Directory 'shopstat' is not writeable -> please do a chmod 777 !


"; exit; } } $shopstat_debug = false; #-- Make Debugging available if( session_id() == '111') { $shopstat_debug = true; $shopstat_debug_msg = ""; } #-- Deny direct access if( preg_match("/".basename(__FILE__)."/",$_SERVER['SCRIPT_NAME']) || preg_match("/".basename(__FILE__)."/",$_SERVER['PHP_SELF']) ) { if( $shopstat_debug ){$shopstat_debug_msg .= '\nRESULT:\n------------\nNOTLOGGED->DIRECT ACCESS!';print "";} return; } #-- Allready logged, so we return if( isset($shoplog_islogged) && $shoplog_islogged ) { if( $shopstat_debug ){$shopstat_debug_msg .= '\nRESULT:\n------------\nNOTLOGGED->ALLREADY LOGGED!';print "";} return; } if(isset($_GET['action'])) { $log_action = $_GET['action']; } elseif(isset($_POST['action'])) { $log_action = $_POST['action']; } else{ $log_action = ""; } $logit = true; //------------------------------------------------------------------------------ //-- START GETTING ACTION INFORMATION //------------------------------------------------------------------------------ if( $shopstat_debug ){$shopstat_debug_msg .= '\nFILE:\n------------\n'.$shopstat_ref.'\n';$shopstat_debug_msg .= '\nREQUEST:\n------------\n';foreach($_REQUEST as $key=>$value){$shopstat_debug_msg .= $key.'='.$value.'\n';}print '';} $shoplog_prodid = ""; if( isset($_GET['products_id']) || isset($_GET['BUYproducts_id']) ) { switch($log_action) { case 'add_product': $shoplog_method = 'add'; break; case 'buy_now': $shoplog_method = 'add'; break; default: $shoplog_method = 'showitem'; break; } if(isset($_GET['products_id'])) { $shoplog_prodid = xtc_get_prid($_GET['products_id']); } else{ $shoplog_prodid = xtc_get_prid($_GET['BUYproducts_id']); } } else{ if( preg_match("/checkout_shipping\.php/",$_SERVER['SCRIPT_NAME']) || preg_match("/checkout_shipping\.php/",$_SERVER['PHP_SELF']) ) { $shoplog_method = 'buy1'; } elseif( preg_match("/checkout_payment\.php/",$_SERVER['SCRIPT_NAME']) || preg_match("/checkout_payment\.php/",$_SERVER['PHP_SELF']) ) { $shoplog_method = 'buy2'; } elseif( preg_match("/checkout_confirmation\.php/",$_SERVER['SCRIPT_NAME']) || preg_match("/checkout_confirmation\.php/",$_SERVER['PHP_SELF']) ) { $shoplog_method = 'buy3'; } elseif( preg_match("/checkout_process\.php/",$_SERVER['SCRIPT_NAME']) || preg_match("/checkout_process\.php/",$_SERVER['PHP_SELF']) ) { $shoplog_method = 'validate_and_send'; } elseif( isset($_GET['keywords']) && (preg_match("/search/",$_SERVER['SCRIPT_NAME']) || preg_match("/search/",$_SERVER['PHP_SELF'])) ) { $shoplog_method = 'search'; } elseif( $log_action == 'update_product' ) { if(isset($_POST['cart_delete'])) { $shoplog_method = 'delitem'; $shoplog_prodid = xtc_get_prid($_POST['cart_delete'][0]); } else{ $shoplog_method = 'change'; } } elseif( isset($_SERVER['SCRIPT_NAME']) && (preg_match("/shopping_cart\.php/",$_SERVER['SCRIPT_NAME']) || preg_match("/shopping_cart\.php/",$_SERVER['PHP_SELF'])) ) { $shoplog_method = 'review'; } elseif( isset($_GET['cPath']) || (preg_match("/index\.php/",$_SERVER['SCRIPT_NAME']) || preg_match("/index\.php/",$_SERVER['PHP_SELF'])) ) { $shoplog_method = 'listitems'; } } //------------------------------------------------------------------------------ //-- AFTER GETTING THE METHOD, WE KNOW WHAT TO DO //------------------------------------------------------------------------------ //-- This methods are logged later, so we return if( ( !