<?php
require_once (__ROOT__.'/classes/XMLHandler.php');
/* ------------------------------------------
* initialize XML handler
* ------------------------------------------ */
$lXMLAccountFilePath = "./data/accounts.xml";
$XMLHandler = new XMLHandler("owasp-esapi-php/src/", $_SESSION["security-level"]);
$XMLHandler->SetDataSource($lXMLAccountFilePath);
try{
switch ($_SESSION["security-level"]){
case "0": // This code is insecure
$lEnableHTMLControls = FALSE;
$lFormMethod = "GET";
$lEnableJavaScriptValidation = FALSE;
$lProtectAgainstMethodTampering = FALSE;
$lEncodeOutput = FALSE;
$lProtectAgainstXPathInjection = FALSE;
break;
case "1": // This code is insecure
$lEnableHTMLControls = TRUE;
$lFormMethod = "GET";
$lEnableJavaScriptValidation = TRUE;
$lProtectAgainstMethodTampering = FALSE;
$lEncodeOutput = FALSE;
$lProtectAgainstXPathInjection = FALSE;
break;
case "2":