githubFork/roundcubemail.git

			@@ -21,6 +21,7 @@

			require_once('lib/html2text.inc');
			require_once('lib/enriched.inc');
			require_once('include/rcube_smtp.inc');


			$EMAIL_ADDRESS_PATTERN = '/([a-z0-9][a-z0-9\-\.\+\_]@[a-z0-9]([a-z0-9\-][.]?)[a-z0-9]\\.[a-z]{2,5})/i';
			@@ -30,16 +31,10 @@

			// set imap properties and session vars
			if ($mbox = get_input_value('_mbox', RCUBE_INPUT_GPC))
			{
			$IMAP->set_mailbox($mbox);
			$_SESSION['mbox'] = $mbox;
			}
			$IMAP->set_mailbox(($_SESSION['mbox'] = $mbox));

			if (!empty($_GET['_page']))
			{
			$IMAP->set_page((int)$_GET['_page']);
			$_SESSION['page'] = (int)$_GET['_page'];
			}
			$IMAP->set_page(($_SESSION['page'] = intval($_GET['_page'])));

			// set mailbox to INBOX if not set
			if (empty($_SESSION['mbox']))
			@@ -53,7 +48,11 @@

			// set message set for search result
			if (!empty($_REQUEST['_search']) && isset($_SESSION['search'][$_REQUEST['_search']]))
			{
			$IMAP->set_search_set($_SESSION['search'][$_REQUEST['_search']]);
			$OUTPUT->set_env('search_request', $_REQUEST['_search']);
			$OUTPUT->set_env('search_text', $_SESSION['last_text_search']);
			}


			// define url for getting message parts
			@@ -74,6 +73,10 @@

			if (!$OUTPUT->ajax_call)
			rcube_add_label('checkingmail', 'deletemessage', 'movemessagetotrash');

			// set page title
			if (empty($_action) \|\| $_action == 'list')
			$OUTPUT->set_pagetitle(rcmail_localize_foldername($IMAP->get_mailbox_name()));



			@@ -189,11 +192,7 @@

			// no messages in this mailbox
			if (!sizeof($a_headers))
			{
			$out .= sprintf('<tr><td colspan="%d">%s</td></tr>',
			sizeof($a_show_cols)+2,
			Q(rcube_label('nomessagesfound')));
			}
			$OUTPUT->show_message('nomessagesfound', 'notice');


			$a_js_message_arr = array();
			@@ -291,6 +290,7 @@
			$OUTPUT->set_env('attachmenticon', $skin_path . $attrib['attachmenticon']);

			$OUTPUT->set_env('messages', $a_js_message_arr);
			$OUTPUT->set_env('coltypes', $a_show_cols);

			$OUTPUT->include_script('list.js');

			@@ -314,11 +314,13 @@
			$OUTPUT->command('set_message_coltypes', $a_show_cols);

			// loop through message headers
			for ($n=0; $a_headers[$n]; $n++)
			foreach ($a_headers as $n => $header)
			{
			$header = $a_headers[$n];
			$a_msg_cols = array();
			$a_msg_flags = array();

			if (empty($header))
			continue;

			// format each col; similar as in rcmail_message_list()
			foreach ($a_show_cols as $col)
			@@ -409,7 +411,7 @@
			$OUTPUT->add_gui_object('quotadisplay', $attrib['id']);

			// allow the following attributes to be added to the <span> tag
			$attrib_str = create_attrib_string($attrib, array('style', 'class', 'id'));
			$attrib_str = create_attrib_string($attrib, array('style', 'class', 'id', 'display'));

			$out = '<span' . $attrib_str . '>';
			$out .= rcmail_quota_content($attrib['display']);
			@@ -480,6 +482,127 @@
			}


			/* Stolen from Squirrelmail */
			function sq_deent(&$attvalue, $regex, $hex=false)
			{
			$ret_match = false;
			preg_match_all($regex, $attvalue, $matches);
			if (is_array($matches) && sizeof($matches[0]) > 0)
			{
			$repl = Array();
			for ($i = 0; $i < sizeof($matches[0]); $i++)
			{
			$numval = $matches[1][$i];
			if ($hex)
			$numval = hexdec($numval);
			$repl{$matches[0][$i]} = chr($numval);
			}
			$attvalue = strtr($attvalue, $repl);
			return true;
			}
			else
			return false;
			}


