You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

rcmail_output_html.php 73KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113
  1. <?php
  2. /**
  3. +-----------------------------------------------------------------------+
  4. | program/include/rcmail_output_html.php |
  5. | |
  6. | This file is part of the Roundcube Webmail client |
  7. | Copyright (C) 2006-2014, The Roundcube Dev Team |
  8. | |
  9. | Licensed under the GNU General Public License version 3 or |
  10. | any later version with exceptions for skins & plugins. |
  11. | See the README file for a full license statement. |
  12. | |
  13. | PURPOSE: |
  14. | Class to handle HTML page output using a skin template. |
  15. | |
  16. +-----------------------------------------------------------------------+
  17. | Author: Thomas Bruederli <roundcube@gmail.com> |
  18. +-----------------------------------------------------------------------+
  19. */
  20. /**
  21. * Class to create HTML page output using a skin template
  22. *
  23. * @package Webmail
  24. * @subpackage View
  25. */
  26. class rcmail_output_html extends rcmail_output
  27. {
  28. public $type = 'html';
  29. protected $message;
  30. protected $template_name;
  31. protected $objects = array();
  32. protected $js_env = array();
  33. protected $js_labels = array();
  34. protected $js_commands = array();
  35. protected $skin_paths = array();
  36. protected $scripts_path = '';
  37. protected $script_files = array();
  38. protected $css_files = array();
  39. protected $scripts = array();
  40. protected $default_template = "<html>\n<head><title></title></head>\n<body></body>\n</html>";
  41. protected $header = '';
  42. protected $footer = '';
  43. protected $body = '';
  44. protected $base_path = '';
  45. protected $assets_path;
  46. protected $assets_dir = RCUBE_INSTALL_PATH;
  47. protected $devel_mode = false;
  48. // deprecated names of templates used before 0.5
  49. protected $deprecated_templates = array(
  50. 'contact' => 'showcontact',
  51. 'contactadd' => 'addcontact',
  52. 'contactedit' => 'editcontact',
  53. 'identityedit' => 'editidentity',
  54. 'messageprint' => 'printmessage',
  55. );
  56. /**
  57. * Constructor
  58. */
  59. public function __construct($task = null, $framed = false)
  60. {
  61. parent::__construct();
  62. $this->devel_mode = $this->config->get('devel_mode');
  63. $this->set_env('task', $task);
  64. $this->set_env('standard_windows', (bool) $this->config->get('standard_windows'));
  65. $this->set_env('locale', $_SESSION['language']);
  66. $this->set_env('devel_mode', $this->devel_mode);
  67. // add cookie info
  68. $this->set_env('cookie_domain', ini_get('session.cookie_domain'));
  69. $this->set_env('cookie_path', ini_get('session.cookie_path'));
  70. $this->set_env('cookie_secure', filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN));
  71. // load the correct skin (in case user-defined)
  72. $skin = $this->config->get('skin');
  73. $this->set_skin($skin);
  74. $this->set_env('skin', $skin);
  75. $this->set_assets_path($this->config->get('assets_path'), $this->config->get('assets_dir'));
  76. if (!empty($_REQUEST['_extwin']))
  77. $this->set_env('extwin', 1);
  78. if ($this->framed || $framed)
  79. $this->set_env('framed', 1);
  80. $lic = <<<EOF
  81. /*
  82. @licstart The following is the entire license notice for the
  83. JavaScript code in this page.
  84. Copyright (C) 2005-2014 The Roundcube Dev Team
  85. The JavaScript code in this page is free software: you can redistribute
  86. it and/or modify it under the terms of the GNU General Public License
  87. as published by the Free Software Foundation, either version 3 of
  88. the License, or (at your option) any later version.
  89. The code is distributed WITHOUT ANY WARRANTY; without even the implied
  90. warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  91. See the GNU GPL for more details.
  92. @licend The above is the entire license notice
  93. for the JavaScript code in this page.
  94. */
  95. EOF;
  96. // add common javascripts
  97. $this->add_script($lic, 'head_top');
  98. $this->add_script('var '.self::JS_OBJECT_NAME.' = new rcube_webmail();', 'head_top');
  99. // don't wait for page onload. Call init at the bottom of the page (delayed)
  100. $this->add_script(self::JS_OBJECT_NAME.'.init();', 'docready');
  101. $this->scripts_path = 'program/js/';
  102. $this->include_script('jquery.min.js');
  103. $this->include_script('common.js');
  104. $this->include_script('app.js');
  105. // register common UI objects
  106. $this->add_handlers(array(
  107. 'loginform' => array($this, 'login_form'),
  108. 'preloader' => array($this, 'preloader'),
  109. 'username' => array($this, 'current_username'),
  110. 'message' => array($this, 'message_container'),
  111. 'charsetselector' => array($this, 'charset_selector'),
  112. 'aboutcontent' => array($this, 'about_content'),
  113. ));
  114. }
  115. /**
  116. * Set environment variable
  117. *
  118. * @param string $name Property name
  119. * @param mixed $value Property value
  120. * @param boolean $addtojs True if this property should be added
  121. * to client environment
  122. */
  123. public function set_env($name, $value, $addtojs = true)
  124. {
  125. $this->env[$name] = $value;
  126. if ($addtojs || isset($this->js_env[$name])) {
  127. $this->js_env[$name] = $value;
  128. }
  129. }
  130. /**
  131. * Parse and set assets path
  132. *
  133. * @param string $path Assets path URL (relative or absolute)
  134. * @param string $fs_dif Assets path in filesystem
  135. */
  136. public function set_assets_path($path, $fs_dir = null)
  137. {
  138. if (empty($path)) {
  139. return;
  140. }
  141. $path = rtrim($path, '/') . '/';
  142. // handle relative assets path
  143. if (!preg_match('|^https?://|', $path) && $path[0] != '/') {
  144. // save the path to search for asset files later
  145. $this->assets_dir = $path;
  146. $base = preg_replace('/[?#&].*$/', '', $_SERVER['REQUEST_URI']);
