+// Prevent register_globals vulnerability
+if (isset($_GET['path_to_root']) || isset($_POST['path_to_root']))
+ die("Restricted access");
+
+include_once($path_to_root . "/includes/errors.inc");
+// colect all error msgs
+set_error_handler('error_handler' /*, errtypes */);
+
+include_once($path_to_root . "/includes/current_user.inc");
+include_once($path_to_root . "/frontaccounting.php");
+include_once($path_to_root . "/admin/db/security_db.inc");
+include_once($path_to_root . "/includes/lang/language.inc");
+include_once($path_to_root . "/config_db.php");
+include_once($path_to_root . "/includes/ajax.inc");
+include_once($path_to_root . "/includes/ui/ui_msgs.inc");
+include_once($path_to_root . "/includes/prefs/sysprefs.inc");
+
+include_once($path_to_root . "/includes/hooks.inc");
+//
+// include all extensions hook files.
+//
+foreach ($installed_extensions as $ext)
+{
+ if (file_exists($path_to_root.'/'.$ext['path'].'/hooks.php'))
+ include_once($path_to_root.'/'.$ext['path'].'/hooks.php');
+}
+$Session_manager = new SessionManager();
+$Session_manager->sessionStart('FA'.md5(dirname(__FILE__)));
+
+$_SESSION['SysPrefs'] = new sys_prefs();
+
+$SysPrefs = &$_SESSION['SysPrefs'];
+
+//----------------------------------------------------------------------------------------
+// set to reasonable values if not set in config file (pre-2.3.12 installations)
+
+if ((!isset($SysPrefs->login_delay)) || ($SysPrefs->login_delay < 0))
+ $SysPrefs->login_delay = 10;
+
+if ((!isset($SysPrefs->login_max_attempts)) || ($SysPrefs->login_max_attempts < 0))
+ $SysPrefs->login_max_attempts = 3;
+
+if ($SysPrefs->go_debug > 0)
+ error_reporting(-1);
+else
+ error_reporting(E_USER_WARNING|E_USER_ERROR|E_USER_NOTICE);
+ini_set("display_errors", "On");
+
+if ($SysPrefs->error_logfile != '') {
+ ini_set("error_log", $SysPrefs->error_logfile);
+ ini_set("ignore_repeated_errors", "On");
+ ini_set("log_errors", "On");
+}
+
+
+/*
+ Uncomment the setting below when using FA on shared hosting
+ to avoid unexpeced session timeouts.
+ Make sure this directory exists and is writable!
+*/
+// ini_set('session.save_path', dirname(__FILE__).'/../tmp/');
+
+ini_set('session.gc_maxlifetime', 36000); // 10hrs
+
+hook_session_start(@$_POST["company_login_name"]);
+
+// this is to fix the "back-do-you-want-to-refresh" issue - thanx PHPFreaks
+header("Cache-control: private");