$port = '';
if (! strstr($host, ':')) {
+ // Note: HTTP_X_FORWARDED_PROTO could be sent from the client and
+ // therefore possibly spoofed/hackable - for now, the
+ // administrator can tell SM to ignore this value by setting
+ // $sq_ignore_http_x_forwarded_headers to boolean TRUE in
+ // config/config_local.php, but in the future we may
+ // want to default this to TRUE and make administrators
+ // who use proxy systems turn it off (see 1.5.2+).
+ global $sq_ignore_http_x_forwarded_headers;
+ if ($sq_ignore_http_x_forwarded_headers
+ || !sqgetGlobalVar('HTTP_X_FORWARDED_PROTO', $forwarded_proto, SQ_SERVER))
+ $forwarded_proto = '';
if (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER)) {
if (($server_port != 80 && $proto == 'http://') ||
($server_port != 443 && $proto == 'https://' &&
*
* Returns a link to the compose-page, taking in consideration
* the compose_in_new and javascript settings.
- * @param string $url the URL to the compose page
- * @param string $text the link text, default "Compose"
- * @param string $target (since 1.4.3) url target
+ *
+ * @param string $url The URL to the compose page
+ * @param string $text The link text, default "Compose"
+ * @param string $target URL target, if any (since 1.4.3)
+ * @param string $accesskey The access key to be used, if any
+ *
* @return string a link to the compose page
+ *
* @since 1.4.2
*/
-function makeComposeLink($url, $text = null, $target='') {
+function makeComposeLink($url, $text = null, $target='', $accesskey='NONE') {
global $compose_new_win, $compose_width,
$compose_height, $oTemplate;
// if not using "compose in new window", make
// regular link and be done with it
if($compose_new_win != '1') {
- return makeInternalLink($url, $text, $target);
+ return makeInternalLink($url, $text, $target, $accesskey);
}
// build the compose in new window link...
sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION);
$compuri = SM_BASE_URI.$url;
- return create_hyperlink('javascript:void(0)', $text, '', "comp_in_new('$compuri','$compose_width','$compose_height')");
+ return create_hyperlink('javascript:void(0)', $text, '',
+ "comp_in_new('$compuri','$compose_width','$compose_height')",
+ '', '', '',
+ ($accesskey == 'NONE'
+ ? array()
+ : array('accesskey' => $accesskey)));
}
// otherwise, just open new window using regular HTML
- return makeInternalLink($url, $text, '_blank');
+ return makeInternalLink($url, $text, '_blank', $accesskey);
}
/**