| | |
|---|
| | | ini_set('session.gc_maxlifetime', 21600); |
|---|
| | | ini_set('session.gc_divisor', 500); |
|---|
| | | ini_set('error_reporting', E_ALL&~E_NOTICE); |
|---|
| | | set_magic_quotes_runtime(0); |
|---|
| | | |
|---|
| | | // increase maximum execution time for php scripts |
|---|
| | | // (does not work in safe mode) |
|---|
| | |
|---|
| | | // check client X-header to verify request origin |
|---|
| | | if ($OUTPUT->ajax_call) |
|---|
| | | { |
|---|
| | | $hdrs = getallheaders(); |
|---|
| | | if (empty($hdrs['X-RoundCube-Referer']) && empty($CONFIG['devel_mode'])) |
|---|
| | | if (empty($CONFIG['devel_mode']) && !rc_request_header('X-RoundCube-Referer')) |
|---|
| | | { |
|---|
| | | header('HTTP/1.1 404 Not Found'); |
|---|
| | | die("Invalid Request"); |
|---|
