githubFork/roundcubemail.git

			@@ -5,7 +5,7 @@
			\| program/include/main.inc \|
			\| \|
			\| This file is part of the RoundCube Webmail client \|
			\| Copyright (C) 2005, RoundCube Dev, - Switzerland \|
			\| Copyright (C) 2005-2008, RoundCube Dev, - Switzerland \|
			\| Licensed under the GNU GPL \|
			\| \|
			\| PURPOSE: \|
			@@ -19,10 +19,21 @@

			*/

			require_once('lib/des.inc');
			require_once('lib/utf7.inc');
			require_once('lib/utf8.class.php');
			/**
			* RoundCube Webmail common functions
			*
			* @package Core
			* @author Thomas Bruederli <roundcube@gmail.com>
			*/

			require_once('lib/utf7.inc');
			require_once('include/rcube_user.inc');
			require_once('include/rcube_shared.inc');
			require_once('include/rcmail_template.inc');

			// fallback if not PHP modules are available
			@include_once('lib/des.inc');
			@include_once('lib/utf8.class.php');

			// define constannts for input reading
			define('RCUBE_INPUT_GET', 0x0101);
			@@ -30,11 +41,16 @@
			define('RCUBE_INPUT_GPC', 0x0103);


			// register session and connect to server
			/**
			* Initial startup function
			* to register session, create database and imap connections
			*
			* @param string Current task
			*/
			function rcmail_startup($task='mail')
			{
			global $sess_id, $sess_auth, $sess_user_lang;
			global $CONFIG, $INSTALL_PATH, $BROWSER, $OUTPUT, $_SESSION, $IMAP, $DB, $JS_OBJECT_NAME;
			global $sess_id, $sess_user_lang;
			global $CONFIG, $INSTALL_PATH, $BROWSER, $OUTPUT, $_SESSION, $IMAP, $DB, $USER;

			// check client
			$BROWSER = rcube_browser();
			@@ -42,20 +58,27 @@
			// load configuration
			$CONFIG = rcmail_load_config();

			// set session domain
			if (isset($CONFIG['session_domain']) && !empty($CONFIG['session_domain'])) {
			ini_set('session.cookie_domain', $CONFIG['session_domain']);
			}

			// set session garbage collecting time according to session_lifetime
			if (!empty($CONFIG['session_lifetime']))
			ini_set('session.gc_maxlifetime', ($CONFIG['session_lifetime']) * 120);

			// prepare DB connection
			require_once('include/rcube_'.(empty($CONFIG['db_backend']) ? 'db' : $CONFIG['db_backend']).'.inc');
			$dbwrapper = empty($CONFIG['db_backend']) ? 'db' : $CONFIG['db_backend'];
			$dbclass = "rcube_" . $dbwrapper;
			require_once("include/$dbclass.inc");

			$DB = new rcube_db($CONFIG['db_dsnw'], $CONFIG['db_dsnr'], $CONFIG['db_persistent']);
			$DB = new $dbclass($CONFIG['db_dsnw'], $CONFIG['db_dsnr'], $CONFIG['db_persistent']);
			$DB->sqlite_initials = $INSTALL_PATH.'SQL/sqlite.initial.sql';
			$DB->set_debug((bool)$CONFIG['sql_debug']);
			$DB->db_connect('w');

			// we can use the database for storing session data
			if (!$DB->is_error())
			include_once('include/session.inc');
			// use database for storing session data
			include_once('include/session.inc');

			// init session
			session_start();
			@@ -65,17 +88,18 @@
			if (!isset($_SESSION['auth_time']))
			{
			$_SESSION['user_lang'] = rcube_language_prop($CONFIG['locale_string']);
			$_SESSION['auth_time'] = mktime();
			setcookie('sessauth', rcmail_auth_hash($sess_id, $_SESSION['auth_time']));
			$_SESSION['auth_time'] = time();
			$_SESSION['temp'] = true;
			}

			// set session vars global
			$sess_user_lang = rcube_language_prop($_SESSION['user_lang']);

			// create user object
			$USER = new rcube_user($_SESSION['user_id']);

			// overwrite config with user preferences
			if (is_array($_SESSION['user_prefs']))
			$CONFIG = array_merge($CONFIG, $_SESSION['user_prefs']);
			$CONFIG = array_merge($CONFIG, (array)$USER->get_prefs());


			// reset some session parameters when changing task
			@@ -101,14 +125,18 @@
			}


			// load roundcube configuration into global var
			/**
			* Load roundcube configuration array
			*
			* @return array Named configuration parameters
			*/
			function rcmail_load_config()
			{
			global $INSTALL_PATH;
			global $INSTALL_PATH;

			// load config file
			include_once('config/main.inc.php');
			$conf = is_array($rcmail_config) ? $rcmail_config : array();
			include_once('config/main.inc.php');
			$conf = is_array($rcmail_config) ? $rcmail_config : array();

			// load host-specific configuration
			rcmail_load_host_config($conf);
			@@ -139,7 +167,12 @@
			}


			// load a host-specific config file if configured
			/**
			* Load a host-specific config file if configured
			* This will merge the host specific configuration with the given one
			*
			* @param array Global configuration parameters
			*/
			function rcmail_load_host_config(&$config)
			{
			$fname = NULL;
			@@ -157,7 +190,13 @@
			}


			// create authorization hash
			/**
			* Create unique authorization hash
			*
			* @param string Session ID
			* @param int Timestamp
			* @return string The generated auth hash
			*/
			function rcmail_auth_hash($sess_id, $ts)
			{
			global $CONFIG;
			@@ -175,29 +214,50 @@
			}


			// compare the auth hash sent by the client with the local session credentials
			/**
			* Check the auth hash sent by the client against the local session credentials
			*
			* @return boolean True if valid, False if not
			*/
			function rcmail_authenticate_session()
			{
			$now = mktime();
			$valid = ($_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['auth_time']) \|\|
			$_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['last_auth']));
			global $CONFIG, $SESS_CLIENT_IP, $SESS_CHANGED;

			// advanced session authentication
			if ($CONFIG['double_auth'])
			{
			$now = time();
			$valid = ($_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['auth_time']) \|\|
			$_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['last_auth']));

			// renew auth cookie every 5 minutes (only for GET requests)
			if (!$valid \|\| ($_SERVER['REQUEST_METHOD']!='POST' && $now-$_SESSION['auth_time'] > 300))
			// renew auth cookie every 5 minutes (only for GET requests)
			if (!$valid \|\| ($_SERVER['REQUEST_METHOD']!='POST' && $now-$_SESSION['auth_time'] > 300))
			{
			$_SESSION['last_auth'] = $_SESSION['auth_time'];
			$_SESSION['auth_time'] = $now;
			setcookie('sessauth', rcmail_auth_hash(session_id(), $now));
			$_SESSION['last_auth'] = $_SESSION['auth_time'];
			$_SESSION['auth_time'] = $now;
			setcookie('sessauth', rcmail_auth_hash(session_id(), $now));
			}

			}
			else
			$valid = $CONFIG['ip_check'] ? $_SERVER['REMOTE_ADDR'] == $SESS_CLIENT_IP : true;

			// check session filetime
			if (!empty($CONFIG['session_lifetime']) && isset($SESS_CHANGED)
			&& $SESS_CHANGED + $CONFIG['session_lifetime']*60 < time())
			$valid = false;

			return $valid;
			}


			// create IMAP object and connect to server
			/**
			* Create global IMAP object and connect to server
			*
			* @param boolean True if connection should be established
			*/
			function rcmail_imap_init($connect=FALSE)
			{
			global $CONFIG, $DB, $IMAP;
			global $CONFIG, $DB, $IMAP, $OUTPUT;

			$IMAP = new rcube_imap($DB);
			$IMAP->debug_level = $CONFIG['debug_level'];
			@@ -208,7 +268,7 @@
			if ($connect)
			{
			if (!($conn = $IMAP->connect($_SESSION['imap_host'], $_SESSION['username'], decrypt_passwd($_SESSION['password']), $_SESSION['imap_port'], $_SESSION['imap_ssl'])))
			show_message('imaperror', 'error');
			$OUTPUT->show_message('imaperror', 'error');

			rcmail_set_imap_prop();
			}
			@@ -223,11 +283,16 @@
			}


			// set root dir and last stored mailbox
			// this must be done AFTER connecting to the server
			/**
			* Set root dir and last stored mailbox
			* This must be done AFTER connecting to the server!
			*/
			function rcmail_set_imap_prop()
			{
			global $CONFIG, $IMAP;

			if (!empty($CONFIG['default_charset']))
			$IMAP->set_charset($CONFIG['default_charset']);

			// set root dir from config
			if (!empty($CONFIG['imap_root']))
			@@ -243,10 +308,12 @@
			}


			// do these things on script shutdown
			/**
			* Do these things on script shutdown
			*/
			function rcmail_shutdown()
			{
			global $IMAP;
			global $IMAP, $CONTACTS;

			if (is_object($IMAP))
			{
			@@ -254,33 +321,40 @@
			$IMAP->write_cache();
			}

			if (is_object($CONTACTS))
			$CONTACTS->close();

			// before closing the database connection, write session data
			session_write_close();
			}


