/**
* Routes both GET and POST requests with automatic CSRF protection.
*
* @param string $route Route pattern
* @param callable $callback Route handler callback
*/
function form($route, $callback)
{
route(array('GET', 'POST'), $route, function () use(&$callback) {
request_method('POST') && prevent_csrf();
apply($callback, func_get_args());
});
}
check_PHP_setting("magic_quotes_gpc", 0);
check_PHP_setting("register_globals", 0);
/* Create core objects
*/
$_database = new MySQLi_connection(DB_HOSTNAME, DB_DATABASE, DB_USERNAME, DB_PASSWORD);
$_settings = new settings($_database);
$_session = new session($_database, $_settings);
$_user = new user($_database, $_settings, $_session);
$_page = new page($_database, $_settings, $_user);
$_output = new output($_database, $_settings, $_page);
if (is_true(MULTILINGUAL)) {
$_language = new language($_database, $_page, $_output);
}
/* Prevent Cross-Site Request Forgery
*/
prevent_csrf($_output, $_user);
/* User switch warning
*/
if (isset($_SESSION["user_switch"])) {
$real_user = $_database->entry("users", $_SESSION["user_switch"]);
$_output->add_system_warning("User switch active! Switched from '%s' to '%s'.", $real_user["fullname"], $_user->fullname);
}
/* Include the model
*/
if (file_exists($file = "../models/" . $_page->module . ".php")) {
include $file;
}
/* Add layout data to output XML
*/
$_output->open_tag("output");
if ($_output->add_layout_data) {