			/* Stolen verbatim from Squirrelmail */
			function sq_defang(&$attvalue)
			{
			/* Skip this if there aren't ampersands or backslashes. */
			if ((strpos($attvalue, '&') === false) &&
			(strpos($attvalue, '\\') === false))
			return;
			$m = false;
			do
			{
			$m = false;
			$m = $m \|\| sq_deent($attvalue, '/\&#0(\d+);/s');
			$m = $m \|\| sq_deent($attvalue, '/\&#x0((\d\|[a-f])+);/si', true);
			$m = $m \|\| sq_deent($attvalue, '/\\\\(\d+)/s', true);
			} while ($m == true);
			$attvalue = stripslashes($attvalue);
			}


			function rcmail_html_filter($html)
			{
			preg_match_all('/<\/?\w+((\s+\w+(\s=\s(?:".?"\|\'.?\'\|[^\'">\s]+))?)+\s\|\s)\/?>/', $html, $tags);

			/* From Squirrelmail: Translate all dangerous Unicode or Shift_JIS characters which are accepted by
			* IE as regular characters. */
			$replace = array(array('ʟ', 'ʟ', /* L UNICODE IPA Extension */
			'ʀ', 'ʀ', /* R UNICODE IPA Extension */
			'ɴ', 'ɴ', /* N UNICODE IPA Extension */
			'Ｅ', 'Ｅ', /* Unicode FULLWIDTH LATIN CAPITAL LETTER E */
			'ｅ', 'ｅ', /* Unicode FULLWIDTH LATIN SMALL LETTER E */
			'Ｘ', 'Ｘ', /* Unicode FULLWIDTH LATIN CAPITAL LETTER X */
			'ｘ', 'ｘ', /* Unicode FULLWIDTH LATIN SMALL LETTER X */
			'Ｐ', 'Ｐ', /* Unicode FULLWIDTH LATIN CAPITAL LETTER P */
			'ｐ', 'ｐ', /* Unicode FULLWIDTH LATIN SMALL LETTER P */
			'Ｒ', 'Ｒ', /* Unicode FULLWIDTH LATIN CAPITAL LETTER R */
			'ｒ', 'ｒ', /* Unicode FULLWIDTH LATIN SMALL LETTER R */
			'Ｓ', 'Ｓ', /* Unicode FULLWIDTH LATIN CAPITAL LETTER S */
			'ｓ', 'ｓ', /* Unicode FULLWIDTH LATIN SMALL LETTER S */
			'Ｉ', 'Ｉ', /* Unicode FULLWIDTH LATIN CAPITAL LETTER I */
			'ｉ', 'ｉ', /* Unicode FULLWIDTH LATIN SMALL LETTER I */
			'Ｏ', 'Ｏ', /* Unicode FULLWIDTH LATIN CAPITAL LETTER O */
			'ｏ', 'ｏ', /* Unicode FULLWIDTH LATIN SMALL LETTER O */
			'Ｎ', 'Ｎ', /* Unicode FULLWIDTH LATIN CAPITAL LETTER N */
			'ｎ', 'ｎ', /* Unicode FULLWIDTH LATIN SMALL LETTER N */
			'Ｌ', 'Ｌ', /* Unicode FULLWIDTH LATIN CAPITAL LETTER L */
			'ｌ', 'ｌ', /* Unicode FULLWIDTH LATIN SMALL LETTER L */
			'Ｕ', 'Ｕ', /* Unicode FULLWIDTH LATIN CAPITAL LETTER U */
			'ｕ', 'ｕ', /* Unicode FULLWIDTH LATIN SMALL LETTER U */
			'ⁿ', 'ⁿ' , /* Unicode SUPERSCRIPT LATIN SMALL LETTER N */
			"\xEF\xBC\xA5", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER E */
			/* in unicode this is some Chinese char range */
			"\xEF\xBD\x85", /* Shift JIS FULLWIDTH LATIN SMALL LETTER E */
			"\xEF\xBC\xB8", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER X */
			"\xEF\xBD\x98", /* Shift JIS FULLWIDTH LATIN SMALL LETTER X */
			"\xEF\xBC\xB0", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER P */
			"\xEF\xBD\x90", /* Shift JIS FULLWIDTH LATIN SMALL LETTER P */
			"\xEF\xBC\xB2", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER R */
			"\xEF\xBD\x92", /* Shift JIS FULLWIDTH LATIN SMALL LETTER R */
			"\xEF\xBC\xB3", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER S */
