Location: PHPKode > projects > MembersGear > membersgear/is_valid_request_php_include.php
<?php
//Set no caching
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
?>
<?php
 // session_start(); 
  //include($_SERVER['DOCUMENT_ROOT'] . '/admin/admin_login.php');
  
  if( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on')  
    $server_request="https://";
  else
   $server_request="http://";      

  require_once "config/config.php";
  require_once INCLUDE_DIR."/product_protection_class.php"; 
  $product=new product_protection_class();  
  $arrExcutableFileExtension=array("php","html","htm","shtml");
  //if(isset($_SESSION[SESSION_PREFIX.'UserName']) or isset($_SESSION[SESSION_PREFIX.'Admin_UserName']))
  $modUrl= $_GET['file'];
  $modUrl=preg_replace("/\/{2,}/", "/", $modUrl);
  
  if((string)$users_config->UserID != '0')
  {
              
            //$userid=$_SESSION[SESSION_PREFIX.'UserID'];
            
             $userid= $users_config->UserID;
             $path = "http://".$_SERVER["HTTP_HOST"];
             $path.=$modUrl;                 
             $file=  $_SERVER['DOCUMENT_ROOT'].$modUrl;
             $ext=explode("/",$file);
             $lsFileName= $ext[count($ext)-1];
             $lsFileExtension=substr(strrchr($lsFileName,'.'),1);
             $flag=false;
           
                       if(isset($_GET['req']))
                       {
                           
                           $lenUrl=strlen($modUrl);
                           $lastChar= substr($modUrl,$lenUrl-1,1);
                           if($lastChar!="/")
                             $modUrl=$modUrl."/";
                   
                               
                            if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."index.html"))
                              {
                                Redirect($modUrl."index.html");
                              }
                           else  if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."index.htm")) 
                             {
                               Redirect($modUrl."index.htm");     
                             }
                          else  if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."index.php")) 
                             {
                               Redirect($modUrl."index.php");     
                             }
                          else  if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."index.shtml")) 
                             {
                               Redirect($modUrl."index.shtml");     
                             }
                          else  if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."default.html")) 
                             {
                               Redirect($modUrl."default.html");     
                             }
                          else  if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."default.htm")) 
                             {
                               Redirect($modUrl."default.htm");     
                             }
                           else  if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."default.shtml")) 
                             {
                               Redirect($modUrl."default.shtml");     
                             }
                           else  if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."default.php")) 
                             {
                               Redirect($modUrl."default.php");     
                             }
                           else  if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."home.html")) 
                             {
                               Redirect($modUrl."home.html");     
                             }
                           else  if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."home.htm")) 
                             {
                               Redirect($modUrl."home.htm");     
                             }
                           else  if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."home.php")) 
                             {
                               Redirect($modUrl."home.php");     
                             } 
                           else  if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."shtml.php")) 
                             {
                               Redirect($modUrl."shtml.php");     
                             }
                          else if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."page_not_found.php")) 
                           {
                              
                               
                               $incDir=encrypt_protected_folder(CONFIG_DIR); 
                               $bd=encrypt_protected_folder("true"); 
                               $dir=$_SERVER['DOCUMENT_ROOT'].$modUrl;
                               Redirect($modUrl."page_not_found.php?inc=$incDir&msg=$mes&bd=$bd");   
                           }
                         else
                          {
                                   if(is__writable($_SERVER['DOCUMENT_ROOT'].$modUrl)) 
                                     { 
                                       $file_page_not_found=$_SERVER['DOCUMENT_ROOT'].$modUrl."page_not_found.php";
                                       $lsfile_not_found=INCLUDE_DIR."/page_not_found.php";
                                       $ls_file_con_file_not_found=file_get_contents($lsfile_not_found); 
                                       $Handle = fopen($file_page_not_found, 'w') or die('can not create page_not_found.php File please allow read write permission on folder and try again');  
                                       fwrite($Handle,$ls_file_con_file_not_found);
                                       fclose($Handle);
                                       $filecreation=true;  
                                       $incDir=encrypt_protected_folder(CONFIG_DIR); 
                                       $mes="No Page found";
                                       $mes=encrypt_protected_folder($mes);
                                       $bd=encrypt_protected_folder("true"); 
                                       $dir=$_SERVER['DOCUMENT_ROOT'].$modUrl;
                                       Redirect($modUrl."page_not_found.php?inc=$incDir&msg=$mes&bd=$bd"); 
                                     }
                                    else
                                      {
                                        die("I cannot create a page \"page_not_found.php\". Please allow read write permission on this folder and try again.");
                                      }       
                          
                          
                          }  
                           
                         }
                      else if(isset($_GET['req_no_file']))
                       {
                           
                            $modUrl=strrev($modUrl);
                            $modUrl=strchr($modUrl,"/");
                            $modUrl= strrev($modUrl); 

                            if(file_exists($_SERVER['DOCUMENT_ROOT'].$modUrl."page_not_found.php"))
                             {
                                 $rev=strrev($modUrl); 
                                 $Rep_str=strchr($rev,"/");
                                 $originalStr=strrev($Rep_str);
                                 $incDir=encrypt_protected_folder(CONFIG_DIR); 
                                 $mes="The Requested resource not found or removed";
                                 $mes=encrypt_protected_folder($mes);
                                 Redirect($originalStr."page_not_found.php?inc=$incDir&msg=$mes");
                             }
                            else
                             {
                                     if(is__writable($_SERVER['DOCUMENT_ROOT'].$modUrl)) 
                                      {   
                                           $file_page_not_found=$_SERVER['DOCUMENT_ROOT'].$modUrl."page_not_found.php";
                                           $lsfile_not_found=INCLUDE_DIR."/page_not_found.php";
                                           $ls_file_con_file_not_found=file_get_contents($lsfile_not_found); 
                                           $Handle = fopen($file_page_not_found, 'w') or die('can not create page_not_found.php File please allow read write permission on folder and try again');   
                                           fwrite($Handle,$ls_file_con_file_not_found);
                                           fclose($Handle);
                                           $filecreation=true;
                                           $rev=strrev($modUrl); 
                                             
                                           $Rep_str=strchr($rev,"/");
                                           $originalStr=strrev($Rep_str);
                                           $incDir=encrypt_protected_folder(CONFIG_DIR); 
                                           $mes="The Requested resource not found";
                                           $mes=encrypt_protected_folder($mes);
                                           Redirect($originalStr."page_not_found.php?inc=$incDir&msg=$mes");
                                      }
                                     else
                                      {
                                        die("I cannot create a page \"page_not_found.php\". Please allow read write permission on this folder and try again.");
                                      }          
                             
                             }    
                             
                       }
                      else
                       {
                          Redirect($url);
                       }  
                      
                       
              }
              else
              {
                  $_SESSION[SESSION_PREFIX.'valid_user']='yes';
                  $url=urlencode($modUrl);
                  Redirect("user_invalid_access.php?url=$url");
              }                       
 
  
   
 function encrypt_protected_folder($string,$pkey='MEMBERSITEENCRYPTEDKEY') {
        $key = $pkey;
        if(!isset($key) or $key=="")
            $key='MEMBERSITE'; 
        $result = '';
        for($i=0; $i<strlen($string); $i++) {
             $char = substr($string, $i, 1);
             $keychar = substr($key, ($i % strlen($key))-1, 1);
             $char = chr(ord($char)+ord($keychar));
             $result.=$char;
         }
         
       $skey=urlencode(base64_encode($result));
       
       return $skey;
  }
           
?>
Return current item: MembersGear