No OneTemporary
Actions

Size

322 KB

Referenced Files

None

Subscribers

None

View Options

This file is larger than 256 KB, so syntax highlighting was skipped.

	diff --git a/CHANGELOG b/CHANGELOG
	index 3d0d60cc1..6926de5cb 100644
	--- a/CHANGELOG
	+++ b/CHANGELOG
	@@ -1,1675 +1,1676 @@
	CHANGELOG Roundcube Webmail
	===========================

	+- Canonize boolean ini_get() results (#1489189)
	- Cache LDAP's user_specific search and use vlv for better performance (#1489186)
	- LDAP: auto-detect and use VLV indices for all search operations
	- LDAP: additional group configuration options for address books
	- LDAP: separated address book implementation from a generic LDAP wrapper class
	- Allow address books to browse a multi-level group hierarchy in the contacts list
	- Fix so install do not fail when one of DB driver checks fails but other drivers exist (#1489178)
	- Fix so exported vCard specifies encoding in v3-compatible format (#1489183)
	- Fix session issues when local and database time differs (#1486132)
	- Fix thread cache syncronization/validation (#1489028)
	- Added feature to import messages to the currently selected folder
	- Add option show_real_foldernames to disable localization of special folders
	- Fix database cache expunge issues (#1489149)
	- Fix date format issues on MS SQL Server (#1488918)
	- Add imap_cache_ttl option to configure TTL of imap_cache
	- Make LDAP cache engine configurable via ldap_cache and ldap_cache_ttl options
	- Fix "duplicate entry" errors on inserts to imap cache tables (#1489146)
	- Improved handling of Reply-To/Bcc addresses of identity in compose form (#1489016)
	- Added user preference to open all popups as standard windows
	- Implemented shared cache (rcube_cache_shared)
	- Change Reply-All button label/title when mailing list is detected (#1488938)
	- Fix SMTP connection using IPv6 address in smtp_server option (#1489024)
	- Added attachment_reminder plugin
	- Make PHP code eval() free, use create_function()
	- Add option to display email address together with a name in mail preview (#1488732)
	- Support CSV import from Atmail (#1489045)
	- Add db_prefix configuration option in place of db_table_/db_sequence_ options
	- Make possible to use db_prefix for schema initialization in Installer (#1489067)
	- Fix updatedb.sh script so it recognizes also table prefix for external DDL files
	- Fix parsing invalid date string (#1489035)
	- Add "with attachment" option to messages list filter (#1485382)
	- Call resize handler in intervals to prevent lags and double onresize calls in Chrome (#1489005)
	- Add rel="noreferrer" for links in displayed messages (#1484686)
	- Add ability to toggle between HTML and text while viewing a message (#1486939)
	- Remove "HTML message" from attachments list while viewing a message in text mode (#1486939)
	- Support IMAP MOVE extension [RFC 6851]
	- Add attachment menu with Open and Download options (#1488975)
	- Display user-friendly message on IMAP "over quota" errors (#1484164)
	- Extended archive plugin with user-configurable options to store messages into subfolders
	- Fix export of selected contacts from search result (#1488905)
	- Feature to export only selected contacts from addressbook (by Phil Weir)

	RELEASE 0.9.2
	-------------
	- Fix image thumbnails display in print mode (#1489134)
	- Fix height of message headers block (#1489108)
	- Fix timeout issue on drag&drop uploads (#1489170)
	- Fix default sorting of threaded list when THREAD=REFS isn't supported
	- Fix list mode switch to 'List' after saving list settings in Larry skin (#1489164)
	- Fix error when there's no writeable addressbook source (#1489162)
	- Fix zipdownload plugin issue with filenames charset (#1489156)
	- Fix so non-inline images aren't skipped on forward (#1489150)
	- Fix "null" instead of empty string on messages list in IE10 (#1489145)
	- Fix legacy options handling
	- Fix so bounces addresses in Sender headers are skipped on Reply-All (#1489011)
	- Fix bug where serialized strings were truncated in PDO::quote() (#1489142)
	- Fix displaying messages with invalid self-closing HTML tags (#1489137)
	- Fix PHP warning when responding to a message with many Return-Path headers (#1489136)
	- Fix unintentional compose window resize (#1489114)
	- Fix performance regression in text wrapping function (#1489133)
	- Fix connection to posgtres db using unix socket (#1489132)
	- Fix handling of comma when adding contact from contacts widget (#1489107)
	- Fix bug where a message was opened in both preview pane and new window on double-click (#1489122)
	- Fix fatal error when xdebug.max_nesting_level was exceeded in rcube_washtml (#1489110)
	- Fix PHP warning in html_table::set_row_attribs() in PHP 5.4 (#1489094)
	- Fix invalid option selected in default_font selector when font is unset (#1489112)
	- Fix displaying contact with ID divisible by 100 in sql addressbook (#1489121)
	- Fix browser warnings on PDF plugin detection (#1489118)
	- Fix fatal error when parsing UUencoded messages (#1489119)

	RELEASE 0.9.1
	-------------
	- Better German labels for from/to to avoid conflicts with 'sender' (#1489084)
	- Fix problem where security warning was displayed for valid images with image/jpg type (#1489097)
	- Fix handling of invalid email addresses in headers (#1489092)
	- Fix IMAP connection issue with default_socket_timeout < 0 and imap_timeout < 0 (#1489090)
	- Fix various PHP code bugs found using static analysis (#1489086)
	- Fix backslash character handling on vCard import (#1489085)
	- Fix csv import from Thunderbird with French localization (#1489059)
	- Fix messages list focus issue in Opera and Webkit (#1489058)
	- Fix Reply-To header handling in Reply-All action (#1489037)
	- Fix so Sender: address is added to Cc: field on reply to all (#1489011)
	- Fix so addressbook_search_mode works also for group search (#1489079)
	- Fix removal of a contact from a group in LDAP addressbook (#1489081)
	- Inlcude SQL query in the log on SQL error (#1489064)
	- Fix handling untagged responses in IMAP FETCH - "could not load message" error (#1489074)
	- Fix very small window size in Chrome (#1488931)
	- Fix list page reset when viewing a message in Larry skin (#1489076)
	- Fix min_refresh_interval handling on preferences save (#1489073)
	- Fix PDF support detection for Firefox PDF.js (#1488972)
	- Fix possible collision in generated thumbnail cache key (#1489069)
	- Fix exit code on bootsrap errors in CLI mode (#1489044)
	- Fix error handling in CLI mode, use STDERR and non-empty exit code (#1489043)
	- Fix error when using check_referer=true
	- Fix incorrect handling of some specific links (#1489060)
	- Fix incorrect handling of leading spaces in text wrapping
	- Fix unintentional messages list jumps on click in Internet Explorer (#1489056)
	- Fix list of required configuration options (#1489055)
	- Fix DB error when creating a new contact and a group is selected (#1489051)
	- Fix handling of deprecated boolean value of reply_mode option (#1489052)

	RELEASE 0.9.0
	-------------
	- Fix display of HTML entities in protected folder name (#1489042)
	- Set minimal permissions to temp files (#1488996)
	- Improve content check for embedded images without filename (#1489029)
	- Fix handling of invalid characters in message headers and output (#1489032)
	- Fix selecting collapsed rows on select-all (#1489036)
	- Avoid race-conditions with concurrent attachment uploads (#1488422)
	- Fix possible header duplicates when using additional headers (#1489033)
	- Fix session issues with use_https=true (#1488986)
	- Fix blockquote width in sent mail (#1489031)
	- Fix keyboard events on list widgets in Internet Explorer (#1489025)

	RELEASE 0.9-rc2
	---------------
	- Fix security issue in save-pref command
	- Remove sig_above configuration option, use reply_mode only (#1489001)
	- Refresh current folder in opener window after draft save or message sent (#1488997)
	- Fix saving draft just after entering compose window (#1489012)
	- Fix javascript error in IE9 when loading form with placeholders into an iframe (#1489008)
	- Fix handling of some conditional comment tags in HTML message (#1489004)
	- Fix so forward as attachment works if additional attachment is added by message_compose hook (#1489000)
	- Better handling of session errors in ajax requests (#1488960)
	- Fix HTML part detection for some specific message structures (#1488992)
	- Don't show fake address - phishing prevention (#1488981)
	- Fix forward as attachment bug with editormode != 1 (#1488991)
	- Fix LIMIT/OFFSET queries handling on MS SQL Server (#1488984)
	- Fix so task name can really contain all from a-z0-9_- characters (#1488941)
	- Fix javascript errors when working in a page opened with taget="_blank"
	- Mention SQLite database format change in UPGRADING file (#1488983)
	- Increase maxlength to 254 chars for email input fields in addressbook (#1488987)
	- Fix thumbnail size when GD extension is used for image resize (#1488985)
	- Display notice that message is encrypted also for application/pkcs7-mime messages (#1488526)

	RELEASE 0.9-rc
	--------------
	- Fix plain text spellchecker incorrect highlighting in non-ASCII text (#1488973)
	- Add workaround for invalid message charset detection by IMAP servers (#1488968)
	- Fix NUL characters in content-type of ms-tnef attachment (#1488964)
	- Fix regression in handling LDAP contact identifiers (#1488959)
	- Updated translations from Transifex
	- Fix buggy error template in a frame (#1488938)
	- Add addressbook widget on compose page in classic skin
	- Add search box to compose address book widget (#1488381)
	- Fix login in case when default_host is an array with one element (#1488928)
	- Use LDAP fallback hosts on connect + bind instead of ldap_connect() only.
	- Add config option for LDAP bind timeout (sets LDAP_OPT_NETWORK_TIMEOUT option)
	- Submit Addressbook advanced search form with Enter key (#1488568)
	- Also block remote images in HTML part view (#1488827)
	- Improved database schema upgrade procedure, added updatedb.sh script
	- Force autocommit mode in mysql database driver (#1488902)

	RELEASE 0.9-beta
	----------------
	- Fix searching by date in address book (#1488888)
	- Improve charset detection by prioritizing charset according to user language (#1485669)
	- Fix handling of escaped separator in vCard file (#1488896)
	- Add option to use envelope From address for MDN responses (#1488880)
	- Add possibility to search in message body only (#1488770)
	- Support "multipart/relative" as an alias for "multipart/related" type (#1488886)
	- Display PGP/MIME signature attachments as "Digital Signature" (#1488570)
	- Workaround UW-IMAP bug where hierarchy separator is added to the shared folder name (#1488879)
	- Fix version comparisons with -stable suffix (#1488876)
	- Add unsupported alternative parts to attachments list (#1488870)
	- Add Compose button on message view page (#1488747)
	- Display 'Sender' header in message preview
	- Plugin API: Added message_before_send hook
	- Fix contact copy/add-to-group operations on search result (#1488862)
	- Use matching identity in MDN response (#1488864)
	- Fix handling of signatures on draft edit (#1488798)
	- Fix so compacting of non-empty folder is possible also when messages list is empty (#1488858)
	- Allow forwarding of multiple emails (#1486854)
	- Fix big memory consumption of DB layer (#1488856)
	- Fix broken message/part bodies when FETCH response contains more untagged lines (#1488836)
	- Fix empty email on identities list after identity update (#1488834)
	- Add new identities_level: (4) one identity with possibility to edit only signature
	- Use Delivered-To and Envelope-To headers for identity selection (#1488840, #1488553)
	- Fix XSS vulnerability using Flash files (#1488828)
	- Always save drafts with format=flowed in order to keep original line wraps (#1488799)
	- Select default_addressbook on the list in Address Book (#1488280)
	- Fix so mobile phone has TYPE=CELL in exported vCard (#1488812)
	- Support contacts import from CSV file (#1486399)
	- Improved keep-alive action. Now the interval is based on session_lifetime (#1488507)
	- Added cross-task 'refresh' request for system state updates (#1488507)
	- Renamed config options: keep_alive to refresh_interval, min_keep_alive to min_refresh_interval
	- Fix handling of text/enriched content on message reply/forward/edit
	- Option to display attached images as thumbnails below message body
	- Upgraded to jQuery 1.8.3 and jQuery UI 1.9.1
	- Add config option to automatically generate LDAP attributes for new entries
	- Add user settings to open message view and compose form in new windows (#1485486)
	- Better client-side timezone detection using the jsTimezoneDetect library (#1488725)
	- Add option to disable saving sent mail in Sent folder - no_save_sent_messages (#1488686)
	- Fix handling dont_override with message_sort_col and message_sort_order settings (#1488760)
	- Fix handling of URLs with asterisk characters (#1488759)
	- Remove automatic to-lowercase conversion of usernames (#1488715)
	- Plugin API: Add 'email_list' argument for identities data in user_create hook
	- Integrated zipdownload plugin to download all attachments (#1445509)
	- Fix HTML special characters handling in message list/header display (#1488523)
	- List related text/html part as attachment in plain text mode (#1488677)
	- Use IMAP BINARY (RFC3516) extension to fetch message/part bodies
	- Fix folder creation under public namespace root (#1488665)
	- Fix so "Edit as new" on draft creates a new message (#1488687)
	- Fix invalid error message on deleting mail from read only folder (#1488694)
	- Replace data URIs of images (pasted in HTML editor) with inline attachments (#1488502)
	- Remove (too big) min-width on mail screen
	- Added template object 'frame'
	- Add option to enable HTML editor on forwarding (#1488517)
	- Add option to not include original message on reply, rename option top_posting to reply_mode (#1485149)
	- Added session_path config option and unified cookies settings in javascript
	- Added "Undeleted" option to messages list filter
	- Rewritten test scripts for PHPUnit
	- Add new DB abstraction layer based on PHP PDO, supporting SQLite3 (#1488332)
	- Removed PEAR::MDB2 package
	- Removed users.alias column, added option ('user_aliases')
	to use email address from identities as username (#1488581)
	- Removed redundant cache.cache_id column (#1488528)
	- Fix order of attachments in sent mail (#1488423)
	- Fix Shift + delete button does not permanently delete messages (#1488243)
	- Add Content-Length for attachments where possible (#1485478)
	- Fix attachment sizes in message print page and attachment preview page (#1488515)
	- Add mail attachments using drag & drop on HTML5 enabled browsers
	- Add workaround for invalid BODYSTRUCTURE response - parse message with Mail_mimeDecode package (#1485585)
	- Display Tiff as Jpeg in browsers without Tiff support (#1488452)
	- Don't display Pdf/Tiff/Flash attachments inline without browser support (#1488452, #1487929)
	- Add is_escaped attribute for html_select and html_textarea (#1488485)
	- Fix issue where draft auto-save wasn't executed after some inactivity time
	- Add vCard import from multiple files at once (#1488015)
	- Roundcube Framework:
	Add possibility to replace IMAP driver with custom class
	Add IMAP auto-connection feature, improving performance with caching enabled
	Replace imap_init hook with storage_init (with additional 'driver' argument)
	Improved performance by caching IMAP server's capabilities in session
	Unified global functions naming (rcube_ prefix)
	Better classes separation
	Framework files moved to lib/Roundcube

	RELEASE 0.8.5
	-------------
	- Fix #countcontrols issue in IE<=8 when text is very long (#1488890)
	- Fix unwanted horizontal scrollbar in message preview header (#1488866)
	- Add workaround for IE<=8 bug where Content-Disposition:inline was ignored (#1488844)
	- Fix XSS vulnerability in vbscript: and data:text links handling (#1488850)
	- Fix absolute positioning in HTML messages (#1488819)
	- Fix cache (in)validation after setting \Deleted flag
	- Fix keybord events on messages list in opera browser (#1488823)
	- Fix selection of collapsed thread rows (#1488772)
	- Fix wrapping of quoted text with format=flowed (#1488177)

	RELEASE 0.8.4
	-------------
	- Fix regression where unintentional page reload was done after request abort (#1488802)
	- Fix XSS vulnerability in handling of text/enriched messages (#1488806)
	- Fix handling of 'media' attribute on linked css (#1488789)
	- Fix excessive LFs at the end of composed message with top_posting=true (#1488797)
	- Fix bug where leading blanks were stripped from quoted lines (#1488795)

	RELEASE 0.8.3
	-------------
	- Fix AREA links handling (#1488792)
	- Fix possible HTTP DoS on error in keep-alive requests (#1488782)
	- Fix compatybility with MDB2 2.5.0b4 (#1488779)
	- Fix a bug where saving a message in INBOX wasn't possible
	- Fix HTML part detection in messages with attachments (#1488769)
	- Fix bug where wrong words were highlighted on spell-before-send check
	- Fix scrolling quirk in email preview frame using Opera 12 (#1488763)
	- Fix displaying of multipart/alternative messages with empty parts (#1488750)
	- Fix threaded list sorting on PHP < 5.2.9 (#1488748)
	- Fix Warning: htmlspecialchars(): charset `RCMAIL_CHARSET' not supported warning in Installer (#1488744)

	RELEASE 0.8.2
	-------------
	- Fix XSS vulnerability from HTTP User-Agent header (#1488737)
	- Force fonts in compose fields to be all the same (#1488690)
	- Fix handling vCard entries with TEL;TYPE=CELL (#1488728)
	- Fix error where session wasn't updated after folder rename/delete (#1488692)
	- Fix PLAIN authentication for some IMAP servers (#1488674)
	- Fix encoding vCard file when contains PHOTO;ENCODING=b (#1488683)
	- Fix focus issue in IE when selecting message row (#1488620)
	- Add full headers view in message preview window (#1488538)
	- Fix message display page issues - unified with message preview (#1488590, #1488642)
	- Fix displaying all headers when they contain malformed characters (#1488666)
	- Fix decoding of HTML messages with UTF-16 charset specified (#1488654)
	- Fix quota capability detection so it can be overwritten by a plugin (#1488655)
	- Fix identity selection on reply (#1488101)
	- Fix Larry's messages list filter in IE (#1488632)
	- Fix more IE issues by disabling Compat. mode with X-UA-Compatible meta tag (#1488626)
	- Fix setting locales under Solaris - use additional .UTF-8 suffix (#1488628)
	- Fix email address validation for addresses with IP address in domain part
	- Fix Larry skin issues in IE7 compat. mode (#1488618)
	- Fix so subscribed non-existing/non-accessible shared folder can be unsubscribed

	RELEASE 0.8.1
	-------------
	- Fix bug where domain name was converted to lower-case even with login_lc=false (#1488593)
	- Fix lower-casing email address on replies (#1488598)
	- Fix line separator in exported messages (#1488603)
	- Fix XSS issue where plain signatures wasn't secured in HTML mode (#1488613)
	- Fix XSS issue where href="javascript:" wasn't secured (#1488613)
	- Fix impossible to create message with empty plain text part (#1488610)
	- Fix stripped apostrophes when replying in plain text to HTML message (#1488606)
	- Fix inactive Save search option after advanced search (#1488607)
	- Fix Remove from group option is active for contact search result (#1488608)
	- Disable autocapitalization in login form on iPad/iPhone (#1488609)
	- Fix focus on the list when list row is clicked (#1488600)
	- Added separate From and To columns apart from smart From/To column (#1486891)
	- Fix fallback to Larry skin when configured skin isn't available (#1488591)
	- Fix (workaround) delete operations with some versions of memcache (#1488592)
	- Fix (disable) request validation for spell and spell_html actions

	RELEASE 0.8.0
	-------------
	- Don't show product version on login screen (can be enabled by config)
	- Renamed old default skin to 'classic'. Larry is the new default skin.
	- Support connections to memcached socket file (#1488577)
	- Enable TinyMCE inlinepopups plugin
	- Update to TinyMCE 3.5.6
	- Correctly escape localized labels in javascript variable (#1488567)
	- Update Net_SMTP/Auth_SASL packages to fix Digest-MD5/Cram-MD5 authentication (#1488571)
	- Don't add attachments content into reply/forward/draft message body (#1488557)
	- Fix 'no connection' errors on page unloads (#1488547)
	- Plugin API: Add 'unauthenticated' hook (#1488138)
	- Show explicit error message when provided hostname is invalid (#1488550)
	- Fix wrong compose screen elements focus in IE9 (#1488541)
	- Fix fatal error when date.timezone isn't set (#1488546)
	- Update to TinyMCE 3.5.4.1
	- Better icons with distinct shapes for priority columns (#1488377)
	- Show dedicated icon for multipart/report messages (#1488524)
	- Properly hide text of icon links/buttons (#1488534)
	- Fix handling of unitless CSS size values in HTML message (#1488535)
	- Fix removing contact photo using LDAP addressbook (#1488420)
	- Fix storing X-ANNIVERSARY date in vCard format (#1488527)
	- Update to Mail_Mime-1.8.5 (#1488521)
	- Fix XSS vulnerability in message subject handling using Larry skin (#1488519)
	- Fix handling of links with various URI schemes e.g. "skype:" (#1488106)
	- Fix handling of links inside PRE elements on html to text conversion
	- Fix indexing of links on html to text conversion
	- Decode header value in rcube_mime::get() by default (#1488511)
	- Fix errors with enabled PHP magic_quotes_sybase option (#1488506)
	- Fix SQL query for contacts listing on MS SQL Server (#1488505)
	- Fix window.resize handler on IE8 and Opera (#1488453)
	- Don't let error message popups cover the login form (#1488500)
	- Update to TinyMCE 3.5.2
	- Don't show errors when moving contacts into groups they are already in (#1488493)
	- Make folders with unread messages in subfolders bold again (#1486793)
	- Abbreviate long attachment file names with ellipsis (#1488499)
	- Fix html2text conversion of strong\|b\|a\|th\|h tags when used in upper case
	- Add listcontrols template container in Larry skin (#1488498)
	- Fix host autoselection when default_host is an array (#1488495)
	- Move messages forwarding mode setting into Preferences
	- Fix HTML entities handling in HTML editor (#1488483)
	- Fix listing shared folders on Courier IMAP (#1488466)

	RELEASE 0.8-rc
	--------------
	- Added new translations in Belarusian, Interlingua and Malayalam
	- Flipped compose options arrow (#1488474)
	- Fix handling of large uuencode attachments (#1488473)
	- Fix handling of "usemap" attribute (#1488472)
	- Fix handling of some HTML tags e.g. IMG (#1488471)
	- Use similar language as a fallback for plugin localization (#1488401)
	- Fix issue where signature wasn't re-added on draft compose (#1488322)
	- Update to TinyMCE 3.5 (#1488459)
	- Fixed multi-threaded autocompletion when number of threads > number of sources
	- Allow to configure the number of values allowed for each LDAP attribute
	- Support for serialized LDAP address values (usually delimited with a $)
	- Less restrictive session auth checks, repeat keep-alive requests on failure (#1488449)
	- Fix redirect to mail/compose on re-login (#1488226)
	- Add IE8 hack for messages list issue (#1487821)
	- Fix handling errors on draft auto-save
	- Fix importing vCard photo with ENCODING param specified (#1488432)
	- Support mutliple name/email pairs for Bcc and Reply-To identity settings (#1488445)
	- Set flexible width to login form fields (#1488418)
	- Fix re-draw bug on list columns change in IE8 (#1487822)
	- Allow mass-removal of addresses from a group (#1487748)
	- Fix removing all contacts on import to LDAP addressbook
	- Fix so "Back" from compose/show doesn't reset search request (#1488238)
	- Add option to delete messages instead of moving to Trash when in Junk folder (#1486686)
	- Fix invisible cursor when replying to a html message (#1487073)
	- Reset IP stored in session when destroying session data (#1488056)
	- Fix bug where memory_limit = -1 wasn't handled properly
	- Support LDAP RFC2256's country object class read/write (#1488123)
	- Upgraded to jQuery 1.7.2
	- Image resize with GD extension (#1488383)
	- Fix lack of warning when switching task in compose window (#1488399)
	- Fix bug where it wasn't possible to enter ( or & characters in autocomplete fields
	- Request all needed fields from address book backends (#1488394)
	- Unified (single) spellchecker button
	- Scroll long lists on drag&drop (#1485946)
	- Copy all skins in installto script (#1488376)

	RELEASE 0.8-beta
	----------------
	- Upgraded to jQuery 1.7.1 (#1488337) and jQuery UI 1.8.18
	- Add Russian to the spellchecker languages list (#1488135)
	- Remember custom skin selection after logout (#1488355)
	- Make sure About tab is always the last tab (#1488257)
	- Fix issue with folder creation under INBOX. namespace (#1488349)
	- Added mailto: protocol handler registration link in User Preferences (#1486580)
	- Handle identity details box with an iframe (#1487020)
	- Fix issue where some text from original message was missing on reply (#1488340)
	- Fix autoselect_host() for login (#1488297)
	- Changed license to GNU GPLv3+ with exceptions for skins & plugins
	- Added address book widget on compose screen
	- Use proper timezones from PHP's internal timezonedb (#1485592)
	- Add separate pagesize setting for mail messages and contacts (#1488269)
	- Deprecate $DB, $USER, $IMAP global variables, Use $RCMAIL instead
	- Add option to set default font for HTML message (#1484137)
	- Fix issues with big memory allocation of IMAP results
	- Prevent from memory_limit exceeding when trying to parse big messages bodies (#1487424)
	- Add possibility to add SASL mechanisms for SMTP in smtp_connect hook (#1487937)
	- Mark (with different color) folders with recent messages (#1486234)
	- Added About tab in Settings
	- TinyMCE updated to 3.4.6

	RELEASE 0.7.2
	-------------
	- Fix encoding of attachment with comma in name (#1488389)
	- Fix handling of % character in IMAP protocol (#1488382)
	- Fix duplicate names handling in addressbook searches (#1488375)
	- Fix displaying of HTML messages from Disqus (#1488372)
	- Disable E_STRICT warnings on PHP 5.4
	- Prevent from folder selection on virtual folder collapsing (#1488346)
	- Fix automatic unsubscribe of non-existent folders
	- Fix double-quotes handling in recipient names
	- User configurable setting how to display contact names in list
	- Make contacts list sorting configurable for the admin/user
	- Fix parse errors in DDL files for MS SQL Server
	- Revert SORT=DISPLAY support, removed by mistake (#1488327)
	- Add lost translation label in de_DE (#1488315)
	- Fix drafts update issues when edited from preview pane (#1488314)
	- Fix wrong variable name in rcube_ldap.php (#1488302)
	- Make mime type detection based on filename extension to be case-insensitive
	- Fix failure on MySQL database upgrade from 0.7 - text column can't have default value (#1488300)


	RELEASE 0.7.1
	-------------
	- Fix bug in handling of base href and inline content (#1488290)
	- Fix SQL Error when saving a contact with many email addresses (#1488286)
	- Fix strict email address searching if contact has more than one address
	- Remove duplicated 'organization' label (#1488287)
	- Fix so editor selector is hidden when 'htmleditor' is listed in 'dont_override'
	- Fix wrong (long) label usage (#1488283)
	- Fix handling of INBOX's subfolders in special folders config (#1488279)
	- Add ifModule statement for setting Options -Indexes in .htaccess file (#1488274)
	- Fix crashes with eAccelerator (#1488256)
	- Fix searching on IMAP servers without CHARSET specifier support (#1488271)
	- Fix expanding folders during drag&drop (#1488260)
	- Fix wrong postgres sequence name in upgrade from 0.6
	- Fix broken CREATE INDEX queries in SQLite DDL files (#1488255)

	RELEASE 0.7
	-----------
	- Make Roundcube render the Email Standards Project Acid Test correctly
	- Replace prompt() with jQuery UI dialog (#1485135)
	- Fix navigation in messages search results
	- Improved handling of some malformed values encoded with quoted-printable (#1488232)
	- Add possibility to do LDAP bind before searching for bind DN
	- Fix handling of empty <U> tags in HTML messages (#1488225)
	- Add content filter for embedded attachments to protect from XSS on IE (#1487895)
	- Use strpos() instead of strstr() when possible (#1488211)
	- Fix handling HTML entities when converting HTML to text (#1488212)
	- Fix fit_string_to_size() renders browser and ui unresponsive (#1488207)
	- Fix handling of invalid characters in request (#1488124)
	- Fix merging some configuration options in update.sh script (#1485864)
	- Fix so TEXT key will remove all HEADER keys in IMAP SEARCH (#1488208)
	- Fix handling contact photo url with https:// prefix (#1488202)
	- Fix possible infinite redirect on attachment preview (#1488199)
	- Improved clickjacking protection for browsers which don't support X-Frame-Options headers
	- Fixed bug where similar folder names were highlighted wrong (#1487860)
	- Fixed bug in handling link with '!' character in it (#1488195)
	- Fixed bug where session ID's length was limited to 40 characters (#1488196)
	- TinyMCE security issue: removed moxieplayer (embedding flv and mp4 is not supported anymore)

	RELEASE 0.7-beta
	----------------
	- Fix handling of HTML form elements in messages (#1485137)
	- Fix regression in setting recipient to self when replying to a Sent message (#1487074)
	- Fix listing of folders in hidden namespaces (#1486796)
	- Don't consider \Noselect flag when building folders tree (#1488004)
	- Fix sorting autocomplete results (#1488084)
	- Add option to set session name (#1486433)
	- Add option to skip alternative email addresses in autocompletion
	- Fix inconsistent behaviour of Compose button in Drafts folder, add Edit button for drafts
	- Fix problem with parsing HTML message body with non-unicode characters (#1487813)
	- Add option to define matching method for addressbook search (#1486564, #1487907)
	- Make email recipients separator configurable
	- Fix so folders with \Noinferiors attribute aren't listed in parent selector
	- Fix handling of curly brackets in URLs (#1488168)
	- Fix handling of dates (birthday/anniversary) in contact data (#1488147)
	- Fix error on opening searched LDAP contact (#1488144)
	- Fix redundant line break in flowed format (#1488146)
	- Fix IDN address validation issue (#1488137)
	- Fix JS error when dst_active checkbox doesn't exist (#1488133)
	- Autocomplete LDAP records when adding contacts from mail (#1488073)
	- Plugin API: added 'ready' hook (#1488063)
	- Ignore DSN request when it isn't supported by SMTP server (#1487800)
	- Make sure LDAP name fields aren't arrays (#1488108)
	- Fixed imap test to non-default port when using ssl (#1488118)
	- Force all files to be overwritten when updating (#1488117)
	- Fix issue where it wasn't possible to change list view mode in folder manager for INBOX (#1488107)
	- Fix namespace handling in special folders settings (#1488112)
	- Disable time limit for CLI scripts (#1488109)
	- Fix misleading display when chaning editor type (#1488104)
	- Add loading indicator on contact delete
	- Fix bug where after delete message rows can be added to the list of another folder (#1487752)
	- Add notice on autocompletion that not all records were displayed
	- Add option 'searchonly' for LDAP address books
	- Add Priority filter to the messages list
	- Cache synchronization using QRESYNC/CONDSTORE
	- Trigger 'new_messages' hook for all checked folders (#1488083)
	- Make date/time format user configurable; drop 'date_today' config option
	- Fix setting title for truncated subject in IE (#1487128)
	- Fix displaying multipart/alternative messages with only one part (#1487938)
	- Rewritten messages caching:
	Indexes are stored in a separate table, so there's no need to store all messages in a folder
	Added threads data caching
	Flags are stored separately, so flag change doesn't cause DELETE+INSERT, just UPDATE
	- Improved FETCH response handling
	- Improvements in response tokenization method
	- Use 'From' and 'To' labels instead of 'Sender' and 'Recipient'
	- Fix username case-insensitivity issue in MySQL (#1488021)
	- Addressbook Saved Searches
	- Added spellchecker exceptions dictionary (shared or per-user)
	- Added possibility to ignore words containing caps, numbers, symbols (spellcheck_ignore_* options)
	- Added 'priority' column on messages list (#1486782)
	- Localize forwarded message header (#1488058)

	RELEASE 0.6
	-----------
	- Fix bug where the last identity is used on reply (#1488101)
	- Fix locked folder rename option on servers supporting RFC2086 only (#1488089)
	- Fix session race conditions when composing new messages
	- Fix encoding of LDAP contacts identifiers (#1488079)
	- jQuery 1.6.4
	- Fix handling of binary attachments encoded with quoted-printable (#1488065)
	- Fix text-overflow:ellipsis issues on messages list in FF7 and Webkit (#1488061)
	- Fix handling of links with IP address
	- Fix compacting folder resets message list filter (#1488076)

	RELEASE 0.6-rc
	----------------
	- Send X-Frame-Options headers to protect from clickjacking (#1487037)
	- Fallback to mail_domain in LDAP variable replacements; added 'host' to 'user_create' hook arguments (#1488024)
	- Fixed wrong vCard type parameter mobile (#1488067)
	- Fixed vCard WORKFAX issue (#1488046)
	- Add vCard's Profile URL support (#1488062)
	- jQuery 1.6.3
	- Fix imap_cache setting to values other than 'db' (#1488060)
	- Fix handling of attachments inside message/rfc822 parts (#1488026)
	- Make list of mimetypes that open in preview window configurable (#1487625)
	- Added plugin hook 'message_part_get' for attachment downloads
	- Added unique connection identifier to IMAP debug messages
	- Fix image type check for contact photo uploads

	RELEASE 0.6-beta
	----------------
	- Fixed selecting identity on reply/forward (#1487981)
	- Add option to hide selected LDAP addressbook on the list
	- Add client-side checking of uploaded files size
	- Add newlines between organization, department, jobtitle (#1488028)
	- Recalculate date when replying to a message and localize the cite header (#1487675)
	- Fix handling of email addresses with quoted local part (#1487939)
	- Fix EOL character in vCard exports (#1487873)
	- Added optional "multithreading" autocomplete feature
	- Plugin API: Added 'config_get' hook
	- Fixed new_user_identity plugin to work with updated rcube_ldap class (#1487994)
	- Plugin API: added folder_delete and folder_rename hooks
	- Added possibility to undo last contact delete operation
	- Fix sorting of contact groups after group create (#1487747)
	- Add optional textual upload progress indicator (#1486039)
	- Fix parsing URLs containing commas (#1487970)
	- Added vertical splitter for books/groups list in addressbook (#1487923)
	- Improved namespace roots handling in folder manager
	- Added searching in all addressbook sources
	- Added addressbook source selection in contacts import
	- Implement LDAPv3 Virtual List View (VLV) for paged results listing
	- Use 'address_template' config option when adding a new address block (#1487944)
	- Added addressbook advanced search
	- Add popup with basic fields selection for addressbook search
	- Case-insensitive matching in autocompletion (#1487933)
	- Added option to force spellchecking before sending a message (#1485458)
	- Fix handling of "<" character in contact data, search fields and folder names (#1487864)
	- Fix saving "<" character in identity name and organization fields (#1487864)
	- Added option to specify to which address book add new contacts
	- Added plugin hook for keep-alive requests
	- Store user preferences in session when write-master is not available and session is stored in memcache, write them later
	- Improve performence of folder manager operations
	- Fix default_port option handling in Installer when config.inc.php file exists (#1487925)
	- Removed option focus_on_new_message, added newmail_notifier plugin
	- Added general rcube_cache class with Memcache and APC support
	- Improved caching performance by skipping writes of unchanged data
	- Option enable_caching replaced by imap_cache and messages_cache options
	- Fix WORKFAX saving in address book (#1487910)
	- Add forward-as-attachment feature
	- jQuery-1.6.2 (#1487913, #1487144)
	- Improve display name composition when saving contacts (#1487143)
	- Fix problems with subfolders of INBOX folder on some IMAP servers (#1487725)
	- Fix handling of folders that doesn't belong to any namespace (#1487637)
	- Enable multiselection for attachments uploading in capable browsers (#1485969)
	- Add possibility to change HTML editor configuration by skin
	- Fix a bug where selecting too many contacts would produce too large URI request (#1487892)
	- Improve performance by including files with absolute path (#1487849)
	- Move folder name truncation to client/skin (#1485412)
	- Added plugin hook for request token creation
	- Replace LDAP vars in group queries (#1487837)
	- Fix vcard folding with uncode characters (#1487868)
	- Keep all submitted data if contact form validation fails (#1487865)
	- Handle uncode strings in rcube_addressbook::normalize_string() (#1487866)
	- Fix handling of debug_level=4 in ajax requests (#1487831)
	- Enable TinyMCE's contextmenu (#1487014)
	- Allow multiple concurrent compose sessions
	- New config option for custom logo
	- Allow skins to define/override texts with <roundcube:label />
	- Add simple ACL rights/namespace handling in folder manager
	- Force IE to send referers (#1487806)
	- Better display of vcard import results (#1485457)
	- Improved vcard import
	- Interactive update script with improved DB schema check
	- Fix problem with contactgroupmembers table creation on MySQL 4.x, add index on contact_id column
	- Add LDAP SASL bind and proxy authentication (#1486692)
	- Replying to a sent message puts the old recipient as the new recipient (#1487074)
	- Fulltext search over (almost) all data for contacts
	- Extend address book with rich contact information

	RELEASE 0.5.4
	-------------
	- Fix XSS vulnerability in UI messages (#1488030)

