rc2: program/include/rcmail.php comparison

comparison program/include/rcmail.php @ 0:4681f974d28b

vanilla 1.3.3 distro, I hope

author	Charlie Root
date	Thu, 04 Jan 2018 15:52:31 -0500
parents
children

comparison

equal deleted inserted replaced

--1:000000000000
+:4681f974d28b
+<?php
+/**
++-----------------------------------------------------------------------+
+| program/include/rcmail.php                                            |
+|                                                                       |
+| This file is part of the Roundcube Webmail client                     |
+| Copyright (C) 2008-2014, The Roundcube Dev Team                       |
+| Copyright (C) 2011-2014, Kolab Systems AG                             |
+|                                                                       |
+| Licensed under the GNU General Public License version 3 or            |
+| any later version with exceptions for skins & plugins.                |
+| See the README file for a full license statement.                     |
+|                                                                       |
+| PURPOSE:                                                              |
+|   Application class providing core functions and holding              |
+|   instances of all 'global' objects like db- and imap-connections     |
++-----------------------------------------------------------------------+
+| Author: Thomas Bruederli <roundcube@gmail.com>                        |
+| Author: Aleksander Machniak <alec@alec.pl>                            |
++-----------------------------------------------------------------------+
+*/
+/**
+* Application class of Roundcube Webmail
+* implemented as singleton
+*
+* @package Webmail
+*/
+class rcmail extends rcube
+{
+/**
+* Main tasks.
+*
+* @var array
+*/
+static public $main_tasks = array('mail','settings','addressbook','login','logout','utils','dummy');
+/**
+* Current task.
+*
+* @var string
+*/
+public $task;
+/**
+* Current action.
+*
+* @var string
+*/
+public $action    = '';
+public $comm_path = './';
+public $filename  = '';
+private $address_books = array();
+private $action_map    = array();
+const ERROR_STORAGE          = -2;
+const ERROR_INVALID_REQUEST  = 1;
+const ERROR_INVALID_HOST     = 2;
+const ERROR_COOKIES_DISABLED = 3;
+const ERROR_RATE_LIMIT       = 4;
+/**
+* This implements the 'singleton' design pattern
+*
+* @param integer $mode Ignored rcube::get_instance() argument
+* @param string  $env  Environment name to run (e.g. live, dev, test)
+*
+* @return rcmail The one and only instance
+*/
+static function get_instance($mode = 0, $env = '')
+{
+if (!self::$instance || !is_a(self::$instance, 'rcmail')) {
+self::$instance = new rcmail($env);
+// init AFTER object was linked with self::$instance
+self::$instance->startup();
+}
+return self::$instance;
+}
+/**
+* Initial startup function
+* to register session, create database and imap connections
+*/
+protected function startup()
+{
+$this->init(self::INIT_WITH_DB | self::INIT_WITH_PLUGINS);
+// set filename if not index.php
+if (($basename = basename($_SERVER['SCRIPT_FILENAME'])) && $basename != 'index.php') {
+$this->filename = $basename;
+}
+// load all configured plugins
+$plugins          = (array) $this->config->get('plugins', array());
+$required_plugins = array('filesystem_attachments', 'jqueryui');
+$this->plugins->load_plugins($plugins, $required_plugins);
+// start session
+$this->session_init();
+// create user object
+$this->set_user(new rcube_user($_SESSION['user_id']));
+// set task and action properties
+$this->set_task(rcube_utils::get_input_value('_task', rcube_utils::INPUT_GPC));
+$this->action = asciiwords(rcube_utils::get_input_value('_action', rcube_utils::INPUT_GPC));
+// reset some session parameters when changing task
+if ($this->task != 'utils') {
+// we reset list page when switching to another task
+// but only to the main task interface - empty action (#1489076, #1490116)
+// this will prevent from unintentional page reset on cross-task requests
+if ($this->session && $_SESSION['task'] != $this->task && empty($this->action)) {
+$this->session->remove('page');
+// set current task to session
+$_SESSION['task'] = $this->task;
+}
+}
+// init output class (not in CLI mode)
+if (!empty($_REQUEST['_remote'])) {
+$GLOBALS['OUTPUT'] = $this->json_init();
+}
+else if ($_SERVER['REMOTE_ADDR']) {
+$GLOBALS['OUTPUT'] = $this->load_gui(!empty($_REQUEST['_framed']));
+}
+// run init method on all the plugins
+$this->plugins->init($this, $this->task);
+}
+/**
+* Setter for application task
+*
+* @param string $task Task to set
+*/
+public function set_task($task)
+{
+if (php_sapi_name() == 'cli') {
+$task = 'cli';
+}
+else if (!$this->user || !$this->user->ID) {
+$task = 'login';
+}
+else {
+$task = asciiwords($task, true) ?: 'mail';
+}
+$this->task      = $task;
+$this->comm_path = $this->url(array('task' => $this->task));
+if (!empty($_REQUEST['_framed'])) {
+$this->comm_path .= '&_framed=1';
+}
+if ($this->output) {
+$this->output->set_env('task', $this->task);
+$this->output->set_env('comm_path', $this->comm_path);
+}
+}
+/**
+* Setter for system user object
+*
+* @param rcube_user $user Current user instance
+*/
+public function set_user($user)
+{
+parent::set_user($user);
+$lang = $this->language_prop($this->config->get('language', $_SESSION['language']));
+$_SESSION['language'] = $this->user->language = $lang;
+// set localization
+setlocale(LC_ALL, $lang . '.utf8', $lang . '.UTF-8', 'en_US.utf8', 'en_US.UTF-8');
+// Workaround for http://bugs.php.net/bug.php?id=18556
+// Also strtoupper/strtolower and other methods are locale-aware
+// for these locales it is problematic (#1490519)
+if (in_array($lang, array('tr_TR', 'ku', 'az_AZ'))) {
+setlocale(LC_CTYPE, 'en_US.utf8', 'en_US.UTF-8', 'C');
+}
+}
+/**
+* Return instance of the internal address book class
+*
+* @param string  $id        Address book identifier (-1 for default addressbook)
+* @param boolean $writeable True if the address book needs to be writeable
+*
+* @return rcube_contacts Address book object
+*/
+public function get_address_book($id, $writeable = false)
+{
+$contacts    = null;
+$ldap_config = (array)$this->config->get('ldap_public');
+// 'sql' is the alias for '0' used by autocomplete
+if ($id == 'sql')
+$id = '0';
+else if ($id == -1) {
+$id = $this->config->get('default_addressbook');
+$default = true;
+}
+// use existing instance
+if (isset($this->address_books[$id]) && ($this->address_books[$id] instanceof rcube_addressbook)) {
+$contacts = $this->address_books[$id];
+}
+else if ($id && $ldap_config[$id]) {
+$domain   = $this->config->mail_domain($_SESSION['storage_host']);
+$contacts = new rcube_ldap($ldap_config[$id], $this->config->get('ldap_debug'), $domain);
+}
+else if ($id === '0') {
+$contacts = new rcube_contacts($this->db, $this->get_user_id());
+}
+else {
+$plugin = $this->plugins->exec_hook('addressbook_get', array('id' => $id, 'writeable' => $writeable));
+// plugin returned instance of a rcube_addressbook
+if ($plugin['instance'] instanceof rcube_addressbook) {
+$contacts = $plugin['instance'];
+}
+}
+// when user requested default writeable addressbook
+// we need to check if default is writeable, if not we
+// will return first writeable book (if any exist)
+if ($contacts && $default && $contacts->readonly && $writeable) {
+$contacts = null;
+}
+// Get first addressbook from the list if configured default doesn't exist
+// This can happen when user deleted the addressbook (e.g. Kolab folder)
+if (!$contacts && (!$id || $default)) {
+$source = reset($this->get_address_sources($writeable, !$default));
+if (!empty($source)) {
+$contacts = $this->get_address_book($source['id']);
+if ($contacts) {
+$id = $source['id'];
+}
+}
+}
+if (!$contacts) {
+// there's no default, just return
+if ($default) {
+return null;
+}
+self::raise_error(array(
+'code'    => 700,
+'file'    => __FILE__,
+'line'    => __LINE__,
+'message' => "Addressbook source ($id) not found!"
