/*****************************************************************************\ +-----------------------------------------------------------------------------+ | X-Cart | | Copyright (c) 2001-2007 Ruslan R. Fazliev | | All rights reserved. | +-----------------------------------------------------------------------------+ | PLEASE READ THE FULL TEXT OF SOFTWARE LICENSE AGREEMENT IN THE "COPYRIGHT" | | FILE PROVIDED WITH THIS DISTRIBUTION. THE AGREEMENT TEXT IS ALSO AVAILABLE | | AT THE FOLLOWING URL: http://www.x-cart.com/license.php | | | | THIS AGREEMENT EXPRESSES THE TERMS AND CONDITIONS ON WHICH YOU MAY USE | | THIS SOFTWARE PROGRAM AND ASSOCIATED DOCUMENTATION THAT RUSLAN R. | | FAZLIEV (hereinafter referred to as "THE AUTHOR") IS FURNISHING OR MAKING | | AVAILABLE TO YOU WITH THIS AGREEMENT (COLLECTIVELY, THE "SOFTWARE"). | | PLEASE REVIEW THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT | | CAREFULLY BEFORE INSTALLING OR USING THE SOFTWARE. BY INSTALLING, | | COPYING OR OTHERWISE USING THE SOFTWARE, YOU AND YOUR COMPANY | | (COLLECTIVELY, "YOU") ARE ACCEPTING AND AGREEING TO THE TERMS OF THIS | | LICENSE AGREEMENT. IF YOU ARE NOT WILLING TO BE BOUND BY THIS | | AGREEMENT, DO NOT INSTALL OR USE THE SOFTWARE. VARIOUS COPYRIGHTS AND | | OTHER INTELLECTUAL PROPERTY RIGHTS PROTECT THE SOFTWARE. THIS | | AGREEMENT IS A LICENSE AGREEMENT THAT GIVES YOU LIMITED RIGHTS TO USE | | THE SOFTWARE AND NOT AN AGREEMENT FOR SALE OR FOR TRANSFER OF TITLE.| | THE AUTHOR RETAINS ALL RIGHTS NOT EXPRESSLY GRANTED BY THIS AGREEMENT. | | | | The Initial Developer of the Original Code is Ruslan R. Fazliev | | Portions created by Ruslan R. Fazliev are Copyright (C) 2001-2007 | | Ruslan R. Fazliev. All Rights Reserved. | +-----------------------------------------------------------------------------+ \*****************************************************************************/ # # $Id: func.db.php,v 1.9.2.14 2007/08/29 10:28:12 max Exp $ # if ( !defined('XCART_START') ) { header("Location: ../"); die("Access denied"); } # # Database abstract layer functions # function db_connect($sql_host, $sql_user, $sql_password) { return mysql_connect($sql_host, $sql_user, $sql_password); } function db_select_db($sql_db) { return mysql_select_db($sql_db); } function db_query($query) { global $debug_mode; global $mysql_autorepair, $sql_max_allowed_packet; if (defined("START_TIME")) { global $__sql_time; $t = func_microtime(); } if ($sql_max_allowed_packet && strlen($query) > $sql_max_allowed_packet) { # Check max. allowed packet size global $current_location, $REMOTE_ADDR, $login; $len = strlen($query); $query = substr($query, 0, 1024)."..."; $mysql_error = "10001 : The size of the data package being transmitted is greater than maximum allowed by the server"; $msg = "Site : ".$current_location."\n"; $msg .= "Remote IP : $REMOTE_ADDR\n"; $msg .= "Logged as : $login\n"; $msg .= "Query length : $len\n"; $msg .= "Max. allowed packet : $sql_max_allowed_packet\n"; $msg .= "SQL query : $query\n"; $msg .= "Error code : 10001\n"; $msg .= "Description : The size of the data package being transmitted is greater than maximum allowed by the server"; db_error_generic($query, $mysql_error, $msg); return false; } __add_mark(); $result = mysql_query($query); $t_end = func_microtime(); if (defined("START_TIME")) { $__sql_time += func_microtime()-$t; } # # Auto repair # if (!$result && $mysql_autorepair && preg_match("/'(\S+)\.(MYI|MYD)/",mysql_error(), $m)) { $stm = "REPAIR TABLE $m[1] EXTENDED"; error_log("Repairing table $m[1]", 0); if ($debug_mode == 1 || $debug_mode == 3) { $mysql_error = mysql_errno()." : ".mysql_error(); echo "Repairing table $m[1]...$mysql_error