  147. $base = rtrim($base, '/');
  148. // remove url token if exists
  149. if ($len = intval($this->config->get('use_secure_urls'))) {
  150. $_base = explode('/', $base);
  151. $last = count($_base) - 1;
  152. $length = $len > 1 ? $len : 16; // as in rcube::get_secure_url_token()
  153. // we can't use real token here because it
  154. // does not exists in unauthenticated state,
  155. // hope this will not produce false-positive matches
  156. if ($last > -1 && preg_match('/^[a-f0-9]{' . $length . '}$/', $_base[$last])) {
  157. $path = '../' . $path;
  158. }
  159. }
  160. }
  161. // set filesystem path for assets
  162. if ($fs_dir) {
  163. if ($fs_dir[0] != '/') {
  164. $fs_dir = realpath(RCUBE_INSTALL_PATH . $fs_dir);
  165. }
  166. // ensure the path ends with a slash
  167. $this->assets_dir = rtrim($fs_dir, '/') . '/';
  168. }
  169. $this->assets_path = $path;
  170. $this->set_env('assets_path', $path);
  171. }
  172. /**
  173. * Getter for the current page title
  174. *
  175. * @return string The page title
  176. */
  177. protected function get_pagetitle()
  178. {
  179. if (!empty($this->pagetitle)) {
  180. $title = $this->pagetitle;
  181. }
  182. else if ($this->env['task'] == 'login') {
  183. $title = $this->app->gettext(array(
  184. 'name' => 'welcome',
  185. 'vars' => array('product' => $this->config->get('product_name')
  186. )));
  187. }
  188. else {
  189. $title = ucfirst($this->env['task']);
  190. }
  191. return $title;
  192. }
  193. /**
  194. * Set skin
  195. *
  196. * @param string $skin Skin name
  197. *
  198. * @return bool True if the skin exist and is readable, False otherwise
  199. */
  200. public function set_skin($skin)
  201. {
  202. // Sanity check to prevent from path traversal vulnerability (#1490620)
  203. if (strpos($skin, '/') !== false || strpos($skin, "\\") !== false) {
  204. rcube::raise_error(array(
  205. 'file' => __FILE__,
  206. 'line' => __LINE__,
  207. 'message' => 'Invalid skin name'
  208. ), true, false);
  209. return false;
  210. }
  211. $valid = false;
  212. $path = RCUBE_INSTALL_PATH . 'skins/';
  213. if (!empty($skin) && is_dir($path . $skin) && is_readable($path . $skin)) {
  214. $skin_path = 'skins/' . $skin;
  215. $valid = true;
  216. }
  217. else {
  218. $skin_path = $this->config->get('skin_path');
  219. if (!$skin_path) {
  220. $skin_path = 'skins/' . rcube_config::DEFAULT_SKIN;
  221. }
  222. $valid = !$skin;
  223. }
  224. $skin_path = rtrim($skin_path, '/');
  225. $this->config->set('skin_path', $skin_path);
  226. $this->base_path = $skin_path;
  227. // register skin path(s)
  228. $this->skin_paths = array();
  229. $this->load_skin($skin_path);
  230. return $valid;
  231. }
  232. /**
  233. * Helper method to recursively read skin meta files and register search paths
  234. */
  235. private function load_skin($skin_path)
  236. {
  237. $this->skin_paths[] = $skin_path;
  238. // read meta file and check for dependencies
  239. $meta = @file_get_contents(RCUBE_INSTALL_PATH . $skin_path . '/meta.json');
  240. $meta = @json_decode($meta, true);
  241. $meta['path'] = $skin_path;
  242. $path_elements = explode('/', $skin_path);
  243. $skin_id = end($path_elements);
  244. if (!$meta['name']) {
  245. $meta['name'] = $skin_id;
  246. }
  247. $this->skins[$skin_id] = $meta;
  248. if ($meta['extends']) {
  249. $path = RCUBE_INSTALL_PATH . 'skins/';
  250. if (is_dir($path . $meta['extends']) && is_readable($path . $meta['extends'])) {
  251. $this->load_skin('skins/' . $meta['extends']);
  252. }
  253. }
  254. }
  255. /**
  256. * Check if a specific template exists
  257. *
  258. * @param string $name Template name
  259. *
  260. * @return boolean True if template exists
  261. */
  262. public function template_exists($name)
  263. {
  264. foreach ($this->skin_paths as $skin_path) {
  265. $filename = RCUBE_INSTALL_PATH . $skin_path . '/templates/' . $name . '.html';
  266. if ((is_file($filename) && is_readable($filename))
  267. || ($this->deprecated_templates[$name] && $this->template_exists($this->deprecated_templates[$name]))
  268. ) {
  269. return true;
  270. }
  271. }
  272. return false;
  273. }
  274. /**
  275. * Find the given file in the current skin path stack
  276. *
  277. * @param string $file File name/path to resolve (starting with /)
  278. * @param string &$skin_path Reference to the base path of the matching skin
  279. * @param string $add_path Additional path to search in
  280. *
  281. * @return mixed Relative path to the requested file or False if not found
  282. */
  283. public function get_skin_file($file, &$skin_path = null, $add_path = null)
  284. {
  285. $skin_paths = $this->skin_paths;
  286. if ($add_path) {
  287. array_unshift($skin_paths, $add_path);
  288. }
  289. foreach ($skin_paths as $skin_path) {
  290. $path = realpath(RCUBE_INSTALL_PATH . $skin_path . $file);
  291. if ($path && is_file($path)) {
  292. return $skin_path . $file;
  293. }
  294. if ($this->assets_dir != RCUBE_INSTALL_PATH) {
  295. $path = realpath($this->assets_dir . $skin_path . $file);
  296. if ($path && is_file($path)) {
  297. return $skin_path . $file;
  298. }
  299. }
  300. }
  301. return false;
  302. }
  303. /**
  304. * Register a GUI object to the client script
  305. *
  306. * @param string $obj Object name
  307. * @param string $id Object ID
  308. */
  309. public function add_gui_object($obj, $id)
  310. {
  311. $this->add_script(self::JS_OBJECT_NAME.".gui_object('$obj', '$id');");
  312. }
  313. /**
  314. * Call a client method
  315. *
  316. * @param string Method to call
  317. * @param ... Additional arguments
  318. */
  319. public function command()
  320. {
  321. $cmd = func_get_args();
  322. if (strpos($cmd[0], 'plugin.') !== false)
  323. $this->js_commands[] = array('triggerEvent', $cmd[0], $cmd[1]);
  324. else
  325. $this->js_commands[] = $cmd;
  326. }
  327. /**
  328. * Add a localized label to the client environment
  329. */
  330. public function add_label()
