$get_value) { if ((preg_match("/\//", $get_value)) || (preg_match("/\[\\\]/", $get_value)) || (preg_match("/:/", $get_value))) { eval("unset(\${$get_key});"); die("A hacking attempt has been detected. For security reasons, we're blocking any code execution."); } } // *** Disabling magic quotes at runtime if(get_magic_quotes_gpc()){ function stripslashes_gpc(&$value) { $value = stripslashes($value); } array_walk_recursive($_GET, 'stripslashes_gpc'); array_walk_recursive($_POST, 'stripslashes_gpc'); array_walk_recursive($_COOKIE, 'stripslashes_gpc'); array_walk_recursive($_REQUEST, 'stripslashes_gpc'); } ## uncomment, if your want to prevent "Web Page exired" message when use $submission_method = "post"; session_cache_limiter('private, must-revalidate'); // *** Set flag that this is a parent file define("APPHP_EXEC", "access allowed"); require_once("include/base.inc.php"); require_once("include/connection.php"); define('APPHP_BASE', get_base_url()); $page = !empty($_GET['page']) ? prepare_input($_GET['page']) : "home"; $page_id = isset($_REQUEST['pid']) ? prepare_input($_REQUEST['pid']) : "home"; $admin = !empty($_GET['admin']) ? prepare_input($_GET['admin']) : ""; $customer = !empty($_GET['customer']) ? prepare_input($_GET['customer']) : ""; if(@$objLogin->IsLoggedInAsCustomer()){ // default customer page if($customer == "" || $page == "") $customer = "home"; } // *** draw offline message // ----------------------------------------------------------------------------- if($objSettings->GetParameter("is_offline")){ if(!@$objLogin->IsLoggedIn() && $admin != "login"){ echo $objSettings->GetParameter("offline_message"); exit; } } // *** run cron jobs file // ----------------------------------------------------------------------------- if($objSettings->GetParameter("cron_type") == "non-batch"){ include_once("cron.php"); } // *** get site style // ----------------------------------------------------------------------------- $site_style = ($objSettings->GetTemplate() != "") ? $objSettings->GetTemplate() : DEFAULT_TEMPLATE; if(@$objLogin->IsLoggedInAsAdmin()) $site_style = "admin"; // *** use direction of selected language // ----------------------------------------------------------------------------- $defined_left = ($lang_dir == "ltr") ? "left" : "right"; $defined_right = ($lang_dir == "ltr") ? "right" : "left"; $defined_alignment = ($lang_dir == "ltr") ? "left" : "right"; // *** get page parameters // ----------------------------------------------------------------------------- $objPage = new Pages($page_id); $tag_title = ($objPage->GetParameter("tag_title") != "") ? $objPage->GetParameter("tag_title") : $objSiteDescription->GetParameter("tag_title"); $tag_keywords = ($objPage->GetParameter("tag_keywords") != "") ? $objPage->GetParameter("tag_keywords") : $objSiteDescription->GetParameter("tag_keywords"); $tag_description = ($objPage->GetParameter("tag_description") != "") ? $objPage->GetParameter("tag_description") : $objSiteDescription->GetParameter("tag_description"); // *** call handlers if exist // ----------------------------------------------------------------------------- if(($page != "") && file_exists("page/handlers/handler_".$page.".php")){ include_once("page/handlers/handler_" . $page . ".php"); }else if(($customer != "") && file_exists("customer/handlers/handler_".$customer.".php")){ if(Modules::IsModuleInstalled("customers")){ include_once("customer/handlers/handler_".$customer.".php"); } }else if(($admin != "") && file_exists("admin/handlers/handler_".$admin.".php")){ include_once("admin/handlers/handler_".$admin.".php"); } // *** get site content // ----------------------------------------------------------------------------- if($page == "booking_notify_paypal"){ require_once("page/handlers/handler_booking_notify_paypal.php"); }else if($page == "booking_notify_2co"){ require_once("page/handlers/handler_booking_notify_2co.php"); }else{ require_once("templates/".$site_style."/default.php"); } echo "\n"; ?>