<?php
/**********************************
* 68 Classifieds
* http://www.68classifieds.com/
*
* All source code & content (c) Copyright 2007, 68 Classifieds
* unless specifically noted otherwise.
***********************************/
    error_reporting(E_ALL & ~E_NOTICE & ~E_WARNING);
    session_start();
    
    define('IN_CLASSIFIEDS', true);
    //define('IN_ADMIN', false);
    
    // Configuration data
    if (substr(PHP_OS, 0, 3) == "WIN")
    {
        $base_dir = str_replace('includes\\init.php', '', realpath(__FILE__));
        $pear_dir = $base_dir.'includes\\classes\\pear';
    }
    else
    {
        $base_dir = str_replace('includes/init.php', '', realpath(__FILE__));
        $pear_dir = $base_dir.'includes/classes/pear';
    }
    define("FILESYSTEM_PATH", $base_dir);
    ini_set('include_path', ini_get('include_path').PATH_SEPARATOR.$pear_dir); // For PEAR packages
    
    //debug
    if(!empty($_GET['debug']) && $_SESSION['userlevel']==1)
    {
        $debug=TRUE;
    }
    
    // Include the needed files
    $filename=FILESYSTEM_PATH .'Connections/classifieds.php';
    if (file_exists($filename)) 
    {
        require_once($filename);
    }
    else
    {
        header('Location: setup/');
    }
    if(defined('BENCHMARK'))
    {
        include_once("Benchmark/Timer.php");
        $bench = new Benchmark_Timer;
        $bench->start();
    }
    require_once(FILESYSTEM_PATH .'includes/classes/database/mysql.php');
    require_once(FILESYSTEM_PATH .'includes/classes/kernel/Core.php');    
    require_once(FILESYSTEM_PATH .'includes/classes/kernel/Template.php');
    require_once(FILESYSTEM_PATH .'includes/classes/kernel/Login.php');    
    require_once(FILESYSTEM_PATH .'includes/functions.php');
    require_once(FILESYSTEM_PATH .'includes/classes/kernel/Modules.php');
    require_once(FILESYSTEM_PATH .'includes/classes/kernel/Mailer.php');
    //require_once(FILESYSTEM_PATH .'includes/classes/kernel/Key.php');
    
    // Initiate Classes
    $db = &new MySQL($hostname_classifieds,$username_classifieds,$password_classifieds,$database_classifieds);
    $Core = new Core();
    $class_tpl = new Template();
    $Mailer=new Mailer();
    
    //modules
    $modules=new Modules($db);
    $modules->call_hook('start', ''); // Call any module functions
    
    //setup the login sessions 
    function session_defaults() 
    {
        $_SESSION['logged'] = false;
        $_SESSION['uid'] = 0;
        $_SESSION['username'] = '';
        $_SESSION['cookie'] = 0;
        $_SESSION['remember'] = false;
        $_SESSION['userlevel']=5;
    }
    if (!isset($_SESSION['uid']) ) 
    {
        session_defaults();
    }
    else
    {
        $class_tpl->assign('newpms', $Core->privateMessages($_SESSION['uid']));    
    }
    
    //Define some internal configuration
    $permission=checkPerms(@$_SESSION['uid']);
    $title=$Core->settings['sitetitle'];
    $class_tpl->assign('sitetitle',$Core->settings['sitetitle']);
    $class_tpl->assign('sitekeywords',$Core->settings['keywords']);
    $class_tpl->assign('sitedescription',$Core->settings['description']);
    
    //setup email
    define("ADMIN_EMAIL", $Core->settings['email']);
    define("EMAIL_TITLE", $Core->settings['sitetitle']);
    
    //currency & date
    define("CURRENCY_DECIMAL_PLACES", $Core->settings['cCurrencyDecimalPlaces']);
    define("CURRENCY_DECIMAL", $Core->settings['cCurrencyDecimal']);
    define("CURRENCY_THOUSANDS", $Core->settings['cCurrencyThousands']);
    define("CURRENCY_AFTER", $Core->settings['cCurrencyAfter']); //0 no 1 yes
    $class_tpl->assign('dateformat', $Core->settings['cDateFormat']);
    $class_tpl->assign('currency_symbol', $Core->settings['cCurrencySymbol']);
    $class_tpl->assign('canSaveFavorites', $canSaveFavorites);
    
