Untitled

<?php
/*
  $Id$

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2008 osCommerce

  Released under the GNU General Public License
*/

// start the timer for the page parse time log
  define('PAGE_PARSE_START_TIME', microtime());

// set the level of error reporting
  error_reporting(E_ALL & ~E_NOTICE);

//the following three lines are for TESTING errors purposes ONLY, remove from final code
    //error_reporting(E_ALL);
    //ini_set('display_errors','1');
    //ini_set('display_startup_errors','1');

// KISS Error Handling & Debugging by FWR Media
  include_once ('includes/kiss_error_handler.php');

// check support for register_globals
  if (function_exists('ini_get') && (ini_get('register_globals') == false) && (PHP_VERSION < 4.3) ) {
    exit('Server Requirement Error: register_globals is disabled in your PHP configuration. This can be enabled in your php.ini configuration file or in the .htaccess file in your catalog directory. Please use PHP 4.3+ if register_globals cannot be enabled on the server.');
  }

// load server configuration parameters
  if (file_exists('includes/local/configure.php')) { // for developers
    include('includes/local/configure.php');
  } else {
    include('includes/configure.php');
  }

  if (strlen(DB_SERVER) < 1) {
    if (is_dir('install')) {
      header('Location: install/index.php');
    }
  }

// define the project version --- obsolete, now retrieved with tep_get_version()
  define('PROJECT_VERSION', 'osCommerce Online Merchant v2.3');

// some code to solve compatibility issues
  require(DIR_WS_FUNCTIONS . 'compatibility.php');

// set the type of request (secure or not)
  $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

// kdm define special general functions
  require(DIR_WS_FUNCTIONS . 'gfc_general.php');

// set php_self in the local scope
  $req = parse_url($HTTP_SERVER_VARS['SCRIPT_NAME']);
  $PHP_SELF = substr($req['path'], ($request_type == 'NONSSL') ? strlen(DIR_WS_HTTP_CATALOG) : strlen(DIR_WS_HTTPS_CATALOG));

  if ($request_type == 'NONSSL') {
    define('DIR_WS_CATALOG', DIR_WS_HTTP_CATALOG);
  } else {
    define('DIR_WS_CATALOG', DIR_WS_HTTPS_CATALOG);
  }

// include the list of project filenames
  require(DIR_WS_INCLUDES . 'filenames.php');

// include the list of project database tables
  require(DIR_WS_INCLUDES . 'database_tables.php');

// include the database functions
  require(DIR_WS_FUNCTIONS . 'database.php');

// make a connection to the database... now
  tep_db_connect() or die('Unable to connect to database server!');

// set the application parameters
  $configuration_query = tep_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION);
  while ($configuration = tep_db_fetch_array($configuration_query)) {
    define($configuration['cfgKey'], $configuration['cfgValue']);
  }

// if gzip_compression is enabled, start to buffer the output
  if ( (GZIP_COMPRESSION == 'true') && ($ext_zlib_loaded = extension_loaded('zlib')) && !headers_sent() ) {
    if (($ini_zlib_output_compression = (int)ini_get('zlib.output_compression')) < 1) {
      if (PHP_VERSION < '5.4' || PHP_VERSION > '5.4.5') { // see PHP bug 55544
        if (PHP_VERSION >= '4.0.4') {
          ob_start('ob_gzhandler');
        } elseif (PHP_VERSION >= '4.0.1') {
          include(DIR_WS_FUNCTIONS . 'gzip_compression.php');
          ob_start();
          ob_implicit_flush();
        }
      }
    } elseif (function_exists('ini_set')) {
      ini_set('zlib.output_compression_level', GZIP_LEVEL);
    }
  }

// set the HTTP GET parameters manually if search_engine_friendly_urls is enabled
  if (SEARCH_ENGINE_FRIENDLY_URLS == 'true') {
    if (strlen(getenv('PATH_INFO')) > 1) {
      $GET_array = array();
      $PHP_SELF = str_replace(getenv('PATH_INFO'), '', $PHP_SELF);
      $vars = explode('/', substr(getenv('PATH_INFO'), 1));
      do_magic_quotes_gpc($vars);
      for ($i=0, $n=sizeof($vars); $i<$n; $i++) {
        if (strpos($vars[$i], '[]')) {
          $GET_array[substr($vars[$i], 0, -2)][] = $vars[$i+1];
        } else {
          $HTTP_GET_VARS[$vars[$i]] = $vars[$i+1];
        }
        $i++;
      }

      if (sizeof($GET_array) > 0) {
        while (list($key, $value) = each($GET_array)) {
          $HTTP_GET_VARS[$key] = $value;
        }
      }
    }
  }