  331. {
  332. $args = func_get_args();
  333. if (count($args) == 1 && is_array($args[0])) {
  334. $args = $args[0];
  335. }
  336. foreach ($args as $name) {
  337. $this->js_labels[$name] = $this->app->gettext($name);
  338. }
  339. }
  340. /**
  341. * Invoke display_message command
  342. *
  343. * @param string $message Message to display
  344. * @param string $type Message type [notice|confirm|error]
  345. * @param array $vars Key-value pairs to be replaced in localized text
  346. * @param boolean $override Override last set message
  347. * @param int $timeout Message display time in seconds
  348. *
  349. * @uses self::command()
  350. */
  351. public function show_message($message, $type='notice', $vars=null, $override=true, $timeout=0)
  352. {
  353. if ($override || !$this->message) {
  354. if ($this->app->text_exists($message)) {
  355. if (!empty($vars))
  356. $vars = array_map(array('rcube','Q'), $vars);
  357. $msgtext = $this->app->gettext(array('name' => $message, 'vars' => $vars));
  358. }
  359. else
  360. $msgtext = $message;
  361. $this->message = $message;
  362. $this->command('display_message', $msgtext, $type, $timeout * 1000);
  363. }
  364. }
  365. /**
  366. * Delete all stored env variables and commands
  367. *
  368. * @param bool $all Reset all env variables (including internal)
  369. */
  370. public function reset($all = false)
  371. {
  372. $framed = $this->framed;
  373. $env = $all ? null : array_intersect_key($this->env, array('extwin'=>1, 'framed'=>1));
  374. parent::reset();
  375. // let some env variables survive
  376. $this->env = $this->js_env = $env;
  377. $this->framed = $framed || $this->env['framed'];
  378. $this->js_labels = array();
  379. $this->js_commands = array();
  380. $this->script_files = array();
  381. $this->scripts = array();
  382. $this->header = '';
  383. $this->footer = '';
  384. $this->body = '';
  385. // load defaults
  386. if (!$all) {
  387. $this->__construct();
  388. }
  389. }
  390. /**
  391. * Redirect to a certain url
  392. *
  393. * @param mixed $p Either a string with the action or url parameters as key-value pairs
  394. * @param int $delay Delay in seconds
  395. * @param bool $secure Redirect to secure location (see rcmail::url())
  396. */
  397. public function redirect($p = array(), $delay = 1, $secure = false)
  398. {
  399. if ($this->env['extwin'])
  400. $p['extwin'] = 1;
  401. $location = $this->app->url($p, false, false, $secure);
  402. header('Location: ' . $location);
  403. exit;
  404. }
  405. /**
  406. * Send the request output to the client.
  407. * This will either parse a skin tempalte or send an AJAX response
  408. *
  409. * @param string $templ Template name
  410. * @param boolean $exit True if script should terminate (default)
  411. */
  412. public function send($templ = null, $exit = true)
  413. {
  414. if ($templ != 'iframe') {
  415. // prevent from endless loops
  416. if ($exit != 'recur' && $this->app->plugins->is_processing('render_page')) {
  417. rcube::raise_error(array('code' => 505, 'type' => 'php',
  418. 'file' => __FILE__, 'line' => __LINE__,
  419. 'message' => 'Recursion alert: ignoring output->send()'), true, false);
  420. return;
  421. }
  422. $this->parse($templ, false);
  423. }
  424. else {
  425. $this->framed = true;
  426. $this->write();
  427. }
  428. // set output asap
  429. ob_flush();
  430. flush();
  431. if ($exit) {
  432. exit;
  433. }
  434. }
  435. /**
  436. * Process template and write to stdOut
  437. *
  438. * @param string $template HTML template content
  439. */
  440. public function write($template = '')
  441. {
  442. if (!empty($this->script_files)) {
  443. $this->set_env('request_token', $this->app->get_request_token());
  444. }
  445. $commands = $this->get_js_commands($framed);
  446. // if all js commands go to parent window we can ignore all
  447. // script files and skip rcube_webmail initialization (#1489792)
  448. if ($framed) {
  449. $this->scripts = array();
  450. $this->script_files = array();
  451. $this->header = '';
  452. $this->footer = '';
  453. }
  454. // write all javascript commands
  455. $this->add_script($commands, 'head_top');
  456. // allow (legal) iframe content to be loaded
  457. $iframe = $this->framed || $this->env['framed'];
  458. if (!headers_sent() && $iframe && ($xopt = $this->app->config->get('x_frame_options', 'sameorigin'))) {
  459. if (strtolower($xopt) != 'sameorigin') {
  460. header('X-Frame-Options: sameorigin', true);
  461. }
  462. }
  463. // call super method
  464. $this->_write($template, $this->config->get('skin_path'));
  465. }
  466. /**
  467. * Parse a specific skin template and deliver to stdout (or return)
  468. *
  469. * @param string $name Template name
  470. * @param boolean $exit Exit script
  471. * @param boolean $write Don't write to stdout, return parsed content instead
  472. *
  473. * @link http://php.net/manual/en/function.exit.php
  474. */
  475. function parse($name = 'main', $exit = true, $write = true)
  476. {
  477. $plugin = false;
  478. $realname = $name;
  479. $plugin_skin_paths = array();
  480. $this->template_name = $realname;
  481. $temp = explode('.', $name, 2);
  482. if (count($temp) > 1) {
  483. $plugin = $temp[0];
  484. $name = $temp[1];
  485. $skin_dir = $plugin . '/skins/' . $this->config->get('skin');
  486. // apply skin search escalation list to plugin directory
  487. foreach ($this->skin_paths as $skin_path) {
  488. $plugin_skin_paths[] = $this->app->plugins->url . $plugin . '/' . $skin_path;
  489. }
  490. // add fallback to default skin
  491. if (is_dir($this->app->plugins->dir . $plugin . '/skins/default')) {
  492. $skin_dir = $plugin . '/skins/default';
  493. $plugin_skin_paths[] = $this->app->plugins->url . $skin_dir;
  494. }
  495. // prepend plugin skin paths to search list
  496. $this->skin_paths = array_merge($plugin_skin_paths, $this->skin_paths);
  497. }
  498. // find skin template
  499. $path = false;
