From 1f2f93e6751d2c1b957aa7d197269b5c49df5d72 Mon Sep 17 00:00:00 2001 From: pdontthink Date: Wed, 24 Sep 2008 01:56:59 +0000 Subject: [PATCH] Just fiddling. Give credit where credit is due. Template class header() function now supports the 'replace' argument. git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13283 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- class/template/Template.class.php | 11 +++++++++-- functions/page_header.php | 4 ++++ src/style.php | 12 ++++++++---- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/class/template/Template.class.php b/class/template/Template.class.php index f6718178..204b7d3a 100644 --- a/class/template/Template.class.php +++ b/class/template/Template.class.php @@ -1389,16 +1389,23 @@ FIXME: We could make the incoming array more complex so it can * * @param mixed $headers A list of (or a single) header * text to be sent. + * @param boolean $replace Whether or not to replace header(s) + * previously sent header(s) of the + * same type (this parameter may be + * ignored in some implementations + * of this class if the target interface + * does not support this functionality) + * (OPTIONAL; default = TRUE, always replace). * */ - function header($headers) + function header($headers, $replace=TRUE) { if (!is_array($headers)) $headers = array($headers); foreach ($headers as $header) { $this->assign('header', $header); - header($this->fetch('header.tpl')); + header($this->fetch('header.tpl'), $replace); } } diff --git a/functions/page_header.php b/functions/page_header.php index 377beacf..12be877b 100644 --- a/functions/page_header.php +++ b/functions/page_header.php @@ -41,6 +41,10 @@ function displayHtmlHeader( $title = 'SquirrelMail', $xtra = '', $do_hook = TRUE $oTemplate->header('Pragma: no-cache'); // http 1.0 (rfc1945) $oTemplate->header('Cache-Control: private, no-cache, no-store'); // http 1.1 (rfc2616) + // don't show version as a security measure + //$oTemplate->header('X-Powered-By: SquirrelMail/' . SM_VERSION, FALSE); + $oTemplate->header('X-Powered-By: SquirrelMail', FALSE); + $oTemplate->assign('frames', $frames); $oTemplate->assign('lang', $squirrelmail_language); diff --git a/src/style.php b/src/style.php index 9b9202b9..6b010634 100644 --- a/src/style.php +++ b/src/style.php @@ -180,16 +180,20 @@ if ( $lastmod = @filemtime(SM_PATH . $oTemplate->get_template_file_directory() . 'css/stylesheet.tpl') ) { $gmlastmod = gmdate('D, d M Y H:i:s', $lastmod) . ' GMT'; $expires = gmdate('D, d M Y H:i:s', strtotime('+1 week')) . ' GMT'; - header('Last-Modified: ' . $gmlastmod); - header('Expires: '. $expires); - header('Pragma: '); - header('Cache-Control: public, must-revalidate'); + $oTemplate->header('Last-Modified: ' . $gmlastmod); + $oTemplate->header('Expires: '. $expires); + $oTemplate->header('Pragma: '); + $oTemplate->header('Cache-Control: public, must-revalidate'); } // Steve, why did you remove this? Is it irrelevant now? If so, let's // remove the rest of the references to it here (note that it is being // used above in the filetime() statement) and elsewhere // $oTemplate->display('css/stylesheet.tpl'); +// don't show version as a security measure +//$oTemplate->header('X-Powered-By: SquirrelMail/' . SM_VERSION, FALSE); +$oTemplate->header('X-Powered-By: SquirrelMail', FALSE); + /** * Additional styles are now handled by adding stylesheets to * templates/