			// destroy session data and remove cookie
			/**
			* Destroy session data and remove cookie
			*/
			function rcmail_kill_session()
			{
			// save user preferences
			$a_user_prefs = $_SESSION['user_prefs'];
			if (!is_array($a_user_prefs))
			$a_user_prefs = array();

			global $USER;

			if ((isset($_SESSION['sort_col']) && $_SESSION['sort_col']!=$a_user_prefs['message_sort_col']) \|\|
			(isset($_SESSION['sort_order']) && $_SESSION['sort_order']!=$a_user_prefs['message_sort_order']))
			{
			$a_user_prefs['message_sort_col'] = $_SESSION['sort_col'];
			$a_user_prefs['message_sort_order'] = $_SESSION['sort_order'];
			rcmail_save_user_prefs($a_user_prefs);
			$a_user_prefs = array('message_sort_col' => $_SESSION['sort_col'], 'message_sort_order' => $_SESSION['sort_order']);
			$USER->save_prefs($a_user_prefs);
			}

			$_SESSION = array();
			session_destroy();
			$_SESSION = array('user_lang' => $GLOBALS['sess_user_lang'], 'auth_time' => time(), 'temp' => true);
			setcookie('sessauth', '-del-', time()-60);
			$USER->reset();
			}


			// return correct name for a specific database table
			/**
			* Return correct name for a specific database table
			*
			* @param string Table name
			* @return string Translated table name
			*/
			function get_table_name($table)
			{
			global $CONFIG;
			@@ -295,8 +369,13 @@
			}


			// return correct name for a specific database sequence
			// (used for Postres only)
			/**
			* Return correct name for a specific database sequence
			* (used for Postres only)
			*
			* @param string Secuence name
			* @return string Translated sequence name
			*/
			function get_sequence_name($sequence)
			{
			global $CONFIG;
			@@ -307,11 +386,17 @@
			if (strlen($CONFIG[$config_key]))
			return $CONFIG[$config_key];

			return $table;
			return $sequence;
			}


			// check the given string and returns language properties
			/**
			* Check the given string and returns language properties
			*
			* @param string Language code
			* @param string Peropert name
			* @return string Property value
			*/
			function rcube_language_prop($lang, $prop='lang')
			{
			global $INSTALL_PATH;
			@@ -348,35 +433,27 @@
			}


			// init output object for GUI and add common scripts
			function load_gui()
			/**
			* Init output object for GUI and add common scripts.
			* This will instantiate a rcmail_template object and set
			* environment vars according to the current session and configuration
			*/
			function rcmail_load_gui()
			{
			global $CONFIG, $OUTPUT, $COMM_PATH, $JS_OBJECT_NAME, $sess_user_lang;
			global $CONFIG, $OUTPUT, $sess_user_lang;

			// init output page
			$OUTPUT = new rcube_html_page();

			// add common javascripts
			$javascript = "var $JS_OBJECT_NAME = new rcube_webmail();\n";
			$javascript .= sprintf("%s.set_env('comm_path', '%s');\n", $JS_OBJECT_NAME, str_replace('&', '&', $COMM_PATH));
			$OUTPUT = new rcmail_template($CONFIG, $GLOBALS['_task']);
			$OUTPUT->set_env('comm_path', $GLOBALS['COMM_PATH']);

			if (isset($CONFIG['javascript_config'] )){
			foreach ($CONFIG['javascript_config'] as $js_config_var){
			$javascript .= "$JS_OBJECT_NAME.set_env('$js_config_var', '" . $CONFIG[$js_config_var] . "');\n";
			}
			if (is_array($CONFIG['javascript_config']))
			{
			foreach ($CONFIG['javascript_config'] as $js_config_var)
			$OUTPUT->set_env($js_config_var, $CONFIG[$js_config_var]);
			}

			// don't wait for page onload. Call init at the bottom of the page (delayed)
			$javascript_foot = "if (window.call_init)\n call_init('$JS_OBJECT_NAME');";

			if (!empty($GLOBALS['_framed']))
			$javascript .= "$JS_OBJECT_NAME.set_env('framed', true);\n";

			$OUTPUT->add_script($javascript, 'head');
			$OUTPUT->add_script($javascript_foot, 'foot');
			$OUTPUT->include_script('common.js');
			$OUTPUT->include_script('app.js');
			$OUTPUT->scripts_path = 'program/js/';
			$OUTPUT->set_env('framed', true);

			// set locale setting
			rcmail_set_locale($sess_user_lang);
			@@ -384,32 +461,48 @@
			// set user-selected charset
			if (!empty($CONFIG['charset']))
			$OUTPUT->set_charset($CONFIG['charset']);

			// register common UI objects
			$OUTPUT->add_handlers(array(
			'loginform' => 'rcmail_login_form',
			'username' => 'rcmail_current_username',
			'message' => 'rcmail_message_container',
			'charsetselector' => 'rcmail_charset_selector',
			));

			// add some basic label to client
			rcube_add_label('loading','checkingmail');
			if (!$OUTPUT->ajax_call)
			rcube_add_label('loading', 'movingmessage');
			}


			// set localization charset based on the given language
			/**
			* Set localization charset based on the given language.
			* This also creates a global property for mbstring usage.
			*/
			function rcmail_set_locale($lang)
			{
			global $OUTPUT, $CHARSET, $MBSTRING;
			global $OUTPUT, $MBSTRING;
			static $s_mbstring_loaded = NULL;

			// settings for mbstring module (by Tadashi Jokagi)
			if (is_null($s_mbstring_loaded))
			$MBSTRING = $s_mbstring_loaded = extension_loaded("mbstring");
			if (is_null($s_mbstring_loaded))
			$MBSTRING = $s_mbstring_loaded = extension_loaded("mbstring");
			else
			$MBSTRING = $s_mbstring_loaded = FALSE;


			if ($MBSTRING)
			mb_internal_encoding($CHARSET);
			mb_internal_encoding(RCMAIL_CHARSET);

			$OUTPUT->set_charset(rcube_language_prop($lang, 'charset'));
			}


			// auto-select IMAP host based on the posted login information
			/**
			* Auto-select IMAP host based on the posted login information
			*
			* @return string Selected IMAP host
			*/
			function rcmail_autoselect_host()
			{
			global $CONFIG;
			@@ -437,10 +530,18 @@
			}


			// perfom login to the IMAP server and to the webmail service
			/**
			* Perfom login to the IMAP server and to the webmail service.
			* This will also create a new user entry if auto_create_user is configured.
			*
			* @param string IMAP user name
			* @param string IMAP password
			* @param string IMAP host
			* @return boolean True on success, False on failure
			*/
			function rcmail_login($user, $pass, $host=NULL)
			{
			global $CONFIG, $IMAP, $DB, $sess_user_lang;
			global $CONFIG, $IMAP, $DB, $USER, $sess_user_lang;
			$user_id = NULL;

			if (!$host)
			@@ -471,7 +572,7 @@
			if ($a_host['host'])
			{
			$host = $a_host['host'];
			$imap_ssl = (isset($a_host['scheme']) && in_array($a_host['scheme'], array('ssl','imaps','tls'))) ? TRUE : FALSE;
			$imap_ssl = (isset($a_host['scheme']) && in_array($a_host['scheme'], array('ssl','imaps','tls'))) ? $a_host['scheme'] : null;
			$imap_port = isset($a_host['port']) ? $a_host['port'] : ($imap_ssl ? 993 : $CONFIG['default_port']);
			}
			else
			@@ -482,7 +583,7 @@
			Inspired by Marco <P0L0_notspam_binware.org>
			*/
			// Check if we need to add domain
			if (!empty($CONFIG['username_domain']) && !strstr($user, '@'))
			if (!empty($CONFIG['username_domain']) && !strpos($user, '@'))
			{
			if (is_array($CONFIG['username_domain']) && isset($CONFIG['username_domain'][$host]))
			$user .= '@'.$CONFIG['username_domain'][$host];
			@@ -490,66 +591,70 @@
			$user .= '@'.$CONFIG['username_domain'];
			}

			// try to resolve email address from virtuser table
			if (!empty($CONFIG['virtuser_file']) && strpos($user, '@'))
			$user = rcube_user::email2user($user);

			// lowercase username if it's an e-mail address (#1484473)
			if (strpos($user, '@'))
			$user = strtolower($user);

			// query if user already registered
			$sql_result = $DB->query("SELECT user_id, username, language, preferences
			FROM ".get_table_name('users')."
			WHERE mail_host=? AND (username=? OR alias=?)",
			$host,
			$user,
			$user);
			if ($existing = rcube_user::query($user, $host))
			$USER = $existing;

			// user already registered -> overwrite username
			if ($sql_arr = $DB->fetch_assoc($sql_result))
			if ($USER->ID)
			{
			$user_id = $sql_arr['user_id'];
			$user = $sql_arr['username'];
			$user_id = $USER->ID;
			$user = $USER->data['username'];
			}

			// try to resolve email address from virtuser table
			if (!empty($CONFIG['virtuser_file']) && strstr($user, '@'))
			$user = rcmail_email2user($user);


			// exit if IMAP login failed
			if (!($imap_login = $IMAP->connect($host, $user, $pass, $imap_port, $imap_ssl)))
			return FALSE;
			return false;