"; flush(); } $result = mysql_query($stm); if (!$result) error_log("Repaire table $m[1] is failed: ".mysql_errno()." : ".mysql_error(), 0); else $result = mysql_query($query); # try repeat query... } if (db_error($result, $query) && $debug_mode==1) exit; $explain = array(); if ( defined("BENCH") && constant("BENCH") && !defined("BENCH_BLOCK") && !defined("BENCH_DISPLAY") && defined("BENCH_DISPLAY_TYPE") && constant("BENCH_DISPLAY_TYPE") == "A" && !strncasecmp("SELECT", $query, 6) ) { $r = mysql_query('EXPLAIN '.$query); if ($r !== false) { while ($arr = db_fetch_array($r)) $explain[] = $arr; db_free_result($r); } } __add_mark(array("query" => $query, "explain" => $explain), "SQL"); return $result; } function db_result($result, $offset) { return mysql_result($result, $offset); } function db_fetch_row($result) { return mysql_fetch_row($result); } function db_fetch_array($result, $flag=MYSQL_ASSOC) { return mysql_fetch_array($result, $flag); } function db_fetch_field($result, $num = 0) { return mysql_fetch_field($result, $num); } function db_free_result($result) { @mysql_free_result($result); } function db_num_rows($result) { return mysql_num_rows($result); } function db_num_fields($result) { return mysql_num_fields($result); } function db_insert_id() { return mysql_insert_id(); } function db_affected_rows() { return mysql_affected_rows(); } function db_error($mysql_result, $query) { global $config, $login, $REMOTE_ADDR, $current_location; if ($mysql_result) return false; $mysql_error = mysql_errno()." : ".mysql_error(); $msg = "Site : ".$current_location."\n"; $msg .= "Remote IP : $REMOTE_ADDR\n"; $msg .= "Logged as : $login\n"; $msg .= "SQL query : $query\n"; $msg .= "Error code : ".mysql_errno()."\n"; $msg .= "Description : ".mysql_error(); db_error_generic($query, $mysql_error, $msg); return true; } function db_error_generic($query, $query_error, $msg) { global $debug_mode, $config; $email = false; if (@$config["Email_Note"]["admin_sqlerror_notify"]=="Y") { $email = array ($config["Company"]["site_administrator"]); } if ($debug_mode == 1 || $debug_mode == 3) { echo "INVALID SQL: ".htmlspecialchars($query_error)."
"; echo "SQL QUERY FAILURE:".htmlspecialchars($query)."
"; flush(); } $do_log = ($debug_mode == 2 || $debug_mode == 3); if ($email !== false || $do_log) { if (!defined("SKIP_CHARSET_SELECTION")) { define("SKIP_CHARSET_SELECTION", 1); } x_log_add('SQL', $msg, true, 1, $email, !$do_log); } } function db_prepare_query($query, $params) { static $prepared = array(); if (!empty($prepared[$query])) { $info = $prepared[$query]; $tokens = $info['tokens']; } else { $tokens = preg_split('/((?$v) if ($v === '?') $count ++; $info = array ( 'tokens' => $tokens, 'param_count' => $count ); $prepared[$query] = $info; } if (count($params) != $info['param_count']) { return array ( 'info' => 'mismatch', 'expected' => $info['param_count'], 'actual' => count($params)); } $pos = 0; foreach ($tokens as $k=>$val) { if ($val !== '?') continue; if (!isset($params[$pos])) { return array ( 'info' => 'missing', 'param' => $pos, 'expected' => $info['param_count'], 'actual' => count($params)); } $val = $params[$pos]; if (is_array($val)) { $val = func_array_map('addslashes', $val); $val = implode("','", $val); } else { $val = addslashes($val); } $tokens[$k] = "'" . $val . "'"; $pos ++; } return implode('', $tokens); } # # New DB API: Executing parameterized queries # Example1: # $query = "SELECT * FROM table WHERE field1=? AND field2=? AND field3='\\?'" # $params = array (val1, val2) # query to execute: # "SELECT * FROM table WHERE field1='val1' AND field2='val2' AND field3='\\?'" # Example2: # $query = "SELECT * FROM table WHERE field1=? AND field2 IN (?)" # $params = array (val1, array(val2,val3)) # query to execute: # "SELECT * FROM table WHERE field1='val1' AND field2 IN ('val2','val3')" # # Warning: # 1) all parameters must not be escaped with addslashes() # 2) non-parameter symbols '?' must be escaped with a '\' # function db_exec($query, $params=array()) { global $config, $login, $REMOTE_ADDR, $current_location; if (!is_array($params)) $params = array ($params); $prepared = db_prepare_query($query, $params); if (!is_array($prepared)) { return db_query($prepared); } $error = "Query preparation failed"; switch ($prepared['info']) { case 'mismatch': $error .= ": parameters mismatch (passed $prepared[actual], expected $prepared[expected])"; break; case 'missing': $error .= ": parameter $prepared[param] is missing"; break; } $msg = "Site : ".$current_location."\n"; $msg .