			"\xEF\xBD\x93", /* Shift JIS FULLWIDTH LATIN SMALL LETTER S */
			"\xEF\xBC\xA9", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER I */
			"\xEF\xBD\x89", /* Shift JIS FULLWIDTH LATIN SMALL LETTER I */
			"\xEF\xBC\xAF", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER O */
			"\xEF\xBD\x8F", /* Shift JIS FULLWIDTH LATIN SMALL LETTER O */
			"\xEF\xBC\xAE", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER N */
			"\xEF\xBD\x8E", /* Shift JIS FULLWIDTH LATIN SMALL LETTER N */
			"\xEF\xBC\xAC", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER L */
			"\xEF\xBD\x8C", /* Shift JIS FULLWIDTH LATIN SMALL LETTER L */
			"\xEF\xBC\xB5", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER U */
			"\xEF\xBD\x95", /* Shift JIS FULLWIDTH LATIN SMALL LETTER U */
			"\xE2\x81\xBF", /* Shift JIS FULLWIDTH SUPERSCRIPT N */
			"\xCA\x9F", /* L UNICODE IPA Extension */
			"\xCA\x80", /* R UNICODE IPA Extension */
			"\xC9\xB4"), /* N UNICODE IPA Extension */
			array('l', 'l', 'r', 'r', 'n', 'n', 'E', 'E', 'e', 'e', 'X', 'X', 'x', 'x',
			'P', 'P', 'p', 'p', 'R', 'R', 'r', 'r', 'S', 'S', 's', 's', 'I', 'I',
			'i', 'i', 'O', 'O', 'o', 'o', 'N', 'N', 'n', 'n', 'L', 'L', 'l', 'l',
			'U', 'U', 'u', 'u', 'n', 'n', 'E', 'e', 'X', 'x', 'P', 'p', 'R', 'r',
			'S', 's', 'I', 'i', 'O', 'o', 'N', 'n', 'L', 'l', 'U', 'u', 'n', 'l', 'r', 'n'));
			if ((count($tags)>3) && (count($tags[3])>0))
			foreach ($tags[3] as $nr=>$value)
			{
			/* Remove comments */
			$newvalue = preg_replace('/(\/\.\*\/)/','$2',$value);
			/* Translate dangerous characters */
			$newvalue = str_replace($replace[0], $replace[1], $newvalue);
			sq_defang($newvalue);
			/* Rename dangerous CSS */
			$newvalue = preg_replace('/expression/i', 'idiocy', $newvalue);
			$newvalue = preg_replace('/url/i', 'idiocy', $newvalue);
			$newattrs = preg_replace('/'.preg_quote($value, '/').'$/', $newvalue, $tags[1][$nr]);
			$newtag = preg_replace('/'.preg_quote($tags[1][$nr], '/').'/', $newattrs, $tags[0][$nr]);
			$html = preg_replace('/'.preg_quote($tags[0][$nr], '/').'/', $newtag, $html);
			}
			return $html;
			}


			function rcmail_print_body($part, $safe=FALSE, $plain=FALSE)
			{
			global $IMAP, $REMOTE_OBJECTS;
			@@ -531,7 +654,7 @@
			$body = preg_replace($remote_patterns, $remote_replaces, $body);
			}

			return Q($body, 'show', FALSE);
			return Q(rcmail_html_filter($body), 'show', FALSE);
			}

			// text/enriched
			@@ -556,8 +679,8 @@
			$convert_patterns[] = '/([a-z0-9][a-z0-9\-\.\+\_]@[a-z0-9]([a-z0-9\-][.]?)[a-z0-9]\\.[a-z]{2,5})/ie';
			$convert_replaces[] = "rcmail_str_replacement('<a href=\"mailto:\\1\" onclick=\"return ".JS_OBJECT_NAME.".command(\'compose\',\'\\1\',this)\">\\1</a>', \$replace_strings)";

			if ($part->ctype_parameters['format'] != 'flowed')
			$body = wordwrap(trim($body), 80);
			// if ($part->ctype_parameters['format'] != 'flowed')
			// $body = wordwrap(trim($body), 80);

