$path .= $parts['basename'];
}
$path = str_replace('\\', '/', $path) . '/';
session_set_cookie_params(0, $path);
session_start();
// make sure we don't cross site session steal in our own site
if (!isset($_SESSION['PWD']) || __FILE__ != $_SESSION['PWD']) {
$_SESSION = array();
}
$_SESSION['PWD'] = __FILE__;
// set a token, we'll be passing one around a lot
if (!isset($_SESSION['token'])) {
$_SESSION['token'] = md5(uniqid(rand(), true));
}
if (!defined('DEBUG')) {
if (test_debug()) {
define('DEBUG', true);
// DO NOT CHANGE THIS ONE
} else {
define('DEBUG', (bool) $debug);
// set to true for output of debugging code
}
if (DEBUG) {
if (isset($_GET['DEBUG'])) {
$GLOBALS['_&_DEBUG_QUERY'] = '&DEBUG=' . $_GET['DEBUG'];
$GLOBALS['_?_DEBUG_QUERY'] = '?DEBUG=' . $_GET['DEBUG'];
} else {
$GLOBALS['_&_DEBUG_QUERY'] = '';
$GLOBALS['_?_DEBUG_QUERY'] = '?z';
}
}
<?php
$GLOBALS['NODEBUG'] = true;
$GLOBALS['AJAX'] = true;
// don't require log in when testing for used usernames and emails
if (isset($_POST['validity_test']) || isset($_GET['validity_test']) && isset($_GET['DEBUG'])) {
define('LOGIN', false);
}
require_once 'includes/inc.global.php';
// make sure we are running this file directly
// (although this will always be a non-false value, so... ???)
$pos = strpos(__FILE__, preg_replace('%[\\/]+%', DIRECTORY_SEPARATOR, $_SERVER['SCRIPT_NAME']));
if (false !== $pos && test_debug()) {
$GLOBALS['NODEBUG'] = false;
$_GET['token'] = $_SESSION['token'];
$_GET['keep_token'] = true;
$_POST = $_GET;
$DEBUG = true;
call('AJAX HELPER');
call($_POST);
}
// run the index page refresh checks
if (isset($_POST['timer'])) {
$message_count = (int) Message::check_new($_SESSION['player_id']);
$turn_count = (int) Game::check_turns($_SESSION['player_id']);
echo $message_count + $turn_count;
exit;
}
// run registration checks
if (isset($_POST['validity_test'])) {
# if (('email' == $_POST['type']) && ('' == $_POST['value'])) {
