PageRenderTime 68ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 1ms

/program/steps/mail/func.inc

https://github.com/fretelweb/roundcubemail
PHP | 1953 lines | 1344 code | 326 blank | 283 comment | 402 complexity | e25ac7bf50baf324c35a44e6ce9bfef2 MD5 | raw file
Possible License(s): GPL-3.0, LGPL-2.1

Large files files are truncated, but you can click here to view the full file

    

  1. <?php
    2. 

  2. 

  3. /*
    4. 

  4.  +-----------------------------------------------------------------------+
    5. 

  5.  | program/steps/mail/func.inc                                           |
    6. 

  6.  |                                                                       |
    7. 

  7.  | This file is part of the Roundcube Webmail client                     |
    8. 

  8.  | Copyright (C) 2005-2012, The Roundcube Dev Team                       |
    9. 

  9.  |                                                                       |
    10. 

  10.  | Licensed under the GNU General Public License version 3 or            |
    11. 

  11.  | any later version with exceptions for skins & plugins.                |
    12. 

  12.  | See the README file for a full license statement.                     |
    13. 

  13.  |                                                                       |
    14. 

  14.  | PURPOSE:                                                              |
    15. 

  15.  |   Provide webmail functionality and GUI objects                       |
    16. 

  16.  |                                                                       |
    17. 

  17.  +-----------------------------------------------------------------------+
    18. 

  18.  | Author: Thomas Bruederli <roundcube@gmail.com>                        |
    19. 

  19.  +-----------------------------------------------------------------------+
    20. 

  20. */
    21. 

  21. 

  22. // setup some global vars used by mail steps
    23. 

  23. $SENT_MBOX = $RCMAIL->config->get('sent_mbox');
    24. 

  24. $DRAFTS_MBOX = $RCMAIL->config->get('drafts_mbox');
    25. 

  25. $SEARCH_MODS_DEFAULT = array(
    26. 

  26.     '*'         => array('subject'=>1, 'from'=>1),
    27. 

  27.     $SENT_MBOX  => array('subject'=>1, 'to'=>1),
    28. 

  28.     $DRAFTS_MBOX => array('subject'=>1, 'to'=>1)
    29. 

  29. );
    30. 

  30. 

  31. // always instantiate storage object (but not connect to server yet)
    32. 

  32. $RCMAIL->storage_init();
    33. 

  33. 

  34. // set imap properties and session vars
    35. 

  35. if (strlen(trim($mbox = get_input_value('_mbox', RCUBE_INPUT_GPC, true))))
    36. 

  36.   $RCMAIL->storage->set_folder(($_SESSION['mbox'] = $mbox));
    37. 

  37. else if ($RCMAIL->storage)
    38. 

  38.   $_SESSION['mbox'] = $RCMAIL->storage->get_folder();
    39. 

  39. 

  40. if (!empty($_GET['_page']))
    41. 

  41.   $RCMAIL->storage->set_page(($_SESSION['page'] = intval($_GET['_page'])));
    42. 

  42. 

  43. // set default sort col/order to session
    44. 

  44. if (!isset($_SESSION['sort_col']))
    45. 

  45.   $_SESSION['sort_col'] = !empty($CONFIG['message_sort_col']) ? $CONFIG['message_sort_col'] : '';
    46. 

  46. if (!isset($_SESSION['sort_order']))
    47. 

  47.   $_SESSION['sort_order'] = strtoupper($CONFIG['message_sort_order']) == 'ASC' ? 'ASC' : 'DESC';
    48. 

  48. 

  49. // set threads mode
    50. 

  50. $a_threading = $RCMAIL->config->get('message_threading', array());
    51. 

  51. if (isset($_GET['_threads'])) {
    52. 

  52.   if ($_GET['_threads'])
    53. 

  53.     $a_threading[$_SESSION['mbox']] = true;
    54. 

  54.   else
    55. 

  55.     unset($a_threading[$_SESSION['mbox']]);
    56. 

  56.   $RCMAIL->user->save_prefs(array('message_threading' => $a_threading));
    57. 

  57. }
    58. 

  58. $RCMAIL->storage->set_threading($a_threading[$_SESSION['mbox']]);
    59. 

  59. 

  60. // set message set for search result
    61. 

  61. if (!empty($_REQUEST['_search']) && isset($_SESSION['search'])
    62. 

  62.     && $_SESSION['search_request'] == $_REQUEST['_search']
    63. 

  63. ) {
    64. 

  64.   $RCMAIL->storage->set_search_set($_SESSION['search']);
    65. 

  65.   $OUTPUT->set_env('search_request', $_REQUEST['_search']);
    66. 

  66.   $OUTPUT->set_env('search_text', $_SESSION['last_text_search']);
    67. 

  67. }
    68. 

  68. 

  69. // set main env variables, labels and page title
    70. 

  70. if (empty($RCMAIL->action) || $RCMAIL->action == 'list') {
    71. 

  71.   // connect to storage server and trigger error on failure
    72. 

  72.   $RCMAIL->storage_connect();
    73. 

  73. 

  74.   $mbox_name = $RCMAIL->storage->get_folder();
    75. 

  75. 

  76.   if (empty($RCMAIL->action)) {
    77. 

  77.     // initialize searching result if search_filter is used
    78. 

  78.     if ($_SESSION['search_filter'] && $_SESSION['search_filter'] != 'ALL') {
    79. 

  79.       $search_request = md5($mbox_name.$_SESSION['search_filter']);
    80. 

  80. 

  81.       $RCMAIL->storage->search($mbox_name, $_SESSION['search_filter'], RCMAIL_CHARSET, rcmail_sort_column());
    82. 

  82.       $_SESSION['search'] = $RCMAIL->storage->get_search_set();
    83. 

  83.       $_SESSION['search_request'] = $search_request;
    84. 

  84.       $OUTPUT->set_env('search_request', $search_request);
    85. 

  85.     }
    86. 

  86. 

  87.     $search_mods = $RCMAIL->config->get('search_mods', $SEARCH_MODS_DEFAULT);
    88. 

  88.     $OUTPUT->set_env('search_mods', $search_mods);
    89. 

  89.   }
    90. 

  90. 

  91.   $threading = (bool) $RCMAIL->storage->get_threading();
    92. 

  92.   $delimiter = $RCMAIL->storage->get_hierarchy_delimiter();
    93. 

  93. 

  94.   // set current mailbox and some other vars in client environment
    95. 

  95.   $OUTPUT->set_env('mailbox', $mbox_name);
    96. 

  96.   $OUTPUT->set_env('pagesize', $RCMAIL->storage->get_pagesize());
    97. 

  97.   $OUTPUT->set_env('delimiter', $delimiter);
    98. 

  98.   $OUTPUT->set_env('threading', $threading);
    99. 

  99.   $OUTPUT->set_env('threads', $threading || $RCMAIL->storage->get_capability('THREAD'));
    100. 

  100.   $OUTPUT->set_env('preview_pane_mark_read', $RCMAIL->config->get('preview_pane_mark_read', 0));
    101. 

  101.   if ($RCMAIL->storage->get_capability('QUOTA')) {
    102. 

  102.     $OUTPUT->set_env('quota', true);
    103. 

  103.   }
    104. 

  104. 

  105.   foreach (array('delete_junk','flag_for_deletion','read_when_deleted','skip_deleted','display_next','message_extwin','compose_extwin','forward_attachment') as $prop) {
    106. 

  106.     if ($CONFIG[$prop])
    107. 

  107.       $OUTPUT->set_env($prop, true);
    108. 

  108.   }
    109. 

  109. 

  110.   if ($CONFIG['trash_mbox'])
    111. 

  111.     $OUTPUT->set_env('trash_mailbox', $CONFIG['trash_mbox']);
    112. 

  112.   if ($CONFIG['drafts_mbox'])
    113. 

  113.     $OUTPUT->set_env('drafts_mailbox', $CONFIG['drafts_mbox']);
    114. 

  114.   if ($CONFIG['junk_mbox'])
    115. 

  115.     $OUTPUT->set_env('junk_mailbox', $CONFIG['junk_mbox']);
    116. 

  116. 

  117.   if (!empty($_SESSION['browser_caps']))
    118. 

  118.     $OUTPUT->set_env('browser_capabilities', $_SESSION['browser_caps']);
    119. 

  119. 

  120.   if (!$OUTPUT->ajax_call)
    121. 

  121.     $OUTPUT->add_label('checkingmail', 'deletemessage', 'movemessagetotrash',
    122. 

  122.       'movingmessage', 'copyingmessage', 'deletingmessage', 'markingmessage',
    123. 

  123.       'copy', 'move', 'quota', 'replyall', 'replylist', 'importwait');
    124. 

  124. 

  125.   $pagetitle = $RCMAIL->localize_foldername($RCMAIL->storage->mod_folder($mbox_name), true);
    126. 

  126.   $pagetitle = str_replace($delimiter, " \xC2\xBB ", $pagetitle);
    127. 

  127. 

  128.   $OUTPUT->set_pagetitle($pagetitle);
    129. 

  129. }
    130. 

  130. 

  131. // register UI objects
    132. 

  132. $OUTPUT->add_handlers(array(
    133. 

  133.   'mailboxlist'         => 'rcmail_mailbox_list',
    134. 

  134.   'messages'            => 'rcmail_message_list',
    135. 

  135.   'messagecountdisplay' => 'rcmail_messagecount_display',
    136. 

  136.   'quotadisplay'        => 'rcmail_quota_display',
    137. 

  137.   'mailboxname'         => 'rcmail_mailbox_name_display',
    138. 

  138.   'messageheaders'      => 'rcmail_message_headers',
    139. 

  139.   'messagefullheaders'  => 'rcmail_message_full_headers',
    140. 

  140.   'messagebody'         => 'rcmail_message_body',
    141. 

  141.   'messagecontentframe' => 'rcmail_messagecontent_frame',
    142. 

  142.   'messageimportform'   => 'rcmail_message_import_form',
    143. 

  143.   'searchfilter'        => 'rcmail_search_filter',
    144. 

  144.   'searchform'          => array($OUTPUT, 'search_form'),
    145. 

  145. ));
    146. 

  146. 

  147. // register action aliases
    148. 

  148. $RCMAIL->register_action_map(array(
    149. 

  149.     'refresh' => 'check_recent.inc',
    150. 

  150.     'preview' => 'show.inc',
    151. 

  151.     'print'   => 'show.inc',
    152. 

  152.     'move'    => 'move_del.inc',
    153. 

  153.     'delete'  => 'move_del.inc',
    154. 

  154.     'send'    => 'sendmail.inc',
    155. 

  155.     'expunge' => 'folders.inc',
    156. 

  156.     'purge'   => 'folders.inc',
    157. 