+),
+true, true);
+}
+// add to the 'books' array for shutdown function
+$this->address_books[$id] = $contacts;
+if ($writeable && $contacts->readonly) {
+return null;
+}
+// set configured sort order
+if ($sort_col = $this->config->get('addressbook_sort_col')) {
+$contacts->set_sort_order($sort_col);
+}
+return $contacts;
+}
+/**
+* Return identifier of the address book object
+*
+* @param rcube_addressbook $object Addressbook source object
+*
+* @return string Source identifier
+*/
+public function get_address_book_id($object)
+{
+foreach ($this->address_books as $index => $book) {
+if ($book === $object) {
+return $index;
+}
+}
+}
+/**
+* Return address books list
+*
+* @param boolean $writeable   True if the address book needs to be writeable
+* @param boolean $skip_hidden True if the address book needs to be not hidden
+*
+* @return array Address books array
+*/
+public function get_address_sources($writeable = false, $skip_hidden = false)
+{
+$abook_type   = (string) $this->config->get('address_book_type');
+$ldap_config  = (array) $this->config->get('ldap_public');
+$autocomplete = (array) $this->config->get('autocomplete_addressbooks');
+$list         = array();
+// We are using the DB address book or a plugin address book
+if (!empty($abook_type) && strtolower($abook_type) != 'ldap') {
+if (!isset($this->address_books['0'])) {
+$this->address_books['0'] = new rcube_contacts($this->db, $this->get_user_id());
+}
+$list['0'] = array(
+'id'       => '0',
+'name'     => $this->gettext('personaladrbook'),
+'groups'   => $this->address_books['0']->groups,
+'readonly' => $this->address_books['0']->readonly,
+'undelete' => $this->address_books['0']->undelete && $this->config->get('undo_timeout'),
+'autocomplete' => in_array('sql', $autocomplete),
+);
+}
+if (!empty($ldap_config)) {
+foreach ($ldap_config as $id => $prop) {
+// handle misconfiguration
+if (empty($prop) || !is_array($prop)) {
+continue;
+}
+$list[$id] = array(
+'id'       => $id,
+'name'     => html::quote($prop['name']),
+'groups'   => !empty($prop['groups']) || !empty($prop['group_filters']),
+'readonly' => !$prop['writable'],
+'hidden'   => $prop['hidden'],
+'autocomplete' => in_array($id, $autocomplete)
+);
+}
+}
+$plugin = $this->plugins->exec_hook('addressbooks_list', array('sources' => $list));
+$list   = $plugin['sources'];
+foreach ($list as $idx => $item) {
+// register source for shutdown function
+if (!is_object($this->address_books[$item['id']])) {
+$this->address_books[$item['id']] = $item;
+}
+// remove from list if not writeable as requested
+if ($writeable && $item['readonly']) {
+unset($list[$idx]);
+}
+// remove from list if hidden as requested
+else if ($skip_hidden && $item['hidden']) {
+unset($list[$idx]);
+}
+}
+return $list;
+}
+/**
+* Getter for compose responses.
+* These are stored in local config and user preferences.
+*
+* @param boolean $sorted    True to sort the list alphabetically
+* @param boolean $user_only True if only this user's responses shall be listed
+*
+* @return array List of the current user's stored responses
+*/
+public function get_compose_responses($sorted = false, $user_only = false)
+{
+$responses = array();
+if (!$user_only) {
+foreach ($this->config->get('compose_responses_static', array()) as $response) {
+if (empty($response['key'])) {
+$response['key'] = substr(md5($response['name']), 0, 16);
+}
+$response['static'] = true;
+$response['class']  = 'readonly';
+$k = $sorted ? '0000-' . mb_strtolower($response['name']) : $response['key'];
+$responses[$k] = $response;
+}
+}
+foreach ($this->config->get('compose_responses', array()) as $response) {
+if (empty($response['key'])) {
+$response['key'] = substr(md5($response['name']), 0, 16);
+}
+$k = $sorted ? mb_strtolower($response['name']) : $response['key'];
+$responses[$k] = $response;
+}
+// sort list by name
+if ($sorted) {
+ksort($responses, SORT_LOCALE_STRING);
+}
+$responses = array_values($responses);
+$hook = $this->plugins->exec_hook('get_compose_responses', array(
+'list'      => $responses,
+'sorted'    => $sorted,
+'user_only' => $user_only,
+));
+return $hook['list'];
+}
+/**
+* Init output object for GUI and add common scripts.
+* This will instantiate a rcmail_output_html object and set
+* environment vars according to the current session and configuration
+*
+* @param boolean $framed True if this request is loaded in a (i)frame
+*
+* @return rcube_output Reference to HTML output object
+*/
+public function load_gui($framed = false)
+{
+// init output page
+if (!($this->output instanceof rcmail_output_html)) {
+$this->output = new rcmail_output_html($this->task, $framed);
+}
+// set refresh interval
+$this->output->set_env('refresh_interval', $this->config->get('refresh_interval', 0));
+$this->output->set_env('session_lifetime', $this->config->get('session_lifetime', 0) * 60);
+if ($framed) {
+$this->comm_path .= '&_framed=1';
+$this->output->set_env('framed', true);
+}
+$this->output->set_env('task', $this->task);
+$this->output->set_env('action', $this->action);
+$this->output->set_env('comm_path', $this->comm_path);
+$this->output->set_charset(RCUBE_CHARSET);
+if ($this->user && $this->user->ID) {
+$this->output->set_env('user_id', $this->user->get_hash());
+}
+// set compose mode for all tasks (message compose step can be triggered from everywhere)
+$this->output->set_env('compose_extwin', $this->config->get('compose_extwin',false));
+// add some basic labels to client
+$this->output->add_label('loading', 'servererror', 'connerror', 'requesttimedout',
+'refreshing', 'windowopenerror', 'uploadingmany', 'close');
+return $this->output;
+}
+/**
+* Create an output object for JSON responses
+*
+* @return rcube_output Reference to JSON output object
+*/
+public function json_init()
+{
+if (!($this->output instanceof rcmail_output_json)) {
+$this->output = new rcmail_output_json($this->task);
+}
+return $this->output;
+}
+/**
+* Create session object and start the session.
+*/
+public function session_init()
+{
+parent::session_init();
+// set initial session vars
+if (!$_SESSION['user_id']) {
+$_SESSION['temp'] = true;
+}
+// restore skin selection after logout
+if ($_SESSION['temp'] && !empty($_SESSION['skin'])) {
+$this->config->set('skin', $_SESSION['skin']);
+}
+}
+/**
+* Perform login to the mail server and to the webmail service.
+* This will also create a new user entry if auto_create_user is configured.
+*
+* @param string $username    Mail storage (IMAP) user name
+* @param string $password    Mail storage (IMAP) password
+* @param string $host        Mail storage (IMAP) host
+* @param bool   $cookiecheck Enables cookie check
+*
+* @return boolean True on success, False on failure
+*/
+function login($username, $password, $host = null, $cookiecheck = false)
+{
+$this->login_error = null;
+if (empty($username)) {
+return false;
+}
+if ($cookiecheck && empty($_COOKIE)) {
+$this->login_error = self::ERROR_COOKIES_DISABLED;
+return false;
+}
+$username_filter = $this->config->get('login_username_filter');
+$username_maxlen = $this->config->get('login_username_maxlen', 1024);
+$password_maxlen = $this->config->get('login_password_maxlen', 1024);
+$default_host    = $this->config->get('default_host');
+$default_port    = $this->config->get('default_port');
+$username_domain = $this->config->get('username_domain');
+$login_lc        = $this->config->get('login_lc', 2);
+// check input for security (#1490500)
+if (($username_maxlen && strlen($username) > $username_maxlen)
+|| ($username_filter && !preg_match($username_filter, $username))
+|| ($password_maxlen && strlen($password) > $password_maxlen)
+) {
+$this->login_error = self::ERROR_INVALID_REQUEST;
+return false;
+}
+// host is validated in rcmail::autoselect_host(), so here
+// we'll only handle unset host (if possible)
+if (!$host && !empty($default_host)) {
+if (is_array($default_host)) {
+$key  = key($default_host);
+$host = is_numeric($key) ? $default_host[$key] : $key;
+}
+else {
+$host = $default_host;
+}
+$host = rcube_utils::parse_host($host);
+}
+if (!$host) {
+$this->login_error = self::ERROR_INVALID_HOST;
+return false;
+}
+// parse $host URL
+$a_host = parse_url($host);
+if ($a_host['host']) {
+$host = $a_host['host'];
+$ssl  = (isset($a_host['scheme']) && in_array($a_host['scheme'], array('ssl','imaps','tls'))) ? $a_host['scheme'] : null;
+if (!empty($a_host['port']))
+$port = $a_host['port'];
+else if ($ssl && $ssl != 'tls' && (!$default_port || $default_port == 143))
+$port = 993;
+}
+if (!$port) {
+$port = $default_port;
+}
+// Check if we need to add/force domain to username
+if (!empty($username_domain)) {
+$domain = is_array($username_domain) ? $username_domain[$host] : $username_domain;
+if ($domain = rcube_utils::parse_host((string)$domain, $host)) {
+$pos = strpos($username, '@');
+// force configured domains
+if ($pos !== false && $this->config->get('username_domain_forced')) {
+$username = substr($username, 0, $pos) . '@' . $domain;
+}
+// just add domain if not specified
+else if ($pos === false) {
+$username .= '@' . $domain;
+}
+}
+}
+// Convert username to lowercase. If storage backend
+// is case-insensitive we need to store always the same username (#1487113)
+if ($login_lc) {
+if ($login_lc == 2 || $login_lc === true) {
+$username = mb_strtolower($username);
+}
+else if (strpos($username, '@')) {
+// lowercase domain name
+list($local, $domain) = explode('@', $username);
+$username = $local . '@' . mb_strtolower($domain);
+}
+}
+// try to resolve email address from virtuser table
+if (strpos($username, '@') && ($virtuser = rcube_user::email2user($username))) {
+$username = $virtuser;
+}
+// Here we need IDNA ASCII
+// Only rcube_contacts class is using domain names in Unicode
+$host     = rcube_utils::idn_to_ascii($host);
+$username = rcube_utils::idn_to_ascii($username);
+// user already registered -> overwrite username
+if ($user = rcube_user::query($username, $host)) {
+$username = $user->data['username'];
+// Brute-force prevention
+if ($user->is_locked()) {
+$this->login_error = self::ERROR_RATE_LIMIT;
+return false;
+}
+}
+$storage = $this->get_storage();
+// try to log in
+if (!$storage->connect($host, $username, $password, $port, $ssl)) {
+if ($user) {
+$user->failed_login();
+}
+// Wait a second to slow down brute-force attacks (#1490549)
+sleep(1);
+return false;
+}
+// user already registered -> update user's record
+if (is_object($user)) {
+// update last login timestamp
+$user->touch();
+}
+// create new system user
+else if ($this->config->get('auto_create_user')) {
+if ($created = rcube_user::create($username, $host)) {
+$user = $created;
+}
+else {
+self::raise_error(array(
+'code'    => 620,
+'file'    => __FILE__,
+'line'    => __LINE__,
+'message' => "Failed to create a user record. Maybe aborted by a plugin?"