// define general functions used application-wide
  require(DIR_WS_FUNCTIONS . 'general.php');
  require(DIR_WS_FUNCTIONS . 'html_output.php');

// set the cookie domain
  $cookie_domain = (($request_type == 'NONSSL') ? HTTP_COOKIE_DOMAIN : HTTPS_COOKIE_DOMAIN);
  $cookie_path = (($request_type == 'NONSSL') ? HTTP_COOKIE_PATH : HTTPS_COOKIE_PATH);

// include cache functions if enabled
  if (USE_CACHE == 'true') include(DIR_WS_FUNCTIONS . 'cache.php');

// include shopping cart class
  require(DIR_WS_CLASSES . 'shopping_cart.php');

// include wishlist class
  require(DIR_WS_CLASSES . 'wishlist.php');

// include navigation history class
  require(DIR_WS_CLASSES . 'navigation_history.php');

// define how the session functions will be used
  require(DIR_WS_FUNCTIONS . 'sessions.php');

// set the session name and save path
  tep_session_name('osCsid');
  tep_session_save_path(SESSION_WRITE_DIRECTORY);

// HMCS: Begin Autologon
// Determine if cookies are enabled
  setcookie("TEMPCOOKIE", "CookieOn", time() + 60 * 60);
  $cookieinfo = $HTTP_COOKIE_VARS["TEMPCOOKIE"];
  if ($cookieinfo == "CookieOn") {
    global $cookies_on;
    $cookies_on = true;
  }
// HMCS: End Autologon

// set the session cookie parameters
   if (function_exists('session_set_cookie_params')) {
    session_set_cookie_params(0, $cookie_path, $cookie_domain);
  } elseif (function_exists('ini_set')) {
    ini_set('session.cookie_lifetime', '0');
    ini_set('session.cookie_path', $cookie_path);
    ini_set('session.cookie_domain', $cookie_domain);
  }

  @ini_set('session.use_only_cookies', (SESSION_FORCE_COOKIE_USE == 'True') ? 1 : 0);

// set the session ID if it exists
   if ( SESSION_FORCE_COOKIE_USE == 'False' ) {
        if ( isset($HTTP_GET_VARS[tep_session_name()]) && (!isset($HTTP_COOKIE_VARS[tep_session_name()]) || ($HTTP_COOKIE_VARS[tep_session_name()] != $HTTP_GET_VARS[tep_session_name()])) ) {
        tep_session_id($HTTP_GET_VARS[tep_session_name()]);
        } elseif ( isset($HTTP_POST_VARS[tep_session_name()]) && (!isset($HTTP_COOKIE_VARS[tep_session_name()]) || ($HTTP_COOKIE_VARS[tep_session_name()] != $HTTP_POST_VARS[tep_session_name()])) ) {
            tep_session_id($HTTP_POST_VARS[tep_session_name()]);
        }
    }

// start the session
  $session_started = false;
  if (SESSION_FORCE_COOKIE_USE == 'True') {
    tep_setcookie('cookie_test', 'please_accept_for_session', time()+60*60*24*30, $cookie_path, $cookie_domain);

    if (isset($HTTP_COOKIE_VARS['cookie_test'])) {
      tep_session_start();
      $session_started = true;
    }
  } elseif (SESSION_BLOCK_SPIDERS == 'True') {
    $user_agent = strtolower(getenv('HTTP_USER_AGENT'));
    $spider_flag = false;

    if (tep_not_null($user_agent)) {
      $spiders = file(DIR_WS_INCLUDES . 'spiders.txt');

      for ($i=0, $n=sizeof($spiders); $i<$n; $i++) {
        if (tep_not_null($spiders[$i])) {
          if (is_integer(strpos($user_agent, trim($spiders[$i])))) {
            $spider_flag = true;
            break;
          }
        }
      }
    }

    if ($spider_flag == false) {
      tep_session_start();
      $session_started = true;
    }
  } else {
    tep_session_start();
    $session_started = true;
  }

  //HTTP_REFERER
  if (!$referer_url) {
    if ($HTTP_SERVER_VARS['HTTP_REFERER']) {
    $referer_url = $HTTP_SERVER_VARS['HTTP_REFERER'];
    tep_session_register('referer_url');
    }
  }

  if ( ($session_started == true) && (PHP_VERSION >= 4.3) && function_exists('ini_get') && (ini_get('register_globals') == false) ) {
    extract($_SESSION, EXTR_OVERWRITE+EXTR_REFS);
  }