  157.     'remove-attachment'  => 'attachments.inc',
    158. 

  158.     'display-attachment' => 'attachments.inc',
    159. 

  159.     'upload'             => 'attachments.inc',
    160. 

  160.     'group-expand'       => 'autocomplete.inc',
    161. 

  161. ));
    162. 

  162. 

  163. 

  164. 

  165. /**
    166. 

  166.  * Returns 'to' if current folder is configured Sent or Drafts
    167. 

  167.  * or their subfolders, otherwise returns 'from'.
    168. 

  168.  *
    169. 

  169.  * @return string Column name
    170. 

  170.  */
    171. 

  171. function rcmail_message_list_smart_column_name()
    172. 

  172. {
    173. 

  173.   global $RCMAIL;
    174. 

  174. 

  175.   $delim       = $RCMAIL->storage->get_hierarchy_delimiter();
    176. 

  176.   $mbox        = $RCMAIL->storage->get_folder();
    177. 

  177.   $sent_mbox   = $RCMAIL->config->get('sent_mbox');
    178. 

  178.   $drafts_mbox = $RCMAIL->config->get('drafts_mbox');
    179. 

  179. 

  180.   if (strpos($mbox.$delim, $sent_mbox.$delim) === 0 || strpos($mbox.$delim, $drafts_mbox.$delim) === 0) {
    181. 

  181.     return 'to';
    182. 

  182.   }
    183. 

  183. 

  184.   return 'from';
    185. 

  185. }
    186. 

  186. 

  187. /**
    188. 

  188.  * Returns configured messages list sorting column name
    189. 

  189.  * The name is context-sensitive, which means if sorting is set to 'fromto'
    190. 

  190.  * it will return 'from' or 'to' according to current folder type.
    191. 

  191.  *
    192. 

  192.  * @return string Column name
    193. 

  193.  */
    194. 

  194. function rcmail_sort_column()
    195. 

  195. {
    196. 

  196.   global $RCMAIL;
    197. 

  197. 

  198.   if (isset($_SESSION['sort_col'])) {
    199. 

  199.     $column = $_SESSION['sort_col'];
    200. 

  200.   }
    201. 

  201.   else {
    202. 

  202.     $column = $RCMAIL->config->get('message_sort_col');
    203. 

  203.   }
    204. 

  204. 

  205.   // get name of smart From/To column in folder context
    206. 

  206.   if ($column == 'fromto') {
    207. 

  207.     $column = rcmail_message_list_smart_column_name();
    208. 

  208.   }
    209. 

  209. 

  210.   return $column;
    211. 

  211. }
    212. 

  212. 

  213. /**
    214. 

  214.  * Returns configured message list sorting order
    215. 

  215.  *
    216. 

  216.  * @return string Sorting order (ASC|DESC)
    217. 

  217.  */
    218. 

  218. function rcmail_sort_order()
    219. 

  219. {
    220. 

  220.   global $RCMAIL;
    221. 

  221. 

  222.   if (isset($_SESSION['sort_order'])) {
    223. 

  223.     return $_SESSION['sort_order'];
    224. 

  224.   }
    225. 

  225. 

  226.   return $RCMAIL->config->get('message_sort_order');
    227. 

  227. }
    228. 

  228. 

  229. /**
    230. 

  230.  * return the message list as HTML table
    231. 

  231.  */
    232. 

  232. function rcmail_message_list($attrib)
    233. 

  233. {
    234. 

  234.   global $CONFIG, $OUTPUT;
    235. 

  235. 

  236.   // add some labels to client
    237. 

  237.   $OUTPUT->add_label('from', 'to');
    238. 

  238. 

  239.   // add id to message list table if not specified
    240. 

  240.   if (!strlen($attrib['id']))
    241. 

  241.     $attrib['id'] = 'rcubemessagelist';
    242. 

  242. 

  243.   // define list of cols to be displayed based on parameter or config
    244. 

  244.   if (empty($attrib['columns'])) {
    245. 

  245.     $a_show_cols = is_array($CONFIG['list_cols']) ? $CONFIG['list_cols'] : array('subject');
    246. 

  246.     $OUTPUT->set_env('col_movable', !in_array('list_cols', (array)$CONFIG['dont_override']));
    247. 

  247.   }
    248. 

  248.   else {
    249. 

  249.     $a_show_cols = preg_split('/[\s,;]+/', strip_quotes($attrib['columns']));
    250. 

  250.     $attrib['columns'] = $a_show_cols;
    251. 

  251.   }
    252. 

  252. 

  253.   // save some variables for use in ajax list
    254. 

  254.   $_SESSION['list_attrib'] = $attrib;
    255. 

  255.   // make sure 'threads' and 'subject' columns are present
    256. 

  256.   if (!in_array('subject', $a_show_cols))
    257. 

  257.     array_unshift($a_show_cols, 'subject');
    258. 

  258.   if (!in_array('threads', $a_show_cols))
    259. 

  259.     array_unshift($a_show_cols, 'threads');
    260. 

  260. 

  261.   $_SESSION['skin_path'] = $CONFIG['skin_path'];
    262. 

  262. 

  263.   // set client env
    264. 

  264.   $OUTPUT->add_gui_object('messagelist', $attrib['id']);
    265. 

  265.   $OUTPUT->set_env('autoexpand_threads', intval($CONFIG['autoexpand_threads']));
    266. 

  266.   $OUTPUT->set_env('sort_col', $_SESSION['sort_col']);
    267. 

  267.   $OUTPUT->set_env('sort_order', $_SESSION['sort_order']);
    268. 

  268.   $OUTPUT->set_env('messages', array());
    269. 

  269.   $OUTPUT->set_env('coltypes', $a_show_cols);
    270. 

  270. 

  271.   $OUTPUT->include_script('list.js');
    272. 

  272. 

  273.   $table = new html_table($attrib);
    274. 

  274.   if (!$attrib['noheader']) {
    275. 

  275.     foreach (rcmail_message_list_head($attrib, $a_show_cols) as $cell)
    276. 

  276.       $table->add_header(array('class' => $cell['className'], 'id' => $cell['id']), $cell['html']);
    277. 

  277.   }
    278. 

  278. 

  279.   return $table->show();
    280. 

  280. }
    281. 

  281. 

  282. 

  283. /**
    284. 

  284.  * return javascript commands to add rows to the message list
    285. 

  285.  */
    286. 

  286. function rcmail_js_message_list($a_headers, $insert_top=FALSE, $a_show_cols=null)
    287. 

  287. {
    288. 

  288.   global $CONFIG, $RCMAIL, $OUTPUT;
    289. 

  289. 

  290.   if (empty($a_show_cols)) {
    291. 

  291.     if (!empty($_SESSION['list_attrib']['columns']))
    292. 

  292.       $a_show_cols = $_SESSION['list_attrib']['columns'];
    293. 

  293.     else
    294. 

  294.       $a_show_cols = is_array($CONFIG['list_cols']) ? $CONFIG['list_cols'] : array('subject');
    295. 

  295.   }
    296. 

  296.   else {
    297. 

  297.     if (!is_array($a_show_cols))
    298. 

  298.       $a_show_cols = preg_split('/[\s,;]+/', strip_quotes($a_show_cols));
    299. 

  299.     $head_replace = true;
    300. 

  300.   }
    301. 

  301. 

  302.   $mbox = $RCMAIL->storage->get_folder();
    303. 

  303. 

  304.   // make sure 'threads' and 'subject' columns are present
    305. 

  305.   if (!in_array('subject', $a_show_cols))
    306. 

  306.     array_unshift($a_show_cols, 'subject');
    307. 

  307.   if (!in_array('threads', $a_show_cols))
    308. 

  308.     array_unshift($a_show_cols, 'threads');
    309. 

  309. 

  310.   $_SESSION['list_attrib']['columns'] = $a_show_cols;
    311. 

  311. 

  312.   // Make sure there are no duplicated columns (#1486999)
    313. 

  313.   $a_show_cols = array_unique($a_show_cols);
    314. 

  314. 

  315.   // Plugins may set header's list_cols/list_flags and other rcube_message_header variables
    316. 

  316.   // and list columns
    317. 

  317.   $plugin = $RCMAIL->plugins->exec_hook('messages_list',
    318. 

  318.     array('messages' => $a_headers, 'cols' => $a_show_cols));
    319. 

  319. 

  320.   $a_show_cols = $plugin['cols'];
    321. 

  321.   $a_headers   = $plugin['messages'];
    322. 

  322. 

  323.   $thead = $head_replace ? rcmail_message_list_head($_SESSION['list_attrib'], $a_show_cols) : NULL;
    324. 

  324. 

  325.   // get name of smart From/To column in folder context
    326. 

  326.   if (array_search('fromto', $a_show_cols) !== false) {
    327. 

  327.     $smart_col = rcmail_message_list_smart_column_name();
    328. 

  328.   }
    329. 

  329. 

  330.   $OUTPUT->command('set_message_coltypes', $a_show_cols, $thead, $smart_col);
    331. 

  331. 

  332.   if (empty($a_headers))
    333. 

  333.     return;
    334. 

  334. 

  335.   // remove 'threads', 'attachment', 'flag', 'status' columns, we don't need them here
    336. 

  336.   foreach (array('threads', 'attachment', 'flag', 'status', 'priority') as $col) {
    337. 

  337.     if (($key = array_search($col, $a_show_cols)) !== FALSE)
    338. 

  338.       unset($a_show_cols[$key]);
    339. 

  339.   }
    340. 

  340. 

  341.   // loop through message headers
    342. 

  342.   foreach ($a_headers as $header) {
    343. 

  343.     if (empty($header))
    344. 

  344.       continue;
    345. 

  345. 

  346.     $a_msg_cols = array();
    347. 

  347.     $a_msg_flags = array();
    348. 

  348. 

  349.     // format each col; similar as in rcmail_message_list()
    350. 

  350.     foreach ($a_show_cols as $col) {
    351. 

  351.       $col_name = $col == 'fromto' ? $smart_col : $col;
    352. 

  352. 

  353.       if (in_array($col_name, array('from', 'to', 'cc', 'replyto')))
    354. 

  354.         $cont = rcmail_address_string($header->$col_name, 3, false, null, $header->charset);
    355. 

  355.       else if ($col == 'subject') {
    356. 

  356.         $cont = trim(rcube_mime::decode_header($header->$col, $header->charset));
    357. 

  357.         if (!$cont) $cont = rcube_label('nosubject');
    358. 

  358.         $cont = Q($cont);
    359. 

  359.       }
    360. 

  360.       else if ($col == 'size')
    361. 

  361.         $cont = show_bytes($header->$col);
    362. 

  362.       else if ($col == 'date')
    363. 