	RELEASE 0.5.3
	-------------
	- Fix identities "reply-to" and "bcc" fields have a bogus value when left empty (#1487943)
	- Fix issue which cases IMAP disconnection when encrypt() method was used (#1487900)
	- Fix some CSS issues in Settings for Internet Explorer
	- Fixed handling of folder with name "0" in folder selector
	- Fix bug where messages were deleted instead moved to trash folder after Shift key was used (#1487902)
	- Fix relative URLs handling according to a <base> in HTML (#1487889)
	- Fix handling of top-level domains with more than 5 chars or unicode chars (#1487883)
	- Fix usage of non-standard HTTP error codes (#1487797)
	- Fix PHP warning on mistaken in_array() usage (#1487901)

	RELEASE 0.5.2
	-------------
	- TinyMCE 3.4.2 now compatible with IE9
	- PEAR::Net_SMTP 1.5.2, fixed timeout issue (#1487843)
	- Fix bug where template name without plugin prefix was used in render_page hook
	- Support 'abort' and 'result' response in 'preferences_save' hook, add error handling
	- Fix bug where some content would cause hang on html2text conversion (#1487863)
	- Improve space-stuffing handling in format=flowed messages (#1487861)
	- Fix bug where some dates would produce SQL error in MySQL (#1487856)
	- Added workaround for some IMAP server with broken STATUS response (#1487859)
	- Fix bug where default_charset was not used for text messages (#1487836)
	- Stateless request tokens. No keep-alive necessary on login page (#1487829)
	- Force names of unique constraints in PostgreSQL DDL
	- Add code for prevention from IMAP connection hangs when server closes socket unexpectedly
	- Remove redundant DELETE query (for old session deletion) on login
	- Get around unreliable rand() and mt_rand() in session ID generation (#1486281)
	- Fix some emails are not shown using Cyrus IMAP (#1487820)
	- Fix handling of mime-encoded words with non-integral number of octets in a word (#1487801)
	- Fix parsing links with non-printable characters inside (#1487805)
	- Fixed de_CH Localization bugs (#1487773)
	- Add variable for 'Today' label in date_today option (#1486120)
	- Fix dont_override setting does not override existing user preferences (#1487664)
	- Use only one from IMAP authentication methods to prevent login delays (1487784)
	- Support strftime format in date_today option
	- Fix SQL query in rcube_user::query() so it uses index on MySQL again
	- Removed redundant </form> tags from contact add/edit pages
	- Fix CSS error in contact details screen on IE7 (#1487775)

	RELEASE 0.5.1
	-------------
	- Fix handling of attachments with invalid content type (#1487767)
	- Add workaround for DBMail's bug http://www.dbmail.org/mantis/view.php?id=881 (#1487766)
	- Use IMAP's ID extension (RFC2971) to print more info into debug log
	- Security: add optional referer check to prevent CSRF in GET requests
	- Fix email_dns_check setting not used for identities/contacts (#1487740)
	- Fix ICANN example addresses doesn't validate (#1487742)
	- Security: protect login form submission from CSRF
	- Security: prevent from relaying malicious requests through modcss.inc
	- Fix handling of non-image attachments in multipart/related messages (#1487750)
	- Fix IDNA support when IDN/INTL modules are in use (#1487742)
	- Fix handling of invalid HTML comments in messages (#1487759)
	- Fix parsing FETCH response for very long headers (#1487753)
	- Fix add/remove columns in message list when message_sort_order isn't set (#1487751)
	- Check mime headers before attempt to parse them (#1487745)
	- Quote header values in show_additional_headers plugin (#1487744)
	- Fix settings UI on IE 6 (#1487724)
	- Remove double borders in folder listing (#1487713)
	- Separate full message headers UI element from headers table (#1487715)
	- Add part MIME ID to message_part_* hooks (#1487718)
	- Improve parsing of MS Outlook vCards (#1487716)
	- Updated PEAR::Net_Socket to 1.0.10
	- Updated PEAR::Net_IDNA2 to 0.1.1
	- Fix handling of comments inside an email address spec. (#1487673)
	- Show full mail subject as title when hovering a cut subject link (#1487128)
	- Fix randomly disappearing folders list in IE (#1487704)
	- Fix list column add/removal in IE (#1487703)
	- Fix login redirect issues (#1487686)
	- Require PHP 5.2.1 or greater
	- Fix %h/%z variables in username_domain option (#1487701)
	- Workaround for setting charset in case of malformed bodystructure response (#1487700)
	- Fix impossible to subscribe to protected folders (#1487656)
	- Fix setting timezone in Preferences (#1487705)

	RELEASE 0.5
	-----------
	- Fix double-login/session issue (#1487104)
	- Wrap HTML parts with <html><body> and add Doctype declaration (#1487098)
	- Make rcube_autoload silently skip unknown classes (#1487109)
	- Fix charset detection in vcards with encoded values (#1485542)
	- Better CSS cursors for splitters (#1486874)
	- Show the same message only once (#1487641)
	- Fix namespaces handling (#1487649)
	- Add handling of multifolder METADATA/ANNOTATION responses
	- Fix handling of INBOX when personal namespace prefix is non-empty (#1487657)
	- Fix handling square brackets in links (#1487672)
	- Add description of 'use_https' option in main.inc.php.dist file

	RELEASE 0.5-RC
	--------------
	- Plugin API: Add 'pass' argument in 'authenticate' hook (#1487134)
	- Fix attachments of type message/rfc822 are not listed on attachments list
	- Add 'login_lc' config option for case-insensitive authentication (#1487113)
	- Fix window is blur'ed in IE when selecting a message (#1487316)
	- Fix cursor position on compose form in Webkit browsers (#1486674)
	- Fix setting charset of attachment filenames (#1487122)
	- Allow setting autocomplete attribute for all inputs separately (#1487313)
	- New Folder Manager UI
	- Fix invalid Request when creating a folder (#1487443)
	- Add folder size and quota indicator in folder manager (#1485780)
	- Add possibility to move a subfolder into root folder (#1486791)
	- Fix copying all messages in a folder copies only messages from current page
	- Improve performance of moving or copying of all messages in a folder
	- Fix plaintext versions of HTML messages don't contain placeholders for emotions (#1485206)
	- Improve performance of folder rename and delete actions
	- Better support for READ-ONLY and NOPERM responses handling (#1487083)
	- Add confirmation message on purge/expunge command response
	- Fix handling of untagged responses for AUTHENTICATE command (#1487450)
	- Add username and IP address to log message on unsuccessful login (#1487626)
	- Improved Mail-Followup-To and Mail-Reply-To headers handling
	- Fix charset conversion for text attachments without charset specification (#1487634)

	RELEASE 0.5-BETA
	----------------
	- Make session data storage more robust against garbage session data (#1487136)
	- Config option for autocomplete on login screen
	- Allow plugin templates to include local files (#1487133)
	- List groups in address detail view and allow to subscribe/unsubscribe from there (#1486753)
	- Messages caching: performance improvements, fixed syncing, fixes related with #1486748
	- Add link to identities in compose window (#1486729)
	- Add Internationalized Domain Name (IDNA) support (#1483894)
	- Add option to automatically send read notifications for known senders (#1485883)
	- Add option to "Return receipt" will be always checked (#1486352)
	- Fix HTML to plain text conversion doesn't handle citation blocks (#1486921)
	- Use custom sorting when SORT is disabled by IMAP admin (#1486959)
	- Allow setting some washtml options from plugin (#1486578)
	- Add option do bind for an individual LDAP address book (#1486997)
	- Change reply prefix to display email address only if sender name doesn't exist (#1486550)
	- Plugin API: improved 'abort' flag handling, added 'result' item in some hooks (#1486914)
	- Fix mailto optional params in plain text messages aren't handled (#1487026)
	- Add Reply-to-List feature (#1484252)
	- Add Mail-Followup-To/Mail-Reply-To support (#1485547)
	- Fix confirmation message isn't displayed after sending mail on Chrome (#1486177)
	- Fix keyboard doesn't work with autocomplete list with Chrome (#1487029)
	- Improve tabs to fixed width and add tabs in identities info (#1486974)
	- Add unique index on users.username+users.mail_host
	- Make htmleditor option more consistent and add option to use HTML on reply to HTML message (#1485840)
	- Use empty envelope sender address for message disposition notifications (RFC 2298.3)
	- Support SMTP Delivery Status Notifications - RFC 3461 (#1486142)
	- Use css sprite image for messages list
	- Add (different) attachment icon for messages of type multipart/report (#1486165)
	- Prevent from inserting empty link when composing HTML message (#1486944)
	- Add caching support in id2uid and uid2id functions (#1487019)
	- Add SASL proxy authentication for SMTP (#1486693)
	- Improve displaying of UI messages (#1486977)
	- Fix double e-mail filed in identity form (#1487054)
	- Display IMAP errors for LIST/THREAD/SEARCH commands (#1486905)
	- Add LITERAL+ (IMAP4 non-synchronizing literals) support (RFC 2088)
	- Add separate column for message status icon (#1486665)
	- Add ACL extension support into IMAP classes (RFC 4314)
	- Add ANNOTATEMORE extension support into IMAP classes (draft-daboo-imap-annotatemore)
	- Add METADATA extension support into IMAP classes (RFC 5464)
	- Fix decoding of e-mail address strings in message headers (#1487068)
	- Fix handling of attachments when Content-Disposition is not inline nor attachment (#1487051)
	- Improve performance of unseen messages counting (#1487058)
	- Improve performance of messages counting using ESEARCH extension (RFC4731)
	- Add LIST-STATUS support in rcube_imap_generic class (RFC 5819)
	- Add SASL-IR support in IMAP (RFC 4959)
	- Add LOGINDISABLED support (RFC 2595)
	- Add support for AUTH=PLAIN in IMAP authentication
	- Re-implemented SMTP proxy authentication support
	- Add support for IMAP proxy authentication (#1486690)
	- Add support for AUTH=DIGEST-MD5 in IMAP (RFC 2831)
	- Fix parent folder with unread subfolder not bold when message is open (#1487078)
	- Add basic IMAP LIST's \Noselect option support
	- Add support for selection options from LIST-EXTENDED extension (RFC 5258)
	- Don't list subscribed but non-existent folders (#1486225)
	- Fix handling of URLs with tilde (~) or semicolon (;) character (#1487087, #1487088)
	- Plugin API: added 'contact_form' hook
	- Add SORT=DISPLAY support (RFC 5957)
	- Plugin API: add possibility to disable plugin in AJAX mode, 'noajax' property
	- Plugin API: add possibility to disable plugin in framed mode, 'noframe' property
	- Improve performance of setting IMAP flags using .SILENT suffix
	- Improve performance of message cache status checking with skip_disabled=true
	- Support contact's email addresses up to 255 characters long (#1487095)
	- Add option to place replies in the folder of the message being replied to (#1485945)
	- Add missing confirmation/error messages on contact/group/message actions (#1486845)
	- Add 'loading' message on message move/copy/delete/mark actions
	- Improve responsiveness of messages displaying (#1486986)
	- Add option for minimum length of autocomplete's string (#1486428)
	- Fix operations on messages in unsubscribed folder (#1487107)
	- Add support for shared folders (#1403507)
	- Fix handling of folders with name "0" (#1487119)
	- Fix handling of folders with "<>" characters in name
	- jQuery 1.4.4
	- Fix handling of HTML entity strings in plain text messages
	- Fix focused elements aren't unfocused when clicking on the list (#1487123)
	- Fix error in MSSQL DDL scripts (#1487112)
	- Lock submit button in onsubmit event on login page (#1487036)
	- Don't set attachment's charset in Content-type header (#1487122)
	- Fix handling of message bodies (quoted-printable encoded) with NULL characters (#1486189)
	- Add workaround for MSOE's multipart/related messages with non-related attachments

	RELEASE 0.4.2
	-------------
	- Fix handling of backslash as IMAP delimiter
	- Fix charset replacement in HTML message bodies (#1487021)
	- Fix: contact group input is empty when using rename action more than once on the same group record
	- Fix "Server Error! (Not Found)" when using utils/save-pref action (#1487023)
	- Fix handling of Thunderbird's vCards (#1487024)

	RELEASE 0.4.1
	-------------
	- Fix space-stuffing in format=flowed messages (#1487018)
	- Fix msgexport.sh now using the new imap wrapper
	- Avoid displaying password on shell (#1486947)
	- Only lower-case user name if first login attempt failed (#1486393)
	- Make alias setting in squirrelmail_usercopy plugin configurable (patch by pommi, #1487007)
	- Prevent from saving a non-existing skin path in user prefs (#1486936)
	- Improve handling of single-part messages with bogus BODYSTRUCTURE (#1486898)
	- Fix path to SQL files when using pgsql/mysqli/sqlsrv drivers (#1486902)
	- Fix upgrade script for SQLite (#1486903)
	- Fixes in SQL init script + added update script for MSSQL database
	- Remove redundant date in syslog messages (#1486945)
	- Fix contacts list page controls when a group is selected (#1486946)
	- Fix SMTP test in Installer (#1486952)
	- Fix "Select all" causes message to be opened in folder with exactly one message (#1486913)
	- Fix Tab key doesn't work in HTML editor in Google Chrome (#1486925)
	- Fix TinyMCE uses zh_CN when zh_TW locale is set (#1486929)
	- Fix TinyMCE buttons are hidden in Opera (#1486922)
	- Fix JS error on IE when trying to send HTML message with enabled spellchecker (#1486940)
	- Display inline images with known extensions and non-image content-type (#1486934)
	- Fix "Threaded" checkbox after subfolder creation (#1486928)
	- Fix timezone string in sent mail (#1486961)
	- Show disabled checkboxes for protected folders instead of dots (#1485498)
	- Added fieldsets in Identity form, added 'identity_form' hook
	- Re-added 'Close' button in upload form (#1486930, #1486823)
	- Fix handling of charsets with LATIN-* label
	- Fix messages background image handling in some cases (#1486990)
	- Fix format=flowed handling (#1486989)
	- Fix when IMAP connection fails in 'get' action session shouldn't be destroyed (#1486995)
	- Fix list_cols is not updated after column dragging (#1486999)
	- Support %z variable in host configuration options (#1487003)

	RELEASE 0.4
	-----------
	- Fix disapearing upload form disapears when user selects a file on Safari (#1486823)
	- Don't replace error messages with loading info (#1486300)
	- Fix JS errors on compose mode switch (#1486870)
	- Fix message structure parsing when it lacks optional fields (#1486881)
	- Include all recipients in sendmail log
	- Support HTTP_X_FORWARDED_PROTO header for HTTPS detecting (#1486866)
	- Fix default IMAP port configuration (#1486864)
	- Create Sent folder when starting to compose a new message (#1486802)
	- Fix handling of messages with Content-Type: application/* and no filename (#1484050)
	- Improved compose screen: resizable body and attachments list, vertical splitter, options menu
	- Fix RC forgets search results (#1483883)
	- TinyMCE 3.3.7
	- Improve parsing of styled empty tags in HTML messages (#1486812)
	- Add %dc variable support in base_dn/bind_dn config (#1486779)
	- Add button to hide/unhide the preview pane (#1484215)
	- Fix no-cache headers on https to prevent content caching by proxies (#1486798)
	- Fix attachment filenames broken with TNEF decoder using long filenames (#1486795)
	- Use user's timezone in Date header, not server's timezone (#1486119)
	- Add option to set separate footer for HTML messages (#1486660)
	- Add real SMTP error description to displayed error messages (#1485927)
	- Fix some IMAP errors handling when opening the message (#1485443)
	- Fix related parts aren't displayed when got mimetype other than image/* (#1486432)
	- Multiple identity and database support for squirrelmail_usercopy plugin (#1486517)
	- Support dynamic hostname (%d/%n) variables in configuration options (#1485438)
	- Add 'messages_list' hook (#1486266)
	- Add request* event triggers in http_post/http_request (#1486054)
	- Fix use RFC-compliant line-delimiter when saving messages on IMAP (#1486712)
	- Add 'imap_timeout' option (#1486760)
	- Fix forwarding of messages with winmail attachments
	- Fix handling of uuencoded attachments in message body (#1485839)
	- Added list_mailboxes hook in rcube_imap::list_unsubscribed() (#1486668)
	- Fix wrong message on file upload error (#1486725)
	- Add support for data URI scheme [RFC2397] (#1486740)
	- Added 'actionbefore', 'actionafter', 'responsebefore', 'responseafter' events
	- Fix double-addition of e-mail domain to content ID in HTML images
	- Read and send messages with format=flowed (#1484370), fixes word wrapping issues (#1486543)
	- Fix duplicated attachments when forwarding a message (#1486487)
	- Fix message/rfc822 attachments containing only attachments are not parsed properly (#1486743)
	- Fix %00 character in winmail.dat attachments names (#1486738)
	- Fix handling errors of folder deletion (#1486705)
	- Parse untagged CAPABILITY response for LOGIN command (#1486742)
	- Renamed all php-cli scripts to use .sh extension
	- Some files from /bin + spellchecking actions moved to the new 'utils' task
	- Added thread tree icons
	- Extend contact groups support (#1486682)
	- Fix check-recent action issues and performance (#1486526)
	- Fix messages order after checking for recent (#1484664)
	- Fix autocomplete shows entries without email (#1486452)
	- Fix listupdate event doesn't trigger on search response (#1486708)
	- Fix select_all_mode value after selecting a message (#1486720)
	- Set focus to editor on reply in HTML mode (#1486632)
	- Fix composing in HTML jumps cursor to body instead of recipients (#1486674)
	- Allow columns order change per user - drag&drop (#1485795)
	- Add References header in read receipt (#1486681)
	- Fix database constraint violation when opening a message (#1486696)
	- Add 'loading' message while login is in progress (#1486667)
	- Fix quota_zero_as_unlimited (#1486662)
	- Fix folder subscription checking (#1486684)
	- Fix INBOX appears (sometimes) twice in mailbox list (#1486672)
	- Fix listing of attachments of some types e.g. "x-epoc/x-sisx-app" (#1486653)
	- Fix DB Schema checking when some db_table_* options are not set (#1486654)

	RELEASE 0.4-beta
	----------------
	- Add sizelimit and timelimit variables in LDAP config (#1486544)
	- Hide IMAP host dropdown when single host is defined (#1486326)
	- Add images pre-loading on login page (#1451160)
	- Add HTTP_X_REAL_IP and HTTP_X_FORWARDED_FOR to successful logins log (#1486441)
	- Fix setting spellcheck languages with extended codes (#1486605)
	- Fix messages list scrolling in FF3.6 (#1486472)
	- Fix quicksearch input focus (#1486637)
	- Always set changed date when flagging a DB record as deleted + provide a cleanup script
	- Fix address book/group selection (#1486619)
	- Assign newly created contacts to the active group (#1486626)
	- Added option not to mark messages as read when viewed in preview pane (#1485012)
	- Allow plugins modify the Sent folder when composing (#1486548)
	- Added optional (max_recipients) support to restrict total number of recipients per message (#1484542)
	- Re-organize editor buttons, add blockquote and search buttons
	- Make possible to write inside or after a quoted html message (#1485476)
	- Fix bugs on unexpected IMAP connection close (#1486190, #1486270)
	- Iloha's imap.inc rewritten into rcube_imap_generic class
	- Added contact groups in address book (not finished yet)
	- Added PageUp/PageDown/Home/End keys support on lists (#1486430)
	- Added possibility to select all messages in a folder (#1484756)
	- Added 'imap_force_caps' option for after-login CAPABILITY checking (#1485750)
	- Password: Support dovecotpw encryption
	- TinyMCE 3.3.1
	- Implemented messages copying using drag&drop + SHIFT (#1484086)
	- Improved performance of folders operations (#1486525)
	- Fix blocked.gif attachment is not attached to the message (#1486516)
	- Managesieve: import from Horde-INGO
	- Managesieve: support for more than one match (#1486078)
	- Managesieve: support for selectively disabling rules within a single sieve script (#1485882)
	- Threaded message listing now available
	- Added sorting by ARRIVAL and CC
	- Message list columns configurable by the user
	- Removed 'index_sort' option, now we're using empty 'message_sort_col' for this
	- virtuser_query: support other identity data (#1486148)
	- Options virtuser_* replaced with virtuser_* plugins
	- Plugin API: Implemented 'email2user' and 'user2email' hooks
	- Fix forwarding message omits CC header (#1486305)
	- Add 'default_charset' option to user preferences (#1485451)
	- Add 'delete_always' option to user preferences
	- Support/Require tls:// prefix in 'smtp_server' option for TLS connections
	- Fix inconsistent behaviour of 'delete_always' option (#1486299)
	- Fix deleting all messages from last list page (#1486293)
	- Flag original messages when sending a draft (#1486203)
	- Changed signature separator when top-posting (#1486330)
	- Let the admin define defaults for search modifiers (#1485897)
	- Fix long e-mail addresses validation (#1486453)
	- Remember search modifiers in user prefs (#1486146)
	- Added force_7bit option to force MIME encoding of plain/text messages (#1486510)
	- Use case sensitive check when checking for default folders (#1486346)
	- Fix checking for new mail: now checks unseen count of inbox (#1485794)
	- Improve performance by avoiding unnecessary updates to the session table (#1486325)
	- Fix invalid <font> tags which cause HTML message rendering problems (#1486521)
	- Fix CVE-2010-0464: Disable DNS prefetching (#1486449)
	- Fix Received headers to behave better with SpamAssassin (#1486513)
	- Password: Make passwords encoding consistent with core, add 'password_charset' global option (#1486473)
	- Fix adding contacts SQL error on mysql (#1486459)
	- Squirrelmail_usercopy: support reply-to field (#1486506)
	- Fix IE spellcheck suggestion popup issue (#1486471)
	- Fix email address auto-completion shows regexp pattern (#1486258)
	- Fix merging of configuration parameters: user prefs always survive (#1486368)
	- Fix quota indicator value after folder purge/expunge (#1486488)
	- Fix external mailto links support for use as protocol handler (#1486037)
	- Fix attachment excessive memory use, support messages of any size (#1484660)
	- Fix setting task name according to auth state
	- Password: fix vpopmaild driver (#1486478)
	- Add workaround for MySQL bug [http://bugs.mysql.com/bug.php?id=46293] (#1486474)
	- Fix quoted text wrapping when replying to an HTML email in plain text (#1484141)
	- Fix handling of extended mailto links (with params) (#1486354)
	- Fix sorting by date of messages without date header on servers without SORT (#1486286)
	- Fix inconsistency when not using default table names (#1486467)
	- Fix folder rename/delete buttons do not appear on creation of first folder (#1486468)
	- Fix character set conversion fails on systems where iconv doesn't accept //IGNORE (#1486375)
	- Log in performance: Create default folders on first login only
	- Import contacts into the selected address book (by Phil Weir)
	- Add support for MDB2's 'sqlsrv' driver (#1486395)
	- Use jQuery-1.4
	- Removed problematic browser-caching of messages
	- Fix incompatybility with suhosin.executor.disable_emodifier (#1486321)
	- Use PLAIN auth when CRAM fails and imap_auth_type='check' (#1486371)
	- Fix removal of <title> tag from HTML messages (#1486432)
	- Fix 'force_https' to specified port when URL contains a port number (#1486411)
	- Fix to-text converting of HTML entities inside b/strong/th/hX tags (#1486422)
	- Bug in spellchecker suggestions when server charset != UTF8 (#1486406)
	- Managesieve: Fix requires generation for multiple actions (#1486397)
	- Fix LDAP problem with special characters in RDN (#1486320)
	- Improved handling of message parts of type message/rfc822
	- Plugin API: added 'quota' hook
	- Fix parsing conditional comments in HTML messages (#1486350)
	- Use built-in json_encode() for proper JSON format in AJAX replies
	- Allow setting only selected params in 'message_compose' hook (#1486312)
	- Plugin API: added 'message_compose_body' hook (#1486285)
	- Fix counters of all folders are checked in 'getunread' action with check_all_folders disabled (#1486128)
	- Fix displaying alternative parts in messages of type message/rfc822 (#1486246)
	- Fix possible messages exposure when using Roundcube behind a proxy (#1486281)
	- Fix unicode para and line separators in javascript response (#1486310)
	- Additional_message_headers: allow unsetting headers, support plugin's config file (#1486268)
	- Fix displaying of hidden directories in skins list (#1486301)
	- Fix open_basedir restriction error when reading skins list (#1486304)
	- Fix pasting from Office apps into html editor (#1486271)
	- Fix empty <a> tags parsing (#1486272)
	- Don't cut off attachment names when using non-RFC2231 encoding (#1485515)
	- Allow inserting signatures above replied message body (#1484272)
	- Managesieve 2.0: multi-script support
	- Fix imap_auth_type regression (#1486263)

	RELEASE 0.3.1
	------------------
	- Specify toolbar container in compose template (#1486247)
	- Fix $_SERVER['HTTPS'] check for SSL forcing on IIS (#1486243)
	- Avoid unnecessary page loads for selected tab (#1486032)
	- Fix quota indicator issues by content generation on client-size (#1486197, #1486220)
	- Don't display disabled sections in Settings (#1486099)
	- Added server-side e-mail address validation with 'email_dns_check' option (#1485857)
	- Fix login page loading into an iframe when session expires (#1485952)
	- Allow setting port number in 'force_https' option (#1486091)
	- Option 'force_https' replaced by 'force_https' plugin
	- Fix IE issue with non-UTF-8 characters in AJAX response (#1486159)
	- Partially fixed "empty body" issue by showing raw body of malformed message (#1486166)
	- Fix importing/sending to email address with whitespace (#1486214)
	- Added XIMSS (CommuniGate) driver for Password plugin
	- Fix newly attached files are not saved in drafts w/o editing any text (#1486202)
	- Added attachment upload indicator with parallel upload (#1486058)
	- Use default_charset for bodies of messages without charset definition (#1486187)
	- Password: added cPanel driver
	- Fix return to first page from e-mail screen (#1486105)
	- Fix handling HTML comments in HTML messages (#1486189)
	- Fix folder/messagelist controls alignment - icons used (#1486072)
	- Fix LDAP addressbook shows 'Contact not found' error sometimes (#1486178)
	- Fix cache status checking + improve cache operations performance (#1486104)
	- Prevent from setting INBOX as any of special folders (#1486114)
	- Fix regular expression for e-mail address (#1486152)
	- Fix Received header format
	- Implemented sorting by message index - added 'index_sort' option (#1485936)
	- Fix dl() use in installer (#1486150)
	- Added 'ldap_debug' option
	- Fix "Empty startup greeting" bug (#1486085)
	- Fix setting user name in 'new_user_identity' plugin (#1486137)
	- Fix incorrect count of new messages in folder list when using multiple IMAP clients (#1485995)
	- Fix all folders checking for new messages with disabled caching (#1486128)
	- Support skins in 'archive' and 'markasjunk' plugins
	- Added 'html_editor' hook (#1486068)
	- Fix DB constraint violation when populating messages cache (#1486052)
	- Password: added password strength options (#1486062)
	- Fix LDAP partial result warning (#1485536)
	- Fix delete in message view deletes permanently with flag_for_deletion=true (#1486101)
	- Use faster/secure mt_rand() (#1486094)
	- Fix roundcube hangs on empty inbox with bincimapd (#1486093)
	- Fix wrong headers for IE on servers without $_SERVER['HTTPS'] (#1485926)
	- Force IE style headers for attachments in non-HTTPS session, 'use_https' option (#1485655)
	- Check 'post_max_size' for upload max filesize (#1486089)
	- Password Plugin: Fix %d inserts username instead of domain (#1486088)
	- Fix rcube_mdb2::affected_rows() (#1486082)

	RELEASE 0.3-stable
	------------------
	- Fix gn and givenName should be synonymous in LDAP addressbook (#1485892)
	- Add mail_domain to LDAP email entries without @ sign (#1485201)
	- Fix saving empty values in LDAP contact data (#1485781)
	- Fix LDAP contact update when RDN field is changed (#1485788)
	- Fix LDAP attributes case senitivity problems (#1485830)
	- Fix LDAP addressbook browsing when only one directory is used (#1486022)
	- Fix endless loop on error response for APPEND command (#1486060)
	- Don't require date.timezone setting in installer (#1485989)
	- Fix date sorting problem with Courier IMAP server (#1486065)
	- Unselect pressed buttons on mouse up (#1485987)
	- Don't set php_value error_log in .htaccess but mention in INSTALL (#1485924)
	- Fix too small status/flag/attachment columns in Safari 4 (#1486063)
	- Fix selection disabling while dragging splitter in webkit browsers (#1486056)
	- Added 'new_messages' plugin hook (#1486005)
	- Added 'logout_after' plugin hook (#1486042)
	- Added 'message_compose' hook
	- Added 'imap_connect' hook (#1485956)
	- Fix vcard_attachments plugin (#1486035)
	- Updated PEAR::Auth_SASL to 1.0.3 version
	- Use sequence names only with PostgreSQL (#1486018)
	- Re-designed User Preferences interface
	- Fix MS SQL DDL (#1486020)
	- Fix rcube_mdb2.php: call to setCharset not implemented in mssql driver (#1486019)
	- Added 'display_next' option
	- Fix rcube_mdb2::unixtimestamp for MS SQL (#1486015)
	- Fix HTML washing to respect character encoding
	- Fix endless loop in iil_C_Login() with Courier IMAP (#1486010)
	- Fix #messagemenu display on IE (#1486006)
	- Speedup UI by using sprites for (toolbar) buttons
	- Fix charset names with X- prefix handling
	- Fix displaying of HTML messages with unknown/malformed tags (#1486003)

	RELEASE 0.3-RC1
	---------------
	- Fix import of vCard entries with params (#1485453)
	- Fix HTML messages output with empty block elements (#1485974)
	- Use request tokens to protect POST requests from CSRF
	- Added hook when killing a session
	- Added hook to write_log function (#1485971)
	- Performance improvements by use UID commands (#1485690)
	- Fix HTML editor tabIndex setting (#1485972)
	- Added 'imap_debug' and 'smtp_debug' options
	- Support strftime's format modifiers in date_* options (#1484806)
	- Support %h variable in 'smtp_server' option (#1485766)
	- Show SMTP errors in browser (#1485927)
	- Allow WBR tag in HTML message (#1485960)
	- Use spl_autoload_register() instead of __autoload (#1485947)
	- Add hook for identities listing (#1485958)
	- Trigger hook 'smtp_connect' when opening an SMTP connection (#1485954)
	- Added config option to enforce HTTPS connections
	- Fix non-unicode characters caching in unicode database (#1484608)
	- Performance improvements of messages caching
	- Fix empty Date header issue (#1485923)
	- Open collapsed folders during drag & drop (#1485914)
	- Fixed link text replacements (#1485789)
	- Also trigger 'insertrow' events on page load (#1485826)
	- No link on subject in IE browsers (#1484913)
	- Fixed filename encoding according to RFC2231 (#1485875)
	- Added message Edit feature (#1483891, #1484440)
	- Fix message Etag generation for counter issues (#1485623)
	- Fix messages searching on MailEnable IMAP (#1485762)
	- Fixed many 'skip_deleted' issues (#1485634)
	- Fixed messages list sorting on servers without SORT capability
	- Colorized signatures in plain text messages
	- Reviewed/fixed skip_deleted/read_when_deleted/flag_for_deletion options handling in UI
	- Fix displaying of big maximum upload filesize (#1485889)
	- Added possibility to invert messages selection
	- After move/delete from 'show' action display next message instead of messages list (#1485887)
	- Fixed problem with double quote at the end of folder name (#1485884)
	- Speedup UI by using CSS sprites and etags/expires/deflate in Apache config (#1484858,#1485800)
	- Support UID EXPUNGE: remove only moved/deleted messages
	- Add drag cancelling with ESC key (#1484344)
	- Support initial identity name from virtuser_query (#1484003)
	- Added message menu, removed Print and Source buttons
	- Added possibility to save message as .eml file (#1485861)
	- Added 1 minute interval in autosave options (#1485854)
	- Support UTF-7 encoding in messages (#1485832)
	- Better support for malformed character names (#1485758)

	RELEASE 0.3-BETA
	----------------
	- Plugin API + jQuery engine
	- Added possibility to encrypt received header, option 'http_received_header_encrypt',
	added some more logic in encrypt/decrypt functions for security
	- Fix Answered/Forwarded flag setting for messages in subfolders
	- Fix autocomplete problem with capital letters (#1485792)
	- Support UUencode content encoding (#1485839)
	- Minimize chance of race condition in session handling (#1485659, #1484678)
	- Fix session handling on non-session SQL query error (#1485734)
	- Fix html editor mode setting when reopening draft message (#1485834)
	- Added quick search box menu (#1484304)
	- Fix wrong column sort order icons (#1485823)
	- Updated TinyMCE to 3.2.3 version
	- Fix attachment names encoding when charset isn't specified in attachment part (#1484969)
	- Fix message normal priority problem (#1485820)
	- Fix autocomplete spinning wheel does not disappear (#1485804)
	- Added log_date_format option (#1485709)
	- Fix text wrapping in HTML editor after switching from plain text to HTML (#1485521)
	- Fix auto-complete function hangs with plus sign (#1485815)
	- Fix AJAX requests errors handler (#1485000)
	- Speed up message list displaying on IE
	- Fix read/write database recognition (#1485811)

	RELEASE 0.2.2
	-------------
	- Fix quicksearchbox look in Chrome and Konqueror (#1484841)
	- Fix UTF-8 byte-order mark removing (#1485514)
	- Fix folders subscribtions on Konqueror (#1484841)
	- Fix debug console on Konqueror and Safari
	- Fix messagelist focus issue when modifying status of selected messages (#1485807)
	- Support STARTTLS in IMAP connection (#1485284)
	- Fix DEL key problem in search boxes (#1485528)
	- Support several e-mail addresses per user from virtuser_file (#1485678)
	- Fix drag&drop with scrolling on IE (#1485786)
	- Fix adding signature separator in html mode (#1485350)
	- Fix opening attachment marks message as read (#1485803)
	- Fix 'temp_dir' does not support relative path under Windows (#1484529)
	- Fix "Initialize Database" button missing from installer (#1485802)
	- Fix compose window doesn't fit 1024x768 window (#1485396)
	- Fix service not available error when pressing back from compose dialog (#1485552)
	- Fix using mail() on Windows (#1485779)
	- Fix word wrapping in message-part's <PRE>s for printing (#1485787)
	- Fix incorrect word wrapping in outgoing plaintext multibyte messages (#1485714)
	- Fix double footer in HTML message with embedded images
	- Fix TNEF implementation bug (#1485773)
	- Fix incorrect row id parsing for LDAP contacts list (#1485784)
	- Fix 'mode' parameter in sqlite DSN (#1485772)

	RELEASE 0.2.1
	------------------
	- Use US-ASCII as failover when Unicode searching fails (#1485762)
	- Fix errors handling in IMAP command continuations (#1485762)
	- Fix FETCH result parsing for servers returning flags at the end of result (#1485763)
	- Fix datetime columns defaults in mysql's DDL (#1485641)
	- Fix attaching more than nine inline images (#1485759)
	- Support 'UNICODE-1-1-UTF-7' alias for UTF-7 encoding (#1485758)
	- Fix mime-type detection using a hard-coded map (#1485311)
	- Don't return empty string if charset conversion failed (#1485757)
	- Disable concurrent autocomplete query results display (#1485743)
	- Fix new lines stripped from message footer (#1485751)
	- Fix IE problem with mouse click autocomplete (#1485739)
	- Fix html body washing on reply/forward + fix attachments handling (#1485676)
	- Fix multiple recipients input parsing (#1485733)
	- Fix replying to message with html attachment (#1485676)
	- Use default_charset for messages without specified charset (#1485661, #1484961)
	- Support non-standard "GMT-XXXX" literal in date header (#1485729)
	- Added TNEF support to decode MS Outlook attachments (winmail.dat)
	- Fix "value continuation" MIME headers by adding required semicolon (#1485727)
	- Fix pressing select all/unread multiple times (#1485723)
	- Fix selecting all unread does not honor new messages (#1485724)
	- Fix some base64 encoded attachments handling (#1485725)
	- Support NGINX as IMAP backend: better BAD response handling (#1485720)
	- Performance fix: don't fetch attachment parts headers twice to parse filename
	- Fix checking for recent messages on various IMAP servers (#1485702)
	- Performance fix: Don't fetch quota and recent messages in "message view" mode
	- Fix displaying of alternative-inside-alternative messages (#1485713)
	- Fix MDNSent flag checking, use arbitrary keywords (asterisk) flag (#1485706)
	- Fix creation of folders with '&' sign in name
	- Fix parsing of email addresses without angle brackets (#1485693)
	- Save spellcheck corrections when switching from plain to html editor (and spellchecking is on)
	- Fix large search results on server without SORT capability (#1485668)
	- Get rid of preg_replace() with eval modifier and create_function usage (#1485686)
	- Bring back <base> and <link> tags in HTML messages
	- Fix XSS vulnerability through background attributes as reported by Julien Cayssol
	- Fix problems with backslash as IMAP hierarchy delimiter (#1484467)
	- Secure vcard export by getting rid of preg's 'e' modifier use (#1485689)
	- Fix authentication when submitting form with existing session (#1485679)
	- Allow absolute URLs to images in HTML messages/sigs (#1485666)
	- Fix message body which contains both inline attachments and emotions
	- Fix SQL query execution errors handling in rcube_mdb2 class (#1485509)
	- Fix address names with '@' sign handling (#1485654)
	- Improve messages display performance
	- Fix messages searching with 'to:' modifier