			// user already registered
			if ($user_id && !empty($sql_arr))
			if ($USER->ID)
			{
			// get user prefs
			if (strlen($sql_arr['preferences']))
			{
			$user_prefs = unserialize($sql_arr['preferences']);
			$_SESSION['user_prefs'] = $user_prefs;
			array_merge($CONFIG, $user_prefs);
			}

			$CONFIG = array_merge($CONFIG, (array)$USER->get_prefs());

			// set user specific language
			if (strlen($sql_arr['language']))
			$sess_user_lang = $_SESSION['user_lang'] = $sql_arr['language'];
			if (!empty($USER->data['language']))
			$sess_user_lang = $_SESSION['user_lang'] = $USER->data['language'];

			// update user's record
			$DB->query("UPDATE ".get_table_name('users')."
			SET last_login=".$DB->now()."
			WHERE user_id=?",
			$user_id);
			$USER->touch();
			}
			// create new system user
			else if ($CONFIG['auto_create_user'])
			{
			$user_id = rcmail_create_user($user, $host);
			if ($created = rcube_user::create($user, $host))
			{
			$USER = $created;

			// get existing mailboxes
			$a_mailboxes = $IMAP->list_mailboxes();
			}
			}
			else
			{
			raise_error(array(
			'code' => 600,
			'type' => 'php',
			'file' => "config/main.inc.php",
			'message' => "Acces denied for new user $user. 'auto_create_user' is disabled"
			), true, false);
			}

			if ($user_id)
			if ($USER->ID)
			{
			$_SESSION['user_id'] = $user_id;
			$_SESSION['user_id'] = $USER->ID;
			$_SESSION['username'] = $USER->data['username'];
			$_SESSION['imap_host'] = $host;
			$_SESSION['imap_port'] = $imap_port;
			$_SESSION['imap_ssl'] = $imap_ssl;
			$_SESSION['username'] = $user;
			$_SESSION['user_lang'] = $sess_user_lang;
			$_SESSION['password'] = encrypt_passwd($pass);
			$_SESSION['login_time'] = mktime();
			@@ -557,7 +662,9 @@
			// force reloading complete list of subscribed mailboxes
			rcmail_set_imap_prop();
			$IMAP->clear_cache('mailboxes');
			$IMAP->create_default_folders();

			if ($CONFIG['create_default_folders'])
			$IMAP->create_default_folders();

			return TRUE;
			}
			@@ -566,75 +673,11 @@
			}


			// create new entry in users and identities table
			function rcmail_create_user($user, $host)
			{
			global $DB, $CONFIG, $IMAP;

			$user_email = '';

			// try to resolve user in virtusertable
			if (!empty($CONFIG['virtuser_file']) && strstr($user, '@')==FALSE)
			$user_email = rcmail_user2email($user);

			$DB->query("INSERT INTO ".get_table_name('users')."
			(created, last_login, username, mail_host, alias, language)
			VALUES (".$DB->now().", ".$DB->now().", ?, ?, ?, ?)",
			$user,
			$host,
			$user_email,
			$_SESSION['user_lang']);

			if ($user_id = $DB->insert_id(get_sequence_name('users')))
			{
			$mail_domain = rcmail_mail_domain($host);

			if ($user_email=='')
			$user_email = strstr($user, '@') ? $user : sprintf('%s@%s', $user, $mail_domain);

			$user_name = $user!=$user_email ? $user : '';

			// try to resolve the e-mail address from the virtuser table
			if (!empty($CONFIG['virtuser_query']) &&
			($sql_result = $DB->query(preg_replace('/%u/', $user, $CONFIG['virtuser_query']))) &&
			($DB->num_rows()>0))
			while ($sql_arr = $DB->fetch_array($sql_result))
			{
			$DB->query("INSERT INTO ".get_table_name('identities')."
			(user_id, del, standard, name, email)
			VALUES (?, 0, 1, ?, ?)",
			$user_id,
			$user_name,
			preg_replace('/^@/', $user . '@', $sql_arr[0]));
			}
			else
			{
			// also create new identity records
			$DB->query("INSERT INTO ".get_table_name('identities')."
			(user_id, del, standard, name, email)
			VALUES (?, 0, 1, ?, ?)",
			$user_id,
			$user_name,
			$user_email);
			}

			// get existing mailboxes
			$a_mailboxes = $IMAP->list_mailboxes();
			}
			else
			{
			raise_error(array('code' => 500,
			'type' => 'php',
			'line' => __LINE__,
			'file' => __FILE__,
			'message' => "Failed to create new user"), TRUE, FALSE);
			}

			return $user_id;
			}


			// load virtuser table in array
			/**
			* Load virtuser table in array
			*
			* @return array Virtuser table entries
			*/
			function rcmail_getvirtualfile()
			{
			global $CONFIG;
			@@ -647,7 +690,12 @@
			}


			// find matches of the given pattern in virtuser table
			/**
			* Find matches of the given pattern in virtuser table
			*
			* @param string Regular expression to search for
			* @return array Matching entries
			*/
			function rcmail_findinvirtual($pattern)
			{
			$result = array();
			@@ -670,118 +718,116 @@
			}


			// resolve username with virtuser table
			function rcmail_email2user($email)
			{
			$user = $email;
			$r = rcmail_findinvirtual("^$email");

			for ($i=0; $i<count($r); $i++)
			{
			$data = $r[$i];
			$arr = preg_split('/\s+/', $data);
			if(count($arr)>0)
			{
			$user = trim($arr[count($arr)-1]);
			break;
			}
			}

			return $user;
			}


			// resolve e-mail address with virtuser table
			function rcmail_user2email($user)
			{
			$email = "";
			$r = rcmail_findinvirtual("$user$");

			for ($i=0; $i<count($r); $i++)
			{
			$data=$r[$i];
			$arr = preg_split('/\s+/', $data);
			if (count($arr)>0)
			{
			$email = trim($arr[0]);
			break;
			}
			}

			return $email;
			}


			function rcmail_save_user_prefs($a_user_prefs)
			{
			global $DB, $CONFIG, $sess_user_lang;

			$DB->query("UPDATE ".get_table_name('users')."
			SET preferences=?,
			language=?
			WHERE user_id=?",
			serialize($a_user_prefs),
			$sess_user_lang,
			$_SESSION['user_id']);

			if ($DB->affected_rows())
			{
			$_SESSION['user_prefs'] = $a_user_prefs;
			$CONFIG = array_merge($CONFIG, $a_user_prefs);
			return TRUE;
			}

			return FALSE;
			}


			// overwrite action variable
			/**
			* Overwrite action variable
			*
			* @param string New action value
			*/
			function rcmail_overwrite_action($action)
			{
			global $OUTPUT, $JS_OBJECT_NAME;
			global $OUTPUT;
			$GLOBALS['_action'] = $action;

			$OUTPUT->add_script(sprintf("\n%s.set_env('action', '%s');", $JS_OBJECT_NAME, $action));
			$OUTPUT->set_env('action', $action);
			}


			/**
			* Compose an URL for a specific action
			*
			* @param string Request action
			* @param array More URL parameters
			* @param string Request task (omit if the same)
			* @return The application URL
			*/
			function rcmail_url($action, $p=array(), $task=null)
			{
			global $MAIN_TASKS, $COMM_PATH;
			$qstring = '';
			$base = $COMM_PATH;

			if ($task && in_array($task, $MAIN_TASKS))
			$base = ereg_replace('_task=[a-z]+', '_task='.$task, $COMM_PATH);

			if (is_array($p))
			foreach ($p as $key => $val)
			$qstring .= '&'.urlencode($key).'='.urlencode($val);

			return $base . ($action ? '&_action='.$action : '') . $qstring;
			}


			// @deprecated
			function show_message($message, $type='notice', $vars=NULL)
			{
			global $OUTPUT, $JS_OBJECT_NAME, $REMOTE_REQUEST;

			$framed = $GLOBALS['_framed'];
			$command = sprintf("display_message('%s', '%s');",
			JQ(rcube_label(array('name' => $message, 'vars' => $vars))),
			$type);

			if ($REMOTE_REQUEST)
			return 'this.'.$command;

			else
			$OUTPUT->add_script(sprintf("%s%s.%s\n",
			$framed ? sprintf('if(parent.%s)parent.', $JS_OBJECT_NAME) : '',
			$JS_OBJECT_NAME,
			$command));
			global $OUTPUT;
			$OUTPUT->show_message($message, $type, $vars);
			}