  363.         $cont = format_date($header->date);
    364. 

  364.       else
    365. 

  365.         $cont = Q($header->$col);
    366. 

  366. 

  367.       $a_msg_cols[$col] = $cont;
    368. 

  368.     }
    369. 

  369. 

  370.     $a_msg_flags = array_change_key_case(array_map('intval', (array) $header->flags));
    371. 

  371.     if ($header->depth)
    372. 

  372.       $a_msg_flags['depth'] = $header->depth;
    373. 

  373.     else if ($header->has_children)
    374. 

  374.       $roots[] = $header->uid;
    375. 

  375.     if ($header->parent_uid)
    376. 

  376.       $a_msg_flags['parent_uid'] = $header->parent_uid;
    377. 

  377.     if ($header->has_children)
    378. 

  378.       $a_msg_flags['has_children'] = $header->has_children;
    379. 

  379.     if ($header->unread_children)
    380. 

  380.       $a_msg_flags['unread_children'] = $header->unread_children;
    381. 

  381.     if ($header->others['list-post'])
    382. 

  382.       $a_msg_flags['ml'] = 1;
    383. 

  383.     if ($header->priority)
    384. 

  384.       $a_msg_flags['prio'] = (int) $header->priority;
    385. 

  385. 

  386.     $a_msg_flags['ctype'] = Q($header->ctype);
    387. 

  387.     $a_msg_flags['mbox'] = $mbox;
    388. 

  388. 

  389.     // merge with plugin result (Deprecated, use $header->flags)
    390. 

  390.     if (!empty($header->list_flags) && is_array($header->list_flags))
    391. 

  391.       $a_msg_flags = array_merge($a_msg_flags, $header->list_flags);
    392. 

  392.     if (!empty($header->list_cols) && is_array($header->list_cols))
    393. 

  393.       $a_msg_cols = array_merge($a_msg_cols, $header->list_cols);
    394. 

  394. 

  395.     $OUTPUT->command('add_message_row',
    396. 

  396.       $header->uid,
    397. 

  397.       $a_msg_cols,
    398. 

  398.       $a_msg_flags,
    399. 

  399.       $insert_top);
    400. 

  400.   }
    401. 

  401. 

  402.   if ($RCMAIL->storage->get_threading()) {
    403. 

  403.     $OUTPUT->command('init_threads', (array) $roots, $mbox);
    404. 

  404.   }
    405. 

  405. }
    406. 

  406. 

  407. 

  408. /*
    409. 

  409.  * Creates <THEAD> for message list table
    410. 

  410.  */
    411. 

  411. function rcmail_message_list_head($attrib, $a_show_cols)
    412. 

  412. {
    413. 

  413.   global $RCMAIL;
    414. 

  414. 

  415.   $skin_path = $_SESSION['skin_path'];
    416. 

  416. 

  417.   // check to see if we have some settings for sorting
    418. 

  418.   $sort_col   = $_SESSION['sort_col'];
    419. 

  419.   $sort_order = $_SESSION['sort_order'];
    420. 

  420. 

  421.   $dont_override  = (array)$RCMAIL->config->get('dont_override');
    422. 

  422.   $disabled_sort  = in_array('message_sort_col', $dont_override);
    423. 

  423.   $disabled_order = in_array('message_sort_order', $dont_override);
    424. 

  424. 

  425.   $RCMAIL->output->set_env('disabled_sort_col', $disabled_sort);
    426. 

  426.   $RCMAIL->output->set_env('disabled_sort_order', $disabled_order);
    427. 

  427. 

  428.   // define sortable columns
    429. 

  429.   if ($disabled_sort)
    430. 

  430.     $a_sort_cols = $sort_col && !$disabled_order ? array($sort_col) : array();
    431. 

  431.   else
    432. 

  432.     $a_sort_cols = array('subject', 'date', 'from', 'to', 'fromto', 'size', 'cc');
    433. 

  433. 

  434.   if (!empty($attrib['optionsmenuicon'])) {
    435. 

  435.     $onclick = 'return ' . JS_OBJECT_NAME . ".command('menu-open', 'messagelistmenu')";
    436. 

  436.     if ($attrib['optionsmenuicon'] === true || $attrib['optionsmenuicon'] == 'true')
    437. 

  437.       $list_menu = html::div(array('onclick' => $onclick, 'class' => 'listmenu',
    438. 

  438.         'id' => 'listmenulink', 'title' => rcube_label('listoptions')));
    439. 

  439.     else
    440. 

  440.       $list_menu = html::a(array('href' => '#', 'onclick' => $onclick),
    441. 

  441.         html::img(array('src' => $skin_path . $attrib['optionsmenuicon'],
    442. 

  442.           'id' => 'listmenulink', 'title' => rcube_label('listoptions')))
    443. 

  443.       );
    444. 

  444.   }
    445. 

  445.   else
    446. 

  446.     $list_menu = '';
    447. 

  447. 

  448.   $cells = array();
    449. 

  449. 

  450.   // get name of smart From/To column in folder context
    451. 

  451.   if (array_search('fromto', $a_show_cols) !== false) {
    452. 

  452.     $smart_col = rcmail_message_list_smart_column_name();
    453. 

  453.   }
    454. 

  454. 

  455.   foreach ($a_show_cols as $col) {
    456. 

  456.     // get column name
    457. 

  457.     switch ($col) {
    458. 

  458.       case 'flag':
    459. 

  459.         $col_name = '<span class="flagged">&nbsp;</span>';
    460. 

  460.         break;
    461. 

  461.       case 'attachment':
    462. 

  462.       case 'priority':
    463. 

  463.       case 'status':
    464. 

  464.         $col_name = '<span class="' . $col .'">&nbsp;</span>';
    465. 

  465.         break;
    466. 

  466.       case 'threads':
    467. 

  467.         $col_name = $list_menu;
    468. 

  468.         break;
    469. 

  469.       case 'fromto':
    470. 

  470.         $col_name = Q(rcube_label($smart_col));
    471. 

  471.         break;
    472. 

  472.       default:
    473. 

  473.         $col_name = Q(rcube_label($col));
    474. 

  474.     }
    475. 

  475. 

  476.     // make sort links
    477. 

  477.     if (in_array($col, $a_sort_cols))
    478. 

  478.       $col_name = html::a(array('href'=>"./#sort", 'onclick' => 'return '.JS_OBJECT_NAME.".command('sort','".$col."',this)", 'title' => rcube_label('sortby')), $col_name);
    479. 

  479.     else if ($col_name[0] != '<')
    480. 

  480.       $col_name = '<span class="' . $col .'">' . $col_name . '</span>';
    481. 

  481. 

  482.     $sort_class = $col == $sort_col && !$disabled_order ? " sorted$sort_order" : '';
    483. 

  483.     $class_name = $col.$sort_class;
    484. 

  484. 

  485.     // put it all together
    486. 

  486.     $cells[] = array('className' => $class_name, 'id' => "rcm$col", 'html' => $col_name);
    487. 

  487.   }
    488. 

  488. 

  489.   return $cells;
    490. 

  490. }
    491. 

  491. 

  492. 

  493. /**
    494. 

  494.  * return an HTML iframe for loading mail content
    495. 

  495.  */
    496. 

  496. function rcmail_messagecontent_frame($attrib)
    497. 

  497. {
    498. 

  498.   global $OUTPUT, $RCMAIL;
    499. 

  499. 

  500.   if (empty($attrib['id']))
    501. 

  501.     $attrib['id'] = 'rcmailcontentwindow';
    502. 

  502. 

  503.   $attrib['name'] = $attrib['id'];
    504. 

  504. 

  505.   if ($RCMAIL->config->get('preview_pane'))
    506. 

  506.     $OUTPUT->set_env('contentframe', $attrib['id']);
    507. 

  507.   $OUTPUT->set_env('blankpage', $attrib['src'] ? $OUTPUT->abs_url($attrib['src']) : 'program/resources/blank.gif');
    508. 

  508. 

  509.   return $OUTPUT->frame($attrib, true);
    510. 

  510. }
    511. 

  511. 

  512. 

  513. function rcmail_messagecount_display($attrib)
    514. 

  514. {
    515. 

  515.   global $RCMAIL;
    516. 

  516. 

  517.   if (!$attrib['id'])
    518. 

  518.     $attrib['id'] = 'rcmcountdisplay';
    519. 

  519. 

  520.   $RCMAIL->output->add_gui_object('countdisplay', $attrib['id']);
    521. 

  521. 

  522.   $content =  $RCMAIL->action != 'show' ? rcmail_get_messagecount_text() : rcube_label('loading');
    523. 

  523. 

  524.   return html::span($attrib, $content);
    525. 

  525. }
    526. 

  526. 

  527. 

  528. function rcmail_get_messagecount_text($count=NULL, $page=NULL)
    529. 

  529. {
    530. 

  530.   global $RCMAIL;
    531. 

  531. 

  532.   if ($page === NULL) {
    533. 

  533.     $page = $RCMAIL->storage->get_page();
    534. 

  534.   }
    535. 

  535. 

  536.   $page_size = $RCMAIL->storage->get_pagesize();
    537. 

  537.   $start_msg = ($page-1) * $page_size + 1;
    538. 

  538. 

  539.   if ($count!==NULL)
    540. 

  540.     $max = $count;
    541. 

  541.   else if ($RCMAIL->action)
    542. 

  542.     $max = $RCMAIL->storage->count(NULL, $RCMAIL->storage->get_threading() ? 'THREADS' : 'ALL');
    543. 

  543. 

  544.   if ($max==0)
    545. 

  545.     $out = rcube_label('mailboxempty');
    546. 

  546.   else
    547. 

  547.     $out = rcube_label(array('name' => $RCMAIL->storage->get_threading() ? 'threadsfromto' : 'messagesfromto',
    548. 

  548.             'vars' => array('from'  => $start_msg,
    549. 

  549.             'to'    => min($max, $start_msg + $page_size - 1),
    550. 

  550.             'count' => $max)));
    551. 

  551. 

  552.   return Q($out);
    553. 

  553. }
    554. 

  554. 

  555. 

  556. function rcmail_mailbox_name_display($attrib)
    557. 

  557. {
    558. 

  558.   global $RCMAIL;
    559. 

  559. 

  560.   if (!$attrib['id'])
    561. 

  561.     $attrib['id'] = 'rcmmailboxname';
    562. 

  562. 

  563.   $RCMAIL->output->add_gui_object('mailboxname', $attrib['id']);
    564. 

  564. 

  565.   return html::span($attrib, rcmail_get_mailbox_name_text());
    566. 

  566. }
    567. 

  567. 

  568. 

  569. function rcmail_get_mailbox_name_text()
    570. 