	RELEASE 0.2-STABLE
	------------------
	- Fix mark popup in IE 7 (#1485369)
	- Fix line-break issue when copy & paste in Firefox (#1485425)
	- Fix autocomplete "unknown server error" (#1485637)
	- Fix STARTTLS before AUTH in SMTP connection (#1484883)
	- Support multiple quota values in QUOTAROOT resonse (#1485626)
	- Only abbreviate file name for IE < 7 browsers (#1485063)
	- Performance: allow setting imap rootdir and delimiter before connect (#1485172)
	- Fix sorting of folders with more than 2 levels (#1485569)
	- Fix search results page jumps in LDAP addressbook (#1485253)
	- Fix empty line before the signature in IE (#1485351)
	- Fix horizontal scrollbar in preview pane on IE (#1484633)
	- Add Robots meta tag in login page and installer (#1484846)
	- Added 'show_images' option, removed 'addrbook_show_images' (#1485597)
	- Option to check for new mails in all folders (#1484374)
	- Don't set client busy when checking for new messages (#1485276)
	- Allow UTF-8 folder names in config (#1485579)
	- Add junk_mbox option configuration in installer (#1485579)
	- Do serverside addressbook queries for autocompletion (#1485531)
	- Allow setting attachment col position in 'list_cols' option
	- Allow override 'list_cols' via skin (#1485577)
	- Fix 'cache' table cleanup on session destroy (#1485516)
	- Increase speed of session destroy and garbage clean up
	- Fix session timeout when DB server got clock skew (#1485490)
	- Fix handling of some malformed messages (#1484438)
	- Speed up raw message body handling
	- Better HTML entities conversion in html2text (#1485519)
	- Fix big memory consumption and speed up searching on servers without SORT capability
	- Fix setting locale to tr_TR, ku and az_AZ (#1485470)
	- Use SORT for searching on servers with SORT capability
	- Added message status filter
	- Fix empty file sending (#1485389)
	- Improved searching with many criterias (calling one SEARCH command)
	- Fix HTML editor initialization on IE (#1485304)
	- Add warning when switching editor mode from html to plain (#1485488)
	- Make identities list scrollable (#1485538)
	- Fix problem with numeric folder names (#1485527)
	- Added BYE response simple support to prevent from endless loops in imap.inc (#1483956)
	- Fix unread message unintentionally marked as read if read_when_deleted=true (#1485409)
	- Remove port number from SERVER_NAME in smtp_helo_host (#1485518)
	- Don't send disposition notification receipts for messages marked as 'read' (#1485523)
	- Added 'keep_alive' and 'min_keep_alive' options (#1485360)
	- Added option 'identities_level', removed 'multiple_identities'
	- Allow deleting identities when multiple_identities=false (#1485435)
	- Added option focus_on_new_message (#1485374)
	- Fix html2text class autoloading on Windows (#1485505)
	- Fix html signature formatting when identity save error occured (#1485426)
	- Add feedback and set busy when moving folder (#1485497)
	- Fix 'Empty' link visibility for some languages e.g. Slovak (#1485489)
	- Fix messages count bar overlapping (#1485270)
	- Fix adding signature in drafts compose mode (#1485484)
	- Fix iil_C_Sort() to support very long and/or divided responses (#1485283)
	- Fix matching case sensitivity when setting identity on reply (#1485480)
	- Prefer default identity on reply
	- Fix imap searching on ISMail server (#1485466)
	- Add css class for flagged messages (#1485464)
	- Write username instead of id in sendmail log (#1485477)
	- Fix htmlspecialchars() use for PHP version < 5.2.3 (#1485475)
	- Fix js keywords escaping in json_serialize() for IE/Opera (#1485472)
	- Added bin/killcache.php script (#1485434)
	- Add support for SJIS, GB2312, BIG5 in rc_detect_encoding()
	- Fix vCard file encoding detection for non-UTF-8 strings (#1485410)
	- Add 'skip_deleted' option in User Preferences (#1485445)
	- Minimize "inline" javascript scripts use (#1485433)
	- Fix css class setting for folders with names matching defined classes names (#1485355)
	- Fix race conditions when changing mailbox
	- Fix spellchecking when switching to html editor (#1485362)
	- Fix compose window width/height (#1485396)
	- Allow calling msgimport.sh/msgexport.sh from any directory (#1485431)
	- Localized filesize units (#1485340)
	- Better handling of "no identity" and "no email in identity" situations (#1485117)
	- Added 'mime_param_folding' option with possibility to choose long/non-ascii attachment names encoding eg. to be readable in MS Outlook/OE (#1485320)
	- Added "advanced options" feature in User Preferences
	- Fix unread counter when displaying cached massage in preview panel (#1485290)
	- Fix htmleditor spellchecking on MS Windows (#1485397)
	- Fix problem with non-ascii attachment names in Mail_mime (#1485267, #1485096)
	- Fix language autodetection (#1485401)
	- Fix button label in folders management (#1485405)
	- Fix collapsed folder not indicating unread msgs count of all subfolders (#1485403)
	- Fix handling of apostrophes in filenames decoded according to rfc2231

	RELEASE 0.2-BETA
	----------------
	- Made config files location configurable (#1485215)
	- Reduced memory footprint when forwarding attachments (#1485345)
	- Allow and use spellcheck attribute for input/textarea fields (#1485060)
	- Added icons for forwarded/forwarded+replied messages (#1485257)
	- Added Reply-To to forwarded emails (#1485315)
	- Display progress message for folders create/delete/rename (#1485357)
	- Smart Tags and NOBR tag support in html messages (#1485363, #1485327)
	- Redesign of the identities settings (#1484042)
	- Add config option to disable creation/deletion of identities (#1484498)
	- Added 'sendmail_delay' option to restrict messages sending interval (#1484491)
	- Added vertical splitter for folders list resizing
	- Added possibility to view all headers in message view
	- Fixed splitter drag/resize on Opera (#1485170)
	- Fixed quota img height/width setting from template (#1484857)
	- Refactor drag & drop functionality. Don't rely on browser events anymore (#1484453)
	- Insert "virtual" folders in subscription list (#1484779)
	- Added link to open message in new window
	- Enable export of address book contacts as vCard
	- Add feature to import contacts from vcard files (#1326103)
	- Respect Content-Location headers in multipart/related messages according to RFC2110 (#1484946)
	- Allowed max. attachment size now indicated in compose screen (#1485030)
	- Also capture backspace key in list mode (#1484566)
	- Allow application/pgp parts to be displayed (#1484753)
	- Correctly handle options in mailto-links (#1485228)
	- Immediately save sort_col/sort_order in user prefs (#1485265)
	- Truncate very long (above 50 characters) attachment filenames when displaying
	- Allow to auto-detect client language if none set (#1484434)
	- Auto-detect the client timezone (user configurable)
	- Add RFC2231 header value continuations support for attachment filenames + hack for servers that not support that feature
	- Fix Reply-To header displaying (#1485314)
	- Mark form buttons that provide the most obvious operation (mainaction)
	- Added option 'quota_zero_as_unlimited' (#1484604)
	- Added PRE handling in html2text class (#1484740)
	- Added folder hierarchy collapsing
	- Added options to use syslog instead of log file (#1484850)
	- Added Logging & Debugging section in Installer
	- Fix In-Reply-To and References headers when composing saved draft message (#1485288)
	- Fix html message charset conversion for charsets with underline (#1485287)
	- Fix buttons status after contacts deletion (#1485233)
	- Fix escaping of To: and From: fields when building message body for reply or forward in the HTML editor (#1484904)
	- Use current mailbox name in template (#1485256)
	- Better fix for skipping untagged responses (#1485261)
	- Added pspell support patch by Kris Steinhoff (#1483960)
	- Enable spellchecker for HTML editor (#1485114)
	- Respect spellcheck_uri in tinyMCE spellchecker (#1484196)
	- Case insensitive contacts searching using PostgreSQL (#1485259)
	- Make default imap folders configurable for each user (#1485075)
	- Save outgoing mail to selectable folder (#1324581)
	- Fix hiding of mark menu when clicking th button again (#1484944)
	- Use long date format in print mode (#1485191)
	- Updated TinyMCE to version 3.1.0.1
	- Re-enable autocomplete attribute for login form (#1485211)
	- Check PERMANENTFLAGS before saving $MDNSent flag (#1484963, #1485163)
	- Added flag column on messages list (#1484623)
	- Patched Mail/MimePart.php (http://pear.php.net/bugs/bug.php?id=14232)
	- Allow trash/junk subfolders to be purged (#1485085)
	- Store compose parameters in session and redirect to a unique URL
	- Fixed CRAM-MD5 authentication (#1484819)
	- Fixed forwarding messages with one HTML attachment (#1484442)
	- Fixed encoding of message/rfc822 attachments and image/pjpeg handling (#1484914)
	- Added option to select skin in user preferences
	- Added option to configure displaying of attached images below the message body
	- Added option to display images in messages from known senders (#1484601)
	- User preferences grouped in more fieldsets
	- Fix corrupted MIME headers of messages in Sent folder (#1485111)
	- Fixed bug in MDB2 package: http://pear.php.net/bugs/bug.php?id=14124
	- Use keypress instead of keydown to select list's row (#1484816)
	- Don't call expunge and don't remove message row after message move if flag_for_deletion is set to true (#1485002)

	RELEASE 0.2-ALPHA
	-----------------
	- Added option to disable autocompletion from selected LDAP address books (#1484922)
	- TLS support in LDAP connections: 'use_tls' property (#1485104)
	- Fixed removing messages from search set after deleting them (#1485106)
	- imap.inc: Fixed iil_C_FetchStructureString() to handle many
	literal strings in response (#1484969)
	- Support for subfolders in default/protected folders (#1484665)
	- Disallowed delimiter in folder name (#1484803)
	- Support " and \ in folder names
	- Escape \ in login (#1484614)
	- Better HTML sanitization with the DOM-based washtml script (#1484701)
	- Fixed sorting of folders with non-ascii characters
	- Fixed Mysql DDL for default identities creation (#1485070)
	- In Preferences added possibility to configure 'read_when_deleted',
	'mdn_requests', 'flag_for_deletion' options
	- Made IMAP auth type configurable (#1483825)
	- Fixed empty values with FROM_UNIXTIME() in rcube_mdb2 (#1485055)
	- Fixed attachment list on IE 6/7 (#1484807)
	- Fixed JavaScript in compose.html that shows cc/bcc fields if populated
	- Make password input fields of type password in installer (#1484886)
	- Don't attempt to delete cache entries if enable_caching is FALSE (#1485051)
	- Optimized messages sorting on servers without sort capability (#1485049)
	- Corrected message headers decoding when charset isn't specified and improved
	support for native languages (#1485050, #1485048)
	- Expanded LDAP configuration options to support LDAP server writes.
	- Installer: encode special characters in DB username/password (#1485042)
	- Fixed management of folders with national characters in names (#1485036, #1485001)
	- Fixed identities saving when using MDB2 pgsql driver (#1485032)
	- Fixed BCC header reset (#1484997)
	- Improved messages list performance - patch from Justin Heesemann
	- Append skin_path to images location only when it starts with '/' sign (#1484859)
	- Fix IMAP response in message body when message has no body (#1484964)
	- Fixed non-RFC dates formatting (#1484901)
	- Fixed typo in set_charset() (#1484991)
	- Decode entities when inserting HTML signature to plain text message (#1484990)
	- HTML editing is now working with PHP5 updates and TinyMCE v3.0.6
	- Fixed signature loading on Windows (#1484545)
	- Added language support to HTML editing (#1484862)
	- Fixed remove signature when replying (#1333167)
	- Fixed problem with line with a space at the end (#1484916)
	- Fixed <!DOCTYPE> tag filtering (#1484391)
	- Fixed <?xml> tag filtering (#1484403)
	- Added sections (fieldset+label) in Settings interface
	- Mark as read in one action with message preview (#1484972)
	- Deleted redundant quota reads (#1484972)
	- Added options for empty trash and expunge inbox on logout (#1483863)
	- Removed lines wrapping when displaying message
	- Fixed month localization
	- Changed codebase to PHP5 with autoloader

	RELEASE 0.1.1
	-------------
	- Clear selection when selecting single item (#1484942)
	- Remove hard-coded image size in skin templates (#1484893)
	- Database schema improvements (dropped unnecessary indexes)
	- Fixed creating a new folder with a comma in its name (#1484681)
	- Fixed sorting of messages when default mailbox is empty (#1484317)
	- Improve message previewpane - less loading (#1484316)
	- Fixed login form autoompletion (#1484839)
	- Fixed virtuser_query option for mdb2 backend (#1484874)
	- Fixed attachment resoting from Drafts when message body was empty (#1484506)
	- Fixed usage of ob_gzhandler (#1484851)
	- Fixed message part window in IE6 (#1484610)
	- Fixed decoding of mime-encoded strings (#1484191)
	- Fixed some iconv/mb_string problems (#1484598)
	- Correctly quote mailbox name when using in URL (#1484313)
	- Fixed "headers already sent" errors (#1484860)

	RELEASE 0.1-STABLE
	------------------
	- Added interactive installer script
	- Fix folder adding/renaming inspired by #1484800
	- Localize folder name in page title (#1484785)
	- Fix code using wrong variable name (#1484018)
	- Allow to send mail with BCC recipients only
	- condense TinyMCE toolbar down to one line, removing table buttons (#1484747)
	- Add function to mark the selected messages as read/unread (#1457360)
	- Also do charset decoding as suggested in RFC 2231 (fix #1484321)
	- Show message count in folder list and hint when creating a subfolder
	- Distinguish ssl and tls for imap connections (#1484667)
	- Added some charset aliases to fix typical mis-labelling (#1484565)
	- Remember decision to display images for a certain message during session (#1484754)
	- Truncate attachment filenames to 55 characters due to an IE bug (#1484757)
	- Make sending of read receipts configurable
	- Respect config when localize folder names (#1484707)
	- Also respect receipt and priority settings when re-opening a draft message
	- Remember search results (closes #1483883), patch by the_glu
	- Add Received header on outgoing mail
	- Upgrade to TinyMCE 2.1.3
	- Allow inserting image attachments into HTML messages while composing (#1484557)
	- Implement Message-Disposition-Notification (Receipts)
	- Fix overriding of session vars when register_globals is on (#1484670)
	- Fix bug with case-sensitive folder names (#1484245)
	- Don't create default folders by default
	- Fixed some potential security risks (audited by Andris)
	- Only show new messages if they match the current search (#1484176)
	- Switch to/from when searcing in Sent folder (#1484555)
	- Correctly read the References header (#1484646)
	- Unset old cookie before sending a new value (#1484639)
	- Correctly decode attachments when downloading them (#1484645 and #1484642)
	- Suppress IE errors when clearing attachments form (#1484356)
	- Log error when login fails due to auto_create_user turned off
	- Filter linked/imported CSS files (closes #1484056)
	- Improve message compose screen (closes #1484383)
	- Select next row after removing one from list (#1484387)

	RELEASE 0.1-RC2
	---------------
	- Enable drag-&-dropping of folders to a new parent and allow to create subfolders (#1457344)
	- Suppress IE errors when clearing attachments form (#1484356)
	- Set preferences field in user table to NULL (#1484386)
	- Log error when login fails due to auto_create_user turned off
	- Filter linked/imported CSS files (closes #1484056)
	- Improve message compose screen (closes #1484383)
	- Select next row after removing one from list (#1484387)
	- Make smtp HELO/EHLO hostname configurable (#1484067)
	- IPv6 Compatability (#1484322), Patch #1484373
	- Unlock interface when message sending fails (#1484570)
	- Eval PHP code in template includes (if configured)
	- Show message when folder is empty. Mo more static text in table (#1484395)
	- Only display unread count in page title when new messages arrived
	- Fixed wrong delete button tooltip (#1483965)
	- Fixed charset encoding bug (#1484429)
	- Applied patch for LDAP version (#1484552)
	- Improved XHTML validation
	- Fix message list selection (#1484550)
	- Better fix lowercased usernames (#1484473)
	- Update pngbehavior Script as suggested in #1484490
	- Fixed moving/deleting messages when more than 1 is selected
	- Applied patch for LDAP contacts listing by Glen Ogilvie
	- Applied patch for more address fields in LDAP contacts (#1484402)
	- Add alternative for getallheaders() (fix #1484508)
	- Identify mailboxes case-sensitive
	- Sort mailbox list case-insensitive (closes #1484338)
	- Fix display of multipart messages from Apple Mail (closes #1484027)
	- Protect AJAX request from being fetched by a foreign site (XSS)
	- Make autocomplete for loginform configurable by the skin template
	- Fix compose function from address book (closes #1484426)
	- Added //IGNORE to iconv call (patch #1484420, closes #1484023)
	- Check if mbstring supports charset (#1484290 and #1484292)
	- Prefer iconv over mbstring (as suggested in #1484292)
	- Check filesize of template includes (#1484409)
	- Fixed bug with buttons not dimming/enabling properly after switching folders
	- Fixed compose window becoming unresponsive after saving a draft (#1484487)
	- Re-enabled "Back" button in compose window now that bug #1484487 is fixed
	- Fixed unresponsive interface issue when downloading attachments (#1484496)
	- Lowered status message time from 5 to 3 seconds to improve responsiveness
	- Raised .htaccess upload_max_filesize from 2M to 5M to differ from default php.ini
	- Increased "mailboxcontrols" mail.css width from 160 to 170px to fix non-english languages (#1484499)
	- Fix status message bug #1484464 with regard to #1484353
	- Fix address adding bug reported by David Koblas
	- Applied socket error patch by Thomas Mangin
	- Pass-by-reference workarround for PHP5 in sendmail.inc
	- Fixed buggy imap_root settings (closes #1484379)
	- Prevent default events on subject links (#1484399)
	- Use HTTP-POST requests for actions that change state

	RELEASE 0.1-RC1
	---------------
	- Use global filters and bind username/ for Ldap searches (#1484159)
	- Hide quota display if imap server does not support it
	- Hide address groups if no LDAP servers configured
	- Add link to message subjects (closes #1484257)
	- Better SQL query for contact listing/search (closes #1484369)
	- Fixed marking as read in preview pane (closes #1484364)
	- CSS hack to display attachments correctly in IE6
	- Wrap message body text (closes #1484148)
	- LDAP access is back in address book (closes #1484087)
	- Added search function for contacts
	- New Template parsing and output encoding
	- Fixed bugs #1484119 and #1483978
	- Fixed message moving procedure (closes #1484308)
	- Fixed display of multiple attachments (closes #1466563)
	- Fixed check for new messages (closes #1484310)
	- List attachments without filename
	- New session authentication: Change sessid cookie when login, authentication with sessauth cookie is now configurable.
	Should close bugs #1483951 and #1484299
	- Correctly translate mailbox names (closes #1484276)
	- Quote e-mail address links (closes #1484300)
	- Updated PEAR::Mail_mime package
	- Accept single quotes for HTML attributes when modifying message body (thanks Jason)
	- Sanitize input for new users/identities (thanks Colin Alston)
	- Don't download HTML message parts
	- Convert HTML parts to plaintext if 'prefer_html' is off
	- Correctly parse message/rfc822 parts (closes #1484045)
	- Also use user_id for unique key in messages table (closes #1484074)
	- Hide contacts drop down on blur (closes #1484203)
	- Make entries in contacts drop down clickable
	- Turn off browser autocompletion on login page
	- Quote <? in text/html message parts
	- Hide border around radio buttons
	- Applied patch for attachment download by crichardson (closes #1484198)
	- Fixed bug in Postgres DB handling (closes #1484068)
	- Fixed bug of invalid calls to fetchRow() in rcube_db.inc (closes #1484280)
	- Fixed array_merge bug (closes #1484281)
	- Fixed flag for deletion in list view (closes #1484264)
	- Finally support semicolons as recipient separator (closes ##1484251)
	- Fixed message headers (subject) encoding
	- check if safe mode is on or not (closes #1484269)
	- Show "no subject" in message list if subject is missing (closes #1484243)
	- Solved page caching of message preview (closes #1484153)
	- Only use gzip compression if configured (closes #1484236)
	- Fixed priority selector issue (#1484150)
	- Fixed some CSS issues in default skin (closes #1484210 and #1484161)
	- Prevent from double quoting of numeric HTML character references (closes #1484253)
	- Fixed display of HTML message attachments (closes #1484178)
	- Applied patch for preview caching (closes #1484186)
	- Added error handling for attachment uploads
	- Use multibyte safe string functions where necessary (closes #1483988)
	- Applied security patch to validate the submitted host value (by Kees Cook)
	- Applied security patch to validate input values when deleting contacts (by Kees Cook)
	- Applied security patch that sanitizes emoticon paths when attaching them (by Kees Cook)
	- Applied a patch to more aggressively sanitize a HTML message
	- Visualize blocked images in HTML messages
	- Fixed wrong message listing when showing search results (closes #1484131)
	- Show remote images when opening HTML message part as attachment
	- Improve memory usage when sending mail (closes #1484098)
	- Mark messages as read once the preview is loaded (closes #1484132)
	- Include smtp final response in log (closes #1484081)
	- Corrected date string in sent message header (closes #1484125)
	- Correclty choose "To" column in sent and draft mailboxes (closes #1483943)
	- Changed srong tooltips for message browse buttons (closes #1483930)
	- Fixed signature delimeter character to be standard (Bug #1484035)
	- Fixed XSS vulnerability (Bug #1484109)
	- Remove newlines from mail headers (Bug #1484031)
	- Selection issues when moving/deleting (Bug #1484044)
	- Applied patch of Clement Moulin for imap host auto-selection
	- ISO-encode IMAP password for plaintext login (Bugs #1483977 & #1483886)
	- Fixed folder name encoding in subscription list (Bug #1484113)
	- Fixed JS errors in identity list (Bug #1484120)
	- Translate foldernames in folder form (closes #1484113)
	- Added first and last buttons to message list, address book
	and message detail
	- Pressing Shift-Del bypasses Trash folder
	- Enable purge command for Junk folder
	- Fetch all aliases if virtuser_query is used instead
	- Re-enabled multi select of contacts (Bug #1484017)
	- Enable contact editing right after creation (Bug #1459641)
	- Correct UTF-7 to UTF-8 conversion if mbstring is not available
	- Fixed IMAP fetch of message body (Bug #1484019)
	- Fixed safe_mode problems (Bug #1418381)
	- Fixed wrong header encoding (Bug #1483976)
	- Made automatic draft saving configurable
	- Fixed JS bug when renaming folders (Bug #1483989)
	- Added quota display as image (by Brett Patterson)
	- Corrected creation of a message-id
	- New indentation for quoted message text
	- Improved HTML validity
	- Fixed URL character set (Ticket #1445501)
	- Fixed saving of contact into MySQL from LDAP query results (Ticket #1483820)
	- Fixed folder renaming: unsubscribe before rename (Bug #1483920)
	- Finalized new message parsing (+ chaching)
	- Fixed wrong usage of mbstring (Bug #1462439)
	- Set default spelling language (Ticket #1483938)
	- Added support for Nox Spell Server
	- Re-built message parsing (Bug #1327068)
	Now based on the message structure delivered by the IMAP server.
	- Fixed some XSS and SQL injection issues
	- Fixed charset problems with folder renaming
	diff --git a/installer/check.php b/installer/check.php
	index bea8c42e0..122437b9b 100644
	--- a/installer/check.php
	+++ b/installer/check.php
	@@ -1,250 +1,250 @@
	<?php

	if (!class_exists('rcube_install') \|\| !is_object($RCI)) {
	die("Not allowed! Please open installer/index.php instead.");
	}

	?>
	<form action="index.php" method="get">
	<?php

	$required_php_exts = array(
	'PCRE' => 'pcre',
	'DOM' => 'dom',
	'Session' => 'session',
	'XML' => 'xml',
	'JSON' => 'json',
	'PDO' => 'PDO',
	);

	$optional_php_exts = array(
	'FileInfo' => 'fileinfo',
	'Libiconv' => 'iconv',
	'Multibyte' => 'mbstring',
	'OpenSSL' => 'openssl',
	'Mcrypt' => 'mcrypt',
	'Intl' => 'intl',
	'Exif' => 'exif',
	);

	$required_libs = array(
	'PEAR' => 'PEAR.php',
	'Net_SMTP' => 'Net/SMTP.php',
	'Net_IDNA2' => 'Net/IDNA2.php',
	'Mail_mime' => 'Mail/mime.php',
	);

	$ini_checks = array(
	'file_uploads' => 1,
	'session.auto_start' => 0,
	'zend.ze1_compatibility_mode' => 0,
	'mbstring.func_overload' => 0,
	'suhosin.session.encrypt' => 0,
	'magic_quotes_runtime' => 0,
	'magic_quotes_sybase' => 0,
	'date.timezone' => '-NOTEMPTY-',
	);

	$optional_checks = array(
	// required for utils/modcss.inc, should we require this?
	'allow_url_fopen' => 1,
	);

	$source_urls = array(
	'Sockets' => 'http://www.php.net/manual/en/book.sockets.php',
	'Session' => 'http://www.php.net/manual/en/book.session.php',
	'PCRE' => 'http://www.php.net/manual/en/book.pcre.php',
	'FileInfo' => 'http://www.php.net/manual/en/book.fileinfo.php',
	'Libiconv' => 'http://www.php.net/manual/en/book.iconv.php',
	'Multibyte' => 'http://www.php.net/manual/en/book.mbstring.php',
	'Mcrypt' => 'http://www.php.net/manual/en/book.mcrypt.php',
	'OpenSSL' => 'http://www.php.net/manual/en/book.openssl.php',
	'JSON' => 'http://www.php.net/manual/en/book.json.php',
	'DOM' => 'http://www.php.net/manual/en/book.dom.php',
	'Intl' => 'http://www.php.net/manual/en/book.intl.php',
	'Exif' => 'http://www.php.net/manual/en/book.exif.php',
	'PDO' => 'http://www.php.net/manual/en/book.pdo.php',
	'pdo_mysql' => 'http://www.php.net/manual/en/ref.pdo-mysql.php',
	'pdo_pgsql' => 'http://www.php.net/manual/en/ref.pdo-pgsql.php',
	'pdo_sqlite' => 'http://www.php.net/manual/en/ref.pdo-sqlite.php',
	'pdo_sqlite2' => 'http://www.php.net/manual/en/ref.pdo-sqlite.php',
	'pdo_sqlsrv' => 'http://www.php.net/manual/en/ref.pdo-sqlsrv.php',
	'pdo_dblib' => 'http://www.php.net/manual/en/ref.pdo-dblib.php',
	'PEAR' => 'http://pear.php.net',
	'Net_SMTP' => 'http://pear.php.net/package/Net_SMTP',
	'Mail_mime' => 'http://pear.php.net/package/Mail_mime',
	'Net_IDNA2' => 'http://pear.php.net/package/Net_IDNA2',
	);

	echo '<input type="hidden" name="_step" value="' . ($RCI->configured ? 3 : 2) . '" />';
	?>

	<h3>Checking PHP version</h3>
	<?php

	define('MIN_PHP_VERSION', '5.2.1');
	if (version_compare(PHP_VERSION, MIN_PHP_VERSION, '>=')) {
	$RCI->pass('Version', 'PHP ' . PHP_VERSION . ' detected');
	} else {
	$RCI->fail('Version', 'PHP Version ' . MIN_PHP_VERSION . ' or greater is required ' . PHP_VERSION . ' detected');
	}
	?>

	<h3>Checking PHP extensions</h3>
	<p class="hint">The following modules/extensions are <em>required</em> to run Roundcube:</p>
	<?php

	// get extensions location
	$ext_dir = ini_get('extension_dir');

	$prefix = (PHP_SHLIB_SUFFIX === 'dll') ? 'php_' : '';
	foreach ($required_php_exts as $name => $ext) {
	if (extension_loaded($ext)) {
	$RCI->pass($name);
	} else {
	$_ext = $ext_dir . '/' . $prefix . $ext . '.' . PHP_SHLIB_SUFFIX;
	$msg = @is_readable($_ext) ? 'Could be loaded. Please add in php.ini' : '';
	$RCI->fail($name, $msg, $source_urls[$name]);
	}
	echo '<br />';
	}

	?>

	<p class="hint">The next couple of extensions are <em>optional</em> and recommended to get the best performance:</p>
	<?php

	foreach ($optional_php_exts as $name => $ext) {
	if (extension_loaded($ext)) {
	$RCI->pass($name);
	}
	else {
	$_ext = $ext_dir . '/' . $prefix . $ext . '.' . PHP_SHLIB_SUFFIX;
	$msg = @is_readable($_ext) ? 'Could be loaded. Please add in php.ini' : '';
	$RCI->na($name, $msg, $source_urls[$name]);
	}
	echo '<br />';
	}

	?>


	<h3>Checking available databases</h3>
	<p class="hint">Check which of the supported extensions are installed. At least one of them is required.</p>

	<?php

	$prefix = (PHP_SHLIB_SUFFIX === 'dll') ? 'php_' : '';
	foreach ($RCI->supported_dbs as $database => $ext) {
	if (extension_loaded($ext)) {
	// MySQL driver requires PHP >= 5.3 (#1488875)
	if ($ext == 'pdo_mysql' && version_compare(PHP_VERSION, '5.3.0', '<')) {
	$RCI->fail($database, 'PHP >= 5.3 required', null, true);
	}
	else {
	$RCI->pass($database);
	$found_db_driver = true;
	}
	}
	else {
	$_ext = $ext_dir . '/' . $prefix . $ext . '.' . PHP_SHLIB_SUFFIX;
	$msg = @is_readable($_ext) ? 'Could be loaded. Please add in php.ini' : '';
	$RCI->na($database, $msg, $source_urls[$ext]);
	}
	echo '<br />';
	}
	if (empty($found_db_driver)) {
	$RCI->failures++;
	}

	?>


	<h3>Check for required 3rd party libs</h3>
	<p class="hint">This also checks if the include path is set correctly.</p>

	<?php

	foreach ($required_libs as $classname => $file) {
	@include_once $file;
	if (class_exists($classname)) {
	$RCI->pass($classname);
	}
	else {
	$RCI->fail($classname, "Failed to load $file", $source_urls[$classname]);
	}
	echo "<br />";
	}


	?>

	<h3>Checking php.ini/.htaccess settings</h3>
	<p class="hint">The following settings are <em>required</em> to run Roundcube:</p>

	<?php

	foreach ($ini_checks as $var => $val) {
	$status = ini_get($var);
	if ($val === '-NOTEMPTY-') {
	if (empty($status)) {
	$RCI->fail($var, "empty value detected");
	} else if ($var == 'date.timezone') {
	try {
	$tz = new DateTimeZone($status);
	$RCI->pass($var);
	}
	catch (Exception $e) {
	$RCI->fail($var, "invalid value detected: $status");
	}
	} else {
	$RCI->pass($var);
	}
	echo '<br />';
	continue;
	}
	- if ($status == $val) {
	+ if (filter_var($status, FILTER_VALIDATE_BOOLEAN) == $val) {
	$RCI->pass($var);
	} else {
	$RCI->fail($var, "is '$status', should be '$val'");
	}
	echo '<br />';
	}
	?>

	<p class="hint">The following settings are <em>optional</em> and recommended:</p>

	<?php

	foreach ($optional_checks as $var => $val) {
	$status = ini_get($var);
	if ($val === '-NOTEMPTY-') {
	if (empty($status)) {
	$RCI->optfail($var, "Could be set");
	} else {
	$RCI->pass($var);
	}
	echo '<br />';
	continue;
	}
	- if ($status == $val) {
	+ if (filter_var($status, FILTER_VALIDATE_BOOLEAN) == $val) {
	$RCI->pass($var);
	} else {
	$RCI->optfail($var, "is '$status', could be '$val'");
	}
	echo '<br />';
	}
	?>

	<?php

	if ($RCI->failures) {
	echo '<p class="warning">Sorry but your webserver does not meet the requirements for Roundcube!<br />
	Please install the missing modules or fix the php.ini settings according to the above check results.<br />
	Hint: only checks showing <span class="fail">NOT OK</span> need to be fixed.</p>';
	}
	echo '<p><br /><input type="submit" value="NEXT" ' . ($RCI->failures ? 'disabled' : '') . ' /></p>';

	?>

	</form>
	diff --git a/program/include/rcmail.php b/program/include/rcmail.php
	index eff0425c8..a0027ec54 100644
	--- a/program/include/rcmail.php
	+++ b/program/include/rcmail.php
	@@ -1,1946 +1,1947 @@
	<?php

	/*
	+-----------------------------------------------------------------------+
	\| program/include/rcmail.php \|
	\| \|
	\| This file is part of the Roundcube Webmail client \|
	\| Copyright (C) 2008-2012, The Roundcube Dev Team \|
	\| Copyright (C) 2011-2012, Kolab Systems AG \|
	\| \|
	\| Licensed under the GNU General Public License version 3 or \|
	\| any later version with exceptions for skins & plugins. \|
	\| See the README file for a full license statement. \|
	\| \|
	\| PURPOSE: \|
	\| Application class providing core functions and holding \|
	\| instances of all 'global' objects like db- and imap-connections \|
	+-----------------------------------------------------------------------+
	\| Author: Thomas Bruederli <roundcube@gmail.com> \|
	\| Author: Aleksander Machniak <alec@alec.pl> \|
	+-----------------------------------------------------------------------+
	*/


	/**
	* Application class of Roundcube Webmail
	* implemented as singleton
	*
	* @package Core
	*/
	class rcmail extends rcube
	{
	/**
	* Main tasks.
	*
	* @var array
	*/
	static public $main_tasks = array('mail','settings','addressbook','login','logout','utils','dummy');

	/**
	* Current task.
	*
	* @var string
	*/
	public $task;

	/**
	* Current action.
	*
	* @var string
	*/
	public $action = '';
	public $comm_path = './';

	private $address_books = array();
	private $action_map = array();


	const ERROR_STORAGE = -2;
	const ERROR_INVALID_REQUEST = 1;
	const ERROR_INVALID_HOST = 2;
	const ERROR_COOKIES_DISABLED = 3;


	/**
	* This implements the 'singleton' design pattern
	*
	* @return rcmail The one and only instance
	*/
	static function get_instance()
	{
	if (!self::$instance \|\| !is_a(self::$instance, 'rcmail')) {
	self::$instance = new rcmail();
	self::$instance->startup(); // init AFTER object was linked with self::$instance
	}

	return self::$instance;
	}


	/**
	* Initial startup function
	* to register session, create database and imap connections
	*/
	protected function startup()
	{
	$this->init(self::INIT_WITH_DB \| self::INIT_WITH_PLUGINS);

	// start session
	$this->session_init();

	// create user object
	$this->set_user(new rcube_user($_SESSION['user_id']));

	// set task and action properties
	$this->set_task(rcube_utils::get_input_value('_task', rcube_utils::INPUT_GPC));
	$this->action = asciiwords(rcube_utils::get_input_value('_action', rcube_utils::INPUT_GPC));

	// reset some session parameters when changing task
	if ($this->task != 'utils') {
	// we reset list page when switching to another task
	// but only to the main task interface - empty action (#1489076)
	// this will prevent from unintentional page reset on cross-task requests
	if ($this->session && $_SESSION['task'] != $this->task && empty($this->action))
	$this->session->remove('page');
	// set current task to session
	$_SESSION['task'] = $this->task;
	}

	// init output class
	if (!empty($_REQUEST['_remote']))
	$GLOBALS['OUTPUT'] = $this->json_init();
	else
	$GLOBALS['OUTPUT'] = $this->load_gui(!empty($_REQUEST['_framed']));

	// load plugins
	$this->plugins->init($this, $this->task);
	$this->plugins->load_plugins((array)$this->config->get('plugins', array()), array('filesystem_attachments', 'jqueryui'));
	}


	/**
	* Setter for application task
	*
	* @param string Task to set
	*/
	public function set_task($task)
	{
	$task = asciiwords($task, true);

	if ($this->user && $this->user->ID)
	$task = !$task ? 'mail' : $task;
	else
	$task = 'login';

	$this->task = $task;
	$this->comm_path = $this->url(array('task' => $this->task));

	if ($this->output)
	$this->output->set_env('task', $this->task);
	}


	/**
	* Setter for system user object
	*
	* @param rcube_user Current user instance
	*/
	public function set_user($user)
	{
	if (is_object($user)) {
	$this->user = $user;

	// overwrite config with user preferences
	$this->config->set_user_prefs((array)$this->user->get_prefs());
	}

	$lang = $this->language_prop($this->config->get('language', $_SESSION['language']));
	$_SESSION['language'] = $this->user->language = $lang;

	// set localization
	setlocale(LC_ALL, $lang . '.utf8', $lang . '.UTF-8', 'en_US.utf8', 'en_US.UTF-8');

	// workaround for http://bugs.php.net/bug.php?id=18556
	if (in_array($lang, array('tr_TR', 'ku', 'az_AZ'))) {
	setlocale(LC_CTYPE, 'en_US.utf8', 'en_US.UTF-8');
	}
	}


