@$csrf_token = $_REQUEST['csrf_token'];
+ require_once "autoload.php";
require_once "sessions.php";
require_once "functions.php";
require_once "config.php";
require_once "db.php";
require_once "db-prefs.php";
- no_cache_incantation();
-
startup_gettext();
$script_started = microtime(true);
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
- if (!init_connection($link)) return;
+ if (!init_plugins($link)) return;
header("Content-Type: text/json; charset=utf-8");
}
if ($_SESSION["uid"]) {
+ if (!validate_session($link)) {
+ header("Content-Type: text/json");
+ print json_encode(array("error" => array("code" => 6)));
+ return;
+ }
load_user_plugins($link, $_SESSION["uid"]);
}