From bc99f513fcaa812f68b72e4885d85e6ff522e053 Mon Sep 17 00:00:00 2001
From: Tim Otten <totten@civicrm.org>
Date: Mon, 8 Sep 2014 21:20:44 -0700
Subject: [PATCH] CRM-15248 - footer.tpl - For front-end users, redact
 point-release.

On one hand, giving a precise version can help attackers match their targets
with exploits.  On the other hand, giving some kind of version indication is
useful for support and marketing.  This PR attempts to balance the interests
by giving a precise version ("Powered by CiviCRM 4.4.6") to users with
permission "access CiviCRM" while giving a coarse-version ("Powered by
CiviCRM 4.4") to anyone else.
---
 .../Smarty/plugins/function.crmVersion.php    | 60 +++++++++++++++++++
 templates/CRM/common/footer.tpl               |  2 +-
 2 files changed, 61 insertions(+), 1 deletion(-)
 create mode 100644 CRM/Core/Smarty/plugins/function.crmVersion.php

diff --git a/CRM/Core/Smarty/plugins/function.crmVersion.php b/CRM/Core/Smarty/plugins/function.crmVersion.php
new file mode 100644
index 0000000000..ad8c0d4274
--- /dev/null
+++ b/CRM/Core/Smarty/plugins/function.crmVersion.php
@@ -0,0 +1,60 @@
+<?php
+/*
+ +--------------------------------------------------------------------+
+ | CiviCRM version 4.4                                                |
+ +--------------------------------------------------------------------+
+ | Copyright CiviCRM LLC (c) 2004-2014                                |
+ +--------------------------------------------------------------------+
+ | This file is a part of CiviCRM.                                    |
+ |                                                                    |
+ | CiviCRM is free software; you can copy, modify, and distribute it  |
+ | under the terms of the GNU Affero General Public License           |
+ | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
+ |                                                                    |
+ | CiviCRM is distributed in the hope that it will be useful, but     |
+ | WITHOUT ANY WARRANTY; without even the implied warranty of         |
+ | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
+ | See the GNU Affero General Public License for more details.        |
+ |                                                                    |
+ | You should have received a copy of the GNU Affero General Public   |
+ | License and the CiviCRM Licensing Exception along                  |
+ | with this program; if not, contact CiviCRM LLC                     |
+ | at info[AT]civicrm[DOT]org. If you have questions about the        |
+ | GNU Affero General Public License or the licensing of CiviCRM,     |
+ | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
+ +--------------------------------------------------------------------+
+*/
+
+/**
+ *
+ * @package CRM
+ * @copyright TTTP
+ * $Id$
+ *
+ */
+
+/**
+ * Display the CiviCRM version
+ *
+ * @code
+ * The version is {crmVersion}.
+ *
+ * {crmVersion redact=auto assign=ver}The version is {$ver}.
+ * @endcode
+ */
+function smarty_function_crmVersion($params, &$smarty) {
+  $version = CRM_Utils_System::version();
+
+  $redact = !CRM_Core_Permission::check('access CiviCRM');
+  if ($redact) {
+    $parts = explode('.', $version);
+    $version = $parts[0] . '.' . $parts[1];
+  }
+
+  if (isset($params['assign'])) {
+    $smarty->assign($params['assign'], $version);
+  }
+  else {
+    return $version;
+  }
+}
\ No newline at end of file
diff --git a/templates/CRM/common/footer.tpl b/templates/CRM/common/footer.tpl
index abb4bf6f0c..454eb01791 100644
--- a/templates/CRM/common/footer.tpl
+++ b/templates/CRM/common/footer.tpl
@@ -29,7 +29,7 @@
 {/if}
 
 <div class="crm-footer" id="civicrm-footer">
-  {include file="CRM/common/version.tpl" assign=version}
+  {crmVersion assign=version}
   {ts 1=$version}Powered by CiviCRM %1.{/ts}
   {if !empty($newer_civicrm_version)}
     <span class="status">{ts 1=$newer_civicrm_version}A newer version (%1){/ts}
-- 
2.25.1