+),
+true, false);
+}
+}
+else {
+self::raise_error(array(
+'code'    => 621,
+'file'    => __FILE__,
+'line'    => __LINE__,
+'message' => "Access denied for new user $username. 'auto_create_user' is disabled"
+),
+true, false);
+}
+// login succeeded
+if (is_object($user) && $user->ID) {
+// Configure environment
+$this->set_user($user);
+$this->set_storage_prop();
+// set session vars
+$_SESSION['user_id']      = $user->ID;
+$_SESSION['username']     = $user->data['username'];
+$_SESSION['storage_host'] = $host;
+$_SESSION['storage_port'] = $port;
+$_SESSION['storage_ssl']  = $ssl;
+$_SESSION['password']     = $this->encrypt($password);
+$_SESSION['login_time']   = time();
+$timezone = rcube_utils::get_input_value('_timezone', rcube_utils::INPUT_GPC);
+if ($timezone && is_string($timezone) && $timezone != '_default_') {
+$_SESSION['timezone'] = $timezone;
+}
+// fix some old settings according to namespace prefix
+$this->fix_namespace_settings($user);
+// set/create special folders
+$this->set_special_folders();
+// clear all mailboxes related cache(s)
+$storage->clear_cache('mailboxes', true);
+return true;
+}
+return false;
+}
+/**
+* Returns error code of last login operation
+*
+* @return int Error code
+*/
+public function login_error()
+{
+if ($this->login_error) {
+return $this->login_error;
+}
+if ($this->storage && $this->storage->get_error_code() < -1) {
+return self::ERROR_STORAGE;
+}
+}
+/**
+* Auto-select IMAP host based on the posted login information
+*
+* @return string Selected IMAP host
+*/
+public function autoselect_host()
+{
+$default_host = $this->config->get('default_host');
+$host         = null;
+if (is_array($default_host)) {
+$post_host = rcube_utils::get_input_value('_host', rcube_utils::INPUT_POST);
+$post_user = rcube_utils::get_input_value('_user', rcube_utils::INPUT_POST);
+list(, $domain) = explode('@', $post_user);
+// direct match in default_host array
+if ($default_host[$post_host] || in_array($post_host, array_values($default_host))) {
+$host = $post_host;
+}
+// try to select host by mail domain
+else if (!empty($domain)) {
+foreach ($default_host as $storage_host => $mail_domains) {
+if (is_array($mail_domains) && in_array_nocase($domain, $mail_domains)) {
+$host = $storage_host;
+break;
+}
+else if (stripos($storage_host, $domain) !== false || stripos(strval($mail_domains), $domain) !== false) {
+$host = is_numeric($storage_host) ? $mail_domains : $storage_host;
+break;
+}
+}
+}
+// take the first entry if $host is still not set
+if (empty($host)) {
+$key  = key($default_host);
+$host = is_numeric($key) ? $default_host[$key] : $key;
+}
+}
+else if (empty($default_host)) {
+$host = rcube_utils::get_input_value('_host', rcube_utils::INPUT_POST);
+}
+else {
+$host = rcube_utils::parse_host($default_host);
+}
+return $host;
+}
+/**
+* Destroy session data and remove cookie
+*/
+public function kill_session()
+{
+$this->plugins->exec_hook('session_destroy');
+$this->session->kill();
+$_SESSION = array('language' => $this->user->language, 'temp' => true, 'skin' => $this->config->get('skin'));
+$this->user->reset();
+}
+/**
+* Do server side actions on logout
+*/
+public function logout_actions()
+{
+$storage        = $this->get_storage();
+$logout_expunge = $this->config->get('logout_expunge');
+$logout_purge   = $this->config->get('logout_purge');
+$trash_mbox     = $this->config->get('trash_mbox');
+if ($logout_purge && !empty($trash_mbox)) {
+$storage->clear_folder($trash_mbox);
+}
+if ($logout_expunge) {
+$storage->expunge_folder('INBOX');
+}
+// Try to save unsaved user preferences
+if (!empty($_SESSION['preferences'])) {
+$this->user->save_prefs(unserialize($_SESSION['preferences']));
+}
+}
+/**
+* Build a valid URL to this instance of Roundcube
+*
+* @param mixed   $p        Either a string with the action or
+*                          url parameters as key-value pairs
+* @param boolean $absolute Build an URL absolute to document root
+* @param boolean $full     Create fully qualified URL including http(s):// and hostname
+* @param bool    $secure   Return absolute URL in secure location
+*
+* @return string Valid application URL
+*/
+public function url($p, $absolute = false, $full = false, $secure = false)
+{
+if (!is_array($p)) {
+if (strpos($p, 'http') === 0) {
+return $p;
+}
+$p = array('_action' => @func_get_arg(0));
+}
+$pre = array();
+$task = $p['_task'] ?: ($p['task'] ?: $this->task);
+$pre['_task'] = $task;
+unset($p['task'], $p['_task']);
+$url  = $this->filename;
+$delm = '?';
+foreach (array_merge($pre, $p) as $key => $val) {
+if ($val !== '' && $val !== null) {
+$par  = $key[0] == '_' ? $key : '_'.$key;
+$url .= $delm.urlencode($par).'='.urlencode($val);
+$delm = '&';
+}
+}
+$base_path = strval($_SERVER['REDIRECT_SCRIPT_URL'] ?: $_SERVER['SCRIPT_NAME']);
+$base_path = preg_replace('![^/]+$!', '', $base_path);
+if ($secure && ($token = $this->get_secure_url_token(true))) {
+// add token to the url
+$url = $token . '/' . $url;
+// remove old token from the path
+$base_path = rtrim($base_path, '/');
+$base_path = preg_replace('/\/[a-zA-Z0-9]{' . strlen($token) . '}$/', '', $base_path);
+// this need to be full url to make redirects work
+$absolute = true;
+}
+else if ($secure && ($token = $this->get_request_token()))
+$url .= $delm . '_token=' . urlencode($token);
+if ($absolute || $full) {
+// add base path to this Roundcube installation
+if ($base_path == '') $base_path = '/';
+$prefix = $base_path;
+// prepend protocol://hostname:port
+if ($full) {
+$prefix = rcube_utils::resolve_url($prefix);
+}
+$prefix = rtrim($prefix, '/') . '/';
+}
+else {
+$prefix = './';
+}
+return $prefix . $url;
+}
+/**
+* Function to be executed in script shutdown
+*/
+public function shutdown()
+{
+parent::shutdown();
+foreach ($this->address_books as $book) {
+if (is_object($book) && is_a($book, 'rcube_addressbook')) {
+$book->close();
+}
+}
+// write performance stats to logs/console
+if ($this->config->get('devel_mode') || $this->config->get('performance_stats')) {
+// make sure logged numbers use unified format
+setlocale(LC_NUMERIC, 'en_US.utf8', 'en_US.UTF-8', 'en_US', 'C');
+if (function_exists('memory_get_usage')) {
+$mem = $this->show_bytes(memory_get_usage());
+}
+if (function_exists('memory_get_peak_usage')) {
+$mem .= '/'.$this->show_bytes(memory_get_peak_usage());
+}
+$log = $this->task . ($this->action ? '/'.$this->action : '') . ($mem ? " [$mem]" : '');
+if (defined('RCMAIL_START')) {
+self::print_timer(RCMAIL_START, $log);
+}
+else {
+self::console($log);
+}
+}
+}
+/**
+* CSRF attack prevention code. Raises error when check fails.
+*
+* @param int $mode Request mode
+*/
+public function request_security_check($mode = rcube_utils::INPUT_POST)
+{
+// check request token
+if (!$this->check_request($mode)) {
+$error = array('code' => 403, 'message' => "Request security check failed");
+self::raise_error($error, false, true);
+}
+// check referer if configured
+if ($this->config->get('referer_check') && !rcube_utils::check_referer()) {
+$error = array('code' => 403, 'message' => "Referer check failed");
+self::raise_error($error, true, true);
+}
+}
+/**
+* Registers action aliases for current task
+*
+* @param array $map Alias-to-filename hash array
+*/
+public function register_action_map($map)
+{
+if (is_array($map)) {
+foreach ($map as $idx => $val) {
+$this->action_map[$idx] = $val;
+}
+}
+}
+/**
+* Returns current action filename
+*
+* @param array $map Alias-to-filename hash array
+*/
+public function get_action_file()
+{
+if (!empty($this->action_map[$this->action])) {
+return $this->action_map[$this->action];
+}
+return strtr($this->action, '-', '_') . '.inc';
+}
+/**
+* Fixes some user preferences according to namespace handling change.
+* Old Roundcube versions were using folder names with removed namespace prefix.
+* Now we need to add the prefix on servers where personal namespace has prefix.