			$body = preg_replace($convert_patterns, $convert_replaces, $body);

			@@ -572,10 +695,10 @@
			$quotation = '';
			$q = 0;

			if (preg_match('/^(>+\s*)/', $line, $regs))
			if (preg_match('/^(>+\s*)+/', $line, $regs))
			{
			$q = strlen(preg_replace('/\s/', '', $regs[1]));
			$line = substr($line, strlen($regs[1]));
			$q = strlen(preg_replace('/\s/', '', $regs[0]));
			$line = substr($line, strlen($regs[0]));

			if ($q > $quote_level)
			$quotation = str_repeat('<blockquote>', $q - $quote_level);
			@@ -637,7 +760,7 @@
			$structure->type = 'content';
			$a_return_parts[] = &$structure;
			}


			// message contains alternative parts
			else if ($message_ctype_primary=='multipart' && $message_ctype_secondary=='alternative' && is_array($structure->parts))
			{
			@@ -729,7 +852,7 @@

			// part text/[plain\|html] OR message/delivery-status
			else if (($primary_type=='text' && ($secondary_type=='plain' \|\| $secondary_type=='html') && $mail_part->disposition!='attachment') \|\|
			($primary_type=='message' && $secondary_type=='delivery-status'))
			($primary_type=='message' && ($secondary_type=='delivery-status' \|\| $secondary_type=='disposition-notification')))
			{
			$mail_part->type = 'content';
			$a_return_parts[] = $mail_part;
			@@ -743,6 +866,10 @@
			$a_return_parts = array_merge($a_return_parts, $parts);
			$a_attachments = array_merge($a_attachments, $attachmnts);
			}

			// ignore "virtual" protocol parts
			else if ($primary_type=='protocol')
			continue;

			// part is file/attachment
			else if ($mail_part->disposition=='attachment' \|\| $mail_part->disposition=='inline' \|\| $mail_part->headers['content-id'] \|\|
			@@ -762,7 +889,7 @@
			else
			{
			if (!$mail_part->filename)
			$mail_part->filename = 'file_'.$mail_part->mime_id;
			$mail_part->filename = 'Part '.$mail_part->mime_id;
			$a_attachments[] = $mail_part;
			}
			}
			@@ -860,7 +987,7 @@
			if (!$attrib['id'])
			$attrib['id'] = 'rcmailMsgBody';

			$safe_mode = (bool)$_GET['_safe'];
			$safe_mode = $MESSAGE['is_safe'] \|\| intval($_GET['_safe']);
			$attrib_str = create_attrib_string($attrib, array('style', 'class', 'id'));
			$out = '<div '. $attrib_str . ">\n";

			@@ -946,8 +1073,13 @@
			// remove any null-byte characters before parsing
			$body = preg_replace('/\x00/', '', $body);

			$base_url = "";
			$last_style_pos = 0;
			$body_lc = strtolower($body);

			// check for <base href>
			if (preg_match(($base_reg = '/(<base.href=["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)([^<]>)/i'), $body, $base_regs))
			$base_url = $base_regs[2];

			// find STYLE tags
			while (($pos = strpos($body_lc, '<style', $last_style_pos)) && ($pos2 = strpos($body_lc, '</style>', $pos)))
			@@ -955,7 +1087,7 @@
			$pos = strpos($body_lc, '>', $pos)+1;

			// replace all css definitions with #container [def]
			$styles = rcmail_mod_css_styles(substr($body, $pos, $pos2-$pos), $container_id);
			$styles = rcmail_mod_css_styles(substr($body, $pos, $pos2-$pos), $container_id, $base_url);

