githubFork/roundcubemail.git

			@@ -413,6 +413,34 @@
			}


			// auto-select IMAP host based on the posted login information
			function rcmail_autoselect_host()
			{
			global $CONFIG;

			$host = isset($_POST['_host']) ? get_input_value('_host', RCUBE_INPUT_POST) : $CONFIG['default_host'];
			if (is_array($host))
			{
			list($user, $domain) = explode('@', get_input_value('_user', RCUBE_INPUT_POST));
			if (!empty($domain))
			{
			foreach ($host as $imap_host => $mail_domains)
			if (is_array($mail_domains) && in_array($domain, $mail_domains))
			{
			$host = $imap_host;
			break;
			}
			}

			// take the first entry if $host is still an array
			if (is_array($host))
			$host = array_shift($host);
			}

			return $host;
			}


			// perfom login to the IMAP server and to the webmail service
			function rcmail_login($user, $pass, $host=NULL)
			{
			@@ -550,21 +578,28 @@
			$user_name = $user!=$user_email ? $user : '';

			// try to resolve the e-mail address from the virtuser table
			if (!empty($CONFIG['virtuser_query']))
			{
			$sql_result = $DB->query(preg_replace('/%u/', $user, $CONFIG['virtuser_query']));
			if ($sql_arr = $DB->fetch_array($sql_result))
			$user_email = $sql_arr[0];
			if (!empty($CONFIG['virtuser_query']) &&
			($sql_result = $DB->query(preg_replace('/%u/', $user, $CONFIG['virtuser_query']))) &&
			($DB->num_rows()>0))
			while ($sql_arr = $DB->fetch_array($sql_result))
			{
			$DB->query("INSERT INTO ".get_table_name('identities')."
			(user_id, del, standard, name, email)
			VALUES (?, 0, 1, ?, ?)",
			$user_id,
			$user_name,
			preg_replace('/^@/', $user . '@', $sql_arr[0]));
			}
			else
			{
			// also create new identity records
			$DB->query("INSERT INTO ".get_table_name('identities')."
			(user_id, del, standard, name, email)
			VALUES (?, 0, 1, ?, ?)",
			$user_id,
			$user_name,
			$user_email);
			}

			// also create new identity records
			$DB->query("INSERT INTO ".get_table_name('identities')."
			(user_id, del, standard, name, email)
			VALUES (?, 0, 1, ?, ?)",
			$user_id,
			$user_name,
			$user_email);


			// get existing mailboxes
			$a_mailboxes = $IMAP->list_mailboxes();
			@@ -699,7 +734,7 @@

			$framed = $GLOBALS['_framed'];
			$command = sprintf("display_message('%s', '%s');",
			rep_specialchars_output(rcube_label(array('name' => $message, 'vars' => $vars)), 'js'),
			JQ(rcube_label(array('name' => $message, 'vars' => $vars))),
			$type);

			if ($REMOTE_REQUEST)
			@@ -819,7 +854,7 @@
			$OUTPUT->add_script(sprintf("%s.add_label('%s', '%s');",
			$JS_OBJECT_NAME,
			$name,
			rep_specialchars_output(rcube_label($name), 'js')));
			JQ(rcube_label($name))));
			}


			@@ -862,8 +897,15 @@
			}


			// convert a string from one charset to another
			// this function is not complete and not tested well
			/**
			* Convert a string from one charset to another.
			* Uses mbstring and iconv functions if possible
			*
			* @param string Input string
			* @param string Suspected charset of the input string
			* @param string Target charset to convert to; defaults to $GLOBALS['CHARSET']
			* @return Converted string
			*/
			function rcube_charset_convert($str, $from, $to=NULL)
			{
			global $MBSTRING;
			@@ -918,12 +960,19 @@
			}



			// replace specials characters to a specific encoding type
			/**
			* Replacing specials characters to a specific encoding type
			*
			* @param string Input string
			* @param string Encoding type: text\|html\|xml\|js\|url
			* @param string Replace mode for tags: show\|replace\|remove
			* @param boolean Convert newlines
			* @return The quoted string
			*/
			function rep_specialchars_output($str, $enctype='', $mode='', $newlines=TRUE)
			{
			global $OUTPUT_TYPE, $OUTPUT;
			static $html_encode_arr, $js_rep_table, $rtf_rep_table, $xml_rep_table;
			static $html_encode_arr, $js_rep_table, $xml_rep_table;

			if (!$enctype)
			$enctype = $GLOBALS['OUTPUT_TYPE'];
			@@ -965,21 +1014,18 @@
			return $newlines ? nl2br($out) : $out;
			}


			if ($enctype=='url')
			return rawurlencode($str);


