lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: DOL_MAIN_URL_ROOT est dfini dans master.inc.php

Browse Source
This commit is contained in:
Regis Houssin 2009-05-16 12:31:17 +00:00
parent 2306a4c305
commit 7285270f1c
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
htdocs/main.inc.php
View File

@ -107,13 +107,6 @@ function analyse_sql_injection(&$var)
analyse_sql_injection($_GET);
analyse_sql_injection($_POST);
// Security: CSRF protection
if (! defined('NOCSRFCHECK') && ! empty($_SERVER['HTTP_REFERER']) && !eregi(DOL_MAIN_URL_ROOT, $_SERVER['HTTP_REFERER']))
{
unset($_GET);
unset($_POST);
}
// This is to make Dolibarr working with Plesk
set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
@ -121,6 +114,15 @@ set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
// This include will set: $conf, $langs and $mysoc objects
require_once("master.inc.php");
// Security: CSRF protection
//print 'HTTP_REFERER='.$_SERVER['HTTP_REFERER'].'<br>';
//print 'DOL_MAIN_URL_ROOT='.DOL_MAIN_URL_ROOT.'<br>';
if (! defined('NOCSRFCHECK') && ! empty($_SERVER['HTTP_REFERER']) && !eregi(DOL_MAIN_URL_ROOT, $_SERVER['HTTP_REFERER']))
{
unset($_GET);
unset($_POST);
}
// Check if HTTPS
if ($conf->file->main_force_https)
{