= "Remote IP : $REMOTE_ADDR\n"; $msg .= "Logged as : $login\n"; $msg .= "SQL query : $query\n"; $msg .= "Description : ".$error; db_error_generic($query, $error, $msg); return false; } # # Execute mysql query and store result into associative array with # column names as keys # function func_query($query) { $result = false; if ($p_result = db_query($query)) { while ($arr = db_fetch_array($p_result)) $result[] = $arr; db_free_result($p_result); } return $result; } # # Execute mysql query and store result into associative array with # column names as keys and then return first element of this array # If array is empty return array(). # function func_query_first($query) { if ($p_result = db_query($query)) { $result = db_fetch_array($p_result); db_free_result($p_result); } return is_array($result) ? $result : array(); } # # Execute mysql query and store result into associative array with # column names as keys and then return first cell of first element of this array # If array is empty return false. # function func_query_first_cell($query) { if ($p_result = db_query($query)) { $result = db_fetch_row($p_result); db_free_result($p_result); } return is_array($result) ? $result[0] : false; } function func_query_column($query, $column = 0) { $result = array(); $fetch_func = is_int($column) ? 'db_fetch_row' : 'db_fetch_array'; if ($p_result = db_query($query)) { while ($row = $fetch_func($p_result)) $result[] = $row[$column]; db_free_result($p_result); } return $result; } # # Insert array data to table # function func_array2insert ($tbl, $arr, $is_replace = false) { global $sql_tbl; if (empty($tbl) || empty($arr) || !is_array($arr)) return false; if (!empty($sql_tbl[$tbl])) $tbl = $sql_tbl[$tbl]; if ($is_replace ) $query = "REPLACE"; else $query = "INSERT"; func_check_tbl_fields($tbl, array_keys($arr)); $query .= " INTO $tbl (`" . implode("`, `", array_keys($arr)) . "`) VALUES ('" . implode("', '", $arr) . "')"; $r = db_query($query); if ($r) { return db_insert_id(); } return false; } # # Update array data to table + where statament # function func_array2update ($tbl, $arr, $where = '') { global $sql_tbl; if (empty($tbl) || empty($arr) || !is_array($arr)) return false; if ($sql_tbl[$tbl]) $tbl = $sql_tbl[$tbl]; $r = array(); foreach ($arr as $k => $v) { $r[] = "`".$k."`='".$v."'"; } func_check_tbl_fields($tbl, array_keys($arr)); $query = "UPDATE $tbl SET ". implode(", ", $r) . ($where ? " WHERE " . $where : ""); return db_query($query); } function func_query_hash($query, $column = false, $is_multirow = true, $only_first = false) { $result = array(); $is_multicolumn = false; if ($p_result = db_query($query)) { if ($column === false) { # Get first field name $c = db_fetch_field($p_result); $column = $c->name; } elseif (is_array($column)) { if (count($column) == 1) { $column = current($column); } else { $is_multicolumn = true; } } while ($row = db_fetch_array($p_result)) { # Get key(s) column value and remove this column from row if ($is_multicolumn) { $keys = array(); foreach ($column as $c) { $keys[] = $row[$c]; func_unset($row, $c); } $keys = implode('"]["', $keys); } else { $key = $row[$column]; func_unset($row, $column); } if ($only_first) $row = array_shift($row); if ($is_multicolumn) { # If keys count > 1 if ($is_multirow) { eval('$result["'.$keys.'"][] = $row;'); } else { eval('$is = isset($result["'.$keys.'"]);'); if (!$is) { eval('$result["'.$keys.'"] = $row;'); } } } elseif ($is_multirow) { $result[$key][] = $row; } elseif (!isset($result[$key])) { $result[$key] = $row; } } db_free_result($p_result); } return $result; } # # Generate unique id # $type - one character # Currently used types: # U - for users (anonymous) # function func_genid($type) { global $sql_tbl; db_query("INSERT INTO $sql_tbl[counters] (type) VALUES ('$type')"); $value = db_insert_id(); if ($value < 1) trigger_error("Cannot generate unique id", E_USER_ERROR); db_query("DELETE FROM $sql_tbl[counters] WHERE type='$type' AND value<'$value'"); return $value; } # # Generate SQL-query relations # function func_generate_joins($joins, $parent = false) { $str = ''; foreach ($joins as $jname => $j) { if ((!empty($parent) && $parent != $j['parent']) || (empty($parent) && !empty($j['parent']))) continue; $str .