  570. {
    571. 

  571.   global $RCMAIL;
    572. 

  572.   return rcmail_localize_foldername($RCMAIL->storage->get_folder());
    573. 

  573. }
    574. 

  574. 

  575. 

  576. function rcmail_send_unread_count($mbox_name, $force=false, $count=null, $mark='')
    577. 

  577. {
    578. 

  578.   global $RCMAIL;
    579. 

  579. 

  580.   $old_unseen = rcmail_get_unseen_count($mbox_name);
    581. 

  581. 

  582.   if ($count === null)
    583. 

  583.     $unseen = $RCMAIL->storage->count($mbox_name, 'UNSEEN', $force);
    584. 

  584.   else
    585. 

  585.     $unseen = $count;
    586. 

  586. 

  587.   if ($unseen != $old_unseen || ($mbox_name == 'INBOX'))
    588. 

  588.     $RCMAIL->output->command('set_unread_count', $mbox_name, $unseen,
    589. 

  589.       ($mbox_name == 'INBOX'), $unseen && $mark ? $mark : '');
    590. 

  590. 

  591.   rcmail_set_unseen_count($mbox_name, $unseen);
    592. 

  592. 

  593.   return $unseen;
    594. 

  594. }
    595. 

  595. 

  596. 

  597. function rcmail_set_unseen_count($mbox_name, $count)
    598. 

  598. {
    599. 

  599.   // @TODO: this data is doubled (session and cache tables) if caching is enabled
    600. 

  600. 

  601.   // Make sure we have an array here (#1487066)
    602. 

  602.   if (!is_array($_SESSION['unseen_count']))
    603. 

  603.     $_SESSION['unseen_count'] = array();
    604. 

  604. 

  605.   $_SESSION['unseen_count'][$mbox_name] = $count;
    606. 

  606. }
    607. 

  607. 

  608. 

  609. function rcmail_get_unseen_count($mbox_name)
    610. 

  610. {
    611. 

  611.   if (is_array($_SESSION['unseen_count']) && array_key_exists($mbox_name, $_SESSION['unseen_count']))
    612. 

  612.     return $_SESSION['unseen_count'][$mbox_name];
    613. 

  613.   else
    614. 

  614.     return null;
    615. 

  615. }
    616. 

  616. 

  617. 

  618. /**
    619. 

  619.  * Sets message is_safe flag according to 'show_images' option value
    620. 

  620.  *
    621. 

  621.  * @param object rcube_message Message
    622. 

  622.  */
    623. 

  623. function rcmail_check_safe(&$message)
    624. 

  624. {
    625. 

  625.   global $RCMAIL;
    626. 

  626. 

  627.   if (!$message->is_safe
    628. 

  628.     && ($show_images = $RCMAIL->config->get('show_images'))
    629. 

  629.     && $message->has_html_part()
    630. 

  630.   ) {
    631. 

  631.     switch ($show_images) {
    632. 

  632.       case 1: // known senders only
    633. 

  633.         // get default addressbook, like in addcontact.inc
    634. 

  634.         $CONTACTS = $RCMAIL->get_address_book(-1, true);
    635. 

  635. 

  636.         if ($CONTACTS) {
    637. 

  637.           $result = $CONTACTS->search('email', $message->sender['mailto'], 1, false);
    638. 

  638.           if ($result->count) {
    639. 

  639.             $message->set_safe(true);
    640. 

  640.           }
    641. 

  641.         }
    642. 

  642.         break;
    643. 

  643. 

  644.       case 2: // always
    645. 

  645.         $message->set_safe(true);
    646. 

  646.         break;
    647. 

  647.     }
    648. 

  648.   }
    649. 

  649. }
    650. 

  650. 

  651. 

  652. /**
    653. 

  653.  * Cleans up the given message HTML Body (for displaying)
    654. 

  654.  *
    655. 

  655.  * @param string HTML
    656. 

  656.  * @param array  Display parameters 
    657. 

  657.  * @param array  CID map replaces (inline images)
    658. 

  658.  * @return string Clean HTML
    659. 

  659.  */
    660. 

  660. function rcmail_wash_html($html, $p, $cid_replaces)
    661. 

  661. {
    662. 

  662.   global $REMOTE_OBJECTS;
    663. 

  663. 

  664.   $p += array('safe' => false, 'inline_html' => true);
    665. 

  665. 

  666.   // charset was converted to UTF-8 in rcube_storage::get_message_part(),
    667. 

  667.   // change/add charset specification in HTML accordingly,
    668. 

  668.   // washtml cannot work without that
    669. 

  669.   $meta = '<meta http-equiv="Content-Type" content="text/html; charset='.RCMAIL_CHARSET.'" />';
    670. 

  670. 

  671.   // remove old meta tag and add the new one, making sure
    672. 

  672.   // that it is placed in the head (#1488093)
    673. 

  673.   $html = preg_replace('/<meta[^>]+charset=[a-z0-9-_]+[^>]*>/Ui', '', $html);
    674. 

  674.   $html = preg_replace('/(<head[^>]*>)/Ui', '\\1'.$meta, $html, -1, $rcount);
    675. 

  675.   if (!$rcount) {
    676. 

  676.     $html = '<head>' . $meta . '</head>' . $html;
    677. 

  677.   }
    678. 

  678. 

  679.   // clean HTML with washhtml by Frederic Motte
    680. 

  680.   $wash_opts = array(
    681. 

  681.     'show_washed' => false,
    682. 

  682.     'allow_remote' => $p['safe'],
    683. 

  683.     'blocked_src' => "./program/resources/blocked.gif",
    684. 

  684.     'charset' => RCMAIL_CHARSET,
    685. 

  685.     'cid_map' => $cid_replaces,
    686. 

  686.     'html_elements' => array('body'),
    687. 

  687.   );
    688. 

  688. 

  689.   if (!$p['inline_html']) {
    690. 

  690.     $wash_opts['html_elements'] = array('html','head','title','body');
    691. 

  691.   }
    692. 

  692.   if ($p['safe']) {
    693. 

  693.     $wash_opts['html_elements'][] = 'link';
    694. 

  694.     $wash_opts['html_attribs'] = array('rel','type');
    695. 

  695.   }
    696. 

  696. 

  697.   // overwrite washer options with options from plugins
    698. 

  698.   if (isset($p['html_elements']))
    699. 

  699.     $wash_opts['html_elements'] = $p['html_elements'];
    700. 

  700.   if (isset($p['html_attribs']))
    701. 

  701.     $wash_opts['html_attribs'] = $p['html_attribs'];
    702. 

  702. 

  703.   // initialize HTML washer
    704. 

  704.   $washer = new rcube_washtml($wash_opts);
    705. 

  705. 

  706.   if (!$p['skip_washer_form_callback'])
    707. 

  707.     $washer->add_callback('form', 'rcmail_washtml_callback');
    708. 

  708. 

  709.   // allow CSS styles, will be sanitized by rcmail_washtml_callback()
    710. 

  710.   if (!$p['skip_washer_style_callback'])
    711. 

  711.     $washer->add_callback('style', 'rcmail_washtml_callback');
    712. 

  712. 

  713.   // Remove non-UTF8 characters (#1487813)
    714. 

  714.   $html = rc_utf8_clean($html);
    715. 

  715. 

  716.   $html = $washer->wash($html);
    717. 

  717.   $REMOTE_OBJECTS = $washer->extlinks;
    718. 

  718. 

  719.   return $html;
    720. 

  720. }
    721. 

  721. 

  722. 

  723. /**
    724. 

  724.  * Convert the given message part to proper HTML
    725. 

  725.  * which can be displayed the message view
    726. 

  726.  *
    727. 

  727.  * @param object rcube_message_part Message part
    728. 

  728.  * @param array  Display parameters array 
    729. 

  729.  * @return string Formatted HTML string
    730. 

  730.  */
    731. 

  731. function rcmail_print_body($part, $p = array())
    732. 

  732. {
    733. 

  733.   global $RCMAIL;
    734. 

  734. 

  735.   // trigger plugin hook
    736. 

  736.   $data = $RCMAIL->plugins->exec_hook('message_part_before',
    737. 

  737.     array('type' => $part->ctype_secondary, 'body' => $part->body, 'id' => $part->mime_id)
    738. 

  738.         + $p + array('safe' => false, 'plain' => false, 'inline_html' => true));
    739. 

  739. 

  740.   // convert html to text/plain
    741. 

  741.   if ($data['plain'] && ($data['type'] == 'html' || $data['type'] == 'enriched')) {
    742. 

  742.     if ($data['type'] == 'enriched') {
    743. 

  743.       $data['body'] = rcube_enriched::to_html($data['body']);
    744. 

  744.     }
    745. 

  745.     $txt = new rcube_html2text($data['body'], false, true);
    746. 

  746.     $body = $txt->get_text();
    747. 

  747.     $part->ctype_secondary = 'plain';
    748. 

  748.   }
    749. 

  749.   // text/html
    750. 

  750.   else if ($data['type'] == 'html') {
    751. 

  751.     $body = rcmail_wash_html($data['body'], $data, $part->replaces);
    752. 

  752.     $part->ctype_secondary = $data['type'];
    753. 

  753.   }
    754. 

  754.   // text/enriched
    755. 

  755.   else if ($data['type'] == 'enriched') {
    756. 

  756.     $body = rcube_enriched::to_html($data['body']);
    757. 

  757.     $body = rcmail_wash_html($body, $data, $part->replaces);
    758. 

  758.     $part->ctype_secondary = 'html';
    759. 

  759.   }
    760. 

  760.   else {
    761. 

  761.     // assert plaintext
    762. 

  762.     $body = $part->body;
    763. 

  763.     $part->ctype_secondary = $data['type'] = 'plain';
    764. 

  764.   }
    765. 

  765. 

  766.   // free some memory (hopefully)
    767. 

  767.   unset($data['body']);
    768. 

  768. 

  769.   // plaintext postprocessing
    770. 

  770.   if ($part->ctype_secondary == 'plain') {
    771. 

  771.     if ($part->ctype_secondary == 'plain' && $part->ctype_parameters['format'] == 'flowed') {
    772. 

  772.       $body = rcube_mime::unfold_flowed($body);
    773. 

  773.     }
    774. 

  774. 

  775.     $body = rcmail_plain_body($body);
    776. 

  776.   }
    777. 

  777. 

  778.   // allow post-processing of the message body
    779. 

  779.   $data = $RCMAIL->plugins->exec_hook('message_part_after',
    780. 

  780.     array('type' => $part->ctype_secondary, 'body' => $body, 'id' => $part->mime_id) + $data);
    781. 

  781. 

  782.   return $data['type'] == 'html' ? $data['body'] : html::tag('pre', array(), $data['body']);
    783. 

