}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && !defined('COT_NO_ANTIXSS') && (!defined('COT_AUTH') && $x != $sys['xk'] && (empty($sys['xk_prev']) || $x != $sys['xk_prev']) || $cfg['referercheck'] && !preg_match('`https?://([^/]+\\.)?' . preg_quote($sys['domain']) . '(/|:|$)`i', $_SERVER['HTTP_REFERER']))) {
$cot_error = true;
cot_die_message(950, TRUE, '', '', $_SERVER['HTTP_REFERER']);
}
/* ============ Head Resources ===========*/
if (!COT_AJAX) {
// May Be move it to header.php?
if (!isset($cot_rc_html[$theme]) || !$cache || !$cfg['headrc_consolidate'] || defined('COT_ADMIN')) {
// Load standard resources
cot_rc_add_standard();
// Invoke rc handlers
foreach (cot_getextplugins('rc') as $pl) {
include $pl;
}
}
if (!defined('COT_ADMIN')) {
if (file_exists("{$cfg['themes_dir']}/{$usr['theme']}/{$usr['theme']}.rc.php")) {
include "{$cfg['themes_dir']}/{$usr['theme']}/{$usr['theme']}.rc.php";
}
}
}
/* ============ /Head Resources ===========*/
// Cotonti-specific XTemplate initialization
if (class_exists('XTemplate')) {
XTemplate::init(array('cache' => $cfg['xtpl_cache'], 'cache_dir' => $cfg['cache_dir'], 'cleanup' => $cfg['html_cleanup'], 'debug' => $cfg['debug_mode'], 'debug_output' => (bool) $_GET['tpl_debug']));
}
/* ======== Global hook ======== */
foreach (cot_getextplugins('global') as $pl) {
include $pl;
}