(isset($shoplog_mode) && $shoplog_mode) ) && ( (isset($shoplog_method) && $shoplog_method == 'buy1') || (isset($shoplog_method) && $shoplog_method == 'buy2') || (isset($shoplog_method) && $shoplog_method == 'buy3') || (isset($shoplog_method) && $shoplog_method == 'listitems') || (isset($shoplog_method) && $shoplog_method == 'showitem') || (isset($shoplog_method) && $shoplog_method == 'search')) ) { if( $shopstat_debug ){$shopstat_debug_msg .= '\nMETHOD:\n------------\n'.$shoplog_method;$shopstat_debug_msg .= '\nRESULT:\n------------\nNOTLOGGED!';print "";} return; } #-- If the method is not set, we return if(!(isset($shoplog_method) && $shoplog_method) ) { if( $shopstat_debug ){$shopstat_debug_msg .= '\nRESULT:\n------------\nNOTLOGGED!';print "";} return; } if( $shopstat_debug ){$shopstat_debug_msg .= '\nPARAS:\n------------\n';$shopstat_debug_msg .= 'MODE: '.$shoplog_mode.'\nMETHOD: '.$shoplog_method.'\nPRODID: '.$shoplog_prodid.'\n';$shopstat_debug_msg .= '\POST:\n------------\n';foreach($_POST as $key=>$value){if(is_array($value)){foreach($value as $k=>$v){$shopstat_debug_msg .= $k.'='.$v.'\n';}}else{$shopstat_debug_msg .= $key.'='.$value.'\n';}}$shopstat_debug_msg .= '\GET:\n------------\n';foreach($_GET as $key=>$value){if(is_array($value)){foreach($value as $k=>$v){$shopstat_debug_msg .= $k.'='.$v.'\n';}}else{$shopstat_debug_msg .= $key.'='.$value.'\n';}}$shopstat_debug_msg .= '\SERVER:\n------------\n';foreach($_SERVER as $key=>$value){$shopstat_debug_msg .= $key.'='.$value.'\n';}print '';} //------------------------------------------------------------------------------ //-- START GETTING BASE INFORMATION //------------------------------------------------------------------------------ require_once(DIR_FS_INC . 'shopstat_functions.inc.php'); require_once(DIR_FS_INC . 'xtc_get_products_name.inc.php'); //Parameter : //shoplog_softwareid : Name of the shopsystem $shoplog_softwareid = PROJECT_VERSION; //shoplog_ip : $REMOTE_ADDR $shoplog_ip = $_SERVER['REMOTE_ADDR']; //shoplog_useragent : $HTTP_USER_AGENT $shoplog_useragent = $_SERVER['HTTP_USER_AGENT']; //shoplog_id : user-ID oder sess_id $shoplog_id = $_REQUEST[session_name()]; //shoplog_referer : $HTTP_REFERER if(isset($_SERVER['HTTP_REFERER'])) { //-- prevent (HTTP_REFERER) Hijacking as mentioned at: //-- http://www.securiteam.com/unixfocus/5KP0G2K9FI.html $shoplog_referer = htmlspecialchars(strip_tags($_SERVER['HTTP_REFERER'])); } else{ $shoplog_referer = "-"; } #-- Get the category path if( isset($_GET['cPath']) ) { $shoplog_cat = shopstat_getRealPath($_GET['cPath']); } else{ $shoplog_cat = shopstat_getRealPath(xtc_get_product_path($shoplog_prodid)); } #-- Get products model //-- 23.04.2006 //-- Falls eine Artikelnummer (oder Attributsartikelnr) vorhanden ist, wird //-- diese gespeichert ansonsten die ID $shoplog_prequery = "SELECT products_model FROM ".TABLE_PRODUCTS." WHERE products_id = '".