= func_build_join($jname, $j); unset($joins[$jname]); list($js, $tmp) = func_generate_joins($joins, (empty($j['tblname']) ? $jname : $j['tblname'])); $str .= $tmp; $keys = array_diff(array_keys($joins), array_keys($js)); if (!empty($keys)) { foreach ($joins as $k => $v) { if (in_array($k, $keys)) unset($joins[$k]); } } } if (empty($parent) && !empty($joins)) { foreach ($joins as $jname => $j) { $str .= func_build_join($jname, $j); } unset($joins); } if ($parent === false) return $str; else return array($joins, $str); } # # Get [LEFT | INNER] JOIN string # function func_build_join($jname, $join) { global $sql_tbl; $str = " ".($join['is_inner'] ? "INNER" : "LEFT")." JOIN "; if (!empty($join['tblname'])) { $str .= $sql_tbl[$join['tblname']]." as ".$jname; } else { $str .= $sql_tbl[$jname]; } $str .= " ON ".$join['on']; return $str; } # # Check table fields names # function func_check_tbl_fields($tbl, $fields) { static $storage = array(); global $sql_tbl; if (empty($fields)) return; if (!is_array($fields)) func_header_location("error_message.php?access_denied&id=77"); if (!is_array($tbl)) $tbl = array($tbl); $fields_orig = array(); foreach ($tbl as $t) { if (isset($sql_tbl[$t])) $t = $sql_tbl[$t]; if (!isset($storage[$t])) { $storage[$t] = func_query_column("SHOW FIELDS FROM ".$t); if (empty($storage[$t])) func_header_location("error_message.php?access_denied&id=78"); } $fields_orig = func_array_merge($fields_orig, $storage[$t]); } $fields_orig = array_unique($fields_orig); $res = array_diff($fields, $fields_orig); if (!empty($res)) func_header_location("error_message.php?access_denied&id=79"); } ?> /*****************************************************************************\ +-----------------------------------------------------------------------------+ | X-Cart | | Copyright (c) 2001-2007 Ruslan R. Fazliev | | All rights reserved. | +-----------------------------------------------------------------------------+ | PLEASE READ THE FULL TEXT OF SOFTWARE LICENSE AGREEMENT IN THE "COPYRIGHT" | | FILE PROVIDED WITH THIS DISTRIBUTION. THE AGREEMENT TEXT IS ALSO AVAILABLE | | AT THE FOLLOWING URL: http://www.x-cart.com/license.php | | | | THIS AGREEMENT EXPRESSES THE TERMS AND CONDITIONS ON WHICH YOU MAY USE | | THIS SOFTWARE PROGRAM AND ASSOCIATED DOCUMENTATION THAT RUSLAN R. | | FAZLIEV (hereinafter referred to as "THE AUTHOR") IS FURNISHING OR MAKING | | AVAILABLE TO YOU WITH THIS AGREEMENT (COLLECTIVELY, THE "SOFTWARE"). | | PLEASE REVIEW THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT | | CAREFULLY BEFORE INSTALLING OR USING THE SOFTWARE. BY INSTALLING, | | COPYING OR OTHERWISE USING THE SOFTWARE, YOU AND YOUR COMPANY | | (COLLECTIVELY, "YOU") ARE ACCEPTING AND AGREEING TO THE TERMS OF THIS | | LICENSE AGREEMENT. IF YOU ARE NOT WILLING TO BE BOUND BY THIS | | AGREEMENT, DO NOT INSTALL OR USE THE SOFTWARE. VARIOUS COPYRIGHTS AND | | OTHER INTELLECTUAL PROPERTY RIGHTS PROTECT THE SOFTWARE. THIS | | AGREEMENT IS A LICENSE AGREEMENT THAT GIVES YOU LIMITED RIGHTS TO USE | | THE SOFTWARE AND NOT AN AGREEMENT FOR SALE OR FOR TRANSFER OF TITLE.| | THE AUTHOR RETAINS ALL RIGHTS NOT EXPRESSLY GRANTED BY THIS AGREEMENT. | | | | The Initial Developer of the Original Code is Ruslan R. Fazliev | | Portions created by Ruslan R. Fazliev are Copyright (C) 2001-2007 | | Ruslan R. Fazliev. All Rights Reserved. | +-----------------------------------------------------------------------------+ \*****************************************************************************/ # # $Id: config.php,v 1.409.2.9 2007/08/22 13:38:46 max Exp $ # # Configuration settings # if (!defined('XCART_START')) { header("Location: index.php"); die("Access denied"); } # # SQL database details # # This section sets up a connection between X-Cart shopping cart software # and your MySQL database. If X-Cart is installed using Web installation, the # variables of this section are configured via the Installation Wizard. If you # install X-Cart manually, or