X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=install%2Fisession.inc;h=bf21f18b4bf0c68f7003b8dcef0d9cb46456dfd0;hb=28f28538d4878eefa6cffad83e0dc95a7d6ccf2c;hp=25a5519c1f5eef284c3bd80d9625a2730c73ded5;hpb=e9782c04faf09dd040dbc0c908cdb6e6d4f0dcfc;p=fa-stable.git

diff --git a/install/isession.inc b/install/isession.inc
index 25a5519c..bf21f18b 100644
--- a/install/isession.inc
+++ b/install/isession.inc
@@ -9,6 +9,9 @@
 	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 	See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
+define('VARLIB_PATH', $path_to_root.'/tmp');
+define('VARLOG_PATH', $path_to_root.'/tmp');
+
 function output_html($text)
 {
 	global $before_box, $Ajax, $messages;
@@ -28,7 +31,7 @@ function output_html($text)
 //
 function strip_quotes($data)
 {
-	if(get_magic_quotes_gpc()) {
+	if(version_compare(phpversion(), '5.4', '<') && get_magic_quotes_gpc()) {
 		if(is_array($data)) {
 			foreach($data as $k => $v) {
 				$data[$k] = strip_quotes($data[$k]);
@@ -39,9 +42,34 @@ function strip_quotes($data)
 	return $data;
 }
 
+function html_specials_encode($str)
+{
+	return htmlspecialchars($str, ENT_QUOTES, $_SESSION['language']->encoding=='iso-8859-2' ? 'ISO-8859-1' : $_SESSION['language']->encoding);
+}
+
+function html_cleanup(&$parms)
+{
+	foreach($parms as $name => $value) {
+		if (is_array($value))
+			html_cleanup($parms[$name]);
+		else
+			$parms[$name] = html_specials_encode($value);
+	}
+	reset($parms); // needed for direct key() usage later throughout the sources
+}
+
 function check_page_security($page_security)
 {
 }
+
+/*
+ Ensure file is re-read on next request if php caching is active
+*/
+function cache_invalidate($filename)
+{
+    if (function_exists('opcache_invalidate')) // OpCode extension
+        opcache_invalidate($filename);
+}
 //============================================================================
 if (!isset($path_to_root))
 {
@@ -57,7 +85,7 @@ include_once($path_to_root . "/includes/errors.inc");
 set_error_handler('error_handler' /*, errtypes */);
 
 include_once($path_to_root . "/includes/current_user.inc");
-include_once($path_to_root . "/includes/lang/language.php");
+include_once($path_to_root . "/includes/lang/language.inc");
 include_once($path_to_root . "/includes/ajax.inc");
 include_once($path_to_root . "/includes/ui/ui_msgs.inc");
 include_once($path_to_root . "/includes/prefs/sysprefs.inc");
@@ -70,6 +98,9 @@ header("Cache-control: private");
 
 include_once($path_to_root . "/config.default.php");
 
