Just fiddling. Give credit where credit is due. Template class header() function...

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13283 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/class/template/Template.class.php b/class/template/Template.class.php
index f6718178845a81742c1d9a28a0bf8b53253e6774..204b7d3af19f03082a76d0760c7f72b6d95ceeca 100644 (file)
--- a/class/template/Template.class.php
+++ b/class/template/Template.class.php
@@ -1389,16 +1389,23 @@ FIXME: We could make the incoming array more complex so it can
       *
       * @param mixed $headers A list of (or a single) header
       *                       text to be sent.
+      * @param boolean $replace Whether or not to replace header(s)
+      *                         previously sent header(s) of the
+      *                         same type (this parameter may be
+      *                         ignored in some implementations
+      *                         of this class if the target interface
+      *                         does not support this functionality)
+      *                         (OPTIONAL; default = TRUE, always replace).
       *
       */
-    function header($headers)
+    function header($headers, $replace=TRUE)
     {
 
         if (!is_array($headers)) $headers = array($headers);
 
         foreach ($headers as $header) {
             $this->assign('header', $header);
-            header($this->fetch('header.tpl'));
+            header($this->fetch('header.tpl'), $replace);
         }
 
     }

diff --git a/functions/page_header.php b/functions/page_header.php
index 377beacfadbcf4164d37fa5a6edd498fa5c349cd..12be877beacb810354184395c2040db50f85a39c 100644 (file)
--- a/functions/page_header.php
+++ b/functions/page_header.php
@@ -41,6 +41,10 @@ function displayHtmlHeader( $title = 'SquirrelMail', $xtra = '', $do_hook = TRUE
     $oTemplate->header('Pragma: no-cache'); // http 1.0 (rfc1945)
     $oTemplate->header('Cache-Control: private, no-cache, no-store'); // http 1.1 (rfc2616)
 
+    // don't show version as a security measure
+    //$oTemplate->header('X-Powered-By: SquirrelMail/' . SM_VERSION, FALSE);
+    $oTemplate->header('X-Powered-By: SquirrelMail', FALSE);
+
     $oTemplate->assign('frames', $frames);
     $oTemplate->assign('lang', $squirrelmail_language);
 

diff --git a/src/style.php b/src/style.php
index 9b9202b9755262c6d7f7da05c546b66b88350408..6b01063446ddb2dcb4fb7e4178f8617a8071d5ec 100644 (file)
--- a/src/style.php
+++ b/src/style.php
@@ -180,16 +180,20 @@ if ( $lastmod = @filemtime(SM_PATH . $oTemplate->get_template_file_directory()
                          . 'css/stylesheet.tpl') ) {
     $gmlastmod = gmdate('D, d M Y H:i:s', $lastmod) . ' GMT';
     $expires = gmdate('D, d M Y H:i:s', strtotime('+1 week')) . ' GMT';
-    header('Last-Modified: ' . $gmlastmod);
-    header('Expires: '. $expires);
-    header('Pragma: ');
-    header('Cache-Control: public, must-revalidate');
+    $oTemplate->header('Last-Modified: ' . $gmlastmod);
+    $oTemplate->header('Expires: '. $expires);
+    $oTemplate->header('Pragma: ');
+    $oTemplate->header('Cache-Control: public, must-revalidate');
 }
 // Steve, why did you remove this?  Is it irrelevant now?  If so, let's 
 // remove the rest of the references to it here (note that it is being
 // used above in the filetime() statement) and elsewhere
 // $oTemplate->display('css/stylesheet.tpl');
 
+// don't show version as a security measure
+//$oTemplate->header('X-Powered-By: SquirrelMail/' . SM_VERSION, FALSE);
+$oTemplate->header('X-Powered-By: SquirrelMail', FALSE);
+
 /**
  * Additional styles are now handled by adding stylesheets to 
  * templates/<template>/css/, so here, we simply define some