FILE COMPARISON
Produced: 24/02/2006 12:19:28
   
Mode:  Differences with Context  
Left base folder: CubeCart_3.0.8  
Right base folder CubeCart_3.0.9  
   
File: admin\includes\auth.inc.php  

32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";	=	32	echo "<html>\r\n<head>\r\n<title>Forbidden 403</title>\r\n</head>\r\n<body><h3>Forbidden 403</h3>\r\nThe document you are requesting is forbidden.\r\n</body>\r\n</html>";
33	exit;		33	exit;
34	}		34	}
35			35
36	$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1);		36	$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1);
37	@ini_set("session.cookie_path",$sessionDomain);		37	@ini_set("session.cookie_path",$sessionDomain);
		<>	38	if($glob['rootRel']=="/"){
			39	$sessionName = "ccSID";
			40	} else {
			41	$sessionName = "ccSID-".md5($glob['rootRel']);
			42	}
			43
			44	session_name($sessionName);
38	session_start();	=	45	session_start();
39			46
40	if(!isset($_SESSION['ccAdmin'])){		47	if(!isset($_SESSION['ccAdmin'])){
41			48
42	header("Location: ".$GLOBALS['rootRel']."admin/login.php?goto=".currentPage());		49	header("Location: ".$GLOBALS['rootRel']."admin/login.php?goto=".currentPage());
43	exit;		50	exit;

   
File: admin\misc\info.php  

1	<?php	=	1	<?php
2	$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1);		2	$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1);
3	@ini_set("session.cookie_path",$sessionDomain);		3	@ini_set("session.cookie_path",$sessionDomain);
		-+	4	if($glob['rootRel']=="/"){
			5	$sessionName = "ccSID";
			6	} else {
			7	$sessionName = "ccSID-".md5($glob['rootRel']);
			8	}
4	session_start();	=	9	session_start();
5			10
6	if(isset($_SESSION['ccAdmin'])){		11	if(isset($_SESSION['ccAdmin'])){
7	echo phpinfo();		12	echo phpinfo();
8	}		13	}
9	?>		14	?>

   
File: admin\modules\gateway\paymate\index.php  

79	<tr>	=	79	<tr>
80	<td align="left" class="tdText"><strong>Description:</strong>		80	<td align="left" class="tdText"><strong>Description:</strong>
81	</td>		81	</td>
82	<td class="tdText"><input type="text" name="module[desc]" value="<?php echo $module['desc']; ?>" class="textbox" size="30" /></td>		82	<td class="tdText"><input type="text" name="module[desc]" value="<?php echo $module['desc']; ?>" class="textbox" size="30" /></td>
83	</tr>		83	</tr>
84	<tr>		84	<tr>
85	<td align="left" class="tdText"><strong>Email Address:</strong></td>	<>	85	<td align="left" class="tdText"><strong>Username:</strong></td>
86	<td class="tdText"><input type="text" name="module[email]" value="<?php echo $module['email']; ?>" class="textbox" size="30" /></td>	=	86	<td class="tdText"><input type="text" name="module[email]" value="<?php echo $module['email']; ?>" class="textbox" size="30" /></td>
87	</tr>		87	</tr>
88	<td align="left" class="tdText"><strong>Default:</strong></td>		88	<td align="left" class="tdText"><strong>Default:</strong></td>
89	<td class="tdText">		89	<td class="tdText">
90	<select name="module[default]">		90	<select name="module[default]">
91	<option value="1" <?php if($module['default'] == 1) echo "selected='selected'"; ?>>Yes</option>		91	<option value="1" <?php if($module['default'] == 1) echo "selected='selected'"; ?>>Yes</option>