			// if the replace tables for RTF, XML and JS are not yet defined
			// if the replace tables for XML and JS are not yet defined
			if (!$js_rep_table)
			{
			$js_rep_table = $rtf_rep_table = $xml_rep_table = array();
			$js_rep_tabl = $xml_rep_table = array();
			$xml_rep_table['&'] = '&';

			for ($c=160; $c<256; $c++) // can be increased to support more charsets
			{
			$hex = dechex($c);
			$rtf_rep_table[Chr($c)] = "\\'$hex";
			$xml_rep_table[Chr($c)] = "&#$c;";

			if ($OUTPUT->get_charset()=='ISO-8859-1')
			@@ -990,7 +1036,7 @@
			$xml_rep_table['"'] = '"';
			}

			// encode for RTF
			// encode for XML
			if ($enctype=='xml')
			return strtr($str, $xml_rep_table);

			@@ -1003,12 +1049,26 @@
			return addslashes(preg_replace(array("/\r\n/", "/\r/"), array('\n', '\n'), strtr($str, $js_rep_table)));
			}

			// encode for RTF
			if ($enctype=='rtf')
			return preg_replace("/\r\n/", "\par ", strtr($str, $rtf_rep_table));

			// no encoding given -> return original string
			return $str;
			}

			/**
			* Quote a given string. Alias function for rep_specialchars_output
			* @see rep_specialchars_output
			*/
			function Q($str, $mode='strict', $newlines=TRUE)
			{
			return rep_specialchars_output($str, 'html', $mode, $newlines);
			}

			/**
			* Quote a given string. Alias function for rep_specialchars_output
			* @see rep_specialchars_output
			*/
			function JQ($str, $mode='strict', $newlines=TRUE)
			{
			return rep_specialchars_output($str, 'js', $mode, $newlines);
			}


			@@ -1056,7 +1116,13 @@
			return $value;
			}


			/**
			* Remove single and double quotes from given string
			*/
			function strip_quotes($str)
			{
			return preg_replace('/[\'"]/', '', $str);
			}


			// ************ template parsing and gui functions ************
			@@ -1101,8 +1167,12 @@


			// parse for specialtags
			$output = parse_rcube_xml($templ);
			$output = parse_rcube_xml(parse_rcube_conditions($templ));

			// add debug console
			if ($CONFIG['debug_level'] & 8)
			$OUTPUT->footer = '<div style="position:absolute;top:5px;left:5px;width:400px;opacity:0.8;z-index:9000;"><form name="debugform"><textarea name="console" rows="15" cols="40" style="width:400px;border:none;font-size:x-small"></textarea></form>';

			$OUTPUT->write(trim(parse_with_globals($output)), $skin_path);

			if ($exit)
			@@ -1120,6 +1190,55 @@
			}


			// parse conditional code
			function parse_rcube_conditions($input)
			{
			if (($matches = preg_split('/<roundcube:(if\|elseif\|else\|endif)\s+([^>]+)>/is', $input, 2, PREG_SPLIT_DELIM_CAPTURE)) && count($matches)==4)
			{
			if (preg_match('/^(else\|endif)$/i', $matches[1]))
			return $matches[0] . parse_rcube_conditions($matches[3]);
			else
			{
			$attrib = parse_attrib_string($matches[2]);
			if (isset($attrib['condition']))
			{
			$condmet = rcube_xml_condition($attrib['condition']);
			$submatches = preg_split('/<roundcube:(elseif\|else\|endif)\s+([^>]+)>/is', $matches[3], 2, PREG_SPLIT_DELIM_CAPTURE);

			if ($condmet)
			$result = $submatches[0] . preg_replace('/.*<roundcube:endif\s+[^>]+>/is', '', $submatches[3]);
			else
			$result = "<roundcube:$submatches[1] $submatches[2]>" . $submatches[3];

			return $matches[0] . parse_rcube_conditions($result);
			}
			else
			{
			raise_error(array('code' => 500, 'type' => 'php', 'line' => __LINE__, 'file' => __FILE__,
			'message' => "Unable to parse conditional tag " . $matches[2]), TRUE, FALSE);
			}
			}
			}

			return $input;
			}


			/**
			* Determines if a given condition is met
			*
			* @return True if condition is valid, False is not
			*/
			function rcube_xml_condition($condition)
			{
			$condition = preg_replace(
			array('/session:([a-z0-9_]+)/i', '/config:([a-z0-9_]+)/i', '/request:([a-z0-9_]+)/ie'),
			array("\$_SESSION['\\1']", "\$GLOBALS['CONFIG']['\\1']", "get_input_value('\\1', RCUBE_INPUT_GPC)"),
			$condition);

			return @eval("return (".$condition.");");
			}


			function parse_rcube_xml($input)
			{
			@@ -1128,12 +1247,19 @@
			}


			/**
			* Convert a xml command tag into real content
			*/
			function rcube_xml_command($command, $str_attrib, $add_attrib=array())
			{
			global $IMAP, $CONFIG, $OUTPUT;