			// encrypt IMAP password using DES encryption
			/**
			* Encrypt IMAP password using DES encryption
			*
			* @param string Password to encrypt
			* @return string Encryprted string
			*/
			function encrypt_passwd($pass)
			{
			$cypher = des(get_des_key(), $pass, 1, 0, NULL);
			return base64_encode($cypher);
			{
			if (function_exists('mcrypt_module_open') && ($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, ""))) {
			$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
			mcrypt_generic_init($td, get_des_key(), $iv);
			$cypher = mcrypt_generic($td, $pass);
			mcrypt_generic_deinit($td);
			mcrypt_module_close($td);
			}
			else if (function_exists('des')) {
			$cypher = des(get_des_key(), $pass, 1, 0, NULL);
			}
			else {
			$cypher = $pass;

			raise_error(array(
			'code' => 500,
			'type' => 'php',
			'file' => __FILE__,
			'message' => "Could not convert encrypt password. Make sure Mcrypt is installed or lib/des.inc is available"
			), true, false);
			}

			return base64_encode($cypher);
			}


			// decrypt IMAP password using DES encryption
			/**
			* Decrypt IMAP password using DES encryption
			*
			* @param string Encrypted password
			* @return string Plain password
			*/
			function decrypt_passwd($cypher)
			{
			$pass = des(get_des_key(), base64_decode($cypher), 0, 0, NULL);
			{
			if (function_exists('mcrypt_module_open') && ($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, ""))) {
			$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
			mcrypt_generic_init($td, get_des_key(), $iv);
			$pass = mdecrypt_generic($td, base64_decode($cypher));
			mcrypt_generic_deinit($td);
			mcrypt_module_close($td);
			}
			else if (function_exists('des')) {
			$pass = des(get_des_key(), base64_decode($cypher), 0, 0, NULL);
			}
			else {
			$pass = base64_decode($cypher);
			}

			return preg_replace('/\x00/', '', $pass);
			}


			// return a 24 byte key for the DES encryption
			/**
			* Return a 24 byte key for the DES encryption
			*
			* @return string DES encryption key
			*/
			function get_des_key()
			{
			$key = !empty($GLOBALS['CONFIG']['des_key']) ? $GLOBALS['CONFIG']['des_key'] : 'rcmail?24BitPwDkeyF**ECB';
			@@ -797,44 +843,11 @@
			}


			// send correct response on a remote request
			function rcube_remote_response($js_code, $flush=FALSE)
			{
			global $OUTPUT, $CHARSET;
			static $s_header_sent = FALSE;

			if (!$s_header_sent)
			{
			$s_header_sent = TRUE;
			send_nocacheing_headers();
			header('Content-Type: application/x-javascript; charset='.$CHARSET);
			print '/ remote response ['.date('d/M/Y h:i:s O')."] /\n";
			}

			// send response code
			print rcube_charset_convert($js_code, $CHARSET, $OUTPUT->get_charset());

			if ($flush) // flush the output buffer
			flush();
			else // terminate script
			exit;
			}


			// send correctly formatted response for a request posted to an iframe
			function rcube_iframe_response($js_code='')
			{
			global $OUTPUT, $JS_OBJECT_NAME;

			if (!empty($js_code))
			$OUTPUT->add_script("if(parent.$JS_OBJECT_NAME){\n" . $js_code . "\n}");

			$OUTPUT->write();
			exit;
			}


			// read directory program/localization/ and return a list of available languages
			/**
			* Read directory program/localization and return a list of available languages
			*
			* @return array List of available localizations
			*/
			function rcube_list_languages()
			{
			global $CONFIG, $INSTALL_PATH;
			@@ -861,21 +874,23 @@
			}


			// add a localized label to the client environment
			/**
			* Add a localized label to the client environment
			*/
			function rcube_add_label()
			{
			global $OUTPUT, $JS_OBJECT_NAME;
			global $OUTPUT;

			$arg_list = func_get_args();
			foreach ($arg_list as $i => $name)
			$OUTPUT->add_script(sprintf("%s.add_label('%s', '%s');",
			$JS_OBJECT_NAME,
			$name,
			JQ(rcube_label($name))));
			$OUTPUT->command('add_label', $name, rcube_label($name));
			}


			// remove temp files older than two day
			/**
			* Garbage collector function for temp files.
			* Remove temp files older than two days
			*/
			function rcmail_temp_gc()
			{
			$tmp = unslashify($CONFIG['temp_dir']);
			@@ -897,7 +912,10 @@
			}


			// remove all expired message cache records
			/**
			* Garbage collector for cache entries.
			* Remove all expired message cache records
			*/
			function rcmail_message_cache_gc()
			{
			global $DB, $CONFIG;
			@@ -920,58 +938,89 @@
			*
			* @param string Input string
			* @param string Suspected charset of the input string
			* @param string Target charset to convert to; defaults to $GLOBALS['CHARSET']
			* @param string Target charset to convert to; defaults to RCMAIL_CHARSET
			* @return Converted string
			*/
			function rcube_charset_convert($str, $from, $to=NULL)
			{
			global $MBSTRING;
			static $convert_warning = false;

			$from = strtoupper($from);
			$to = $to==NULL ? strtoupper($GLOBALS['CHARSET']) : strtoupper($to);
			$to = $to==NULL ? strtoupper(RCMAIL_CHARSET) : strtoupper($to);
			$error = false; $conv = null;

			if ($from==$to \|\| $str=='' \|\| empty($from))
			return $str;

			$aliases = array(
			'UNKNOWN-8BIT' => 'ISO-8859-15',
			'X-UNKNOWN' => 'ISO-8859-15',
			'X-USER-DEFINED' => 'ISO-8859-15',
			'ISO-8859-8-I' => 'ISO-8859-8',
			'KS_C_5601-1987' => 'EUC-KR',
			'GB2312' => 'GB18030'
			);

			// convert charset using iconv module
			if (function_exists('iconv') && $from != 'UTF-7' && $to != 'UTF-7')
			{
			return iconv(($aliases[$from] ? $aliases[$from] : $from), ($aliases[$to] ? $aliases[$to] : $to) . "//IGNORE", $str);
			}

			// convert charset using mbstring module
			if ($MBSTRING)
			{
			$to = $to=="UTF-7" ? "UTF7-IMAP" : $to;
			$from = $from=="UTF-7" ? "UTF7-IMAP": $from;

			$mb_map = $aliases + array('UTF-7' => 'UTF7-IMAP');

			// return if convert succeeded
			if (($out = mb_convert_encoding($str, $to, $from)) != '')
			if (($out = mb_convert_encoding($str, ($mb_map[$to] ? $mb_map[$to] : $to), ($mb_map[$from] ? $mb_map[$from] : $from))) != '')
			return $out;
			}

			// convert charset using iconv module
			if (function_exists('iconv') && $from!='UTF-7' && $to!='UTF-7')
			return iconv($from, $to, $str);

			$conv = new utf8();


			if (class_exists('utf8'))
			$conv = new utf8();

			// convert string to UTF-8
			if ($from=='UTF-7')
			if ($from == 'UTF-7')
			$str = utf7_to_utf8($str);
			else if (($from=='ISO-8859-1') && function_exists('utf8_encode'))
			else if (($from == 'ISO-8859-1') && function_exists('utf8_encode'))
			$str = utf8_encode($str);
			else if ($from!='UTF-8')
			else if ($from != 'UTF-8' && $conv)
			{
			$conv->loadCharset($from);
			$str = $conv->strToUtf8($str);
			}
			else if ($from != 'UTF-8')
			$error = true;

			// encode string for output
			if ($to=='UTF-7')
			if ($to == 'UTF-7')
			return utf8_to_utf7($str);
			else if ($to=='ISO-8859-1' && function_exists('utf8_decode'))
			else if ($to == 'ISO-8859-1' && function_exists('utf8_decode'))
			return utf8_decode($str);
			else if ($to!='UTF-8')
			else if ($to != 'UTF-8' && $conv)
			{
			$conv->loadCharset($to);
			return $conv->utf8ToStr($str);
			}
			else if ($to != 'UTF-8')
			$error = true;

			// report error
			if ($error && !$convert_warning)
			{
			raise_error(array(
			'code' => 500,
			'type' => 'php',
			'file' => __FILE__,
			'message' => "Could not convert string charset. Make sure iconv is installed or lib/utf8.class is available"
			), true, false);

			$convert_warning = true;
			}

			// return UTF-8 string
			return $str;
			}
			@@ -993,10 +1042,6 @@

			if (!$enctype)
			$enctype = $GLOBALS['OUTPUT_TYPE'];

			// convert nbsps back to normal spaces if not html
			if ($enctype!='html')
			$str = str_replace(chr(160), ' ', $str);

			// encode for plaintext
			if ($enctype=='text')
			@@ -1042,11 +1087,10 @@

			for ($c=160; $c<256; $c++) // can be increased to support more charsets
			{
			$hex = dechex($c);
			$xml_rep_table[Chr($c)] = "&#$c;";

			if ($OUTPUT->get_charset()=='ISO-8859-1')
			$js_rep_table[Chr($c)] = sprintf("\u%s%s", str_repeat('0', 4-strlen($hex)), $hex);
			$js_rep_table[Chr($c)] = sprintf("\\u%04x", $c);
			}

			$xml_rep_table['"'] = '"';
			@@ -1060,18 +1104,21 @@
			if ($enctype=='js')
			{
			if ($OUTPUT->get_charset()!='UTF-8')
			$str = rcube_charset_convert($str, $GLOBALS['CHARSET'], $OUTPUT->get_charset());
			$str = rcube_charset_convert($str, RCMAIL_CHARSET, $OUTPUT->get_charset());

			return addslashes(preg_replace(array("/\r\n/", "/\r/"), array('\n', '\n'), strtr($str, $js_rep_table)));
			return preg_replace(array("/\r?\n/", "/\r/"), array('\n', '\n'), addslashes(strtr($str, $js_rep_table)));
			}