  783. }
    784. 

  784. 

  785. 

  786. /**
    787. 

  787.  * Handle links and citation marks in plain text message
    788. 

  788.  *
    789. 

  789.  * @param string  Plain text string
    790. 

  790.  *
    791. 

  791.  * @return string Formatted HTML string
    792. 

  792.  */
    793. 

  793. function rcmail_plain_body($body)
    794. 

  794. {
    795. 

  795.   global $RCMAIL;
    796. 

  796. 

  797.   // make links and email-addresses clickable
    798. 

  798.   $attribs  = array('link_attribs' => array('rel' => 'noreferrer', 'target' => '_blank'));
    799. 

  799.   $replacer = new rcmail_string_replacer($attribs);
    800. 

  800. 

  801.   // search for patterns like links and e-mail addresses and replace with tokens
    802. 

  802.   $body = $replacer->replace($body);
    803. 

  803. 

  804.   // split body into single lines
    805. 

  805.   $body = preg_split('/\r?\n/', $body);
    806. 

  806.   $quote_level = 0;
    807. 

  807.   $last = -1;
    808. 

  808. 

  809.   // find/mark quoted lines...
    810. 

  810.   for ($n=0, $cnt=count($body); $n < $cnt; $n++) {
    811. 

  811.     if ($body[$n][0] == '>' && preg_match('/^(>+ {0,1})+/', $body[$n], $regs)) {
    812. 

  812.       $q        = substr_count($regs[0], '>');
    813. 

  813.       $body[$n] = substr($body[$n], strlen($regs[0]));
    814. 

  814. 

  815.       if ($q > $quote_level) {
    816. 

  816.         $body[$n] = $replacer->get_replacement($replacer->add(
    817. 

  817.           str_repeat('<blockquote>', $q - $quote_level))) . $body[$n];
    818. 

  818.         $last = $n;
    819. 

  819.       }
    820. 

  820.       else if ($q < $quote_level) {
    821. 

  821.         $body[$n] = $replacer->get_replacement($replacer->add(
    822. 

  822.           str_repeat('</blockquote>', $quote_level - $q))) . $body[$n];
    823. 

  823.         $last = $n;
    824. 

  824.       }
    825. 

  825.     }
    826. 

  826.     else {
    827. 

  827.       $q = 0;
    828. 

  828.       if ($quote_level > 0)
    829. 

  829.         $body[$n] = $replacer->get_replacement($replacer->add(
    830. 

  830.           str_repeat('</blockquote>', $quote_level))) . $body[$n];
    831. 

  831.     }
    832. 

  832. 

  833.     $quote_level = $q;
    834. 

  834.   }
    835. 

  835. 

  836.   $body = join("\n", $body);
    837. 

  837. 

  838.   // quote plain text (don't use Q() here, to display entities "as is")
    839. 

  839.   $table = get_html_translation_table(HTML_SPECIALCHARS);
    840. 

  840.   unset($table['?']);
    841. 

  841.   $body = strtr($body, $table);
    842. 

  842. 

  843.   // colorize signature (up to <sig_max_lines> lines)
    844. 

  844.   $len = strlen($body);
    845. 

  845.   $sig_max_lines = $RCMAIL->config->get('sig_max_lines', 15);
    846. 

  846.   while (($sp = strrpos($body, "-- \n", $sp ? -$len+$sp-1 : 0)) !== false) {
    847. 

  847.     if ($sp == 0 || $body[$sp-1] == "\n") {
    848. 

  848.       // do not touch blocks with more that X lines
    849. 

  849.       if (substr_count($body, "\n", $sp) < $sig_max_lines)
    850. 

  850.         $body = substr($body, 0, max(0, $sp))
    851. 

  851.           .'<span class="sig">'.substr($body, $sp).'</span>';
    852. 

  852.       break;
    853. 

  853.     }
    854. 

  854.   }
    855. 

  855. 

  856.   // insert url/mailto links and citation tags
    857. 

  857.   $body = $replacer->resolve($body);
    858. 

  858. 

  859.   return $body;
    860. 

  860. }
    861. 

  861. 

  862. 

  863. /**
    864. 

  864.  * Callback function for washtml cleaning class
    865. 

  865.  */
    866. 

  866. function rcmail_washtml_callback($tagname, $attrib, $content, $washtml)
    867. 

  867. {
    868. 

  868.   switch ($tagname) {
    869. 

  869.     case 'form':
    870. 

  870.       $out = html::div('form', $content);
    871. 

  871.       break;
    872. 

  872. 

  873.     case 'style':
    874. 

  874.       // decode all escaped entities and reduce to ascii strings
    875. 

  875.       $stripped = preg_replace('/[^a-zA-Z\(:;]/', '', rcmail_xss_entity_decode($content));
    876. 

  876. 

  877.       // now check for evil strings like expression, behavior or url()
    878. 

  878.       if (!preg_match('/expression|behavior|javascript:|import[^a]/i', $stripped)) {
    879. 

  879.         if (!$washtml->get_config('allow_remote') && stripos($stripped, 'url('))
    880. 

  880.           $washtml->extlinks = true;
    881. 

  881.         else
    882. 

  882.           $out = html::tag('style', array('type' => 'text/css'), $content);
    883. 

  883.         break;
    884. 

  884.       }
    885. 

  885. 

  886.     default:
    887. 

  887.       $out = '';
    888. 

  888.   }
    889. 

  889. 

  890.   return $out;
    891. 

  891. }
    892. 

  892. 

  893. 

  894. /**
    895. 

  895.  * return table with message headers
    896. 

  896.  */
    897. 

  897. function rcmail_message_headers($attrib, $headers=null)
    898. 

  898. {
    899. 

  899.   global $MESSAGE, $PRINT_MODE, $RCMAIL;
    900. 

  900.   static $sa_attrib;
    901. 

  901. 

  902.   // keep header table attrib
    903. 

  903.   if (is_array($attrib) && !$sa_attrib && !$attrib['valueof'])
    904. 

  904.     $sa_attrib = $attrib;
    905. 

  905.   else if (!is_array($attrib) && is_array($sa_attrib))
    906. 

  906.     $attrib = $sa_attrib;
    907. 

  907. 

  908.   if (!isset($MESSAGE))
    909. 

  909.     return FALSE;
    910. 

  910. 

  911.   // get associative array of headers object
    912. 

  912.   if (!$headers) {
    913. 

  913.     $headers_obj = $MESSAGE->headers;
    914. 

  914.     $headers = get_object_vars($MESSAGE->headers);
    915. 

  915.   }
    916. 

  916.   else if (is_object($headers)) {
    917. 

  917.     $headers_obj = $headers;
    918. 

  918.     $headers = get_object_vars($headers_obj);
    919. 

  919.   }
    920. 

  920.   else {
    921. 

  921.     $headers_obj = rcube_message_header::from_array($headers);
    922. 

  922.   }
    923. 

  923. 

  924.   // show these headers
    925. 

  925.   $standard_headers = array('subject', 'from', 'sender', 'to', 'cc', 'bcc', 'replyto',
    926. 

  926.     'mail-reply-to', 'mail-followup-to', 'date', 'priority');
    927. 

  927.   $exclude_headers = $attrib['exclude'] ? explode(',', $attrib['exclude']) : array();
    928. 

  928.   $output_headers = array();
    929. 

  929. 

  930.   foreach ($standard_headers as $hkey) {
    931. 

  931.     $ishtml = false;
    932. 

  932. 

  933.     if ($headers[$hkey])
    934. 

  934.       $value = $headers[$hkey];
    935. 

  935.     else if ($headers['others'][$hkey])
    936. 

  936.       $value = $headers['others'][$hkey];
    937. 

  937.     else if (!$attrib['valueof'])
    938. 

  938.       continue;
    939. 

  939. 

  940.     if (in_array($hkey, $exclude_headers))
    941. 

  941.       continue;
    942. 

  942. 

  943.     $header_title = rcube_label(preg_replace('/(^mail-|-)/', '', $hkey));
    944. 

  944. 

  945.     if ($hkey == 'date') {
    946. 

  946.       if ($PRINT_MODE)
    947. 

  947.         $header_value = format_date($value, $RCMAIL->config->get('date_long', 'x'));
    948. 

  948.       else
    949. 

  949.         $header_value = format_date($value);
    950. 

  950.     }
    951. 

  951.     else if ($hkey == 'priority') {
    952. 

  952.       if ($value) {
    953. 

  953.         $header_value = html::span('prio' . $value, rcmail_localized_priority($value));
    954. 

  954.       }
    955. 

  955.       else
    956. 

  956.         continue;
    957. 

  957.     }
    958. 

  958.     else if ($hkey == 'replyto') {
    959. 

  959.       if ($headers['replyto'] != $headers['from']) {
    960. 

  960.         $header_value = rcmail_address_string($value, $attrib['max'], true, $attrib['addicon'], $headers['charset'], $header_title);
    961. 

  961.         $ishtml = true;
    962. 

  962.       }
    963. 

  963.       else
    964. 

  964.         continue;
    965. 

  965.     }
    966. 

  966.     else if ($hkey == 'mail-reply-to') {
    967. 

  967.       if ($headers['mail-replyto'] != $headers['reply-to']
    968. 

  968.         && $headers['reply-to'] != $headers['from']
    969. 

  969.       ) {
    970. 

  970.         $header_value = rcmail_address_string($value, $attrib['max'], true, $attrib['addicon'], $headers['charset'], $header_title);
    971. 

  971.         $ishtml = true;
    972. 

  972.       }
    973. 

  973.       else
    974. 

  974.         continue;
    975. 

  975.     }
    976. 

  976.     else if ($hkey == 'sender') {
    977. 

  977.       if ($headers['sender'] != $headers['from']) {
    978. 

  978.         $header_value = rcmail_address_string($value, $attrib['max'], true, $attrib['addicon'], $headers['charset'], $header_title);
    979. 

  979.         $ishtml = true;
    980. 

  980.       }
    981. 

  981.       else
    982. 

  982.         continue;
    983. 

  983.     }
    984. 

  984.     else if ($hkey == 'mail-followup-to') {
    985. 

  985.       $header_value = rcmail_address_string($value, $attrib['max'], true, $attrib['addicon'], $headers['charset'], $header_title);
    986. 

  986.       $ishtml = true;
    987. 

  987.     }
    988. 

  988.     else if (in_array($hkey, array('from', 'to', 'cc', 'bcc'))) {
    989. 

  989.       $header_value = rcmail_address_string($value, $attrib['max'], true, $attrib['addicon'], $headers['charset'], $header_title);
    990. 

  990.       $ishtml = true;
    991. 

  991.     }
    992. 

