<?php
// Version
define('VERSION', '3.0.3.8');
//ini_set("display_errors", ON);
//error_reporting(E_ALL);

// Configuration
if (is_file('config.php')) {
	require_once('config.php');
}

// Install
if (!defined('DIR_APPLICATION')) {
	header('Location: install/index.php');
	exit;
}
//header("HTTP/1.0 404 Not Found");
//exit();


require_once(DIR_SYSTEM . 'startup.php');

$registry = new Registry();
// Loader
$loader = new Loader($registry);
$registry->set('load', $loader);
// Config
$config = new Config();
$registry->set('config', $config);
// Database
$db = new DB(DB_DRIVER, DB_HOSTNAME, DB_USERNAME, DB_PASSWORD, DB_DATABASE);

$registry->set('db', $db);

// Settings
$query = $db->query("SELECT * FROM " . DB_PREFIX . "setting WHERE store_id = '0' OR store_id = '" . (int)$config->get('config_store_id') . "' ORDER BY store_id ASC");

foreach ($query->rows as $setting) {
	$config->set($setting['key'], $setting['value']);
}


function getPreferredLanguage() {  
    $langs = array();  
	$lang;
    if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {  
        // break up string into pieces (languages and q factors)  
        preg_match_all('/([a-z]{1,8}(-[a-z]{1,8})?)s*(;s*qs*=s*(1|0.[0-9]+))?/i',  
                $_SERVER['HTTP_ACCEPT_LANGUAGE'], $lang_parse);  
        if (count($lang_parse[1])) {  
            // create a list like "en" => 0.8  
            $langs = array_combine($lang_parse[1], $lang_parse[4]);  
            // set default to 1 for any without q factor  
            foreach ($langs as $lang => $val) {  
                if ($val === '') $langs[$lang] = 1;  
            }  
            // sort list based on value  
            arsort($langs, SORT_NUMERIC);  
        }  
    }  
    //extract most important (first)  
    foreach ($langs as $lang => $val) { break; }  
    //if complex language simplify it  
    if (stristr($lang,"-")) {$tmp = explode("-",$lang); $lang = $tmp[0]; }  
    return $lang;  
} 

//IP白名单
if (!empty($_SERVER['HTTP_CLIENT_IP']))
{
    $ip_address = $_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
{
    $ip_address = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
    $ip_address = $_SERVER['REMOTE_ADDR'];
}
if ($ip_address =="62.210.139.12"  ||  $ip_address =="62.210.178.249")
{
	header("HTTP/1.0 404 Not Found");
	exit();
}
$sql = "SELECT COUNT(*) AS total FROM `" . DB_PREFIX . "customer_online` co LEFT JOIN " . DB_PREFIX . "customer c ON (co.customer_id = c.customer_id)";
$query = $db->query($sql);
$onlineuser = $query->row['total'];
if($config->get('config_online') > 0 && $onlineuser > $config->get('config_online')){
	header("HTTP/1.0 404 Not Found");
	exit();
}


$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 4);
$lang_ex = getPreferredLanguage();
if (preg_match("/zh-c/i", $lang) || preg_match("/zh-c/i", $lang_ex) )   
{
	if ($config->get('config_whitelist') && strpos($_SERVER['REQUEST_URI'], "api") === false){
		if (strpos($config->get('config_whitelist'),'|')){
			$whiteList = explode('|',$config->get('config_whitelist'));
		}else{
			$whiteList = $config->get('config_whitelist');
		}
		if (is_array($whiteList)){
			if (!in_array($ip_address,$whiteList))
			{
				//不是白名单拒绝访问
				header("HTTP/1.0 404 Not Found");
				exit();
			}
		}else if ($ip_address != $whiteList){
			//不是白名单拒绝访问
			header("HTTP/1.0 404 Not Found");
			exit();
		}
	}
}

if ($config->get('config_login_password'))
{

	if(strpos($_SERVER['REQUEST_URI'], "api") !== false){
		
	}else{
		//访问需要密码
		@$login = $_COOKIE['login'];
		/*
		密码在这里修改，请把123456改成你想要的密码 ，其他东西请勿动！
		*/
		$mima = $config->get('config_login_password'); 

