githubFork/roundcubemail.git

			@@ -4,8 +4,8 @@
			+-----------------------------------------------------------------------+
			\| program/include/rcube_template.php \|
			\| \|
			\| This file is part of the RoundCube Webmail client \|
			\| Copyright (C) 2006-2010, RoundCube Dev. - Switzerland \|
			\| This file is part of the Roundcube Webmail client \|
			\| Copyright (C) 2006-2010, Roundcube Dev. - Switzerland \|
			\| Licensed under the GNU GPL \|
			\| \|
			\| PURPOSE: \|
			@@ -30,16 +30,17 @@
			*/
			class rcube_template extends rcube_html_page
			{
			var $app;
			var $config;
			var $framed = false;
			var $pagetitle = '';
			var $message = null;
			var $env = array();
			var $js_env = array();
			var $js_commands = array();
			var $object_handlers = array();
			private $app;
			private $config;
			private $pagetitle = '';
			private $message = null;
			private $js_env = array();
			private $js_commands = array();
			private $object_handlers = array();

			public $browser;
			public $framed = false;
			public $env = array();
			public $type = 'html';
			public $ajax_call = false;

			@@ -56,7 +57,7 @@
			$this->app = rcmail::get_instance();
			$this->config = $this->app->config->all();
			$this->browser = new rcube_browser();


			//$this->framed = $framed;
			$this->set_env('task', $task);
			$this->set_env('request_token', $this->app->get_request_token());
			@@ -128,7 +129,7 @@
			else {
			$title = ucfirst($this->env['task']);
			}


			return $title;
			}

			@@ -138,13 +139,21 @@
			*/
			public function set_skin($skin)
			{
			if (!empty($skin) && is_dir('skins/'.$skin) && is_readable('skins/'.$skin))
			$valid = false;

			if (!empty($skin) && is_dir('skins/'.$skin) && is_readable('skins/'.$skin)) {
			$skin_path = 'skins/'.$skin;
			else
			$valid = true;
			}
			else {
			$skin_path = $this->config['skin_path'] ? $this->config['skin_path'] : 'skins/default';
			$valid = !$skin;
			}

			$this->app->config->set('skin_path', $skin_path);
			$this->config['skin_path'] = $skin_path;

			return $valid;
			}

			/**
			@@ -217,7 +226,7 @@
			$args = func_get_args();
			if (count($args) == 1 && is_array($args[0]))
			$args = $args[0];


			foreach ($args as $name) {
			$this->command('add_label', $name, rcube_label($name));
			}
			@@ -306,7 +315,7 @@
			// set output asap
			ob_flush();
			flush();


			if ($exit) {
			exit;
			}
			@@ -322,14 +331,18 @@
			public function write($template = '')
			{
			// unlock interface after iframe load
			$unlock = preg_replace('/[^a-z0-9]/i', '', $_GET['_unlock']);
			if ($this->framed) {
			array_unshift($this->js_commands, array('set_busy', false));
			array_unshift($this->js_commands, array('set_busy', false, null, $unlock));
			}
			else if ($unlock) {
			array_unshift($this->js_commands, array('hide_message', $unlock));
			}
			// write all env variables to client
			$js = $this->framed ? "if(window.parent) {\n" : '';
			$js .= $this->get_js_commands() . ($this->framed ? ' }' : '');
			$this->add_script($js, 'head_top');


			// make sure all <form> tags have a valid request token
			$template = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $template);
			$this->footer = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $this->footer);
			@@ -352,7 +365,7 @@
			{
			$skin_path = $this->config['skin_path'];
			$plugin = false;


			$temp = explode(".", $name, 2);
			if (count($temp) > 1) {
			$plugin = $temp[0];
			@@ -364,7 +377,7 @@
			$skin_path = $this->app->plugins->dir . $skin_dir;
			}
			}


			$path = "$skin_path/templates/$name.html";

			// read template file
			@@ -378,7 +391,7 @@
			), true, true);
			return false;
			}


			// replace all path references to plugins/... with the configured plugins dir
			// and /this/ to the current plugin skin directory
			if ($plugin) {
			@@ -388,7 +401,7 @@
			// parse for specialtags
			$output = $this->parse_conditions($templ);
			$output = $this->parse_xml($output);


			// trigger generic hook where plugins can put additional content to the page
			$hook = $this->app->plugins->exec_hook("render_page", array('template' => $name, 'content' => $output));

			@@ -399,7 +412,7 @@
			<textarea name="console" id="dbgconsole" rows="20" cols="40" wrap="off" style="display:none;width:400px;border:none;font-size:10px" spellcheck="false"></textarea></div>'
			);
			}