// initialize a session token
  if (!tep_session_is_registered('sessiontoken')) {
    $sessiontoken = md5(tep_rand() . tep_rand() . tep_rand() . tep_rand());
    tep_session_register('sessiontoken');
  }

// set SID once, even if empty
  $SID = (defined('SID') ? SID : '');

// verify the ssl_session_id if the feature is enabled
  if ( ($request_type == 'SSL') && (SESSION_CHECK_SSL_SESSION_ID == 'True') && (ENABLE_SSL == true) && ($session_started == true) ) {
    $ssl_session_id = getenv('SSL_SESSION_ID');
    if (!tep_session_is_registered('SSL_SESSION_ID')) {
      $SESSION_SSL_ID = $ssl_session_id;
      tep_session_register('SESSION_SSL_ID');
    }

    if ($SESSION_SSL_ID != $ssl_session_id) {
      tep_session_destroy();
      tep_redirect(tep_href_link(FILENAME_SSL_CHECK));
    }
  }

// verify the browser user agent if the feature is enabled
  if (SESSION_CHECK_USER_AGENT == 'True') {
    $http_user_agent = getenv('HTTP_USER_AGENT');
    if (!tep_session_is_registered('SESSION_USER_AGENT')) {
      $SESSION_USER_AGENT = $http_user_agent;
      tep_session_register('SESSION_USER_AGENT');
    }

    if ($SESSION_USER_AGENT != $http_user_agent) {
      tep_session_destroy();
      tep_redirect(tep_href_link(FILENAME_LOGIN));
    }
  }

// verify the IP address if the feature is enabled
  if (SESSION_CHECK_IP_ADDRESS == 'True') {
    $ip_address = tep_get_ip_address();
    if (!tep_session_is_registered('SESSION_IP_ADDRESS')) {
      $SESSION_IP_ADDRESS = $ip_address;
      tep_session_register('SESSION_IP_ADDRESS');
    }

    if ($SESSION_IP_ADDRESS != $ip_address) {
      tep_session_destroy();
      tep_redirect(tep_href_link(FILENAME_LOGIN));
    }
  }

// create the shopping cart
  if (!tep_session_is_registered('cart') || !is_object($cart)) {
    tep_session_register('cart');
    $cart = new shoppingCart;
  }

// include currencies class and create an instance
  require(DIR_WS_CLASSES . 'currencies.php');
  $currencies = new currencies();

// BOF qpbpp 2.0
// include the price formatter classes for the price breaks contribution
  require(DIR_WS_CLASSES . 'PriceFormatter.php');
  $pf = new PriceFormatter;
  require(DIR_WS_CLASSES . 'PriceFormatterStore.php');
  $pfs = new PriceFormatterStore;
// EOF qpbpp 2.0

// include the mail classes
  require(DIR_WS_CLASSES . 'mime.php');
  require(DIR_WS_CLASSES . 'email.php');

// set the language
  if (!tep_session_is_registered('language') || isset($HTTP_GET_VARS['language'])) {
    if (!tep_session_is_registered('language')) {
      tep_session_register('language');
      tep_session_register('languages_id');
    }

    include(DIR_WS_CLASSES . 'language.php');
    $lng = new language();

    if (isset($HTTP_GET_VARS['language']) && tep_not_null($HTTP_GET_VARS['language'])) {
      $lng->set_language($HTTP_GET_VARS['language']);
    } else {
      $lng->get_browser_language();
    }

    $language = $lng->language['directory'];
    $languages_id = $lng->language['id'];
  }

// include the language translations
  $_system_locale_numeric = setlocale(LC_NUMERIC, 0);
  require(DIR_WS_LANGUAGES . $language . '.php');
  setlocale(LC_NUMERIC, $_system_locale_numeric); // Prevent LC_ALL from setting LC_NUMERIC to a locale with 1,0 float/decimal values instead of 1.0 (see bug #634)

// include the cName and pName cache file
  include(DIR_WS_INCLUDES . 'seo_cache.php');

  if (isset($HTTP_GET_VARS['cName']) && defined(urldecode($HTTP_GET_VARS['cName']))) {
    $cPath = str_replace('cPath=', '', constant(urldecode($HTTP_GET_VARS['cName'])));
    $HTTP_GET_VARS['cPath'] = $cPath;
  }

  if (isset($HTTP_GET_VARS['pName']) && defined(urldecode($HTTP_GET_VARS['pName']))) {
    $pid = str_replace('products_id=', '', constant(urldecode($HTTP_GET_VARS['pName'])));
    $HTTP_GET_VARS['products_id'] = (int)$pid;
  }