+$_SESSION['SysPrefs'] = new sys_prefs();
+$SysPrefs = &$_SESSION['SysPrefs'];
+
 $inst_langs = array(
   'C' => array ( 'name' => 'English',	'code' => 'C',		'encoding' => 'iso-8859-1'),
   'ar_EG' => array ( 'name' => 'Arabic',	'code' => 'ar_EG',	'encoding' => 'utf-8', 'rtl' => true),
@@ -78,13 +109,19 @@ $inst_langs = array(
   'el_GR' => array ( 'name' => 'Greek',	'code' => 'el_GR',	'encoding' => 'utf-8'),
   'es_MX' => array ( 'name' => 'Spanish',	'code' => 'es_MX',	'encoding' => 'iso-8859-1'),
   'fr_FR' => array ( 'name' => 'Français',	'code' => 'fr_FR',	'encoding' => 'iso-8859-1'),
+  'hi_IN' => array ( 'name' => 'Hindi',	'code' => 'hi_IN',	'encoding' => 'utf-8'),
   'id_ID' => array ( 'name' => 'Indonesian','code' => 'id_ID',	'encoding' => 'iso-8859-1'),
   'it_IT' => array ( 'name' => 'Italian','code' => 'it_IT',	'encoding' => 'iso-8859-1'),
   'ka_GE' => array ( 'name' => 'Georgian','code' => 'ka_GE',	'encoding' => 'utf-8'),
-  'nl_BE' => array ( 'name' => 'Nederlands','code' => 'nl_BE',	'encoding' => 'iso-8859-1'),
+  'nb_NO' => array ( 'name' => 'Norwegian','code' => 'nb_NO',	'encoding' => 'iso-8859-1'),
+  'nl_BE' => array ( 'name' => 'Nederlands (Belgian)','code' => 'nl_BE',	'encoding' => 'iso-8859-1'),
+  'nl_NL' => array ( 'name' => 'Nederlands (Netherlands)','code' => 'nl_NL',	'encoding' => 'iso-8859-1'),
   'pl_PL' => array ( 'name' => 'Polski',	'code' => 'pl_PL',	'encoding' => 'iso-8859-2'),
-  'pt_BR' => array ( 'name' => 'Português','code' => 'pt_BR',	'encoding' => 'iso-8859-1'),
+  'pt_BR' => array ( 'name' => 'Português (Brasilia)','code' => 'pt_BR',	'encoding' => 'iso-8859-1'),
+  'pt_PT' => array ( 'name' => 'Português','code' => 'pt_PT',	'encoding' => 'iso-8859-1'),
   'sv_SE' => array ( 'name' => 'Svenska',	'code' => 'sv_SE',	'encoding' => 'iso-8859-1'),
+  'ta_IN' => array ( 'name' => 'Tamil',	'code' => 'ta_IN',	'encoding' => 'utf-8'),
+  'vi_VN' => array ( 'name' => 'Vietnamese',	'code' => 'vi_VN',	'encoding' => 'utf-8'),
   'zh_CN' => array ( 'name' => 'Chinese Simplifed',	'code' => 'zh_CN',	'encoding' => 'utf-8'),
 );
 
@@ -93,7 +130,7 @@ $Ajax = new Ajax();
 get_text_init();
 
 $i_lang = isset($_POST['inst_lang']) ? $_POST['inst_lang'] : 
- 	(isset($_SESSION['inst_set']['inst_lang']) ? $_SESSION['inst_set']['inst_lang'] : array('C'));
+ 	(isset($_SESSION['inst_set']['inst_lang']) ? $_SESSION['inst_set']['inst_lang'] : 'C');
 
 // Page Initialisation
 if (!isset($_SESSION['language']) || !method_exists($_SESSION['language'], 'set_language')
@@ -101,7 +138,8 @@ if (!isset($_SESSION['language']) || !method_exists($_SESSION['language'], 'set_
 {
 	$l = array_search_value($i_lang, $inst_langs,  'code');
 	$_SESSION['language'] = new language($l['name'], $l['code'], $l['encoding'],
-	 isset($l['rtl']) ? 'rtl' : 'ltr');
+	 @isset($l['rtl']) ? 'rtl' : 'ltr');
+
 }
 if (!isset($installed_languages))
 	$installed_languages = array();
@@ -128,10 +166,12 @@ ob_start('output_html',0);
 if (!isset($_SESSION["wa_current_user"]))
 	$_SESSION["wa_current_user"] = new current_user();
 
-$SysPrefs = &$_SESSION['SysPrefs'];
+html_cleanup($_GET);
+html_cleanup($_POST);
+html_cleanup($_REQUEST);
+html_cleanup($_SERVER);
 
 // POST vars cleanup needed for direct reuse.
 // We quote all values later with db_escape() before db update.
 	$_POST = strip_quotes($_POST);
 
-?>