if, after X-Cart has been installed, your MySQL # server information changes, use this section to provide database access # information manually. # # $sql_host - DNS name or IP of your MySQL server; # $sql_user - MySQL user name; # $sql_db - MySQL database name; # $sql_password - MySQL password. # $sql_host ='localhost'; $sql_user ='dbo262511869'; $sql_db ='db262511869'; $sql_password ='MkB.PfCM'; # # X-Cart HTTP & HTTPS host and web directory # # This section defines the location of your X-Cart installation. If X-Cart is # installed using Web installation, the variables of this section are # configured via the Installation Wizard. If you install X-Cart manually, use # this section to provide your web server details manually. # # $xcart_http_host - Host name of the server on which your X-Cart software is # to be installed; # $xcart_https_host - Host name of the secure server that will provide access # to your X-Cart-based store via the HTTPS protocol; # $xcart_web_dir - X-Cart web directory. # # NOTE: # The variables $xcart_http_host and $xcart_https_host must contain hostnames # ONLY (no http:// or https:// prefixes, no trailing slashes). # # Web dir is the directory where your X-Cart is installed as seen from the Web, # not the file system. # # Web dir must start with a slash and have no slash at the end. An exception to # this rule is when you install X-Cart in the site root, in which case you need # to leave the variable empty. # # EXAMPLE 1: # $xcart_http_host ="www.yourhost.com"; # $xcart_https_host ="www.securedirectories.com/yourhost.com"; # $xcart_web_dir ="/xcart"; # will result in the following URLs: # http://www.yourhost.com/xcart # https://www.securedirectories.com/yourhost.com/xcart # # EXAMPLE 2: # $xcart_http_host ="www.yourhost.com"; # $xcart_https_host ="www.yourhost.com"; # $xcart_web_dir =""; # will result in the following URLs: # http://www.yourhost.com/ # https://www.yourhost.com/ # $xcart_http_host ="www.bphenergy.com"; $xcart_https_host ="www.bphenergy.com"; $xcart_web_dir =""; # Storing Customers' Credit Card Info # # The variable $store_cc defines whether you want the credit card info provided # by your customers at checkout to be stored in the database or not. # The credit card info that can be stored includes: # - Cardholder's name; # - Card type; # - Card number; # - Valid from (for certain card types); # - Exp. date; # - Issue No (for certain card types). # # Admissible values for $store_cc are 'true' and 'false': # 'true' - X-Cart will store your customers' credit card info in the order # details and user profiles; # 'false' - X-Cart will not store your customers' credit card info anywhere. # # NOTE: # If you are going to use 'Subscription' module, set $store_cc to 'true'. # $store_cc = true; # Storing CVV2 codes # # The variable $store_cvv2 defines whether you want the CVV2 codes of your # customers' credit cards to be stored in the database or not. # # Admissible values for $store_cvv2 are 'true' and 'false': # 'true' - X-Cart will store the CVV2 codes of your customers' credit cards # in the order details and user profiles; # 'false' - X-Cart will not store the CVV2 codes of your customers' credit # cards anywhere. # # NOTE: # VISA International does not recommend storing CVV2 codes along with credit # card numbers. # If you are going to use 'Subscription' module, set $store_cvv2 to 'true'. # $store_cvv2 = false; # Storing Customers' Checking Account Details # # The variable $store_ch defines whether you want your customers checking # account details to be stored in the database or not. # The checking account details that can be stored include: # - Bank account number; # - Bank routing number; # - Fraction number. # # If Direct Debit is used then Account owner name is stored instead of Fraction number. # # Admissible values for $store_ch are 'true' and 'false': # 'true' - X-Cart will store your customers' checking account details in the # order details; # 'false' - X-Cart will not store your customers' checking account details # anywhere. # $store_ch = true; # # Default images # # The variable $default_image defines which image file should be used as the # default "No image available" picture (a picture that will appear in the # place of any missing image in your X-Cart-based store if no other "No image # available"-type picture is defined for that case). # $default_image = "default_image.gif"; # # The variable $shop_closed_file defines which HTML page should be displayed # to anyone trying to access the Customer zone of your store when the store is # closed for maintenance. # $shop_closed_file = "shop_closed.html"; # # Single Store mode (X-Cart PRO only) # # The variable $single_mode allows you to enable/disable Single Store mode if # your store is based on X-Cart PRO. Single Store mode is an operation mode in # which your store represents a unified environment shared by multiple # providers in such a way that any provider can edit the products of the other # providers, and shipping rates, discounts, taxes, discount coupons, etc are # the same for all the providers. # # Admissible values for $single_mode are 'true' and 'false': # 'true' - enables Single Store mode; # 'false' - puts your store into normal mode where each of your providers can # control his own products only and can have shipping rates, discounts, taxes, # etc different from those of the other providers. # # NOTE: # If your store is based on X-Cart GOLD, $single_mode must be set to 'true' at # all times. $single_mode = true; # # FedEx Rates directory # #The variable $fedex_default_rates_dir defines the location of the directory # where files for the calculation of FedEx shipping rates are stored. # $fedex_default_rates_dir = $xcart_dir.DIRECTORY_SEPARATOR."shipping".DIRECTORY_SEPARATOR."FedEx".DIRECTORY_SEPARATOR; # # Temporary directories # $var_dirs = array ( "tmp" => $xcart_dir."/var/tmp", "templates_c" => $xcart_dir."/var/templates_c", "upgrade" => $xcart_dir."/var/upgrade" ); $var_dirs_web = array ( ); # # Log directory # # The variable $var_dirs["log"] defines the location of the directory where X-Cart log # files are stored. # $var_dirs["log"] = $xcart_dir."/var/log"; # # Cache directory # # The variable $var_dirs["cache"] defines the location of the directory where # X-Cart cache files are stored. # $var_dirs["cache"] = $xcart_dir."/var/cache"; $var_dirs_web["cache"] = "/var/cache"; # # Export directory # # The variable $export_dir defines the location of X-Cart export directory # (a directory on X-Cart server to which the CSV files of export packs are # stored). # $export_dir = $var_dirs["tmp"]; # # # DO NOT CHANGE ANYTHING BELOW THIS LINE UNLESS # YOU REALLY KNOW WHAT ARE YOU DOING # # # # Comma separated list of IP for access to admin area # Leave empty for unrestricted access. # E.g.: # 1) access is unrestricted: # $admin_allowed_ip = ""; # 2) access allowed only from IP 192.168.0.1 and 127.0.0.1: # $admin_allowed_ip = "192.168.0.1, 127.0.0.1"; # $admin_allowed_ip = ""; # # Automatic repair of the broken indexes in mySQL tables # $mysql_autorepair = true; # # Caching # # The constant USE_DATA_CACHE defines whether you want to use data caching in # your store. # Admissible values for USE_DATA_CACHE are 'true' and 'false'. # By default, the value of this constant is set to 'true'. You can set it to # 'false' if you experience problems using the store with caching enabled # (for example, if you get some kind of error regarding a file in the /var/cache # directory of your X-Cart installation). # define("USE_DATA_CACHE", true); # # The constant SECURITY_BLOCK_UNKNOWN_ADMIN_IP allows you to enable a # functionality that will prevent usage of your store's back-end from IP # addresses unknown to the system. # define("SECURITY_BLOCK_UNKNOWN_ADMIN_IP", false); # # The constant USE_SESSION_HISTORY allows you to enable synchronization of # user sessions on the main website of your store and on domain aliases. # define("USE_SESSION_HISTORY", true); # # The constant FORM_ID_ORDER_LENGTH sets the length for the list of unique # form identifiers. A unique form identifier ensures that a form is valid # and serves as a protection from CSRF attacks. If FORM_ID_ORDER_LENGTH is # not