+*
+* @param rcube_user $user User object
+*/
+private function fix_namespace_settings($user)
+{
+$prefix     = $this->storage->get_namespace('prefix');
+$prefix_len = strlen($prefix);
+if (!$prefix_len) {
+return;
+}
+if ($this->config->get('namespace_fixed')) {
+return;
+}
+$prefs = array();
+// Build namespace prefix regexp
+$ns     = $this->storage->get_namespace();
+$regexp = array();
+foreach ($ns as $entry) {
+if (!empty($entry)) {
+foreach ($entry as $item) {
+if (strlen($item[0])) {
+$regexp[] = preg_quote($item[0], '/');
+}
+}
+}
+}
+$regexp = '/^('. implode('|', $regexp).')/';
+// Fix preferences
+$opts = array('drafts_mbox', 'junk_mbox', 'sent_mbox', 'trash_mbox', 'archive_mbox');
+foreach ($opts as $opt) {
+if ($value = $this->config->get($opt)) {
+if ($value != 'INBOX' && !preg_match($regexp, $value)) {
+$prefs[$opt] = $prefix.$value;
+}
+}
+}
+if (($search_mods = $this->config->get('search_mods')) && !empty($search_mods)) {
+$folders = array();
+foreach ($search_mods as $idx => $value) {
+if ($idx != 'INBOX' && $idx != '*' && !preg_match($regexp, $idx)) {
+$idx = $prefix.$idx;
+}
+$folders[$idx] = $value;
+}
+$prefs['search_mods'] = $folders;
+}
+if (($threading = $this->config->get('message_threading')) && !empty($threading)) {
+$folders = array();
+foreach ($threading as $idx => $value) {
+if ($idx != 'INBOX' && !preg_match($regexp, $idx)) {
+$idx = $prefix.$idx;
+}
+$folders[$prefix.$idx] = $value;
+}
+$prefs['message_threading'] = $folders;
+}
+if ($collapsed = $this->config->get('collapsed_folders')) {
+$folders     = explode('&&', $collapsed);
+$count       = count($folders);
+$folders_str = '';
+if ($count) {
+$folders[0]        = substr($folders[0], 1);
+$folders[$count-1] = substr($folders[$count-1], 0, -1);
+}
+foreach ($folders as $value) {
+if ($value != 'INBOX' && !preg_match($regexp, $value)) {
+$value = $prefix.$value;
+}
+$folders_str .= '&'.$value.'&';
+}
+$prefs['collapsed_folders'] = $folders_str;
+}
+$prefs['namespace_fixed'] = true;
+// save updated preferences and reset imap settings (default folders)
+$user->save_prefs($prefs);
+$this->set_storage_prop();
+}
+/**
+* Overwrite action variable
+*
+* @param string $action New action value
+*/
+public function overwrite_action($action)
+{
+$this->action = $action;
+$this->output->set_env('action', $action);
+}
+/**
+* Set environment variables for specified config options
+*
+* @param array $options List of configuration option names
+*/
+public function set_env_config($options)
+{
+foreach ((array) $options as $option) {
+if ($this->config->get($option)) {
+$this->output->set_env($option, true);
+}
+}
+}
+/**
+* Returns RFC2822 formatted current date in user's timezone
+*
+* @return string Date
+*/
+public function user_date()
+{
+// get user's timezone
+try {
+$tz   = new DateTimeZone($this->config->get('timezone'));
+$date = new DateTime('now', $tz);
+}
+catch (Exception $e) {
+$date = new DateTime();
+}
+return $date->format('r');
+}
+/**
+* Write login data (name, ID, IP address) to the 'userlogins' log file.
+*/
+public function log_login($user = null, $failed_login = false, $error_code = 0)
+{
+if (!$this->config->get('log_logins')) {
+return;
+}
+// failed login
+if ($failed_login) {
+// don't fill the log with complete input, which could
+// have been prepared by a hacker
+if (strlen($user) > 256) {
+$user = substr($user, 0, 256) . '...';
+}
+$message = sprintf('Failed login for %s from %s in session %s (error: %d)',
+$user, rcube_utils::remote_ip(), session_id(), $error_code);
+}
+// successful login
+else {
+$user_name = $this->get_user_name();
+$user_id   = $this->get_user_id();
+if (!$user_id) {
+return;
+}
+$message = sprintf('Successful login for %s (ID: %d) from %s in session %s',
+$user_name, $user_id, rcube_utils::remote_ip(), session_id());
+}
+// log login
+self::write_log('userlogins', $message);
+}
+/**
+* Create a HTML table based on the given data
+*
+* @param array  $attrib     Named table attributes
+* @param mixed  $table_data Table row data. Either a two-dimensional array
+*                           or a valid SQL result set
+* @param array  $show_cols  List of cols to show
+* @param string $id_col     Name of the identifier col
+*
+* @return string HTML table code
+*/
+public function table_output($attrib, $table_data, $show_cols, $id_col)
+{
+$table = new html_table($attrib);
+// add table header
+if (!$attrib['noheader']) {
+foreach ($show_cols as $col) {
+$table->add_header($col, $this->Q($this->gettext($col)));
+}
+}
+if (!is_array($table_data)) {
+$db = $this->get_dbh();
+while ($table_data && ($sql_arr = $db->fetch_assoc($table_data))) {
+$table->add_row(array('id' => 'rcmrow' . rcube_utils::html_identifier($sql_arr[$id_col])));
+// format each col
+foreach ($show_cols as $col) {
+$table->add($col, $this->Q($sql_arr[$col]));
+}
+}
+}
+else {
+foreach ($table_data as $row_data) {
+$class = !empty($row_data['class']) ? $row_data['class'] : null;
+if (!empty($attrib['rowclass']))
+$class = trim($class . ' ' . $attrib['rowclass']);
+$rowid = 'rcmrow' . rcube_utils::html_identifier($row_data[$id_col]);
+$table->add_row(array('id' => $rowid, 'class' => $class));
+// format each col
+foreach ($show_cols as $col) {
+$val = is_array($row_data[$col]) ? $row_data[$col][0] : $row_data[$col];
+$table->add($col, empty($attrib['ishtml']) ? $this->Q($val) : $val);
+}
+}
+}
+return $table->show($attrib);
+}
+/**
+* Convert the given date to a human readable form
+* This uses the date formatting properties from config
+*
+* @param mixed  $date    Date representation (string, timestamp or DateTime object)
+* @param string $format  Date format to use
+* @param bool   $convert Enables date conversion according to user timezone
+*
+* @return string Formatted date string
+*/
+public function format_date($date, $format = null, $convert = true)
+{
+if (is_object($date) && is_a($date, 'DateTime')) {
+$timestamp = $date->format('U');
+}
+else {
+if (!empty($date)) {
+$timestamp = rcube_utils::strtotime($date);
+}
+if (empty($timestamp)) {
+return '';
+}
+try {
+$date = new DateTime("@".$timestamp);
+}
+catch (Exception $e) {
+return '';
+}
+}
+if ($convert) {
+try {
+// convert to the right timezone
+$stz = date_default_timezone_get();
+$tz = new DateTimeZone($this->config->get('timezone'));
+$date->setTimezone($tz);
+date_default_timezone_set($tz->getName());
+$timestamp = $date->format('U');
+}
+catch (Exception $e) {
+}
+}
+// define date format depending on current time
+if (!$format) {
+$now         = time();
+$now_date    = getdate($now);
+$today_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday'], $now_date['year']);
+$week_limit  = mktime(0, 0, 0, $now_date['mon'], $now_date['mday']-6, $now_date['year']);
+$pretty_date = $this->config->get('prettydate');
+if ($pretty_date && $timestamp > $today_limit && $timestamp <= $now) {
+$format = $this->config->get('date_today', $this->config->get('time_format', 'H:i'));
+$today  = true;
+}
+else if ($pretty_date && $timestamp > $week_limit && $timestamp <= $now) {
+$format = $this->config->get('date_short', 'D H:i');
+}
+else {
+$format = $this->config->get('date_long', 'Y-m-d H:i');
+}
+}
+// strftime() format
+if (preg_match('/%[a-z]+/i', $format)) {
+$format = strftime($format, $timestamp);
+if ($stz) {
+date_default_timezone_set($stz);
+}
+return $today ? ($this->gettext('today') . ' ' . $format) : $format;
+}
+// parse format string manually in order to provide localized weekday and month names
+// an alternative would be to convert the date() format string to fit with strftime()
+$out = '';
+for ($i=0; $i<strlen($format); $i++) {
+if ($format[$i] == "\\") {  // skip escape chars
+continue;
+}
+// write char "as-is"
+if ($format[$i] == ' ' || $format[$i-1] == "\\") {
+$out .= $format[$i];
+}
+// weekday (short)
+else if ($format[$i] == 'D') {
+$out .= $this->gettext(strtolower(date('D', $timestamp)));
+}
+// weekday long
+else if ($format[$i] == 'l') {
+$out .= $this->gettext(strtolower(date('l', $timestamp)));
+}
+// month name (short)
+else if ($format[$i] == 'M') {
+$out .= $this->gettext(strtolower(date('M', $timestamp)));
+}
+// month name (long)
+else if ($format[$i] == 'F') {
+$out .= $this->gettext('long'.strtolower(date('M', $timestamp)));
+}
+else if ($format[$i] == 'x') {
+$out .= strftime('%x %X', $timestamp);
+}
+else {
+$out .= date($format[$i], $timestamp);
+}
+}
+if ($today) {
+$label = $this->gettext('today');
+// replcae $ character with "Today" label (#1486120)
+if (strpos($out, '$') !== false) {
+$out = preg_replace('/\$/', $label, $out, 1);
+}
+else {
+$out = $label . ' ' . $out;
+}
+}
+if ($stz) {
+date_default_timezone_set($stz);
+}
+return $out;
+}
+/**
+* Return folders list in HTML
+*
+* @param array $attrib Named parameters
+*
+* @return string HTML code for the gui object
+*/
+public function folder_list($attrib)
+{
+static $a_mailboxes;
+$attrib += array('maxlength' => 100, 'realnames' => false, 'unreadwrap' => ' (%s)');
+$type = $attrib['type'] ? $attrib['type'] : 'ul';
+unset($attrib['type']);
+if ($type == 'ul' && !$attrib['id']) {
+$attrib['id'] = 'rcmboxlist';
+}
+if (empty($attrib['folder_name'])) {
+$attrib['folder_name'] = '*';
+}
+// get current folder
