githubFork/roundcubemail.git

			@@ -128,7 +128,9 @@
			*/
			function rcmail_temp_gc()
			{
			$tmp = unslashify($CONFIG['temp_dir']);
			$rcmail = rcmail::get_instance();

			$tmp = unslashify($rcmail->config->get('temp_dir'));
			$expire = mktime() - 172800; // expire in 48 hours

			if ($dir = opendir($tmp))
			@@ -243,7 +245,7 @@
			$str = utf8_encode($str);
			}
			else if ($from != 'UTF-8' && $conv) {
			$from = preg_replace(array('/^WINDOWS-*/', '/^CP-/'), array('CP', 'CP'), $from);
			$from = preg_replace(array('/^WINDOWS-*125([0-8])$/', '/^CP-/'), array('CP125\\1', 'CP'), $from);
			$conv->loadCharset($from);
			$str = $conv->strToUtf8($str);
			}
			@@ -264,7 +266,7 @@
			return utf8_decode($str);
			}
			else if ($to != 'UTF-8' && $conv) {
			$to = preg_replace(array('/^WINDOWS-*/', '/^CP-/'), array('CP', 'CP'), $to);
			$to = preg_replace(array('/^WINDOWS-*125([0-8])$/', '/^CP-/'), array('CP125\\1', 'CP'), $to);
			$conv->loadCharset($to);
			return $conv->utf8ToStr($str);
			}
			@@ -305,6 +307,7 @@
			# RFC1642
			$charset = str_replace('UNICODE-1-1-', '', $charset);

			# Aliases: some of them from HTML5 spec.
			$aliases = array(
			'USASCII' => 'WINDOWS-1252',
			'ANSIX31101983' => 'WINDOWS-1252',
			@@ -313,9 +316,14 @@
			'XUNKNOWN' => 'ISO-8859-15',
			'XUSERDEFINED' => 'ISO-8859-15',
			'KSC56011987' => 'EUC-KR',
			'GB2312' => 'GB18030',
			'GB2312' => 'GBK',
			'GB231280' => 'GBK',
			'UNICODE' => 'UTF-8',
			'UTF7IMAP' => 'UTF7-IMAP'
			'UTF7IMAP' => 'UTF7-IMAP',
			'XXBIG5' => 'BIG5',
			'TIS620' => 'WINDOWS-874',
			'ISO88599' => 'WINDOWS-1254',
			'ISO885911' => 'WINDOWS-874',
			);

			$str = preg_replace('/[^a-z0-9]/i', '', $charset);
			@@ -439,17 +447,8 @@
			static $js_rep_table = false;
			static $xml_rep_table = false;

			$charset = rcmail::get_instance()->config->get('charset', RCMAIL_CHARSET);
			$is_iso_8859_1 = false;
			if ($charset == 'ISO-8859-1') {
			$is_iso_8859_1 = true;
			}
			if (!$enctype)
			$enctype = $OUTPUT->type;

			// encode for plaintext
			if ($enctype=='text')
			return str_replace("\r\n", "\n", $mode=='remove' ? strip_tags($str) : $str);

			// encode for HTML output
			if ($enctype=='html')
			@@ -480,9 +479,6 @@
			return $newlines ? nl2br($out) : $out;
			}

			if ($enctype=='url')
			return rawurlencode($str);

			// if the replace tables for XML and JS are not yet defined
			if ($js_rep_table===false)
			{
			@@ -490,12 +486,7 @@
			$xml_rep_table['&'] = '&';

			for ($c=160; $c<256; $c++) // can be increased to support more charsets
			{
			$xml_rep_table[Chr($c)] = "&#$c;";

			if ($is_iso_8859_1)
			$js_rep_table[Chr($c)] = sprintf("\\u%04x", $c);
			}

			$xml_rep_table['"'] = '"';
			$js_rep_table['"'] = '\\"';
			@@ -503,18 +494,20 @@
			$js_rep_table["\\"] = "\\\\";
			}

			// encode for javascript use
			if ($enctype=='js')
			return preg_replace(array("/\r?\n/", "/\r/", '/<\\//'), array('\n', '\n', '<\\/'), strtr($str, $js_rep_table));

			// encode for plaintext
			if ($enctype=='text')
			return str_replace("\r\n", "\n", $mode=='remove' ? strip_tags($str) : $str);

			if ($enctype=='url')
			return rawurlencode($str);

			// encode for XML
			if ($enctype=='xml')
			return strtr($str, $xml_rep_table);

			// encode for javascript use
			if ($enctype=='js')
			{
			if ($charset!='UTF-8')
			$str = rcube_charset_convert($str, RCMAIL_CHARSET, $charset);

			return preg_replace(array("/\r?\n/", "/\r/", '/<\\//'), array('\n', '\n', '<\\/'), strtr($str, $js_rep_table));
			}

			// no encoding given -> return original string
			return $str;
			@@ -573,7 +566,10 @@
			else if (isset($_COOKIE[$fname]))
			$value = $_COOKIE[$fname];
			}


			if (empty($value))
			return $value;

