Merged changes from main branch up to release 2.2.1

[fa-stable.git] / includes / session.inc
diff --git a/includes/session.inc b/includes/session.inc

index 2178a8d51e84b5a339fad042b69d176dd64cf3b1..ea1c12a54367e978845e0c99f4370ab7a2a571b0 100644 (file)
--- a/includes/session.inc
+++ b/includes/session.inc
@@ -76,6 +76,28 @@ function check_page_security($page_security)
                 exit;
         }
  }
+/*
+       Helper function for setting page security level depeding on 
+       GET start variable and/or some value stored in session variable.
+       Before the call $page_security should be set to default page_security value.
+*/
+function set_page_security($value=null, $trans = array(), $gtrans = array())
+{
+       global $page_security;
+
+       // first check is this is not start page call
+       foreach($gtrans as $key => $area)
+               if (isset($_GET[$key])) {
+                       $page_security = $area;
+                       return;
+               }
+
+       // then check session value
+       if (isset($trans[$value])) {
+               $page_security = $trans[$value];
+               return;
+       }
+}
  
  //-----------------------------------------------------------------------------
  //     Removing magic quotes from nested arrays/variables
@@ -140,12 +162,15 @@ session_start();
  // this is to fix the "back-do-you-want-to-refresh" issue - thanx PHPFreaks
  header("Cache-control: private");
  
+
  get_text_init();
  
  // Page Initialisation
-if (!isset($_SESSION['languages'])) 
+if (!isset($_SESSION['language'])) 
  {
-       load_languages(); // sets also default $_SESSION['language']
+       $l = array_search_value($dflt_lang, $installed_languages,  'code');
+       $_SESSION['language'] = new language($l['name'], $l['code'], $l['encoding'],
+        isset($l['rtl']) ? 'rtl' : 'ltr');
  }
  
  $_SESSION['language']->set_language($_SESSION['language']->code);
@@ -184,8 +209,6 @@ set_error_handler('error_handler' /*, errtypes */);
  if (!isset($_SESSION["wa_current_user"]))
         $_SESSION["wa_current_user"] = new current_user();
  
-set_global_connection();
-
  // logout.php is the only page we should have always 
  // accessable regardless of access level and current login status.
  if (strstr($_SERVER['PHP_SELF'], 'logout.php') == false){
@@ -221,15 +244,19 @@ if (strstr($_SERVER['PHP_SELF'], 'logout.php') == false){
                         $lang = &$_SESSION['language'];
                         $lang->set_language($_SESSION['language']->code);
                 }
-       }
+       } else
+               set_global_connection();
  
-       include_once($path_to_root . '/company/'.user_company().'/installed_extensions.php');
+       if (!$_SESSION["wa_current_user"]->old_db)
+               include_once($path_to_root . '/company/'.user_company().'/installed_extensions.php');
  
         if (!isset($_SESSION["App"])) {
                 $_SESSION["App"] = new front_accounting();
                 $_SESSION["App"]->init();
         }
  }
+
+
  // POST vars cleanup needed for direct reuse.
  // We quote all values later with db_escape() before db update.
         $_POST = strip_quotes($_POST);