+$storage   = $this->get_storage();
+$mbox_name = $storage->get_folder();
+// build the folders tree
+if (empty($a_mailboxes)) {
+// get mailbox list
+$a_folders = $storage->list_folders_subscribed(
+'', $attrib['folder_name'], $attrib['folder_filter']);
+$delimiter = $storage->get_hierarchy_delimiter();
+$a_mailboxes = array();
+foreach ($a_folders as $folder) {
+$this->build_folder_tree($a_mailboxes, $folder, $delimiter);
+}
+}
+// allow plugins to alter the folder tree or to localize folder names
+$hook = $this->plugins->exec_hook('render_mailboxlist', array(
+'list'      => $a_mailboxes,
+'delimiter' => $delimiter,
+'type'      => $type,
+'attribs'   => $attrib,
+));
+$a_mailboxes = $hook['list'];
+$attrib      = $hook['attribs'];
+if ($type == 'select') {
+$attrib['is_escaped'] = true;
+$select = new html_select($attrib);
+// add no-selection option
+if ($attrib['noselection']) {
+$select->add(html::quote($this->gettext($attrib['noselection'])), '');
+}
+$this->render_folder_tree_select($a_mailboxes, $mbox_name, $attrib['maxlength'], $select, $attrib['realnames']);
+$out = $select->show($attrib['default']);
+}
+else {
+$js_mailboxlist = array();
+$tree = $this->render_folder_tree_html($a_mailboxes, $mbox_name, $js_mailboxlist, $attrib);
+if ($type != 'js') {
+$out = html::tag('ul', $attrib, $tree, html::$common_attrib);
+$this->output->include_script('treelist.js');
+$this->output->add_gui_object('mailboxlist', $attrib['id']);
+$this->output->set_env('unreadwrap', $attrib['unreadwrap']);
+$this->output->set_env('collapsed_folders', (string) $this->config->get('collapsed_folders'));
+}
+$this->output->set_env('mailboxes', $js_mailboxlist);
+// we can't use object keys in javascript because they are unordered
+// we need sorted folders list for folder-selector widget
+$this->output->set_env('mailboxes_list', array_keys($js_mailboxlist));
+}
+// add some labels to client
+$this->output->add_label('purgefolderconfirm', 'deletemessagesconfirm');
+return $out;
+}
+/**
+* Return folders list as html_select object
+*
+* @param array $p Named parameters
+*
+* @return html_select HTML drop-down object
+*/
+public function folder_selector($p = array())
+{
+$realnames = $this->config->get('show_real_foldernames');
+$p += array('maxlength' => 100, 'realnames' => $realnames, 'is_escaped' => true);
+$a_mailboxes = array();
+$storage = $this->get_storage();
+if (empty($p['folder_name'])) {
+$p['folder_name'] = '*';
+}
+if ($p['unsubscribed']) {
+$list = $storage->list_folders('', $p['folder_name'], $p['folder_filter'], $p['folder_rights']);
+}
+else {
+$list = $storage->list_folders_subscribed('', $p['folder_name'], $p['folder_filter'], $p['folder_rights']);
+}
+$delimiter = $storage->get_hierarchy_delimiter();
+if (!empty($p['exceptions'])) {
+$list = array_diff($list, (array) $p['exceptions']);
+}
+if (!empty($p['additional'])) {
+foreach ($p['additional'] as $add_folder) {
+$add_items = explode($delimiter, $add_folder);
+$folder    = '';
+while (count($add_items)) {
+$folder .= array_shift($add_items);
+// @TODO: sorting
+if (!in_array($folder, $list)) {
+$list[] = $folder;
+}
+$folder .= $delimiter;
+}
+}
+}
+foreach ($list as $folder) {
+$this->build_folder_tree($a_mailboxes, $folder, $delimiter);
+}
+$select = new html_select($p);
+if ($p['noselection']) {
+$select->add(html::quote($p['noselection']), '');
+}
+$this->render_folder_tree_select($a_mailboxes, $mbox, $p['maxlength'], $select, $p['realnames'], 0, $p);
+return $select;
+}
+/**
+* Create a hierarchical array of the mailbox list
+*/
+public function build_folder_tree(&$arrFolders, $folder, $delm = '/', $path = '')
+{
+// Handle namespace prefix
+$prefix = '';
+if (!$path) {
+$n_folder = $folder;
+$folder   = $this->storage->mod_folder($folder);
+if ($n_folder != $folder) {
+$prefix = substr($n_folder, 0, -strlen($folder));
+}
+}
+$pos = strpos($folder, $delm);
+if ($pos !== false) {
+$subFolders    = substr($folder, $pos+1);
+$currentFolder = substr($folder, 0, $pos);
+// sometimes folder has a delimiter as the last character
+if (!strlen($subFolders)) {
+$virtual = false;
+}
+else if (!isset($arrFolders[$currentFolder])) {
+$virtual = true;
+}
+else {
+$virtual = $arrFolders[$currentFolder]['virtual'];
+}
+}
+else {
+$subFolders    = false;
+$currentFolder = $folder;
+$virtual       = false;
+}
+$path .= $prefix . $currentFolder;
+if (!isset($arrFolders[$currentFolder])) {
+$arrFolders[$currentFolder] = array(
+'id'      => $path,
+'name'    => rcube_charset::convert($currentFolder, 'UTF7-IMAP'),
+'virtual' => $virtual,
+'folders' => array()
+);
+}
+else {
+$arrFolders[$currentFolder]['virtual'] = $virtual;
+}
+if (strlen($subFolders)) {
+$this->build_folder_tree($arrFolders[$currentFolder]['folders'], $subFolders, $delm, $path.$delm);
+}
+}
+/**
+* Return html for a structured list &lt;ul&gt; for the mailbox tree
+*/
+public function render_folder_tree_html(&$arrFolders, &$mbox_name, &$jslist, $attrib, $nestLevel = 0)
+{
+$maxlength = intval($attrib['maxlength']);
+$realnames = (bool)$attrib['realnames'];
+$msgcounts = $this->storage->get_cache('messagecount');
+$collapsed = $this->config->get('collapsed_folders');
+$realnames = $this->config->get('show_real_foldernames');
+$out = '';
+foreach ($arrFolders as $folder) {
+$title        = null;
+$folder_class = $this->folder_classname($folder['id']);
+$is_collapsed = strpos($collapsed, '&'.rawurlencode($folder['id']).'&') !== false;
+$unread       = $msgcounts ? intval($msgcounts[$folder['id']]['UNSEEN']) : 0;
+if ($folder_class && !$realnames) {
+$foldername = $this->gettext($folder_class);
+}
+else {
+$foldername = $folder['name'];
+// shorten the folder name to a given length
+if ($maxlength && $maxlength > 1) {
+$fname = abbreviate_string($foldername, $maxlength);
+if ($fname != $foldername) {
+$title = $foldername;
+}
+$foldername = $fname;
+}
+}
+// make folder name safe for ids and class names
+$folder_id = rcube_utils::html_identifier($folder['id'], true);
+$classes   = array('mailbox');
+// set special class for Sent, Drafts, Trash and Junk
+if ($folder_class) {
+$classes[] = $folder_class;
+}
+if ($folder['id'] == $mbox_name) {
+$classes[] = 'selected';
+}
+if ($folder['virtual']) {
+$classes[] = 'virtual';
+}
+else if ($unread) {
+$classes[] = 'unread';
+}
+$js_name     = $this->JQ($folder['id']);
+$html_name   = $this->Q($foldername) . ($unread ? html::span('unreadcount', sprintf($attrib['unreadwrap'], $unread)) : '');
+$link_attrib = $folder['virtual'] ? array() : array(
+'href'    => $this->url(array('_mbox' => $folder['id'])),
+'onclick' => sprintf("return %s.command('list','%s',this,event)", rcmail_output::JS_OBJECT_NAME, $js_name),
+'rel'     => $folder['id'],
+'title'   => $title,
+);
+$out .= html::tag('li', array(
+'id'      => "rcmli" . $folder_id,
+'class'   => join(' ', $classes),
+'noclose' => true
+),
+html::a($link_attrib, $html_name));
+if (!empty($folder['folders'])) {
+$out .= html::div('treetoggle ' . ($is_collapsed ? 'collapsed' : 'expanded'), '&nbsp;');
+}
+$jslist[$folder['id']] = array(
+'id'      => $folder['id'],
+'name'    => $foldername,
+'virtual' => $folder['virtual'],
+);
+if (!empty($folder_class)) {
+$jslist[$folder['id']]['class'] = $folder_class;
+}
+if (!empty($folder['folders'])) {
+$out .= html::tag('ul', array('style' => ($is_collapsed ? "display:none;" : null)),
+$this->render_folder_tree_html($folder['folders'], $mbox_name, $jslist, $attrib, $nestLevel+1));
+}
+$out .= "</li>\n";
+}
+return $out;
+}
+/**
+* Return html for a flat list <select> for the mailbox tree
+*/
+public function render_folder_tree_select(&$arrFolders, &$mbox_name, $maxlength, &$select, $realnames = false, $nestLevel = 0, $opts = array())
+{
+$out = '';
+foreach ($arrFolders as $folder) {
+// skip exceptions (and its subfolders)
+if (!empty($opts['exceptions']) && in_array($folder['id'], $opts['exceptions'])) {
+continue;
+}
+// skip folders in which it isn't possible to create subfolders
+if (!empty($opts['skip_noinferiors'])) {
+$attrs = $this->storage->folder_attributes($folder['id']);
+if ($attrs && in_array_nocase('\\Noinferiors', $attrs)) {
+continue;
+}
+}
+if (!$realnames && ($folder_class = $this->folder_classname($folder['id']))) {
+$foldername = $this->gettext($folder_class);
+}
+else {
+$foldername = $folder['name'];
+// shorten the folder name to a given length
+if ($maxlength && $maxlength > 1) {
+$foldername = abbreviate_string($foldername, $maxlength);
+}
+}
+$select->add(str_repeat('&nbsp;', $nestLevel*4) . html::quote($foldername), $folder['id']);
+if (!empty($folder['folders'])) {
+$out .= $this->render_folder_tree_select($folder['folders'], $mbox_name, $maxlength,
+$select, $realnames, $nestLevel+1, $opts);
+}
+}
+return $out;
+}
+/**
+* Return internal name for the given folder if it matches the configured special folders
+*/
+public function folder_classname($folder_id)
+{
+if ($folder_id == 'INBOX') {
+return 'inbox';
+}
+// for these mailboxes we have localized labels and css classes
+foreach (array('sent', 'drafts', 'trash', 'junk') as $smbx)
+{
+if ($folder_id === $this->config->get($smbx.'_mbox')) {
+return $smbx;
+}
+}
+}
+/**
+* Try to localize the given IMAP folder name.