	/**
	* Return instance of the internal address book class
	*
	* @param string Address book identifier (-1 for default addressbook)
	* @param boolean True if the address book needs to be writeable
	*
	* @return rcube_contacts Address book object
	*/
	public function get_address_book($id, $writeable = false)
	{
	$contacts = null;
	$ldap_config = (array)$this->config->get('ldap_public');

	// 'sql' is the alias for '0' used by autocomplete
	if ($id == 'sql')
	$id = '0';
	else if ($id == -1) {
	$id = $this->config->get('default_addressbook');
	$default = true;
	}

	// use existing instance
	if (isset($this->address_books[$id]) && ($this->address_books[$id] instanceof rcube_addressbook)) {
	$contacts = $this->address_books[$id];
	}
	else if ($id && $ldap_config[$id]) {
	$contacts = new rcube_ldap($ldap_config[$id], $this->config->get('ldap_debug'), $this->config->mail_domain($_SESSION['storage_host']));
	}
	else if ($id === '0') {
	$contacts = new rcube_contacts($this->db, $this->get_user_id());
	}
	else {
	$plugin = $this->plugins->exec_hook('addressbook_get', array('id' => $id, 'writeable' => $writeable));

	// plugin returned instance of a rcube_addressbook
	if ($plugin['instance'] instanceof rcube_addressbook) {
	$contacts = $plugin['instance'];
	}
	}

	// when user requested default writeable addressbook
	// we need to check if default is writeable, if not we
	// will return first writeable book (if any exist)
	if ($contacts && $default && $contacts->readonly && $writeable) {
	$contacts = null;
	}

	// Get first addressbook from the list if configured default doesn't exist
	// This can happen when user deleted the addressbook (e.g. Kolab folder)
	if (!$contacts && (!$id \|\| $default)) {
	$source = reset($this->get_address_sources($writeable, !$default));
	if (!empty($source)) {
	$contacts = $this->get_address_book($source['id']);
	if ($contacts) {
	$id = $source['id'];
	}
	}
	}

	if (!$contacts) {
	// there's no default, just return
	if ($default) {
	return null;
	}

	self::raise_error(array(
	'code' => 700, 'type' => 'php',
	'file' => __FILE__, 'line' => __LINE__,
	'message' => "Addressbook source ($id) not found!"),
	true, true);
	}

	// add to the 'books' array for shutdown function
	$this->address_books[$id] = $contacts;

	if ($writeable && $contacts->readonly) {
	return null;
	}

	// set configured sort order
	if ($sort_col = $this->config->get('addressbook_sort_col')) {
	$contacts->set_sort_order($sort_col);
	}

	return $contacts;
	}


	/**
	* Return address books list
	*
	* @param boolean True if the address book needs to be writeable
	* @param boolean True if the address book needs to be not hidden
	*
	* @return array Address books array
	*/
	public function get_address_sources($writeable = false, $skip_hidden = false)
	{
	$abook_type = (string) $this->config->get('address_book_type');
	$ldap_config = (array) $this->config->get('ldap_public');
	$autocomplete = (array) $this->config->get('autocomplete_addressbooks');
	$list = array();

	// We are using the DB address book or a plugin address book
	if (!empty($abook_type) && strtolower($abook_type) != 'ldap') {
	if (!isset($this->address_books['0']))
	$this->address_books['0'] = new rcube_contacts($this->db, $this->get_user_id());
	$list['0'] = array(
	'id' => '0',
	'name' => $this->gettext('personaladrbook'),
	'groups' => $this->address_books['0']->groups,
	'readonly' => $this->address_books['0']->readonly,
	'autocomplete' => in_array('sql', $autocomplete),
	'undelete' => $this->address_books['0']->undelete && $this->config->get('undo_timeout'),
	);
	}

	if (!empty($ldap_config)) {
	foreach ($ldap_config as $id => $prop) {
	// handle misconfiguration
	if (empty($prop) \|\| !is_array($prop)) {
	continue;
	}
	$list[$id] = array(
	'id' => $id,
	'name' => html::quote($prop['name']),
	'groups' => !empty($prop['groups']) \|\| !empty($prop['group_filters']),
	'readonly' => !$prop['writable'],
	'hidden' => $prop['hidden'],
	'autocomplete' => in_array($id, $autocomplete)
	);
	}
	}

	$plugin = $this->plugins->exec_hook('addressbooks_list', array('sources' => $list));
	$list = $plugin['sources'];

	foreach ($list as $idx => $item) {
	// register source for shutdown function
	if (!is_object($this->address_books[$item['id']])) {
	$this->address_books[$item['id']] = $item;
	}
	// remove from list if not writeable as requested
	if ($writeable && $item['readonly']) {
	unset($list[$idx]);
	}
	// remove from list if hidden as requested
	else if ($skip_hidden && $item['hidden']) {
	unset($list[$idx]);
	}
	}

	return $list;
	}


	/**
	* Init output object for GUI and add common scripts.
	* This will instantiate a rcmail_output_html object and set
	* environment vars according to the current session and configuration
	*
	* @param boolean True if this request is loaded in a (i)frame
	* @return rcube_output Reference to HTML output object
	*/
	public function load_gui($framed = false)
	{
	// init output page
	if (!($this->output instanceof rcmail_output_html))
	$this->output = new rcmail_output_html($this->task, $framed);

	// set refresh interval
	$this->output->set_env('refresh_interval', $this->config->get('refresh_interval', 0));
	$this->output->set_env('session_lifetime', $this->config->get('session_lifetime', 0) * 60);

	if ($framed) {
	$this->comm_path .= '&_framed=1';
	$this->output->set_env('framed', true);
	}

	$this->output->set_env('task', $this->task);
	$this->output->set_env('action', $this->action);
	$this->output->set_env('comm_path', $this->comm_path);
	$this->output->set_charset(RCUBE_CHARSET);

	// add some basic labels to client
	$this->output->add_label('loading', 'servererror', 'requesttimedout', 'refreshing');

	return $this->output;
	}


	/**
	* Create an output object for JSON responses
	*
	* @return rcube_output Reference to JSON output object
	*/
	public function json_init()
	{
	if (!($this->output instanceof rcmail_output_json))
	$this->output = new rcmail_output_json($this->task);

	return $this->output;
	}


	/**
	* Create session object and start the session.
	*/
	public function session_init()
	{
	parent::session_init();

	// set initial session vars
	if (!$_SESSION['user_id'])
	$_SESSION['temp'] = true;

	// restore skin selection after logout
	if ($_SESSION['temp'] && !empty($_SESSION['skin']))
	$this->config->set('skin', $_SESSION['skin']);
	}


	/**
	* Perfom login to the mail server and to the webmail service.
	* This will also create a new user entry if auto_create_user is configured.
	*
	* @param string Mail storage (IMAP) user name
	* @param string Mail storage (IMAP) password
	* @param string Mail storage (IMAP) host
	* @param bool Enables cookie check
	*
	* @return boolean True on success, False on failure
	*/
	function login($username, $pass, $host = null, $cookiecheck = false)
	{
	$this->login_error = null;

	if (empty($username)) {
	return false;
	}

	if ($cookiecheck && empty($_COOKIE)) {
	$this->login_error = self::ERROR_COOKIES_DISABLED;
	return false;
	}

	$config = $this->config->all();

	if (!$host)
	$host = $config['default_host'];

	// Validate that selected host is in the list of configured hosts
	if (is_array($config['default_host'])) {
	$allowed = false;
	foreach ($config['default_host'] as $key => $host_allowed) {
	if (!is_numeric($key))
	$host_allowed = $key;
	if ($host == $host_allowed) {
	$allowed = true;
	break;
	}
	}
	if (!$allowed) {
	$host = null;
	}
	}
	else if (!empty($config['default_host']) && $host != rcube_utils::parse_host($config['default_host'])) {
	$host = null;
	}

	if (!$host) {
	$this->login_error = self::ERROR_INVALID_HOST;
	return false;
	}

	// parse $host URL
	$a_host = parse_url($host);
	if ($a_host['host']) {
	$host = $a_host['host'];
	$ssl = (isset($a_host['scheme']) && in_array($a_host['scheme'], array('ssl','imaps','tls'))) ? $a_host['scheme'] : null;
	if (!empty($a_host['port']))
	$port = $a_host['port'];
	else if ($ssl && $ssl != 'tls' && (!$config['default_port'] \|\| $config['default_port'] == 143))
	$port = 993;
	}

	if (!$port) {
	$port = $config['default_port'];
	}

	/* Modify username with domain if required
	Inspired by Marco <P0L0_notspam_binware.org>
	*/
	// Check if we need to add domain
	if (!empty($config['username_domain']) && strpos($username, '@') === false) {
	if (is_array($config['username_domain']) && isset($config['username_domain'][$host]))
	$username .= '@'.rcube_utils::parse_host($config['username_domain'][$host], $host);
	else if (is_string($config['username_domain']))
	$username .= '@'.rcube_utils::parse_host($config['username_domain'], $host);
	}

	if (!isset($config['login_lc'])) {
	$config['login_lc'] = 2; // default
	}

	// Convert username to lowercase. If storage backend
	// is case-insensitive we need to store always the same username (#1487113)
	if ($config['login_lc']) {
	if ($config['login_lc'] == 2 \|\| $config['login_lc'] === true) {
	$username = mb_strtolower($username);
	}
	else if (strpos($username, '@')) {
	// lowercase domain name
	list($local, $domain) = explode('@', $username);
	$username = $local . '@' . mb_strtolower($domain);
	}
	}

	// try to resolve email address from virtuser table
	if (strpos($username, '@') && ($virtuser = rcube_user::email2user($username))) {
	$username = $virtuser;
	}

	// Here we need IDNA ASCII
	// Only rcube_contacts class is using domain names in Unicode
	$host = rcube_utils::idn_to_ascii($host);
	$username = rcube_utils::idn_to_ascii($username);

	// user already registered -> overwrite username
	if ($user = rcube_user::query($username, $host)) {
	$username = $user->data['username'];
	}

	$storage = $this->get_storage();

	// try to log in
	if (!$storage->connect($host, $username, $pass, $port, $ssl)) {
	return false;
	}

	// user already registered -> update user's record
	if (is_object($user)) {
	// update last login timestamp
	$user->touch();
	}
	// create new system user
	else if ($config['auto_create_user']) {
	if ($created = rcube_user::create($username, $host)) {
	$user = $created;
	}
	else {
	self::raise_error(array(
	'code' => 620, 'type' => 'php',
	'file' => __FILE__, 'line' => __LINE__,
	'message' => "Failed to create a user record. Maybe aborted by a plugin?"
	), true, false);
	}
	}
	else {
	self::raise_error(array(
	'code' => 621, 'type' => 'php',
	'file' => __FILE__, 'line' => __LINE__,
	'message' => "Access denied for new user $username. 'auto_create_user' is disabled"
	), true, false);
	}

	// login succeeded
	if (is_object($user) && $user->ID) {
	// Configure environment
	$this->set_user($user);
	$this->set_storage_prop();

	// fix some old settings according to namespace prefix
	$this->fix_namespace_settings($user);

	// create default folders on first login
	if ($config['create_default_folders'] && (!empty($created) \|\| empty($user->data['last_login']))) {
	$storage->create_default_folders();
	}

	// set session vars
	$_SESSION['user_id'] = $user->ID;
	$_SESSION['username'] = $user->data['username'];
	$_SESSION['storage_host'] = $host;
	$_SESSION['storage_port'] = $port;
	$_SESSION['storage_ssl'] = $ssl;
	$_SESSION['password'] = $this->encrypt($pass);
	$_SESSION['login_time'] = time();

	if (isset($_REQUEST['_timezone']) && $_REQUEST['_timezone'] != '_default_')
	$_SESSION['timezone'] = rcube_utils::get_input_value('_timezone', rcube_utils::INPUT_GPC);

	// force reloading complete list of subscribed mailboxes
	$storage->clear_cache('mailboxes', true);

	return true;
	}

	return false;
	}


	/**
	* Returns error code of last login operation
	*
	* @return int Error code
	*/
	public function login_error()
	{
	if ($this->login_error) {
	return $this->login_error;
	}

	if ($this->storage && $this->storage->get_error_code() < -1) {
	return self::ERROR_STORAGE;
	}
	}


	/**
	* Auto-select IMAP host based on the posted login information
	*
	* @return string Selected IMAP host
	*/
	public function autoselect_host()
	{
	$default_host = $this->config->get('default_host');
	$host = null;

	if (is_array($default_host)) {
	$post_host = rcube_utils::get_input_value('_host', rcube_utils::INPUT_POST);
	$post_user = rcube_utils::get_input_value('_user', rcube_utils::INPUT_POST);

	list(, $domain) = explode('@', $post_user);

	// direct match in default_host array
	if ($default_host[$post_host] \|\| in_array($post_host, array_values($default_host))) {
	$host = $post_host;
	}
	// try to select host by mail domain
	else if (!empty($domain)) {
	foreach ($default_host as $storage_host => $mail_domains) {
	if (is_array($mail_domains) && in_array_nocase($domain, $mail_domains)) {
	$host = $storage_host;
	break;
	}
	else if (stripos($storage_host, $domain) !== false \|\| stripos(strval($mail_domains), $domain) !== false) {
	$host = is_numeric($storage_host) ? $mail_domains : $storage_host;
	break;
	}
	}
	}

	// take the first entry if $host is still not set
	if (empty($host)) {
	list($key, $val) = each($default_host);
	$host = is_numeric($key) ? $val : $key;
	}
	}
	else if (empty($default_host)) {
	$host = rcube_utils::get_input_value('_host', rcube_utils::INPUT_POST);
	}
	else
	$host = rcube_utils::parse_host($default_host);

	return $host;
	}


	/**
	* Destroy session data and remove cookie
	*/
	public function kill_session()
	{
	$this->plugins->exec_hook('session_destroy');

	$this->session->kill();
	$_SESSION = array('language' => $this->user->language, 'temp' => true, 'skin' => $this->config->get('skin'));
	$this->user->reset();
	}


	/**
	* Do server side actions on logout
	*/
	public function logout_actions()
	{
	$config = $this->config->all();
	$storage = $this->get_storage();

	if ($config['logout_purge'] && !empty($config['trash_mbox'])) {
	$storage->clear_folder($config['trash_mbox']);
	}

	if ($config['logout_expunge']) {
	$storage->expunge_folder('INBOX');
	}

	// Try to save unsaved user preferences
	if (!empty($_SESSION['preferences'])) {
	$this->user->save_prefs(unserialize($_SESSION['preferences']));
	}
	}


	/**
	* Generate a unique token to be used in a form request
	*
	* @return string The request token
	*/
	public function get_request_token()
	{
	$sess_id = $_COOKIE[ini_get('session.name')];
	if (!$sess_id) $sess_id = session_id();

	$plugin = $this->plugins->exec_hook('request_token', array(
	'value' => md5('RT' . $this->get_user_id() . $this->config->get('des_key') . $sess_id)));

	return $plugin['value'];
	}


	/**
	* Check if the current request contains a valid token
	*
	* @param int Request method
	* @return boolean True if request token is valid false if not
	*/
	public function check_request($mode = rcube_utils::INPUT_POST)
	{
	$token = rcube_utils::get_input_value('_token', $mode);
	$sess_id = $_COOKIE[ini_get('session.name')];
	return !empty($sess_id) && $token == $this->get_request_token();
	}


	/**
	* Build a valid URL to this instance of Roundcube
	*
	* @param mixed Either a string with the action or url parameters as key-value pairs
	*
	* @return string Valid application URL
	*/
	public function url($p)
	{
	if (!is_array($p)) {
	if (strpos($p, 'http') === 0)
	return $p;

	$p = array('_action' => @func_get_arg(0));
	}

	$task = $p['_task'] ? $p['_task'] : ($p['task'] ? $p['task'] : $this->task);
	$p['_task'] = $task;
	unset($p['task']);

	$url = './';
	$delm = '?';
	foreach (array_reverse($p) as $key => $val) {
	if ($val !== '' && $val !== null) {
	$par = $key[0] == '_' ? $key : '_'.$key;
	$url .= $delm.urlencode($par).'='.urlencode($val);
	$delm = '&';
	}
	}
	return $url;
	}


	/**
	* Function to be executed in script shutdown
	*/
	public function shutdown()
	{
	parent::shutdown();

	foreach ($this->address_books as $book) {
	if (is_object($book) && is_a($book, 'rcube_addressbook'))
	$book->close();
	}

	// write performance stats to logs/console
	if ($this->config->get('devel_mode')) {
	if (function_exists('memory_get_usage'))
	$mem = $this->show_bytes(memory_get_usage());
	if (function_exists('memory_get_peak_usage'))
	$mem .= '/'.$this->show_bytes(memory_get_peak_usage());

	$log = $this->task . ($this->action ? '/'.$this->action : '') . ($mem ? " [$mem]" : '');
	if (defined('RCMAIL_START'))
	self::print_timer(RCMAIL_START, $log);
	else
	self::console($log);
	}
	}


	/**
	* Registers action aliases for current task
	*
	* @param array $map Alias-to-filename hash array
	*/
	public function register_action_map($map)
	{
	if (is_array($map)) {
	foreach ($map as $idx => $val) {
	$this->action_map[$idx] = $val;
	}
	}
	}


	/**
	* Returns current action filename
	*
	* @param array $map Alias-to-filename hash array
	*/
	public function get_action_file()
	{
	if (!empty($this->action_map[$this->action])) {
	return $this->action_map[$this->action];
	}

	return strtr($this->action, '-', '_') . '.inc';
	}


	/**
	* Fixes some user preferences according to namespace handling change.
	* Old Roundcube versions were using folder names with removed namespace prefix.
	* Now we need to add the prefix on servers where personal namespace has prefix.
	*
	* @param rcube_user $user User object
	*/
	private function fix_namespace_settings($user)
	{
	$prefix = $this->storage->get_namespace('prefix');
	$prefix_len = strlen($prefix);

	if (!$prefix_len)
	return;

	$prefs = $this->config->all();
	if (!empty($prefs['namespace_fixed']))
	return;

	// Build namespace prefix regexp
	$ns = $this->storage->get_namespace();
	$regexp = array();

	foreach ($ns as $entry) {
	if (!empty($entry)) {
	foreach ($entry as $item) {
	if (strlen($item[0])) {
	$regexp[] = preg_quote($item[0], '/');
	}
	}
	}
	}
	$regexp = '/^('. implode('\|', $regexp).')/';

	// Fix preferences
	$opts = array('drafts_mbox', 'junk_mbox', 'sent_mbox', 'trash_mbox', 'archive_mbox');
	foreach ($opts as $opt) {
	if ($value = $prefs[$opt]) {
	if ($value != 'INBOX' && !preg_match($regexp, $value)) {
	$prefs[$opt] = $prefix.$value;
	}
	}
	}

	if (!empty($prefs['default_folders'])) {
	foreach ($prefs['default_folders'] as $idx => $name) {
	if ($name != 'INBOX' && !preg_match($regexp, $name)) {
	$prefs['default_folders'][$idx] = $prefix.$name;
	}
	}
	}

	if (!empty($prefs['search_mods'])) {
	$folders = array();
	foreach ($prefs['search_mods'] as $idx => $value) {
	if ($idx != 'INBOX' && $idx != '*' && !preg_match($regexp, $idx)) {
	$idx = $prefix.$idx;
	}
	$folders[$idx] = $value;
	}
	$prefs['search_mods'] = $folders;
	}

	if (!empty($prefs['message_threading'])) {
	$folders = array();
	foreach ($prefs['message_threading'] as $idx => $value) {
	if ($idx != 'INBOX' && !preg_match($regexp, $idx)) {
	$idx = $prefix.$idx;
	}
	$folders[$prefix.$idx] = $value;
	}
	$prefs['message_threading'] = $folders;
	}

	if (!empty($prefs['collapsed_folders'])) {
	$folders = explode('&&', $prefs['collapsed_folders']);
	$count = count($folders);
	$folders_str = '';

	if ($count) {
	$folders[0] = substr($folders[0], 1);
	$folders[$count-1] = substr($folders[$count-1], 0, -1);
	}

	foreach ($folders as $value) {
	if ($value != 'INBOX' && !preg_match($regexp, $value)) {
	$value = $prefix.$value;
	}
	$folders_str .= '&'.$value.'&';
	}
	$prefs['collapsed_folders'] = $folders_str;
	}

	$prefs['namespace_fixed'] = true;

	// save updated preferences and reset imap settings (default folders)
	$user->save_prefs($prefs);
	$this->set_storage_prop();
	}


	/**
	* Overwrite action variable
	*
	* @param string New action value
	*/
	public function overwrite_action($action)
	{
	$this->action = $action;
	$this->output->set_env('action', $action);
	}


	/**
	* Returns RFC2822 formatted current date in user's timezone
	*
	* @return string Date
	*/
	public function user_date()
	{
	// get user's timezone
	try {
	$tz = new DateTimeZone($this->config->get('timezone'));
	$date = new DateTime('now', $tz);
	}
	catch (Exception $e) {
	$date = new DateTime();
	}

	return $date->format('r');
	}


	/**
	* Write login data (name, ID, IP address) to the 'userlogins' log file.
	*/
	public function log_login()
	{
	if (!$this->config->get('log_logins')) {
	return;
	}

	$user_name = $this->get_user_name();
	$user_id = $this->get_user_id();

	if (!$user_id) {
	return;
	}

	self::write_log('userlogins',
	sprintf('Successful login for %s (ID: %d) from %s in session %s',
	$user_name, $user_id, rcube_utils::remote_ip(), session_id()));
	}


	/**
	* Create a HTML table based on the given data
	*
	* @param array Named table attributes
	* @param mixed Table row data. Either a two-dimensional array or a valid SQL result set
	* @param array List of cols to show
	* @param string Name of the identifier col
	*
	* @return string HTML table code
	*/
	public function table_output($attrib, $table_data, $a_show_cols, $id_col)
	{
	$table = new html_table($attrib);

	// add table header
	if (!$attrib['noheader']) {
	foreach ($a_show_cols as $col) {
	$table->add_header($col, $this->Q($this->gettext($col)));
	}
	}

	if (!is_array($table_data)) {
	$db = $this->get_dbh();
	while ($table_data && ($sql_arr = $db->fetch_assoc($table_data))) {
	$table->add_row(array('id' => 'rcmrow' . rcube_utils::html_identifier($sql_arr[$id_col])));

	// format each col
	foreach ($a_show_cols as $col) {
	$table->add($col, $this->Q($sql_arr[$col]));
	}
	}
	}
	else {
	foreach ($table_data as $row_data) {
	$class = !empty($row_data['class']) ? $row_data['class'] : '';
	$rowid = 'rcmrow' . rcube_utils::html_identifier($row_data[$id_col]);

	$table->add_row(array('id' => $rowid, 'class' => $class));

	// format each col
	foreach ($a_show_cols as $col) {
	$table->add($col, $this->Q(is_array($row_data[$col]) ? $row_data[$col][0] : $row_data[$col]));
	}
	}
	}

	return $table->show($attrib);
	}


	/**
	* Convert the given date to a human readable form
	* This uses the date formatting properties from config
	*
	* @param mixed Date representation (string, timestamp or DateTime object)
	* @param string Date format to use
	* @param bool Enables date convertion according to user timezone
	*
	* @return string Formatted date string
	*/
	public function format_date($date, $format = null, $convert = true)
	{
	if (is_object($date) && is_a($date, 'DateTime')) {
	$timestamp = $date->format('U');
	}
	else {
	if (!empty($date)) {
	$timestamp = rcube_utils::strtotime($date);
	}

	if (empty($timestamp)) {
	return '';
	}

	try {
	$date = new DateTime("@".$timestamp);
	}
	catch (Exception $e) {
	return '';
	}
	}

	if ($convert) {
	try {
	// convert to the right timezone
	$stz = date_default_timezone_get();
	$tz = new DateTimeZone($this->config->get('timezone'));
	$date->setTimezone($tz);
	date_default_timezone_set($tz->getName());

	$timestamp = $date->format('U');
	}
	catch (Exception $e) {
	}
	}

	// define date format depending on current time
	if (!$format) {
	$now = time();
	$now_date = getdate($now);
	$today_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday'], $now_date['year']);
	$week_limit = mktime(0, 0, 0, $now_date['mon'], $now_date['mday']-6, $now_date['year']);
	$pretty_date = $this->config->get('prettydate');

	if ($pretty_date && $timestamp > $today_limit && $timestamp < $now) {
	$format = $this->config->get('date_today', $this->config->get('time_format', 'H:i'));
	$today = true;
	}
	else if ($pretty_date && $timestamp > $week_limit && $timestamp < $now) {
	$format = $this->config->get('date_short', 'D H:i');
	}
	else {
	$format = $this->config->get('date_long', 'Y-m-d H:i');
	}
	}

	// strftime() format
	if (preg_match('/%[a-z]+/i', $format)) {
	$format = strftime($format, $timestamp);
	if ($stz) {
	date_default_timezone_set($stz);
	}
	return $today ? ($this->gettext('today') . ' ' . $format) : $format;
	}

	// parse format string manually in order to provide localized weekday and month names
	// an alternative would be to convert the date() format string to fit with strftime()
	$out = '';
	for ($i=0; $i<strlen($format); $i++) {
	if ($format[$i] == "\\") { // skip escape chars
	continue;
	}

	// write char "as-is"
	if ($format[$i] == ' ' \|\| $format[$i-1] == "\\") {
	$out .= $format[$i];
	}
	// weekday (short)
	else if ($format[$i] == 'D') {
	$out .= $this->gettext(strtolower(date('D', $timestamp)));
	}
	// weekday long
	else if ($format[$i] == 'l') {
	$out .= $this->gettext(strtolower(date('l', $timestamp)));
	}
	// month name (short)
	else if ($format[$i] == 'M') {
	$out .= $this->gettext(strtolower(date('M', $timestamp)));
	}
	// month name (long)
	else if ($format[$i] == 'F') {
	$out .= $this->gettext('long'.strtolower(date('M', $timestamp)));
	}
	else if ($format[$i] == 'x') {
	$out .= strftime('%x %X', $timestamp);
	}
	else {
	$out .= date($format[$i], $timestamp);
	}
	}

	if ($today) {
	$label = $this->gettext('today');
	// replcae $ character with "Today" label (#1486120)
	if (strpos($out, '$') !== false) {
	$out = preg_replace('/\$/', $label, $out, 1);
	}
	else {
	$out = $label . ' ' . $out;
	}
	}

	if ($stz) {
	date_default_timezone_set($stz);
	}

	return $out;
	}


	/**
	* Return folders list in HTML
	*
	* @param array $attrib Named parameters
	*
	* @return string HTML code for the gui object
	*/
	public function folder_list($attrib)
	{
	static $a_mailboxes;

	$attrib += array('maxlength' => 100, 'realnames' => false, 'unreadwrap' => ' (%s)');

	$rcmail = rcmail::get_instance();
	$storage = $rcmail->get_storage();

	// add some labels to client
	$rcmail->output->add_label('purgefolderconfirm', 'deletemessagesconfirm');

	$type = $attrib['type'] ? $attrib['type'] : 'ul';
	unset($attrib['type']);

	if ($type == 'ul' && !$attrib['id']) {
	$attrib['id'] = 'rcmboxlist';
	}

	if (empty($attrib['folder_name'])) {
	$attrib['folder_name'] = '*';
	}

	// get current folder
	$mbox_name = $storage->get_folder();

	// build the folders tree
	if (empty($a_mailboxes)) {
	// get mailbox list
	$a_folders = $storage->list_folders_subscribed(
	'', $attrib['folder_name'], $attrib['folder_filter']);
	$delimiter = $storage->get_hierarchy_delimiter();
	$a_mailboxes = array();

	foreach ($a_folders as $folder) {
	$rcmail->build_folder_tree($a_mailboxes, $folder, $delimiter);
	}
	}

	// allow plugins to alter the folder tree or to localize folder names
	$hook = $rcmail->plugins->exec_hook('render_mailboxlist', array(
	'list' => $a_mailboxes,
	'delimiter' => $delimiter,
	'type' => $type,
	'attribs' => $attrib,
	));

	$a_mailboxes = $hook['list'];
	$attrib = $hook['attribs'];

	if ($type == 'select') {
	$attrib['is_escaped'] = true;
	$select = new html_select($attrib);

	// add no-selection option
	if ($attrib['noselection']) {
	$select->add(html::quote($rcmail->gettext($attrib['noselection'])), '');
	}

	$rcmail->render_folder_tree_select($a_mailboxes, $mbox_name, $attrib['maxlength'], $select, $attrib['realnames']);
	$out = $select->show($attrib['default']);
	}
	else {
	$js_mailboxlist = array();
	$out = html::tag('ul', $attrib, $rcmail->render_folder_tree_html($a_mailboxes, $mbox_name, $js_mailboxlist, $attrib), html::$common_attrib);

	$rcmail->output->include_script('treelist.js');
	$rcmail->output->add_gui_object('mailboxlist', $attrib['id']);
	$rcmail->output->set_env('mailboxes', $js_mailboxlist);
	$rcmail->output->set_env('unreadwrap', $attrib['unreadwrap']);
	$rcmail->output->set_env('collapsed_folders', (string)$rcmail->config->get('collapsed_folders'));
	}

	return $out;
	}


	/**
	* Return folders list as html_select object
	*
	* @param array $p Named parameters
	*
	* @return html_select HTML drop-down object
	*/
	public function folder_selector($p = array())
	{
	$p += array('maxlength' => 100, 'realnames' => false, 'is_escaped' => true);
	$a_mailboxes = array();
	$storage = $this->get_storage();

	if (empty($p['folder_name'])) {
	$p['folder_name'] = '*';
	}

	if ($p['unsubscribed']) {
	$list = $storage->list_folders('', $p['folder_name'], $p['folder_filter'], $p['folder_rights']);
	}
	else {
	$list = $storage->list_folders_subscribed('', $p['folder_name'], $p['folder_filter'], $p['folder_rights']);
	}

	$delimiter = $storage->get_hierarchy_delimiter();

	foreach ($list as $folder) {
	if (empty($p['exceptions']) \|\| !in_array($folder, $p['exceptions'])) {
	$this->build_folder_tree($a_mailboxes, $folder, $delimiter);
	}
	}

	$select = new html_select($p);

	if ($p['noselection']) {
	$select->add(html::quote($p['noselection']), '');
	}

	$this->render_folder_tree_select($a_mailboxes, $mbox, $p['maxlength'], $select, $p['realnames'], 0, $p);

	return $select;
	}


	/**
	* Create a hierarchical array of the mailbox list
	*/
	public function build_folder_tree(&$arrFolders, $folder, $delm = '/', $path = '')
	{
	// Handle namespace prefix
	$prefix = '';
	if (!$path) {
	$n_folder = $folder;
	$folder = $this->storage->mod_folder($folder);

	if ($n_folder != $folder) {
	$prefix = substr($n_folder, 0, -strlen($folder));
	}
	}

	$pos = strpos($folder, $delm);

	if ($pos !== false) {
	$subFolders = substr($folder, $pos+1);
	$currentFolder = substr($folder, 0, $pos);

	// sometimes folder has a delimiter as the last character
	if (!strlen($subFolders)) {
	$virtual = false;
	}
	else if (!isset($arrFolders[$currentFolder])) {
	$virtual = true;
	}
	else {
	$virtual = $arrFolders[$currentFolder]['virtual'];
	}
	}
	else {
	$subFolders = false;
	$currentFolder = $folder;
	$virtual = false;
	}

	$path .= $prefix . $currentFolder;

	if (!isset($arrFolders[$currentFolder])) {
	$arrFolders[$currentFolder] = array(
	'id' => $path,
	'name' => rcube_charset::convert($currentFolder, 'UTF7-IMAP'),
	'virtual' => $virtual,
	'folders' => array());
	}
	else {
	$arrFolders[$currentFolder]['virtual'] = $virtual;
	}

	if (strlen($subFolders)) {
	$this->build_folder_tree($arrFolders[$currentFolder]['folders'], $subFolders, $delm, $path.$delm);
	}
	}


	/**
	* Return html for a structured list <ul> for the mailbox tree
	*/
	public function render_folder_tree_html(&$arrFolders, &$mbox_name, &$jslist, $attrib, $nestLevel = 0)
	{
	$maxlength = intval($attrib['maxlength']);
	$realnames = (bool)$attrib['realnames'];
	$msgcounts = $this->storage->get_cache('messagecount');
	$collapsed = $this->config->get('collapsed_folders');
	$realnames = $this->config->get('show_real_foldernames');

	$out = '';
	foreach ($arrFolders as $folder) {
	$title = null;
	$folder_class = $this->folder_classname($folder['id']);
	$is_collapsed = strpos($collapsed, '&'.rawurlencode($folder['id']).'&') !== false;
	$unread = $msgcounts ? intval($msgcounts[$folder['id']]['UNSEEN']) : 0;

	if ($folder_class && !$realnames) {
	$foldername = $this->gettext($folder_class);
	}
	else {
	$foldername = $folder['name'];

	// shorten the folder name to a given length
	if ($maxlength && $maxlength > 1) {
	$fname = abbreviate_string($foldername, $maxlength);
	if ($fname != $foldername) {
	$title = $foldername;
	}
	$foldername = $fname;
	}
	}

	// make folder name safe for ids and class names
	$folder_id = rcube_utils::html_identifier($folder['id'], true);
	$classes = array('mailbox');

	// set special class for Sent, Drafts, Trash and Junk
	if ($folder_class) {
	$classes[] = $folder_class;
	}

	if ($folder['id'] == $mbox_name) {
	$classes[] = 'selected';
	}

	if ($folder['virtual']) {
	$classes[] = 'virtual';
	}
	else if ($unread) {
	$classes[] = 'unread';
	}

	$js_name = $this->JQ($folder['id']);
	$html_name = $this->Q($foldername) . ($unread ? html::span('unreadcount', sprintf($attrib['unreadwrap'], $unread)) : '');
	$link_attrib = $folder['virtual'] ? array() : array(
	'href' => $this->url(array('_mbox' => $folder['id'])),
	'onclick' => sprintf("return %s.command('list','%s',this)", rcmail_output::JS_OBJECT_NAME, $js_name),
	'rel' => $folder['id'],
	'title' => $title,
	);

	$out .= html::tag('li', array(
	'id' => "rcmli".$folder_id,
	'class' => join(' ', $classes),
	'noclose' => true),
	html::a($link_attrib, $html_name));

	if (!empty($folder['folders'])) {
	$out .= html::div('treetoggle ' . ($is_collapsed ? 'collapsed' : 'expanded'), ' ');
	}

	$jslist[$folder['id']] = array(
	'id' => $folder['id'],
	'name' => $foldername,
	'virtual' => $folder['virtual']
	);

	if (!empty($folder['folders'])) {
	$out .= html::tag('ul', array('style' => ($is_collapsed ? "display:none;" : null)),
	$this->render_folder_tree_html($folder['folders'], $mbox_name, $jslist, $attrib, $nestLevel+1));
	}

	$out .= "</li>\n";
	}

	return $out;
	}


	/**
	* Return html for a flat list <select> for the mailbox tree
	*/
	public function render_folder_tree_select(&$arrFolders, &$mbox_name, $maxlength, &$select, $realnames = false, $nestLevel = 0, $opts = array())
	{
	$out = '';

	foreach ($arrFolders as $folder) {
	// skip exceptions (and its subfolders)
	if (!empty($opts['exceptions']) && in_array($folder['id'], $opts['exceptions'])) {
	continue;
	}

	// skip folders in which it isn't possible to create subfolders
	if (!empty($opts['skip_noinferiors'])) {
	$attrs = $this->storage->folder_attributes($folder['id']);
	if ($attrs && in_array('\\Noinferiors', $attrs)) {
	continue;
	}
	}

	if (!$realnames && ($folder_class = $this->folder_classname($folder['id']))) {
	$foldername = $this->gettext($folder_class);
	}
	else {
	$foldername = $folder['name'];

	// shorten the folder name to a given length
	if ($maxlength && $maxlength > 1) {
	$foldername = abbreviate_string($foldername, $maxlength);
	}
	}

	$select->add(str_repeat(' ', $nestLevel*4) . html::quote($foldername), $folder['id']);

	if (!empty($folder['folders'])) {
	$out .= $this->render_folder_tree_select($folder['folders'], $mbox_name, $maxlength,
	$select, $realnames, $nestLevel+1, $opts);
	}
	}

	return $out;
	}


	/**
	* Return internal name for the given folder if it matches the configured special folders
	*/
	public function folder_classname($folder_id)
	{
	if ($folder_id == 'INBOX') {
	return 'inbox';
	}

	// for these mailboxes we have localized labels and css classes
	foreach (array('sent', 'drafts', 'trash', 'junk') as $smbx)
	{
	if ($folder_id === $this->config->get($smbx.'_mbox')) {
	return $smbx;
	}
	}
	}