  500. foreach ($this->skin_paths as $skin_path) {
  501. $path = RCUBE_INSTALL_PATH . "$skin_path/templates/$name.html";
  502. // fallback to deprecated template names
  503. if (!is_readable($path) && ($dname = $this->deprecated_templates[$realname])) {
  504. $path = RCUBE_INSTALL_PATH . "$skin_path/templates/$dname.html";
  505. if (is_readable($path)) {
  506. rcube::raise_error(array(
  507. 'code' => 502, 'file' => __FILE__, 'line' => __LINE__,
  508. 'message' => "Using deprecated template '$dname' in $skin_path/templates. Please rename to '$realname'"
  509. ), true, false);
  510. }
  511. }
  512. if (is_readable($path)) {
  513. $this->config->set('skin_path', $skin_path);
  514. // set base_path to core skin directory (not plugin's skin)
  515. $this->base_path = preg_replace('!plugins/\w+/!', '', $skin_path);
  516. $skin_dir = preg_replace('!^plugins/!', '', $skin_path);
  517. break;
  518. }
  519. else {
  520. $path = false;
  521. }
  522. }
  523. // read template file
  524. if (!$path || ($templ = @file_get_contents($path)) === false) {
  525. rcube::raise_error(array(
  526. 'code' => 404,
  527. 'type' => 'php',
  528. 'line' => __LINE__,
  529. 'file' => __FILE__,
  530. 'message' => 'Error loading template for '.$realname
  531. ), true, $write);
  532. $this->skin_paths = array_slice($this->skin_paths, count($plugin_skin_paths));
  533. return false;
  534. }
  535. // replace all path references to plugins/... with the configured plugins dir
  536. // and /this/ to the current plugin skin directory
  537. if ($plugin) {
  538. $templ = preg_replace(
  539. array('/\bplugins\//', '/(["\']?)\/this\//'),
  540. array($this->app->plugins->url, '\\1'.$this->app->plugins->url.$skin_dir.'/'),
  541. $templ
  542. );
  543. }
  544. // parse for specialtags
  545. $output = $this->parse_conditions($templ);
  546. $output = $this->parse_xml($output);
  547. // trigger generic hook where plugins can put additional content to the page
  548. $hook = $this->app->plugins->exec_hook("render_page", array('template' => $realname, 'content' => $output));
  549. // save some memory
  550. $output = $hook['content'];
  551. unset($hook['content']);
  552. // remove plugin skin paths from current context
  553. $this->skin_paths = array_slice($this->skin_paths, count($plugin_skin_paths));
  554. if (!$write) {
  555. return $this->postrender($output);
  556. }
  557. $this->write(trim($output));
  558. if ($exit) {
  559. exit;
  560. }
  561. }
  562. /**
  563. * Return executable javascript code for all registered commands
  564. */
  565. protected function get_js_commands(&$framed = null)
  566. {
  567. $out = '';
  568. $parent_commands = 0;
  569. $top_commands = array();
  570. // these should be always on top,
  571. // e.g. hide_message() below depends on env.framed
  572. if (!$this->framed && !empty($this->js_env)) {
  573. $top_commands[] = array('set_env', $this->js_env);
  574. }
  575. if (!empty($this->js_labels)) {
  576. $top_commands[] = array('add_label', $this->js_labels);
  577. }
  578. // unlock interface after iframe load
  579. $unlock = preg_replace('/[^a-z0-9]/i', '', $_REQUEST['_unlock']);
  580. if ($this->framed) {
  581. $top_commands[] = array('iframe_loaded', $unlock);
  582. }
  583. else if ($unlock) {
  584. $top_commands[] = array('hide_message', $unlock);
  585. }
  586. $commands = array_merge($top_commands, $this->js_commands);
  587. foreach ($commands as $i => $args) {
  588. $method = array_shift($args);
  589. $parent = $this->framed || preg_match('/^parent\./', $method);
  590. foreach ($args as $i => $arg) {
  591. $args[$i] = self::json_serialize($arg, $this->devel_mode);
  592. }
  593. if ($parent) {
  594. $parent_commands++;
  595. $method = preg_replace('/^parent\./', '', $method);
  596. $parent_prefix = 'if (window.parent && parent.' . self::JS_OBJECT_NAME . ') parent.';
  597. $method = $parent_prefix . self::JS_OBJECT_NAME . '.' . $method;
  598. }
  599. else {
  600. $method = self::JS_OBJECT_NAME . '.' . $method;
  601. }
  602. $out .= sprintf("%s(%s);\n", $method, implode(',', $args));
  603. }
  604. $framed = $parent_prefix && $parent_commands == count($commands);
  605. // make the output more compact if all commands go to parent window
  606. if ($framed) {
  607. $out = "if (window.parent && parent." . self::JS_OBJECT_NAME . ") {\n"
  608. . str_replace($parent_prefix, "\tparent.", $out)
  609. . "}\n";
  610. }
  611. return $out;
  612. }
  613. /**
  614. * Make URLs starting with a slash point to skin directory
  615. *
  616. * @param string $str Input string
  617. * @param bool $search_path True if URL should be resolved using the current skin path stack
  618. *
  619. * @return string URL
  620. */
  621. public function abs_url($str, $search_path = false)
  622. {
  623. if ($str[0] == '/') {
  624. if ($search_path && ($file_url = $this->get_skin_file($str, $skin_path))) {
  625. return $file_url;
  626. }
  627. return $this->base_path . $str;
  628. }
  629. return $str;
  630. }
  631. /**
  632. * Show error page and terminate script execution
  633. *
  634. * @param int $code Error code
  635. * @param string $message Error message
  636. */
  637. public function raise_error($code, $message)
  638. {
  639. global $__page_content, $ERROR_CODE, $ERROR_MESSAGE;
  640. $ERROR_CODE = $code;
  641. $ERROR_MESSAGE = $message;
  642. include RCUBE_INSTALL_PATH . 'program/steps/utils/error.inc';
  643. exit;
  644. }
  645. /**
  646. * Modify path by adding URL prefix if configured
  647. */
  648. public function asset_url($path)
  649. {
  650. // iframe content can't be in a different domain
  651. // @TODO: check if assests are on a different domain
  652. if (!$this->assets_path || in_array($path[0], array('?', '/', '.')) || strpos($path, '://')) {
  653. return $path;
  654. }
  655. return $this->assets_path . $path;
  656. }
  657. /***** Template parsing methods *****/
  658. /**
  659. * Replace all strings ($varname)
  660. * with the content of the according global variable.