+* UTF-7 decode it in case no localized text was found
+*
+* @param string $name        Folder name
+* @param bool   $with_path   Enable path localization
+* @param bool   $path_remove Remove the path
+*
+* @return string Localized folder name in UTF-8 encoding
+*/
+public function localize_foldername($name, $with_path = false, $path_remove = false)
+{
+$realnames = $this->config->get('show_real_foldernames');
+if (!$realnames && ($folder_class = $this->folder_classname($name))) {
+return $this->gettext($folder_class);
+}
+$storage   = $this->get_storage();
+$delimiter = $storage->get_hierarchy_delimiter();
+// Remove the path
+if ($path_remove) {
+if (strpos($name, $delimiter)) {
+$path = explode($delimiter, $name);
+$name = array_pop($path);
+}
+}
+// try to localize path of the folder
+else if ($with_path && !$realnames) {
+$path  = explode($delimiter, $name);
+$count = count($path);
+if ($count > 1) {
+for ($i = 1; $i < $count; $i++) {
+$folder = implode($delimiter, array_slice($path, 0, -$i));
+if ($folder_class = $this->folder_classname($folder)) {
+$name = implode($delimiter, array_slice($path, $count - $i));
+$name = rcube_charset::convert($name, 'UTF7-IMAP');
+return $this->gettext($folder_class) . $delimiter . $name;
+}
+}
+}
+}
+return rcube_charset::convert($name, 'UTF7-IMAP');
+}
+/**
+* Localize folder path
+*/
+public function localize_folderpath($path)
+{
+$protect_folders = $this->config->get('protect_default_folders');
+$delimiter       = $this->storage->get_hierarchy_delimiter();
+$path            = explode($delimiter, $path);
+$result          = array();
+foreach ($path as $idx => $dir) {
+$directory = implode($delimiter, array_slice($path, 0, $idx+1));
+if ($protect_folders && $this->storage->is_special_folder($directory)) {
+unset($result);
+$result[] = $this->localize_foldername($directory);
+}
+else {
+$result[] = rcube_charset::convert($dir, 'UTF7-IMAP');
+}
+}
+return implode($delimiter, $result);
+}
+/**
+* Return HTML for quota indicator object
+*
+* @param array $attrib Named parameters
+*
+* @return string HTML code for the quota indicator object
+*/
+public static function quota_display($attrib)
+{
+$rcmail = rcmail::get_instance();
+if (!$attrib['id']) {
+$attrib['id'] = 'rcmquotadisplay';
+}
+$_SESSION['quota_display'] = !empty($attrib['display']) ? $attrib['display'] : 'text';
+$rcmail->output->add_gui_object('quotadisplay', $attrib['id']);
+$quota = $rcmail->quota_content($attrib);
+$rcmail->output->add_script('rcmail.set_quota('.rcube_output::json_serialize($quota).');', 'docready');
+return html::span($attrib, '&nbsp;');
+}
+/**
+* Return (parsed) quota information
+*
+* @param array $attrib Named parameters
+* @param array $folder Current folder
+*
+* @return array Quota information
+*/
+public function quota_content($attrib = null, $folder = null)
+{
+$quota = $this->storage->get_quota($folder);
+$quota = $this->plugins->exec_hook('quota', $quota);
+$quota_result           = (array) $quota;
+$quota_result['type']   = isset($_SESSION['quota_display']) ? $_SESSION['quota_display'] : '';
+$quota_result['folder'] = $folder !== null && $folder !== '' ? $folder : 'INBOX';
+if ($quota['total'] > 0) {
+if (!isset($quota['percent'])) {
+$quota_result['percent'] = min(100, round(($quota['used']/max(1,$quota['total']))*100));
+}
+$title = sprintf('%s / %s (%.0f%%)',
+$this->show_bytes($quota['used'] * 1024),
+$this->show_bytes($quota['total'] * 1024),
+$quota_result['percent']
+);
+$quota_result['title'] = $title;
+if ($attrib['width']) {
+$quota_result['width'] = $attrib['width'];
+}
+if ($attrib['height']) {
+$quota_result['height'] = $attrib['height'];
+}
+// build a table of quota types/roots info
+if (($root_cnt = count($quota_result['all'])) > 1 || count($quota_result['all'][key($quota_result['all'])]) > 1) {
+$table = new html_table(array('cols' => 3, 'class' => 'quota-info'));
+$table->add_header(null, self::Q($this->gettext('quotatype')));
+$table->add_header(null, self::Q($this->gettext('quotatotal')));
+$table->add_header(null, self::Q($this->gettext('quotaused')));
+foreach ($quota_result['all'] as $root => $data) {
+if ($root_cnt > 1 && $root) {
+$table->add(array('colspan' => 3, 'class' => 'root'), self::Q($root));
+}
+if ($storage = $data['storage']) {
+$percent = min(100, round(($storage['used']/max(1,$storage['total']))*100));
+$table->add('name', self::Q($this->gettext('quotastorage')));
+$table->add(null, $this->show_bytes($storage['total'] * 1024));
+$table->add(null, sprintf('%s (%.0f%%)', $this->show_bytes($storage['used'] * 1024), $percent));
+}
+if ($message = $data['message']) {
+$percent = min(100, round(($message['used']/max(1,$message['total']))*100));
+$table->add('name', self::Q($this->gettext('quotamessage')));
+$table->add(null, intval($message['total']));
+$table->add(null, sprintf('%d (%.0f%%)', $message['used'], $percent));
+}
+}
+$quota_result['table'] = $table->show();
+}
+}
+else {
+$unlimited               = $this->config->get('quota_zero_as_unlimited');
+$quota_result['title']   = $this->gettext($unlimited ? 'unlimited' : 'unknown');
+$quota_result['percent'] = 0;
+}
+// cleanup
+unset($quota_result['abort']);
+if (empty($quota_result['table'])) {
+unset($quota_result['all']);
+}
+return $quota_result;
+}
+/**
+* Outputs error message according to server error/response codes
+*
+* @param string $fallback      Fallback message label
+* @param array  $fallback_args Fallback message label arguments
+* @param string $suffix        Message label suffix
+* @param array  $params        Additional parameters (type, prefix)
+*/
+public function display_server_error($fallback = null, $fallback_args = null, $suffix = '', $params = array())
+{
+$err_code = $this->storage->get_error_code();
+$res_code = $this->storage->get_response_code();
+$args     = array();
+if ($res_code == rcube_storage::NOPERM) {
+$error = 'errornoperm';
+}
+else if ($res_code == rcube_storage::READONLY) {
+$error = 'errorreadonly';
+}
+else if ($res_code == rcube_storage::OVERQUOTA) {
+$error = 'erroroverquota';
+}
+else if ($err_code && ($err_str = $this->storage->get_error_str())) {
+// try to detect access rights problem and display appropriate message
+if (stripos($err_str, 'Permission denied') !== false) {
+$error = 'errornoperm';
+}
+// try to detect full mailbox problem and display appropriate message
+// there can be e.g. "Quota exceeded" / "quotum would exceed" / "Over quota"
+else if (stripos($err_str, 'quot') !== false && preg_match('/exceed|over/i', $err_str)) {
+$error = 'erroroverquota';
+}
+else {
+$error = 'servererrormsg';
+$args  = array('msg' => rcube::Q($err_str));
+}
+}
+else if ($err_code < 0) {
+$error = 'storageerror';
+}
+else if ($fallback) {
+$error = $fallback;
+$args  = $fallback_args;
+$params['prefix'] = false;
+}
+if ($error) {
+if ($suffix && $this->text_exists($error . $suffix)) {
+$error .= $suffix;
+}
+$msg = $this->gettext(array('name' => $error, 'vars' => $args));
+if ($params['prefix'] && $fallback) {
+$msg = $this->gettext(array('name' => $fallback, 'vars' => $fallback_args)) . ' ' . $msg;
+}
+$this->output->show_message($msg, $params['type'] ?: 'error');
+}
+}
+/**