	/**
	* Try to localize the given IMAP folder name.
	* UTF-7 decode it in case no localized text was found
	*
	* @param string $name Folder name
	* @param bool $with_path Enable path localization
	*
	* @return string Localized folder name in UTF-8 encoding
	*/
	public function localize_foldername($name, $with_path = true)
	{
	$realnames = $this->config->get('show_real_foldernames');

	// try to localize path of the folder
	if ($with_path && !$realnames) {
	$storage = $this->get_storage();
	$delimiter = $storage->get_hierarchy_delimiter();
	$path = explode($delimiter, $name);
	$count = count($path);

	if ($count > 1) {
	for ($i = 0; $i < $count; $i++) {
	$folder = implode($delimiter, array_slice($path, 0, -$i));
	if ($folder_class = $this->folder_classname($folder)) {
	$name = implode($delimiter, array_slice($path, $count - $i));
	return $this->gettext($folder_class) . $delimiter . rcube_charset::convert($name, 'UTF7-IMAP');
	}
	}
	}
	}

	if (!$realnames && ($folder_class = $this->folder_classname($name))) {
	return $this->gettext($folder_class);
	}

	return rcube_charset::convert($name, 'UTF7-IMAP');
	}


	public function localize_folderpath($path)
	{
	$protect_folders = $this->config->get('protect_default_folders');
	$default_folders = (array) $this->config->get('default_folders');
	$delimiter = $this->storage->get_hierarchy_delimiter();
	$path = explode($delimiter, $path);
	$result = array();

	foreach ($path as $idx => $dir) {
	$directory = implode($delimiter, array_slice($path, 0, $idx+1));
	if ($protect_folders && in_array($directory, $default_folders)) {
	unset($result);
	$result[] = $this->localize_foldername($directory);
	}
	else {
	$result[] = rcube_charset::convert($dir, 'UTF7-IMAP');
	}
	}

	return implode($delimiter, $result);
	}


	public static function quota_display($attrib)
	{
	$rcmail = rcmail::get_instance();

	if (!$attrib['id']) {
	$attrib['id'] = 'rcmquotadisplay';
	}

	$_SESSION['quota_display'] = !empty($attrib['display']) ? $attrib['display'] : 'text';

	$rcmail->output->add_gui_object('quotadisplay', $attrib['id']);

	$quota = $rcmail->quota_content($attrib);

	$rcmail->output->add_script('rcmail.set_quota('.rcube_output::json_serialize($quota).');', 'docready');

	return html::span($attrib, '');
	}


	public function quota_content($attrib = null)
	{
	$quota = $this->storage->get_quota();
	$quota = $this->plugins->exec_hook('quota', $quota);

	$quota_result = (array) $quota;
	$quota_result['type'] = isset($_SESSION['quota_display']) ? $_SESSION['quota_display'] : '';

	if ($quota['total'] > 0) {
	if (!isset($quota['percent'])) {
	$quota_result['percent'] = min(100, round(($quota['used']/max(1,$quota['total']))*100));
	}

	$title = sprintf('%s / %s (%.0f%%)',
	$this->show_bytes($quota['used'] * 1024), $this->show_bytes($quota['total'] * 1024),
	$quota_result['percent']);

	$quota_result['title'] = $title;

	if ($attrib['width']) {
	$quota_result['width'] = $attrib['width'];
	}
	if ($attrib['height']) {
	$quota_result['height'] = $attrib['height'];
	}
	}
	else {
	$unlimited = $this->config->get('quota_zero_as_unlimited');
	$quota_result['title'] = $this->gettext($unlimited ? 'unlimited' : 'unknown');
	$quota_result['percent'] = 0;
	}

	return $quota_result;
	}


	/**
	* Outputs error message according to server error/response codes
	*
	* @param string $fallback Fallback message label
	* @param array $fallback_args Fallback message label arguments
	* @param string $suffix Message label suffix
	*/
	public function display_server_error($fallback = null, $fallback_args = null, $suffix = '')
	{
	$err_code = $this->storage->get_error_code();
	$res_code = $this->storage->get_response_code();
	$args = array();

	if ($res_code == rcube_storage::NOPERM) {
	$error = 'errornoperm';
	}
	else if ($res_code == rcube_storage::READONLY) {
	$error = 'errorreadonly';
	}
	else if ($res_code == rcube_storage::OVERQUOTA) {
	$error = 'errorroverquota';
	}
	else if ($err_code && ($err_str = $this->storage->get_error_str())) {
	// try to detect access rights problem and display appropriate message
	if (stripos($err_str, 'Permission denied') !== false) {
	$error = 'errornoperm';
	}
	// try to detect full mailbox problem and display appropriate message
	// there can be e.g. "Quota exceeded" or "quotum would exceed"
	else if (stripos($err_str, 'quot') !== false && stripos($err_str, 'exceed') !== false) {
	$error = 'erroroverquota';
	}
	else {
	$error = 'servererrormsg';
	$args = array('msg' => $err_str);
	}
	}
	else if ($err_code < 0) {
	$error = 'storageerror';
	}
	else if ($fallback) {
	$error = $fallback;
	$args = $fallback_args;
	}

	if ($error) {
	if ($suffix && $this->text_exists($error . $suffix)) {
	$error .= $suffix;
	}
	$this->output->show_message($error, 'error', $args);
	}
	}


	/**
	* Output HTML editor scripts
	*
	* @param string $mode Editor mode
	*/
	public function html_editor($mode = '')
	{
	$hook = $this->plugins->exec_hook('html_editor', array('mode' => $mode));

	if ($hook['abort']) {
	return;
	}

	$lang = strtolower($_SESSION['language']);

	// TinyMCE uses two-letter lang codes, with exception of Chinese
	if (strpos($lang, 'zh_') === 0) {
	$lang = str_replace('_', '-', $lang);
	}
	else {
	$lang = substr($lang, 0, 2);
	}

	if (!file_exists(INSTALL_PATH . 'program/js/tiny_mce/langs/'.$lang.'.js')) {
	$lang = 'en';
	}

	$script = json_encode(array(
	'mode' => $mode,
	'lang' => $lang,
	'skin_path' => $this->output->get_skin_path(),
	'spellcheck' => intval($this->config->get('enable_spellcheck')),
	'spelldict' => intval($this->config->get('spellcheck_dictionary'))
	));

	$this->output->include_script('tiny_mce/tiny_mce.js');
	$this->output->include_script('editor.js');
	$this->output->add_script("rcmail_editor_init($script)", 'docready');
	}


	/**
	* Replaces TinyMCE's emoticon images with plain-text representation
	*
	* @param string $html HTML content
	*
	* @return string HTML content
	*/
	public static function replace_emoticons($html)
	{
	$emoticons = array(
	'8-)' => 'smiley-cool',
	':-#' => 'smiley-foot-in-mouth',
	':-*' => 'smiley-kiss',
	':-X' => 'smiley-sealed',
	':-P' => 'smiley-tongue-out',
	':-@' => 'smiley-yell',
	":'(" => 'smiley-cry',
	':-(' => 'smiley-frown',
	':-D' => 'smiley-laughing',
	':-)' => 'smiley-smile',
	':-S' => 'smiley-undecided',
	':-$' => 'smiley-embarassed',
	'O:-)' => 'smiley-innocent',
	':-\|' => 'smiley-money-mouth',
	':-O' => 'smiley-surprised',
	';-)' => 'smiley-wink',
	);

	foreach ($emoticons as $idx => $file) {
	// <img title="Cry" src="http://.../program/js/tiny_mce/plugins/emotions/img/smiley-cry.gif" border="0" alt="Cry" />
	$search[] = '/<img title="[a-z ]+" src="https?:\/\/[a-z0-9_.\/-]+\/tiny_mce\/plugins\/emotions\/img\/'.$file.'.gif"[^>]+\/>/i';
	$replace[] = $idx;
	}

	return preg_replace($search, $replace, $html);
	}


	/**
	* File upload progress handler.
	*/
	public function upload_progress()
	{
	$prefix = ini_get('apc.rfc1867_prefix');
	$params = array(
	'action' => $this->action,
	'name' => rcube_utils::get_input_value('_progress', rcube_utils::INPUT_GET),
	);

	if (function_exists('apc_fetch')) {
	$status = apc_fetch($prefix . $params['name']);

	if (!empty($status)) {
	$status['percent'] = round($status['current']/$status['total']*100);
	$params = array_merge($status, $params);
	}
	}

	if (isset($params['percent']))
	$params['text'] = $this->gettext(array('name' => 'uploadprogress', 'vars' => array(
	'percent' => $params['percent'] . '%',
	'current' => $this->show_bytes($params['current']),
	'total' => $this->show_bytes($params['total'])
	)));

	$this->output->command('upload_progress_update', $params);
	$this->output->send();
	}


	/**
	* Initializes file uploading interface.
	*/
	public function upload_init()
	{
	// Enable upload progress bar
	- if (($seconds = $this->config->get('upload_progress')) && ini_get('apc.rfc1867')) {
	+ $rfc1867 = filter_var(ini_get('apc.rfc1867'), FILTER_VALIDATE_BOOLEAN);
	+ if ($rfc1867 && ($seconds = $this->config->get('upload_progress'))) {
	if ($field_name = ini_get('apc.rfc1867_name')) {
	$this->output->set_env('upload_progress_name', $field_name);
	$this->output->set_env('upload_progress_time', (int) $seconds);
	}
	}

	// find max filesize value
	$max_filesize = parse_bytes(ini_get('upload_max_filesize'));
	$max_postsize = parse_bytes(ini_get('post_max_size'));
	if ($max_postsize && $max_postsize < $max_filesize) {
	$max_filesize = $max_postsize;
	}

	$this->output->set_env('max_filesize', $max_filesize);
	$max_filesize = self::show_bytes($max_filesize);
	$this->output->set_env('filesizeerror', $this->gettext(array(
	'name' => 'filesizeerror', 'vars' => array('size' => $max_filesize))));

	return $max_filesize;
	}


	/**
	* Initializes client-side autocompletion.
	*/
	public function autocomplete_init()
	{
	static $init;

	if ($init) {
	return;
	}

	$init = 1;

	if (($threads = (int)$this->config->get('autocomplete_threads')) > 0) {
	$book_types = (array) $this->config->get('autocomplete_addressbooks', 'sql');
	if (count($book_types) > 1) {
	$this->output->set_env('autocomplete_threads', $threads);
	$this->output->set_env('autocomplete_sources', $book_types);
	}
	}

	$this->output->set_env('autocomplete_max', (int)$this->config->get('autocomplete_max', 15));
	$this->output->set_env('autocomplete_min_length', $this->config->get('autocomplete_min_length'));
	$this->output->add_label('autocompletechars', 'autocompletemore');
	}


	/**
	* Returns supported font-family specifications
	*
	* @param string $font Font name
	*
	* @param string\|array Font-family specification array or string (if $font is used)
	*/
	public static function font_defs($font = null)
	{
	$fonts = array(
	'Andale Mono' => '"Andale Mono",Times,monospace',
	'Arial' => 'Arial,Helvetica,sans-serif',
	'Arial Black' => '"Arial Black","Avant Garde",sans-serif',
	'Book Antiqua' => '"Book Antiqua",Palatino,serif',
	'Courier New' => '"Courier New",Courier,monospace',
	'Georgia' => 'Georgia,Palatino,serif',
	'Helvetica' => 'Helvetica,Arial,sans-serif',
	'Impact' => 'Impact,Chicago,sans-serif',
	'Tahoma' => 'Tahoma,Arial,Helvetica,sans-serif',
	'Terminal' => 'Terminal,Monaco,monospace',
	'Times New Roman' => '"Times New Roman",Times,serif',
	'Trebuchet MS' => '"Trebuchet MS",Geneva,sans-serif',
	'Verdana' => 'Verdana,Geneva,sans-serif',
	);

	if ($font) {
	return $fonts[$font];
	}

	return $fonts;
	}


	/**
	* Create a human readable string for a number of bytes
	*
	* @param int Number of bytes
	*
	* @return string Byte string
	*/
	public function show_bytes($bytes)
	{
	if ($bytes >= 1073741824) {
	$gb = $bytes/1073741824;
	$str = sprintf($gb>=10 ? "%d " : "%.1f ", $gb) . $this->gettext('GB');
	}
	else if ($bytes >= 1048576) {
	$mb = $bytes/1048576;
	$str = sprintf($mb>=10 ? "%d " : "%.1f ", $mb) . $this->gettext('MB');
	}
	else if ($bytes >= 1024) {
	$str = sprintf("%d ", round($bytes/1024)) . $this->gettext('KB');
	}
	else {
	$str = sprintf('%d ', $bytes) . $this->gettext('B');
	}

	return $str;
	}


	/**
	* Returns real size (calculated) of the message part
	*
	* @param rcube_message_part Message part
	*
	* @return string Part size (and unit)
	*/
	public function message_part_size($part)
	{
	if (isset($part->d_parameters['size'])) {
	$size = $this->show_bytes((int)$part->d_parameters['size']);
	}
	else {
	$size = $part->size;
	if ($part->encoding == 'base64') {
	$size = $size / 1.33;
	}

	$size = '~' . $this->show_bytes($size);
	}

	return $size;
	}


	/************************************************************************
	******* Deprecated methods (to be removed) *******
	***********************************************************************/

	public static function setcookie($name, $value, $exp = 0)
	{
	rcube_utils::setcookie($name, $value, $exp);
	}

	public function imap_connect()
	{
	return $this->storage_connect();
	}

	public function imap_init()
	{
	return $this->storage_init();
	}

	/**
	* Connect to the mail storage server with stored session data
	*
	* @return bool True on success, False on error
	*/
	public function storage_connect()
	{
	$storage = $this->get_storage();

	if ($_SESSION['storage_host'] && !$storage->is_connected()) {
	$host = $_SESSION['storage_host'];
	$user = $_SESSION['username'];
	$port = $_SESSION['storage_port'];
	$ssl = $_SESSION['storage_ssl'];
	$pass = $this->decrypt($_SESSION['password']);

	if (!$storage->connect($host, $user, $pass, $port, $ssl)) {
	if (is_object($this->output)) {
	$this->output->show_message('storageerror', 'error');
	}
	}
	else {
	$this->set_storage_prop();
	}
	}

	return $storage->is_connected();
	}
	}
	diff --git a/program/include/rcmail_output_html.php b/program/include/rcmail_output_html.php
	index 29a86b9f7..656da6bc9 100644
	--- a/program/include/rcmail_output_html.php
	+++ b/program/include/rcmail_output_html.php
	@@ -1,1811 +1,1811 @@
	<?php

	/*
	+-----------------------------------------------------------------------+
	\| program/include/rcmail_output_html.php \|
	\| \|
	\| This file is part of the Roundcube Webmail client \|
	\| Copyright (C) 2006-2012, The Roundcube Dev Team \|
	\| \|
	\| Licensed under the GNU General Public License version 3 or \|
	\| any later version with exceptions for skins & plugins. \|
	\| See the README file for a full license statement. \|
	\| \|
	\| PURPOSE: \|
	\| Class to handle HTML page output using a skin template. \|
	\| \|
	+-----------------------------------------------------------------------+
	\| Author: Thomas Bruederli <roundcube@gmail.com> \|
	+-----------------------------------------------------------------------+
	*/


	/**
	* Class to create HTML page output using a skin template
	*
	* @package Core
	* @subpackage View
	*/
	class rcmail_output_html extends rcmail_output
	{
	public $type = 'html';

	protected $message = null;
	protected $js_env = array();
	protected $js_labels = array();
	protected $js_commands = array();
	protected $skin_paths = array();
	protected $template_name;
	protected $scripts_path = '';
	protected $script_files = array();
	protected $css_files = array();
	protected $scripts = array();
	protected $default_template = "<html>\n<head><title></title></head>\n<body></body>\n</html>";
	protected $header = '';
	protected $footer = '';
	protected $body = '';
	protected $base_path = '';

	// deprecated names of templates used before 0.5
	protected $deprecated_templates = array(
	'contact' => 'showcontact',
	'contactadd' => 'addcontact',
	'contactedit' => 'editcontact',
	'identityedit' => 'editidentity',
	'messageprint' => 'printmessage',
	);

	/**
	* Constructor
	*
	* @todo Replace $this->config with the real rcube_config object
	*/
	public function __construct($task = null, $framed = false)
	{
	parent::__construct();

	//$this->framed = $framed;
	$this->set_env('task', $task);
	$this->set_env('x_frame_options', $this->config->get('x_frame_options', 'sameorigin'));
	$this->set_env('standard_windows', (bool) $this->config->get('standard_windows'));

	// add cookie info
	$this->set_env('cookie_domain', ini_get('session.cookie_domain'));
	$this->set_env('cookie_path', ini_get('session.cookie_path'));
	- $this->set_env('cookie_secure', ini_get('session.cookie_secure'));
	+ $this->set_env('cookie_secure', filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN));

	// load the correct skin (in case user-defined)
	$skin = $this->config->get('skin');
	$this->set_skin($skin);
	$this->set_env('skin', $skin);

	if (!empty($_REQUEST['_extwin']))
	$this->set_env('extwin', 1);
	if ($this->framed \|\| !empty($_REQUEST['_framed']))
	$this->set_env('framed', 1);

	// add common javascripts
	$this->add_script('var '.self::JS_OBJECT_NAME.' = new rcube_webmail();', 'head_top');

	// don't wait for page onload. Call init at the bottom of the page (delayed)
	$this->add_script(self::JS_OBJECT_NAME.'.init();', 'docready');

	$this->scripts_path = 'program/js/';
	$this->include_script('jquery.min.js');
	$this->include_script('common.js');
	$this->include_script('app.js');

	// register common UI objects
	$this->add_handlers(array(
	'loginform' => array($this, 'login_form'),
	'preloader' => array($this, 'preloader'),
	'username' => array($this, 'current_username'),
	'message' => array($this, 'message_container'),
	'charsetselector' => array($this, 'charset_selector'),
	'aboutcontent' => array($this, 'about_content'),
	));
	}


	/**
	* Set environment variable
	*
	* @param string Property name
	* @param mixed Property value
	* @param boolean True if this property should be added to client environment
	*/
	public function set_env($name, $value, $addtojs = true)
	{
	$this->env[$name] = $value;
	if ($addtojs \|\| isset($this->js_env[$name])) {
	$this->js_env[$name] = $value;
	}
	}


	/**
	* Getter for the current page title
	*
	* @return string The page title
	*/
	protected function get_pagetitle()
	{
	if (!empty($this->pagetitle)) {
	$title = $this->pagetitle;
	}
	else if ($this->env['task'] == 'login') {
	$title = $this->app->gettext(array(
	'name' => 'welcome',
	'vars' => array('product' => $this->config->get('product_name')
	)));
	}
	else {
	$title = ucfirst($this->env['task']);
	}

	return $title;
	}


	/**
	* Set skin
	*/
	public function set_skin($skin)
	{
	$valid = false;

	if (!empty($skin) && is_dir('skins/'.$skin) && is_readable('skins/'.$skin)) {
	$skin_path = 'skins/'.$skin;
	$valid = true;
	}
	else {
	$skin_path = $this->config->get('skin_path');
	if (!$skin_path) {
	$skin_path = 'skins/' . rcube_config::DEFAULT_SKIN;
	}
	$valid = !$skin;
	}

	$this->config->set('skin_path', $skin_path);
	$this->base_path = $skin_path;

	// register skin path(s)
	$this->skin_paths = array();
	$this->load_skin($skin_path);

	return $valid;
	}

	/**
	* Helper method to recursively read skin meta files and register search paths
	*/
	private function load_skin($skin_path)
	{
	$this->skin_paths[] = $skin_path;

	// read meta file and check for dependecies
	$meta = @json_decode(@file_get_contents($skin_path.'/meta.json'), true);
	if ($meta['extends'] && is_dir('skins/' . $meta['extends'])) {
	$this->load_skin('skins/' . $meta['extends']);
	}
	}


	/**
	* Check if a specific template exists
	*
	* @param string Template name
	* @return boolean True if template exists
	*/
	public function template_exists($name)
	{
	$found = false;
	foreach ($this->skin_paths as $skin_path) {
	$filename = $skin_path . '/templates/' . $name . '.html';
	$found = (is_file($filename) && is_readable($filename)) \|\| ($this->deprecated_templates[$name] && $this->template_exists($this->deprecated_templates[$name]));
	if ($found)
	break;
	}
	return $found;
	}


	/**
	* Find the given file in the current skin path stack
	*
	* @param string File name/path to resolve (starting with /)
	* @param string Reference to the base path of the matching skin
	* @param string Additional path to search in
	* @return mixed Relative path to the requested file or False if not found
	*/
	public function get_skin_file($file, &$skin_path = null, $add_path = null)
	{
	$skin_paths = $this->skin_paths;
	if ($add_path)
	array_unshift($skin_paths, $add_path);

	foreach ($skin_paths as $skin_path) {
	$path = realpath($skin_path . $file);
	if (is_file($path)) {
	return $skin_path . $file;
	}
	}

	return false;
	}


	/**
	* Register a GUI object to the client script
	*
	* @param string Object name
	* @param string Object ID
	* @return void
	*/
	public function add_gui_object($obj, $id)
	{
	$this->add_script(self::JS_OBJECT_NAME.".gui_object('$obj', '$id');");
	}


	/**
	* Call a client method
	*
	* @param string Method to call
	* @param ... Additional arguments
	*/
	public function command()
	{
	$cmd = func_get_args();
	if (strpos($cmd[0], 'plugin.') !== false)
	$this->js_commands[] = array('triggerEvent', $cmd[0], $cmd[1]);
	else
	$this->js_commands[] = $cmd;
	}


	/**
	* Add a localized label to the client environment
	*/
	public function add_label()
	{
	$args = func_get_args();
	if (count($args) == 1 && is_array($args[0]))
	$args = $args[0];

	foreach ($args as $name) {
	$this->js_labels[$name] = $this->app->gettext($name);
	}
	}


	/**
	* Invoke display_message command
	*
	* @param string $message Message to display
	* @param string $type Message type [notice\|confirm\|error]
	* @param array $vars Key-value pairs to be replaced in localized text
	* @param boolean $override Override last set message
	* @param int $timeout Message display time in seconds
	* @uses self::command()
	*/
	public function show_message($message, $type='notice', $vars=null, $override=true, $timeout=0)
	{
	if ($override \|\| !$this->message) {
	if ($this->app->text_exists($message)) {
	if (!empty($vars))
	$vars = array_map('Q', $vars);
	$msgtext = $this->app->gettext(array('name' => $message, 'vars' => $vars));
	}
	else
	$msgtext = $message;

	$this->message = $message;
	$this->command('display_message', $msgtext, $type, $timeout * 1000);
	}
	}


	/**
	* Delete all stored env variables and commands
	*
	* @param bool $all Reset all env variables (including internal)
	*/
	public function reset($all = false)
	{
	$env = $all ? null : array_intersect_key($this->env, array('extwin'=>1, 'framed'=>1));

	parent::reset();

	// let some env variables survive
	$this->env = $this->js_env = $env;
	$this->js_labels = array();
	$this->js_commands = array();
	$this->script_files = array();
	$this->scripts = array();
	$this->header = '';
	$this->footer = '';
	$this->body = '';
	}


	/**
	* Redirect to a certain url
	*
	* @param mixed $p Either a string with the action or url parameters as key-value pairs
	* @param int $delay Delay in seconds
	*/
	public function redirect($p = array(), $delay = 1)
	{
	if ($this->env['extwin'])
	$p['extwin'] = 1;
	$location = $this->app->url($p);
	header('Location: ' . $location);
	exit;
	}


	/**
	* Send the request output to the client.
	* This will either parse a skin tempalte or send an AJAX response
	*
	* @param string Template name
	* @param boolean True if script should terminate (default)
	*/
	public function send($templ = null, $exit = true)
	{
	if ($templ != 'iframe') {
	// prevent from endless loops
	if ($exit != 'recur' && $this->app->plugins->is_processing('render_page')) {
	rcube::raise_error(array('code' => 505, 'type' => 'php',
	'file' => __FILE__, 'line' => __LINE__,
	'message' => 'Recursion alert: ignoring output->send()'), true, false);
	return;
	}
	$this->parse($templ, false);
	}
	else {
	$this->framed = true;
	$this->write();
	}

	// set output asap
	ob_flush();
	flush();

	if ($exit) {
	exit;
	}
	}


	/**
	* Process template and write to stdOut
	*
	* @param string $template HTML template content
	*/
	public function write($template = '')
	{
	// unlock interface after iframe load
	$unlock = preg_replace('/[^a-z0-9]/i', '', $_REQUEST['_unlock']);
	if ($this->framed) {
	array_unshift($this->js_commands, array('iframe_loaded', $unlock));
	}
	else if ($unlock) {
	array_unshift($this->js_commands, array('hide_message', $unlock));
	}

	if (!empty($this->script_files))
	$this->set_env('request_token', $this->app->get_request_token());

	// write all env variables to client
	if ($commands = $this->get_js_commands()) {
	$js = $this->framed ? "if (window.parent) {\n" : '';
	$js .= $commands . ($this->framed ? ' }' : '');
	$this->add_script($js, 'head_top');
	}

	// send clickjacking protection headers
	$iframe = $this->framed \|\| !empty($_REQUEST['_framed']);
	if (!headers_sent() && ($xframe = $this->app->config->get('x_frame_options', 'sameorigin')))
	header('X-Frame-Options: ' . ($iframe && $xframe == 'deny' ? 'sameorigin' : $xframe));

	// call super method
	$this->_write($template, $this->config->get('skin_path'));
	}


	/**
	* Parse a specific skin template and deliver to stdout (or return)
	*
	* @param string Template name
	* @param boolean Exit script
	* @param boolean Don't write to stdout, return parsed content instead
	*
	* @link http://php.net/manual/en/function.exit.php
	*/
	function parse($name = 'main', $exit = true, $write = true)
	{
	$plugin = false;
	$realname = $name;
	$this->template_name = $realname;

	$temp = explode('.', $name, 2);
	if (count($temp) > 1) {
	$plugin = $temp[0];
	$name = $temp[1];
	$skin_dir = $plugin . '/skins/' . $this->config->get('skin');

	// apply skin search escalation list to plugin directory
	$plugin_skin_paths = array();
	foreach ($this->skin_paths as $skin_path) {
	$plugin_skin_paths[] = $this->app->plugins->url . $plugin . '/' . $skin_path;
	}

	// add fallback to default skin
	if (is_dir($this->app->plugins->dir . $plugin . '/skins/default')) {
	$skin_dir = $plugin . '/skins/default';
	$plugin_skin_paths[] = $this->app->plugins->url . $skin_dir;
	}

	// add plugin skin paths to search list
	$this->skin_paths = array_merge($plugin_skin_paths, $this->skin_paths);
	}

	// find skin template
	$path = false;
	foreach ($this->skin_paths as $skin_path) {
	$path = "$skin_path/templates/$name.html";

	// fallback to deprecated template names
	if (!is_readable($path) && $this->deprecated_templates[$realname]) {
	$path = "$skin_path/templates/" . $this->deprecated_templates[$realname] . ".html";

	if (is_readable($path)) {
	rcube::raise_error(array(
	'code' => 502, 'type' => 'php',
	'file' => __FILE__, 'line' => __LINE__,
	'message' => "Using deprecated template '" . $this->deprecated_templates[$realname]
	. "' in $skin_path/templates. Please rename to '$realname'"),
	true, false);
	}
	}

	if (is_readable($path)) {
	$this->config->set('skin_path', $skin_path);
	$this->base_path = preg_replace('!plugins/\w+/!', '', $skin_path); // set base_path to core skin directory (not plugin's skin)
	$skin_dir = preg_replace('!^plugins/!', '', $skin_path);
	break;
	}
	else {
	$path = false;
	}
	}

	// read template file
	if (!$path \|\| ($templ = @file_get_contents($path)) === false) {
	rcube::raise_error(array(
	'code' => 501,
	'type' => 'php',
	'line' => __LINE__,
	'file' => __FILE__,
	'message' => 'Error loading template for '.$realname
	), true, $write);
	return false;
	}

	// replace all path references to plugins/... with the configured plugins dir
	// and /this/ to the current plugin skin directory
	if ($plugin) {
	$templ = preg_replace(array('/\bplugins\//', '/(["\']?)\/this\//'), array($this->app->plugins->url, '\\1'.$this->app->plugins->url.$skin_dir.'/'), $templ);
	}

	// parse for specialtags
	$output = $this->parse_conditions($templ);
	$output = $this->parse_xml($output);

	// trigger generic hook where plugins can put additional content to the page
	$hook = $this->app->plugins->exec_hook("render_page", array('template' => $realname, 'content' => $output));

	// save some memory
	$output = $hook['content'];
	unset($hook['content']);

	// make sure all <form> tags have a valid request token
	$output = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $output);
	$this->footer = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $this->footer);

	if ($write) {
	// add debug console
	if ($realname != 'error' && ($this->config->get('debug_level') & 8)) {
	$this->add_footer('<div id="console" style="position:absolute;top:5px;left:5px;width:405px;padding:2px;background:white;z-index:9000;display:none">
	<a href="#toggle" onclick="con=$(\'#dbgconsole\');con[con.is(\':visible\')?\'hide\':\'show\']();return false">console</a>
	<textarea name="console" id="dbgconsole" rows="20" cols="40" style="display:none;width:400px;border:none;font-size:10px" spellcheck="false"></textarea></div>'
	);
	$this->add_script(
	"if (!window.console \|\| !window.console.log) {\n".
	" window.console = new rcube_console();\n".
	" $('#console').show();\n".
	"}", 'foot');
	}
	$this->write(trim($output));
	}
	else {
	return $output;
	}

	if ($exit) {
	exit;
	}
	}


	/**
	* Return executable javascript code for all registered commands
	*
	* @return string $out
	*/
	protected function get_js_commands()
	{
	$out = '';
	if (!$this->framed && !empty($this->js_env)) {
	$out .= self::JS_OBJECT_NAME . '.set_env('.self::json_serialize($this->js_env).");\n";
	}
	if (!empty($this->js_labels)) {
	$this->command('add_label', $this->js_labels);
	}
	foreach ($this->js_commands as $i => $args) {
	$method = array_shift($args);
	foreach ($args as $i => $arg) {
	$args[$i] = self::json_serialize($arg);
	}
	$parent = $this->framed \|\| preg_match('/^parent\./', $method);
	$out .= sprintf(
	"%s.%s(%s);\n",
	($parent ? 'if(window.parent && parent.'.self::JS_OBJECT_NAME.') parent.' : '') . self::JS_OBJECT_NAME,
	preg_replace('/^parent\./', '', $method),
	implode(',', $args)
	);
	}

	return $out;
	}


	/**
	* Make URLs starting with a slash point to skin directory
	*
	* @param string Input string
	* @param boolean True if URL should be resolved using the current skin path stack
	* @return string
	*/
	public function abs_url($str, $search_path = false)
	{
	if ($str[0] == '/') {
	if ($search_path && ($file_url = $this->get_skin_file($str, $skin_path)))
	return $file_url;

	return $this->base_path . $str;
	}
	else
	return $str;
	}


	/**
	* Show error page and terminate script execution
	*
	* @param int $code Error code
	* @param string $message Error message
	*/
	public function raise_error($code, $message)
	{
	global $__page_content, $ERROR_CODE, $ERROR_MESSAGE;

	$ERROR_CODE = $code;
	$ERROR_MESSAGE = $message;

	include RCUBE_INSTALL_PATH . 'program/steps/utils/error.inc';
	exit;
	}


	/*** Template parsing methods ***/

	/**
	* Replace all strings ($varname)
	* with the content of the according global variable.
	*/
	protected function parse_with_globals($input)
	{
	$GLOBALS['__version'] = html::quote(RCMAIL_VERSION);
	$GLOBALS['__comm_path'] = html::quote($this->app->comm_path);
	$GLOBALS['__skin_path'] = html::quote($this->base_path);

	return preg_replace_callback('/\$(__[a-z0-9_\-]+)/',
	array($this, 'globals_callback'), $input);
	}


	/**
	* Callback funtion for preg_replace_callback() in parse_with_globals()
	*/
	protected function globals_callback($matches)
	{
	return $GLOBALS[$matches[1]];
	}


	/**
	* Correct absolute paths in images and other tags
	* add timestamp to .js and .css filename
	*/
	protected function fix_paths($output)
	{
	return preg_replace_callback(
	'!(src\|href\|background)=(["\']?)([a-z0-9/_.-]+)(["\'\s>])!i',
	array($this, 'file_callback'), $output);
	}


	/**
	* Callback function for preg_replace_callback in write()
	*
	* @return string Parsed string
	*/
	protected function file_callback($matches)
	{
	$file = $matches[3];
	$file = preg_replace('!^/this/!', '/', $file);

	// correct absolute paths
	if ($file[0] == '/') {
	$file = $this->base_path . $file;
	}

	// add file modification timestamp
	if (preg_match('/\.(js\|css)$/', $file)) {
	if ($fs = @filemtime($file)) {
	$file .= '?s=' . $fs;
	}
	}

	return $matches[1] . '=' . $matches[2] . $file . $matches[4];
	}


	/**
	* Public wrapper to dipp into template parsing.
	*
	* @param string $input
	* @return string
	* @uses rcmail_output_html::parse_xml()
	* @since 0.1-rc1
	*/
	public function just_parse($input)
	{
	$input = $this->parse_conditions($input);
	$input = $this->parse_xml($input);

	return $input;
	}


	/**
	* Parse for conditional tags
	*
	* @param string $input
	* @return string
	*/
	protected function parse_conditions($input)
	{
	$matches = preg_split('/<roundcube:(if\|elseif\|else\|endif)\s+([^>]+)>\n?/is', $input, 2, PREG_SPLIT_DELIM_CAPTURE);
	if ($matches && count($matches) == 4) {
	if (preg_match('/^(else\|endif)$/i', $matches[1])) {
	return $matches[0] . $this->parse_conditions($matches[3]);
	}
	$attrib = html::parse_attrib_string($matches[2]);
	if (isset($attrib['condition'])) {
	$condmet = $this->check_condition($attrib['condition']);
	$submatches = preg_split('/<roundcube:(elseif\|else\|endif)\s+([^>]+)>\n?/is', $matches[3], 2, PREG_SPLIT_DELIM_CAPTURE);
	if ($condmet) {
	$result = $submatches[0];
	$result.= ($submatches[1] != 'endif' ? preg_replace('/.*<roundcube:endif\s+[^>]+>\n?/Uis', '', $submatches[3], 1) : $submatches[3]);
	}
	else {
	$result = "<roundcube:$submatches[1] $submatches[2]>" . $submatches[3];
	}
	return $matches[0] . $this->parse_conditions($result);
	}
	rcube::raise_error(array(
	'code' => 500,
	'type' => 'php',
	'line' => __LINE__,
	'file' => __FILE__,
	'message' => "Unable to parse conditional tag " . $matches[2]
	), true, false);
	}
	return $input;
	}


	/**
	* Determines if a given condition is met
	*
	* @todo Extend this to allow real conditions, not just "set"
	* @param string Condition statement
	* @return boolean True if condition is met, False if not
	*/
	protected function check_condition($condition)
	{
	return $this->eval_expression($condition);
	}


	/**
	* Inserts hidden field with CSRF-prevention-token into POST forms
	*/
	protected function alter_form_tag($matches)
	{
	$out = $matches[0];
	$attrib = html::parse_attrib_string($matches[1]);

	if (strtolower($attrib['method']) == 'post') {
	$hidden = new html_hiddenfield(array('name' => '_token', 'value' => $this->app->get_request_token()));
	$out .= "\n" . $hidden->show();
	}

	return $out;
	}


	/**
	* Parse & evaluate a given expression and return its result.
	*
	* @param string Expression statement
	*
	* @return mixed Expression result
	*/
	protected function eval_expression ($expression)
	{
	$expression = preg_replace(
	array(
	'/session:([a-z0-9_]+)/i',
	'/config:([a-z0-9_]+)(:([a-z0-9_]+))?/i',
	'/env:([a-z0-9_]+)/i',
	'/request:([a-z0-9_]+)/i',
	'/cookie:([a-z0-9_]+)/i',
	'/browser:([a-z0-9_]+)/i',
	'/template:name/i',
	),
	array(
	"\$_SESSION['\\1']",
	"\$app->config->get('\\1',rcube_utils::get_boolean('\\3'))",
	"\$env['\\1']",
	"rcube_utils::get_input_value('\\1', rcube_utils::INPUT_GPC)",
	"\$_COOKIE['\\1']",
	"\$browser->{'\\1'}",
	$this->template_name,
	),
	$expression
	);

	$fn = create_function('$app,$browser,$env', "return ($expression);");
	if (!$fn) {
	rcube::raise_error(array(
	'code' => 505,
	'type' => 'php',
	'file' => __FILE__,
	'line' => __LINE__,
	'message' => "Expression parse error on: ($expression)"), true, false);

	return null;
	}

	return $fn($this->app, $this->browser, $this->env);
	}


	/**
	* Search for special tags in input and replace them
	* with the appropriate content
	*
	* @param string Input string to parse
	* @return string Altered input string
	* @todo Use DOM-parser to traverse template HTML
	* @todo Maybe a cache.
	*/
	protected function parse_xml($input)
	{
	return preg_replace_callback('/<roundcube:([-_a-z]+)\s+((?:[^>]\|\\\\>)+)(?<!\\\\)>/Ui', array($this, 'xml_command'), $input);
	}


