_to_page . ' '; } } // next window of pages - if ($cur_window_num < $max_window_num) $display_links_string .= '... '; + if ($cur_window_num < $max_window_num) $display_links_string .= '... '; // next button - if (($this->current_page_number < $this->number_of_pages) && ($this->number_of_pages != 1)) $display_links_string .= ' ' . PREVNEXT_BUTTON_NEXT . ' '; + if (($this->current_page_number < $this->number_of_pages) && ($this->number_of_pages != 1)) $display_links_string .= ' ' . PREVNEXT_BUTTON_NEXT . ' '; return $display_links_string; } diff --git a/catalog/includes/functions/general.php b/catalog/includes/functions/general.php index bd0359bd1..bb9ae493f 100644 --- a/catalog/includes/functions/general.php +++ b/catalog/includes/functions/general.php @@ -893,7 +893,7 @@ function tep_create_sort_heading($sortby, $colnum, $heading) { $sort_suffix = ''; if ($sortby) { - $sort_prefix = '' ; + $sort_prefix = '' ; $sort_suffix = (substr($sortby, 0, 1) == $colnum ? (substr($sortby, 1, 1) == 'a' ? '+' : '-') : '') . ''; } diff --git a/catalog/includes/modules/boxes/bm_currencies.php b/catalog/includes/modules/boxes/bm_currencies.php index e255ddfc8..46491d894 100644 --- a/catalog/includes/modules/boxes/bm_currencies.php +++ b/catalog/includes/modules/boxes/bm_currencies.php @@ -52,7 +52,7 @@ function execute() { $data = '
' . '
' . MODULE_BOXES_CURRENCIES_BOX_TITLE . '
' . '
' . - ' ' . tep_draw_form('currencies', tep_href_link(basename($PHP_SELF), '', $request_type, false), 'get') . + ' ' . tep_draw_form('currencies', tep_href_link($PHP_SELF, '', $request_type, false), 'get') . ' ' . tep_draw_pull_down_menu('currency', $currencies_array, $currency, 'onchange="this.form.submit();" style="width: 100%"') . $hidden_get_variables . tep_hide_session_id() . '' . '
' . '
'; diff --git a/catalog/includes/modules/boxes/bm_languages.php b/catalog/includes/modules/boxes/bm_languages.php index 1e7a1213c..16a690af7 100644 --- a/catalog/includes/modules/boxes/bm_languages.php +++ b/catalog/includes/modules/boxes/bm_languages.php @@ -43,7 +43,7 @@ function execute() { $languages_string = ''; reset($lng->catalog_languages); while (list($key, $value) = each($lng->catalog_languages)) { - $languages_string .= ' ' . tep_image(DIR_WS_LANGUAGES . $value['directory'] . '/images/' . $value['image'], $value['name']) . ' '; + $languages_string .= ' ' . tep_image(DIR_WS_LANGUAGES . $value['directory'] . '/images/' . $value['image'], $value['name']) . ' '; } $data = '
' . diff --git a/catalog/includes/modules/boxes/bm_order_history.php b/catalog/includes/modules/boxes/bm_order_history.php index 1ad542fb6..f0b5b88cb 100644 --- a/catalog/includes/modules/boxes/bm_order_history.php +++ b/catalog/includes/modules/boxes/bm_order_history.php @@ -48,7 +48,7 @@ function execute() { while ($products = tep_db_fetch_array($products_query)) { $customer_orders_string .= ' ' . ' ' . $products['products_name'] . '' . - ' ' . tep_image(DIR_WS_ICONS . 'cart.gif', ICON_CART) . '' . + ' ' . tep_image(DIR_WS_ICONS . 'cart.gif', ICON_CART) . '' . ' '; } $customer_orders_string .= ''; diff --git a/catalog/includes/modules/boxes/bm_product_notifications.php b/catalog/includes/modules/boxes/bm_product_notifications.php index 9ab77eb9e..ebb3807fa 100644 --- a/catalog/includes/modules/boxes/bm_product_notifications.php +++ b/catalog/includes/modules/boxes/bm_product_notifications.php @@ -46,9 +46,9 @@ function execute() { $notif_contents = ''; if ($notification_exists == true) { - $notif_contents = '
' . tep_image(DIR_WS_IMAGES . 'box_products_notifications_remove.gif', IMAGE_BUTTON_REMOVE_NOTIFICATIONS) . '' . sprintf(MODULE_BOXES_PRODUCT_NOTIFICATIONS_BOX_NOTIFY_REMOVE, tep_get_products_name($HTTP_GET_VARS['products_id'])) .'
'; + $notif_contents = '
' . tep_image(DIR_WS_IMAGES . 'box_products_notifications_remove.gif', IMAGE_BUTTON_REMOVE_NOTIFICATIONS) . '' . sprintf(MODULE_BOXES_PRODUCT_NOTIFICATIONS_BOX_NOTIFY_REMOVE, tep_get_products_name($HTTP_GET_VARS['products_id'])) .'
'; } else { - $notif_contents = '
' . tep_image(DIR_WS_IMAGES . 'box_products_notifications.gif', IMAGE_BUTTON_NOTIFICATIONS) . '' . sprintf(MODULE_BOXES_PRODUCT_NOTIFICATIONS_BOX_NOTIFY, tep_get_products_name($HTTP_GET_VARS['products_id'])) .'
'; + $notif_contents = '
' . tep_image(DIR_WS_IMAGES . 'box_products_notifications.gif', IMAGE_BUTTON_NOTIFICATIONS) . '' . sprintf(MODULE_BOXES_PRODUCT_NOTIFICATIONS_BOX_NOTIFY, tep_get_products_name($HTTP_GET_VARS['products_id'])) .'
'; } $data = '
' . diff --git a/catalog/includes/modules/product_listing.php b/catalog/includes/modules/product_listing.php index 214b06171..ba21ea28b 100644 --- a/catalog/includes/modules/product_listing.php +++ b/catalog/includes/modules/product_listing.php @@ -132,7 +132,7 @@ } break; case 'PRODUCT_LIST_BUY_NOW': - $prod_list_contents .= ' ' . tep_draw_button(IMAGE_BUTTON_BUY_NOW, 'cart', tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=buy_now&products_id=' . $listing['products_id'])) . ''; + $prod_list_contents .= ' ' . tep_draw_button(IMAGE_BUTTON_BUY_NOW, 'cart', tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=buy_now&products_id=' . $listing['products_id'])) . ''; break; } }