// tax class
    require(DIR_WS_CLASSES . 'tax.php');
    $osC_Tax = new osC_Tax;

// currency
  if (!tep_session_is_registered('currency') || isset($HTTP_GET_VARS['currency']) || ( (USE_DEFAULT_LANGUAGE_CURRENCY == 'true') && (LANGUAGE_CURRENCY != $currency) ) ) {
    if (!tep_session_is_registered('currency')) tep_session_register('currency');

    if (isset($HTTP_GET_VARS['currency']) && $currencies->is_set($HTTP_GET_VARS['currency'])) {
      $currency = $HTTP_GET_VARS['currency'];
    } else {
      $currency = ((USE_DEFAULT_LANGUAGE_CURRENCY == 'true') && $currencies->is_set(LANGUAGE_CURRENCY)) ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY;
    }
  }

// navigation history
  if (!tep_session_is_registered('navigation') || !is_object($navigation)) {
    tep_session_register('navigation');
    $navigation = new navigationHistory;
  }
  $navigation->add_current_page();

// infobox
  require(DIR_WS_CLASSES . 'boxes.php');

// initialize the message stack for output messages
  require(DIR_WS_CLASSES . 'message_stack.php');
  $messageStack = new messageStack;

// LINE ADDED - MOD: CREDIT CLASS Gift Voucher Contribution
  require(DIR_WS_FUNCTIONS . 'add_ccgvdc_application_top.php');  // ICW CREDIT CLASS Gift Voucher Addition
  require(DIR_WS_LANGUAGES . $language . '/add_ccgvdc.php'); // ICW CREDIT CLASS Gift Voucher Addition

// action recorder
  include('includes/classes/action_recorder.php');

// BOF: Down for Maintenance except for admin ip
if (EXCLUDE_ADMIN_IP_FOR_MAINTENANCE != getenv('REMOTE_ADDR')){
    if (DOWN_FOR_MAINTENANCE=='true' and !strstr($PHP_SELF,DOWN_FOR_MAINTENANCE_FILENAME)) { tep_redirect(tep_href_link(DOWN_FOR_MAINTENANCE_FILENAME)); }
    }
// do not let people get to down for maintenance page if not turned on
if (DOWN_FOR_MAINTENANCE=='false' and strstr($PHP_SELF,DOWN_FOR_MAINTENANCE_FILENAME)) {
    tep_redirect(tep_href_link(FILENAME_DEFAULT));
}
// EOF: WebMakers.com Added: Down for Maintenance

// wishlist data
  if(!tep_session_is_registered('wishList')) {
    tep_session_register('wishList');
    $wishList = new wishlist;
  }

//Wishlist actions (must be before shopping cart actions)
  if(isset($HTTP_POST_VARS['wishlist'])) {
    if(isset($HTTP_POST_VARS['products_id'])) {
        if(isset($HTTP_POST_VARS['id'])) {
            $attributes_id = $HTTP_POST_VARS['id'];
            tep_session_register('attributes_id');
        }
        $wishlist_id = $HTTP_POST_VARS['products_id'];
        tep_session_register('wishlist_id');
    }
    tep_redirect(tep_href_link(FILENAME_WISHLIST));
  }

// Shopping cart actions
  if (isset($HTTP_GET_VARS['action'])) {
// redirect the customer to a friendly cookie-must-be-enabled page if cookies are disabled
    if ($session_started == false) {
      tep_redirect(tep_href_link(FILENAME_COOKIE_USAGE));
    }

