projects
/
fa-stable.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fixed bug in update_person_contact().
[fa-stable.git]
/
includes
/
session.inc
diff --git
a/includes/session.inc
b/includes/session.inc
index d747888ac84ee242f2208766508359e3593ef508..612957ae2f8777ca05aa413b090387f559686d77 100644
(file)
--- a/
includes/session.inc
+++ b/
includes/session.inc
@@
-140,6
+140,7
@@
function html_cleanup(&$parms)
else
$parms[$name] = @htmlspecialchars($value, ENT_QUOTES, $_SESSION['language']->encoding);
}
else
$parms[$name] = @htmlspecialchars($value, ENT_QUOTES, $_SESSION['language']->encoding);
}
+ reset($parms); // needed for direct key() usage later throughout the sources
}
//============================================================================
}
//============================================================================
@@
-205,11
+206,17
@@
if (!isset($_SESSION['language']) || !method_exists($_SESSION['language'], 'set_
$_SESSION['language']->set_language($_SESSION['language']->code);
$_SESSION['language']->set_language($_SESSION['language']->code);
-// include $Hooks object if locale file exists
+include_once($path_to_root . "/includes/hooks.inc");
+
+$Hooks = array();
+// include current langauge related $Hooks object if locale file exists
if (file_exists($path_to_root . "/lang/".$_SESSION['language']->code."/locale.inc"))
{
include_once($path_to_root . "/lang/".$_SESSION['language']->code."/locale.inc");
if (file_exists($path_to_root . "/lang/".$_SESSION['language']->code."/locale.inc"))
{
include_once($path_to_root . "/lang/".$_SESSION['language']->code."/locale.inc");
- $Hooks = new Hooks();
+ $code = $_SESSION['language']->code;
+ $hook_class = 'hooks_'.$code;
+ $Hooks[$code] = new $hook_class;
+ unset($code, $hook_class);
}
include_once($path_to_root . "/includes/access_levels.inc");
}
include_once($path_to_root . "/includes/access_levels.inc");
@@
-238,6
+245,10
@@
set_error_handler('error_handler' /*, errtypes */);
if (!isset($_SESSION["wa_current_user"]))
$_SESSION["wa_current_user"] = new current_user();
if (!isset($_SESSION["wa_current_user"]))
$_SESSION["wa_current_user"] = new current_user();
+html_cleanup($_GET);
+html_cleanup($_POST);
+html_cleanup($_REQUEST);
+
// logout.php is the only page we should have always
// accessable regardless of access level and current login status.
if (strstr($_SERVER['PHP_SELF'], 'logout.php') == false){
// logout.php is the only page we should have always
// accessable regardless of access level and current login status.
if (strstr($_SERVER['PHP_SELF'], 'logout.php') == false){
@@
-251,7
+262,7
@@
if (strstr($_SERVER['PHP_SELF'], 'logout.php') == false){
{
// strip ajax marker from uri, to force synchronous page reload
$_SESSION['timeout'] = array( 'uri'=>preg_replace('/JsHttpRequest=(?:(\d+)-)?([^&]+)/s',
{
// strip ajax marker from uri, to force synchronous page reload
$_SESSION['timeout'] = array( 'uri'=>preg_replace('/JsHttpRequest=(?:(\d+)-)?([^&]+)/s',
- '', @
$_SERVER['REQUEST_URI']
),
+ '', @
htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES, $_SESSION['language']->encoding)
),
'post' => $_POST);
include($path_to_root . "/access/login.php");
'post' => $_POST);
include($path_to_root . "/access/login.php");
@@
-291,6
+302,4
@@
$SysPrefs = &$_SESSION['SysPrefs'];
// We quote all values later with db_escape() before db update.
$_POST = strip_quotes($_POST);
// We quote all values later with db_escape() before db update.
$_POST = strip_quotes($_POST);
-html_cleanup($_GET);
-html_cleanup($_POST);
?>
\ No newline at end of file
?>
\ No newline at end of file