			// strip single quotes if magic_quotes_sybase is enabled
			if (ini_get('magic_quotes_sybase'))
			$value = str_replace("''", "'", $value);
			@@ -594,12 +590,12 @@

			/**
			* Remove all non-ascii and non-word chars
			* except . and -
			* except ., -, _
			*/
			function asciiwords($str, $css_id = false)
			function asciiwords($str, $css_id = false, $replace_with = '')
			{
			$allowed = 'a-z0-9\_\-' . (!$css_id ? '\.' : '');
			return preg_replace("/[^$allowed]/i", '', $str);
			return preg_replace("/[^$allowed]/i", $replace_with, $str);
			}

			/**
			@@ -732,7 +728,7 @@
			$replacements = new rcube_string_replacer;

			// ignore the whole block if evil styles are detected
			$stripped = preg_replace('/[^a-z\(:]/', '', rcmail_xss_entitiy_decode($source));
			$stripped = preg_replace('/[^a-z\(:]/', '', rcmail_xss_entity_decode($source));
			if (preg_match('/expression\|behavior\|url\(\|import/', $stripped))
			return '/* evil! */';

			@@ -773,22 +769,22 @@
			* @param string CSS content to decode
			* @return string Decoded string
			*/
			function rcmail_xss_entitiy_decode($content)
			function rcmail_xss_entity_decode($content)
			{
			$out = html_entity_decode(html_entity_decode($content));
			$out = preg_replace_callback('/\\\([0-9a-f]{4})/i', 'rcmail_xss_entitiy_decode_callback', $out);
			$out = preg_replace_callback('/\\\([0-9a-f]{4})/i', 'rcmail_xss_entity_decode_callback', $out);
			$out = preg_replace('#/\.\*/#Um', '', $out);
			return $out;
			}


			/**
			* preg_replace_callback callback for rcmail_xss_entitiy_decode_callback
			* preg_replace_callback callback for rcmail_xss_entity_decode_callback
			*
			* @param array matches result from preg_replace_callback
			* @return string decoded entity
			*/
			function rcmail_xss_entitiy_decode_callback($matches)
			function rcmail_xss_entity_decode_callback($matches)
			{
			return chr(hexdec($matches[1]));
			}
			@@ -897,6 +893,9 @@
			else if (!$format)
			$format = $CONFIG['date_long'] ? $CONFIG['date_long'] : 'd.m.Y H:i';

			// strftime() format
			if (preg_match('/%[a-z]+/i', $format))
			return strftime($format, $timestamp);

			// parse format string manually in order to provide localized weekday and month names
			// an alternative would be to convert the date() format string to fit with strftime()
			@@ -1027,17 +1026,16 @@
			* @access private
			*/
			function rcube_timer()
			{
			list($usec, $sec) = explode(" ", microtime());
			return ((float)$usec + (float)$sec);
			}
			{
			return microtime(true);
			}


			/**
			* @access private
			*/
			function rcube_print_time($timer, $label='Timer')
			{
			function rcube_print_time($timer, $label='Timer', $dest='console')
			{
			static $print_count = 0;

			$print_count++;
			@@ -1047,8 +1045,8 @@
			if (empty($label))
			$label = 'Timer '.$print_count;

			console(sprintf("%s: %0.4f sec", $label, $diff));
			}
			write_log($dest, sprintf("%s: %0.4f sec", $label, $diff));
			}


			/**
			@@ -1086,6 +1084,9 @@
			foreach ($a_folders as $folder)
			rcmail_build_folder_tree($a_mailboxes, $folder, $delimiter);
			}

			// allow plugins to alter the folder tree or to localize folder names
			$hook = $RCMAIL->plugins->exec_hook('render_mailboxlist', array('list' => $a_mailboxes, 'delimiter' => $delimiter));

			if ($type=='select') {
			$select = new html_select($attrib);
			@@ -1094,12 +1095,12 @@
			if ($attrib['noselection'])
			$select->add(rcube_label($attrib['noselection']), '0');

			rcmail_render_folder_tree_select($a_mailboxes, $mbox_name, $attrib['maxlength'], $select, $attrib['realnames']);
			rcmail_render_folder_tree_select($hook['list'], $mbox_name, $attrib['maxlength'], $select, $attrib['realnames']);
			$out = $select->show();
			}
			else {
			$js_mailboxlist = array();
			$out = html::tag('ul', $attrib, rcmail_render_folder_tree_html($a_mailboxes, $mbox_name, $js_mailboxlist, $attrib), html::$common_attrib);
			$out = html::tag('ul', $attrib, rcmail_render_folder_tree_html($hook['list'], $mbox_name, $js_mailboxlist, $attrib), html::$common_attrib);

			$RCMAIL->output->add_gui_object('mailboxlist', $attrib['id']);
			$RCMAIL->output->set_env('mailboxes', $js_mailboxlist);
			@@ -1206,7 +1207,7 @@
			}

			// make folder name safe for ids and class names
			$folder_id = asciiwords($folder['id'], true);
			$folder_id = asciiwords($folder['id'], true, '_');
			$classes = array('mailbox');

			// set special class for Sent, Drafts, Trash and Junk