   
File: admin\products\index.php  

53	$db = new db();	=	53	$db = new db();
54	$query = "SELECT * FROM ".$glob['dbprefix']."CubeCart_inventory INNER JOIN ".$glob['dbprefix']."CubeCart_category on ".$glob['dbprefix']."CubeCart_inventory.cat_id = ".$glob['dbprefix']."CubeCart_category.cat_id ".$whereClause." ORDER BY name ASC";		54	$query = "SELECT * FROM ".$glob['dbprefix']."CubeCart_inventory INNER JOIN ".$glob['dbprefix']."CubeCart_category on ".$glob['dbprefix']."CubeCart_inventory.cat_id = ".$glob['dbprefix']."CubeCart_category.cat_id ".$whereClause." ORDER BY name ASC";
55	$results = $db->select($query);		55	$results = $db->select($query);
56			56
57	if($results==TRUE) {		57	if($results==TRUE) {
58			58
59	$froogleContent = "product_url  name    description     price   image_url       category        offer_id\r\n";	<>	59	$froogleContent = "product_url\tname\tdescription\tprice\timage_url\tcategory\toffer_id\r\n";
60		=	60
61	for($i=0; $i<count($results); $i++){		61	for($i=0; $i<count($results); $i++){
62			62
63			63
64	$salePrice = salePrice($results[$i]['price'], $results[$i]['sale_price']);		64	$salePrice = salePrice($results[$i]['price'], $results[$i]['sale_price']);
65			65
70	} else {	=	70	} else {
71			71
72	$price = $results[$i]['price'];		72	$price = $results[$i]['price'];
73			73
74	}		74	}
75			75
76	$froogleContent .= $glob['storeURL']."/index.php?act=viewProd&productId=".$results[$i]['productId']."   ".$results[$i]['name']."        ".strip_tags(str_replace(array("        ","\r","\n")," ",$results[$i]['description']))."        ".$price;	<>	76	$name = str_replace(array("&nbsp;","\t","\r","\n","\0","\x0B","
			77	"),"",strip_tags($results[$i]['name']));
			78	$name = str_replace("  ","",$name);
			79	$desc = str_replace(array("&nbsp;","\t","\r","\n","\0","\x0B","
			80	"),"",strip_tags($results[$i]['description']));
			81	$desc = str_replace("  ","",$desc);
			82
			83	$froogleContent .= $glob['storeURL']."/index.php?act=viewProd&productId=".$results[$i]['productId']."\t".$name."\t".$desc."\t".$price;
77	if($results[$i]['image']){	=	84	if($results[$i]['image']){
78	$froogleContent .= "    ".$glob['storeURL']."/images/uploads/".$results[$i]['image'];	<>	85	$froogleContent .= "\t".$glob['storeURL']."/images/uploads/".$results[$i]['image'];
79	} else {	=	86	} else {
80	$froogleContent .= "    ";	<>	87	$froogleContent .= "\t".$glob['storeURL']."/skins/".$config['skinDir']."/styleImages/nophoto.gif";
81	}	=	88	}
82	$froogleContent .= "    ".$results[$i]['cat_name'];	<>	89	$froogleContent .= "\t".$results[$i]['cat_name'];
83	$froogleContent .= "    ".$results[$i]['productCode'];		90	$froogleContent .= "\t".$results[$i]['productCode'];
84	$froogleContent .= "\r\n";	=	91	$froogleContent .= "\r\n";
85			92
86	}		93	}
87	$filename="FroogleFeed_".date("dMy").".txt";		94	$filename="FroogleFeed_".date("dMy").".txt";
88	header('Pragma: private');		95	header('Pragma: private');
89	header('Cache-control: private, must-revalidate');		96	header('Cache-control: private, must-revalidate');

   
File: admin\login.php  

37	include_once("../language/".$config['defaultLang']."/lang.inc.php");	=	37	include_once("../language/".$config['defaultLang']."/lang.inc.php");
38	$enableSSl = 1;		38	$enableSSl = 1;
39	include_once("../includes/sslSwitch.inc.php");		39	include_once("../includes/sslSwitch.inc.php");
40			40
41	$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1);		41	$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1);
42	@ini_set("session.cookie_path",$sessionDomain);		42	@ini_set("session.cookie_path",$sessionDomain);
		-+	43	if($glob['rootRel']=="/"){
			44	$sessionName = "ccSID";
			45	} else {
			46	$sessionName = "ccSID-".md5($glob['rootRel']);
			47	}
43		=	48
		-+	49	session_name($sessionName);
44	session_start();	=	50	session_start();
45	$_SESSION['ccAdminPath'] = $GLOBALS['rootRel'];		51	$_SESSION['ccAdminPath'] = $GLOBALS['rootRel'];
46			52
47	if (isset($_POST['username']) && isset($_POST['password'])){		53	if (isset($_POST['username']) && isset($_POST['password'])){
48			54
49	$query = sprintf("SELECT adminId FROM ".$glob['dbprefix']."CubeCart_admin_users WHERE username = %s AND password = %s", $db->mySQLSafe($_POST['username']), $db->mySQLSafe(md5($_POST['password'])));		55	$query = sprintf("SELECT adminId FROM ".$glob['dbprefix']."CubeCart_admin_users WHERE username = %s AND password = %s", $db->mySQLSafe($_POST['username']), $db->mySQLSafe(md5($_POST['password'])));