			$body = substr($body, 0, $pos) . $styles . substr($body, $pos2);
			$body_lc = strtolower($body);
			@@ -966,10 +1098,10 @@
			// remove SCRIPT tags
			foreach (array('script', 'applet', 'object', 'embed', 'iframe') as $tag)
			{
			while (($pos = strpos($body_lc, '<'.$tag)) && ($pos2 = strpos($body_lc, '</'.$tag.'>', $pos)))
			while (($pos = strpos($body_lc, '<'.$tag)) && (($pos2 = strpos($body_lc, '</'.$tag.'>', $pos)) \|\| ($pos3 = strpos($body_lc, '>', $pos))))
			{
			$pos2 += strlen('</'.$tag.'>');
			$body = substr($body, 0, $pos) . substr($body, $pos2, strlen($body)-$pos2);
			$end = $pos2 ? $pos2 + strlen('</'.$tag.'>') : $pos3 + 1;
			$body = substr($body, 0, $pos) . substr($body, $end, strlen($body)-$end);
			$body_lc = strtolower($body);
			}
			}
			@@ -978,22 +1110,20 @@
			while ($body != $prev_body)
			{
			$prev_body = $body;
			$body = preg_replace('/(<[^!][^>]*\s)(on[^=>]+)=([^>]+>)/im', '$1__removed=$3', $body);
			$body = preg_replace('/(<[^!][^>]*\s)on(?:load\|unload\|click\|dblclick\|mousedown\|mouseup\|mouseover\|mousemove\|mouseout\|focus\|blur\|keypress\|keydown\|keyup\|submit\|reset\|select\|change)=([^>]+>)/im', '$1__removed=$2', $body);
			$body = preg_replace('/(<[^!][^>]\shref=["\']?)(javascript:)([^>]?>)/im', '$1null:$3', $body);
			}

			// resolve <base href>
			$base_reg = '/(<base.href=["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)([^<]>)/i';
			if (preg_match($base_reg, $body, $regs))
			if ($base_url)
			{
			$base_url = $regs[2];
			$body = preg_replace('/(src\|background\|href)=(["\']?)([\.\/]+[^"\'\s]+)(\2\|\s\|>)/Uie', "'\\1=\"'.make_absolute_url('\\3', '$base_url').'\"'", $body);
			$body = preg_replace('/(url\s*$)(["\']?)([\.\/]+[^"\'$\s]+)(\2)\)/Uie', "'\\1\''.make_absolute_url('\\3', '$base_url').'\')'", $body);
			$body = preg_replace($base_reg, '', $body);
			}

			// modify HTML links to open a new window if clicked
			$body = preg_replace('/<a\s+([^>]+)>/Uie', "rcmail_alter_html_link('\\1');", $body);
			$body = preg_replace('/<(a\|link)\s+([^>]+)>/Uie', "rcmail_alter_html_link('\\1','\\2', '$container_id');", $body);

			// add comments arround html and other tags
			$out = preg_replace(array(
			@@ -1005,11 +1135,16 @@
			'<!--\\1-->',
			$body);

			$out = preg_replace(array('/<body([^>]*)>/i',
			'/<\/body>/i'),
			array('<div class="rcmBody"\\1>',
			'</div>'),
			$out);
			$out = preg_replace(
			array(
			'/<body([^>]*)>/i',
			'/<\/body>/i',
			),
			array(
			'<div class="rcmBody"\\1>',
			'</div>',
			),
			$out);

			// quote <? of php and xml files that are specified as text/html
			$out = preg_replace(array('/<\?/', '/\?>/'), array('<?', '?>'), $out);
			@@ -1019,44 +1154,24 @@


			// parse link attributes and set correct target
			function rcmail_alter_html_link($in)
			function rcmail_alter_html_link($tag, $attrs, $container_id)
			{
			$in = preg_replace('/=([^("\|\'\|\s)]+)(\s\|$)/', '="\1"', $in);
			$attrib = parse_attrib_string($in);
			$attrib = parse_attrib_string($attrs);

			if ($tag == 'link' && preg_match('/^https?:\/\//i', $attrib['href']))
			$attrib['href'] = "./bin/modcss.php?u=" . urlencode($attrib['href']) . "&c=" . urlencode($container_id);

			if (stristr((string)$attrib['href'], 'mailto:'))
			$attrib['onclick'] = sprintf("return %s.command('compose','%s',this)",
			JS_OBJECT_NAME,
			JQ(substr($attrib['href'], 7)));
			else if (stristr((string)$attrib['href'], 'mailto:'))
			$attrib['onclick'] = sprintf(
			"return %s.command('compose','%s',this)",
			JS_OBJECT_NAME,
			JQ(substr($attrib['href'], 7)));

			else if (!empty($attrib['href']) && $attrib['href']{0}!='#')
			$attrib['target'] = '_blank';

			return '<a' . create_attrib_string($attrib, array('href', 'name', 'target', 'onclick', 'id', 'class', 'style', 'title')) . '>';
			}


