projects / fa-stable.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security fix to my last commit.
[fa-stable.git] / frontaccounting.php
diff --git a/frontaccounting.php b/frontaccounting.php
index a15cff422ef7217f6e113e6c72961347dc8a6f16..7e2201882a74b9f954ca64cfa97c8f69c5df83c4 100644 (file)
--- a/frontaccounting.php
+++ b/frontaccounting.php
@@ -9,17 +9,26 @@
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
-       include_once('applications/application.php');
-       include_once('applications/customers.php');
-       include_once('applications/suppliers.php');
-       include_once('applications/inventory.php');
-       include_once('applications/manufacturing.php');
-       include_once('applications/dimensions.php');
-       include_once('applications/generalledger.php');
-       include_once('applications/setup.php');
-       include_once('installed_extensions.php');
-       $path_to_root=".";
-       include_once($path_to_root . "/includes/session.inc");
+if (!isset($path_to_root) || isset($_GET['path_to_root']) || isset($_POST['path_to_root']))
+       die("Restricted access");
+       include_once($path_to_root . '/applications/application.php');
+       include_once($path_to_root . '/applications/customers.php');
+       include_once($path_to_root . '/applications/suppliers.php');
+       include_once($path_to_root . '/applications/inventory.php');
+       include_once($path_to_root . '/applications/manufacturing.php');
+       include_once($path_to_root . '/applications/dimensions.php');
+       include_once($path_to_root . '/applications/generalledger.php');
+       include_once($path_to_root . '/applications/setup.php');
+       include_once($path_to_root . '/installed_extensions.php');
+       if (count($installed_extensions) > 0)
+       {
+               foreach ($installed_extensions as $ext)
+               {
+                       include_once($path_to_root."/".$ext['folder']."/".$ext['app_file']);
+               }
+       }       
+
+       include_once($path_to_root . '/modules/installed_modules.php');
 
        class front_accounting
                {
@@ -34,7 +43,7 @@
                {
                        //$this->renderer =& new renderer();
                }
-               function add_application($app)
+               function add_application(&$app)
                                {
                                                        $this->applications[$app->id] = &$app;
                                }
@@ -66,7 +75,7 @@
                }
                function init()
                {
-                       global $installed_extensions, $applications;
+                       global $installed_extensions, $path_to_root;
                        $this->menu = new menu(_("Main  Menu"));
                        $this->menu->add_item(_("Main  Menu"), "index.php");
                        $this->menu->add_item(_("Logout"), "/account/access/logout.php");
@@ -81,9 +90,12 @@
                        {
                                foreach ($installed_extensions as $ext)
                                {
-                                       include_once("applications/".$ext['app_file']);
+                                       get_text::add_domain($_SESSION['language']->code, 
+                                               $ext['folder']."/lang");
                                        $class = $ext['name']."_app";
                                        $this->add_application(new $class());
+                                       get_text::add_domain($_SESSION['language']->code, 
+                                               $path_to_root."/lang");
                                }
                        }       
                        
FrontAccounting stable branch