			// no encoding given -> return original string
			return $str;
			}


			/**
			* Quote a given string. Alias function for rep_specialchars_output
			* @see rep_specialchars_output
			* Quote a given string.
			* Shortcut function for rep_specialchars_output
			*
			* @return string HTML-quoted string
			* @see rep_specialchars_output()
			*/
			function Q($str, $mode='strict', $newlines=TRUE)
			{
			@@ -1079,8 +1126,11 @@
			}

			/**
			* Quote a given string. Alias function for rep_specialchars_output
			* @see rep_specialchars_output
			* Quote a given string for javascript output.
			* Shortcut function for rep_specialchars_output
			*
			* @return string JS-quoted string
			* @see rep_specialchars_output()
			*/
			function JQ($str)
			{
			@@ -1133,7 +1183,19 @@
			}

			/**
			* Remove all non-ascii and non-word chars
			* except . and -
			*/
			function asciiwords($str)
			{
			return preg_replace('/[^a-z0-9.-_]/i', '', $str);
			}

			/**
			* Remove single and double quotes from given string
			*
			* @param string Input value
			* @return string Dequoted string
			*/
			function strip_quotes($str)
			{
			@@ -1141,13 +1203,27 @@
			}


			// ************ template parsing and gui functions ************
			/**
			* Remove new lines characters from given string
			*
			* @param string Input value
			* @return string Stripped string
			*/
			function strip_newlines($str)
			{
			return preg_replace('/[\r\n]/', '', $str);
			}


			// return boolean if a specific template exists
			/**
			* Check if a specific template exists
			*
			* @param string Template name
			* @return boolean True if template exists
			*/
			function template_exists($name)
			{
			global $CONFIG, $OUTPUT;
			global $CONFIG;
			$skin_path = $CONFIG['skin_path'];

			// check template file
			@@ -1155,416 +1231,25 @@
			}


			// get page template an replace variable
			// similar function as used in nexImage
			function parse_template($name='main', $exit=TRUE)
			{
			global $CONFIG, $OUTPUT;
			$skin_path = $CONFIG['skin_path'];

			// read template file
			$templ = '';
			$path = "$skin_path/templates/$name.html";

			if($fp = @fopen($path, 'r'))
			{
			$templ = fread($fp, filesize($path));
			fclose($fp);
			}
			else
			{
			raise_error(array('code' => 500,
			'type' => 'php',
			'line' => __LINE__,
			'file' => __FILE__,
			'message' => "Error loading template for '$name'"), TRUE, TRUE);
			return FALSE;
			}


			// parse for specialtags
			$output = parse_rcube_xml(parse_rcube_conditions($templ));

			// add debug console
			if ($CONFIG['debug_level'] & 8)
			$OUTPUT->footer = '<div style="position:absolute;top:5px;left:5px;width:400px;opacity:0.8;z-index:9000;"><form name="debugform"><textarea name="console" rows="15" cols="40" style="width:400px;border:none;font-size:x-small"></textarea></form>';

			$OUTPUT->write(trim(parse_with_globals($output)), $skin_path);

			if ($exit)
			exit;
			}



			// replace all strings ($varname) with the content of the according global variable
			function parse_with_globals($input)
			{
			$GLOBALS['__comm_path'] = $GLOBALS['COMM_PATH'];
			$output = preg_replace('/\$(__[a-z0-9_\-]+)/e', '$GLOBALS["\\1"]', $input);
			return $output;
			}


			// parse conditional code
			function parse_rcube_conditions($input)
			{
			if (($matches = preg_split('/<roundcube:(if\|elseif\|else\|endif)\s+([^>]+)>/is', $input, 2, PREG_SPLIT_DELIM_CAPTURE)) && count($matches)==4)
			{
			if (preg_match('/^(else\|endif)$/i', $matches[1]))
			return $matches[0] . parse_rcube_conditions($matches[3]);
			else
			{
			$attrib = parse_attrib_string($matches[2]);
			if (isset($attrib['condition']))
			{
			$condmet = rcube_xml_condition($attrib['condition']);
			$submatches = preg_split('/<roundcube:(elseif\|else\|endif)\s+([^>]+)>/is', $matches[3], 2, PREG_SPLIT_DELIM_CAPTURE);

			if ($condmet)
			$result = $submatches[0] . preg_replace('/.*<roundcube:endif\s+[^>]+>/is', '', $submatches[3]);
			else
			$result = "<roundcube:$submatches[1] $submatches[2]>" . $submatches[3];

			return $matches[0] . parse_rcube_conditions($result);
			}
			else
			{
			raise_error(array('code' => 500, 'type' => 'php', 'line' => __LINE__, 'file' => __FILE__,
			'message' => "Unable to parse conditional tag " . $matches[2]), TRUE, FALSE);
			}
			}
			}

			return $input;
			}


			/**
			* Determines if a given condition is met
			* Wrapper for rcmail_template::parse()
			* @deprecated
			*/
			function parse_template($name='main', $exit=true)
			{
			$GLOBALS['OUTPUT']->parse($name, $exit);
			}


			/**
			* Create a HTML table based on the given data
			*
			* @return True if condition is valid, False is not
			* @param array Named table attributes
			* @param mixed Table row data. Either a two-dimensional array or a valid SQL result set
			* @param array List of cols to show
			* @param string Name of the identifier col
			* @return string HTML table code
			*/
			function rcube_xml_condition($condition)
			{
			$condition = preg_replace(
			array('/session:([a-z0-9_]+)/i', '/config:([a-z0-9_]+)/i', '/request:([a-z0-9_]+)/ie'),
			array("\$_SESSION['\\1']", "\$GLOBALS['CONFIG']['\\1']", "get_input_value('\\1', RCUBE_INPUT_GPC)"),
			$condition);

			return @eval("return (".$condition.");");
			}


			function parse_rcube_xml($input)
			{
			$output = preg_replace('/<roundcube:([-_a-z]+)\s+([^>]+)>/Uie', "rcube_xml_command('\\1', '\\2')", $input);
			return $output;
			}


			/**
			* Convert a xml command tag into real content
			*/
			function rcube_xml_command($command, $str_attrib, $add_attrib=array())
			{
			global $IMAP, $CONFIG, $OUTPUT;

			$command = strtolower($command);
			$attrib = parse_attrib_string($str_attrib) + $add_attrib;

			// empty output if required condition is not met
			if (!empty($attrib['condition']) && !rcube_xml_condition($attrib['condition']))
			return '';

			// execute command
			switch ($command)
			{
			// return a button
			case 'button':
			if ($attrib['command'])
			return rcube_button($attrib);
			break;

			// show a label
			case 'label':
			if ($attrib['name'] \|\| $attrib['command'])
			return Q(rcube_label($attrib));
			break;

			// create a menu item
			case 'menu':
			if ($attrib['command'] && $attrib['group'])
			rcube_menu($attrib);
			break;

			// include a file
			case 'include':
			$path = realpath($CONFIG['skin_path'].$attrib['file']);

			if($fp = @fopen($path, 'r'))
			{
			$incl = fread($fp, filesize($path));
			fclose($fp);
			return parse_rcube_xml($incl);
			}
			break;

			// return code for a specific application object
			case 'object':
			$object = strtolower($attrib['name']);

			$object_handlers = array(
			// GENERAL
			'loginform' => 'rcmail_login_form',
			'username' => 'rcmail_current_username',

			// MAIL
			'mailboxlist' => 'rcmail_mailbox_list',
			'message' => 'rcmail_message_container',
			'messages' => 'rcmail_message_list',
			'messagecountdisplay' => 'rcmail_messagecount_display',
			'quotadisplay' => 'rcmail_quota_display',
			'messageheaders' => 'rcmail_message_headers',
			'messagebody' => 'rcmail_message_body',
			'messageattachments' => 'rcmail_message_attachments',
			'blockedobjects' => 'rcmail_remote_objects_msg',
			'messagecontentframe' => 'rcmail_messagecontent_frame',
			'messagepartframe' => 'rcmail_message_part_frame',
			'messagepartcontrols' => 'rcmail_message_part_controls',
			'composeheaders' => 'rcmail_compose_headers',
			'composesubject' => 'rcmail_compose_subject',
			'composebody' => 'rcmail_compose_body',
			'composeattachmentlist' => 'rcmail_compose_attachment_list',
			'composeattachmentform' => 'rcmail_compose_attachment_form',
			'composeattachment' => 'rcmail_compose_attachment_field',
			'priorityselector' => 'rcmail_priority_selector',
			'charsetselector' => 'rcmail_charset_selector',
			'editorselector' => 'rcmail_editor_selector',
			'searchform' => 'rcmail_search_form',
			'receiptcheckbox' => 'rcmail_receipt_checkbox',

			// ADDRESS BOOK
			'addresslist' => 'rcmail_contacts_list',
			'addressframe' => 'rcmail_contact_frame',
			'recordscountdisplay' => 'rcmail_rowcount_display',
			'contactdetails' => 'rcmail_contact_details',
			'contacteditform' => 'rcmail_contact_editform',
			'ldappublicsearch' => 'rcmail_ldap_public_search_form',
			'ldappublicaddresslist' => 'rcmail_ldap_public_list',