$shoplog_prodid."'"; $shoplog_prequery = xtDBquery($shoplog_prequery); $shoplog_products = xtc_db_fetch_array($shoplog_prequery,true); (!empty($shoplog_products['products_model'])) ? $shopstat_prodartnr = $shoplog_products['products_model'] : $shopstat_prodartnr = $shoplog_prodid; //------------------------------------------------------------------------------ //-- START GETTING DETAIL INFORMATION //------------------------------------------------------------------------------ //shoplog_query : Additional Info for each method #-- user add or delete a product (cartview or productview) if( (isset($shoplog_method) && $shoplog_method == 'add') || (isset($shoplog_method) && $shoplog_method == 'delitem') ) { #-- article# & articlename $shoplog_query = $shopstat_prodartnr."&". urlencode(strip_tags(xtc_get_products_name($shoplog_prodid,$languages_id))); } #-- user look at a product elseif(isset($shoplog_method) && $shoplog_method == 'showitem') { #-- Art-Nr & Name & Kategorie $shoplog_query = $shopstat_prodartnr.'&'. urlencode(strip_tags(xtc_get_products_name($shoplog_prodid,$languages_id))).'&'. urlencode(strip_tags($shoplog_cat)); } #-- user browse through the products elseif(isset($shoplog_method) && ($shoplog_method == 'listitems')) { (isset($shoplog_mode) && $shoplog_mode) ? $shoplog_query = urlencode(strip_tags($shoplog_cat)) : false; } #-- user did a search in the shop elseif(isset($shoplog_method) && $shoplog_method == 'search') { $shoplog_query = $_GET['keywords']; if(isset($listing_split->number_of_rows) && $listing_split->number_of_rows > 0) { $shoplog_method = 'search_found'; $shoplog_query .= '&'.$listing_split->number_of_rows; } } #-- user has placed an order elseif(isset($shoplog_method) && $shoplog_method == 'validate_and_send') { require_once(DIR_WS_CLASSES . 'order.php'); //-- [1.2] //-- Sicherheitsabfrage für die verschiedenen xtc-Versionen //-- Diese MUSS mit $xtPrice bleiben, da rückwärtskompatibel $order = new order('',$xtPrice); if(is_object($order)) { #-- Total & paymethod & shippingcosts -> $shoplog_query = ((isset($order->info['total'])) ? $order->info['total'] : '').'&'. ((isset($order->info['payment_method'])) ? $order->info['payment_method'] : '').'&'. ((isset($order->info['shipping_cost'])) ? $order->info['shipping_cost'] : '').'->'; #-- Ordered products if(isset($order->products)) { $init = 1; foreach($order->products as $item) { #-- take apart the unique products if(!$init){$shoplog_query .= '|';} #-- art-nr & name & category & quantity & price $shoplog_query .= implode('&', array( $item['model'], urlencode(strip_tags($item['name'])), urlencode(strip_tags(shopstat_getRealPath(xtc_get_product_path(xtc_get_prid($item['id']))))), $item['qty'], $item['price'] ) ); $init=0; } } } } //------------------------------------------------------------------------------ //-- START LOGGING //------------------------------------------------------------------------------ if( $logit && !