+* Output HTML editor scripts
+*
+* @param string $mode Editor mode
+*/
+public function html_editor($mode = '')
+{
+$spellcheck       = intval($this->config->get('enable_spellcheck'));
+$spelldict        = intval($this->config->get('spellcheck_dictionary'));
+$disabled_plugins = array();
+$disabled_buttons = array();
+$extra_plugins    = array();
+$extra_buttons    = array();
+if (!$spellcheck) {
+$disabled_plugins[] = 'spellchecker';
+}
+$hook = $this->plugins->exec_hook('html_editor', array(
+'mode'             => $mode,
+'disabled_plugins' => $disabled_plugins,
+'disabled_buttons' => $disabled_buttons,
+'extra_plugins' => $extra_plugins,
+'extra_buttons' => $extra_buttons,
+));
+if ($hook['abort']) {
+return;
+}
+$lang_codes = array($_SESSION['language']);
+$assets_dir = $this->config->get('assets_dir') ?: INSTALL_PATH;
+if ($pos = strpos($_SESSION['language'], '_')) {
+$lang_codes[] = substr($_SESSION['language'], 0, $pos);
+}
+foreach ($lang_codes as $code) {
+if (file_exists("$assets_dir/program/js/tinymce/langs/$code.js")) {
+$lang = $code;
+break;
+}
+}
+if (empty($lang)) {
+$lang = 'en';
+}
+$config = array(
+'mode'       => $mode,
+'lang'       => $lang,
+'skin_path'  => $this->output->get_skin_path(),
+'spellcheck' => $spellcheck, // deprecated
+'spelldict'  => $spelldict,
+'disabled_plugins' => $hook['disabled_plugins'],
+'disabled_buttons' => $hook['disabled_buttons'],
+'extra_plugins'    => $hook['extra_plugins'],
+'extra_buttons'    => $hook['extra_buttons'],
+);
+$this->output->add_label('selectimage', 'addimage', 'selectmedia', 'addmedia');
+$this->output->set_env('editor_config', $config);
+$this->output->include_css('program/resources/tinymce/browser.css');
+$this->output->include_script('tinymce/tinymce.min.js');
+$this->output->include_script('editor.js');
+}
+/**
+* File upload progress handler.
+*/
+public function upload_progress()
+{
+$params = array(
+'action' => $this->action,
+'name'   => rcube_utils::get_input_value('_progress', rcube_utils::INPUT_GET),
+);
+if (function_exists('uploadprogress_get_info')) {
+$status = uploadprogress_get_info($params['name']);
+if (!empty($status)) {
+$params['current'] = $status['bytes_uploaded'];
+$params['total']   = $status['bytes_total'];
+}
+}
+if (!isset($status) && filter_var(ini_get('apc.rfc1867'), FILTER_VALIDATE_BOOLEAN)
+&& ini_get('apc.rfc1867_name')
+) {
+$prefix = ini_get('apc.rfc1867_prefix');
+$status = apc_fetch($prefix . $params['name']);
+if (!empty($status)) {
+$params['current'] = $status['current'];
+$params['total']   = $status['total'];
+}
+}
+if (!isset($status) && filter_var(ini_get('session.upload_progress.enabled'), FILTER_VALIDATE_BOOLEAN)
+&& ini_get('session.upload_progress.name')
+) {
+$key = ini_get('session.upload_progress.prefix') . $params['name'];
+$params['total']   = $_SESSION[$key]['content_length'];
+$params['current'] = $_SESSION[$key]['bytes_processed'];
+}
+if (!empty($params['total'])) {
+$total = $this->show_bytes($params['total'], $unit);
+switch ($unit) {
+case 'GB':
+$gb      = $params['current']/1073741824;
+$current = sprintf($gb >= 10 ? "%d" : "%.1f", $gb);
+break;
+case 'MB':
+$mb      = $params['current']/1048576;
+$current = sprintf($mb >= 10 ? "%d" : "%.1f", $mb);
+break;
+case 'KB':
+$current = round($params['current']/1024);
+break;
+case 'B':
+default:
+$current = $params['current'];
+break;
+}
+$params['percent'] = round($params['current']/$params['total']*100);
+$params['text']    = $this->gettext(array(
+'name' => 'uploadprogress',
+'vars' => array(
+'percent' => $params['percent'] . '%',
+'current' => $current,
+'total'   => $total
+)
+));
+}
+$this->output->command('upload_progress_update', $params);
+$this->output->send();
+}
+/**
+* Initializes file uploading interface.
+*
+* @param int $max_size Optional maximum file size in bytes
+*
+* @return string Human-readable file size limit
+*/
+public function upload_init($max_size = null)
+{
+// Enable upload progress bar
+if ($seconds = $this->config->get('upload_progress')) {
+if (function_exists('uploadprogress_get_info')) {
+$field_name = 'UPLOAD_IDENTIFIER';
+}
+if (!$field_name && filter_var(ini_get('apc.rfc1867'), FILTER_VALIDATE_BOOLEAN)) {
+$field_name = ini_get('apc.rfc1867_name');
+}
+if (!$field_name && filter_var(ini_get('session.upload_progress.enabled'), FILTER_VALIDATE_BOOLEAN)) {
+$field_name = ini_get('session.upload_progress.name');
+}
+if ($field_name) {
+$this->output->set_env('upload_progress_name', $field_name);
+$this->output->set_env('upload_progress_time', (int) $seconds);
+}
+}
+// find max filesize value
+$max_filesize = rcube_utils::max_upload_size();
+if ($max_size && $max_size < $max_filesize) {
+$max_filesize = $max_size;
+}
+$max_filesize_txt = $this->show_bytes($max_filesize);
+$this->output->set_env('max_filesize', $max_filesize);
+$this->output->set_env('filesizeerror', $this->gettext(array(
+'name' => 'filesizeerror', 'vars' => array('size' => $max_filesize_txt))));
+if ($max_filecount = ini_get('max_file_uploads')) {
+$this->output->set_env('max_filecount', $max_filecount);
+$this->output->set_env('filecounterror', $this->gettext(array(
+'name' => 'filecounterror', 'vars' => array('count' => $max_filecount))));
+}
+return $max_filesize_txt;
+}
+/**
+* Upload form object
+*
+* @param array  $attrib     Object attributes
+* @param string $name       Form object name
+* @param string $action     Form action name
+* @param array  $input_attr File input attributes
+*
+* @return string HTML output
+*/
+public function upload_form($attrib, $name, $action, $input_attr = array())
+{
+// Get filesize, enable upload progress bar
+$max_filesize = $this->upload_init();
+$hint = html::div('hint', $this->gettext(array('name' => 'maxuploadsize', 'vars' => array('size' => $max_filesize))));
+if ($attrib['mode'] == 'hint') {
+return $hint;
+}
+// set defaults
+$attrib += array('id' => 'rcmUploadbox', 'buttons' => 'yes');
+$event   = rcmail_output::JS_OBJECT_NAME . ".command('$action', this.form)";
+$form_id = $attrib['id'] . 'Frm';
+// Default attributes of file input and form
+$input_attr += array(
+'id'   => $attrib['id'] . 'Input',
+'type' => 'file',
+'name' => '_attachments[]',
+);
+$form_attr = array(
+'id'      => $form_id,
+'name'    => $name,
+'method'  => 'post',
+'enctype' => 'multipart/form-data'
+);
+if ($attrib['mode'] == 'smart') {
+unset($attrib['buttons']);
+$form_attr['class'] = 'smart-upload';
+$input_attr = array_merge($input_attr, array(
+// #5854: Chrome does not execute onchange when selecting the same file.
+//        To fix this we reset the input using null value.
+'onchange' => "$event; this.value=null",
+'class'    => 'smart-upload',
+'tabindex' => '-1',
+));
+}
+$input   = new html_inputfield($input_attr);
+$content = $attrib['prefix'] . $input->show();
+if ($attrib['mode'] != 'smart') {
+$content  = html::div(null, $content);
+$content .= $hint;
+}
+if (rcube_utils::get_boolean($attrib['buttons'])) {
+$button   = new html_inputfield(array('type' => 'button'));
+$content .= html::div('buttons',
+$button->show($this->gettext('close'), array('class' => 'button', 'onclick' => "$('#{$attrib['id']}').hide()")) . ' ' .