			// USER SETTINGS
			'userprefs' => 'rcmail_user_prefs_form',
			'itentitieslist' => 'rcmail_identities_list',
			'identityframe' => 'rcmail_identity_frame',
			'identityform' => 'rcube_identity_form',
			'foldersubscription' => 'rcube_subscription_form',
			'createfolder' => 'rcube_create_folder_form',
			'renamefolder' => 'rcube_rename_folder_form',
			'composebody' => 'rcmail_compose_body'
			);


			// execute object handler function
			if ($object_handlers[$object] && function_exists($object_handlers[$object]))
			return call_user_func($object_handlers[$object], $attrib);

			else if ($object=='productname')
			{
			$name = !empty($CONFIG['product_name']) ? $CONFIG['product_name'] : 'RoundCube Webmail';
			return Q($name);
			}
			else if ($object=='version')
			{
			return (string)RCMAIL_VERSION;
			}
			else if ($object=='pagetitle')
			{
			$task = $GLOBALS['_task'];
			$title = !empty($CONFIG['product_name']) ? $CONFIG['product_name'].' :: ' : '';

			if ($task=='login')
			$title = rcube_label(array('name' => 'welcome', 'vars' => array('product' => $CONFIG['product_name'])));
			else if ($task=='mail' && isset($GLOBALS['MESSAGE']['subject']))
			$title .= $GLOBALS['MESSAGE']['subject'];
			else if (isset($GLOBALS['PAGE_TITLE']))
			$title .= $GLOBALS['PAGE_TITLE'];
			else if ($task=='mail' && ($mbox_name = $IMAP->get_mailbox_name()))
			$title .= rcube_charset_convert($mbox_name, 'UTF-7', 'UTF-8');
			else
			$title .= ucfirst($task);

			return Q($title);
			}

			break;
			}

			return '';
			}


			// create and register a button
			function rcube_button($attrib)
			{
			global $CONFIG, $OUTPUT, $JS_OBJECT_NAME, $BROWSER, $COMM_PATH, $MAIN_TASKS;
			static $sa_buttons = array();
			static $s_button_count = 100;

			// these commands can be called directly via url
			$a_static_commands = array('compose', 'list');

			$skin_path = $CONFIG['skin_path'];

			if (!($attrib['command'] \|\| $attrib['name']))
			return '';

			// try to find out the button type
			if ($attrib['type'])
			$attrib['type'] = strtolower($attrib['type']);
			else
			$attrib['type'] = ($attrib['image'] \|\| $attrib['imagepas'] \|\| $attrib['imageact']) ? 'image' : 'link';

			$command = $attrib['command'];

			// take the button from the stack
			if($attrib['name'] && $sa_buttons[$attrib['name']])
			$attrib = $sa_buttons[$attrib['name']];

			// add button to button stack
			else if($attrib['image'] \|\| $attrib['imageact'] \|\| $attrib['imagepas'] \|\| $attrib['class'])
			{
			if(!$attrib['name'])
			$attrib['name'] = $command;

			if (!$attrib['image'])
			$attrib['image'] = $attrib['imagepas'] ? $attrib['imagepas'] : $attrib['imageact'];

			$sa_buttons[$attrib['name']] = $attrib;
			}

			// get saved button for this command/name
			else if ($command && $sa_buttons[$command])
			$attrib = $sa_buttons[$command];

			//else
			// return '';


			// set border to 0 because of the link arround the button
			if ($attrib['type']=='image' && !isset($attrib['border']))
			$attrib['border'] = 0;

			if (!$attrib['id'])
			$attrib['id'] = sprintf('rcmbtn%d', $s_button_count++);

			// get localized text for labels and titles
			if ($attrib['title'])
			$attrib['title'] = Q(rcube_label($attrib['title']));
			if ($attrib['label'])
			$attrib['label'] = Q(rcube_label($attrib['label']));

			if ($attrib['alt'])
			$attrib['alt'] = Q(rcube_label($attrib['alt']));

			// set title to alt attribute for IE browsers
			if ($BROWSER['ie'] && $attrib['title'] && !$attrib['alt'])
			{
			$attrib['alt'] = $attrib['title'];
			unset($attrib['title']);
			}

			// add empty alt attribute for XHTML compatibility
			if (!isset($attrib['alt']))
			$attrib['alt'] = '';


			// register button in the system
			if ($attrib['command'])
			{
			$OUTPUT->add_script(sprintf("%s.register_button('%s', '%s', '%s', '%s', '%s', '%s');",
			$JS_OBJECT_NAME,
			$command,
			$attrib['id'],
			$attrib['type'],
			$attrib['imageact'] ? $skin_path.$attrib['imageact'] : $attrib['classact'],
			$attrib['imagesel'] ? $skin_path.$attrib['imagesel'] : $attrib['classsel'],
			$attrib['imageover'] ? $skin_path.$attrib['imageover'] : ''));

			// make valid href to specific buttons
			if (in_array($attrib['command'], $MAIN_TASKS))
			$attrib['href'] = htmlentities(ereg_replace('_task=[a-z]+', '_task='.$attrib['command'], $COMM_PATH));
			else if (in_array($attrib['command'], $a_static_commands))
			$attrib['href'] = htmlentities($COMM_PATH.'&_action='.$attrib['command']);
			}

			// overwrite attributes
			if (!$attrib['href'])
			$attrib['href'] = '#';

			if ($command)
			$attrib['onclick'] = sprintf("return %s.command('%s','%s',this)", $JS_OBJECT_NAME, $command, $attrib['prop']);

			if ($command && $attrib['imageover'])
			{
			$attrib['onmouseover'] = sprintf("return %s.button_over('%s','%s')", $JS_OBJECT_NAME, $command, $attrib['id']);
			$attrib['onmouseout'] = sprintf("return %s.button_out('%s','%s')", $JS_OBJECT_NAME, $command, $attrib['id']);
			}

			if ($command && $attrib['imagesel'])
			{
			$attrib['onmousedown'] = sprintf("return %s.button_sel('%s','%s')", $JS_OBJECT_NAME, $command, $attrib['id']);
			$attrib['onmouseup'] = sprintf("return %s.button_out('%s','%s')", $JS_OBJECT_NAME, $command, $attrib['id']);
			}

			$out = '';

			// generate image tag
			if ($attrib['type']=='image')
			{
			$attrib_str = create_attrib_string($attrib, array('style', 'class', 'id', 'width', 'height', 'border', 'hspace', 'vspace', 'align', 'alt'));
			$img_tag = sprintf('<img src="%%s"%s />', $attrib_str);
			$btn_content = sprintf($img_tag, $skin_path.$attrib['image']);
			if ($attrib['label'])
			$btn_content .= ' '.$attrib['label'];

			$link_attrib = array('href', 'onclick', 'onmouseover', 'onmouseout', 'onmousedown', 'onmouseup', 'title');
			}
			else if ($attrib['type']=='link')
			{
			$btn_content = $attrib['label'] ? $attrib['label'] : $attrib['command'];
			$link_attrib = array('href', 'onclick', 'title', 'id', 'class', 'style');
			}
			else if ($attrib['type']=='input')
			{
			$attrib['type'] = 'button';

			if ($attrib['label'])
			$attrib['value'] = $attrib['label'];

			$attrib_str = create_attrib_string($attrib, array('type', 'value', 'onclick', 'id', 'class', 'style'));
			$out = sprintf('<input%s disabled />', $attrib_str);
			}

			// generate html code for button
			if ($btn_content)
			{
			$attrib_str = create_attrib_string($attrib, $link_attrib);
			$out = sprintf('<a%s>%s</a>', $attrib_str, $btn_content);
			}

			return $out;
			}


			function rcube_menu($attrib)
			{

			return '';
			}



			function rcube_table_output($attrib, $table_data, $a_show_cols, $id_col)
			{
			global $DB;
			@@ -1658,7 +1343,7 @@

			// use value from post
			if (!empty($_POST[$fname]))
			$value = $_POST[$fname];
			$value = get_input_value($fname, RCUBE_INPUT_POST);

			$out = $input->show($value);

			@@ -1666,7 +1351,100 @@
			}


			// compose a valid attribute string for HTML tags
			/**
			* Return the mail domain configured for the given host
			*
			* @param string IMAP host
			* @return string Resolved SMTP host
			*/
			function rcmail_mail_domain($host)
			{
			global $CONFIG;

			$domain = $host;
			if (is_array($CONFIG['mail_domain']))
			{
			if (isset($CONFIG['mail_domain'][$host]))
			$domain = $CONFIG['mail_domain'][$host];
			}
			else if (!empty($CONFIG['mail_domain']))
			$domain = $CONFIG['mail_domain'];

			return $domain;
			}


			/**
			* Replace all css definitions with #container [def]
			*
			* @param string CSS source code
			* @param string Container ID to use as prefix
			* @return string Modified CSS source
			*/
			function rcmail_mod_css_styles($source, $container_id, $base_url = '')
			{
			$a_css_values = array();
			$last_pos = 0;