    if (DISPLAY_CART == 'true') {
      $goto =  FILENAME_SHOPPING_CART;
      $parameters = array('action', 'cPath', 'products_id', 'pid');
    } else {
      $goto = $PHP_SELF;
      if ($HTTP_GET_VARS['action'] == 'buy_now') {
// BOE: XSell
        if (isset($HTTP_GET_VARS['product_to_buy_id'])) {
        $parameters = array('action', 'pid', 'products_to_buy_id');
          } else {
        $parameters = array('action', 'pid', 'products_id');
          }
// EOE: XSell
      } else {
        $parameters = array('action', 'pid');
      }
    }
    switch ($HTTP_GET_VARS['action']) {
//BOF - Zappo - Option Types v2 JOLI BUG FIX FOR CLEAR CART TEXT FIELDS
      case 'clear_cart': $cart->remove_all();
     tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
    break;
//EOF - Zappo - Option Types v2 JOLI BUG FIX FOR CLEAR CART TEXT FIELDS
// customer wants to update the product quantity in their shopping cart
      case 'update_product' : for ($i=0, $n=sizeof($HTTP_POST_VARS['products_id']); $i<$n; $i++) {
                                if (in_array($HTTP_POST_VARS['products_id'][$i], (is_array($HTTP_POST_VARS['cart_delete']) ? $HTTP_POST_VARS['cart_delete'] : array()))) {
                                  $cart->remove($HTTP_POST_VARS['products_id'][$i]);
                                } else {
                                  $attributes = ($HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]]) ? $HTTP_POST_VARS['id'][$HTTP_POST_VARS['products_id'][$i]] : '';
                                  $cart->add_cart($HTTP_POST_VARS['products_id'][$i], $HTTP_POST_VARS['cart_quantity'][$i], $attributes, false);
                                }
                              }
                              tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));
                              break;
//BOF - Zappo - Option Types v2 - File uploading: Purge the Temporary Upload Dir
      case 'add_product' :    if (isset($HTTP_POST_VARS['products_id']) && is_numeric($HTTP_POST_VARS['products_id'])) {
                                $purgeDir = opendir(TMP_DIR) or die ('Could not open '.TMP_DIR);
                                while ($file = readdir($purgeDir)) {
                                  if ($file != ('.htaccess') && $file != ('.') && $file != ('..') && filemtime(TMP_DIR . $file) < strtotime(OPTIONS_TYPE_PURGETIME)) {
                                    unlink(TMP_DIR . $file);  // Delete file from server...
                                    tep_db_query("delete from " . TABLE_FILES_UPLOADED . " where files_uploaded_name = '" . $file . "'"); // Remove File's database entry....
                                  }
                                }
                                closedir($purgeDir);
                                //EOF - Zappo - Option Types v2 - File uploading: Purge the Temporary Upload Dir

