- $_SESSION["wa_current_user"] = new current_user();
-
- // Show login screen
- if (!isset($_POST["user_name_entry_field"]) or $_POST["user_name_entry_field"] == "")
- {
- include($path_to_root . "/access/login.php");
- $Ajax->redirect($path_to_root . "/access/login.php");
- exit;
- }
- }
- include_once($path_to_root . "/includes/ui/ui_msgs.inc");
- // intercept all output to destroy it in case of ajax call
- register_shutdown_function('ob_end_flush');
- ob_start('output_html',0);
- // colect all error msgs
- set_error_handler('error_handler' /*, errtypes */);
-
- if (isset($_POST["user_name_entry_field"]))
- {
- $succeed = $_SESSION["wa_current_user"]->login($_POST["company_login_name"],
- $_POST["user_name_entry_field"],
- md5($_POST["password"]));
-
- if (!$succeed)
+// this is to fix the "back-do-you-want-to-refresh" issue - thanx PHPFreaks
+header("Cache-control: private");
+
+include_once($path_to_root . "/config.php");
+get_text_init();
+
+if ($login_delay > 0)
+ @include_once($path_to_root . "/tmp/faillog.php");
+
+// Page Initialisation
+if (!isset($_SESSION['language']) || !method_exists($_SESSION['language'], 'set_language'))
+{
+ $l = array_search_value($dflt_lang, $installed_languages, 'code');
+ $_SESSION['language'] = new language($l['name'], $l['code'], $l['encoding'],
+ (isset($l['rtl']) && $l['rtl'] === true) ? 'rtl' : 'ltr');
+}
+
+$_SESSION['language']->set_language($_SESSION['language']->code);
+
+
+include_once($path_to_root . "/includes/access_levels.inc");
+include_once($path_to_root . "/version.php");
+include_once($path_to_root . "/includes/main.inc");
+
+// Ajax communication object
+$Ajax = new Ajax();
+
+// js/php validation rules container
+$Validate = array();
+// bindings for editors
+$Editors = array();
+// page help. Currently help for function keys.
+$Pagehelp = array();
+
+$Refs = new references();
+
+// intercept all output to destroy it in case of ajax call
+register_shutdown_function('end_flush');
+ob_start('output_html',0);
+
+if (!isset($_SESSION["wa_current_user"]))
+ $_SESSION["wa_current_user"] = new current_user();
+
+html_cleanup($_GET);
+html_cleanup($_POST);
+html_cleanup($_REQUEST);
+html_cleanup($_SERVER);
+
+// logout.php is the only page we should have always
+// accessable regardless of access level and current login status.
+if (!defined('FA_LOGOUT_PHP_FILE')){
+
+ login_timeout();
+
+ if (!$_SESSION["wa_current_user"]->old_db)
+ include_once($path_to_root . '/company/'.user_company().'/installed_extensions.php');
+
+ install_hooks();
+
+ if (!$_SESSION["wa_current_user"]->logged_in())
+ {
+ // Show login screen
+ if (!isset($_POST["user_name_entry_field"]) or $_POST["user_name_entry_field"] == "")