	/**
	* Callback function for parsing an xml command tag
	* and turn it into real html content
	*
	* @param array Matches array of preg_replace_callback
	* @return string Tag/Object content
	*/
	protected function xml_command($matches)
	{
	$command = strtolower($matches[1]);
	$attrib = html::parse_attrib_string($matches[2]);

	// empty output if required condition is not met
	if (!empty($attrib['condition']) && !$this->check_condition($attrib['condition'])) {
	return '';
	}

	// execute command
	switch ($command) {
	// return a button
	case 'button':
	if ($attrib['name'] \|\| $attrib['command']) {
	return $this->button($attrib);
	}
	break;

	// frame
	case 'frame':
	return $this->frame($attrib);
	break;

	// show a label
	case 'label':
	if ($attrib['expression'])
	$attrib['name'] = $this->eval_expression($attrib['expression']);

	if ($attrib['name'] \|\| $attrib['command']) {
	// @FIXME: 'noshow' is useless, remove?
	if ($attrib['noshow']) {
	return '';
	}

	$vars = $attrib + array('product' => $this->config->get('product_name'));
	unset($vars['name'], $vars['command']);

	$label = $this->app->gettext($attrib + array('vars' => $vars));
	$quoting = !empty($attrib['quoting']) ? strtolower($attrib['quoting']) : (rcube_utils::get_boolean((string)$attrib['html']) ? 'no' : '');

	switch ($quoting) {
	case 'no':
	case 'raw':
	break;
	case 'javascript':
	case 'js':
	$label = rcube::JQ($label);
	break;
	default:
	$label = html::quote($label);
	break;
	}

	return $label;
	}
	break;

	// include a file
	case 'include':
	$old_base_path = $this->base_path;
	if (!empty($attrib['skin_path'])) $attrib['skinpath'] = $attrib['skin_path'];
	if ($path = $this->get_skin_file($attrib['file'], $skin_path, $attrib['skinpath'])) {
	$this->base_path = preg_replace('!plugins/\w+/!', '', $skin_path); // set base_path to core skin directory (not plugin's skin)
	$path = realpath($path);
	}

	if (is_readable($path)) {
	if ($this->config->get('skin_include_php')) {
	$incl = $this->include_php($path);
	}
	else {
	$incl = file_get_contents($path);
	}
	$incl = $this->parse_conditions($incl);
	$incl = $this->parse_xml($incl);
	$incl = $this->fix_paths($incl);
	$this->base_path = $old_base_path;
	return $incl;
	}
	break;

	case 'plugin.include':
	$hook = $this->app->plugins->exec_hook("template_plugin_include", $attrib);
	return $hook['content'];

	// define a container block
	case 'container':
	if ($attrib['name'] && $attrib['id']) {
	$this->command('gui_container', $attrib['name'], $attrib['id']);
	// let plugins insert some content here
	$hook = $this->app->plugins->exec_hook("template_container", $attrib);
	return $hook['content'];
	}
	break;

	// return code for a specific application object
	case 'object':
	$object = strtolower($attrib['name']);
	$content = '';

	// we are calling a class/method
	if (($handler = $this->object_handlers[$object]) && is_array($handler)) {
	if ((is_object($handler[0]) && method_exists($handler[0], $handler[1])) \|\|
	(is_string($handler[0]) && class_exists($handler[0])))
	$content = call_user_func($handler, $attrib);
	}
	// execute object handler function
	else if (function_exists($handler)) {
	$content = call_user_func($handler, $attrib);
	}
	else if ($object == 'doctype') {
	$content = html::doctype($attrib['value']);
	}
	else if ($object == 'logo') {
	$attrib += array('alt' => $this->xml_command(array('', 'object', 'name="productname"')));
	if ($logo = $this->config->get('skin_logo'))
	$attrib['src'] = $logo;
	$content = html::img($attrib);
	}
	else if ($object == 'productname') {
	$name = $this->config->get('product_name', 'Roundcube Webmail');
	$content = html::quote($name);
	}
	else if ($object == 'version') {
	$ver = (string)RCMAIL_VERSION;
	if (is_file(RCUBE_INSTALL_PATH . '.svn/entries')) {
	if (preg_match('/Revision:\s(\d+)/', @shell_exec('svn info'), $regs))
	$ver .= ' [SVN r'.$regs[1].']';
	}
	else if (is_file(RCUBE_INSTALL_PATH . '.git/index')) {
	if (preg_match('/Date:\s+([^\n]+)/', @shell_exec('git log -1'), $regs)) {
	if ($date = date('Ymd.Hi', strtotime($regs[1]))) {
	$ver .= ' [GIT '.$date.']';
	}
	}
	}
	$content = html::quote($ver);
	}
	else if ($object == 'steptitle') {
	$content = html::quote($this->get_pagetitle());
	}
	else if ($object == 'pagetitle') {
	if ($this->config->get('devel_mode') && !empty($_SESSION['username']))
	$title = $_SESSION['username'].' :: ';
	else if ($prod_name = $this->config->get('product_name'))
	$title = $prod_name . ' :: ';
	else
	$title = '';
	$title .= $this->get_pagetitle();
	$content = html::quote($title);
	}

	// exec plugin hooks for this template object
	$hook = $this->app->plugins->exec_hook("template_object_$object", $attrib + array('content' => $content));
	return $hook['content'];

	// return code for a specified eval expression
	case 'exp':
	return html::quote($this->eval_expression($attrib['expression']));

	// return variable
	case 'var':
	$var = explode(':', $attrib['name']);
	$name = $var[1];
	$value = '';

	switch ($var[0]) {
	case 'env':
	$value = $this->env[$name];
	break;
	case 'config':
	$value = $this->config->get($name);
	if (is_array($value) && $value[$_SESSION['storage_host']]) {
	$value = $value[$_SESSION['storage_host']];
	}
	break;
	case 'request':
	$value = rcube_utils::get_input_value($name, rcube_utils::INPUT_GPC);
	break;
	case 'session':
	$value = $_SESSION[$name];
	break;
	case 'cookie':
	$value = htmlspecialchars($_COOKIE[$name]);
	break;
	case 'browser':
	$value = $this->browser->{$name};
	break;
	}

	if (is_array($value)) {
	$value = implode(', ', $value);
	}

	return html::quote($value);
	break;
	}
	return '';
	}


	/**
	* Include a specific file and return it's contents
	*
	* @param string File path
	* @return string Contents of the processed file
	*/
	protected function include_php($file)
	{
	ob_start();
	include $file;
	$out = ob_get_contents();
	ob_end_clean();

	return $out;
	}


	/**
	* Create and register a button
	*
	* @param array Named button attributes
	* @return string HTML button
	* @todo Remove all inline JS calls and use jQuery instead.
	* @todo Remove all sprintf()'s - they are pretty, but also slow.
	*/
	public function button($attrib)
	{
	static $s_button_count = 100;

	// these commands can be called directly via url
	$a_static_commands = array('compose', 'list', 'preferences', 'folders', 'identities');

	if (!($attrib['command'] \|\| $attrib['name'])) {
	return '';
	}

	// try to find out the button type
	if ($attrib['type']) {
	$attrib['type'] = strtolower($attrib['type']);
	}
	else {
	$attrib['type'] = ($attrib['image'] \|\| $attrib['imagepas'] \|\| $attrib['imageact']) ? 'image' : 'link';
	}

	$command = $attrib['command'];

	if ($attrib['task'])
	$command = $attrib['task'] . '.' . $command;

	if (!$attrib['image']) {
	$attrib['image'] = $attrib['imagepas'] ? $attrib['imagepas'] : $attrib['imageact'];
	}

	if (!$attrib['id']) {
	$attrib['id'] = sprintf('rcmbtn%d', $s_button_count++);
	}
	// get localized text for labels and titles
	if ($attrib['title']) {
	$attrib['title'] = html::quote($this->app->gettext($attrib['title'], $attrib['domain']));
	}
	if ($attrib['label']) {
	$attrib['label'] = html::quote($this->app->gettext($attrib['label'], $attrib['domain']));
	}
	if ($attrib['alt']) {
	$attrib['alt'] = html::quote($this->app->gettext($attrib['alt'], $attrib['domain']));
	}

	// set title to alt attribute for IE browsers
	if ($this->browser->ie && !$attrib['title'] && $attrib['alt']) {
	$attrib['title'] = $attrib['alt'];
	}

	// add empty alt attribute for XHTML compatibility
	if (!isset($attrib['alt'])) {
	$attrib['alt'] = '';
	}

	// register button in the system
	if ($attrib['command']) {
	$this->add_script(sprintf(
	"%s.register_button('%s', '%s', '%s', '%s', '%s', '%s');",
	self::JS_OBJECT_NAME,
	$command,
	$attrib['id'],
	$attrib['type'],
	$attrib['imageact'] ? $this->abs_url($attrib['imageact']) : $attrib['classact'],
	$attrib['imagesel'] ? $this->abs_url($attrib['imagesel']) : $attrib['classsel'],
	$attrib['imageover'] ? $this->abs_url($attrib['imageover']) : ''
	));

	// make valid href to specific buttons
	if (in_array($attrib['command'], rcmail::$main_tasks)) {
	$attrib['href'] = $this->app->url(array('task' => $attrib['command']));
	$attrib['onclick'] = sprintf("return %s.command('switch-task','%s',this,event)", self::JS_OBJECT_NAME, $attrib['command']);
	}
	else if ($attrib['task'] && in_array($attrib['task'], rcmail::$main_tasks)) {
	$attrib['href'] = $this->app->url(array('action' => $attrib['command'], 'task' => $attrib['task']));
	}
	else if (in_array($attrib['command'], $a_static_commands)) {
	$attrib['href'] = $this->app->url(array('action' => $attrib['command']));
	}
	else if (($attrib['command'] == 'permaurl' \|\| $attrib['command'] == 'extwin') && !empty($this->env['permaurl'])) {
	$attrib['href'] = $this->env['permaurl'];
	}
	}

	// overwrite attributes
	if (!$attrib['href']) {
	$attrib['href'] = '#';
	}
	if ($attrib['task']) {
	if ($attrib['classact'])
	$attrib['class'] = $attrib['classact'];
	}
	else if ($command && !$attrib['onclick']) {
	$attrib['onclick'] = sprintf(
	"return %s.command('%s','%s',this,event)",
	self::JS_OBJECT_NAME,
	$command,
	$attrib['prop']
	);
	}

	$out = '';

	// generate image tag
	if ($attrib['type'] == 'image') {
	$attrib_str = html::attrib_string(
	$attrib,
	array(
	'style', 'class', 'id', 'width', 'height', 'border', 'hspace',
	'vspace', 'align', 'alt', 'tabindex', 'title'
	)
	);
	$btn_content = sprintf('<img src="%s"%s />', $this->abs_url($attrib['image']), $attrib_str);
	if ($attrib['label']) {
	$btn_content .= ' '.$attrib['label'];
	}
	$link_attrib = array('href', 'onclick', 'onmouseover', 'onmouseout', 'onmousedown', 'onmouseup', 'target');
	}
	else if ($attrib['type'] == 'link') {
	$btn_content = isset($attrib['content']) ? $attrib['content'] : ($attrib['label'] ? $attrib['label'] : $attrib['command']);
	$link_attrib = array('href', 'onclick', 'title', 'id', 'class', 'style', 'tabindex', 'target');
	if ($attrib['innerclass'])
	$btn_content = html::span($attrib['innerclass'], $btn_content);
	}
	else if ($attrib['type'] == 'input') {
	$attrib['type'] = 'button';

	if ($attrib['label']) {
	$attrib['value'] = $attrib['label'];
	}
	if ($attrib['command']) {
	$attrib['disabled'] = 'disabled';
	}

	$out = html::tag('input', $attrib, null, array('type', 'value', 'onclick', 'id', 'class', 'style', 'tabindex', 'disabled'));
	}

	// generate html code for button
	if ($btn_content) {
	$attrib_str = html::attrib_string($attrib, $link_attrib);
	$out = sprintf('<a%s>%s</a>', $attrib_str, $btn_content);
	}

	if ($attrib['wrapper']) {
	$out = html::tag($attrib['wrapper'], null, $out);
	}

	return $out;
	}


	/**
	* Link an external script file
	*
	* @param string File URL
	* @param string Target position [head\|foot]
	*/
	public function include_script($file, $position='head')
	{
	static $sa_files = array();

	if (!preg_match('\|^https?://\|i', $file) && $file[0] != '/') {
	$file = $this->scripts_path . $file;
	if ($fs = @filemtime($file)) {
	$file .= '?s=' . $fs;
	}
	}

	if (in_array($file, $sa_files)) {
	return;
	}

	$sa_files[] = $file;

	if (!is_array($this->script_files[$position])) {
	$this->script_files[$position] = array();
	}

	$this->script_files[$position][] = $file;
	}


	/**
	* Add inline javascript code
	*
	* @param string JS code snippet
	* @param string Target position [head\|head_top\|foot]
	*/
	public function add_script($script, $position='head')
	{
	if (!isset($this->scripts[$position])) {
	$this->scripts[$position] = "\n" . rtrim($script);
	}
	else {
	$this->scripts[$position] .= "\n" . rtrim($script);
	}
	}


	/**
	* Link an external css file
	*
	* @param string File URL
	*/
	public function include_css($file)
	{
	$this->css_files[] = $file;
	}


	/**
	* Add HTML code to the page header
	*
	* @param string $str HTML code
	*/
	public function add_header($str)
	{
	$this->header .= "\n" . $str;
	}


	/**
	* Add HTML code to the page footer
	* To be added right befor </body>
	*
	* @param string $str HTML code
	*/
	public function add_footer($str)
	{
	$this->footer .= "\n" . $str;
	}


	/**
	* Process template and write to stdOut
	*
	* @param string HTML template
	* @param string Base for absolute paths
	*/
	public function _write($templ = '', $base_path = '')
	{
	$output = empty($templ) ? $this->default_template : trim($templ);

	// set default page title
	if (empty($this->pagetitle)) {
	$this->pagetitle = 'Roundcube Mail';
	}

	// replace specialchars in content
	$page_title = html::quote($this->pagetitle);
	$page_header = '';
	$page_footer = '';

	// include meta tag with charset
	if (!empty($this->charset)) {
	if (!headers_sent()) {
	header('Content-Type: text/html; charset=' . $this->charset);
	}
	$page_header = '<meta http-equiv="content-type"';
	$page_header.= ' content="text/html; charset=';
	$page_header.= $this->charset . '" />'."\n";
	}

	// definition of the code to be placed in the document header and footer
	if (is_array($this->script_files['head'])) {
	foreach ($this->script_files['head'] as $file) {
	$page_header .= html::script($file);
	}
	}

	$head_script = $this->scripts['head_top'] . $this->scripts['head'];
	if (!empty($head_script)) {
	$page_header .= html::script(array(), $head_script);
	}

	if (!empty($this->header)) {
	$page_header .= $this->header;
	}

	// put docready commands into page footer
	if (!empty($this->scripts['docready'])) {
	$this->add_script('$(document).ready(function(){ ' . $this->scripts['docready'] . "\n});", 'foot');
	}

	if (is_array($this->script_files['foot'])) {
	foreach ($this->script_files['foot'] as $file) {
	$page_footer .= html::script($file);
	}
	}

	if (!empty($this->footer)) {
	$page_footer .= $this->footer . "\n";
	}

	if (!empty($this->scripts['foot'])) {
	$page_footer .= html::script(array(), $this->scripts['foot']);
	}

	// find page header
	if ($hpos = stripos($output, '</head>')) {
	$page_header .= "\n";
	}
	else {
	if (!is_numeric($hpos)) {
	$hpos = stripos($output, '<body');
	}
	if (!is_numeric($hpos) && ($hpos = stripos($output, '<html'))) {
	while ($output[$hpos] != '>') {
	$hpos++;
	}
	$hpos++;
	}
	$page_header = "<head>\n<title>$page_title</title>\n$page_header\n</head>\n";
	}

	// add page hader
	if ($hpos) {
	$output = substr_replace($output, $page_header, $hpos, 0);
	}
	else {
	$output = $page_header . $output;
	}

	// add page footer
	if (($fpos = strripos($output, '</body>')) \|\| ($fpos = strripos($output, '</html>'))) {
	$output = substr_replace($output, $page_footer."\n", $fpos, 0);
	}
	else {
	$output .= "\n".$page_footer;
	}

	// add css files in head, before scripts, for speed up with parallel downloads
	if (!empty($this->css_files) &&
	(($pos = stripos($output, '<script ')) \|\| ($pos = stripos($output, '</head>')))
	) {
	$css = '';
	foreach ($this->css_files as $file) {
	$css .= html::tag('link', array('rel' => 'stylesheet',
	'type' => 'text/css', 'href' => $file, 'nl' => true));
	}
	$output = substr_replace($output, $css, $pos, 0);
	}

	$output = $this->parse_with_globals($this->fix_paths($output));

	// trigger hook with final HTML content to be sent
	$hook = $this->app->plugins->exec_hook("send_page", array('content' => $output));
	if (!$hook['abort']) {
	if ($this->charset != RCUBE_CHARSET) {
	echo rcube_charset::convert($hook['content'], RCUBE_CHARSET, $this->charset);
	}
	else {
	echo $hook['content'];
	}
	}
	}


	/**
	* Returns iframe object, registers some related env variables
	*
	* @param array $attrib HTML attributes
	* @param boolean $is_contentframe Register this iframe as the 'contentframe' gui object
	* @return string IFRAME element
	*/
	public function frame($attrib, $is_contentframe = false)
	{
	static $idcount = 0;

	if (!$attrib['id']) {
	$attrib['id'] = 'rcmframe' . ++$idcount;
	}

	$attrib['name'] = $attrib['id'];
	$attrib['src'] = $attrib['src'] ? $this->abs_url($attrib['src'], true) : 'program/resources/blank.gif';

	// register as 'contentframe' object
	if ($is_contentframe \|\| $attrib['contentframe']) {
	$this->set_env('contentframe', $attrib['contentframe'] ? $attrib['contentframe'] : $attrib['name']);
	$this->set_env('blankpage', $attrib['src']);
	}

	return html::iframe($attrib);
	}


	/* *********** common functions delivering gui objects ************ */


	/**
	* Create a form tag with the necessary hidden fields
	*
	* @param array Named tag parameters
	* @return string HTML code for the form
	*/
	public function form_tag($attrib, $content = null)
	{
	if ($this->framed \|\| !empty($_REQUEST['_framed'])) {
	$hiddenfield = new html_hiddenfield(array('name' => '_framed', 'value' => '1'));
	$hidden = $hiddenfield->show();
	}
	if ($this->env['extwin']) {
	$hiddenfield = new html_hiddenfield(array('name' => '_extwin', 'value' => '1'));
	$hidden = $hiddenfield->show();
	}

	if (!$content)
	$attrib['noclose'] = true;

	return html::tag('form',
	$attrib + array('action' => "./", 'method' => "get"),
	$hidden . $content,
	array('id','class','style','name','method','action','enctype','onsubmit'));
	}


	/**
	* Build a form tag with a unique request token
	*
	* @param array Named tag parameters including 'action' and 'task' values which will be put into hidden fields
	* @param string Form content
	* @return string HTML code for the form
	*/
	public function request_form($attrib, $content = '')
	{
	$hidden = new html_hiddenfield();
	if ($attrib['task']) {
	$hidden->add(array('name' => '_task', 'value' => $attrib['task']));
	}
	if ($attrib['action']) {
	$hidden->add(array('name' => '_action', 'value' => $attrib['action']));
	}

	unset($attrib['task'], $attrib['request']);
	$attrib['action'] = './';

	// we already have a <form> tag
	if ($attrib['form']) {
	if ($this->framed \|\| !empty($_REQUEST['_framed']))
	$hidden->add(array('name' => '_framed', 'value' => '1'));
	return $hidden->show() . $content;
	}
	else
	return $this->form_tag($attrib, $hidden->show() . $content);
	}


	/**
	* GUI object 'username'
	* Showing IMAP username of the current session
	*
	* @param array Named tag parameters (currently not used)
	* @return string HTML code for the gui object
	*/
	public function current_username($attrib)
	{
	static $username;

	// alread fetched
	if (!empty($username)) {
	return $username;
	}

	// Current username is an e-mail address
	if (strpos($_SESSION['username'], '@')) {
	$username = $_SESSION['username'];
	}
	// get e-mail address from default identity
	else if ($sql_arr = $this->app->user->get_identity()) {
	$username = $sql_arr['email'];
	}
	else {
	$username = $this->app->user->get_username();
	}

	return rcube_utils::idn_to_utf8($username);
	}


	/**
	* GUI object 'loginform'
	* Returns code for the webmail login form
	*
	* @param array Named parameters
	* @return string HTML code for the gui object
	*/
	protected function login_form($attrib)
	{
	$default_host = $this->config->get('default_host');
	$autocomplete = (int) $this->config->get('login_autocomplete');

	$_SESSION['temp'] = true;

	// save original url
	$url = rcube_utils::get_input_value('_url', rcube_utils::INPUT_POST);
	if (empty($url) && !preg_match('/_(task\|action)=logout/', $_SERVER['QUERY_STRING']))
	$url = $_SERVER['QUERY_STRING'];

	// Disable autocapitalization on iPad/iPhone (#1488609)
	$attrib['autocapitalize'] = 'off';

	// set atocomplete attribute
	$user_attrib = $autocomplete > 0 ? array() : array('autocomplete' => 'off');
	$host_attrib = $autocomplete > 0 ? array() : array('autocomplete' => 'off');
	$pass_attrib = $autocomplete > 1 ? array() : array('autocomplete' => 'off');

	$input_task = new html_hiddenfield(array('name' => '_task', 'value' => 'login'));
	$input_action = new html_hiddenfield(array('name' => '_action', 'value' => 'login'));
	$input_tzone = new html_hiddenfield(array('name' => '_timezone', 'id' => 'rcmlogintz', 'value' => '_default_'));
	$input_url = new html_hiddenfield(array('name' => '_url', 'id' => 'rcmloginurl', 'value' => $url));
	$input_user = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser')
	+ $attrib + $user_attrib);
	$input_pass = new html_passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd')
	+ $attrib + $pass_attrib);
	$input_host = null;

	if (is_array($default_host) && count($default_host) > 1) {
	$input_host = new html_select(array('name' => '_host', 'id' => 'rcmloginhost'));

	foreach ($default_host as $key => $value) {
	if (!is_array($value)) {
	$input_host->add($value, (is_numeric($key) ? $value : $key));
	}
	else {
	$input_host = null;
	break;
	}
	}
	}
	else if (is_array($default_host) && ($host = key($default_host)) !== null) {
	$hide_host = true;
	$input_host = new html_hiddenfield(array(
	'name' => '_host', 'id' => 'rcmloginhost', 'value' => is_numeric($host) ? $default_host[$host] : $host) + $attrib);
	}
	else if (empty($default_host)) {
	$input_host = new html_inputfield(array('name' => '_host', 'id' => 'rcmloginhost')
	+ $attrib + $host_attrib);
	}

	$form_name = !empty($attrib['form']) ? $attrib['form'] : 'form';
	$this->add_gui_object('loginform', $form_name);

	// create HTML table with two cols
	$table = new html_table(array('cols' => 2));

	$table->add('title', html::label('rcmloginuser', html::quote($this->app->gettext('username'))));
	$table->add('input', $input_user->show(rcube_utils::get_input_value('_user', rcube_utils::INPUT_GPC)));

	$table->add('title', html::label('rcmloginpwd', html::quote($this->app->gettext('password'))));
	$table->add('input', $input_pass->show());

	// add host selection row
	if (is_object($input_host) && !$hide_host) {
	$table->add('title', html::label('rcmloginhost', html::quote($this->app->gettext('server'))));
	$table->add('input', $input_host->show(rcube_utils::get_input_value('_host', rcube_utils::INPUT_GPC)));
	}

	$out = $input_task->show();
	$out .= $input_action->show();
	$out .= $input_tzone->show();
	$out .= $input_url->show();
	$out .= $table->show();

	if ($hide_host) {
	$out .= $input_host->show();
	}

	// surround html output with a form tag
	if (empty($attrib['form'])) {
	$out = $this->form_tag(array('name' => $form_name, 'method' => 'post'), $out);
	}

	// include script for timezone detection
	$this->include_script('jstz.min.js');

	return $out;
	}


	/**
	* GUI object 'preloader'
	* Loads javascript code for images preloading
	*
	* @param array Named parameters
	* @return void
	*/
	protected function preloader($attrib)
	{
	$images = preg_split('/[\s\t\n,]+/', $attrib['images'], -1, PREG_SPLIT_NO_EMPTY);
	$images = array_map(array($this, 'abs_url'), $images);

	if (empty($images) \|\| $this->app->task == 'logout')
	return;

	$this->add_script('var images = ' . self::json_serialize($images) .';
	for (var i=0; i<images.length; i++) {
	img = new Image();
	img.src = images[i];
	}', 'docready');
	}


	/**
	* GUI object 'searchform'
	* Returns code for search function
	*
	* @param array Named parameters
	* @return string HTML code for the gui object
	*/
	protected function search_form($attrib)
	{
	// add some labels to client
	$this->add_label('searching');

	$attrib['name'] = '_q';

	if (empty($attrib['id'])) {
	$attrib['id'] = 'rcmqsearchbox';
	}
	if ($attrib['type'] == 'search' && !$this->browser->khtml) {
	unset($attrib['type'], $attrib['results']);
	}

	$input_q = new html_inputfield($attrib);
	$out = $input_q->show();

	$this->add_gui_object('qsearchbox', $attrib['id']);

	// add form tag around text field
	if (empty($attrib['form'])) {
	$out = $this->form_tag(array(
	'name' => "rcmqsearchform",
	'onsubmit' => self::JS_OBJECT_NAME . ".command('search'); return false",
	'style' => "display:inline"),
	$out);
	}

	return $out;
	}


	/**
	* Builder for GUI object 'message'
	*
	* @param array Named tag parameters
	* @return string HTML code for the gui object
	*/
	protected function message_container($attrib)
	{
	if (isset($attrib['id']) === false) {
	$attrib['id'] = 'rcmMessageContainer';
	}

	$this->add_gui_object('message', $attrib['id']);

	return html::div($attrib, '');
	}


	/**
	* GUI object 'charsetselector'
	*
	* @param array Named parameters for the select tag
	* @return string HTML code for the gui object
	*/
	public function charset_selector($attrib)
	{
	// pass the following attributes to the form class
	$field_attrib = array('name' => '_charset');
	foreach ($attrib as $attr => $value) {
	if (in_array($attr, array('id', 'name', 'class', 'style', 'size', 'tabindex'))) {
	$field_attrib[$attr] = $value;
	}
	}

	$charsets = array(
	'UTF-8' => 'UTF-8 ('.$this->app->gettext('unicode').')',
	'US-ASCII' => 'ASCII ('.$this->app->gettext('english').')',
	'ISO-8859-1' => 'ISO-8859-1 ('.$this->app->gettext('westerneuropean').')',
	'ISO-8859-2' => 'ISO-8859-2 ('.$this->app->gettext('easterneuropean').')',
	'ISO-8859-4' => 'ISO-8859-4 ('.$this->app->gettext('baltic').')',
	'ISO-8859-5' => 'ISO-8859-5 ('.$this->app->gettext('cyrillic').')',
	'ISO-8859-6' => 'ISO-8859-6 ('.$this->app->gettext('arabic').')',
	'ISO-8859-7' => 'ISO-8859-7 ('.$this->app->gettext('greek').')',
	'ISO-8859-8' => 'ISO-8859-8 ('.$this->app->gettext('hebrew').')',
	'ISO-8859-9' => 'ISO-8859-9 ('.$this->app->gettext('turkish').')',
	'ISO-8859-10' => 'ISO-8859-10 ('.$this->app->gettext('nordic').')',
	'ISO-8859-11' => 'ISO-8859-11 ('.$this->app->gettext('thai').')',
	'ISO-8859-13' => 'ISO-8859-13 ('.$this->app->gettext('baltic').')',
	'ISO-8859-14' => 'ISO-8859-14 ('.$this->app->gettext('celtic').')',
	'ISO-8859-15' => 'ISO-8859-15 ('.$this->app->gettext('westerneuropean').')',
	'ISO-8859-16' => 'ISO-8859-16 ('.$this->app->gettext('southeasterneuropean').')',
	'WINDOWS-1250' => 'Windows-1250 ('.$this->app->gettext('easterneuropean').')',
	'WINDOWS-1251' => 'Windows-1251 ('.$this->app->gettext('cyrillic').')',
	'WINDOWS-1252' => 'Windows-1252 ('.$this->app->gettext('westerneuropean').')',
	'WINDOWS-1253' => 'Windows-1253 ('.$this->app->gettext('greek').')',
	'WINDOWS-1254' => 'Windows-1254 ('.$this->app->gettext('turkish').')',
	'WINDOWS-1255' => 'Windows-1255 ('.$this->app->gettext('hebrew').')',
	'WINDOWS-1256' => 'Windows-1256 ('.$this->app->gettext('arabic').')',
	'WINDOWS-1257' => 'Windows-1257 ('.$this->app->gettext('baltic').')',
	'WINDOWS-1258' => 'Windows-1258 ('.$this->app->gettext('vietnamese').')',
	'ISO-2022-JP' => 'ISO-2022-JP ('.$this->app->gettext('japanese').')',
	'ISO-2022-KR' => 'ISO-2022-KR ('.$this->app->gettext('korean').')',
	'ISO-2022-CN' => 'ISO-2022-CN ('.$this->app->gettext('chinese').')',
	'EUC-JP' => 'EUC-JP ('.$this->app->gettext('japanese').')',
	'EUC-KR' => 'EUC-KR ('.$this->app->gettext('korean').')',
	'EUC-CN' => 'EUC-CN ('.$this->app->gettext('chinese').')',
	'BIG5' => 'BIG5 ('.$this->app->gettext('chinese').')',
	'GB2312' => 'GB2312 ('.$this->app->gettext('chinese').')',
	);

	if (!empty($_POST['_charset'])) {
	$set = $_POST['_charset'];
	}
	else if (!empty($attrib['selected'])) {
	$set = $attrib['selected'];
	}
	else {
	$set = $this->get_charset();
	}

	$set = strtoupper($set);
	if (!isset($charsets[$set])) {
	$charsets[$set] = $set;
	}

	$select = new html_select($field_attrib);
	$select->add(array_values($charsets), array_keys($charsets));

	return $select->show($set);
	}

	/**
	* Include content from config/about.<LANG>.html if available
	*/
	protected function about_content($attrib)
	{
	$content = '';
	$filenames = array(
	'about.' . $_SESSION['language'] . '.html',
	'about.' . substr($_SESSION['language'], 0, 2) . '.html',
	'about.html',
	);
	foreach ($filenames as $file) {
	$fn = RCUBE_CONFIG_DIR . $file;
	if (is_readable($fn)) {
	$content = file_get_contents($fn);
	$content = $this->parse_conditions($content);
	$content = $this->parse_xml($content);
	break;
	}
	}

	return $content;
	}

	}
	diff --git a/program/lib/Roundcube/bootstrap.php b/program/lib/Roundcube/bootstrap.php
	index 68d314270..182ea1232 100644
	--- a/program/lib/Roundcube/bootstrap.php
	+++ b/program/lib/Roundcube/bootstrap.php
	@@ -1,488 +1,489 @@
	<?php

	/*
	+-----------------------------------------------------------------------+
	\| This file is part of the Roundcube PHP suite \|
	\| Copyright (C) 2005-2013, The Roundcube Dev Team \|
	\| \|
	\| Licensed under the GNU General Public License version 3 or \|
	\| any later version with exceptions for skins & plugins. \|
	\| See the README file for a full license statement. \|
	\| \|
	\| CONTENTS: \|
	\| Roundcube Framework Initialization \|
	+-----------------------------------------------------------------------+
	\| Author: Thomas Bruederli <roundcube@gmail.com> \|
	\| Author: Aleksander Machniak <alec@alec.pl> \|
	+-----------------------------------------------------------------------+
	*/


	/**
	* Roundcube Framework Initialization
	*
	* @package Framework
	* @subpackage Core
	*/

	$config = array(
	'error_reporting' => E_ALL &~ (E_NOTICE \| E_STRICT),
	// Some users are not using Installer, so we'll check some
	// critical PHP settings here. Only these, which doesn't provide
	// an error/warning in the logs later. See (#1486307).
	'mbstring.func_overload' => 0,
	'magic_quotes_runtime' => 0,
	'magic_quotes_sybase' => 0, // #1488506
	);

	// check these additional ini settings if not called via CLI
	if (php_sapi_name() != 'cli') {
	$config += array(
	'suhosin.session.encrypt' => 0,
	'file_uploads' => 1,
	);
	}

	foreach ($config as $optname => $optval) {
	- if ($optval != ini_get($optname) && @ini_set($optname, $optval) === false) {
	+ $ini_optval = filter_var(ini_get($optname), FILTER_VALIDATE_BOOLEAN);
	+ if ($optval != $ini_optval && @ini_set($optname, $optval) === false) {
	$error = "ERROR: Wrong '$optname' option value and it wasn't possible to set it to required value ($optval).\n"
	. "Check your PHP configuration (including php_admin_flag).";
	if (defined('STDERR')) fwrite(STDERR, $error); else echo $error;
	exit(1);
	}
	}

	// framework constants
	define('RCUBE_VERSION', '1.0-git');
	define('RCUBE_CHARSET', 'UTF-8');

	if (!defined('RCUBE_LIB_DIR')) {
	define('RCUBE_LIB_DIR', dirname(__FILE__).'/');
	}

	if (!defined('RCUBE_INSTALL_PATH')) {
	define('RCUBE_INSTALL_PATH', RCUBE_LIB_DIR);
	}

	if (!defined('RCUBE_CONFIG_DIR')) {
	define('RCUBE_CONFIG_DIR', RCUBE_INSTALL_PATH . 'config/');
	}

	if (!defined('RCUBE_PLUGINS_DIR')) {
	define('RCUBE_PLUGINS_DIR', RCUBE_INSTALL_PATH . 'plugins/');
	}

	if (!defined('RCUBE_LOCALIZATION_DIR')) {
	define('RCUBE_LOCALIZATION_DIR', RCUBE_INSTALL_PATH . 'localization/');
	}

	// set internal encoding for mbstring extension
	if (extension_loaded('mbstring')) {
	mb_internal_encoding(RCUBE_CHARSET);
	@mb_regex_encoding(RCUBE_CHARSET);
	}

	// Register autoloader
	spl_autoload_register('rcube_autoload');

	// set PEAR error handling (will also load the PEAR main class)
	PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'rcube_pear_error');



	/**
	* Similar function as in_array() but case-insensitive
	*
	* @param string $needle Needle value
	* @param array $heystack Array to search in
	*
	* @return boolean True if found, False if not
	*/
	function in_array_nocase($needle, $haystack)
	{
	$needle = mb_strtolower($needle);
	foreach ((array)$haystack as $value) {
	if ($needle === mb_strtolower($value)) {
	return true;
	}
	}

	return false;
	}


	/**
	* Parse a human readable string for a number of bytes.
	*
	* @param string $str Input string
	*
	* @return float Number of bytes
	*/
	function parse_bytes($str)
	{
	if (is_numeric($str)) {
	return floatval($str);
	}

	if (preg_match('/([0-9\.]+)\s([a-z])/i', $str, $regs)) {
	$bytes = floatval($regs[1]);
	switch (strtolower($regs[2])) {
	case 'g':
	case 'gb':
	$bytes *= 1073741824;
	break;
	case 'm':
	case 'mb':
	$bytes *= 1048576;
	break;
	case 'k':
	case 'kb':
	$bytes *= 1024;
	break;
	}
	}

	return floatval($bytes);
	}


	/**
	* Make sure the string ends with a slash
	*/
	function slashify($str)
	{
	return unslashify($str).'/';
	}


	/**
	* Remove slashes at the end of the string
	*/
	function unslashify($str)
	{
	return preg_replace('/\/+$/', '', $str);
	}


	/**
	* Returns number of seconds for a specified offset string.
	*
	* @param string $str String representation of the offset (e.g. 20min, 5h, 2days, 1week)
	*
	* @return int Number of seconds
	*/
	function get_offset_sec($str)
	{
	if (preg_match('/^([0-9]+)\s*([smhdw])/i', $str, $regs)) {
	$amount = (int) $regs[1];
	$unit = strtolower($regs[2]);
	}
	else {
	$amount = (int) $str;
	$unit = 's';
	}

	switch ($unit) {
	case 'w':
	$amount *= 7;
	case 'd':
	$amount *= 24;
	case 'h':
	$amount *= 60;
	case 'm':
	$amount *= 60;
	}

	return $amount;
	}


	/**
	* Create a unix timestamp with a specified offset from now.
	*
	* @param string $offset_str String representation of the offset (e.g. 20min, 5h, 2days)
	* @param int $factor Factor to multiply with the offset
	*
	* @return int Unix timestamp
	*/
	function get_offset_time($offset_str, $factor=1)
	{
	return time() + get_offset_sec($offset_str) * $factor;
	}


