From 04d066e9ba3cf17c3d235eb03bdd1011972123d2 Mon Sep 17 00:00:00 2001
From: Patrick Cool <patrick.cool@ugent.be>
Date: Wed, 4 Apr 2007 23:38:50 +0200
Subject: [PATCH] [svn r11875] $_SERVER['PHP_SELF'], api_get_self()

---
 main/inc/global.inc.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/main/inc/global.inc.php b/main/inc/global.inc.php
index 2ee2e67f20..eb454ff6b0 100644
--- a/main/inc/global.inc.php
+++ b/main/inc/global.inc.php
@@ -406,4 +406,7 @@ if(mysql_num_rows($q_last_connection) > 0)
 	$s_sql_update_logout_date="UPDATE $tbl_track_login SET logout_date=NOW() WHERE login_id='$i_id_last_connection'";
 	api_sql_query($s_sql_update_logout_date);
 }
+
+// preventing XSS injections on all scripts at once
+$_SERVER['PHP_SELF'] = api_get_self();
 ?>
\ No newline at end of file