			// replace all css definitions with #container [def]
			function rcmail_mod_css_styles($source, $container_id)
			{
			$a_css_values = array();
			$last_pos = 0;

			// cut out all contents between { and }
			while (($pos = strpos($source, '{', $last_pos)) && ($pos2 = strpos($source, '}', $pos)))
			{
			$key = sizeof($a_css_values);
			$a_css_values[$key] = substr($source, $pos+1, $pos2-($pos+1));
			$source = substr($source, 0, $pos+1) . "<<str_replacement[$key]>>" . substr($source, $pos2, strlen($source)-$pos2);
			$last_pos = $pos+2;
			}

			// remove html commends and add #container to each tag selector.
			// also replace body definition because we also stripped off the <body> tag
			$styles = preg_replace(array('/(^\s<!--)\|(-->\s$)/', '/(^\s\|,\s\|\}\s)([a-z0-9\._][a-z0-9\.\-_])/im', '/<<str_replacement\[([0-9]+)\]>>/e', "/$container_id\s+body/i"),
			array('', "\\1#$container_id \\2", "\$a_css_values[\\1]", "$container_id div.rcmBody"),
			$source);

			return $styles;
			return "<$tag" . create_attrib_string($attrib, array('href','name','target','onclick','id','class','style','title','rel','type','media')) . ' />';
			}


			@@ -1207,15 +1322,15 @@
			{
			global $CONFIG, $IMAP, $MESSAGE;

			if (!is_array($MESSAGE) \|\| !is_array($MESSAGE['parts']) \|\| !($_GET['_uid'] && $_GET['_part']) \|\| !$MESSAGE['parts'][$_GET['_part']])
			$part = asciiwords(get_input_value('_part', RCUBE_INPUT_GPC));
			if (!is_array($MESSAGE) \|\| !is_array($MESSAGE['parts']) \|\| !($_GET['_uid'] && $_GET['_part']) \|\| !$MESSAGE['parts'][$part])
			return '';

			$part = &$MESSAGE['parts'][$_GET['_part']];

			$part = $MESSAGE['parts'][$part];
			$attrib_str = create_attrib_string($attrib, array('id', 'class', 'style', 'cellspacing', 'cellpadding', 'border', 'summary'));
			$out = '<table '. $attrib_str . ">\n";

			if ($filename)
			if ($part->filename)
			{
			$out .= sprintf('<tr><td class="title">%s</td><td>%s</td><td>[<a href="./?%s">%s</a>]</tr>'."\n",
			Q(rcube_label('filename')),
			@@ -1240,7 +1355,7 @@
			{
			global $MESSAGE;

			$part = $MESSAGE['parts'][$_GET['_part']];
			$part = $MESSAGE['parts'][asciiwords(get_input_value('_part', RCUBE_INPUT_GPC))];
			$ctype_primary = strtolower($part->ctype_primary);

			$attrib['src'] = Q('./?'.str_replace('_frame=', ($ctype_primary=='text' ? '_show=' : '_preload='), $_SERVER['QUERY_STRING']));
			@@ -1265,6 +1380,141 @@

			unset($_SESSION['compose']);
			}


			/**
			* Send the given message compose object using the configured method
			*/
			function rcmail_deliver_message(&$message, $from, $mailto)
			{
			global $CONFIG;

			$headers = $message->headers();
			$msg_body = $message->get();

			// send thru SMTP server using custom SMTP library
			if ($CONFIG['smtp_server'])
			{
			// generate list of recipients
			$a_recipients = array($mailto);

			if (strlen($headers['Cc']))
			$a_recipients[] = $headers['Cc'];
			if (strlen($headers['Bcc']))
			$a_recipients[] = $headers['Bcc'];

			// clean Bcc from header for recipients
			$send_headers = $headers;
			unset($send_headers['Bcc']);

			// send message
			$smtp_response = array();
			$sent = smtp_mail($from, $a_recipients, ($foo = $message->txtHeaders($send_headers)), $msg_body, $smtp_response);