	/**
	* Truncate string if it is longer than the allowed length.
	* Replace the middle or the ending part of a string with a placeholder.
	*
	* @param string $str Input string
	* @param int $maxlength Max. length
	* @param string $placeholder Replace removed chars with this
	* @param bool $ending Set to True if string should be truncated from the end
	*
	* @return string Abbreviated string
	*/
	function abbreviate_string($str, $maxlength, $placeholder='...', $ending=false)
	{
	$length = mb_strlen($str);

	if ($length > $maxlength) {
	if ($ending) {
	return mb_substr($str, 0, $maxlength) . $placeholder;
	}

	$placeholder_length = mb_strlen($placeholder);
	$first_part_length = floor(($maxlength - $placeholder_length)/2);
	$second_starting_location = $length - $maxlength + $first_part_length + $placeholder_length;

	$str = mb_substr($str, 0, $first_part_length) . $placeholder . mb_substr($str, $second_starting_location);
	}

	return $str;
	}


	/**
	* Get all keys from array (recursive).
	*
	* @param array $array Input array
	*
	* @return array List of array keys
	*/
	function array_keys_recursive($array)
	{
	$keys = array();

	if (!empty($array) && is_array($array)) {
	foreach ($array as $key => $child) {
	$keys[] = $key;
	foreach (array_keys_recursive($child) as $val) {
	$keys[] = $val;
	}
	}
	}

	return $keys;
	}


	/**
	* Remove all non-ascii and non-word chars except ., -, _
	*/
	function asciiwords($str, $css_id = false, $replace_with = '')
	{
	$allowed = 'a-z0-9\_\-' . (!$css_id ? '\.' : '');
	return preg_replace("/[^$allowed]/i", $replace_with, $str);
	}


	/**
	* Check if a string contains only ascii characters
	*
	* @param string $str String to check
	* @param bool $control_chars Includes control characters
	*
	* @return bool
	*/
	function is_ascii($str, $control_chars = true)
	{
	$regexp = $control_chars ? '/[^\x00-\x7F]/' : '/[^\x20-\x7E]/';
	return preg_match($regexp, $str) ? false : true;
	}


	/**
	* Compose a valid representation of name and e-mail address
	*
	* @param string $email E-mail address
	* @param string $name Person name
	*
	* @return string Formatted string
	*/
	function format_email_recipient($email, $name = '')
	{
	$email = trim($email);

	if ($name && $name != $email) {
	// Special chars as defined by RFC 822 need to in quoted string (or escaped).
	if (preg_match('/[\<\>\\\.\[\]@,;:"]/', $name)) {
	$name = '"'.addcslashes($name, '"').'"';
	}

	return "$name <$email>";
	}

	return $email;
	}


	/**
	* Format e-mail address
	*
	* @param string $email E-mail address
	*
	* @return string Formatted e-mail address
	*/
	function format_email($email)
	{
	$email = trim($email);
	$parts = explode('@', $email);
	$count = count($parts);

	if ($count > 1) {
	$parts[$count-1] = mb_strtolower($parts[$count-1]);

	$email = implode('@', $parts);
	}

	return $email;
	}


	/**
	* Fix version number so it can be used correctly in version_compare()
	*
	* @param string $version Version number string
	*
	* @param return Version number string
	*/
	function version_parse($version)
	{
	return str_replace(
	array('-stable', '-git'),
	array('.0', '.99'),
	$version);
	}


	/**
	* mbstring replacement functions
	*/
	if (!extension_loaded('mbstring'))
	{
	function mb_strlen($str)
	{
	return strlen($str);
	}

	function mb_strtolower($str)
	{
	return strtolower($str);
	}

	function mb_strtoupper($str)
	{
	return strtoupper($str);
	}

	function mb_substr($str, $start, $len=null)
	{
	return substr($str, $start, $len);
	}

	function mb_strpos($haystack, $needle, $offset=0)
	{
	return strpos($haystack, $needle, $offset);
	}

	function mb_strrpos($haystack, $needle, $offset=0)
	{
	return strrpos($haystack, $needle, $offset);
	}
	}

	/**
	* intl replacement functions
	*/

	if (!function_exists('idn_to_utf8'))
	{
	function idn_to_utf8($domain, $flags=null)
	{
	static $idn, $loaded;

	if (!$loaded) {
	$idn = new Net_IDNA2();
	$loaded = true;
	}

	if ($idn && $domain && preg_match('/(^\|\.)xn--/i', $domain)) {
	try {
	$domain = $idn->decode($domain);
	}
	catch (Exception $e) {
	}
	}
	return $domain;
	}
	}

	if (!function_exists('idn_to_ascii'))
	{
	function idn_to_ascii($domain, $flags=null)
	{
	static $idn, $loaded;

	if (!$loaded) {
	$idn = new Net_IDNA2();
	$loaded = true;
	}

	if ($idn && $domain && preg_match('/[^\x20-\x7E]/', $domain)) {
	try {
	$domain = $idn->encode($domain);
	}
	catch (Exception $e) {
	}
	}
	return $domain;
	}
	}

	/**
	* Use PHP5 autoload for dynamic class loading
	*
	* @todo Make Zend, PEAR etc play with this
	* @todo Make our classes conform to a more straight forward CS.
	*/
	function rcube_autoload($classname)
	{
	$filename = preg_replace(
	array(
	'/Mail_(.+)/',
	'/Net_(.+)/',
	'/Auth_(.+)/',
	'/^html_.+/',
	'/^rcube(.*)/',
	'/^utf8$/',
	),
	array(
	'Mail/\\1',
	'Net/\\1',
	'Auth/\\1',
	'Roundcube/html',
	'Roundcube/rcube\\1',
	'utf8.class',
	),
	$classname
	);

	if ($fp = @fopen("$filename.php", 'r', true)) {
	fclose($fp);
	include_once "$filename.php";
	return true;
	}

	return false;
	}

	/**
	* Local callback function for PEAR errors
	*/
	function rcube_pear_error($err)
	{
	error_log(sprintf("%s (%s): %s",
	$err->getMessage(),
	$err->getCode(),
	$err->getUserinfo()), 0);
	}
	diff --git a/program/lib/Roundcube/rcube.php b/program/lib/Roundcube/rcube.php
	index 21b49f49b..6543a399c 100644
	--- a/program/lib/Roundcube/rcube.php
	+++ b/program/lib/Roundcube/rcube.php
	@@ -1,1549 +1,1549 @@
	<?php

	/*
	+-----------------------------------------------------------------------+
	\| This file is part of the Roundcube Webmail client \|
	\| Copyright (C) 2008-2012, The Roundcube Dev Team \|
	\| Copyright (C) 2011-2012, Kolab Systems AG \|
	\| \|
	\| Licensed under the GNU General Public License version 3 or \|
	\| any later version with exceptions for skins & plugins. \|
	\| See the README file for a full license statement. \|
	\| \|
	\| PURPOSE: \|
	\| Framework base class providing core functions and holding \|
	\| instances of all 'global' objects like db- and storage-connections \|
	+-----------------------------------------------------------------------+
	\| Author: Thomas Bruederli <roundcube@gmail.com> \|
	+-----------------------------------------------------------------------+
	*/


	/**
	* Base class of the Roundcube Framework
	* implemented as singleton
	*
	* @package Framework
	* @subpackage Core
	*/
	class rcube
	{
	const INIT_WITH_DB = 1;
	const INIT_WITH_PLUGINS = 2;

	/**
	* Singleton instace of rcube
	*
	* @var rcube
	*/
	static protected $instance;

	/**
	* Stores instance of rcube_config.
	*
	* @var rcube_config
	*/
	public $config;

	/**
	* Instace of database class.
	*
	* @var rcube_db
	*/
	public $db;

	/**
	* Instace of Memcache class.
	*
	* @var Memcache
	*/
	public $memcache;

	/**
	* Instace of rcube_session class.
	*
	* @var rcube_session
	*/
	public $session;

	/**
	* Instance of rcube_smtp class.
	*
	* @var rcube_smtp
	*/
	public $smtp;

	/**
	* Instance of rcube_storage class.
	*
	* @var rcube_storage
	*/
	public $storage;

	/**
	* Instance of rcube_output class.
	*
	* @var rcube_output
	*/
	public $output;

	/**
	* Instance of rcube_plugin_api.
	*
	* @var rcube_plugin_api
	*/
	public $plugins;


	/* private/protected vars */
	protected $texts;
	protected $caches = array();
	protected $shutdown_functions = array();


	/**
	* This implements the 'singleton' design pattern
	*
	* @param integer Options to initialize with this instance. See rcube::INIT_WITH_* constants
	*
	* @return rcube The one and only instance
	*/
	static function get_instance($mode = 0)
	{
	if (!self::$instance) {
	self::$instance = new rcube();
	self::$instance->init($mode);
	}

	return self::$instance;
	}


	/**
	* Private constructor
	*/
	protected function __construct()
	{
	// load configuration
	$this->config = new rcube_config;
	$this->plugins = new rcube_dummy_plugin_api;

	register_shutdown_function(array($this, 'shutdown'));
	}


	/**
	* Initial startup function
	*/
	protected function init($mode = 0)
	{
	// initialize syslog
	if ($this->config->get('log_driver') == 'syslog') {
	$syslog_id = $this->config->get('syslog_id', 'roundcube');
	$syslog_facility = $this->config->get('syslog_facility', LOG_USER);
	openlog($syslog_id, LOG_ODELAY, $syslog_facility);
	}

	// connect to database
	if ($mode & self::INIT_WITH_DB) {
	$this->get_dbh();
	}

	// create plugin API and load plugins
	if ($mode & self::INIT_WITH_PLUGINS) {
	$this->plugins = rcube_plugin_api::get_instance();
	}
	}


	/**
	* Get the current database connection
	*
	* @return rcube_db Database object
	*/
	public function get_dbh()
	{
	if (!$this->db) {
	$config_all = $this->config->all();
	$this->db = rcube_db::factory($config_all['db_dsnw'], $config_all['db_dsnr'], $config_all['db_persistent']);
	$this->db->set_debug((bool)$config_all['sql_debug']);
	}

	return $this->db;
	}


	/**
	* Get global handle for memcache access
	*
	* @return object Memcache
	*/
	public function get_memcache()
	{
	if (!isset($this->memcache)) {
	// no memcache support in PHP
	if (!class_exists('Memcache')) {
	$this->memcache = false;
	return false;
	}

	$this->memcache = new Memcache;
	$this->mc_available = 0;

	// add all configured hosts to pool
	$pconnect = $this->config->get('memcache_pconnect', true);
	foreach ($this->config->get('memcache_hosts', array()) as $host) {
	if (substr($host, 0, 7) != 'unix://') {
	list($host, $port) = explode(':', $host);
	if (!$port) $port = 11211;
	}
	else {
	$port = 0;
	}

	$this->mc_available += intval($this->memcache->addServer(
	$host, $port, $pconnect, 1, 1, 15, false, array($this, 'memcache_failure')));
	}

	// test connection and failover (will result in $this->mc_available == 0 on complete failure)
	$this->memcache->increment('__CONNECTIONTEST__', 1); // NOP if key doesn't exist

	if (!$this->mc_available) {
	$this->memcache = false;
	}
	}

	return $this->memcache;
	}


	/**
	* Callback for memcache failure
	*/
	public function memcache_failure($host, $port)
	{
	static $seen = array();

	// only report once
	if (!$seen["$host:$port"]++) {
	$this->mc_available--;
	self::raise_error(array(
	'code' => 604, 'type' => 'db',
	'line' => __LINE__, 'file' => __FILE__,
	'message' => "Memcache failure on host $host:$port"),
	true, false);
	}
	}


	/**
	* Initialize and get cache object
	*
	* @param string $name Cache identifier
	* @param string $type Cache type ('db', 'apc' or 'memcache')
	* @param string $ttl Expiration time for cache items
	* @param bool $packed Enables/disables data serialization
	*
	* @return rcube_cache Cache object
	*/
	public function get_cache($name, $type='db', $ttl=0, $packed=true)
	{
	if (!isset($this->caches[$name]) && ($userid = $this->get_user_id())) {
	$this->caches[$name] = new rcube_cache($type, $userid, $name, $ttl, $packed);
	}

	return $this->caches[$name];
	}


	/**
	* Initialize and get shared cache object
	*
	* @param string $name Cache identifier
	* @param bool $packed Enables/disables data serialization
	*
	* @return rcube_cache_shared Cache object
	*/
	public function get_cache_shared($name, $packed=true)
	{
	$shared_name = "shared_$name";

	if (!array_key_exists($shared_name, $this->caches)) {
	$opt = strtolower($name) . '_cache';
	$type = $this->config->get($opt);
	$ttl = $this->config->get($opt . '_ttl');

	if (!$type) {
	// cache is disabled
	return $this->caches[$shared_name] = null;
	}

	if ($ttl === null) {
	$ttl = $this->config->get('shared_cache_ttl', '10d');
	}

	$this->caches[$shared_name] = new rcube_cache_shared($type, $name, $ttl, $packed);
	}

	return $this->caches[$shared_name];
	}


	/**
	* Create SMTP object and connect to server
	*
	* @param boolean True if connection should be established
	*/
	public function smtp_init($connect = false)
	{
	$this->smtp = new rcube_smtp();

	if ($connect) {
	$this->smtp->connect();
	}
	}


	/**
	* Initialize and get storage object
	*
	* @return rcube_storage Storage object
	*/
	public function get_storage()
	{
	// already initialized
	if (!is_object($this->storage)) {
	$this->storage_init();
	}

	return $this->storage;
	}


	/**
	* Initialize storage object
	*/
	public function storage_init()
	{
	// already initialized
	if (is_object($this->storage)) {
	return;
	}

	$driver = $this->config->get('storage_driver', 'imap');
	$driver_class = "rcube_{$driver}";

	if (!class_exists($driver_class)) {
	self::raise_error(array(
	'code' => 700, 'type' => 'php',
	'file' => __FILE__, 'line' => __LINE__,
	'message' => "Storage driver class ($driver) not found!"),
	true, true);
	}

	// Initialize storage object
	$this->storage = new $driver_class;

	// for backward compat. (deprecated, will be removed)
	$this->imap = $this->storage;

	// enable caching of mail data
	$storage_cache = $this->config->get("{$driver}_cache");
	$messages_cache = $this->config->get('messages_cache');
	// for backward compatybility
	if ($storage_cache === null && $messages_cache === null && $this->config->get('enable_caching')) {
	$storage_cache = 'db';
	$messages_cache = true;
	}

	if ($storage_cache) {
	$this->storage->set_caching($storage_cache);
	}
	if ($messages_cache) {
	$this->storage->set_messages_caching(true);
	}

	// set pagesize from config
	$pagesize = $this->config->get('mail_pagesize');
	if (!$pagesize) {
	$pagesize = $this->config->get('pagesize', 50);
	}
	$this->storage->set_pagesize($pagesize);

	// set class options
	$options = array(
	'auth_type' => $this->config->get("{$driver}_auth_type", 'check'),
	'auth_cid' => $this->config->get("{$driver}_auth_cid"),
	'auth_pw' => $this->config->get("{$driver}_auth_pw"),
	'debug' => (bool) $this->config->get("{$driver}_debug"),
	'force_caps' => (bool) $this->config->get("{$driver}_force_caps"),
	'timeout' => (int) $this->config->get("{$driver}_timeout"),
	'skip_deleted' => (bool) $this->config->get('skip_deleted'),
	'driver' => $driver,
	);

	if (!empty($_SESSION['storage_host'])) {
	$options['host'] = $_SESSION['storage_host'];
	$options['user'] = $_SESSION['username'];
	$options['port'] = $_SESSION['storage_port'];
	$options['ssl'] = $_SESSION['storage_ssl'];
	$options['password'] = $this->decrypt($_SESSION['password']);
	$_SESSION[$driver.'_host'] = $_SESSION['storage_host'];
	}

	$options = $this->plugins->exec_hook("storage_init", $options);

	// for backward compat. (deprecated, to be removed)
	$options = $this->plugins->exec_hook("imap_init", $options);

	$this->storage->set_options($options);
	$this->set_storage_prop();
	}


	/**
	* Set storage parameters.
	* This must be done AFTER connecting to the server!
	*/
	protected function set_storage_prop()
	{
	$storage = $this->get_storage();

	$storage->set_charset($this->config->get('default_charset', RCUBE_CHARSET));

	if ($default_folders = $this->config->get('default_folders')) {
	$storage->set_default_folders($default_folders);
	}
	if (isset($_SESSION['mbox'])) {
	$storage->set_folder($_SESSION['mbox']);
	}
	if (isset($_SESSION['page'])) {
	$storage->set_page($_SESSION['page']);
	}
	}


	/**
	* Create session object and start the session.
	*/
	public function session_init()
	{
	// session started (Installer?)
	if (session_id()) {
	return;
	}

	$sess_name = $this->config->get('session_name');
	$sess_domain = $this->config->get('session_domain');
	$sess_path = $this->config->get('session_path');
	$lifetime = $this->config->get('session_lifetime', 0) * 60;
	$is_secure = $this->config->get('use_https') \|\| rcube_utils::https_check();

	// set session domain
	if ($sess_domain) {
	ini_set('session.cookie_domain', $sess_domain);
	}
	// set session path
	if ($sess_path) {
	ini_set('session.cookie_path', $sess_path);
	}
	// set session garbage collecting time according to session_lifetime
	if ($lifetime) {
	ini_set('session.gc_maxlifetime', $lifetime * 2);
	}

	ini_set('session.cookie_secure', $is_secure);
	ini_set('session.name', $sess_name ? $sess_name : 'roundcube_sessid');
	ini_set('session.use_cookies', 1);
	ini_set('session.use_only_cookies', 1);
	ini_set('session.cookie_httponly', 1);

	// use database for storing session data
	$this->session = new rcube_session($this->get_dbh(), $this->config);

	$this->session->register_gc_handler(array($this, 'gc'));
	$this->session->set_secret($this->config->get('des_key') . dirname($_SERVER['SCRIPT_NAME']));
	$this->session->set_ip_check($this->config->get('ip_check'));

	// start PHP session (if not in CLI mode)
	if ($_SERVER['REMOTE_ADDR']) {
	$this->session->start();
	}
	}


	/**
	* Garbage collector - cache/temp cleaner
	*/
	public function gc()
	{
	rcube_cache::gc();
	rcube_cache_shared::gc();
	$this->get_storage()->cache_gc();

	$this->gc_temp();
	}


	/**
	* Garbage collector function for temp files.
	* Remove temp files older than two days
	*/
	public function gc_temp()
	{
	$tmp = unslashify($this->config->get('temp_dir'));
	$expire = time() - 172800; // expire in 48 hours

	if ($tmp && ($dir = opendir($tmp))) {
	while (($fname = readdir($dir)) !== false) {
	if ($fname{0} == '.') {
	continue;
	}

	if (filemtime($tmp.'/'.$fname) < $expire) {
	@unlink($tmp.'/'.$fname);
	}
	}

	closedir($dir);
	}
	}


	/**
	* Runs garbage collector with probability based on
	* session settings. This is intended for environments
	* without a session.
	*/
	public function gc_run()
	{
	$probability = (int) ini_get('session.gc_probability');
	$divisor = (int) ini_get('session.gc_divisor');

	if ($divisor > 0 && $probability > 0) {
	$random = mt_rand(1, $divisor);
	if ($random <= $probability) {
	$this->gc();
	}
	}
	}


	/**
	* Get localized text in the desired language
	*
	* @param mixed $attrib Named parameters array or label name
	* @param string $domain Label domain (plugin) name
	*
	* @return string Localized text
	*/
	public function gettext($attrib, $domain=null)
	{
	// load localization files if not done yet
	if (empty($this->texts)) {
	$this->load_language();
	}

	// extract attributes
	if (is_string($attrib)) {
	$attrib = array('name' => $attrib);
	}

	$name = $attrib['name'] ? $attrib['name'] : '';

	// attrib contain text values: use them from now
	if (($setval = $attrib[strtolower($_SESSION['language'])]) \|\| ($setval = $attrib['en_us'])) {
	$this->texts[$name] = $setval;
	}

	// check for text with domain
	if ($domain && ($text = $this->texts[$domain.'.'.$name])) {
	}
	// text does not exist
	else if (!($text = $this->texts[$name])) {
	return "[$name]";
	}

	// replace vars in text
	if (is_array($attrib['vars'])) {
	foreach ($attrib['vars'] as $var_key => $var_value) {
	$text = str_replace($var_key[0]!='$' ? '$'.$var_key : $var_key, $var_value, $text);
	}
	}

	// format output
	if (($attrib['uppercase'] && strtolower($attrib['uppercase'] == 'first')) \|\| $attrib['ucfirst']) {
	return ucfirst($text);
	}
	else if ($attrib['uppercase']) {
	return mb_strtoupper($text);
	}
	else if ($attrib['lowercase']) {
	return mb_strtolower($text);
	}

	return strtr($text, array('\n' => "\n"));
	}


	/**
	* Check if the given text label exists
	*
	* @param string $name Label name
	* @param string $domain Label domain (plugin) name or '*' for all domains
	* @param string $ref_domain Sets domain name if label is found
	*
	* @return boolean True if text exists (either in the current language or in en_US)
	*/
	public function text_exists($name, $domain = null, &$ref_domain = null)
	{
	// load localization files if not done yet
	if (empty($this->texts)) {
	$this->load_language();
	}

	if (isset($this->texts[$name])) {
	$ref_domain = '';
	return true;
	}

	// any of loaded domains (plugins)
	if ($domain == '*') {
	foreach ($this->plugins->loaded_plugins() as $domain) {
	if (isset($this->texts[$domain.'.'.$name])) {
	$ref_domain = $domain;
	return true;
	}
	}
	}
	// specified domain
	else if ($domain) {
	$ref_domain = $domain;
	return isset($this->texts[$domain.'.'.$name]);
	}

	return false;
	}


	/**
	* Load a localization package
	*
	* @param string Language ID
	* @param array Additional text labels/messages
	*/
	public function load_language($lang = null, $add = array())
	{
	$lang = $this->language_prop(($lang ? $lang : $_SESSION['language']));

	// load localized texts
	if (empty($this->texts) \|\| $lang != $_SESSION['language']) {
	$this->texts = array();

	// handle empty lines after closing PHP tag in localization files
	ob_start();

	// get english labels (these should be complete)
	@include(RCUBE_LOCALIZATION_DIR . 'en_US/labels.inc');
	@include(RCUBE_LOCALIZATION_DIR . 'en_US/messages.inc');

	if (is_array($labels))
	$this->texts = $labels;
	if (is_array($messages))
	$this->texts = array_merge($this->texts, $messages);

	// include user language files
	if ($lang != 'en' && $lang != 'en_US' && is_dir(RCUBE_LOCALIZATION_DIR . $lang)) {
	include_once(RCUBE_LOCALIZATION_DIR . $lang . '/labels.inc');
	include_once(RCUBE_LOCALIZATION_DIR . $lang . '/messages.inc');

	if (is_array($labels))
	$this->texts = array_merge($this->texts, $labels);
	if (is_array($messages))
	$this->texts = array_merge($this->texts, $messages);
	}

	ob_end_clean();

	$_SESSION['language'] = $lang;
	}

	// append additional texts (from plugin)
	if (is_array($add) && !empty($add)) {
	$this->texts += $add;
	}
	}


	/**
	* Check the given string and return a valid language code
	*
	* @param string Language code
	*
	* @return string Valid language code
	*/
	protected function language_prop($lang)
	{
	static $rcube_languages, $rcube_language_aliases;

	// user HTTP_ACCEPT_LANGUAGE if no language is specified
	if (empty($lang) \|\| $lang == 'auto') {
	$accept_langs = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
	$lang = str_replace('-', '_', $accept_langs[0]);
	}

	if (empty($rcube_languages)) {
	@include(RCUBE_LOCALIZATION_DIR . 'index.inc');
	}

	// check if we have an alias for that language
	if (!isset($rcube_languages[$lang]) && isset($rcube_language_aliases[$lang])) {
	$lang = $rcube_language_aliases[$lang];
	}
	// try the first two chars
	else if (!isset($rcube_languages[$lang])) {
	$short = substr($lang, 0, 2);

	// check if we have an alias for the short language code
	if (!isset($rcube_languages[$short]) && isset($rcube_language_aliases[$short])) {
	$lang = $rcube_language_aliases[$short];
	}
	// expand 'nn' to 'nn_NN'
	else if (!isset($rcube_languages[$short])) {
	$lang = $short.'_'.strtoupper($short);
	}
	}

	if (!isset($rcube_languages[$lang]) \|\| !is_dir(RCUBE_LOCALIZATION_DIR . $lang)) {
	$lang = 'en_US';
	}

	return $lang;
	}


	/**
	* Read directory program/localization and return a list of available languages
	*
	* @return array List of available localizations
	*/
	public function list_languages()
	{
	static $sa_languages = array();

	if (!sizeof($sa_languages)) {
	@include(RCUBE_LOCALIZATION_DIR . 'index.inc');

	if ($dh = @opendir(RCUBE_LOCALIZATION_DIR)) {
	while (($name = readdir($dh)) !== false) {
	if ($name[0] == '.' \|\| !is_dir(RCUBE_LOCALIZATION_DIR . $name)) {
	continue;
	}

	if ($label = $rcube_languages[$name]) {
	$sa_languages[$name] = $label;
	}
	}
	closedir($dh);
	}
	}

	return $sa_languages;
	}


	/**
	* Encrypt using 3DES
	*
	* @param string $clear clear text input
	* @param string $key encryption key to retrieve from the configuration, defaults to 'des_key'
	* @param boolean $base64 whether or not to base64_encode() the result before returning
	*
	* @return string encrypted text
	*/
	public function encrypt($clear, $key = 'des_key', $base64 = true)
	{
	if (!$clear) {
	return '';
	}

	/*-
	* Add a single canary byte to the end of the clear text, which
	* will help find out how much of padding will need to be removed
	* upon decryption; see http://php.net/mcrypt_generic#68082
	*/
	$clear = pack("a*H2", $clear, "80");

	if (function_exists('mcrypt_module_open') &&
	($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, ""))
	) {
	$iv = $this->create_iv(mcrypt_enc_get_iv_size($td));
	mcrypt_generic_init($td, $this->config->get_crypto_key($key), $iv);
	$cipher = $iv . mcrypt_generic($td, $clear);
	mcrypt_generic_deinit($td);
	mcrypt_module_close($td);
	}
	else {
	@include_once 'des.inc';

	if (function_exists('des')) {
	$des_iv_size = 8;
	$iv = $this->create_iv($des_iv_size);
	$cipher = $iv . des($this->config->get_crypto_key($key), $clear, 1, 1, $iv);
	}
	else {
	self::raise_error(array(
	'code' => 500, 'type' => 'php',
	'file' => __FILE__, 'line' => __LINE__,
	'message' => "Could not perform encryption; make sure Mcrypt is installed or lib/des.inc is available"
	), true, true);
	}
	}

	return $base64 ? base64_encode($cipher) : $cipher;
	}


	/**
	* Decrypt 3DES-encrypted string
	*
	* @param string $cipher encrypted text
	* @param string $key encryption key to retrieve from the configuration, defaults to 'des_key'
	* @param boolean $base64 whether or not input is base64-encoded
	*
	* @return string decrypted text
	*/
	public function decrypt($cipher, $key = 'des_key', $base64 = true)
	{
	if (!$cipher) {
	return '';
	}

	$cipher = $base64 ? base64_decode($cipher) : $cipher;

	if (function_exists('mcrypt_module_open') &&
	($td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_CBC, ""))
	) {
	$iv_size = mcrypt_enc_get_iv_size($td);
	$iv = substr($cipher, 0, $iv_size);

	// session corruption? (#1485970)
	if (strlen($iv) < $iv_size) {
	return '';
	}

	$cipher = substr($cipher, $iv_size);
	mcrypt_generic_init($td, $this->config->get_crypto_key($key), $iv);
	$clear = mdecrypt_generic($td, $cipher);
	mcrypt_generic_deinit($td);
	mcrypt_module_close($td);
	}
	else {
	@include_once 'des.inc';

	if (function_exists('des')) {
	$des_iv_size = 8;
	$iv = substr($cipher, 0, $des_iv_size);
	$cipher = substr($cipher, $des_iv_size);
	$clear = des($this->config->get_crypto_key($key), $cipher, 0, 1, $iv);
	}
	else {
	self::raise_error(array(
	'code' => 500, 'type' => 'php',
	'file' => __FILE__, 'line' => __LINE__,
	'message' => "Could not perform decryption; make sure Mcrypt is installed or lib/des.inc is available"
	), true, true);
	}
	}

	/*-
	* Trim PHP's padding and the canary byte; see note in
	* rcube::encrypt() and http://php.net/mcrypt_generic#68082
	*/
	$clear = substr(rtrim($clear, "\0"), 0, -1);

	return $clear;
	}


	/**
	* Generates encryption initialization vector (IV)
	*
	* @param int Vector size
	*
	* @return string Vector string
	*/
	private function create_iv($size)
	{
	// mcrypt_create_iv() can be slow when system lacks entrophy
	// we'll generate IV vector manually
	$iv = '';
	for ($i = 0; $i < $size; $i++) {
	$iv .= chr(mt_rand(0, 255));
	}

	return $iv;
	}


	/**
	* Build a valid URL to this instance of Roundcube
	*
	* @param mixed Either a string with the action or url parameters as key-value pairs
	* @return string Valid application URL
	*/
	public function url($p)
	{
	// STUB: should be overloaded by the application
	return '';
	}


	/**
	* Function to be executed in script shutdown
	* Registered with register_shutdown_function()
	*/
	public function shutdown()
	{
	foreach ($this->shutdown_functions as $function) {
	call_user_func($function);
	}

	// write session data as soon as possible and before
	// closing database connection, don't do this before
	// registered shutdown functions, they may need the session
	// Note: this will run registered gc handlers (ie. cache gc)
	if ($_SERVER['REMOTE_ADDR'] && is_object($this->session)) {
	$this->session->write_close();
	}

	if (is_object($this->smtp)) {
	$this->smtp->disconnect();
	}

	foreach ($this->caches as $cache) {
	if (is_object($cache)) {
	$cache->close();
	}
	}

	if (is_object($this->storage)) {
	$this->storage->close();
	}
	}


	/**
	* Registers shutdown function to be executed on shutdown.
	* The functions will be executed before destroying any
	* objects like smtp, imap, session, etc.
	*
	* @param callback Function callback
	*/
	public function add_shutdown_function($function)
	{
	$this->shutdown_functions[] = $function;
	}


	/**
	* Quote a given string.
	* Shortcut function for rcube_utils::rep_specialchars_output()
	*
	* @return string HTML-quoted string
	*/
	public static function Q($str, $mode = 'strict', $newlines = true)
	{
	return rcube_utils::rep_specialchars_output($str, 'html', $mode, $newlines);
	}


	/**
	* Quote a given string for javascript output.
	* Shortcut function for rcube_utils::rep_specialchars_output()
	*
	* @return string JS-quoted string
	*/
	public static function JQ($str)
	{
	return rcube_utils::rep_specialchars_output($str, 'js');
	}


	/**
	* Construct shell command, execute it and return output as string.
	* Keywords {keyword} are replaced with arguments
	*
	* @param $cmd Format string with {keywords} to be replaced
	* @param $values (zero, one or more arrays can be passed)
	*
	* @return output of command. shell errors not detectable
	*/
	public static function exec(/* $cmd, $values1 = array(), ... */)
	{
	$args = func_get_args();
	$cmd = array_shift($args);
	$values = $replacements = array();

	// merge values into one array
	foreach ($args as $arg) {
	$values += (array)$arg;
	}

	preg_match_all('/({(-?)([a-z]\w*)})/', $cmd, $matches, PREG_SET_ORDER);
	foreach ($matches as $tags) {
	list(, $tag, $option, $key) = $tags;
	$parts = array();

	if ($option) {
	foreach ((array)$values["-$key"] as $key => $value) {
	if ($value === true \|\| $value === false \|\| $value === null) {
	$parts[] = $value ? $key : "";
	}
	else {
	foreach ((array)$value as $val) {
	$parts[] = "$key " . escapeshellarg($val);
	}
	}
	}
	}
	else {
	foreach ((array)$values[$key] as $value) {
	$parts[] = escapeshellarg($value);
	}
	}

	$replacements[$tag] = join(" ", $parts);
	}

	// use strtr behaviour of going through source string once
	$cmd = strtr($cmd, $replacements);

	return (string)shell_exec($cmd);
	}


	/**
	* Print or write debug messages
	*
	* @param mixed Debug message or data
	*/
	public static function console()
	{
	$args = func_get_args();

	if (class_exists('rcube', false)) {
	$rcube = self::get_instance();
	$plugin = $rcube->plugins->exec_hook('console', array('args' => $args));
	if ($plugin['abort']) {
	return;
	}
	$args = $plugin['args'];
	}

	$msg = array();
	foreach ($args as $arg) {
	$msg[] = !is_string($arg) ? var_export($arg, true) : $arg;
	}

	self::write_log('console', join(";\n", $msg));
	}


	/**
	* Append a line to a logfile in the logs directory.
	* Date will be added automatically to the line.
	*
	* @param $name name of log file
	* @param line Line to append
	*/
	public static function write_log($name, $line)
	{
	if (!is_string($line)) {
	$line = var_export($line, true);
	}

	$date_format = self::$instance ? self::$instance->config->get('log_date_format') : null;
	$log_driver = self::$instance ? self::$instance->config->get('log_driver') : null;

	if (empty($date_format)) {
	$date_format = 'd-M-Y H:i:s O';
	}

	$date = date($date_format);

	// trigger logging hook
	if (is_object(self::$instance) && is_object(self::$instance->plugins)) {
	$log = self::$instance->plugins->exec_hook('write_log', array('name' => $name, 'date' => $date, 'line' => $line));
	$name = $log['name'];
	$line = $log['line'];
	$date = $log['date'];
	if ($log['abort'])
	return true;
	}

	if ($log_driver == 'syslog') {
	$prio = $name == 'errors' ? LOG_ERR : LOG_INFO;
	syslog($prio, $line);
	return true;
	}

	// log_driver == 'file' is assumed here

	$line = sprintf("[%s]: %s\n", $date, $line);
	$log_dir = self::$instance ? self::$instance->config->get('log_dir') : null;

	if (empty($log_dir)) {
	$log_dir = RCUBE_INSTALL_PATH . 'logs';
	}

	// try to open specific log file for writing
	$logfile = $log_dir.'/'.$name;

	if ($fp = @fopen($logfile, 'a')) {
	fwrite($fp, $line);
	fflush($fp);
	fclose($fp);
	return true;
	}

	trigger_error("Error writing to log file $logfile; Please check permissions", E_USER_WARNING);
	return false;
	}


	/**
	* Throw system error (and show error page).
	*
	* @param array Named parameters
	* - code: Error code (required)
	* - type: Error type [php\|db\|imap\|javascript] (required)
	* - message: Error message
	* - file: File where error occured
	* - line: Line where error occured
	* @param boolean True to log the error
	* @param boolean Terminate script execution
	*/
	public static function raise_error($arg = array(), $log = false, $terminate = false)
	{
	// handle PHP exceptions
	if (is_object($arg) && is_a($arg, 'Exception')) {
	$arg = array(
	'type' => 'php',
	'code' => $arg->getCode(),
	'line' => $arg->getLine(),
	'file' => $arg->getFile(),
	'message' => $arg->getMessage(),
	);
	}
	else if (is_string($arg)) {
	$arg = array('message' => $arg, 'type' => 'php');
	}

	if (empty($arg['code'])) {
	$arg['code'] = 500;
	}

	// installer
	if (class_exists('rcube_install', false)) {
	$rci = rcube_install::get_instance();
	$rci->raise_error($arg);
	return;
	}

	$cli = php_sapi_name() == 'cli';

	if (($log \|\| $terminate) && !$cli && $arg['type'] && $arg['message']) {
	$arg['fatal'] = $terminate;
	self::log_bug($arg);
	}

	// terminate script
	if ($terminate) {
	// display error page
	if (is_object(self::$instance->output)) {
	self::$instance->output->raise_error($arg['code'], $arg['message']);
	}
	else if ($cli) {
	fwrite(STDERR, 'ERROR: ' . $arg['message']);
	}

	exit(1);
	}
	}


	/**
	* Report error according to configured debug_level
	*
	* @param array Named parameters
	* @see self::raise_error()
	*/
	public static function log_bug($arg_arr)
	{
	$program = strtoupper($arg_arr['type']);
	$level = self::get_instance()->config->get('debug_level');

	// disable errors for ajax requests, write to log instead (#1487831)
	if (($level & 4) && !empty($_REQUEST['_remote'])) {
	$level = ($level ^ 4) \| 1;
	}

