. "<br>" . _("Please contact your system administrator.")
: _("Please remove \$security_groups and \$security_headings arrays from config.php file!");
- page(_("Access denied"), false);
- display_error($msg);
+ display_error($msg);
end_page();
kill_login();
exit;
if (!$_SESSION["wa_current_user"]->can_access_page($page_security))
{
- // no_menu parameter guess here is ugly hack, but works for now.
- // Better solution is to use global switch for menu, set before
- // session.inc inclusion.
- page(_("Access denied"), strpos($_SERVER['PHP_SELF'], '/view/'));
echo "<center><br><br><br><b>";
echo _("The security settings on your account do not permit you to access this function");
echo "</b>";
echo "<br><br><br><br></center>";
end_page();
- //kill_login();
exit;
}
}
if (isset($_GET['path_to_root']) || isset($_POST['path_to_root']))
die("Restricted access");
+include_once($path_to_root . "/includes/current_user.inc");
include_once($path_to_root . "/frontaccounting.php");
include_once($path_to_root . "/admin/db/security_db.inc");
-include_once($path_to_root . "/includes/current_user.inc");
include_once($path_to_root . "/includes/lang/language.php");
include_once($path_to_root . "/config_db.php");
include_once($path_to_root . "/includes/ajax.inc");
}
}
+ include_once($path_to_root . '/company/'.user_company().'/installed_extensions.php');
+
if (!isset($_SESSION["App"])) {
$_SESSION["App"] = new front_accounting();
$_SESSION["App"]->init();
}
-
-//----------------------------------------------------------------------------------------
-
- check_page_security($page_security);
}
// POST vars cleanup needed for direct reuse.
// We quote all values later with db_escape() before db update.
projects / fa-stable.git / blobdiff