<?define('ROOT_PATH', './');require_once 'include/header.php';if($config

1. <?
2. define('ROOT_PATH', './');
3. require_once 'include/header.php';
4.  
5. if($config['environment'] == "production" && ($_SERVER['SERVER_NAME'] == "scard.klsogo.com.my" || $_SERVER['SERVER_NAME'] == "www.scard.klsogo.com.my")){
6. header('Location: https://scard.sogo.com.my/');
7. exit();
8. }
9.  
10. //header("Location: https://www.sogo.com.my/maintenance/"); // Under Mainenance
11. /*
12. $whitelist = array('10.0.43.107','10.0.43.108','10.0.43.109','10.0.43.110','10.0.43.111','10.0.43.112','10.0.43.113','10.0.26.163','10.0.26.70','10.0.26.152','10.0.26.111');
13.  
14. if (!in_array($_SERVER['REMOTE_ADDR'], $whitelist)){
15. header('Location: https://scard.klsogo.com.my/');
16. exit();
17. }*/
18.  
19. // Scheduled maintenance
20. $maintenance_start = '2018-04-28 23:00:00';
21. $maintenance_end = '2018-04-29 01:00:00';
22. $today_date = date('Y-m-d H:i:s', strtotime( date('Y-m-d H:i:s') ) );
23.  
24. $ip_allowed = array("10.3.3.197", "10.3.5.107", "10.0.43.113", "10.3.3.198","10.3.7.242","115.164.93.109",'10.3.3.196','10.3.3.194','10.3.7.242','10.0.26.166','10.0.26.53','10.3.4.86','162.158.26.61','10.3.5.108','10.3.1.234','10.3.4.239',"10.3.5.107");
25. //echo $_SERVER['REMOTE_ADDR'];exit();
26. if( $today_date >= $maintenance_start && $today_date <= $maintenance_end && !(in_array($_SERVER['REMOTE_ADDR'],$ip_allowed)) ){
27. header("Location: https://www.sogo.com.my/maintenance/");
28. }
29.  
30. if( $today_date < $maintenance_start ){
31. $start = date('l, jS F g:i A', strtotime($maintenance_start));
32. $end = date('l, jS F g:i A', strtotime($maintenance_end));
33.  
34. $tpl->assign('maintenance', "There will be a scheduled maintenance from ".$start." till ".$end.". Your understanding is much appreciated");
35. }
36.  
37. array_walk($_POST, 'array_striptags');
38.  
39. $internal_ip = explode('.', $_SERVER['REMOTE_ADDR']);
40. if ($internal_ip[0] == '10') {
41. $internal = true;
42. $tpl->assign('internal', 1);
43. }
44.  
45. if ($_SERVER['SERVER_NAME'] != "scard.sogo.com.my" && $_SERVER['SERVER_NAME'] != "localhost" && $_SERVER['SERVER_NAME'] != "10.0.43.103") {
46. //header("Location: https://scard.sogo.com.my/");
47. }
48.  
49. // Log URL of every page load, to allow page resume after user login
50. if (isset($_POST['redirect_url']) && $_POST['redirect_url']) {
51. if (!isset($_SESSION['redirect']['current'])) {
52. $_SESSION['redirect']['previous'] = $_POST['redirect_url'];
53. $_SESSION['redirect']['current'] = $_POST['redirect_url'];
54. } else if (isset($_SESSION['redirect']['current']) && $_SESSION['redirect']['current'] != $_POST['redirect_url']) {
55. $_SESSION['redirect']['previous'] = $_SESSION['redirect']['current'];
56. $_SESSION['redirect']['current'] = $_POST['redirect_url'];
57. }
58. //$user->store_session();
59. exit();
60. }
61. if (isset($_POST['get_redirect_url']) && $_POST['get_redirect_url']) {
62. if($config['environment'] == "production") {
63. die(json_encode($_SESSION['redirect']));
64. } elseif($config['environment'] == "development") {
65. die(json_encode(array('previous' => $config['site_path'])));
66. }
67. }
68.  
69. // User Session Status & Update
70. if (isset($_SESSION['user']['user_id']) && $_SESSION['user']['user_id']) {
71. foreach ($_SESSION['user'] as $k => $v) {
72. $user_session[$k] = base64_decode($v);
73. }
74. $user_session['customer_code'] = str_replace(" ", "", $user_session['customer_code']);
75. /* $user_session = $user->get_user_info( $user_session['user_id'] );
76. if( isset( $user_session['birthdate'] ) && $user_session['birthdate'] )
77. $user_session['birthdate'] = date( "d/m/Y", $user_session['birthdate'] ); */
78.  
79. if (isset($_SESSION["LAST_ACTIVITY"])) {
80. if (time() - $_SESSION["LAST_ACTIVITY"] > 1800) { // last request was more than 30 minutes ago
81. header("Location: {$config['site_path']}user/log_out");
82. } else {
83. $_SESSION["LAST_ACTIVITY"] = time(); // update last activity time stamp
84. }
85. } else {
86. $_SESSION["LAST_ACTIVITY"] = time(); // set new activity session
87. }
88. $tpl->assign("user_session", $user_session);
89.  
90. // check if session still active or not
91. $db->query(sprintf("SELECT * FROM user_session WHERE user_id='%d' AND is_active='1' AND session_id='%s'", $user_session['user_id'], $user_session['session_id']));
92. if (!$db->num_rows()) { // user session not active
93. header("Location: {$config['site_path']}user/log_out");
94. }
95.  
96. // check if multiple logins exist
97. $db->query(sprintf("SELECT * FROM user_session WHERE user_id='%d' AND is_active='1' AND session_id!='%s'", $user_session['user_id'], $user_session['session_id']));
98.  