                                //BOF - Zappo - Option Types v2 - ONE LINE - Set real_ids for processing
                                $real_ids = $HTTP_POST_VARS['id'];
                                //BOF - Zappo - Option Types v2 - File uploading: save uploaded files with unique file names, in the proper folder
                                if ($HTTP_POST_VARS['number_of_uploads'] > 0) {
                                  require(DIR_WS_CLASSES . 'upload.php');
                                  for ($i = 1; $i <= $HTTP_POST_VARS['number_of_uploads']; $i++) {
                                    $TEMP_FILE = $_FILES['id']['tmp_name'][TEXT_PREFIX . $HTTP_POST_VARS[UPLOAD_PREFIX . $i]];
                                    if (tep_not_null($TEMP_FILE) && $TEMP_FILE != 'none') {
                                      $products_options_file = new upload('id');
                                      //BOF - Zappo - Option Types v2 - Set Upload directory (Registered customers in Uploads, other in Temporary folder)
                                      if (tep_session_is_registered('customer_id')) {  // IF the customer is registered, use Upload Dir
                                        $products_options_file->set_destination(UPL_DIR);
                                      } else { // If the customer is not registered, use Temporary Dir
                                        $products_options_file->set_destination(TMP_DIR);
                                      }
                                      //EOF - Zappo - Option Types v2 - Set Upload directory (Registered customers in Uploads, other in Temporary folder) incl. RAIWA FIX!
                                      if ($products_options_file->parse(TEXT_PREFIX . $HTTP_POST_VARS[UPLOAD_PREFIX . $i])) {
                                        if (tep_session_is_registered('customer_id')) {
                                          tep_db_query("insert into " . TABLE_FILES_UPLOADED . " (sesskey, customers_id, files_uploaded_name, date) values('" . tep_session_id() . "', '" . $customer_id . "', '" . tep_db_input($products_options_file->filename) . "', '" . date("d-m-y") . "')");
                                        } else {
                                          tep_db_query("insert into " . TABLE_FILES_UPLOADED . " (sesskey, files_uploaded_name, date) values('" . tep_session_id() . "', '" . tep_db_input($products_options_file->filename) . "', '" . date("d-m-y") . "')");
                                          // @raiwa added 2 lines for guest file upload compatibility with OsC 2.3.
                                          $guestSessionID = tep_session_id();
                                          if (!tep_session_is_registered('guestSessionID')) tep_session_register('guestSessionID');
                                        }
                                        //BOF - Zappo - Option Types v2 - Set File Prefix
                                        if (OPTIONS_TYPE_FILEPREFIX == 'Database') {  //  Database ID as File prefix
                                          $insert_id = tep_db_insert_id() . '_';
                                        } else {  //  Date, time or both as File prefix (Change date formatting here)
                                          if (OPTIONS_TYPE_FILEPREFIX == 'Date' || OPTIONS_TYPE_FILEPREFIX == 'DateTime') {
                                            $insert_id = 'D'.date("d-m-y_");
                                          }
                                          $insert_id .= (OPTIONS_TYPE_FILEPREFIX == 'DateTime' || OPTIONS_TYPE_FILEPREFIX == 'Time') ? 'T'.date("H-i_") : '';
                                        }
                                        //EOF - Zappo - Option Types v2 - Set File Prefix
                                        // Update filename in Database with correct prefix (For comparing database names with real files)
                                        tep_db_query("update " . TABLE_FILES_UPLOADED . " set files_uploaded_name = '" . tep_db_input($insert_id . $products_options_file->filename) . "' where sesskey = '" . tep_session_id() . "' and files_uploaded_name = '" . tep_db_input($products_options_file->filename) . "' and date = '" . date("d-m-y") . "'");
                                        $real_ids[TEXT_PREFIX . $HTTP_POST_VARS[UPLOAD_PREFIX . $i]] = $insert_id . $products_options_file->filename;
                                        $products_options_file->set_filename($insert_id . $products_options_file->filename);
                                        if (!($products_options_file->save())) {
                                          break 2;
                                        }
                                      } else {
                                        break 2;
                                      }
                                    } else { // No file uploaded -- use previously uploaded file (From Dropdown)
                                      $real_ids[TEXT_PREFIX . $HTTP_POST_VARS[UPLOAD_PREFIX . $i]] = $HTTP_POST_VARS[TEXT_PREFIX . UPLOAD_PREFIX . $i];
                                    }
                                  }
                                }
                                //EOF - Zappo - Option Types v2 - File uploading: save uploaded files with unique file names, in the proper folder
                                //BOF - Zappo - Option Types v2 - ONE LINE - Replace the posted array with the processed one.
//BOF qpbpp 2.0
                                $cart->add_cart($HTTP_POST_VARS['products_id'], $cart->get_quantity(tep_get_uprid($HTTP_POST_VARS['products_id'], $real_ids))+$HTTP_POST_VARS['cart_quantity'], $real_ids);
//EOF qpbpp 2.0
                              }
                              tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));
                              break;
      // customer removes a product from their shopping cart
      case 'remove_product' : if (isset($HTTP_GET_VARS['products_id'])) {
                                $cart->remove($HTTP_GET_VARS['products_id']);
                              }
                              tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));
                              break;
      // performed by the 'buy now' button in product listings and review page
      // BOF: XSell
      case 'buy_now' :        if (isset($HTTP_GET_VARS['product_to_buy_id'])) {
                                if (tep_has_product_attributes($HTTP_GET_VARS['product_to_buy_id'])) {
                                  tep_redirect(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['product_to_buy_id']));
                                } else {
                                  $cart->add_cart($HTTP_GET_VARS['product_to_buy_id'], $cart->get_quantity($HTTP_GET_VARS['product_to_buy_id'])+1);
                                          }
                              } elseif (isset($HTTP_GET_VARS['products_id'])) {
// EOF: XSell
                                if (tep_has_product_attributes($HTTP_GET_VARS['products_id'])) {
                                tep_redirect(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['products_id']));
                                } else {
                                $cart->add_cart($HTTP_GET_VARS['products_id'], $cart->get_quantity($HTTP_GET_VARS['products_id'])+1);
                                }
                              }
                              tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));
                              break;
      case 'notify' :         if (tep_session_is_registered('customer_id')) {
                                if (isset($HTTP_GET_VARS['products_id'])) {
                                  $notify = $HTTP_GET_VARS['products_id'];
                                } elseif (isset($HTTP_GET_VARS['notify'])) {
                                  $notify = $HTTP_GET_VARS['notify'];
                                } elseif (isset($HTTP_POST_VARS['notify'])) {
                                  $notify = $HTTP_POST_VARS['notify'];
                                } else {
                                  tep_redirect(tep_href_link($PHP_SELF, tep_get_all_get_params(array('action', 'notify'))));
                                }
                                if (!is_array($notify)) $notify = array($notify);
                                for ($i=0, $n=sizeof($notify); $i<$n; $i++) {
                                  $check_query = tep_db_query("select count(*) as count from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . (int)$notify[$i] . "' and customers_id = '" . (int)$customer_id . "'");
                                  $check = tep_db_fetch_array($check_query);
                                  if ($check['count'] < 1) {
                                    tep_db_query("insert into " . TABLE_PRODUCTS_NOTIFICATIONS . " (products_id, customers_id, date_added) values ('" . (int)$notify[$i] . "', '" . (int)$customer_id . "', now())");
                                  }
                                }
                                tep_redirect(tep_href_link($PHP_SELF, tep_get_all_get_params(array('action', 'notify'))));
                              } else {
                                $navigation->set_snapshot();
                                tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
                              }
                              break;
      case 'notify_remove' :  if (tep_session_is_registered('customer_id') && isset($HTTP_GET_VARS['products_id'])) {
                                $check_query = tep_db_query("select count(*) as count from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and customers_id = '" . (int)$customer_id . "'");
                                $check = tep_db_fetch_array($check_query);
                                if ($check['count'] > 0) {
                                  tep_db_query("delete from " . TABLE_PRODUCTS_NOTIFICATIONS . " where products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and customers_id = '" . (int)$customer_id . "'");
                                }
                                tep_redirect(tep_href_link($PHP_SELF, tep_get_all_get_params(array('action'))));
                              } else {
                                $navigation->set_snapshot();
                                tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
                              }
                              break;
// re-order product segment
      case 'reorder' : $reorder_result = tep_reorder($_GET['order_id']);
                                if ($reorder_result == '') {
                                tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING));
                                } else {
                                echo $reorder_result;
                                }
                                break;
      case 'cust_order' :     if (tep_session_is_registered('customer_id') && isset($HTTP_GET_VARS['pid'])) {
                                if (tep_has_product_attributes($HTTP_GET_VARS['pid'])) {
                                  tep_redirect(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['pid']));
                                } else {
                                  $cart->add_cart($HTTP_GET_VARS['pid'], $cart->get_quantity($HTTP_GET_VARS['pid'])+1);
                                }
                              }
                              tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));
                              break;
    }
  }

