} elseif (!empty($_GET['security_token']) and getToken() != $_GET['security_token']) {
$csrf_error = true;
}
}
if ($csrf_error) {
$params = array();
$params['environment'] = $environment;
$params['with_modifying_actions'] = true;
$errorbox = $class_factory->getClass(ERRORBOX_VIEW, $params);
unset($params);
$errorbox->setText($translator->getMessage('ERROR_CROSS_SITE_REQUEST_FORGERY'));
}
unset($csrf_error);
}
/*********** javascript check *************/
if (!$outofservice and $environment->isOutputModeNot('XML') and $environment->isOutputModeNot('JSON') and $environment->isOutputModeNot('BLANK') and !($environment->getCurrentModule() == 'ajax') and !$session->issetValue('javascript') and !isset($_GET['jscheck']) and !($environment->getCurrentModule() == 'file' and $environment->getCurrentFunction() == 'upload') and !($environment->getCurrentModule() == 'material' and $environment->getCurrentFunction() == 'getfile') and !($environment->getCurrentModule() == 'room' and $environment->getCurrentFunction() == 'change') and !($environment->getCurrentModule() == 'context' and $environment->getCurrentFunction() == 'login')) {
include_once 'pages/context_reload.php';
exit;
}
if (isset($_GET['jscheck']) and $environment->isOutputModeNot('XML') and $environment->isOutputModeNot('JSON') and $environment->isOutputModeNot('BLANK') and (empty($_POST) or count($_POST) == 1 and !empty($_POST['HTTP_ACCEPT_LANGUAGE']))) {
$session = $environment->getSessionItem();
if (isset($session) and !$session->issetValue('javascript')) {
if (isset($_GET['isJS'])) {
$session->setValue('javascript', 1);
} else {
}
}
if (isset($session) and !$session->issetValue('https')) {
if (isset($_GET['https'])) {
if (!empty($_GET['https']) and $_GET['https'] == 1) {
$session->setValue('https', 1);