			// cut out all contents between { and }
			while (($pos = strpos($source, '{', $last_pos)) && ($pos2 = strpos($source, '}', $pos)))
			{
			$key = sizeof($a_css_values);
			$a_css_values[$key] = substr($source, $pos+1, $pos2-($pos+1));
			$source = substr($source, 0, $pos+1) . "<<str_replacement[$key]>>" . substr($source, $pos2, strlen($source)-$pos2);
			$last_pos = $pos+2;
			}

			// remove html commends and add #container to each tag selector.
			// also replace body definition because we also stripped off the <body> tag
			$styles = preg_replace(
			array(
			'/(^\s<!--)\|(-->\s$)/',
			'/(^\s\|,\s\|\}\s)([a-z0-9\._#][a-z0-9\.\-_])/im',
			'/@import\s+(url$)?[\'"]?([^$\'"]+)[\'"]?(\))?/ime',
			'/<<str_replacement\[([0-9]+)\]>>/e',
			"/$container_id\s+body/i"
			),
			array(
			'',
			"\\1#$container_id \\2",
			"sprintf(\"@import url('./bin/modcss.php?u=%s&c=%s')\", urlencode(make_absolute_url('\\2','$base_url')), urlencode($container_id))",
			"\$a_css_values[\\1]",
			"$container_id div.rcmBody"
			),
			$source);

			return $styles;
			}

			/**
			* Try to autodetect operating system and find the correct line endings
			*
			* @return string The appropriate mail header delimiter
			*/
			function rcmail_header_delm()
			{
			global $CONFIG;

			// use the configured delimiter for headers
			if (!empty($CONFIG['mail_header_delimiter']))
			return $CONFIG['mail_header_delimiter'];
			else if (strtolower(substr(PHP_OS, 0, 3)=='win'))
			return "\r\n";
			else if (strtolower(substr(PHP_OS, 0, 3)=='mac'))
			return "\r\n";
			else
			return "\n";
			}


			/**
			* Compose a valid attribute string for HTML tags
			*
			* @param array Named tag attributes
			* @param array List of allowed attributes
			* @return string HTML formatted attribute string
			*/
			function create_attrib_string($attrib, $allowed_attribs=array('id', 'class', 'style'))
			{
			// allow the following attributes to be added to the <iframe> tag
			@@ -1679,7 +1457,12 @@
			}


			// convert a HTML attribute string attributes to an associative array (name => value)
			/**
			* Convert a HTML attribute string attributes to an associative array (name => value)
			*
			* @param string Input string
			* @return array Key-value pairs of parsed attributes
			*/
			function parse_attrib_string($str)
			{
			$attrib = array();
			@@ -1694,6 +1477,14 @@
			}


			/**
			* Convert the given date to a human readable form
			* This uses the date formatting properties from config
			*
			* @param mixed Date representation (string or timestamp)
			* @param string Date format to use
			* @return string Formatted date string
			*/
			function format_date($date, $format=NULL)
			{
			global $CONFIG, $sess_user_lang;
			@@ -1765,192 +1556,21 @@
			}


			// ************ functions delivering gui objects ************



			function rcmail_message_container($attrib)
			/**
			* Compose a valid representaion of name and e-mail address
			*
			* @param string E-mail address
			* @param string Person name
			* @return string Formatted string
			*/
			function format_email_recipient($email, $name='')
			{
			global $OUTPUT, $JS_OBJECT_NAME;

			if (!$attrib['id'])
			$attrib['id'] = 'rcmMessageContainer';

			// allow the following attributes to be added to the <table> tag
			$attrib_str = create_attrib_string($attrib, array('style', 'class', 'id'));
			$out = '<div' . $attrib_str . "></div>";

			$OUTPUT->add_script("$JS_OBJECT_NAME.gui_object('message', '$attrib[id]');");

			return $out;
			}


			// return the IMAP username of the current session
			function rcmail_current_username($attrib)
			{
			global $DB;
			static $s_username;

			// alread fetched
			if (!empty($s_username))
			return $s_username;

			// get e-mail address form default identity
			$sql_result = $DB->query("SELECT email AS mailto
			FROM ".get_table_name('identities')."
			WHERE user_id=?
			AND standard=1
			AND del<>1",
			$_SESSION['user_id']);

			if ($DB->num_rows($sql_result))
			{
			$sql_arr = $DB->fetch_assoc($sql_result);
			$s_username = $sql_arr['mailto'];
			}
			else if (strstr($_SESSION['username'], '@'))
			$s_username = $_SESSION['username'];
			if ($name && $name != $email)
			return sprintf('%s <%s>', strpos($name, ",") ? '"'.$name.'"' : $name, $email);
			else
			$s_username = $_SESSION['username'].'@'.$_SESSION['imap_host'];

			return $s_username;
			return $email;
			}


			// return the mail domain configured for the given host
			function rcmail_mail_domain($host)
			{
			global $CONFIG;

			$domain = $host;
			if (is_array($CONFIG['mail_domain']))
			{
			if (isset($CONFIG['mail_domain'][$host]))
			$domain = $CONFIG['mail_domain'][$host];
			}
			else if (!empty($CONFIG['mail_domain']))
			$domain = $CONFIG['mail_domain'];

			return $domain;
			}


			// return code for the webmail login form
			function rcmail_login_form($attrib)
			{
			global $CONFIG, $OUTPUT, $JS_OBJECT_NAME, $SESS_HIDDEN_FIELD;

			$labels = array();
			$labels['user'] = rcube_label('username');
			$labels['pass'] = rcube_label('password');
			$labels['host'] = rcube_label('server');

			$input_user = new textfield(array('name' => '_user', 'id' => 'rcmloginuser', 'size' => 30));
			$input_pass = new passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd', 'size' => 30));
			$input_action = new hiddenfield(array('name' => '_action', 'value' => 'login'));

			$fields = array();
			$fields['user'] = $input_user->show(get_input_value('_user', RCUBE_INPUT_POST));
			$fields['pass'] = $input_pass->show();
			$fields['action'] = $input_action->show();

			if (is_array($CONFIG['default_host']))
			{
			$select_host = new select(array('name' => '_host', 'id' => 'rcmloginhost'));

			foreach ($CONFIG['default_host'] as $key => $value)
			{
			if (!is_array($value))
			$select_host->add($value, (is_numeric($key) ? $value : $key));
			else
			{
			unset($select_host);
			break;
			}
			}

			$fields['host'] = isset($select_host) ? $select_host->show($_POST['_host']) : null;
			}
			else if (!strlen($CONFIG['default_host']))
			{
			$input_host = new textfield(array('name' => '_host', 'id' => 'rcmloginhost', 'size' => 30));
			$fields['host'] = $input_host->show($_POST['_host']);
			}

			$form_name = strlen($attrib['form']) ? $attrib['form'] : 'form';
			$form_start = !strlen($attrib['form']) ? '<form name="form" action="./" method="post">' : '';
			$form_end = !strlen($attrib['form']) ? '</form>' : '';

			if ($fields['host'])
			$form_host = <<<EOF

			</tr><tr>

			<td class="title"><label for="rcmloginhost">$labels[host]</label></td>
			<td>$fields[host]</td>

			EOF;

			$OUTPUT->add_script("$JS_OBJECT_NAME.gui_object('loginform', '$form_name');");

			$out = <<<EOF
			$form_start
			$SESS_HIDDEN_FIELD
			$fields[action]
			<table><tr>

			<td class="title"><label for="rcmloginuser">$labels[user]</label></td>
			<td>$fields[user]</td>

			</tr><tr>

			<td class="title"><label for="rcmloginpwd">$labels[pass]</label></td>
			<td>$fields[pass]</td>
			$form_host
			</tr></table>
			$form_end
			EOF;

			return $out;
			}


			function rcmail_charset_selector($attrib)
			{
			global $OUTPUT;

			// pass the following attributes to the form class
			$field_attrib = array('name' => '_charset');
			foreach ($attrib as $attr => $value)
			if (in_array($attr, array('id', 'class', 'style', 'size', 'tabindex')))
			$field_attrib[$attr] = $value;

			$charsets = array(
			'US-ASCII' => 'ASCII (English)',
			'EUC-JP' => 'EUC-JP (Japanese)',
			'EUC-KR' => 'EUC-KR (Korean)',
			'BIG5' => 'BIG5 (Chinese)',
			'GB2312' => 'GB2312 (Chinese)',
			'ISO-2022-JP' => 'ISO-2022-JP (Japanese)',
			'ISO-8859-1' => 'ISO-8859-1 (Latin-1)',
			'ISO-8859-2' => 'ISO-8895-2 (Central European)',
			'ISO-8859-7' => 'ISO-8859-7 (Greek)',
			'ISO-8859-9' => 'ISO-8859-9 (Turkish)',
			'Windows-1251' => 'Windows-1251 (Cyrillic)',
			'Windows-1252' => 'Windows-1252 (Western)',
			'Windows-1255' => 'Windows-1255 (Hebrew)',
			'Windows-1256' => 'Windows-1256 (Arabic)',
			'Windows-1257' => 'Windows-1257 (Baltic)',
			'UTF-8' => 'UTF-8'
			);

			$select = new select($field_attrib);
			$select->add(array_values($charsets), array_keys($charsets));