//rmh referral start
// set the referral id
  if (!tep_session_is_registered('referral_id') || isset($HTTP_GET_VARS['ref'])) {
    if (!tep_session_is_registered('referral_id') && !tep_session_is_registered('customer_id')) {
      tep_session_register('referral_id');
    }

    if (isset($HTTP_GET_VARS['ref']) && tep_not_null($HTTP_GET_VARS['ref'])) {
      $referral_id = $HTTP_GET_VARS['ref'];
    } else {
      $referral_id = '';
    }
  }
//rmh referral end

// include the who's online functions
  require(DIR_WS_FUNCTIONS . 'whos_online.php');
  tep_update_whos_online();

// include the password crypto functions
  require(DIR_WS_FUNCTIONS . 'password_funcs.php');

// include validation functions (right now only email address)
  require(DIR_WS_FUNCTIONS . 'validations.php');

// split-page-results
  require(DIR_WS_CLASSES . 'split_page_results.php');

// auto activate and expire banners
  require(DIR_WS_FUNCTIONS . 'banner.php');
  tep_activate_banners();
  tep_expire_banners();

// auto expire special products
// BOF kdm specials maintenance
//  require(DIR_WS_FUNCTIONS . 'specials.php');
//  tep_expire_specials();
  require(DIR_WS_FUNCTIONS . FILENAME_SPECIALS_MAINTENANCE);
  gfc_start_specials();
  gfc_expire_specials();
// EOF kdm specials maintenance

// BOF: Featured Products
  require(DIR_WS_FUNCTIONS . 'featured.php');
  tep_expire_featured();
// EOF: Featured Products

  require(DIR_WS_CLASSES . 'osc_template.php');
  $oscTemplate = new oscTemplate();

// calculate category path
  if (isset($HTTP_GET_VARS['cPath'])) {
    $cPath = $HTTP_GET_VARS['cPath'];
  } elseif (isset($HTTP_GET_VARS['products_id']) && !isset($HTTP_GET_VARS['manufacturers_id'])) {
    $cPath = tep_get_product_path($HTTP_GET_VARS['products_id']);
  } else {
    $cPath = '';
  }

  if (tep_not_null($cPath)) {
    $cPath_array = tep_parse_category_path($cPath);
    $cPath = implode('_', $cPath_array);
    $current_category_id = $cPath_array[(sizeof($cPath_array)-1)];
  } else {
    $current_category_id = 0;
  }

// include the breadcrumb class and start the breadcrumb trail
  require(DIR_WS_CLASSES . 'breadcrumb.php');
  $breadcrumb = new breadcrumb;