  992.     else if ($hkey == 'subject' && empty($value))
    993. 

  993.       $header_value = rcube_label('nosubject');
    994. 

  994.     else
    995. 

  995.       $header_value = trim(rcube_mime::decode_header($value, $headers['charset']));
    996. 

  996. 

  997.     $output_headers[$hkey] = array(
    998. 

  998.         'title' => $header_title,
    999. 

  999.         'value' => $header_value,
    1000. 

  1000.         'raw' => $value,
    1001. 

  1001.         'html' => $ishtml,
    1002. 

  1002.     );
    1003. 

  1003.   }
    1004. 

  1004. 

  1005.   $plugin = $RCMAIL->plugins->exec_hook('message_headers_output',
    1006. 

  1006.     array('output' => $output_headers, 'headers' => $headers_obj, 'exclude' => $exclude_headers));
    1007. 

  1007. 

  1008.   // single header value is requested
    1009. 

  1009.   if (!empty($attrib['valueof']))
    1010. 

  1010.     return Q($plugin['output'][$attrib['valueof']]['value'], ($attrib['valueof'] == 'subject' ? 'strict' : 'show'));
    1011. 

  1011. 

  1012.   // compose html table
    1013. 

  1013.   $table = new html_table(array('cols' => 2));
    1014. 

  1014. 

  1015.   foreach ($plugin['output'] as $hkey => $row) {
    1016. 

  1016.     $table->add(array('class' => 'header-title'), Q($row['title']));
    1017. 

  1017.     $table->add(array('class' => 'header '.$hkey), $row['html'] ? $row['value'] : Q($row['value'], ($hkey == 'subject' ? 'strict' : 'show')));
    1018. 

  1018.   }
    1019. 

  1019. 

  1020.   return $table->show($attrib);
    1021. 

  1021. }
    1022. 

  1022. 

  1023. /**
    1024. 

  1024.  * Convert Priority header value into a localized string
    1025. 

  1025.  */
    1026. 

  1026. function rcmail_localized_priority($value)
    1027. 

  1027. {
    1028. 

  1028.   $labels_map = array(
    1029. 

  1029.     '1' => 'highest',
    1030. 

  1030.     '2' => 'high',
    1031. 

  1031.     '3' => 'normal',
    1032. 

  1032.     '4' => 'low',
    1033. 

  1033.     '5' => 'lowest',
    1034. 

  1034.   );
    1035. 

  1035. 

  1036.   if ($value && $labels_map[$value])
    1037. 

  1037.     return rcube_label($labels_map[$value]);
    1038. 

  1038. 

  1039.   return '';
    1040. 

  1040. }
    1041. 

  1041. 

  1042. /**
    1043. 

  1043.  * return block to show full message headers
    1044. 

  1044.  */
    1045. 

  1045. function rcmail_message_full_headers($attrib, $headers=NULL)
    1046. 

  1046. {
    1047. 

  1047.   global $OUTPUT;
    1048. 

  1048. 

  1049.   $html = html::div(array('id' => "all-headers", 'class' => "all", 'style' => 'display:none'), html::div(array('id' => 'headers-source'), ''));
    1050. 

  1050.   $html .= html::div(array('class' => "more-headers show-headers", 'onclick' => "return ".JS_OBJECT_NAME.".command('show-headers','',this)", 'title' => rcube_label('togglefullheaders')), '');
    1051. 

  1051. 

  1052.   $OUTPUT->add_gui_object('all_headers_row', 'all-headers');
    1053. 

  1053.   $OUTPUT->add_gui_object('all_headers_box', 'headers-source');
    1054. 

  1054. 

  1055.   return html::div($attrib, $html);
    1056. 

  1056. }
    1057. 

  1057. 

  1058. 

  1059. /**
    1060. 

  1060.  * Handler for the 'messagebody' GUI object
    1061. 

  1061.  *
    1062. 

  1062.  * @param array Named parameters
    1063. 

  1063.  * @return string HTML content showing the message body
    1064. 

  1064.  */
    1065. 

  1065. function rcmail_message_body($attrib)
    1066. 

  1066. {
    1067. 

  1067.   global $CONFIG, $OUTPUT, $MESSAGE, $RCMAIL, $REMOTE_OBJECTS;
    1068. 

  1068. 

  1069.   if (!is_array($MESSAGE->parts) && empty($MESSAGE->body))
    1070. 

  1070.     return '';
    1071. 

  1071. 

  1072.   if (!$attrib['id'])
    1073. 

  1073.     $attrib['id'] = 'rcmailMsgBody';
    1074. 

  1074. 

  1075.   $safe_mode = $MESSAGE->is_safe || intval($_GET['_safe']);
    1076. 

  1076.   $out = '';
    1077. 

  1077. 

  1078.   $header_attrib = array();
    1079. 

  1079.   foreach ($attrib as $attr => $value)
    1080. 

  1080.     if (preg_match('/^headertable([a-z]+)$/i', $attr, $regs))
    1081. 

  1081.       $header_attrib[$regs[1]] = $value;
    1082. 

  1082. 

  1083.   if (!empty($MESSAGE->parts)) {
    1084. 

  1084.     foreach ($MESSAGE->parts as $part) {
    1085. 

  1085.       if ($part->type == 'headers') {
    1086. 

  1086.         $out .= html::div('message-partheaders', rcmail_message_headers(sizeof($header_attrib) ? $header_attrib : null, $part->headers));
    1087. 

  1087.       }
    1088. 

  1088.       else if ($part->type == 'content') {
    1089. 

  1089.         // unsupported (e.g. encrypted)
    1090. 

  1090.         if ($part->realtype) {
    1091. 

  1091.           if ($part->realtype == 'multipart/encrypted' || $part->realtype == 'application/pkcs7-mime') {
    1092. 

  1092.             $out .= html::span('part-notice', rcube_label('encryptedmessage'));
    1093. 

  1093.           }
    1094. 

  1094.           continue;
    1095. 

  1095.         }
    1096. 

  1096.         else if (!$part->size) {
    1097. 

  1097.           continue;
    1098. 

  1098.         }
    1099. 

  1099.         // Check if we have enough memory to handle the message in it
    1100. 

  1100.         // #1487424: we need up to 10x more memory than the body
    1101. 

  1101.         else if (!rcmail_mem_check($part->size * 10)) {
    1102. 

  1102.           $out .= html::span('part-notice', rcube_label('messagetoobig'). ' '
    1103. 

  1103.             . html::a('?_task=mail&_action=get&_download=1&_uid='.$MESSAGE->uid.'&_part='.$part->mime_id
    1104. 

  1104.               .'&_mbox='. urlencode($RCMAIL->storage->get_folder()), rcube_label('download')));
    1105. 

  1105.           continue;
    1106. 

  1106.         }
    1107. 

  1107. 

  1108.         if (empty($part->ctype_parameters) || empty($part->ctype_parameters['charset']))
    1109. 

  1109.           $part->ctype_parameters['charset'] = $MESSAGE->headers->charset;
    1110. 

  1110. 

  1111.         // fetch part if not available
    1112. 

  1112.         if (!isset($part->body))
    1113. 

  1113.           $part->body = $MESSAGE->get_part_content($part->mime_id);
    1114. 

  1114. 

  1115.         // extract headers from message/rfc822 parts
    1116. 

  1116.         if ($part->mimetype == 'message/rfc822') {
    1117. 

  1117.           $msgpart = rcube_mime::parse_message($part->body);
    1118. 

  1118.           if (!empty($msgpart->headers)) {
    1119. 

  1119.             $part = $msgpart;
    1120. 

  1120.             $out .= html::div('message-partheaders', rcmail_message_headers(sizeof($header_attrib) ? $header_attrib : null, $part->headers));
    1121. 

  1121.           }
    1122. 

  1122.         }
    1123. 

  1123. 

  1124.         // message is cached but not exists (#1485443), or other error
    1125. 

  1125.         if ($part->body === false) {
    1126. 

  1126.           rcmail_message_error($MESSAGE->uid);
    1127. 

  1127.         }
    1128. 

  1128. 

  1129.         $plugin = $RCMAIL->plugins->exec_hook('message_body_prefix', array(
    1130. 

  1130.           'part' => $part, 'prefix' => ''));
    1131. 

  1131. 

  1132.         $body = rcmail_print_body($part, array('safe' => $safe_mode, 'plain' => !$CONFIG['prefer_html']));
    1133. 

  1133. 

  1134.         if ($part->ctype_secondary == 'html') {
    1135. 

  1135.           $body = rcmail_html4inline($body, $attrib['id'], 'rcmBody', $attrs, $safe_mode);
    1136. 

  1136.           $div_attr = array('class' => 'message-htmlpart');
    1137. 

  1137.           $style = array();
    1138. 

  1138. 

  1139.           if (!empty($attrs)) {
    1140. 

  1140.             foreach ($attrs as $a_idx => $a_val)
    1141. 

  1141.               $style[] = $a_idx . ': ' . $a_val;
    1142. 

  1142.             if (!empty($style))
    1143. 

  1143.               $div_attr['style'] = implode('; ', $style);
    1144. 

  1144.           }
    1145. 

  1145. 

  1146.           $out .= html::div($div_attr, $plugin['prefix'] . $body);
    1147. 

  1147.         }
    1148. 

  1148.         else
    1149. 

  1149.           $out .= html::div('message-part', $plugin['prefix'] . $body);
    1150. 

  1150.       }
    1151. 

  1151.     }
    1152. 

  1152.   }
    1153. 

  1153.   else {
    1154. 

  1154.     // Check if we have enough memory to handle the message in it
    1155. 

  1155.     // #1487424: we need up to 10x more memory than the body
    1156. 

  1156.     if (!rcmail_mem_check(strlen($MESSAGE->body) * 10)) {
    1157. 

  1157.       $out .= html::span('part-notice', rcube_label('messagetoobig'). ' '
    1158. 

  1158.         . html::a('?_task=mail&_action=get&_download=1&_uid='.$MESSAGE->uid.'&_part=0'
    1159. 

  1159.           .'&_mbox='. urlencode($RCMAIL->storage->get_folder()), rcube_label('download')));
    1160. 

  1160.     }
    1161. 

  1161.     else {
    1162. 

  1162.       $plugin = $RCMAIL->plugins->exec_hook('message_body_prefix', array(
    1163. 

  1163.         'part' => $MESSAGE, 'prefix' => ''));
    1164. 

  1164. 

  1165.       $out .= html::div('message-part', $plugin['prefix'] . html::tag('pre', array(),
    1166. 

  1166.         rcmail_plain_body(Q($MESSAGE->body, 'strict', false))));
    1167. 

  1167.     }
    1168. 

  1168.   }
    1169. 

  1169. 

  1170.   // list images after mail body
    1171. 

