|
@@ -1286,7 +1286,7 @@ RemoveHandler .php .php3 .phtml .cgi .fcgi .pl .fpl .shtml';
|
|
|
{
|
|
|
$fh = @fopen($path . '/index.php', 'w');
|
|
|
if ($fh) {
|
|
|
- fwrite($fh, '<?php
|
|
|
+ fwrite($fh, '<' . '?php
|
|
|
|
|
|
/**
|
|
|
* This file is here solely to protect your ' . $directoryname . ' directory.
|
|
@@ -1303,7 +1303,7 @@ if (file_exists(dirname(dirname(__FILE__)) . \'/Settings.php\'))
|
|
|
else
|
|
|
exit;
|
|
|
|
|
|
-?>');
|
|
|
+?'. '>');
|
|
|
fclose($fh);
|
|
|
}
|
|
|
$errors[] = 'index-php_cannot_create_file';
|
|
@@ -1354,4 +1354,29 @@ function constructBanQueryIP($fullip)
|
|
|
return $ban_query;
|
|
|
}
|
|
|
|
|
|
-?>
|
|
|
+/**
|
|
|
+* This sets the X-Frame-Options header.
|
|
|
+*
|
|
|
+* @param string $option the frame option, defaults to deny.
|
|
|
+* @return void.
|
|
|
+* @since 2.1
|
|
|
+*/
|
|
|
+function frameOptionsHeader($override = null)
|
|
|
+{
|
|
|
+ global $modSettings;
|
|
|
+
|
|
|
+ $option = 'SAMEORIGIN';
|
|
|
+ if (is_null($override) && !empty($modSettings['frame_security']))
|
|
|
+ $option = $modSettings['frame_security'];
|
|
|
+ elseif (in_array($override, array('SAMEORIGIN', 'DENY', 'SAMEORIGIN')))
|
|
|
+ $option = $override;
|
|
|
+
|
|
|
+ // Don't bother setting the header if we have disabled it.
|
|
|
+ if ($option == 'DISABLE')
|
|
|
+ return;
|
|
|
+
|
|
|
+ // Finally set it.
|
|
|
+ header('X-Frame-Options: ' . $option);
|
|
|
+}
|
|
|
+
|
|
|
+?>
|