  661. */
  662. protected function parse_with_globals($input)
  663. {
  664. $GLOBALS['__version'] = html::quote(RCMAIL_VERSION);
  665. $GLOBALS['__comm_path'] = html::quote($this->app->comm_path);
  666. $GLOBALS['__skin_path'] = html::quote($this->base_path);
  667. return preg_replace_callback('/\$(__[a-z0-9_\-]+)/',
  668. array($this, 'globals_callback'), $input);
  669. }
  670. /**
  671. * Callback function for preg_replace_callback() in parse_with_globals()
  672. */
  673. protected function globals_callback($matches)
  674. {
  675. return $GLOBALS[$matches[1]];
  676. }
  677. /**
  678. * Correct absolute paths in images and other tags
  679. * add timestamp to .js and .css filename
  680. */
  681. protected function fix_paths($output)
  682. {
  683. return preg_replace_callback(
  684. '!(src|href|background)=(["\']?)([a-z0-9/_.-]+)(["\'\s>])!i',
  685. array($this, 'file_callback'), $output);
  686. }
  687. /**
  688. * Callback function for preg_replace_callback in fix_paths()
  689. *
  690. * @return string Parsed string
  691. */
  692. protected function file_callback($matches)
  693. {
  694. $file = $matches[3];
  695. $file = preg_replace('!^/this/!', '/', $file);
  696. // correct absolute paths
  697. if ($file[0] == '/') {
  698. $file = $this->base_path . $file;
  699. }
  700. // add file modification timestamp
  701. if (preg_match('/\.(js|css)$/', $file, $m)) {
  702. $file = $this->file_mod($file);
  703. }
  704. return $matches[1] . '=' . $matches[2] . $file . $matches[4];
  705. }
  706. /**
  707. * Correct paths of asset files according to assets_path
  708. */
  709. protected function fix_assets_paths($output)
  710. {
  711. return preg_replace_callback(
  712. '!(src|href|background)=(["\']?)([a-z0-9/_.?=-]+)(["\'\s>])!i',
  713. array($this, 'assets_callback'), $output);
  714. }
  715. /**
  716. * Callback function for preg_replace_callback in fix_assets_paths()
  717. *
  718. * @return string Parsed string
  719. */
  720. protected function assets_callback($matches)
  721. {
  722. $file = $this->asset_url($matches[3]);
  723. return $matches[1] . '=' . $matches[2] . $file . $matches[4];
  724. }
  725. /**
  726. * Modify file by adding mtime indicator
  727. */
  728. protected function file_mod($file)
  729. {
  730. $fs = false;
  731. $ext = substr($file, strrpos($file, '.') + 1);
  732. // use minified file if exists (not in development mode)
  733. if (!$this->devel_mode && !preg_match('/\.min\.' . $ext . '$/', $file)) {
  734. $minified_file = substr($file, 0, strlen($ext) * -1) . 'min.' . $ext;
  735. if ($fs = @filemtime($this->assets_dir . $minified_file)) {
  736. return $minified_file . '?s=' . $fs;
  737. }
  738. }
  739. if ($fs = @filemtime($this->assets_dir . $file)) {
  740. $file .= '?s=' . $fs;
  741. }
  742. return $file;
  743. }
  744. /**
  745. * Public wrapper to dipp into template parsing.
  746. *
  747. * @param string $input Template content
  748. *
  749. * @return string
  750. * @uses rcmail_output_html::parse_xml()
  751. * @since 0.1-rc1
  752. */
  753. public function just_parse($input)
  754. {
  755. $input = $this->parse_conditions($input);
  756. $input = $this->parse_xml($input);
  757. $input = $this->postrender($input);
  758. return $input;
  759. }
  760. /**
  761. * Parse for conditional tags
  762. */
  763. protected function parse_conditions($input)
  764. {
  765. $matches = preg_split('/<roundcube:(if|elseif|else|endif)\s+([^>]+)>\n?/is', $input, 2, PREG_SPLIT_DELIM_CAPTURE);
  766. if ($matches && count($matches) == 4) {
  767. if (preg_match('/^(else|endif)$/i', $matches[1])) {
  768. return $matches[0] . $this->parse_conditions($matches[3]);
  769. }
  770. $attrib = html::parse_attrib_string($matches[2]);
  771. if (isset($attrib['condition'])) {
  772. $condmet = $this->check_condition($attrib['condition']);
  773. $submatches = preg_split('/<roundcube:(elseif|else|endif)\s+([^>]+)>\n?/is', $matches[3], 2, PREG_SPLIT_DELIM_CAPTURE);
  774. if ($condmet) {
  775. $result = $submatches[0];
  776. if ($submatches[1] != 'endif') {
  777. $result .= preg_replace('/.*<roundcube:endif\s+[^>]+>\n?/Uis', '', $submatches[3], 1);
  778. }
  779. else {
  780. $result .= $submatches[3];
  781. }
  782. }
  783. else {
  784. $result = "<roundcube:$submatches[1] $submatches[2]>" . $submatches[3];
  785. }
  786. return $matches[0] . $this->parse_conditions($result);
  787. }
  788. rcube::raise_error(array(
  789. 'code' => 500, 'line' => __LINE__, 'file' => __FILE__,
  790. 'message' => "Unable to parse conditional tag " . $matches[2]
  791. ), true, false);
  792. }
  793. return $input;
  794. }
  795. /**
  796. * Determines if a given condition is met
  797. *
  798. * @param string $condition Condition statement
  799. *
  800. * @return boolean True if condition is met, False if not
  801. * @todo Extend this to allow real conditions, not just "set"
  802. */
  803. protected function check_condition($condition)
  804. {
  805. return $this->eval_expression($condition);
  806. }
  807. /**
  808. * Inserts hidden field with CSRF-prevention-token into POST forms
  809. */
  810. protected function alter_form_tag($matches)
  811. {
  812. $out = $matches[0];
  813. $attrib = html::parse_attrib_string($matches[1]);
  814. if (strtolower($attrib['method']) == 'post') {
  815. $hidden = new html_hiddenfield(array('name' => '_token', 'value' => $this->app->get_request_token()));
  816. $out .= "\n" . $hidden->show();
  817. }
  818. return $out;
  819. }
  820. /**
  821. * Parse & evaluate a given expression and return its result.