  1171.   if ($RCMAIL->config->get('inline_images', true) && !empty($MESSAGE->attachments)) {
    1172. 

  1172.     $thumbnail_size = $RCMAIL->config->get('image_thumbnail_size', 240);
    1173. 

  1173.     $client_mimetypes = (array)$RCMAIL->config->get('client_mimetypes');
    1174. 

  1174. 

  1175.     foreach ($MESSAGE->attachments as $attach_prop) {
    1176. 

  1176.       // skip inline images
    1177. 

  1177.       if ($attach_prop->content_id && $attach_prop->disposition == 'inline') {
    1178. 

  1178.         continue;
    1179. 

  1179.       }
    1180. 

  1180. 

  1181.       // Content-Type: image/*...
    1182. 

  1182.       if ($mimetype = rcmail_part_image_type($attach_prop)) {
    1183. 

  1183.         // display thumbnails
    1184. 

  1184.         if ($thumbnail_size) {
    1185. 

  1185.           $show_link = array(
    1186. 

  1186.             'href' => $MESSAGE->get_part_url($attach_prop->mime_id, false),
    1187. 

  1187.             'onclick' => sprintf(
    1188. 

  1188.               'return %s.command(\'load-attachment\',\'%s\',this)',
    1189. 

  1189.               JS_OBJECT_NAME,
    1190. 

  1190.               $attach_prop->mime_id)
    1191. 

  1191.           );
    1192. 

  1192.           $out .= html::p('image-attachment',
    1193. 

  1193.              html::a($show_link + array('class' => 'image-link', 'style' => sprintf('width:%dpx', $thumbnail_size)),
    1194. 

  1194.                html::img(array(
    1195. 

  1195.                 'class' => 'image-thumbnail',
    1196. 

  1196.                 'src'   => $MESSAGE->get_part_url($attach_prop->mime_id, 'image') . '&_thumb=1',
    1197. 

  1197.                 'title' => $attach_prop->filename,
    1198. 

  1198.                 'alt'   => $attach_prop->filename,
    1199. 

  1199.                 'style' => sprintf('max-width:%dpx; max-height:%dpx', $thumbnail_size, $thumbnail_size),
    1200. 

  1200.               ))
    1201. 

  1201.             ) .
    1202. 

  1202.             html::span('image-filename', Q($attach_prop->filename)) .
    1203. 

  1203.             html::span('image-filesize', Q($RCMAIL->message_part_size($attach_prop))) .
    1204. 

  1204.             html::span('attachment-links',
    1205. 

  1205.               (in_array($mimetype, $client_mimetypes) ? html::a($show_link, rcube_label('showattachment')) . '&nbsp;' : '') .
    1206. 

  1206.               html::a($show_link['href'] . '&_download=1', rcube_label('download'))
    1207. 

  1207.             ) .
    1208. 

  1208.             html::br(array('style' => 'clear:both'))
    1209. 

  1209.           );
    1210. 

  1210.         }
    1211. 

  1211.         else {
    1212. 

  1212.           $out .= html::tag('fieldset', 'image-attachment',
    1213. 

  1213.             html::tag('legend', 'image-filename', Q($attach_prop->filename)) .
    1214. 

  1214.             html::p(array('align' => "center"),
    1215. 

  1215.               html::img(array(
    1216. 

  1216.                 'src'   => $MESSAGE->get_part_url($attach_prop->mime_id, 'image'),
    1217. 

  1217.                 'title' => $attach_prop->filename,
    1218. 

  1218.                 'alt'   => $attach_prop->filename,
    1219. 

  1219.               )))
    1220. 

  1220.           );
    1221. 

  1221.         }
    1222. 

  1222.       }
    1223. 

  1223.     }
    1224. 

  1224.   }
    1225. 

  1225. 

  1226.   // tell client that there are blocked remote objects
    1227. 

  1227.   if ($REMOTE_OBJECTS && !$safe_mode)
    1228. 

  1228.     $OUTPUT->set_env('blockedobjects', true);
    1229. 

  1229. 

  1230.   return html::div($attrib, $out);
    1231. 

  1231. }
    1232. 

  1232. 

  1233. function rcmail_part_image_type($part)
    1234. 

  1234. {
    1235. 

  1235.   $rcmail = rcmail::get_instance();
    1236. 

  1236. 

  1237.   // Skip TIFF images if browser doesn't support this format...
    1238. 

  1238.   $tiff_support = !empty($_SESSION['browser_caps']) && !empty($_SESSION['browser_caps']['tif']);
    1239. 

  1239.   // until we can convert them to JPEG
    1240. 

  1240.   $tiff_support = $tiff_support || $rcmail->config->get('im_convert_path');
    1241. 

  1241. 

  1242.   // Content-type regexp
    1243. 

  1243.   $mime_regex = $tiff_support ? '/^image\//i' : '/^image\/(?!tif)/i';
    1244. 

  1244. 

  1245.   // Content-Type: image/*...
    1246. 

  1246.   if (preg_match($mime_regex, $part->mimetype)) {
    1247. 

  1247.     return rcmail_fix_mimetype($part->mimetype);
    1248. 

  1248.   }
    1249. 

  1249. 

  1250.   // Many clients use application/octet-stream, we'll detect mimetype
    1251. 

  1251.   // by checking filename extension
    1252. 

  1252. 

  1253.   // Supported image filename extensions to image type map
    1254. 

  1254.   $types = array(
    1255. 

  1255.     'jpg'  => 'image/jpeg',
    1256. 

  1256.     'jpeg' => 'image/jpeg',
    1257. 

  1257.     'png'  => 'image/png',
    1258. 

  1258.     'gif'  => 'image/gif',
    1259. 

  1259.     'bmp'  => 'image/bmp',
    1260. 

  1260.   );
    1261. 

  1261.   if ($tiff_support) {
    1262. 

  1262.     $types['tif']  = 'image/tiff';
    1263. 

  1263.     $types['tiff'] = 'image/tiff';
    1264. 

  1264.   }
    1265. 

  1265. 

  1266.   if ($part->filename
    1267. 

  1267.     && preg_match('/^application\/octet-stream$/i', $part->mimetype)
    1268. 

  1268.     && preg_match('/\.([^.]+)$/i', $part->filename, $m)
    1269. 

  1269.     && ($extension = strtolower($m[1]))
    1270. 

  1270.     && isset($types[$extension])
    1271. 

  1271.   ) {
    1272. 

  1272.     return $types[$extension];
    1273. 

  1273.   }
    1274. 

  1274. }
    1275. 

  1275. 

  1276. 

  1277. /**
    1278. 

  1278.  * modify a HTML message that it can be displayed inside a HTML page
    1279. 

  1279.  */
    1280. 

  1280. function rcmail_html4inline($body, $container_id, $body_id='', &$attributes=null, $allow_remote=false)
    1281. 

  1281. {
    1282. 

  1282.   $last_style_pos = 0;
    1283. 

  1283.   $cont_id = $container_id.($body_id ? ' div.'.$body_id : '');
    1284. 

  1284. 

  1285.   // find STYLE tags
    1286. 

  1286.   while (($pos = stripos($body, '<style', $last_style_pos)) && ($pos2 = stripos($body, '</style>', $pos)))
    1287. 

  1287.   {
    1288. 

  1288.     $pos = strpos($body, '>', $pos) + 1;
    1289. 

  1289.     $len = $pos2 - $pos;
    1290. 

  1290. 

  1291.     // replace all css definitions with #container [def]
    1292. 

  1292.     $styles = substr($body, $pos, $len);
    1293. 

  1293.     $styles = rcmail_mod_css_styles($styles, $cont_id, $allow_remote);
    1294. 

  1294. 

  1295.     $body = substr_replace($body, $styles, $pos, $len);
    1296. 

  1296.     $last_style_pos = $pos2 + strlen($styles) - $len;
    1297. 

  1297.   }
    1298. 

  1298. 

  1299.   // modify HTML links to open a new window if clicked
    1300. 

  1300.   $GLOBALS['rcmail_html_container_id'] = $container_id;
    1301. 

  1301.   $body = preg_replace_callback('/<(a|link|area)\s+([^>]+)>/Ui', 'rcmail_alter_html_link', $body);
    1302. 

  1302.   unset($GLOBALS['rcmail_html_container_id']);
    1303. 

  1303. 

  1304.   $body = preg_replace(array(
    1305. 

  1305.       // add comments arround html and other tags
    1306. 

  1306.       '/(<!DOCTYPE[^>]*>)/i',
    1307. 

  1307.       '/(<\?xml[^>]*>)/i',
    1308. 

  1308.       '/(<\/?html[^>]*>)/i',
    1309. 

  1309.       '/(<\/?head[^>]*>)/i',
    1310. 

  1310.       '/(<title[^>]*>.*<\/title>)/Ui',
    1311. 

  1311.       '/(<\/?meta[^>]*>)/i',
    1312. 

  1312.       // quote <? of php and xml files that are specified as text/html
    1313. 

  1313.       '/<\?/',
    1314. 

  1314.       '/\?>/',
    1315. 

  1315.       // replace <body> with <div>
    1316. 

  1316.       '/<body([^>]*)>/i',
    1317. 

  1317.       '/<\/body>/i',
    1318. 

  1318.       ),
    1319. 

  1319.     array(
    1320. 

  1320.       '<!--\\1-->',
    1321. 

  1321.       '<!--\\1-->',
    1322. 

  1322.       '<!--\\1-->',
    1323. 

  1323.       '<!--\\1-->',
    1324. 

  1324.       '<!--\\1-->',
    1325. 

  1325.       '<!--\\1-->',
    1326. 

  1326.       '&lt;?',
    1327. 

  1327.       '?&gt;',
    1328. 

  1328.       '<div class="'.$body_id.'"\\1>',
    1329. 

  1329.       '</div>',
    1330. 

  1330.       ),
    1331. 

  1331.     $body);
    1332. 

  1332. 

  1333.   $attributes = array();
    1334. 

  1334. 

  1335.   // Handle body attributes that doesn't play nicely with div elements
    1336. 

  1336.   $regexp = '/<div class="' . preg_quote($body_id, '/') . '"([^>]*)/';
    1337. 

  1337.   if (preg_match($regexp, $body, $m)) {
    1338. 

  1338.     $attrs = $m[0];
    1339. 

  1339.     // Get bgcolor, we'll set it as background-color of the message container
    1340. 

  1340.     if ($m[1] && preg_match('/bgcolor=["\']*([a-z0-9#]+)["\']*/', $attrs, $mb)) {
    1341. 

  1341.       $attributes['background-color'] = $mb[1];
    1342. 

  1342.       $attrs = preg_replace('/bgcolor=["\']*([a-z0-9#]+)["\']*/', '', $attrs);
    1343. 