(isset($shoplog_islogged) && $shoplog_islogged) ) { (!isset($shoplog_merchantid)|| $shoplog_merchantid == "") ? $shoplog_merchantid = "shoplog" : false; (!isset($shoplog_softwareid)|| $shoplog_softwareid == "") ? $shoplog_softwareid = "ShopLog General" : false; (!isset($shoplog_ip) || $shoplog_ip == "") ? $shoplog_ip = "-" : false; (!isset($shoplog_useragent) || $shoplog_useragent == "") ? $shoplog_useragent = "-" : false; (!isset($shoplog_referer) || $shoplog_referer == "") ? $shoplog_referer = "-" : false; (!isset($shoplog_id) || $shoplog_id == "") ? $shoplog_id = "-" : false; (!isset($shoplog_method) || $shoplog_method == "") ? $shoplog_method = "listitems" : false; (!isset($shoplog_cat) || $shoplog_cat == "") ? $shoplog_cat = "-" : false; (!isset($shoplog_query) || $shoplog_query == "") ? $shoplog_query = "-" : false; #-- Make sure we get through ignore_user_abort(true); #-- Manage log-rotation $sl_path = dirname(__FILE__)."/"; $sl_weeknr = strftime("%U"); $sl_year = strftime("%Y"); $sl_datestr = date("Y-m-d"); $sl_timestr = date("H:i:s"); $sl_logfilename = $sl_path.$shoplog_merchantid.'.log.'.$sl_year.$sl_weeknr; if (!@file_exists($sl_logfilename)) { $sl_handle = @fopen($sl_logfilename,"w+"); chmod($sl_logfilename, 0644); (function_exists("set_file_buffer")) ? @set_file_buffer($sl_handle,0) : false; @flock($sl_handle,2); @fputs($sl_handle,"#Software: ".$shoplog_softwareid."\n"); @fputs($sl_handle,"#Version: 1.0\n"); @fputs($sl_handle,"#Date: ".$sl_datestr."\n"); @fputs($sl_handle,"#Fields : date time c-ip cs(User-Agent) cs(Referer) cs-sess-id cs-method category cs-uri-query\n"); @fclose($sl_handle); $sl_lastweek = $sl_weeknr-1; $sl_lastyear = $sl_year; while (true) { $sl_i++; if ($sl_lastweek<0) { $sl_lastweek=56; $sl_lastyear=$sl_year-1; } $sl_lastweek = sprintf("%02d",$sl_lastweek); $sl_lastyear = sprintf("%04d",$sl_lastyear); $sl_logfilename_last = $sl_path.$shoplog_merchantid.'.log.'.$sl_lastyear.$sl_lastweek; /* if(!@file_exists($sl_logfilename_last) || @file_exists($sl_logfilename_last.'.gz') ){break;} */ if($sl_i > 20){break;} if (file_exists($sl_logfilename_last)) { # pack theold file ... //@Exec("gzip $sl_logfilename_last"); $sl_dest = $sl_logfilename_last.'.gz'; $sl_error = false; if($sl_fpout=gzopen($sl_dest,'wb9')) { if($sl_fpin=fopen($sl_logfilename_last,'rb')) { while(!feof($sl_fpin))gzwrite($sl_fpout,fread($sl_fpin,1024*512)); fclose($sl_fpin); }else{$sl_error=true;} gzclose($sl_fpout); }else{$sl_error=true;} if(!$sl_error){@unlink($sl_logfilename_last);} /* rename($sl_logfilename_last,$sl_logfilename_last.".pack"); $sl_handle=fopen($sl_logfilename_last.".pack","r"); if (function_exists("set_file_buffer")) @set_file_buffer($sl_handle,0); $fz=gzopen($sl_logfilename_last.".gz","w+"); if (function_exists("set_file_buffer")) @set_file_buffer($fz,0); while (! @feof($sl_handle)) { $s=fgets($sl_handle,2048); echo strlen($s)."
";flush(); gzputs($fz,$s); } gzclose($fz); fclose($sl_handle); unlink($sl_logfilename_last.".pack"); */ } $sl_lastweek--; } /* $sl_errfile = @tempnam("/tmp","shoplog_error"); @Exec("ls -at1 ".$sl_path.$shoplog_merchantid.".log* 2>".$sl_errfile,$ergs); @unlink($sl_errfile); for ($i=10;$ialert('".$shopstat_debug_msg."');";} @flock($sl_handle,3); @fclose($sl_handle); $shoplog_islogged = true; } else{ if( $shopstat_debug ){$shopstat_debug_msg .= '\nRESULT:\n------------\nNOTLOGGED!';print "";} } ?>