   
File: admin\logout.php  

37	include_once("../language/".$config['defaultLang']."/lang.inc.php");	=	37	include_once("../language/".$config['defaultLang']."/lang.inc.php");
38	$enableSSl = 1;		38	$enableSSl = 1;
39	include_once("../includes/sslSwitch.inc.php");		39	include_once("../includes/sslSwitch.inc.php");
40			40
41	$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1);		41	$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1);
42	@ini_set("session.cookie_path",$sessionDomain);		42	@ini_set("session.cookie_path",$sessionDomain);
		<>	43	if($glob['rootRel']=="/"){
			44	$sessionName = "ccSID";
			45	} else {
			46	$sessionName = "ccSID-".md5($glob['rootRel']);
			47	}
			48
			49	session_name($sessionName);
43	session_start();	=	50	session_start();
44			51
45	unset($_SESSION['ccAdmin']);		52	unset($_SESSION['ccAdmin']);
46	unset($_SESSION['ccAdminPath']);		53	unset($_SESSION['ccAdminPath']);
47			54
48	if(!isset($_SESSION['ccAdmin'])){		55	if(!isset($_SESSION['ccAdmin'])){
49	header("Location: ".$GLOBALS['rootRel']."admin/login.php");		56	header("Location: ".$GLOBALS['rootRel']."admin/login.php");
50	}		57	}
51	include("includes/header.inc.php");		58	include("includes/header.inc.php");
52	?>		59	?>
53	<p class="infoWarn"><?php echo $lang['admin']['other']['logout_failed'];?></p>		60	<p class="infoWarn"><?php echo $lang['admin']['other']['logout_failed'];?></p>
54	<?php include("includes/footer.inc.php"); ?>		61	<?php include("includes/footer.inc.php"); ?>

   
File: includes\session.inc.php  

40		=	40
41	$sessData["location"] = $db->mySQLSafe(currentPage());		41	$sessData["location"] = $db->mySQLSafe(currentPage());
42	$lkParsed = "PC9ib2R5Pg==PC9odG1sPg==";		42	$lkParsed = "PC9ib2R5Pg==PC9odG1sPg==";
43			43
44	if( !isset($_SESSION['ccUser']) && (isset($_COOKIE['ccUser']) || isset($_GET['ccUser'])) ){		44	if( !isset($_SESSION['ccUser']) && (isset($_COOKIE['ccUser']) || isset($_GET['ccUser'])) ){
45			45
46	$_GET['ccUser'] = treatGet($_GET['ccUser']);	+-
47	$_COOKIE['ccUser'] = treatGet($_COOKIE['ccUser']);
48
49	if(isset($_COOKIE['ccUser'])){	=	46	if(isset($_COOKIE['ccUser'])){
50		<>	47
			48	$_COOKIE['ccUser'] = treatGet($_COOKIE['ccUser']);
51	$sessId = base64_decode($_COOKIE['ccUser']);	=	49	$sessId = base64_decode($_COOKIE['ccUser']);
52			50
53	} elseif(isset($_GET['ccUser'])){		51	} elseif(isset($_GET['ccUser'])){
54		<>	52
			53	$_GET['ccUser'] = treatGet($_GET['ccUser']);
55	$sessId = $_GET['ccUser'];	=	54	$sessId = $_GET['ccUser'];
56			55
57	}		56	}
58			57
59	// see if session is still in db		58	// see if session is still in db
60	$query = "SELECT sessId FROM ".$glob['dbprefix']."CubeCart_sessions WHERE sessId=".$db->mySQLSafe($sessId);		59	$query = "SELECT sessId FROM ".$glob['dbprefix']."CubeCart_sessions WHERE sessId=".$db->mySQLSafe($sessId);