			// log error
			if (!$sent)
			raise_error(array('code' => 800, 'type' => 'smtp', 'line' => __LINE__, 'file' => __FILE__,
			'message' => "SMTP error: ".join("\n", $smtp_response)), TRUE, FALSE);
			}

			// send mail using PHP's mail() function
			else
			{
			// unset some headers because they will be added by the mail() function
			$headers_enc = $message->headers($headers);
			$headers_php = $message->_headers;
			unset($headers_php['To'], $headers_php['Subject']);

			// reset stored headers and overwrite
			$message->_headers = array();
			$header_str = $message->txtHeaders($headers_php);

			if (ini_get('safe_mode'))
			$sent = mail($headers_enc['To'], $headers_enc['Subject'], $msg_body, $header_str);
			else
			$sent = mail($headers_enc['To'], $headers_enc['Subject'], $msg_body, $header_str, "-f$from");
			}

			if ($sent) // remove MDN headers after sending
			unset($headers['Return-Receipt-To'], $headers['Disposition-Notification-To']);

			$message->_headers = array();
			$message->headers($headers);

			return $sent;
			}


			function rcmail_send_mdn($uid)
			{
			global $CONFIG, $USER, $IMAP;

			$message = array('UID' => $uid);
			$message['headers'] = $IMAP->get_headers($message['UID']);
			$message['subject'] = rcube_imap::decode_mime_string($message['headers']->subject, $message['headers']->charset);

			if ($message['headers']->mdn_to && !$message['headers']->mdn_sent)
			{
			$identity = $USER->get_identity();
			$sender = format_email_recipient($identity['email'], $identity['name']);
			$recipient = array_shift($IMAP->decode_address_list($message['headers']->mdn_to));
			$mailto = $recipient['mailto'];

			$compose = new rc_mail_mime(rcmail_header_delm());
			$compose->setParam(array(
			'text_encoding' => 'quoted-printable',
			'html_encoding' => 'quoted-printable',
			'head_encoding' => 'quoted-printable',
			'head_charset' => RCMAIL_CHARSET,
			'html_charset' => RCMAIL_CHARSET,
			'text_charset' => RCMAIL_CHARSET,
			));

			// compose headers array
			$headers = array(
			'Date' => date('r'),
			'From' => $sender,
			'To' => $message['headers']->mdn_to,
			'Subject' => rcube_label('receiptread') . ': ' . $message['subject'],
			'Message-ID' => sprintf('<%s@%s>', md5(uniqid('rcmail'.rand(),true)), rcmail_mail_domain($_SESSION['imap_host'])),
			'X-Sender' => $identity['email'],
			'Content-Type' => 'multipart/report; report-type=disposition-notification',
			);

			if (!empty($CONFIG['useragent']))
			$headers['User-Agent'] = $CONFIG['useragent'];

			$body = rcube_label("yourmessage") . "\r\n\r\n" .
			"\t" . rcube_label("to") . ': ' . rcube_imap::decode_mime_string($message['headers']->to, $message['headers']->charset) . "\r\n" .
			"\t" . rcube_label("subject") . ': ' . $message['subject'] . "\r\n" .
			"\t" . rcube_label("sent") . ': ' . format_date(strtotime($message['headers']->date), $CONFIG['date_long']) . "\r\n" .
			"\r\n" . rcube_label("receiptnote") . "\r\n";

			$ua = !empty($CONFIG['useragent']) ? $CONFIG['useragent'] : "RoundCube Webmail (Version ".RCMAIL_VERSION.")";
			$report = "Reporting-UA: $ua\r\n";

			if ($message['headers']->to)
			$report .= "Original-Recipient: {$message['headers']->to}\r\n";

			$report .= "Final-Recipient: rfc822; {$identity['email']}\r\n" .
			"Original-Message-ID: {$message['headers']->messageID}\r\n" .
			"Disposition: manual-action/MDN-sent-manually; displayed\r\n";

			$compose->headers($headers, true);
			$compose->setTXTBody($body);
			$compose->addAttachment($report, 'message/disposition-notification', 'MDNPart2.txt', false, '7bit', 'inline');

			$sent = rcmail_deliver_message($compose, $identity['email'], $mailto);

			if ($sent)
			{
			$IMAP->set_flag($message['UID'], 'MDNSENT');
			return true;
			}
			}

			return false;
			}


			// register UI objects