Fixed problem with too early SysPrefs reference.

diff --git a/includes/session.inc b/includes/session.inc
index b5cb1e2ea3637ed5efe47a321cf8f6e8c2dc1549..003adc78988c9922f0a972d7272467f4ae51730a 100644 (file)
--- a/includes/session.inc
+++ b/includes/session.inc
@@ -342,16 +342,6 @@ if (!isset($path_to_root))
        $path_to_root = ".";
 }
 
-//----------------------------------------------------------------------------------------
-// set to reasonable values if not set in config file (pre-2.3.12 installations)
-
-if ((!isset($SysPrefs->login_delay)) || ($SysPrefs->login_delay < 0))
-    $SysPrefs->login_delay = 10;
-
-if ((!isset($SysPrefs->login_max_attempts)) || ($SysPrefs->login_max_attempts < 0))
-    $SysPrefs->login_max_attempts = 3; 
-
-
 // Prevent register_globals vulnerability
 if (isset($_GET['path_to_root']) || isset($_POST['path_to_root']))
        die("Restricted access");
@@ -383,6 +373,15 @@ $_SESSION['SysPrefs'] = new sys_prefs();
 
 $SysPrefs = &$_SESSION['SysPrefs'];
 
+//----------------------------------------------------------------------------------------
+// set to reasonable values if not set in config file (pre-2.3.12 installations)
+
+if ((!isset($SysPrefs->login_delay)) || ($SysPrefs->login_delay < 0))
+    $SysPrefs->login_delay = 10;
+
+if ((!isset($SysPrefs->login_max_attempts)) || ($SysPrefs->login_max_attempts < 0))
+    $SysPrefs->login_max_attempts = 3; 
+
 if ($SysPrefs->go_debug > 0)
        error_reporting(-1);
 else