	// write error to local log file
	if (($level & 1) \|\| !empty($arg_arr['fatal'])) {
	if ($_SERVER['REQUEST_METHOD'] == 'POST') {
	$post_query = '?_task='.urlencode($_POST['_task']).'&_action='.urlencode($_POST['_action']);
	}
	else {
	$post_query = '';
	}

	$log_entry = sprintf("%s Error: %s%s (%s %s)",
	$program,
	$arg_arr['message'],
	$arg_arr['file'] ? sprintf(' in %s on line %d', $arg_arr['file'], $arg_arr['line']) : '',
	$_SERVER['REQUEST_METHOD'],
	$_SERVER['REQUEST_URI'] . $post_query);

	if (!self::write_log('errors', $log_entry)) {
	// send error to PHPs error handler if write_log didn't succeed
	trigger_error($arg_arr['message'], E_USER_WARNING);
	}
	}

	// report the bug to the global bug reporting system
	if ($level & 2) {
	// TODO: Send error via HTTP
	}

	// show error if debug_mode is on
	if ($level & 4) {
	print "<b>$program Error";

	if (!empty($arg_arr['file']) && !empty($arg_arr['line'])) {
	print " in $arg_arr[file] ($arg_arr[line])";
	}

	print ':</b> ';
	print nl2br($arg_arr['message']);
	print '<br />';
	flush();
	}
	}


	/**
	* Returns current time (with microseconds).
	*
	* @return float Current time in seconds since the Unix
	*/
	public static function timer()
	{
	return microtime(true);
	}


	/**
	* Logs time difference according to provided timer
	*
	* @param float $timer Timer (self::timer() result)
	* @param string $label Log line prefix
	* @param string $dest Log file name
	*
	* @see self::timer()
	*/
	public static function print_timer($timer, $label = 'Timer', $dest = 'console')
	{
	static $print_count = 0;

	$print_count++;
	$now = self::timer();
	$diff = $now - $timer;

	if (empty($label)) {
	$label = 'Timer '.$print_count;
	}

	self::write_log($dest, sprintf("%s: %0.4f sec", $label, $diff));
	}


	/**
	* Getter for logged user ID.
	*
	* @return mixed User identifier
	*/
	public function get_user_id()
	{
	if (is_object($this->user)) {
	return $this->user->ID;
	}
	else if (isset($_SESSION['user_id'])) {
	return $_SESSION['user_id'];
	}

	return null;
	}


	/**
	* Getter for logged user name.
	*
	* @return string User name
	*/
	public function get_user_name()
	{
	if (is_object($this->user)) {
	return $this->user->get_username();
	}
	else if (isset($_SESSION['username'])) {
	return $_SESSION['username'];
	}
	}


	/**
	* Getter for logged user email (derived from user name not identity).
	*
	* @return string User email address
	*/
	public function get_user_email()
	{
	if (is_object($this->user)) {
	return $this->user->get_username('mail');
	}
	}


	/**
	* Getter for logged user password.
	*
	* @return string User password
	*/
	public function get_user_password()
	{
	if ($this->password) {
	return $this->password;
	}
	else if ($_SESSION['password']) {
	return $this->decrypt($_SESSION['password']);
	}
	}


	/**
	* Getter for logged user language code.
	*
	* @return string User language code
	*/
	public function get_user_language()
	{
	if (is_object($this->user)) {
	return $this->user->language;
	}
	else if (isset($_SESSION['language'])) {
	return $_SESSION['language'];
	}
	}

	/**
	* Unique Message-ID generator.
	*
	* @return string Message-ID
	*/
	public function gen_message_id()
	{
	$local_part = md5(uniqid('rcube'.mt_rand(), true));
	$domain_part = $this->user->get_username('domain');

	// Try to find FQDN, some spamfilters doesn't like 'localhost' (#1486924)
	if (!preg_match('/\.[a-z]+$/i', $domain_part)) {
	foreach (array($_SERVER['HTTP_HOST'], $_SERVER['SERVER_NAME']) as $host) {
	$host = preg_replace('/:[0-9]+$/', '', $host);
	if ($host && preg_match('/\.[a-z]+$/i', $host)) {
	$domain_part = $host;
	}
	}
	}

	return sprintf('<%s@%s>', $local_part, $domain_part);
	}

	/**
	* Send the given message using the configured method.
	*
	* @param object $message Reference to Mail_MIME object
	* @param string $from Sender address string
	* @param array $mailto Array of recipient address strings
	* @param array $error SMTP error array (reference)
	* @param string $body_file Location of file with saved message body (reference),
	* used when delay_file_io is enabled
	* @param array $options SMTP options (e.g. DSN request)
	*
	* @return boolean Send status.
	*/
	public function deliver_message(&$message, $from, $mailto, &$error, &$body_file = null, $options = null)
	{
	$plugin = $this->plugins->exec_hook('message_before_send', array(
	'message' => $message,
	'from' => $from,
	'mailto' => $mailto,
	'options' => $options,
	));

	$from = $plugin['from'];
	$mailto = $plugin['mailto'];
	$options = $plugin['options'];
	$message = $plugin['message'];
	$headers = $message->headers();

	// send thru SMTP server using custom SMTP library
	if ($this->config->get('smtp_server')) {
	// generate list of recipients
	$a_recipients = array($mailto);

	if (strlen($headers['Cc']))
	$a_recipients[] = $headers['Cc'];
	if (strlen($headers['Bcc']))
	$a_recipients[] = $headers['Bcc'];

	// clean Bcc from header for recipients
	$send_headers = $headers;
	unset($send_headers['Bcc']);
	// here too, it because txtHeaders() below use $message->_headers not only $send_headers
	unset($message->_headers['Bcc']);

	$smtp_headers = $message->txtHeaders($send_headers, true);

	if ($message->getParam('delay_file_io')) {
	// use common temp dir
	$temp_dir = $this->config->get('temp_dir');
	$body_file = tempnam($temp_dir, 'rcmMsg');
	if (PEAR::isError($mime_result = $message->saveMessageBody($body_file))) {
	self::raise_error(array('code' => 650, 'type' => 'php',
	'file' => __FILE__, 'line' => __LINE__,
	'message' => "Could not create message: ".$mime_result->getMessage()),
	TRUE, FALSE);
	return false;
	}
	$msg_body = fopen($body_file, 'r');
	}
	else {
	$msg_body = $message->get();
	}

	// send message
	if (!is_object($this->smtp)) {
	$this->smtp_init(true);
	}

	$sent = $this->smtp->send_mail($from, $a_recipients, $smtp_headers, $msg_body, $options);
	$response = $this->smtp->get_response();
	$error = $this->smtp->get_error();

	// log error
	if (!$sent) {
	self::raise_error(array('code' => 800, 'type' => 'smtp',
	'line' => __LINE__, 'file' => __FILE__,
	'message' => "SMTP error: ".join("\n", $response)), TRUE, FALSE);
	}
	}
	// send mail using PHP's mail() function
	else {
	// unset some headers because they will be added by the mail() function
	$headers_enc = $message->headers($headers);
	$headers_php = $message->_headers;
	unset($headers_php['To'], $headers_php['Subject']);

	// reset stored headers and overwrite
	$message->_headers = array();
	$header_str = $message->txtHeaders($headers_php);

	// #1485779
	if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
	if (preg_match_all('/<([^@]+@[^>]+)>/', $headers_enc['To'], $m)) {
	$headers_enc['To'] = implode(', ', $m[1]);
	}
	}

	$msg_body = $message->get();

	if (PEAR::isError($msg_body)) {
	self::raise_error(array('code' => 650, 'type' => 'php',
	'file' => __FILE__, 'line' => __LINE__,
	'message' => "Could not create message: ".$msg_body->getMessage()),
	TRUE, FALSE);
	}
	else {
	$delim = $this->config->header_delimiter();
	$to = $headers_enc['To'];
	$subject = $headers_enc['Subject'];
	$header_str = rtrim($header_str);

	if ($delim != "\r\n") {
	$header_str = str_replace("\r\n", $delim, $header_str);
	$msg_body = str_replace("\r\n", $delim, $msg_body);
	$to = str_replace("\r\n", $delim, $to);
	$subject = str_replace("\r\n", $delim, $subject);
	}

	- if (ini_get('safe_mode'))
	+ if (filter_var(ini_get('safe_mode'), FILTER_VALIDATE_BOOLEAN))
	$sent = mail($to, $subject, $msg_body, $header_str);
	else
	$sent = mail($to, $subject, $msg_body, $header_str, "-f$from");
	}
	}

	if ($sent) {
	$this->plugins->exec_hook('message_sent', array('headers' => $headers, 'body' => $msg_body));

	// remove MDN headers after sending
	unset($headers['Return-Receipt-To'], $headers['Disposition-Notification-To']);

	// get all recipients
	if ($headers['Cc'])
	$mailto .= $headers['Cc'];
	if ($headers['Bcc'])
	$mailto .= $headers['Bcc'];
	if (preg_match_all('/<([^@]+@[^>]+)>/', $mailto, $m))
	$mailto = implode(', ', array_unique($m[1]));

	if ($this->config->get('smtp_log')) {
	self::write_log('sendmail', sprintf("User %s [%s]; Message for %s; %s",
	$this->user->get_username(),
	$_SERVER['REMOTE_ADDR'],
	$mailto,
	!empty($response) ? join('; ', $response) : ''));
	}
	}

	if (is_resource($msg_body)) {
	fclose($msg_body);
	}

	$message->_headers = array();
	$message->headers($headers);

	return $sent;
	}

	}


	/**
	* Lightweight plugin API class serving as a dummy if plugins are not enabled
	*
	* @package Framework
	* @subpackage Core
	*/
	class rcube_dummy_plugin_api
	{
	/**
	* Triggers a plugin hook.
	* @see rcube_plugin_api::exec_hook()
	*/
	public function exec_hook($hook, $args = array())
	{
	return $args;
	}
	}
	diff --git a/program/lib/Roundcube/rcube_utils.php b/program/lib/Roundcube/rcube_utils.php
	index 29baa82f3..6c3bd2143 100644
	--- a/program/lib/Roundcube/rcube_utils.php
	+++ b/program/lib/Roundcube/rcube_utils.php
	@@ -1,940 +1,936 @@
	<?php

	/*
	+-----------------------------------------------------------------------+
	\| This file is part of the Roundcube Webmail client \|
	\| Copyright (C) 2008-2012, The Roundcube Dev Team \|
	\| Copyright (C) 2011-2012, Kolab Systems AG \|
	\| \|
	\| Licensed under the GNU General Public License version 3 or \|
	\| any later version with exceptions for skins & plugins. \|
	\| See the README file for a full license statement. \|
	\| \|
	\| PURPOSE: \|
	\| Utility class providing common functions \|
	+-----------------------------------------------------------------------+
	\| Author: Thomas Bruederli <roundcube@gmail.com> \|
	\| Author: Aleksander Machniak <alec@alec.pl> \|
	+-----------------------------------------------------------------------+
	*/

	/**
	* Utility class providing common functions
	*
	* @package Framework
	* @subpackage Utils
	*/
	class rcube_utils
	{
	// define constants for input reading
	const INPUT_GET = 0x0101;
	const INPUT_POST = 0x0102;
	const INPUT_GPC = 0x0103;

	/**
	* Helper method to set a cookie with the current path and host settings
	*
	* @param string Cookie name
	* @param string Cookie value
	* @param string Expiration time
	*/
	public static function setcookie($name, $value, $exp = 0)
	{
	if (headers_sent()) {
	return;
	}

	$cookie = session_get_cookie_params();
	$secure = $cookie['secure'] \|\| self::https_check();

	setcookie($name, $value, $exp, $cookie['path'], $cookie['domain'], $secure, true);
	}

	/**
	* E-mail address validation.
	*
	* @param string $email Email address
	* @param boolean $dns_check True to check dns
	*
	* @return boolean True on success, False if address is invalid
	*/
	public static function check_email($email, $dns_check=true)
	{
	// Check for invalid characters
	if (preg_match('/[\x00-\x1F\x7F-\xFF]/', $email)) {
	return false;
	}

	// Check for length limit specified by RFC 5321 (#1486453)
	if (strlen($email) > 254) {
	return false;
	}

	$email_array = explode('@', $email);

	// Check that there's one @ symbol
	if (count($email_array) < 2) {
	return false;
	}

	$domain_part = array_pop($email_array);
	$local_part = implode('@', $email_array);

	// from PEAR::Validate
	$regexp = '&^(?:
	("\s(?:[^"\f\n\r\t\v\b\s]+\s)+")\| #1 quoted name
	([-\w!\#\$%\&\'+~/^`\|{}=]+(?:\.[-\w!\#\$%\&\'+~/^`\|{}=]+)*)) #2 OR dot-atom (RFC5322)
	$&xi';

	if (!preg_match($regexp, $local_part)) {
	return false;
	}

	// Validate domain part
	if (preg_match('/^\[((IPv6:[0-9a-f:.]+)\|([0-9.]+))\]$/i', $domain_part, $matches)) {
	return self::check_ip(preg_replace('/^IPv6:/i', '', $matches[1])); // valid IPv4 or IPv6 address
	}
	else {
	// If not an IP address
	$domain_array = explode('.', $domain_part);
	// Not enough parts to be a valid domain
	if (sizeof($domain_array) < 2) {
	return false;
	}

	foreach ($domain_array as $part) {
	if (!preg_match('/^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])\|([A-Za-z0-9]))$/', $part)) {
	return false;
	}
	}

	// last domain part
	if (preg_match('/[^a-zA-Z]/', array_pop($domain_array))) {
	return false;
	}

	$rcube = rcube::get_instance();

	if (!$dns_check \|\| !$rcube->config->get('email_dns_check')) {
	return true;
	}

	if (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN' && version_compare(PHP_VERSION, '5.3.0', '<')) {
	$lookup = array();
	@exec("nslookup -type=MX " . escapeshellarg($domain_part) . " 2>&1", $lookup);
	foreach ($lookup as $line) {
	if (strpos($line, 'MX preference')) {
	return true;
	}
	}
	return false;
	}

	// find MX record(s)
	if (!function_exists('getmxrr') \|\| getmxrr($domain_part, $mx_records)) {
	return true;
	}

	// find any DNS record
	if (!function_exists('checkdnsrr') \|\| checkdnsrr($domain_part, 'ANY')) {
	return true;
	}
	}

	return false;
	}


	/**
	* Validates IPv4 or IPv6 address
	*
	* @param string $ip IP address in v4 or v6 format
	*
	* @return bool True if the address is valid
	*/
	public static function check_ip($ip)
	{
	// IPv6, but there's no build-in IPv6 support
	if (strpos($ip, ':') !== false && !defined('AF_INET6')) {
	$parts = explode(':', $ip);
	$count = count($parts);

	if ($count > 8 \|\| $count < 2) {
	return false;
	}

	foreach ($parts as $idx => $part) {
	$length = strlen($part);
	if (!$length) {
	// there can be only one ::
	if ($found_empty) {
	return false;
	}
	$found_empty = true;
	}
	// last part can be an IPv4 address
	else if ($idx == $count - 1) {
	if (!preg_match('/^[0-9a-f]{1,4}$/i', $part)) {
	return @inet_pton($part) !== false;
	}
	}
	else if (!preg_match('/^[0-9a-f]{1,4}$/i', $part)) {
	return false;
	}
	}

	return true;
	}

	return @inet_pton($ip) !== false;
	}


	/**
	* Check whether the HTTP referer matches the current request
	*
	* @return boolean True if referer is the same host+path, false if not
	*/
	public static function check_referer()
	{
	$uri = parse_url($_SERVER['REQUEST_URI']);
	$referer = parse_url(self::request_header('Referer'));
	return $referer['host'] == self::request_header('Host') && $referer['path'] == $uri['path'];
	}


	/**
	* Replacing specials characters to a specific encoding type
	*
	* @param string Input string
	* @param string Encoding type: text\|html\|xml\|js\|url
	* @param string Replace mode for tags: show\|replace\|remove
	* @param boolean Convert newlines
	*
	* @return string The quoted string
	*/
	public static function rep_specialchars_output($str, $enctype = '', $mode = '', $newlines = true)
	{
	static $html_encode_arr = false;
	static $js_rep_table = false;
	static $xml_rep_table = false;

	if (!is_string($str)) {
	$str = strval($str);
	}

	// encode for HTML output
	if ($enctype == 'html') {
	if (!$html_encode_arr) {
	$html_encode_arr = get_html_translation_table(HTML_SPECIALCHARS);
	unset($html_encode_arr['?']);
	}

	$encode_arr = $html_encode_arr;

	// don't replace quotes and html tags
	if ($mode == 'show' \|\| $mode == '') {
	$ltpos = strpos($str, '<');
	if ($ltpos !== false && strpos($str, '>', $ltpos) !== false) {
	unset($encode_arr['"']);
	unset($encode_arr['<']);
	unset($encode_arr['>']);
	unset($encode_arr['&']);
	}
	}
	else if ($mode == 'remove') {
	$str = strip_tags($str);
	}

	$out = strtr($str, $encode_arr);

	return $newlines ? nl2br($out) : $out;
	}

	// if the replace tables for XML and JS are not yet defined
	if ($js_rep_table === false) {
	$js_rep_table = $xml_rep_table = array();
	$xml_rep_table['&'] = '&';

	// can be increased to support more charsets
	for ($c=160; $c<256; $c++) {
	$xml_rep_table[chr($c)] = "&#$c;";
	}

	$xml_rep_table['"'] = '"';
	$js_rep_table['"'] = '\\"';
	$js_rep_table["'"] = "\\'";
	$js_rep_table["\\"] = "\\\\";
	// Unicode line and paragraph separators (#1486310)
	$js_rep_table[chr(hexdec(E2)).chr(hexdec(80)).chr(hexdec(A8))] = ' ';
	$js_rep_table[chr(hexdec(E2)).chr(hexdec(80)).chr(hexdec(A9))] = ' ';
	}

	// encode for javascript use
	if ($enctype == 'js') {
	return preg_replace(array("/\r?\n/", "/\r/", '/<\\//'), array('\n', '\n', '<\\/'), strtr($str, $js_rep_table));
	}

	// encode for plaintext
	if ($enctype == 'text') {
	return str_replace("\r\n", "\n", $mode=='remove' ? strip_tags($str) : $str);
	}

	if ($enctype == 'url') {
	return rawurlencode($str);
	}

	// encode for XML
	if ($enctype == 'xml') {
	return strtr($str, $xml_rep_table);
	}

	// no encoding given -> return original string
	return $str;
	}


	/**
	* Read input value and convert it for internal use
	* Performs stripslashes() and charset conversion if necessary
	*
	* @param string Field name to read
	* @param int Source to get value from (GPC)
	* @param boolean Allow HTML tags in field value
	* @param string Charset to convert into
	*
	* @return string Field value or NULL if not available
	*/
	public static function get_input_value($fname, $source, $allow_html=FALSE, $charset=NULL)
	{
	$value = NULL;

	if ($source == self::INPUT_GET) {
	if (isset($_GET[$fname])) {
	$value = $_GET[$fname];
	}
	}
	else if ($source == self::INPUT_POST) {
	if (isset($_POST[$fname])) {
	$value = $_POST[$fname];
	}
	}
	else if ($source == self::INPUT_GPC) {
	if (isset($_POST[$fname])) {
	$value = $_POST[$fname];
	}
	else if (isset($_GET[$fname])) {
	$value = $_GET[$fname];
	}
	else if (isset($_COOKIE[$fname])) {
	$value = $_COOKIE[$fname];
	}
	}

	return self::parse_input_value($value, $allow_html, $charset);
	}


	/**
	* Parse/validate input value. See self::get_input_value()
	* Performs stripslashes() and charset conversion if necessary
	*
	* @param string Input value
	* @param boolean Allow HTML tags in field value
	* @param string Charset to convert into
	*
	* @return string Parsed value
	*/
	public static function parse_input_value($value, $allow_html=FALSE, $charset=NULL)
	{
	global $OUTPUT;

	if (empty($value)) {
	return $value;
	}

	if (is_array($value)) {
	foreach ($value as $idx => $val) {
	$value[$idx] = self::parse_input_value($val, $allow_html, $charset);
	}
	return $value;
	}

	- // strip single quotes if magic_quotes_sybase is enabled
	- if (ini_get('magic_quotes_sybase')) {
	- $value = str_replace("''", "'", $value);
	- }
	// strip slashes if magic_quotes enabled
	- else if (get_magic_quotes_gpc() \|\| get_magic_quotes_runtime()) {
	+ if (get_magic_quotes_gpc() \|\| get_magic_quotes_runtime()) {
	$value = stripslashes($value);
	}

	// remove HTML tags if not allowed
	if (!$allow_html) {
	$value = strip_tags($value);
	}

	$output_charset = is_object($OUTPUT) ? $OUTPUT->get_charset() : null;

	// remove invalid characters (#1488124)
	if ($output_charset == 'UTF-8') {
	$value = rcube_charset::clean($value);
	}

	// convert to internal charset
	if ($charset && $output_charset) {
	$value = rcube_charset::convert($value, $output_charset, $charset);
	}

	return $value;
	}


	/**
	* Convert array of request parameters (prefixed with _)
	* to a regular array with non-prefixed keys.
	*
	* @param int $mode Source to get value from (GPC)
	* @param string $ignore PCRE expression to skip parameters by name
	*
	* @return array Hash array with all request parameters
	*/
	public static function request2param($mode = null, $ignore = 'task\|action')
	{
	$out = array();
	$src = $mode == self::INPUT_GET ? $_GET : ($mode == self::INPUT_POST ? $_POST : $_REQUEST);

	foreach (array_keys($src) as $key) {
	$fname = $key[0] == '_' ? substr($key, 1) : $key;
	if ($ignore && !preg_match('/^(' . $ignore . ')$/', $fname)) {
	$out[$fname] = self::get_input_value($key, $mode);
	}
	}

	return $out;
	}


	/**
	* Convert the given string into a valid HTML identifier
	* Same functionality as done in app.js with rcube_webmail.html_identifier()
	*/
	public static function html_identifier($str, $encode=false)
	{
	if ($encode) {
	return rtrim(strtr(base64_encode($str), '+/', '-_'), '=');
	}
	else {
	return asciiwords($str, true, '_');
	}
	}


	/**
	* Replace all css definitions with #container [def]
	* and remove css-inlined scripting
	*
	* @param string CSS source code
	* @param string Container ID to use as prefix
	*
	* @return string Modified CSS source
	*/
	public static function mod_css_styles($source, $container_id, $allow_remote=false)
	{
	$last_pos = 0;
	$replacements = new rcube_string_replacer;

	// ignore the whole block if evil styles are detected
	$source = self::xss_entity_decode($source);
	$stripped = preg_replace('/[^a-z\(:;]/i', '', $source);
	$evilexpr = 'expression\|behavior\|javascript:\|import[^a]' . (!$allow_remote ? '\|url\(' : '');
	if (preg_match("/$evilexpr/i", $stripped)) {
	return '/* evil! */';
	}

	// cut out all contents between { and }
	while (($pos = strpos($source, '{', $last_pos)) && ($pos2 = strpos($source, '}', $pos))) {
	$styles = substr($source, $pos+1, $pos2-($pos+1));

	// check every line of a style block...
	if ($allow_remote) {
	$a_styles = preg_split('/;[\r\n]*/', $styles, -1, PREG_SPLIT_NO_EMPTY);
	foreach ($a_styles as $line) {
	$stripped = preg_replace('/[^a-z\(:;]/i', '', $line);
	// ... and only allow strict url() values
	$regexp = '!url\s*$[ "\'](https?:)//[a-z0-9/._+-]+["\' ]$!Uims';
	if (stripos($stripped, 'url(') && !preg_match($regexp, $line)) {
	$a_styles = array('/* evil! */');
	break;
	}
	}
	$styles = join(";\n", $a_styles);
	}

	$key = $replacements->add($styles);
	$source = substr($source, 0, $pos+1)
	. $replacements->get_replacement($key)
	. substr($source, $pos2, strlen($source)-$pos2);
	$last_pos = $pos+2;
	}

	// remove html comments and add #container to each tag selector.
	// also replace body definition because we also stripped off the <body> tag
	$styles = preg_replace(
	array(
	'/(^\s<!--)\|(-->\s$)/',
	'/(^\s\|,\s\|\}\s)([a-z0-9\._#\][a-z0-9\.\-_]*)/im',
	'/'.preg_quote($container_id, '/').'\s+body/i',
	),
	array(
	'',
	"\\1#$container_id \\2",
	$container_id,
	),
	$source);

	// put block contents back in
	$styles = $replacements->resolve($styles);

	return $styles;
	}


	/**
	* Generate CSS classes from mimetype and filename extension
	*
	* @param string $mimetype Mimetype
	* @param string $filename Filename
	*
	* @return string CSS classes separated by space
	*/
	public static function file2class($mimetype, $filename)
	{
	$mimetype = strtolower($mimetype);
	$filename = strtolower($filename);

	list($primary, $secondary) = explode('/', $mimetype);

	$classes = array($primary ? $primary : 'unknown');

	if ($secondary) {
	$classes[] = $secondary;
	}

	if (preg_match('/\.([a-z0-9]+)$/', $filename, $m)) {
	if (!in_array($m[1], $classes)) {
	$classes[] = $m[1];
	}
	}

	return join(" ", $classes);
	}


	/**
	* Decode escaped entities used by known XSS exploits.
	* See http://downloads.securityfocus.com/vulnerabilities/exploits/26800.eml for examples
	*
	* @param string CSS content to decode
	*
	* @return string Decoded string
	*/
	public static function xss_entity_decode($content)
	{
	$out = html_entity_decode(html_entity_decode($content));
	$out = preg_replace_callback('/\\\([0-9a-f]{4})/i',
	array(self, 'xss_entity_decode_callback'), $out);
	$out = preg_replace('#/\.\*/#Ums', '', $out);

	return $out;
	}


	/**
	* preg_replace_callback callback for xss_entity_decode
	*
	* @param array $matches Result from preg_replace_callback
	*
	* @return string Decoded entity
	*/
	public static function xss_entity_decode_callback($matches)
	{
	return chr(hexdec($matches[1]));
	}


	/**
	* Check if we can process not exceeding memory_limit
	*
	* @param integer Required amount of memory
	*
	* @return boolean True if memory won't be exceeded, False otherwise
	*/
	public static function mem_check($need)
	{
	$mem_limit = parse_bytes(ini_get('memory_limit'));
	$memory = function_exists('memory_get_usage') ? memory_get_usage() : 1610241024; // safe value: 16MB

	return $mem_limit > 0 && $memory + $need > $mem_limit ? false : true;
	}


	/**
	* Check if working in SSL mode
	*
	* @param integer $port HTTPS port number
	* @param boolean $use_https Enables 'use_https' option checking
	*
	* @return boolean
	*/
	public static function https_check($port=null, $use_https=true)
	{
	global $RCMAIL;

	if (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'off') {
	return true;
	}
	if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https') {
	return true;
	}
	if ($port && $_SERVER['SERVER_PORT'] == $port) {
	return true;
	}
	if ($use_https && isset($RCMAIL) && $RCMAIL->config->get('use_https')) {
	return true;
	}

	return false;
	}


	/**
	* Replaces hostname variables.
	*
	* @param string $name Hostname
	* @param string $host Optional IMAP hostname
	*
	* @return string Hostname
	*/
	public static function parse_host($name, $host = '')
	{
	// %n - host
	$n = preg_replace('/:\d+$/', '', $_SERVER['SERVER_NAME']);
	// %t - host name without first part, e.g. %n=mail.domain.tld, %t=domain.tld
	$t = preg_replace('/^[^\.]+\./', '', $n);
	// %d - domain name without first part
	$d = preg_replace('/^[^\.]+\./', '', $_SERVER['HTTP_HOST']);
	// %h - IMAP host
	$h = $_SESSION['storage_host'] ? $_SESSION['storage_host'] : $host;
	// %z - IMAP domain without first part, e.g. %h=imap.domain.tld, %z=domain.tld
	$z = preg_replace('/^[^\.]+\./', '', $h);
	// %s - domain name after the '@' from e-mail address provided at login screen. Returns FALSE if an invalid email is provided
	if (strpos($name, '%s') !== false) {
	$user_email = self::get_input_value('_user', self::INPUT_POST);
	$user_email = self::idn_convert($user_email, true);
	$matches = preg_match('/(.*)@([a-z0-9\.\-\[\]\:]+)/i', $user_email, $s);
	if ($matches < 1 \|\| filter_var($s[1]."@".$s[2], FILTER_VALIDATE_EMAIL) === false) {
	return false;
	}
	}

	$name = str_replace(array('%n', '%t', '%d', '%h', '%z', '%s'), array($n, $t, $d, $h, $z, $s[2]), $name);
	return $name;
	}


	/**
	* Returns remote IP address and forwarded addresses if found
	*
	* @return string Remote IP address(es)
	*/
	public static function remote_ip()
	{
	$address = $_SERVER['REMOTE_ADDR'];

	// append the NGINX X-Real-IP header, if set
	if (!empty($_SERVER['HTTP_X_REAL_IP'])) {
	$remote_ip[] = 'X-Real-IP: ' . $_SERVER['HTTP_X_REAL_IP'];
	}
	// append the X-Forwarded-For header, if set
	if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
	$remote_ip[] = 'X-Forwarded-For: ' . $_SERVER['HTTP_X_FORWARDED_FOR'];
	}

	if (!empty($remote_ip)) {
	$address .= '(' . implode(',', $remote_ip) . ')';
	}

	return $address;
	}


	/**
	* Read a specific HTTP request header.
	*
	* @param string $name Header name
	*
	* @return mixed Header value or null if not available
	*/
	public static function request_header($name)
	{
	if (function_exists('getallheaders')) {
	$hdrs = array_change_key_case(getallheaders(), CASE_UPPER);
	$key = strtoupper($name);
	}
	else {
	$key = 'HTTP_' . strtoupper(strtr($name, '-', '_'));
	$hdrs = array_change_key_case($_SERVER, CASE_UPPER);
	}

	return $hdrs[$key];
	}

	/**
	* Explode quoted string
	*
	* @param string Delimiter expression string for preg_match()
	* @param string Input string
	*
	* @return array String items
	*/
	public static function explode_quoted_string($delimiter, $string)
	{
	$result = array();
	$strlen = strlen($string);

	for ($q=$p=$i=0; $i < $strlen; $i++) {
	if ($string[$i] == "\"" && $string[$i-1] != "\\") {
	$q = $q ? false : true;
	}
	else if (!$q && preg_match("/$delimiter/", $string[$i])) {
	$result[] = substr($string, $p, $i - $p);
	$p = $i + 1;
	}
	}

	$result[] = (string) substr($string, $p);

	return $result;
	}


	/**
	* Improved equivalent to strtotime()
	*
	* @param string $date Date string
	*
	* @return int Unix timestamp
	*/
	public static function strtotime($date)
	{
	// check for MS Outlook vCard date format YYYYMMDD
	if (preg_match('/^([12][90]\d\d)([01]\d)(\d\d)$/', trim($date), $matches)) {
	return mktime(0,0,0, intval($matches[2]), intval($matches[3]), intval($matches[1]));
	}
	else if (is_numeric($date)) {
	return (int) $date;
	}

	// Clean malformed data
	$date = preg_replace(
	array(
	'/GMT\s*([+-][0-9]+)/', // support non-standard "GMTXXXX" literal
	'/[^a-z0-9\x20\x09:+-]/i', // remove any invalid characters
	'/\s(Mon\|Tue\|Wed\|Thu\|Fri\|Sat\|Sun)\s/i', // remove weekday names
	),
	array(
	'\\1',
	'',
	'',
	), $date);

	$date = trim($date);

	// if date parsing fails, we have a date in non-rfc format.
	// remove token from the end and try again
	while ((($ts = @strtotime($date)) === false) \|\| ($ts < 0)) {
	$d = explode(' ', $date);
	array_pop($d);
	if (!$d) {
	break;
	}
	$date = implode(' ', $d);
	}

	return (int) $ts;
	}


	/*
	* Idn_to_ascii wrapper.
	* Intl/Idn modules version of this function doesn't work with e-mail address
	*/
	public static function idn_to_ascii($str)
	{
	return self::idn_convert($str, true);
	}


	/*
	* Idn_to_ascii wrapper.
	* Intl/Idn modules version of this function doesn't work with e-mail address
	*/
	public static function idn_to_utf8($str)
	{
	return self::idn_convert($str, false);
	}


	public static function idn_convert($input, $is_utf=false)
	{
	if ($at = strpos($input, '@')) {
	$user = substr($input, 0, $at);
	$domain = substr($input, $at+1);
	}
	else {
	$domain = $input;
	}

	$domain = $is_utf ? idn_to_ascii($domain) : idn_to_utf8($domain);

	if ($domain === false) {
	return '';
	}

	return $at ? $user . '@' . $domain : $domain;
	}

	/**
	* Split the given string into word tokens
	*
	* @param string Input to tokenize
	* @return array List of tokens
	*/
	public static function tokenize_string($str)
	{
	return explode(" ", preg_replace(
	array('/[\s;\/+-]+/i', '/(\d)[-.\s]+(\d)/', '/\s\w{1,3}\s/u'),
	array(' ', '\\1\\2', ' '),
	$str));
	}

	/**
	* Normalize the given string for fulltext search.
	* Currently only optimized for Latin-1 characters; to be extended
	*
	* @param string Input string (UTF-8)
	* @param boolean True to return list of words as array
	* @return mixed Normalized string or a list of normalized tokens
	*/
	public static function normalize_string($str, $as_array = false)
	{
	// split by words
	$arr = self::tokenize_string($str);

	foreach ($arr as $i => $part) {
	if (utf8_encode(utf8_decode($part)) == $part) { // is latin-1 ?
	$arr[$i] = utf8_encode(strtr(strtolower(strtr(utf8_decode($part),
	'ÇçäâàåéêëèïîìÅÉöôòüûùÿøØáíóúñÑÁÂÀãÃÊËÈÍÎÏÓÔõÕÚÛÙýÝ',
	'ccaaaaeeeeiiiaeooouuuyooaiounnaaaaaeeeiiioooouuuyy')),
	array('ß' => 'ss', 'ae' => 'a', 'oe' => 'o', 'ue' => 'u')));
	}
	else
	$arr[$i] = mb_strtolower($part);
	}

	return $as_array ? $arr : join(" ", $arr);
	}

	/**
	* Parse commandline arguments into a hash array
	*
	* @param array $aliases Argument alias names
	*
	* @return array Argument values hash
	*/
	public static function get_opt($aliases = array())
	{
	$args = array();

	for ($i=1; $i < count($_SERVER['argv']); $i++) {
	$arg = $_SERVER['argv'][$i];
	$value = true;
	$key = null;

	if ($arg[0] == '-') {
	$key = preg_replace('/^-+/', '', $arg);
	$sp = strpos($arg, '=');
	if ($sp > 0) {
	$key = substr($key, 0, $sp - 2);
	$value = substr($arg, $sp+1);
	}
	else if (strlen($_SERVER['argv'][$i+1]) && $_SERVER['argv'][$i+1][0] != '-') {
	$value = $_SERVER['argv'][++$i];
	}

	$args[$key] = is_string($value) ? preg_replace(array('/^["\']/', '/["\']$/'), '', $value) : $value;
	}
	else {
	$args[] = $arg;
	}

	if ($alias = $aliases[$key]) {
	$args[$alias] = $args[$key];
	}
	}

	return $args;
	}

	/**
	* Safe password prompt for command line
	* from http://blogs.sitepoint.com/2009/05/01/interactive-cli-password-prompt-in-php/
	*
	* @return string Password
	*/
	public static function prompt_silent($prompt = "Password:")
	{
	if (preg_match('/^win/i', PHP_OS)) {
	$vbscript = sys_get_temp_dir() . 'prompt_password.vbs';
	$vbcontent = 'wscript.echo(InputBox("' . addslashes($prompt) . '", "", "password here"))';
	file_put_contents($vbscript, $vbcontent);

	$command = "cscript //nologo " . escapeshellarg($vbscript);
	$password = rtrim(shell_exec($command));
	unlink($vbscript);

	return $password;
	}
	else {
	$command = "/usr/bin/env bash -c 'echo OK'";
	if (rtrim(shell_exec($command)) !== 'OK') {
	echo $prompt;
	$pass = trim(fgets(STDIN));
	echo chr(8)."\r" . $prompt . str_repeat("*", strlen($pass))."\n";
	return $pass;
	}

	$command = "/usr/bin/env bash -c 'read -s -p \"" . addslashes($prompt) . "\" mypassword && echo \$mypassword'";
	$password = rtrim(shell_exec($command));
	echo "\n";
	return $password;
	}
	}


	/**
	* Find out if the string content means true or false
	*
	* @param string $str Input value
	*
	* @return boolean Boolean value
	*/
	public static function get_boolean($str)
	{
	$str = strtolower($str);

	return !in_array($str, array('false', '0', 'no', 'off', 'nein', ''), true);
	}

	}

File Metadata

Mime Type: text/x-diff
Expires: Sat, Mar 1, 5:22 AM (1 d, 13 h)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 165939
Default Alt Text: (322 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions