$v) { if(is_array($v)) stripslashes_recursively($array[$k]); else $array[$k] = stripslashes($v); } } /** * A blank HTTP_HOST value is used to detect command-line execution. * We update the $_SERVER variable to contain data consistent with the rest of the application. */ if(!isset($_SERVER['HTTP_HOST'])) { // HTTP_HOST, REQUEST_PORT, SCRIPT_NAME, and PHP_SELF if(isset($_FILE_TO_URL_MAPPING)) { $fullPath = $testPath = realpath($_SERVER['SCRIPT_FILENAME']); while($testPath && $testPath != '/' && !preg_match('/^[A-Z]:\\\\$/', $testPath)) { if(isset($_FILE_TO_URL_MAPPING[$testPath])) { $url = $_FILE_TO_URL_MAPPING[$testPath] . str_replace(DIRECTORY_SEPARATOR, '/', substr($fullPath,strlen($testPath))); $components = parse_url($url); $_SERVER['HTTP_HOST'] = $components['host']; if(!empty($components['port'])) $_SERVER['HTTP_HOST'] .= ':' . $components['port']; $_SERVER['SCRIPT_NAME'] = $_SERVER['PHP_SELF'] = $components['path']; if(!empty($components['port'])) $_SERVER['REQUEST_PORT'] = $components['port']; break; } $testPath = dirname($testPath); } } // Everything else $serverDefaults = array( 'SERVER_PROTOCOL' => 'HTTP/1.1', 'HTTP_ACCEPT' => 'text/plain;q=0.5', 'HTTP_ACCEPT_LANGUAGE' => '*;q=0.5', 'HTTP_ACCEPT_ENCODING' => '', 'HTTP_ACCEPT_CHARSET' => 'ISO-8859-1;q=0.5', 'SERVER_SIGNATURE' => 'Command-line PHP/' . phpversion(), 'SERVER_SOFTWARE' => 'PHP/' . phpversion(), 'SERVER_ADDR' => '127.0.0.1', 'REMOTE_ADDR' => '127.0.0.1', 'REQUEST_METHOD' => 'GET', 'HTTP_USER_AGENT' => 'CLI', ); $_SERVER = array_merge($serverDefaults, $_SERVER); /** * If we have an HTTP_HOST value, then we're being called from the webserver and there are some things that * need checking */ } else { /** * Fix magic quotes setting */ if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) { if($_REQUEST) stripslashes_recursively($_REQUEST); if($_GET) stripslashes_recursively($_GET); if($_POST) stripslashes_recursively($_POST); } /** * Fix HTTP_HOST from reverse proxies */ if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) { // Get the first host, in case there's multiple separated through commas $_SERVER['HTTP_HOST'] = strtok($_SERVER['HTTP_X_FORWARDED_HOST'], ','); } } /** * Define system paths */ if(!defined('BASE_PATH')) { // Assuming that this file is framework/core/Core.php we can then determine the base path $candidateBasePath = rtrim(dirname(dirname(dirname(__FILE__))), DIRECTORY_SEPARATOR); // We can't have an empty BASE_PATH. Making it / means that double-slashes occur in places but that's benign. // This likely only happens on chrooted environemnts if($candidateBasePath == '') $candidateBasePath = DIRECTORY_SEPARATOR; define('BASE_PATH', $candidateBasePath); } if(!defined('BASE_URL')) { // Determine the base URL by comparing SCRIPT_NAME to SCRIPT_FILENAME and getting common elements $path = realpath($_SERVER['SCRIPT_FILENAME']); if(substr($path, 0, strlen(BASE_PATH)) == BASE_PATH) { $urlSegmentToRemove = substr($path, strlen(BASE_PATH)); if(substr($_SERVER['SCRIPT_NAME'], -strlen($urlSegmentToRemove)) == $urlSegmentToRemove) { $baseURL = substr($_SERVER['SCRIPT_NAME'], 0, -strlen($urlSegmentToRemove)); define('BASE_URL', rtrim($baseURL, DIRECTORY_SEPARATOR)); } } // If that didn't work, failover to the old syntax. Hopefully this isn't necessary, and maybe // if can be phased out? if(!defined('BASE_URL')) { $dir = (strpos($_SERVER['SCRIPT_NAME'], 'index.php') !== false) ? dirname($_SERVER['SCRIPT_NAME']) : dirname(dirname($_SERVER['SCRIPT_NAME'])); define('BASE_URL', rtrim($dir, DIRECTORY_SEPARATOR)); } } /** * Ensure we have enough memory */ //increase_memory_limit_to('64M'); /** * Ensure we don't run into xdebug's fairly conservative infinite recursion protection limit */ //increase_xdebug_nesting_level_to(200); /** * Set default encoding */ mb_http_output('UTF-8'); mb_internal_encoding('UTF-8'); mb_regex_encoding('UTF-8'); /** * Enable better garbage collection */ //gc_enable(); /////////////////////////////////////////////////////////////////////////////// // Apache rewrite rules use this if (isset($_GET['url'])) { $url = $_GET['url']; // IIS includes get variables in url $i = strpos($url, '?'); if($i !== false) { $url = substr($url, 0, $i); } // Lighttpd uses this } else { if(strpos($_SERVER['REQUEST_URI'],'?') !== false) { list($url, $query) = explode('?', $_SERVER['REQUEST_URI'], 2); parse_str($query, $_GET); if ($_GET) $_REQUEST = array_merge((array)$_REQUEST, (array)$_GET); } else { $url = $_SERVER["REQUEST_URI"]; } } // Remove base folders from the URL if webroot is hosted in a subfolder if (substr(strtolower($url), 0, strlen(BASE_URL)) == strtolower(BASE_URL)) $url = substr($url, strlen(BASE_URL)); ######################################################## require_once('scripts/dbconnect.php'); require_once('scripts/misc_functions.php'); session_start(); //require_once('scripts/geolocation.php'); if($_GET['insurer']) $_SESSION['insurer']= addslashes($_GET['insurer']); //######### SHOPPING CART FUNCTION ########## function writeShoppingCart() { $cart = $_SESSION['cart']; if (!$cart) { return 'empty'; } else { // Parse the cart session variable $items = explode(',',$cart); $s = (count($items) > 1) ? 's':''; return count($items).' item'.$s; } } ######################################################## // Get settings for the site $query0 = "SELECT * FROM settings WHERE id = 1"; $result0 = mysql_query($query0); $num_results0 = mysql_num_rows($result0); $row0 = mysql_fetch_array($result0); $site_name = (stripslashes($row0['site_name'])); $site_desc = (stripslashes($row0['site_desc'])); $admin_email = (stripslashes($row0['admin_email'])); $enquiries_email = (stripslashes($row0['alt_email'])); // Direct away - this is the "main" function, that hands control to the appropriate controller function dbtablelookup($dbtable,$filename) { $query1 = "SELECT * FROM $dbtable WHERE filename = '$filename' AND active=1"; $result1 = mysql_query($query1); $num_results1 = mysql_num_rows($result1); $row1 = mysql_fetch_array($result1); $id = (stripslashes($row1['id'])); $filename = (stripslashes($row1['filename'])); $title = (stripslashes($row1['title'])); $metakeywords = (stripslashes($row1['metakeywords'])); $metadesc = (stripslashes($row1['metadesc'])); $heading = (stripslashes($row1['heading'])); $feature = (stripslashes($row1['feature'])); $sidebarimage = (stripslashes($row1['sidebarimage'])); $contents = (stripslashes($row1['contents'])); $product = (stripslashes($row1['product'])); $product_image = (stripslashes($row1['product_image'])); $product_desc = (stripslashes($row1['product_desc'])); $product_price = (stripslashes($row1['product_price'])); $sidebar_contents = (stripslashes($row1['sidebar_contents'])); $gallery_id = (stripslashes($row1['gallery_id'])); $slider = (stripslashes($row1['slider'])); $last_mod = (stripslashes($row1['last_mod'])); return array($id,$filename,$title,$metakeywords,$metadesc,$heading,$feature,$sidebarimage,$contents,$product,$product_image,$product_desc,$product_price,$sidebar_contents,$gallery_id,$slider,$last_mod); } // strip off preceeding forward slash if there is one... $firstchar = substr($url,0,1); if($firstchar == "/") $thispage = substr($url,1); else $thispage = $url; if(!$url) $thispage = "index"; elseif($url=="/") $thispage = "index"; $domain = $_SERVER['HTTP_HOST']; $domain = str_replace("http://","",$domain); $domain = str_replace("www.","",$domain); $_SESSION['lastpage'] = $thispage; //echo $_SESSION['lastpage']; //$contents = str_replace("/image","image",$contents); //$sidebar_contents = str_replace("/image","image",$sidebar_contents); $dbtable = "pages"; list($id,$filename,$title,$metakeywords,$metadesc,$heading,$feature,$sidebarimage,$contents,$product,$product_image,$product_desc,$product_price,$sidebar_contents,$gallery_id,$slider,$last_mod) = dbtablelookup($dbtable,$thispage); $heading_missing_str = "OOPS!"; $contents_missing_str = "

The '".$thispage."' page that you tried to access on this site either no longer exists or never existed.

"; $contents_missing_str .= "

Please use the menu, or search box, to navigate through our website.

"; $contents_missing_str .= "



road cone

"; $site_name = get_site_name(); $site_desc = get_site_desc(); ?> <? echo $title; ?> : <? echo $site_name; ?> - <? echo $site_desc; ?>

Referred by Insurer: ".$_GET['insurer']; ?>

 
".$subpages_str."
"; ?> 0 && $gallery_status==1 && $slider==0) include('scripts/gallery-script.php'); ?>