  822. *
  823. * @param string $expression Expression statement
  824. *
  825. * @return mixed Expression result
  826. */
  827. protected function eval_expression($expression)
  828. {
  829. $expression = preg_replace(
  830. array(
  831. '/session:([a-z0-9_]+)/i',
  832. '/config:([a-z0-9_]+)(:([a-z0-9_]+))?/i',
  833. '/env:([a-z0-9_]+)/i',
  834. '/request:([a-z0-9_]+)/i',
  835. '/cookie:([a-z0-9_]+)/i',
  836. '/browser:([a-z0-9_]+)/i',
  837. '/template:name/i',
  838. ),
  839. array(
  840. "\$_SESSION['\\1']",
  841. "\$this->app->config->get('\\1',rcube_utils::get_boolean('\\3'))",
  842. "\$this->env['\\1']",
  843. "rcube_utils::get_input_value('\\1', rcube_utils::INPUT_GPC)",
  844. "\$_COOKIE['\\1']",
  845. "\$this->browser->{'\\1'}",
  846. "'{$this->template_name}'",
  847. ),
  848. $expression
  849. );
  850. // Note: We used create_function() before but it's deprecated in PHP 7.2
  851. // and really it was just a wrapper on eval().
  852. return eval("return ($expression);");
  853. }
  854. /**
  855. * Search for special tags in input and replace them
  856. * with the appropriate content
  857. *
  858. * @param string $input Input string to parse
  859. *
  860. * @return string Altered input string
  861. * @todo Use DOM-parser to traverse template HTML
  862. * @todo Maybe a cache.
  863. */
  864. protected function parse_xml($input)
  865. {
  866. return preg_replace_callback('/<roundcube:([-_a-z]+)\s+((?:[^>]|\\\\>)+)(?<!\\\\)>/Ui', array($this, 'xml_command'), $input);
  867. }
  868. /**
  869. * Callback function for parsing an xml command tag
  870. * and turn it into real html content
  871. *
  872. * @param array $matches Matches array of preg_replace_callback
  873. *
  874. * @return string Tag/Object content
  875. */
  876. protected function xml_command($matches)
  877. {
  878. $command = strtolower($matches[1]);
  879. $attrib = html::parse_attrib_string($matches[2]);
  880. // empty output if required condition is not met
  881. if (!empty($attrib['condition']) && !$this->check_condition($attrib['condition'])) {
  882. return '';
  883. }
  884. // localize title and summary attributes
  885. if ($command != 'button' && !empty($attrib['title']) && $this->app->text_exists($attrib['title'])) {
  886. $attrib['title'] = $this->app->gettext($attrib['title']);
  887. }
  888. if ($command != 'button' && !empty($attrib['summary']) && $this->app->text_exists($attrib['summary'])) {
  889. $attrib['summary'] = $this->app->gettext($attrib['summary']);
  890. }
  891. // execute command
  892. switch ($command) {
  893. // return a button
  894. case 'button':
  895. if ($attrib['name'] || $attrib['command']) {
  896. return $this->button($attrib);
  897. }
  898. break;
  899. // frame
  900. case 'frame':
  901. return $this->frame($attrib);
  902. break;
  903. // show a label
  904. case 'label':
  905. if ($attrib['expression'])
  906. $attrib['name'] = $this->eval_expression($attrib['expression']);
  907. if ($attrib['name'] || $attrib['command']) {
  908. $vars = $attrib + array('product' => $this->config->get('product_name'));
  909. unset($vars['name'], $vars['command']);
  910. $label = $this->app->gettext($attrib + array('vars' => $vars));
  911. $quoting = !empty($attrib['quoting']) ? strtolower($attrib['quoting']) : (rcube_utils::get_boolean((string)$attrib['html']) ? 'no' : '');
  912. // 'noshow' can be used in skins to define new labels
  913. if ($attrib['noshow']) {
  914. return '';
  915. }
  916. switch ($quoting) {
  917. case 'no':
  918. case 'raw':
  919. break;
  920. case 'javascript':
  921. case 'js':
  922. $label = rcube::JQ($label);
  923. break;
  924. default:
  925. $label = html::quote($label);
  926. break;
  927. }
  928. return $label;
  929. }
  930. break;
  931. case 'add_label':
  932. $this->add_label($attrib['name']);
  933. break;
  934. // include a file
  935. case 'include':
  936. $old_base_path = $this->base_path;
  937. if (!empty($attrib['skin_path'])) $attrib['skinpath'] = $attrib['skin_path'];
  938. if ($path = $this->get_skin_file($attrib['file'], $skin_path, $attrib['skinpath'])) {
  939. // set base_path to core skin directory (not plugin's skin)
  940. $this->base_path = preg_replace('!plugins/\w+/!', '', $skin_path);
  941. $path = realpath(RCUBE_INSTALL_PATH . $path);
  942. }
  943. if (is_readable($path)) {
  944. if ($this->config->get('skin_include_php')) {
  945. $incl = $this->include_php($path);
  946. }
  947. else {
  948. $incl = file_get_contents($path);
  949. }
  950. $incl = $this->parse_conditions($incl);
  951. $incl = $this->parse_xml($incl);
  952. $incl = $this->fix_paths($incl);
  953. $this->base_path = $old_base_path;
  954. return $incl;
  955. }
  956. break;
  957. case 'plugin.include':
  958. $hook = $this->app->plugins->exec_hook("template_plugin_include", $attrib);
  959. return $hook['content'];
  960. // define a container block
  961. case 'container':
  962. if ($attrib['name'] && $attrib['id']) {
  963. $this->command('gui_container', $attrib['name'], $attrib['id']);
  964. // let plugins insert some content here
  965. $hook = $this->app->plugins->exec_hook("template_container", $attrib);
  966. return $hook['content'];
  967. }
  968. break;
  969. // return code for a specific application object
  970. case 'object':