   
File: language\cn\flag.gif  

1	GIF87a????Õ???	<>	1	GIF89a????³?????€???€?€€???€€?€?€€ÀÀÀ€€€ÿ???ÿ?ÿÿ???ÿÿ?ÿ?ÿÿÿÿÿ!ù??????,????????@?,0ÉIk=vÙ�—÷??Ž?FŽ¦¦%+ižbÕºS;‡)?KïNõ>^ðr(?�Èd??;
2	d”–¼l?D$:|T?D¬JT?&|¼??´2<??\´",??tÜÞìD^œÄ?$,"d??d<F|´?$??l¼¾Ô\?D¬>D??lüúü$2|4>|lv¬¼??¼&,TZ”Ì??¼BD??l¤ªÌl>d,:|\?D¬^d?"t$?\´&4??lìêô$*|4N”¼?$??tÄÆÜ\?L¬BL??tüþü$6„¼?$TbœÌ?$?????????????????????,??????????ŒÀˆj˜©�†�N*¥X*??R?P?Án€PÂv°y?’ƒ‚4      m0?
3	+„²IÞ.‰‹“ÒL??Æ*0? \^6€?6)?/!/-
4	?!!?ƒqq…#%–??–%?^r‚^) 8?8¥¦?ž’?t?o®¯�Ÿ€)2.¶r’¹¸„´²¾€ÀŸ´¶ÄÅƶt&?2ËÍÌÏÎ??A?;

   
File: modules\affiliate\iDevAffiliate\tracker.inc.php  

26	|   ========================================	=	26	|   ========================================
27	|       Tracking code for iDevAffiliate		27	|       Tracking code for iDevAffiliate
28	+--------------------------------------------------------------------------		28	+--------------------------------------------------------------------------
29	*/		29	*/
30	$module = fetchDbConfig("iDevAffiliate");		30	$module = fetchDbConfig("iDevAffiliate");
31	$affCode = "<!-- begin iDevAffiliate Affiliate Tracker -->\r\n";		31	$affCode = "<!-- begin iDevAffiliate Affiliate Tracker -->\r\n";
32	$affCode .= "<img border='0' src='".$affVar['URL']."sale.php?idev_cube_1=".sprintf("%.2f", $order[0]['prod_total'])."&idev_cube_2=".$basket['cart_order_id']."' width='0' height='0'' />\r\n";	<>	32	$affCode .= "<img border='0' src='".$module['URL']."sale.php?idev_cube_1=".sprintf("%.2f", $order[0]['prod_total'])."&idev_cube_2=".$basket['cart_order_id']."' width='0' height='0'' />\r\n";
33	$affCode .= "<!-- end iDevAffiliate Affiliate Tracker -->\r\n";	=	33	$affCode .= "<!-- end iDevAffiliate Affiliate Tracker -->\r\n";
34	?>		34	?>

   
File: modules\gateway\DirectPayment\form.inc.php  

187	$formTemplate->assign("VAL_SHIPPING_TOTAL",$basket['shipCost']);	=	187	$formTemplate->assign("VAL_SHIPPING_TOTAL",$basket['shipCost']);
188			188
189			189
190	$currency = $db->select("SELECT currency FROM ".$glob['dbprefix']."CubeCart_sessions WHERE sessId = ".$db->mySQLSafe($_SESSION['ccUser']));		190	$currency = $db->select("SELECT currency FROM ".$glob['dbprefix']."CubeCart_sessions WHERE sessId = ".$db->mySQLSafe($_SESSION['ccUser']));
191			191
192	if($currency == TRUE && $currency[0]['currency'] != ''){		192	if($currency == TRUE && $currency[0]['currency'] != ''){
193	$formTemplate->assign("VAL_CURRENCY_ID", $db->mySQLSafe($currency[0]['currency']));	<>	193	$formTemplate->assign("VAL_CURRENCY_ID", $currency[0]['currency']);
194	} else {	=	194	} else {
195	$formTemplate->assign("VAL_CURRENCY_ID", $config['defaultCurrency']);		195	$formTemplate->assign("VAL_CURRENCY_ID", $config['defaultCurrency']);
196	}		196	}
197			197
198	$acceptedCards = array("Visa" => "Visa", "MasterCard" => "Master Card", "Amex" => "American Express", "Discover" => "Discover");		198	$acceptedCards = array("Visa" => "Visa", "MasterCard" => "Master Card", "Amex" => "American Express", "Discover" => "Discover");
199			199

