add a quick hack for XSS protection

author: Luke Shumaker <lukeshu@sbcglobal.net> 2011-09-25 16:13:34 -0700
committer: Luke Shumaker <lukeshu@sbcglobal.net> 2011-09-25 16:13:34 -0700
commit: 514d9393ff9d7752426aaaa9b840ee1f94229491 (patch)
tree: 9988255c858944c768692730673672f0645bb62f /index.php
parent: d9043d59d9109a0fb8350b9829806b7cab910425 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/index.php b/index.php
index 1148b1d..ad16995 100644
--- a/index.php
+++ b/index.php
@@ -2,6 +2,15 @@
 // What directory are we in on the server.
 define('BASEPATH', dirname(__FILE__));
 
+$xss_file = BASEPATH.'/xss-check.php';
+if (file_exists($xss_file)) {
+	require($xss_file);
+	if (xss_attack()) {
+		echo "execution halted to prevent XSS attack.";
+		exit();
+	}
+}
+
 // Decide where to look for things
 define('LIBPATH',        BASEPATH.'/src/lib'.PATH_SEPARATOR.BASEPATH.'/src/ext');
 define('MODELPATH',      BASEPATH.'/src/models');
author	Luke Shumaker <lukeshu@sbcglobal.net>	2011-09-25 16:13:34 -0700
committer	Luke Shumaker <lukeshu@sbcglobal.net>	2011-09-25 16:13:34 -0700
commit	514d9393ff9d7752426aaaa9b840ee1f94229491 (patch)
tree	9988255c858944c768692730673672f0645bb62f /index.php
parent	d9043d59d9109a0fb8350b9829806b7cab910425 (diff)