  971. $object = strtolower($attrib['name']);
  972. $content = '';
  973. // we are calling a class/method
  974. if (($handler = $this->object_handlers[$object]) && is_array($handler)) {
  975. if (is_callable($handler)) {
  976. // We assume that objects with src attribute are internal (in most
  977. // cases this is a watermark frame). We need this to make sure assets_path
  978. // is added to the internal assets paths
  979. $external = empty($attrib['src']);
  980. $content = call_user_func($handler, $attrib);
  981. }
  982. }
  983. // execute object handler function
  984. else if (function_exists($handler)) {
  985. $content = call_user_func($handler, $attrib);
  986. }
  987. else if ($object == 'doctype') {
  988. $content = html::doctype($attrib['value']);
  989. }
  990. else if ($object == 'logo') {
  991. $attrib += array('alt' => $this->xml_command(array('', 'object', 'name="productname"')));
  992. if ($logo = $this->config->get('skin_logo')) {
  993. if (is_array($logo)) {
  994. if ($template_logo = $logo[$this->template_name]) {
  995. $attrib['src'] = $template_logo;
  996. }
  997. elseif ($template_logo = $logo['*']) {
  998. $attrib['src'] = $template_logo;
  999. }
  1000. }
  1001. else {
  1002. $attrib['src'] = $logo;
  1003. }
  1004. }
  1005. $content = html::img($attrib);
  1006. }
  1007. else if ($object == 'productname') {
  1008. $name = $this->config->get('product_name', 'Roundcube Webmail');
  1009. $content = html::quote($name);
  1010. }
  1011. else if ($object == 'version') {
  1012. $ver = (string)RCMAIL_VERSION;
  1013. if (is_file(RCUBE_INSTALL_PATH . '.svn/entries')) {
  1014. if (preg_match('/Revision:\s(\d+)/', @shell_exec('svn info'), $regs))
  1015. $ver .= ' [SVN r'.$regs[1].']';
  1016. }
  1017. else if (is_file(RCUBE_INSTALL_PATH . '.git/index')) {
  1018. if (preg_match('/Date:\s+([^\n]+)/', @shell_exec('git log -1'), $regs)) {
  1019. if ($date = date('Ymd.Hi', strtotime($regs[1]))) {
  1020. $ver .= ' [GIT '.$date.']';
  1021. }
  1022. }
  1023. }
  1024. $content = html::quote($ver);
  1025. }
  1026. else if ($object == 'steptitle') {
  1027. $content = html::quote($this->get_pagetitle());
  1028. }
  1029. else if ($object == 'pagetitle') {
  1030. if ($this->devel_mode && !empty($_SESSION['username']))
  1031. $title = $_SESSION['username'].' :: ';
  1032. else if ($prod_name = $this->config->get('product_name'))
  1033. $title = $prod_name . ' :: ';
  1034. else
  1035. $title = '';
  1036. $title .= $this->get_pagetitle();
  1037. $content = html::quote($title);
  1038. }
  1039. // exec plugin hooks for this template object
  1040. $hook = $this->app->plugins->exec_hook("template_object_$object", $attrib + array('content' => $content));
  1041. if (strlen($hook['content']) && !empty($external)) {
  1042. $object_id = uniqid('TEMPLOBJECT:', true);
  1043. $this->objects[$object_id] = $hook['content'];
  1044. $hook['content'] = $object_id;
  1045. }
  1046. return $hook['content'];
  1047. // return code for a specified eval expression
  1048. case 'exp':
  1049. return html::quote($this->eval_expression($attrib['expression']));
  1050. // return variable
  1051. case 'var':
  1052. $var = explode(':', $attrib['name']);
  1053. $name = $var[1];
  1054. $value = '';
  1055. switch ($var[0]) {
  1056. case 'env':
  1057. $value = $this->env[$name];
  1058. break;
  1059. case 'config':
  1060. $value = $this->config->get($name);
  1061. if (is_array($value) && $value[$_SESSION['storage_host']]) {
  1062. $value = $value[$_SESSION['storage_host']];
  1063. }
  1064. break;
  1065. case 'request':
  1066. $value = rcube_utils::get_input_value($name, rcube_utils::INPUT_GPC);
  1067. break;
  1068. case 'session':
  1069. $value = $_SESSION[$name];
  1070. break;
  1071. case 'cookie':
  1072. $value = htmlspecialchars($_COOKIE[$name]);
  1073. break;
  1074. case 'browser':
  1075. $value = $this->browser->{$name};
  1076. break;
  1077. }
  1078. if (is_array($value)) {
  1079. $value = implode(', ', $value);
  1080. }
  1081. return html::quote($value);
  1082. case 'form':
  1083. return $this->form_tag($attrib);
  1084. }
  1085. return '';
  1086. }
  1087. /**
  1088. * Include a specific file and return it's contents
  1089. *
  1090. * @param string $file File path
  1091. *
  1092. * @return string Contents of the processed file
  1093. */
  1094. protected function include_php($file)
  1095. {
  1096. ob_start();
  1097. include $file;
  1098. $out = ob_get_contents();
  1099. ob_end_clean();
  1100. return $out;
  1101. }
  1102. /**
  1103. * Put objects' content back into template output
  1104. */
  1105. protected function postrender($output)
  1106. {
  1107. // insert objects' contents
  1108. foreach ($this->objects as $key => $val) {
  1109. $output = str_replace($key, $val, $output, $count);
  1110. if ($count) {
  1111. $this->objects[$key] = null;
  1112. }
  1113. }
  1114. // make sure all <form> tags have a valid request token
  1115. $output = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $output);
  1116. return $output;
  1117. }
  1118. /**
  1119. * Create and register a button
  1120. *
  1121. * @param array $attrib Named button attributes
  1122. *
  1123. * @return string HTML button
  1124. * @todo Remove all inline JS calls and use jQuery instead.
