MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
***********************************************************************/
+define('VARLIB_PATH', $path_to_root.'/tmp');
+define('VARLOG_PATH', $path_to_root.'/tmp');
class SessionManager
{
{
global $path_to_root;
- echo "<center><br><br><font size='5' color='red'><b>" . _("Incorrect Email") . "<b></font><br><br>";
- echo "<b>" . _("The email address does not exist in the system, or is used by more than one user.") . "<b><br><br>";
+ echo "<center><br><br><font size='5' color='red'><b>" . _("Incorrect Email") . "<b></font><br><br>";
+ echo "<b>" . _("The email address does not exist in the system, or is used by more than one user.") . "<b><br><br>";
- echo _("Plase try again or contact your system administrator to obtain new password.");
- echo "<br><a href='$path_to_root/index.php?reset=1'>" . _("Try again") . "</a>";
- echo "</center>";
+ echo _("Plase try again or contact your system administrator to obtain new password.");
+ echo "<br><a href='$path_to_root/index.php?reset=1'>" . _("Try again") . "</a>";
+ echo "</center>";
kill_login();
die();
{
global $path_to_root;
- echo "<center><br><br><font size='5' color='green'><b>" . _("New password sent") . "<b></font><br><br>";
- echo "<b>" . _("A new password has been sent to your mailbox.") . "<b><br><br>";
+ echo "<center><br><br><font size='5' color='green'><b>" . _("New password sent") . "<b></font><br><br>";
+ echo "<b>" . _("A new password has been sent to your mailbox.") . "<b><br><br>";
- echo "<br><a href='$path_to_root/index.php'>" . _("Login here") . "</a>";
- echo "</center>";
+ echo "<br><a href='$path_to_root/index.php'>" . _("Login here") . "</a>";
+ echo "</center>";
kill_login();
die();
$msg .= "*/\n";
$msg .= "\$login_faillog = " .var_export($login_faillog, true). ";\n";
- $filename = $path_to_root."/tmp/faillog.php";
+ $filename = VARLIB_PATH."/faillog.php";
- if ((!file_exists($filename) && is_writable($path_to_root.'/tmp')) || is_writable($filename))
+ if ((!file_exists($filename) && is_writable(VARLIB_PATH)) || is_writable($filename))
{
file_put_contents($filename, $msg);
cache_invalidate($filename);
//
function strip_quotes($data)
{
- if(get_magic_quotes_gpc()) {
+ if(version_compare(phpversion(), '5.4', '<') && get_magic_quotes_gpc()) {
if(is_array($data)) {
foreach($data as $k => $v) {
$data[$k] = strip_quotes($data[$k]);
include_once($path_to_root . "/includes/errors.inc");
// colect all error msgs
set_error_handler('error_handler' /*, errtypes */);
+set_exception_handler('exception_handler');
include_once($path_to_root . "/includes/current_user.inc");
include_once($path_to_root . "/frontaccounting.php");
if (file_exists($path_to_root.'/'.$ext['path'].'/hooks.php'))
include_once($path_to_root.'/'.$ext['path'].'/hooks.php');
}
+
+ini_set('session.gc_maxlifetime', 36000); // moved from below.
+
$Session_manager = new SessionManager();
$Session_manager->sessionStart('FA'.md5(dirname(__FILE__)));
to avoid unexpeced session timeouts.
Make sure this directory exists and is writable!
*/
-// ini_set('session.save_path', dirname(__FILE__).'/../tmp/');
+// ini_set('session.save_path', VARLIB_PATH.'/');
-ini_set('session.gc_maxlifetime', 36000); // 10hrs
+// ini_set('session.gc_maxlifetime', 36000); // 10hrs - moved to before session_manager
hook_session_start(@$_POST["company_login_name"]);
get_text_init();
-if ($SysPrefs->login_delay > 0)
- @include_once($path_to_root . "/tmp/faillog.php");
+if ($SysPrefs->login_delay > 0 && file_exists(VARLIB_PATH."/faillog.php"))
+ include_once(VARLIB_PATH."/faillog.php");
// Page Initialisation
if (!isset($_SESSION['wa_current_user']) || !$_SESSION['wa_current_user']->logged_in()
login_timeout();
- if (!$_SESSION["wa_current_user"]->old_db)
+ if (!$_SESSION["wa_current_user"]->old_db && file_exists($path_to_root . '/company/'.user_company().'/installed_extensions.php'))
include($path_to_root . '/company/'.user_company().'/installed_extensions.php');
install_hooks();
{
// in case of GET request redirect to avoid confirmation dialog
// after return from menu option
- header("HTTP/1.1 303 See Other");
+ header("HTTP/1.1 307 Temporary Redirect");
header("Location: ".$_SESSION['timeout']['uri']);
exit();
}