  1343.     }
    1344. 

  1344.     // Get background, we'll set it as background-image of the message container
    1345. 

  1345.     if ($m[1] && preg_match('/background=["\']*([^"\'>\s]+)["\']*/', $attrs, $mb)) {
    1346. 

  1346.       $attributes['background-image'] = 'url('.$mb[1].')';
    1347. 

  1347.       $attrs = preg_replace('/background=["\']*([^"\'>\s]+)["\']*/', '', $attrs);
    1348. 

  1348.     }
    1349. 

  1349.     if (!empty($attributes)) {
    1350. 

  1350.       $body = preg_replace($regexp, rtrim($attrs), $body, 1);
    1351. 

  1351.     }
    1352. 

  1352. 

  1353.     // handle body styles related to background image
    1354. 

  1354.     if ($attributes['background-image']) {
    1355. 

  1355.       // get body style
    1356. 

  1356.       if (preg_match('/#'.preg_quote($cont_id, '/').'\s+\{([^}]+)}/i', $body, $m)) {
    1357. 

  1357.         // get background related style
    1358. 

  1358.         if (preg_match_all('/(background-position|background-repeat)\s*:\s*([^;]+);/i', $m[1], $ma, PREG_SET_ORDER)) {
    1359. 

  1359.           foreach ($ma as $style)
    1360. 

  1360.             $attributes[$style[1]] = $style[2];
    1361. 

  1361.         }
    1362. 

  1362.       }
    1363. 

  1363.     }
    1364. 

  1364.   }
    1365. 

  1365.   // make sure there's 'rcmBody' div, we need it for proper css modification
    1366. 

  1366.   // its name is hardcoded in rcmail_message_body() also
    1367. 

  1367.   else {
    1368. 

  1368.     $body = '<div class="' . $body_id . '">' . $body . '</div>';
    1369. 

  1369.   }
    1370. 

  1370. 

  1371.   return $body;
    1372. 

  1372. }
    1373. 

  1373. 

  1374. 

  1375. /**
    1376. 

  1376.  * parse link (a, link, area) attributes and set correct target
    1377. 

  1377.  */
    1378. 

  1378. function rcmail_alter_html_link($matches)
    1379. 

  1379. {
    1380. 

  1380.   global $RCMAIL;
    1381. 

  1381. 

  1382.   // Support unicode/punycode in top-level domain part
    1383. 

  1383.   $EMAIL_PATTERN = '([a-z0-9][a-z0-9\-\.\+\_]*@[^&@"\'.][^@&"\']*\\.([^\\x00-\\x40\\x5b-\\x60\\x7b-\\x7f]{2,}|xn--[a-z0-9]{2,}))';
    1384. 

  1384. 

  1385.   $tag    = strtolower($matches[1]);
    1386. 

  1386.   $attrib = parse_attrib_string($matches[2]);
    1387. 

  1387.   $end    = '>';
    1388. 

  1388. 

  1389.   // Remove non-printable characters in URL (#1487805)
    1390. 

  1390.   if ($attrib['href'])
    1391. 

  1391.     $attrib['href'] = preg_replace('/[\x00-\x1F]/', '', $attrib['href']);
    1392. 

  1392. 

  1393.   if ($tag == 'link' && preg_match('/^https?:\/\//i', $attrib['href'])) {
    1394. 

  1394.     $tempurl = 'tmp-' . md5($attrib['href']) . '.css';
    1395. 

  1395.     $_SESSION['modcssurls'][$tempurl] = $attrib['href'];
    1396. 

  1396.     $attrib['href'] = $RCMAIL->url(array('task' => 'utils', 'action' => 'modcss', 'u' => $tempurl, 'c' => $GLOBALS['rcmail_html_container_id']));
    1397. 

  1397.     $end = ' />';
    1398. 

  1398.   }
    1399. 

  1399.   else if (preg_match('/^mailto:'.$EMAIL_PATTERN.'(\?[^"\'>]+)?/i', $attrib['href'], $mailto)) {
    1400. 

  1400.     $attrib['href'] = $mailto[0];
    1401. 

  1401.     $attrib['onclick'] = sprintf(
    1402. 

  1402.       "return %s.command('compose','%s',this)",
    1403. 

  1403.       JS_OBJECT_NAME,
    1404. 

  1404.       JQ($mailto[1].$mailto[3]));
    1405. 

  1405.   }
    1406. 

  1406.   else if (empty($attrib['href']) && !$attrib['name']) {
    1407. 

  1407.     $attrib['href'] = './#NOP';
    1408. 

  1408.     $attrib['onclick'] = 'return false';
    1409. 

  1409.   }
    1410. 

  1410.   else if (!empty($attrib['href']) && $attrib['href'][0] != '#') {
    1411. 

  1411.     $attrib['target'] = '_blank';
    1412. 

  1412.   }
    1413. 

  1413. 

  1414.   // Better security by adding rel="noreferrer" (#1484686)
    1415. 

  1415.   if (($tag == 'a' || $tag == 'area') && $attrib['href'] && $attrib['href'][0] != '#') {
    1416. 

  1416.     $attrib['rel'] = 'noreferrer';
    1417. 

  1417.   }
    1418. 

  1418. 

  1419.   // allowed attributes for a|link|area tags
    1420. 

  1420.   $allow = array('href','name','target','onclick','id','class','style','title',
    1421. 

  1421.     'rel','type','media','alt','coords','nohref','hreflang','shape');
    1422. 

  1422. 

  1423.   return "<$tag" . html::attrib_string($attrib, $allow) . $end;
    1424. 

  1424. }
    1425. 

  1425. 

  1426. 

  1427. /**
    1428. 

  1428.  * decode address string and re-format it as HTML links
    1429. 

  1429.  */
    1430. 

  1430. function rcmail_address_string($input, $max=null, $linked=false, $addicon=null, $default_charset=null, $title=null)
    1431. 

  1431. {
    1432. 

  1432.   global $RCMAIL, $PRINT_MODE, $CONFIG;
    1433. 

  1433. 

  1434.   $a_parts = rcube_mime::decode_address_list($input, null, true, $default_charset);
    1435. 

  1435. 

  1436.   if (!sizeof($a_parts))
    1437. 

  1437.     return $input;
    1438. 

  1438. 

  1439.   $c = count($a_parts);
    1440. 

  1440.   $j = 0;
    1441. 

  1441.   $out = '';
    1442. 

  1442.   $allvalues  = array();
    1443. 

  1443.   $show_email = $RCMAIL->config->get('message_show_email');
    1444. 

  1444. 

  1445.   if ($addicon && !isset($_SESSION['writeable_abook'])) {
    1446. 

  1446.     $_SESSION['writeable_abook'] = $RCMAIL->get_address_sources(true) ? true : false;
    1447. 

  1447.   }
    1448. 

  1448. 

  1449.   foreach ($a_parts as $part) {
    1450. 

  1450.     $j++;
    1451. 

  1451.     $name   = $part['name'];
    1452. 

  1452.     $mailto = $part['mailto'];
    1453. 

  1453.     $string = $part['string'];
    1454. 

  1454.     $valid  = check_email($mailto, false);
    1455. 

  1455. 

  1456.     // phishing email prevention (#1488981), e.g. "valid@email.addr <phishing@email.addr>"
    1457. 

  1457.     if (!$show_email && $valid && $name && $name != $mailto && strpos($name, '@')) {
    1458. 

  1458.       $name = '';
    1459. 

  1459.     }
    1460. 

  1460. 

  1461.     // IDNA ASCII to Unicode
    1462. 

  1462.     if ($name == $mailto)
    1463. 

  1463.       $name = rcube_idn_to_utf8($name);
    1464. 

  1464.     if ($string == $mailto)
    1465. 

  1465.       $string = rcube_idn_to_utf8($string);
    1466. 

  1466.     $mailto = rcube_idn_to_utf8($mailto);
    1467. 

  1467. 

  1468.     if ($PRINT_MODE) {
    1469. 

  1469.       $out .= ($out ? ', ' : '') . sprintf('%s &lt;%s&gt;', Q($name), $mailto);
    1470. 

  1470.       // for printing we display all addresses
    1471. 

  1471.       continue;
    1472. 

  1472.     }
    1473. 

  1473.     else if ($valid) {
    1474. 

  1474.       if ($linked) {
    1475. 

  1475.         $attrs = array(
    1476. 

  1476.            'href' => 'mailto:' . $mailto,
    1477. 

  1477.            'onclick' => sprintf("return %s.command('compose','%s',this)", JS_OBJECT_NAME, JQ($mailto)),
    1478. 

  1478.            'class' => "rcmContactAddress",
    1479. 

  1479.         );
    1480. 

  1480. 

  1481.         if ($show_email && $name && $mailto) {
    1482. 

  1482.           $content = Q($name ? sprintf('%s <%s>', $name, $mailto) : $mailto);
    1483. 

  1483.         }
    1484. 

  1484.         else {
    1485. 

  1485.           $content = Q($name ? $name : $mailto);
    1486. 

  1486.           $attrs['title'] = $mailto;
    1487. 

  1487.         }
    1488. 

  1488. 

  1489.         $address = html::a($attrs, $content);
    1490. 

  1490.       }
    1491. 

  1491.       else {
    1492. 

  1492.         $address = html::span(array('title' => $mailto, 'class' => "rcmContactAddress"),
    1493. 

  1493.           Q($name ? $name : $mailto));
    1494. 

  1494.       }
    1495. 

  1495. 

  1496.       if ($addicon && $_SESSION['writeable_abook']) {
    1497. 

  1497.         $address .= html::a(array(
    1498. 

  1498.             'href' => "#add",
    1499. 

  1499.             'onclick' => sprintf("return %s.command('add-contact','%s',this)", JS_OBJECT_NAME, JQ($string)),
    1500. 

  1500.             'title' => rcube_label('addtoaddressbook'),
    1501. 

  1501.             'class' => 'rcmaddcontact',
    1502. 

  1502.           ),
    1503. 

  1503.           html::img(array(
    1504. 

  1504.             'src' => $CONFIG['skin_path'] . $addicon,
    1505. 

  1505.             'alt' => "Add contact",
    1506. 

  1506.           )));
    1507. 

  1507.       }
    1508. 

  1508.     }
    1509. 

  1509.     else {
    1510. 

  1510.       $address = '';
    1511. 

  1511.       if ($name)
    1512. 

  1512.         $address .= Q($name);
    1513. 

  1513.       if ($mailto)
    1514. 

  1514.         $address = trim($address . ' ' . Q($name ? sprintf('<%s>', $mailto) : $mailto)
    1515.

Large files files are truncated, but you can click here to view the full file