Fix: DOL_MAIN_URL_ROOT est dfini dans master.inc.php

This commit is contained in:
Regis Houssin 2009-05-16 12:31:17 +00:00
parent 2306a4c305
commit 7285270f1c

View File

@ -107,13 +107,6 @@ function analyse_sql_injection(&$var)
analyse_sql_injection($_GET);
analyse_sql_injection($_POST);
// Security: CSRF protection
if (! defined('NOCSRFCHECK') && ! empty($_SERVER['HTTP_REFERER']) && !eregi(DOL_MAIN_URL_ROOT, $_SERVER['HTTP_REFERER']))
{
unset($_GET);
unset($_POST);
}
// This is to make Dolibarr working with Plesk
set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
@ -121,6 +114,15 @@ set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
// This include will set: $conf, $langs and $mysoc objects
require_once("master.inc.php");
// Security: CSRF protection
//print 'HTTP_REFERER='.$_SERVER['HTTP_REFERER'].'<br>';
//print 'DOL_MAIN_URL_ROOT='.DOL_MAIN_URL_ROOT.'<br>';
if (! defined('NOCSRFCHECK') && ! empty($_SERVER['HTTP_REFERER']) && !eregi(DOL_MAIN_URL_ROOT, $_SERVER['HTTP_REFERER']))
{
unset($_GET);
unset($_POST);
}
// Check if HTTPS
if ($conf->file->main_force_https)
{