    //is the site offline?
    if ($Core->settings['mainTakeOffline'] == "Y") 
    {
        $class_tpl->assign('pPageContent',$Core->settings['mainTakeOfflineReason']);
        $class_tpl->assign('body','content.tpl');
        $class_tpl->display('layout.tpl');
        exit;
    }
    
    if ($canViewSite == 'N')
    {
        $class_tpl->assign('pPageContent', LANG_BANNED);
        $class_tpl->assign('body', 'content.tpl');
        $class_tpl->display('layout.tpl');
        exit;
    }
    
    // deal with magic_quotes nastiness in GPC data
    //idea from vbulletin
    if (get_magic_quotes_gpc())
    {
        function exec_gpc_stripslashes(&$arr)
        {
            if (is_array($arr))
            {
                foreach($arr AS $_arrykey => $_arryval)
                {
                    if (is_string($_arryval))
                    {
                        $arr["$_arrykey"] = stripslashes($_arryval);
                    }
                    else if (is_array($_arryval))
                    {
                        $arr["$_arrykey"] = exec_gpc_stripslashes($_arryval);
                    }
                }
            }
        return $arr;
        }

        $_GET = exec_gpc_stripslashes($_GET);
        $_POST = exec_gpc_stripslashes($_POST);
        $_COOKIE = exec_gpc_stripslashes($_COOKIE);
        if (is_array($_FILES))
        {
            foreach ($_FILES AS $key => $val)
            {
                $_FILES[$key]['tmp_name'] = str_replace('\\', '\\\\', $val['tmp_name']);
            }
        }
        $_FILES = exec_gpc_stripslashes($_FILES);
        $_REQUEST = array_merge($_GET, $_POST, $_COOKIE);
    }
    set_magic_quotes_runtime(0);
    
    function globals_unset()
    {
        // Possible globals overwrite attempt, so die
        if ( isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS']) )
        {
            // TODO: Add a redirect here or something at least
            echo "Globals overwrite attempt detected!";
            exit;
        }

        // Kill gloabls, and doublecheck for variable overwrite attempts
        $kill = array_merge($_GET, $_POST, $_COOKIE, $_REQUEST, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array());
        $keep = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SESSION', '_SERVER', '_ENV', '_FILES');

        // Loops through the $kill array
        foreach ( $kill as $key => $val )
        {
            // Unsets anything not in the keep array
            if ( !in_array($key, $keep) && isset($GLOBALS[$key]) )
            {
                unset($GLOBALS[$key]);
            }
        }
    }
    globals_unset();
    
    function do_magic_quotes_gpc(&$ar) 
    {
        if (!is_array($ar)) return false;
        reset($ar);
        while (list($key, $value) = each($ar)) 
        {
            if (is_array($ar[$key])) 
            {
                do_magic_quotes_gpc($ar[$key]);
            } 
            else 
            {
                $ar[$key] = addslashes($value);
            }
        }
        reset($ar);
    }
    // handle magic_quotes_gpc turned off.
    if (!get_magic_quotes_gpc()) 
    {
        do_magic_quotes_gpc($_GET);
        do_magic_quotes_gpc($_POST);
        do_magic_quotes_gpc($_COOKIE);
    }
    //build the navigation
    $sSQL="SELECT pageID, pPageTitle FROM ".PREFIX."pages WHERE pPublish='Y' AND pNav='Y' AND (pageID<>1 AND pageID<>2 AND pageID<>5) ORDER BY pPageTitle";
    $result=$db->query($sSQL);
    $pages=array();
    while($rs=$result->fetch())
    {
        $pages[]=$rs;
    }
    $class_tpl->assign('templatepages', $pages);
    
    if(!isset($manualcron)) {
        require_once(FILESYSTEM_PATH .'includes/cron.php');
    }
    
    $modules->call_hook('post_init', '');
?>