move xss prevention to end of lib.inc.php in case we override $lang[appcharset]

author xzilla <xzilla>

Thu, 31 May 2007 21:13:24 +0000 (21:13 +0000)

committer xzilla <xzilla>

Thu, 31 May 2007 21:13:24 +0000 (21:13 +0000)
author xzilla <xzilla>
Thu, 31 May 2007 21:13:24 +0000 (21:13 +0000)
committer xzilla <xzilla>
Thu, 31 May 2007 21:13:24 +0000 (21:13 +0000)
diff --git a/libraries/lib.inc.php b/libraries/lib.inc.php

index 18683a21ba58ae5a45659b2351e880b65f2fbc53..c20a97b7949d3e7123d3a9fd1204ada3d4088a7b 100644 (file)
--- a/libraries/lib.inc.php
+++ b/libraries/lib.inc.php
@@ -3,7 +3,7 @@
         /**
          * Function library read in upon startup
          *
-        * $Id: lib.inc.php,v 1.116 2007/05/31 15:54:18 xzilla Exp $
+        * $Id: lib.inc.php,v 1.117 2007/05/31 21:13:24 xzilla Exp $
          */
  
         include_once('./libraries/decorator.inc.php');
@@ -137,9 +137,6 @@
                 $_SESSION['webdbLanguage'] = $_language;
         }
  
-       // Prevent XSS attacks
-       $PHP_SELF = htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, $lang['appcharset']);
-
         // Check for config file version mismatch
         if (!isset($conf['version']) || $conf['base_version'] > $conf['version']) {
                 echo $lang['strbadconfig'];
@@ -215,6 +212,7 @@
                         else
                                 $lang['appcharset'] = $dbEncoding;
                 }
+       
                 
                 // Load Slony if required               
                 if ($_server_info['slony_support']) {
@@ -223,4 +221,7 @@
                 }
         }
  
+    // Prevent XSS attacks
+    $PHP_SELF = htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, $lang['appcharset']);
+
  ?>
author	xzilla <xzilla>
	Thu, 31 May 2007 21:13:24 +0000 (21:13 +0000)
committer	xzilla <xzilla>
	Thu, 31 May 2007 21:13:24 +0000 (21:13 +0000)