99. if ($db->num_rows()) {
100. // check if notify is true
101. $db->query(sprintf("SELECT * FROM user_session WHERE user_id='%d' AND session_id='%s'", $user_session['user_id'], $user_session['session_id']));
102. $session = $db->fetch_array();
103. if ($session[0]['notify'] == 1) {
104. $tpl->assign('multiple_login', '1');
105. }
106. }
107. //$tpl->assign('multiple_login', '1');
108.  
109. if ($_SERVER['SERVER_NAME'] != "localhost") {
110. // Integration
111. include_once 'class/soap.php';
112. $soap_c = new Soap();
113.  
114. $result_expiry_date = $soap_c->callService('U_ChkMemberExpiry', array(
115. 'UserID' => 'test1',
116. 'password' => 'password',
117. 'customer_code' => $user_session['customer_code'],
118. 'store' => '',
119. 'member_level' => '',
120. 'member_type' => '',
121. 'gender' => '',
122. 'contact_id' => ''
123. ));
124.  
125. //echo '<pre>'; print_r( $result_expiry_date ); echo '</pre>'; die();
126. $expiry_date = $result_expiry_date['message']['U_ChkMemberExpiryResult']['diffgram']['NewDataSet']['T']['expiry_date'];
127. //$expiry_date = "2013-02-28 12:49:44.987+08:00";
128. //die( $expiry_date );
129. $url = @$_GET['function'];
130. if ((strtotime('now') > strtotime($expiry_date)) && ($url != "show_page" && $url != "summary" && $url != "edit" && $url != "update_account" && $url != "update_preferences" && $url != "renewal" && $url != "renewal_payment" && $url != "renewal_response" && $url != "renewal_complete" && $url != "renewal_fail" && $url != "load_points_info" && $url != "load_cart_info" && $url != "check_voucher" && $url != "load_list_info")) {
131. $tpl->assign('url', $url);
132. header("Location: {$config['site_path']}scard/renewal");
133. } else {
134. if ((strtotime('now') < strtotime($expiry_date)) && $user_session['is_temp'] == 1 && ($url != "edit" && $url != "update_account" && $url != "load_points_info" && $url != "load_cart_info")) {
135. header("Location: {$config['site_path']}account/edit/password");
136. }
137. }
138. }
139. }
140.  
141. // Body Content Trigger
142. if (isset($_GET['mod']) && $_GET['mod']) {
143. if ($_GET['mod'] == 'blog' && isset($_GET['page_id']) && $_GET['page_id']) {
144. $tpl->assign("content", file_get_contents("{$config['site_path']}blog.php?page_id={$_GET['page_id']}"));
145. $tpl->assign("body", $tpl->fetch('blog.tpl'));
146. } else {
147. // module name recovery for alert_list as global stripslash removed 'alert' from the name
148. $_GET['mod'] = ($_GET['mod'] == '_list') ? 'alert_list' : $_GET['mod'];
149. $_GET['function'] = ($_GET['function'] == '_list') ? 'alert_list' : $_GET['function'];
150.  
151. $mod_path = 'module/front/' . $_GET['mod'] . '.php';
152.  
153. if (file_exists($mod_path)) {
154. include_once $mod_path;
155. } else {
156. $tpl->assign("message_fail", array("$_GET[mod] module not found!"));
157. $tpl->assign("body", $tpl->fetch('message.tpl'));
158. }
159. }
160. } else {
161. // Banner Generation
162. $db->query(sprintf("SELECT * FROM banner WHERE location='%s' AND status='1' ORDER BY sort", 'home_main'));
163. $banner = $db->fetch_array();
164. $tpl->assign('banner', $banner);
165.  
166. // Banner Generation
167. $db->query(sprintf("SELECT * FROM banner WHERE location='%s' AND status='1' ORDER BY sort LIMIT 3", 'home_sub'));
168. $banner_sub = $db->fetch_array();
169. $tpl->assign('banner_sub', $banner_sub);
170.  
171. $tpl->assign("body", $tpl->fetch('home.tpl') . @$config['site_home']);
172. }
173.  
174. $db->query(sprintf("SELECT * FROM category WHERE parent_id='0' AND is_active='1' ORDER BY sort"));
175. $category = $db->fetch_array();
176.  
177. $tpl->assign('category', $category);
178.  
179. // Main Menu Generation
180. $db->query(sprintf("SELECT * FROM selection WHERE category='Page' AND value!=''"));
181. if ($db->num_rows()) {
182. $selection = $db->fetch_array();
183. for ($i = 0; $i < count($selection); $i++) {
184. $db->query(sprintf("SELECT * FROM page WHERE category='%s' AND unlisted='0' ORDER BY sort", $selection[$i]['value']));
185. if ($db->num_rows()) {
186. $tpl->assign(str_replace(array(' ', '&'), array('_', 'and'), strtolower($selection[$i]['value'])) . "_menu", $db->fetch_array());
187. }
188. }
189. }
190.  
191. // Footer Generation
192. $db->query(sprintf("SELECT * FROM hotline ORDER BY `column`"));
193. $tpl->assign('hotline', $db->fetch_array());
194.  
195. $db->query(sprintf("SELECT * FROM footer ORDER BY `column`"));
196. $footer_links = $db->fetch_array();
197. if( $config['environment'] == 'development' ){
198. foreach ($footer_links as $k => $v) {
199. $footer_links[$k]['content'] = str_replace("//scard.sogo.com.my/", "//10.0.43.103/mwp-mobile/", $v['content']);
200. }
201. }
202. $tpl->assign('footer', $footer_links);
203. if (isset($_GET['mobile'])) {
204. $tpl->display('index2.tpl');
205. }
206.  
207. $tpl->display('index.tpl');
208.  
209. require_once 'include/footer.php';