*/ /* We use the session on this page */ if (!isset($_SESSION["security-level"])) { session_start(); } // end if /* ------------------------------------------ * Constants used in application * ------------------------------------------ */ require_once './includes/constants.php'; require_once __ROOT__ . '/includes/minimum-class-definitions.php'; /* ------------------------------------------ * initialize balloon-hint handler * ------------------------------------------ */ require_once __ROOT__ . '/classes/BubbleHintHandler.php'; $BubbleHintHandler = new BubbleHintHandler(__ROOT__ . "/owasp-esapi-php/src/", $_SESSION["security-level"]); /* ------------------------------------------ * initialize Client Information Handler * ------------------------------------------ */ require_once __ROOT__ . '/classes/ClientInformationHandler.php'; $lClientInformationHandler = new ClientInformationHandler(); try { switch ($_SESSION["security-level"]) { case "0": // this code is insecure // this code is insecure case "1": // this code is insecure $lProtectAgainstSQLInjection = FALSE; break; //case "0"
$SQLQueryHandler = &$_SESSION["Objects"]["SQLQueryHandler"]; */ $SQLQueryHandler = new SQLQueryHandler(__ROOT__ . '/owasp-esapi-php/src/', $_SESSION["security-level"]); /* ------------------------------------------ * initialize balloon-hint handler * ------------------------------------------ */ /* if (!is_object($_SESSION["Objects"]["BubbleHintHandler"])){ $_SESSION["Objects"]["BubbleHintHandler"] = new BubbleHintHandler(__ROOT__.'/owasp-esapi-php/src/', $_SESSION["security-level"]); }// end if // Set up an alias by reference so object can be referenced in memory without copying $BubbleHintHandler = &$_SESSION["Objects"]["BubbleHintHandler"]; */ $BubbleHintHandler = new BubbleHintHandler(__ROOT__ . '/owasp-esapi-php/src/', $_SESSION["security-level"]); if ($_SESSION["showhints"] != $BubbleHintHandler->getHintLevel()) { $BubbleHintHandler->setHintLevel($_SESSION["showhints"]); } //end if /* ------------------------------------------ * initialize remote file handler * ------------------------------------------ */ $RemoteFileHandler = new RemoteFileHandler(__ROOT__ . '/owasp-esapi-php/src/', $_SESSION["security-level"]); /* ------------------------------------------ * initialize required software handler * ------------------------------------------ */ $RequiredSoftwareHandler = new RequiredSoftwareHandler(__ROOT__ . '/owasp-esapi-php/src/', $_SESSION["security-level"]); /* ------------------------------------------ * PROCESS REQUESTS * ------------------------------------------ */