declared or is set to a non-numeric value or a value less than 1, # it's value will be set to 100. # define("FORM_ID_ORDER_LENGTH", 100); # # The constant FRAME_NOT_ALLOWED forbids calling X-Cart in IFRAME / FRAME tags. # If you do not use X-Cart in any pages where X-Cart is displayed through a # frame, this option can be enabled to enhance security. This option prevents # attacks in which the attacker displays X-Cart through a frame and, using web # browser vulnerabilities, intercepts the information being entered in it. # define("FRAME_NOT_ALLOWED", false); ############################################################ # THE ERRORS TRACKING CODE ############################################################ # # Turning on/off the debug mode # 0 - no debug info; # 1 - display error (and exit script - for SQL errors); # 2 - write errors to the log file (templates_c/xerrors.log) # 3 - display error and write it to the log file. # $debug_mode = 3; # # Error reporting level: # if ($debug_mode) $x_error_reporting = E_ALL ^ E_NOTICE; else $x_error_reporting = 0; ############################################################ # / THE ERRORS TRACKING CODE ############################################################ # # Demo mode - protects the pages essential for the functioning of X-Cart # from potentially harmful modifications # $admin_safe_mode = false; # # Files directory # $files_dir = "/files"; $files_webdir = "/files"; # # Templates repository # where original templates are located for "restore" facility # $templates_repository_dir = "/skin1_original"; # # Store sessions data in database # # # Select the sessions mechanism: # 1 - PHP sessions data is stored on the file system # 2 - PHP sessions data is stored on the MySQL database # 3 - X-Cart internal sessions mechanism is used (highly recommended) $use_sessions_type = 3; # # Set the session name here # $XCART_SESSION_NAME = "xid"; # # Session duration (in seconds) # $use_session_length = 3600; # # Search by separate words # # Maximum number of words that can be searched for when search by separate # words is enabled # (Expressions enclosed in double-quote marks are treated as single words) # $search_word_limit = 10; # # Minimum word length (minimum number of significant characters a word must # have to be considered a word) when search by separate words is enabled # $search_word_length_limit = 2; # # Skin configuration file # $skin_config_file = "skin1.conf"; # # Anonimous user name # $anonymous_username_prefix="anonymous"; # # Anonymous user password # $anonymous_password="42a51f1538a39636879414b681dd7df6"; # # License # $license ='5DCD0D39'; ################################################################################ # NEVER CHANGE THE SETTINGS BELOW THIS LINE MANUALLY ################################################################################ # # The variable $blowfish_key contains your Blowfish encryption key automatically # generated by X-Cart during installation. This key is used to encrypt all the # sensitive data in your store including user passwords, credit card data, etc. # # NEVER try to change your Blowfish encryption key by editing the value of the # $blowfish_key variable in this file: your data is already encrypted with this # key and X-Cart needs exactly the same key to be able to decrypt it. Changing # $blowfish_key manually will corrupt all the user passwords (including the # administrator's password), so you will not be able to use the store. # # Please be aware that a lost Blowfish key cannot be restored, so X-Cart team # will not be able to help you regain access to your store if you remove or # change the value of $blowfish_key. # # It is quite safe to use X-Cart with the Blowfish key generated during # installation; however, if you still want to change it, please refer to # X-Cart Reference Manual or contact X-Cart Tech Support for details. # $blowfish_key ='010f63a807c2085169cbb2d663c89625'; # # WARNING : # Please ensure that you have no whitespaces or empty lines below this message. # Adding a whitespace or an empty line below this line will cause a PHP error. # ?>