			$set = $_POST['_charset'] ? $_POST['_charset'] : $OUTPUT->get_charset();
			return $select->show($set);
			}


			/**** debugging functions ******/
			@@ -1988,7 +1608,7 @@
			*/
			function write_log($name, $line)
			{
			global $CONFIG;
			global $CONFIG, $INSTALL_PATH;

			if (!is_string($line))
			$line = var_export($line, true);
			@@ -2009,6 +1629,9 @@
			}


			/**
			* @access private
			*/
			function rcube_timer()
			{
			list($usec, $sec) = explode(" ", microtime());
			@@ -2016,6 +1639,9 @@
			}


			/**
			* @access private
			*/
			function rcube_print_time($timer, $label='Timer')
			{
			static $print_count = 0;
			@@ -2030,4 +1656,267 @@
			console(sprintf("%s: %0.4f sec", $label, $diff));
			}


			/**
			* Return the mailboxlist in HTML
			*
			* @param array Named parameters
			* @return string HTML code for the gui object
			*/
			function rcmail_mailbox_list($attrib)
			{
			global $IMAP, $CONFIG, $OUTPUT, $COMM_PATH;
			static $s_added_script = FALSE;
			static $a_mailboxes;

			// add some labels to client
			rcube_add_label('purgefolderconfirm');
			rcube_add_label('deletemessagesconfirm');

			// $mboxlist_start = rcube_timer();

			$type = $attrib['type'] ? $attrib['type'] : 'ul';
			$add_attrib = $type=='select' ? array('style', 'class', 'id', 'name', 'onchange') :
			array('style', 'class', 'id');

			if ($type=='ul' && !$attrib['id'])
			$attrib['id'] = 'rcmboxlist';

			// allow the following attributes to be added to the <ul> tag
			$attrib_str = create_attrib_string($attrib, $add_attrib);

			$out = '<' . $type . $attrib_str . ">\n";

			// add no-selection option
			if ($type=='select' && $attrib['noselection'])
			$out .= sprintf('<option value="0">%s</option>'."\n",
			rcube_label($attrib['noselection']));

			// get mailbox list
			$mbox_name = $IMAP->get_mailbox_name();

			// build the folders tree
			if (empty($a_mailboxes))
			{
			// get mailbox list
			$a_folders = $IMAP->list_mailboxes();
			$delimiter = $IMAP->get_hierarchy_delimiter();
			$a_mailboxes = array();

			// rcube_print_time($mboxlist_start, 'list_mailboxes()');

			foreach ($a_folders as $folder)
			rcmail_build_folder_tree($a_mailboxes, $folder, $delimiter);
			}

			// var_dump($a_mailboxes);

			if ($type=='select')
			$out .= rcmail_render_folder_tree_select($a_mailboxes, $mbox_name, $attrib['maxlength']);
			else
			$out .= rcmail_render_folder_tree_html($a_mailboxes, $mbox_name, $attrib['maxlength']);

			// rcube_print_time($mboxlist_start, 'render_folder_tree()');


			if ($type=='ul')
			$OUTPUT->add_gui_object('mailboxlist', $attrib['id']);

			return $out . "</$type>";
			}




			/**
			* Create a hierarchical array of the mailbox list
			* @access private
			*/
			function rcmail_build_folder_tree(&$arrFolders, $folder, $delm='/', $path='')
			{
			$pos = strpos($folder, $delm);
			if ($pos !== false)
			{
			$subFolders = substr($folder, $pos+1);
			$currentFolder = substr($folder, 0, $pos);
			}
			else
			{
			$subFolders = false;
			$currentFolder = $folder;
			}

			$path .= $currentFolder;

			if (!isset($arrFolders[$currentFolder]))
			{
			$arrFolders[$currentFolder] = array('id' => $path,
			'name' => rcube_charset_convert($currentFolder, 'UTF-7'),
			'folders' => array());
			}

			if (!empty($subFolders))
			rcmail_build_folder_tree($arrFolders[$currentFolder]['folders'], $subFolders, $delm, $path.$delm);
			}


			/**
			* Return html for a structured list <ul> for the mailbox tree
			* @access private
			*/
			function rcmail_render_folder_tree_html(&$arrFolders, &$mbox_name, $maxlength, $nestLevel=0)
			{
			global $COMM_PATH, $IMAP, $CONFIG, $OUTPUT;

			$idx = 0;
			$out = '';
			foreach ($arrFolders as $key => $folder)
			{
			$zebra_class = ($nestLevel*$idx)%2 ? 'even' : 'odd';
			$title = '';

			if ($folder_class = rcmail_folder_classname($folder['id']))
			$foldername = rcube_label($folder_class);
			else
			{
			$foldername = $folder['name'];

			// shorten the folder name to a given length
			if ($maxlength && $maxlength>1)
			{
			$fname = abbreviate_string($foldername, $maxlength);
			if ($fname != $foldername)
			$title = ' title="'.Q($foldername).'"';
			$foldername = $fname;
			}
			}

			// add unread message count display
			if ($unread_count = $IMAP->messagecount($folder['id'], 'RECENT', ($folder['id']==$mbox_name)))
			$foldername .= sprintf(' (%d)', $unread_count);

			// make folder name safe for ids and class names
			$folder_id = preg_replace('/[^A-Za-z0-9\-_]/', '', $folder['id']);
			$class_name = preg_replace('/[^a-z0-9\-_]/', '', $folder_class ? $folder_class : strtolower($folder['id']));

			// set special class for Sent, Drafts, Trash and Junk
			if ($folder['id']==$CONFIG['sent_mbox'])
			$class_name = 'sent';
			else if ($folder['id']==$CONFIG['drafts_mbox'])
			$class_name = 'drafts';
			else if ($folder['id']==$CONFIG['trash_mbox'])
			$class_name = 'trash';
			else if ($folder['id']==$CONFIG['junk_mbox'])
			$class_name = 'junk';

			$js_name = htmlspecialchars(JQ($folder['id']));
			$out .= sprintf('<li id="rcmli%s" class="mailbox %s %s%s%s"><a href="%s"'.
			' onclick="return %s.command(\'list\',\'%s\',this)"'.
			' onmouseover="return %s.focus_folder(\'%s\')"' .
			' onmouseout="return %s.unfocus_folder(\'%s\')"' .
			' onmouseup="return %s.folder_mouse_up(\'%s\')"%s>%s</a>',
			$folder_id,
			$class_name,
			$zebra_class,
			$unread_count ? ' unread' : '',
			$folder['id']==$mbox_name ? ' selected' : '',
			Q(rcmail_url('', array('_mbox' => $folder['id']))),
			JS_OBJECT_NAME,
			$js_name,
			JS_OBJECT_NAME,
			$js_name,
			JS_OBJECT_NAME,
			$js_name,
			JS_OBJECT_NAME,
			$js_name,
			$title,
			Q($foldername));

			if (!empty($folder['folders']))
			$out .= "\n<ul>\n" . rcmail_render_folder_tree_html($folder['folders'], $mbox_name, $maxlength, $nestLevel+1) . "</ul>\n";

			$out .= "</li>\n";
			$idx++;
			}

			return $out;
			}


			/**
			* Return html for a flat list <select> for the mailbox tree
			* @access private
			*/
			function rcmail_render_folder_tree_select(&$arrFolders, &$mbox_name, $maxlength, $nestLevel=0)
			{
			global $IMAP, $OUTPUT;

			$idx = 0;
			$out = '';
			foreach ($arrFolders as $key=>$folder)
			{
			if ($folder_class = rcmail_folder_classname($folder['id']))
			$foldername = rcube_label($folder_class);
			else
			{
			$foldername = $folder['name'];

			// shorten the folder name to a given length
			if ($maxlength && $maxlength>1)
			$foldername = abbreviate_string($foldername, $maxlength);
			}

			$out .= sprintf('<option value="%s">%s%s</option>'."\n",
			htmlspecialchars($folder['id']),
			str_repeat(' ', $nestLevel*4),
			Q($foldername));

			if (!empty($folder['folders']))
			$out .= rcmail_render_folder_tree_select($folder['folders'], $mbox_name, $maxlength, $nestLevel+1);

			$idx++;
			}

			return $out;
			}


			/**
			* Return internal name for the given folder if it matches the configured special folders
			* @access private
			*/
			function rcmail_folder_classname($folder_id)
			{
			global $CONFIG;

			$cname = null;
			$folder_lc = strtolower($folder_id);

			// for these mailboxes we have localized labels and css classes
			foreach (array('inbox', 'sent', 'drafts', 'trash', 'junk') as $smbx)
			{
			if ($folder_lc == $smbx \|\| $folder_id == $CONFIG[$smbx.'_mbox'])
			$cname = $smbx;
			}

			return $cname;
			}


			/**
			* Try to localize the given IMAP folder name.
			* UTF-7 decode it in case no localized text was found
			*
			* @param string Folder name
			* @return string Localized folder name in UTF-8 encoding
			*/
			function rcmail_localize_foldername($name)
			{
			if ($folder_class = rcmail_folder_classname($name))
			return rcube_label($folder_class);
			else
			return rcube_charset_convert($name, 'UTF-7');
			}


			?>