/** * Routes both GET and POST requests with automatic CSRF protection. * * @param string $route Route pattern * @param callable $callback Route handler callback */ function form($route, $callback) { route(array('GET', 'POST'), $route, function () use(&$callback) { request_method('POST') && prevent_csrf(); apply($callback, func_get_args()); }); }
check_PHP_setting("magic_quotes_gpc", 0); check_PHP_setting("register_globals", 0); /* Create core objects */ $_database = new MySQLi_connection(DB_HOSTNAME, DB_DATABASE, DB_USERNAME, DB_PASSWORD); $_settings = new settings($_database); $_session = new session($_database, $_settings); $_user = new user($_database, $_settings, $_session); $_page = new page($_database, $_settings, $_user); $_output = new output($_database, $_settings, $_page); if (is_true(MULTILINGUAL)) { $_language = new language($_database, $_page, $_output); } /* Prevent Cross-Site Request Forgery */ prevent_csrf($_output, $_user); /* User switch warning */ if (isset($_SESSION["user_switch"])) { $real_user = $_database->entry("users", $_SESSION["user_switch"]); $_output->add_system_warning("User switch active! Switched from '%s' to '%s'.", $real_user["fullname"], $_user->fullname); } /* Include the model */ if (file_exists($file = "../models/" . $_page->module . ".php")) { include $file; } /* Add layout data to output XML */ $_output->open_tag("output"); if ($_output->add_layout_data) {