  //$breadcrumb->add(HEADER_TITLE_TOP, HTTP_SERVER);
  $breadcrumb->add(HEADER_TITLE_HOME, HTTP_SERVER);
  $breadcrumb->add(HEADER_TITLE_CATALOG, tep_href_link(FILENAME_DEFAULT));

// add category names or the manufacturer name to the breadcrumb trail
  if (isset($cPath_array)) {
    for ($i=0, $n=sizeof($cPath_array); $i<$n; $i++) {
    // BOF Enable & Disable Categories
      $categories_query = tep_db_query("select categories_name from " . TABLE_CATEGORIES_DESCRIPTION . " cd left join " . TABLE_CATEGORIES . " c on cd.categories_id = c.categories_id where c.categories_status = '1' and cd.categories_id = '" . (int)$cPath_array[$i] . "' and language_id = '" . (int)$languages_id . "'");
    // EOF Enable & Disable Categories
      if (tep_db_num_rows($categories_query) > 0) {
        $categories = tep_db_fetch_array($categories_query);
        $breadcrumb->add($categories['categories_name'], tep_href_link(FILENAME_DEFAULT, 'cPath=' . implode('_', array_slice($cPath_array, 0, ($i+1)))));
      } else {
        break;
      }
    }
  } elseif (isset($HTTP_GET_VARS['manufacturers_id'])) {
    $manufacturers_query = tep_db_query("select manufacturers_name from " . TABLE_MANUFACTURERS . " where manufacturers_id = '" . (int)$HTTP_GET_VARS['manufacturers_id'] . "'");
    if (tep_db_num_rows($manufacturers_query)) {
      $manufacturers = tep_db_fetch_array($manufacturers_query);
      $breadcrumb->add($manufacturers['manufacturers_name'], tep_href_link(FILENAME_DEFAULT, 'manufacturers_id=' . $HTTP_GET_VARS['manufacturers_id']));
    }
  }

// add the products model to the breadcrumb trail
  if (isset($HTTP_GET_VARS['products_id'])) {
    // EOF Enable & Disable Categories
    $model_query = tep_db_query("select products_model from " . TABLE_PRODUCTS . " p left join " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c on p.products_id = p2c.products_id left join " . TABLE_CATEGORIES . " c on p2c.categories_id = c.categories_id, " . TABLE_PRODUCTS_DESCRIPTION . "  pd where c.categories_status = '1' and p.products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "' and p.products_id = pd.products_id");
    // EOF Enable & Disable Categories
    if (tep_db_num_rows($model_query)) {
      $model = tep_db_fetch_array($model_query);
      $breadcrumb->add($model['products_model'], tep_href_link(FILENAME_PRODUCT_INFO, 'cPath=' . $cPath . '&products_id=' . $HTTP_GET_VARS['products_id']));
    }
  }

//user_tracking modications
  if (!$referer_url) {
    if ($HTTP_SERVER_VARS['HTTP_REFERER']) {
    $referer_url = $HTTP_SERVER_VARS['HTTP_REFERER'];
    //session_register('referer_url');//Deprecated
    $_SESSION['referer_url'] = $referer_url;
    }
  }

// HMCS: Begin Autologon
  if ($cookies_on == true) {
    if (ALLOW_AUTOLOGON == 'true') {                                // Is Autologon enabled?
      if (basename($_SERVER['PHP_SELF']) != FILENAME_LOGIN) {                  // yes
        if (!tep_session_is_registered('customer_id')) {
          include('includes/modules/autologon.php');
        }
      }
    } else {
      setcookie("email_address", "", time() - 3600, $cookie_path);  //no, delete email_address cookie
      setcookie("password", "", time() - 3600, $cookie_path);       //no, delete password cookie
    }
  }
// HMCS: End Autologon


//BOF - Zappo - Option Types v2 - ONE LINE - message stack moved up from here...

// set which precautions should be checked
  define('WARN_INSTALL_EXISTENCE', 'true');
  define('WARN_CONFIG_WRITEABLE', 'true');
  define('WARN_SESSION_DIRECTORY_NOT_WRITEABLE', 'true');
  define('WARN_SESSION_AUTO_START', 'true');
  define('WARN_DOWNLOAD_DIRECTORY_NOT_READABLE', 'true');

///
////////////////////////////
$category_query = tep_db_query("select cd.categories_name, c.categories_image from " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd where c.categories_id = '" . (int)$current_category_id . "' and cd.categories_id = '" . (int)$current_category_id . "' and cd.language_id = '" . (int)$languages_id . "'");
  $category = tep_db_fetch_array($category_query);
?>