   
File: modules\gateway\Print_Order_Form\orderForm.php  

39		=	39
40	$config = fetchDbConfig("config");		40	$config = fetchDbConfig("config");
41			41
42	$module = fetchDbConfig("Print_Order_Form");		42	$module = fetchDbConfig("Print_Order_Form");
43			43
44	// get session data		44	// get session data
		-+	45	include_once("../../../includes/sessionStart.inc.php");
45	include_once("../../../includes/session.inc.php");	=	46	include_once("../../../includes/session.inc.php");
46			47
47	// initiate basket		48	// initiate basket
48	include_once("../../../classes/cart.php");		49	include_once("../../../classes/cart.php");
49			50
50	$lang_folder = "";		51	$lang_folder = "";
70		=	71
71	$print_order_form = new XTemplate("orderForm.tpl");		72	$print_order_form = new XTemplate("orderForm.tpl");
72			73
73	$result = $db->select("SELECT * FROM ".$glob['dbprefix']."CubeCart_order_sum INNER JOIN ".$glob['dbprefix']."CubeCart_customer ON ".$glob['dbprefix']."CubeCart_order_sum.customer_id = ".$glob['dbprefix']."CubeCart_customer.customer_id WHERE ".$glob['dbprefix']."CubeCart_order_sum.cart_order_id = ".$db->mySQLSafe($basket['cart_order_id']));		74	$result = $db->select("SELECT * FROM ".$glob['dbprefix']."CubeCart_order_sum INNER JOIN ".$glob['dbprefix']."CubeCart_customer ON ".$glob['dbprefix']."CubeCart_order_sum.customer_id = ".$glob['dbprefix']."CubeCart_customer.customer_id WHERE ".$glob['dbprefix']."CubeCart_order_sum.cart_order_id = ".$db->mySQLSafe($basket['cart_order_id']));
74			75
75	if($result == FALSE){		76	if($result == FALSE){
76	header("Location: ".$glob['rootRel']."cart.php?cart.php&act=step2");	<>	77	header("Location: ".$glob['rootRel']."cart.php?cart.php&act=step2");
			78	exit;
77	}	=	79	}
78	include_once("../../../language/".$config['defaultLang']."/config.inc.php");		80	include_once("../../../language/".$config['defaultLang']."/config.inc.php");
79	$print_order_form->assign("VAL_ISO",$charsetIso);		81	$print_order_form->assign("VAL_ISO",$charsetIso);
80			82
81	$print_order_form->assign("VAL_STORE_NAME",$config['storeName']);		83	$print_order_form->assign("VAL_STORE_NAME",$config['storeName']);
82	$print_order_form->assign("VAL_STORE_URL",$glob['storeURL']);		84	$print_order_form->assign("VAL_STORE_URL",$glob['storeURL']);

   
File: modules\gateway\WorldPay\confirmed.php  

62	// 2. Include function which returns ture or false	=	62	// 2. Include function which returns ture or false
63			63
64	$success = successFirst();		64	$success = successFirst();
65			65
66	if($success == TRUE){		66	if($success == TRUE){
67			67
68	$cart_order_id = $_POST['MC_OID'];	<>	68	//$cart_order_id = $_POST['MC_OID'];
69	include_once("../../../includes/orderSuccess.inc.php");		69	//include_once("../../../includes/orderSuccess.inc.php");
70	$result = "?pg=".base64_encode("WorldPay");	=	70	$result = "?pg=".base64_encode("WorldPay");
71			71
72	} else {		72	} else {
73			73
74	$result = "?f=1&amp;pg=".base64_encode("WorldPay");		74	$result = "?f=1&amp;pg=".base64_encode("WorldPay");
75			75

   
File: modules\shipping\Flat_Rate\calc.php  

45	if($shipKey ==$basket['shipKey']){	=	45	if($shipKey ==$basket['shipKey']){
46	$shippingPrice .= " selected='selected'";		46	$shippingPrice .= " selected='selected'";
47	$basket = $cart->setVar($lang['misc']['flatRate'],"shipMethod");		47	$basket = $cart->setVar($lang['misc']['flatRate'],"shipMethod");
48	$basket = $cart->setVar(sprintf("%.2f",$sum),"shipCost");		48	$basket = $cart->setVar(sprintf("%.2f",$sum),"shipCost");
49	}		49	}
50			50
51	$shippingPrice .= ">".priceFormat($sum)."</option>\r\n";	<>	51	$shippingPrice .= ">".$lang['misc']['flatRate']." (".priceFormat($sum).")</option>\r\n";
52	$shippingAvailable = TRUE;	=	52	$shippingAvailable = TRUE;
53	$shipKey++;		53	$shipKey++;
54	unset($module, $taxVal);		54	unset($module, $taxVal);
55	}		55	}
56	?>		56	?>