			$command = strtolower($command);
			$attrib = parse_attrib_string($str_attrib) + $add_attrib;

			// empty output if required condition is not met
			if (!empty($attrib['condition']) && !rcube_xml_condition($attrib['condition']))
			return '';

			// execute command
			switch ($command)
			@@ -1147,7 +1273,7 @@
			// show a label
			case 'label':
			if ($attrib['name'] \|\| $attrib['command'])
			return rep_specialchars_output(rcube_label($attrib));
			return Q(rcube_label($attrib));
			break;

			// create a menu item
			@@ -1230,7 +1356,7 @@
			else if ($object=='productname')
			{
			$name = !empty($CONFIG['product_name']) ? $CONFIG['product_name'] : 'RoundCube Webmail';
			return rep_specialchars_output($name, 'html', 'all');
			return Q($name);
			}
			else if ($object=='version')
			{
			@@ -1252,7 +1378,7 @@
			else
			$title .= ucfirst($task);

			return rep_specialchars_output($title, 'html', 'all');
			return Q($title);
			}

			break;
			@@ -1318,12 +1444,12 @@

			// get localized text for labels and titles
			if ($attrib['title'])
			$attrib['title'] = rep_specialchars_output(rcube_label($attrib['title']));
			$attrib['title'] = Q(rcube_label($attrib['title']));
			if ($attrib['label'])
			$attrib['label'] = rep_specialchars_output(rcube_label($attrib['label']));
			$attrib['label'] = Q(rcube_label($attrib['label']));

			if ($attrib['alt'])
			$attrib['alt'] = rep_specialchars_output(rcube_label($attrib['alt']));
			$attrib['alt'] = Q(rcube_label($attrib['alt']));

			// set title to alt attribute for IE browsers
			if ($BROWSER['ie'] && $attrib['title'] && !$attrib['alt'])
			@@ -1436,12 +1562,11 @@
			$table .= "<thead><tr>\n";

			foreach ($a_show_cols as $col)
			$table .= '<td class="'.$col.'">' . rep_specialchars_output(rcube_label($col)) . "</td>\n";
			$table .= '<td class="'.$col.'">' . Q(rcube_label($col)) . "</td>\n";

			$table .= "</tr></thead>\n<tbody>\n";

			$c = 0;

			if (!is_array($table_data))
			{
			while ($table_data && ($sql_arr = $DB->fetch_assoc($table_data)))
			@@ -1453,8 +1578,8 @@
			// format each col
			foreach ($a_show_cols as $col)
			{
			$cont = rep_specialchars_output($sql_arr[$col]);
			$table .= '<td class="'.$col.'">' . $cont . "</td>\n";
			$cont = Q($sql_arr[$col]);
			$table .= '<td class="'.$col.'">' . $cont . "</td>\n";
			}

			$table .= "</tr>\n";
			@@ -1472,8 +1597,8 @@
			// format each col
			foreach ($a_show_cols as $col)
			{
			$cont = rep_specialchars_output($row_data[$col]);
			$table .= '<td class="'.$col.'">' . $cont . "</td>\n";
			$cont = Q($row_data[$col]);
			$table .= '<td class="'.$col.'">' . $cont . "</td>\n";
			}

			$table .= "</tr>\n";
			@@ -1579,7 +1704,7 @@
			$now = time(); // local time
			$now -= (int)date('Z'); // make GMT time
			$now += ($tz * 3600); // user's time
			$now_date = getdate();
			$now_date = getdate($now);

			$today_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday'], $now_date['year']);
			$week_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday']-6, $now_date['year']);
			@@ -1719,14 +1844,22 @@
			$select_host = new select(array('name' => '_host', 'id' => 'rcmloginhost'));

			foreach ($CONFIG['default_host'] as $key => $value)
			$select_host->add($value, (is_numeric($key) ? $value : $key));
			{
			if (!is_array($value))
			$select_host->add($value, (is_numeric($key) ? $value : $key));
			else
			{
			unset($select_host);
			break;
			}
			}

			$fields['host'] = $select_host->show($_POST['_host']);
			$fields['host'] = isset($select_host) ? $select_host->show($_POST['_host']) : null;
			}
			else if (!strlen($CONFIG['default_host']))
			{
			$input_host = new textfield(array('name' => '_host', 'id' => 'rcmloginhost', 'size' => 30));
			$fields['host'] = $input_host->show($_POST['_host']);
			$input_host = new textfield(array('name' => '_host', 'id' => 'rcmloginhost', 'size' => 30));
			$fields['host'] = $input_host->show($_POST['_host']);
			}

			$form_name = strlen($attrib['form']) ? $attrib['form'] : 'form';