// escaping lib
require_once $gfcommon.'include/escapingUtils.php';
+if (isset($_SERVER) && array_key_exists('PHP_SELF', $_SERVER) && $_SERVER['PHP_SELF']) {
+ $_SERVER['PHP_SELF'] = htmlspecialchars($_SERVER['PHP_SELF']);
+}
+
+if (isset($GLOBALS) && array_key_exists('PHP_SELF', $GLOBALS) && $GLOBALS['PHP_SELF']) {
+ $GLOBALS['PHP_SELF'] = htmlspecialchars($GLOBALS['PHP_SELF']);
+}
+
// Just say no to link prefetching (Moz prefetching, Google Web Accelerator, others)
// http://www.google.com/webmasters/faq.html#prefetchblock
if (getStringFromServer('HTTP_X_moz') === 'prefetch'){
}
require $gfcgfile;
+require $gfcommon.'include/config.php';
+read_config ($gfconfig.'/fusionforge.ini') ;
// get constants used for flags or status
require $gfcommon.'include/constants.php';
require_once $gfcommon.'include/PluginManager.class.php' ;
// SCM-specific plugins subsystem
-require_once $gfcommon.'include/SCM.class.php' ;
+require_once $gfcommon.'include/SCMPlugin.class.php' ;
setup_plugin_manager () ;
//determine if they're logged in
session_set();
-
+plugin_hook('after_session_set');
//mandatory login
if (!session_loggedin() && $sys_force_login == 1 ) {
require_once $gfcommon.'include/gettext.php';
require_once $gfcommon.'include/group_section_texts.php';
-setup_gettext_from_browser() ;
+setup_gettext_from_context();
/*