		$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 4); //只取前4位，这样只判断最优先的语言。如果取前5位，可能出现en,zh的情况，影响判断。   
		if (preg_match("/zh-c/i", $lang))   
		 {
			if($login==""){
					if(@$_POST['passwords']!=""){
				
							$password=$_POST['passwords'];
							if($mima==$password){
								setcookie("login","ok", time()+3600*24);
						    @$login = $_COOKIE['login'];
						  }else{
							setcookie("login");
						    echo "password error";exit();
						  }
				
				  }else{		 
					  echo '<style type="text/css">
            #module_freedomain_login {
                display: flex;
                align-items: center;
                justify-content: center;
                height: 100vh;
                text-align: center;
                width: 530px;
                margin: 0 auto;
            }
            .module_freedomain_login_wrapper {
                width: 100%;
            }
            .mo-form-input {
              width: 100%;
              height: 54px;
              padding: 0 12px;
              font-size: 14px;
              background-color: #f6f6f6;
              box-sizing: border-box;
              border: 2px solid #f6f6f6;
              transition: all 0.5s;
              border-radius: var(--button_border_radius);
            }

            .mo-form-input:focus {
              border: 2px solid #545454;
            }

            #module_freedomain_login .module_freedomain_login_header {
                margin-bottom: 40px;
            }

            #module_freedomain_login .module_freedomain_login_title {
                font-size: 24px;
                line-height: 1.3;
                color: var(--title_color);
            }

            #module_freedomain_login .module_freedomain_login_detail {
                margin-top: 20px;
            }

            #module_freedomain_login .mo-form {
                display: flex;
                width: 100%;
                align-items:center;
            }

            #module_freedomain_login .mo-form-input {
                height: 48px;
            }

            #module_freedomain_login .mo-form .form_btn {
                min-width: 120px;
                margin-left: 10px;
            }
            @media screen and (max-width:600px) {
                #module_freedomain_login {
                    width:100%;
                    padding: 0 15px;
                    box-sizing: border-box;
                }

                #module_freedomain_login .mo-form {
                    display: inline;
                }

                #module_freedomain_login .mo-form .form_btn {
                    width: 100%;
                    margin-left: 0;
                    margin-top:10px;
                }

                #module_freedomain_login .module_freedomain_login_title {
                    font-size: 18px;
                }

                #module_freedomain_login .logo {
                    margin-bottom: 40px;
                }
                
            }
            .main_btn {
              justify-content: center;
              box-sizing: border-box;
              font-size: 16px;
              padding: 10px 20px;
              min-height: 48px;
              text-align: center;
              background: var(--main_button_bg);
              color: var(--main_button_color);
              cursor: pointer;
              border-radius: var(--button_border_radius);
              transition: all 0.3s;
            }
            
            .main_btn:hover {
              opacity: 0.9;
            }
            
            #form1{ width:100%;}
        </style>';				 
					  echo '<meta content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no" name="viewport"><div class="module_freedomain_login_default" id="module_freedomain_login"><div class="module_freedomain_login_wrapper"><div class="module_freedomain_login_header"><div class="module_freedomain_login_title">请输入密码，进行授权访问</div><div class="module_freedomain_login_detail"></div></div><form id="form1" name="form1" method="post" action=""><div class="mo-form" id="login-form"><div class="mo-form-item" name="access_password" style="flex:1"><div class="mo-form-item-value"><input class="mo-form-input" type="text" name="passwords" placeholder="请输入密码，进行授权访问"> </div></div><div class="mo-form-item"><div class="mo-form-item-value"><div class="main_btn form_btn" id="confirm"> <input type="submit" name="button" class="main_btn" id="button" value="确 认" /></div></div></div></div></form></div></div>';
				exit();
				 }
			
			} 
	}
	
}
}else if (preg_match("/zh/i", $lang))  {}

// Startup


start('catalog');