if (isset($_GET['path_to_root']) || isset($_POST['path_to_root']))
die("Restricted access");
+include_once($path_to_root . "/includes/errors.inc");
+// colect all error msgs
+set_error_handler('error_handler' /*, errtypes */);
+
include_once($path_to_root . "/includes/current_user.inc");
include_once($path_to_root . "/frontaccounting.php");
include_once($path_to_root . "/admin/db/security_db.inc");
include_once($path_to_root . "/includes/prefs/sysprefs.inc");
include_once($path_to_root . "/includes/hooks.inc");
+//
+// include all extensions hook files.
+//
+foreach ($installed_extensions as $ext)
+{
+ if (file_exists($path_to_root.'/'.$ext['path'].'/hooks.php'))
+ include_once($path_to_root.'/'.$ext['path'].'/hooks.php');
+}
+
/*
Uncomment the setting below when using FA on shared hosting
ini_set('session.gc_maxlifetime', 36000); // 10hrs
+hook_session_start(@$_POST["company_login_name"]);
+
session_name('FA'.md5(dirname(__FILE__)));
-//include_once($path_to_root.'/modules/www_statistics/includes/db_sessions.inc');
+
session_start();
+session_regenerate_id();
// this is to fix the "back-do-you-want-to-refresh" issue - thanx PHPFreaks
header("Cache-control: private");
include_once($path_to_root . "/includes/access_levels.inc");
include_once($path_to_root . "/version.php");
include_once($path_to_root . "/includes/main.inc");
+include_once($path_to_root . "/includes/app_entries.inc");
// Ajax communication object
$Ajax = new Ajax();
register_shutdown_function('end_flush');
ob_start('output_html',0);
-// colect all error msgs
-set_error_handler('error_handler' /*, errtypes */);
-
if (!isset($_SESSION["wa_current_user"]))
$_SESSION["wa_current_user"] = new current_user();
html_cleanup($_GET);
html_cleanup($_POST);
html_cleanup($_REQUEST);
+html_cleanup($_SERVER);
// logout.php is the only page we should have always
// accessable regardless of access level and current login status.
projects / fa-stable.git / blobdiff