			$output = $this->parse_with_globals($hook['content']);
			$this->write(trim($output));
			if ($exit) {
			@@ -432,7 +445,7 @@
			implode(',', $args)
			);
			}


			return $out;
			}

			@@ -444,7 +457,10 @@
			*/
			public function abs_url($str)
			{
			return preg_replace('/^\//', $this->config['skin_path'].'/', $str);
			if ($str[0] == '/')
			return $this->config['skin_path'] . $str;
			else
			return $str;
			}


			@@ -533,8 +549,8 @@
			{
			return eval("return (".$this->parse_expression($condition).");");
			}




			/**
			* Inserts hidden field with CSRF-prevention-token into POST forms
			*/
			@@ -542,12 +558,12 @@
			{
			$out = $matches[0];
			$attrib = parse_attrib_string($matches[1]);


			if (strtolower($attrib['method']) == 'post') {
			$hidden = new html_hiddenfield(array('name' => '_token', 'value' => $this->app->get_request_token()));
			$out .= "\n" . $hidden->show();
			}


			return $out;
			}

			@@ -648,7 +664,7 @@
			$hook = $this->app->plugins->exec_hook("template_plugin_include", $attrib);
			return $hook['content'];
			break;


			// define a container block
			case 'container':
			if ($attrib['name'] && $attrib['id']) {
			@@ -675,7 +691,7 @@
			$content = call_user_func($handler, $attrib);
			}
			else if ($object == 'productname') {
			$name = !empty($this->config['product_name']) ? $this->config['product_name'] : 'RoundCube Webmail';
			$name = !empty($this->config['product_name']) ? $this->config['product_name'] : 'Roundcube Webmail';
			$content = Q($name);
			}
			else if ($object == 'version') {
			@@ -694,7 +710,7 @@
			$title .= $this->get_pagetitle();
			$content = Q($title);
			}


			// exec plugin hooks for this template object
			$hook = $this->app->plugins->exec_hook("template_object_$object", $attrib + array('content' => $content));
			return $hook['content'];
			@@ -703,7 +719,7 @@
			case 'exp':
			$value = $this->parse_expression($attrib['expression']);
			return eval("return Q($value);");


			// return variable
			case 'var':
			$var = explode(':', $attrib['name']);
			@@ -791,7 +807,7 @@

			if ($attrib['task'])
			$command = $attrib['task'] . '.' . $command;


			if (!$attrib['image']) {
			$attrib['image'] = $attrib['imagepas'] ? $attrib['imagepas'] : $attrib['imageact'];
			}
			@@ -927,17 +943,17 @@
			$hiddenfield = new html_hiddenfield(array('name' => '_framed', 'value' => '1'));
			$hidden = $hiddenfield->show();
			}


			if (!$content)
			$attrib['noclose'] = true;


			return html::tag('form',
			$attrib + array('action' => "./", 'method' => "get"),
			$hidden . $content,
			array('id','class','style','name','method','action','enctype','onsubmit'));
			}




			/**
			* Build a form tag with a unique request token
			*
			@@ -954,10 +970,10 @@
			if ($attrib['action']) {
			$hidden->add(array('name' => '_action', 'value' => $attrib['action']));
			}


			unset($attrib['task'], $attrib['request']);
			$attrib['action'] = './';


			// we already have a <form> tag
			if ($attrib['form'])
			return $hidden->show() . $content;
			@@ -982,15 +998,19 @@
			return $username;
			}

			// Current username is an e-mail address
			if (strpos($_SESSION['username'], '@')) {
			$username = $_SESSION['username'];
			}
			// get e-mail address from default identity
			if ($sql_arr = $this->app->user->get_identity()) {
			else if ($sql_arr = $this->app->user->get_identity()) {
			$username = $sql_arr['email'];
			}
			else {
			$username = $this->app->user->get_username();
			}

			return $username;
			return idn_to_utf8($username);
			}


			@@ -1006,7 +1026,7 @@
			$default_host = $this->config['default_host'];

			$_SESSION['temp'] = true;


			// save original url
			$url = get_input_value('_url', RCUBE_INPUT_POST);
			if (empty($url) && !preg_match('/_(task\|action)=logout/', $_SERVER['QUERY_STRING']))
			@@ -1063,7 +1083,7 @@
			$out .= $input_tzone->show();
			$out .= $input_url->show();
			$out .= $table->show();


			if ($hide_host) {
			$out .= $input_host->show();
			}
			@@ -1121,7 +1141,7 @@
			if ($attrib['type'] == 'search' && !$this->browser->khtml) {
			unset($attrib['type'], $attrib['results']);
			}


			$input_q = new html_inputfield($attrib);
			$out = $input_q->show();