+$button->show($this->gettext('upload'), array('class' => 'button mainaction', 'onclick' => $event))
+);
+}
+$this->output->add_gui_object($name, $form_id);
+return html::div($attrib, $this->output->form_tag($form_attr, $content));
+}
+/**
+* Outputs uploaded file content (with image thumbnails support
+*
+* @param array $file Upload file data
+*/
+public function display_uploaded_file($file)
+{
+if (empty($file)) {
+return;
+}
+$file = $this->plugins->exec_hook('attachment_display', $file);
+if ($file['status']) {
+if (empty($file['size'])) {
+$file['size'] = $file['data'] ? strlen($file['data']) : @filesize($file['path']);
+}
+// generate image thumbnail for file browser in HTML editor
+if (!empty($_GET['_thumbnail'])) {
+$temp_dir       = $this->config->get('temp_dir');
+$thumbnail_size = 80;
+$mimetype       = $file['mimetype'];
+$file_ident     = $file['id'] . ':' . $file['mimetype'] . ':' . $file['size'];
+$cache_basename = $temp_dir . '/' . md5($file_ident . ':' . $this->user->ID . ':' . $thumbnail_size);
+$cache_file     = $cache_basename . '.thumb';
+// render thumbnail image if not done yet
+if (!is_file($cache_file)) {
+if (!$file['path']) {
+$orig_name = $filename = $cache_basename . '.tmp';
+file_put_contents($orig_name, $file['data']);
+}
+else {
+$filename = $file['path'];
+}
+$image = new rcube_image($filename);
+if ($imgtype = $image->resize($thumbnail_size, $cache_file, true)) {
+$mimetype = 'image/' . $imgtype;
+if ($orig_name) {
+unlink($orig_name);
+}
+}
+}
+if (is_file($cache_file)) {
+// cache for 1h
+$this->output->future_expire_header(3600);
+header('Content-Type: ' . $mimetype);
+header('Content-Length: ' . filesize($cache_file));
+readfile($cache_file);
+exit;
+}
+}
+header('Content-Type: ' . $file['mimetype']);
+header('Content-Length: ' . $file['size']);
+if ($file['data']) {
+echo $file['data'];
+}
+else if ($file['path']) {
+readfile($file['path']);
+}
+}
+}
+/**
+* Initializes client-side autocompletion.
+*/
+public function autocomplete_init()
+{
+static $init;
+if ($init) {
+return;
+}
+$init = 1;
+if (($threads = (int)$this->config->get('autocomplete_threads')) > 0) {
+$book_types = (array) $this->config->get('autocomplete_addressbooks', 'sql');
+if (count($book_types) > 1) {
+$this->output->set_env('autocomplete_threads', $threads);
+$this->output->set_env('autocomplete_sources', $book_types);
+}
+}
+$this->output->set_env('autocomplete_max', (int)$this->config->get('autocomplete_max', 15));
+$this->output->set_env('autocomplete_min_length', $this->config->get('autocomplete_min_length'));
+$this->output->add_label('autocompletechars', 'autocompletemore');
+}
+/**
+* Returns supported font-family specifications
+*
+* @param string $font Font name
+*
+* @param string|array Font-family specification array or string (if $font is used)
+*/
+public static function font_defs($font = null)
+{
+$fonts = array(
+'Andale Mono'   => '"Andale Mono",Times,monospace',
+'Arial'         => 'Arial,Helvetica,sans-serif',
+'Arial Black'   => '"Arial Black","Avant Garde",sans-serif',
+'Book Antiqua'  => '"Book Antiqua",Palatino,serif',
+'Courier New'   => '"Courier New",Courier,monospace',
+'Georgia'       => 'Georgia,Palatino,serif',
+'Helvetica'     => 'Helvetica,Arial,sans-serif',
+'Impact'        => 'Impact,Chicago,sans-serif',
+'Tahoma'        => 'Tahoma,Arial,Helvetica,sans-serif',
+'Terminal'      => 'Terminal,Monaco,monospace',
+'Times New Roman' => '"Times New Roman",Times,serif',
+'Trebuchet MS'  => '"Trebuchet MS",Geneva,sans-serif',
+'Verdana'       => 'Verdana,Geneva,sans-serif',
+);
+if ($font) {
+return $fonts[$font];
+}
+return $fonts;
+}
+/**
+* Create a human readable string for a number of bytes
+*
+* @param int    $bytes Number of bytes
+* @param string &$unit Size unit
+*
+* @return string Byte string
+*/
+public function show_bytes($bytes, &$unit = null)
+{
+if ($bytes >= 1073741824) {
+$unit = 'GB';
+$gb   = $bytes/1073741824;
+$str  = sprintf($gb >= 10 ? "%d " : "%.1f ", $gb) . $this->gettext($unit);
+}
+else if ($bytes >= 1048576) {
+$unit = 'MB';
+$mb   = $bytes/1048576;
+$str  = sprintf($mb >= 10 ? "%d " : "%.1f ", $mb) . $this->gettext($unit);
+}
+else if ($bytes >= 1024) {
+$unit = 'KB';
+$str  = sprintf("%d ",  round($bytes/1024)) . $this->gettext($unit);
+}
+else {
+$unit = 'B';
+$str  = sprintf('%d ', $bytes) . $this->gettext($unit);
+}
+return $str;
+}
+/**
+* Returns real size (calculated) of the message part
+*
+* @param rcube_message_part $part Message part
+*
+* @return string Part size (and unit)
+*/
+public function message_part_size($part)
+{
+if (isset($part->d_parameters['size'])) {
+$size = $this->show_bytes((int)$part->d_parameters['size']);
+}
+else {
+$size = $part->size;
+if ($size === 0) {
+$part->exact_size = true;
+}
+if ($part->encoding == 'base64') {
+$size = $size / 1.33;
+}
+$size = $this->show_bytes($size);
+}
+if (!$part->exact_size) {
+$size = '~' . $size;
+}
+return $size;
+}
+/**
+* Returns message UID(s) and IMAP folder(s) from GET/POST data
+*
+* @param string $uids           UID value to decode
+* @param string $mbox           Default mailbox value (if not encoded in UIDs)
+* @param bool   $is_multifolder Will be set to True if multi-folder request
+*
+* @return array  List of message UIDs per folder
+*/
+public static function get_uids($uids = null, $mbox = null, &$is_multifolder = false)
+{
+// message UID (or comma-separated list of IDs) is provided in
+// the form of <ID>-<MBOX>[,<ID>-<MBOX>]*
+$_uid  = $uids ?: rcube_utils::get_input_value('_uid', rcube_utils::INPUT_GPC);
+$_mbox = $mbox ?: (string) rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_GPC);
+// already a hash array
+if (is_array($_uid) && !isset($_uid[0])) {
+return $_uid;
+}
+$result = array();
+// special case: *
+if ($_uid == '*' && is_object($_SESSION['search'][1]) && $_SESSION['search'][1]->multi) {
+$is_multifolder = true;
+// extract the full list of UIDs per folder from the search set
+foreach ($_SESSION['search'][1]->sets as $subset) {
+$mbox = $subset->get_parameters('MAILBOX');
+$result[$mbox] = $subset->get();
+}
+}
+else {
+if (is_string($_uid))
+$_uid = explode(',', $_uid);
+// create a per-folder UIDs array
+foreach ((array)$_uid as $uid) {
+list($uid, $mbox) = explode('-', $uid, 2);
+if (!strlen($mbox)) {
+$mbox = $_mbox;
+}
+else {
+$is_multifolder = true;
+}
+if ($uid == '*') {
+$result[$mbox] = $uid;
+}
+else {
+$result[$mbox][] = $uid;
+}
+}
+}
+return $result;
+}
+/**
+* Get resource file content (with assets_dir support)
+*
+* @param string $name File name
+*
+* @return string File content
+*/
+public function get_resource_content($name)
+{
+if (!strpos($name, '/')) {
+$name = "program/resources/$name";
+}
+$assets_dir = $this->config->get('assets_dir');
+if ($assets_dir) {
+$path = slashify($assets_dir) . $name;
+if (@file_exists($path)) {
+$name = $path;
+}
+}
+return file_get_contents($name, false);
+}
+/**
+* Converts HTML content into plain text
+*
+* @param string $html    HTML content
+* @param array  $options Conversion parameters (width, links, charset)
+*
+* @return string Plain text
+*/
+public function html2text($html, $options = array())
+{
+$default_options = array(
+'links'   => true,
+'width'   => 75,
+'body'    => $html,
+'charset' => RCUBE_CHARSET,
+);
+$options = array_merge($default_options, (array) $options);
+// Plugins may want to modify HTML in another/additional way
+$options = $this->plugins->exec_hook('html2text', $options);
+// Convert to text
+if (!$options['abort']) {
+$converter = new rcube_html2text($options['body'],
+false, $options['links'], $options['width'], $options['charset']);
+$options['body'] = rtrim($converter->get_text());
+}
+return $options['body'];
+}
+/**
+* Connect to the mail storage server with stored session data
+*
+* @return bool True on success, False on error
+*/
+public function storage_connect()
+{
+$storage = $this->get_storage();
+if ($_SESSION['storage_host'] && !$storage->is_connected()) {
+$host = $_SESSION['storage_host'];
+$user = $_SESSION['username'];
+$port = $_SESSION['storage_port'];
+$ssl  = $_SESSION['storage_ssl'];
+$pass = $this->decrypt($_SESSION['password']);
+if (!$storage->connect($host, $user, $pass, $port, $ssl)) {
+if (is_object($this->output)) {
+$this->output->show_message('storageerror', 'error');
+}
+}
+else {
+$this->set_storage_prop();
+}
+}
+return $storage->is_connected();
+}
+}

Mercurial > hg > rc2

comparison program/include/rcmail.php @ 0:4681f974d28b