  1125. * @todo Remove all sprintf()'s - they are pretty, but also slow.
  1126. */
  1127. public function button($attrib)
  1128. {
  1129. static $s_button_count = 100;
  1130. static $disabled_actions = null;
  1131. // these commands can be called directly via url
  1132. $a_static_commands = array('compose', 'list', 'preferences', 'folders', 'identities');
  1133. if (!($attrib['command'] || $attrib['name'] || $attrib['href'])) {
  1134. return '';
  1135. }
  1136. // try to find out the button type
  1137. if ($attrib['type']) {
  1138. $attrib['type'] = strtolower($attrib['type']);
  1139. if ($pos = strpos($attrib['type'], '-menuitem')) {
  1140. $attrib['type'] = substr($attrib['type'], 0, -9);
  1141. $menuitem = true;
  1142. }
  1143. }
  1144. else {
  1145. $attrib['type'] = ($attrib['image'] || $attrib['imagepas'] || $attrib['imageact']) ? 'image' : 'link';
  1146. }
  1147. $command = $attrib['command'];
  1148. if ($attrib['task']) {
  1149. $element = $command = $attrib['task'] . '.' . $command;
  1150. }
  1151. else {
  1152. $element = ($this->env['task'] ? $this->env['task'] . '.' : '') . $command;
  1153. }
  1154. if ($disabled_actions === null) {
  1155. $disabled_actions = (array) $this->config->get('disabled_actions');
  1156. }
  1157. // remove buttons for disabled actions
  1158. if (in_array($element, $disabled_actions)) {
  1159. return '';
  1160. }
  1161. if (!$attrib['image']) {
  1162. $attrib['image'] = $attrib['imagepas'] ? $attrib['imagepas'] : $attrib['imageact'];
  1163. }
  1164. if (!$attrib['id']) {
  1165. $attrib['id'] = sprintf('rcmbtn%d', $s_button_count++);
  1166. }
  1167. // get localized text for labels and titles
  1168. if ($attrib['title']) {
  1169. $attrib['title'] = html::quote($this->app->gettext($attrib['title'], $attrib['domain']));
  1170. }
  1171. if ($attrib['label']) {
  1172. $attrib['label'] = html::quote($this->app->gettext($attrib['label'], $attrib['domain']));
  1173. }
  1174. if ($attrib['alt']) {
  1175. $attrib['alt'] = html::quote($this->app->gettext($attrib['alt'], $attrib['domain']));
  1176. }
  1177. // set accessibility attributes
  1178. if (!$attrib['role']) {
  1179. $attrib['role'] = 'button';
  1180. }
  1181. if (!empty($attrib['class']) && !empty($attrib['classact']) || !empty($attrib['imagepas']) && !empty($attrib['imageact'])) {
  1182. if (array_key_exists('tabindex', $attrib))
  1183. $attrib['data-tabindex'] = $attrib['tabindex'];
  1184. $attrib['tabindex'] = '-1'; // disable button by default
  1185. $attrib['aria-disabled'] = 'true';
  1186. }
  1187. // set title to alt attribute for IE browsers
  1188. if ($this->browser->ie && !$attrib['title'] && $attrib['alt']) {
  1189. $attrib['title'] = $attrib['alt'];
  1190. }
  1191. // add empty alt attribute for XHTML compatibility
  1192. if (!isset($attrib['alt'])) {
  1193. $attrib['alt'] = '';
  1194. }
  1195. // register button in the system
  1196. if ($attrib['command']) {
  1197. $this->add_script(sprintf(
  1198. "%s.register_button('%s', '%s', '%s', '%s', '%s', '%s');",
  1199. self::JS_OBJECT_NAME,
  1200. $command,
  1201. $attrib['id'],
  1202. $attrib['type'],
  1203. $attrib['imageact'] ? $this->abs_url($attrib['imageact']) : $attrib['classact'],
  1204. $attrib['imagesel'] ? $this->abs_url($attrib['imagesel']) : $attrib['classsel'],
  1205. $attrib['imageover'] ? $this->abs_url($attrib['imageover']) : ''
  1206. ));
  1207. // make valid href to specific buttons
  1208. if (in_array($attrib['command'], rcmail::$main_tasks)) {
  1209. $attrib['href'] = $this->app->url(array('task' => $attrib['command']));
  1210. $attrib['onclick'] = sprintf("return %s.command('switch-task','%s',this,event)", self::JS_OBJECT_NAME, $attrib['command']);
  1211. }
  1212. else if ($attrib['task'] && in_array($attrib['task'], rcmail::$main_tasks)) {
  1213. $attrib['href'] = $this->app->url(array('action' => $attrib['command'], 'task' => $attrib['task']));
  1214. }
  1215. else if (in_array($attrib['command'], $a_static_commands)) {
  1216. $attrib['href'] = $this->app->url(array('action' => $attrib['command']));
  1217. }
  1218. else if (($attrib['command'] == 'permaurl' || $attrib['command'] == 'extwin') && !empty($this->env['permaurl'])) {
  1219. $attrib['href'] = $this->env['permaurl'];
  1220. }
  1221. }
  1222. // overwrite attributes
  1223. if (!$attrib['href']) {
  1224. $attrib['href'] = '#';
  1225. }
  1226. if ($attrib['task']) {
  1227. if ($attrib['classact'])
  1228. $attrib['class'] = $attrib['classact'];
  1229. }
  1230. else if ($command && !$attrib['onclick']) {
  1231. $attrib['onclick'] = sprintf(
  1232. "return %s.command('%s','%s',this,event)",
  1233. self::JS_OBJECT_NAME,
  1234. $command,
  1235. $attrib['prop']
  1236. );
  1237. }
  1238. $out = '';
  1239. // generate image tag
  1240. if ($attrib['type'] == 'image') {
  1241. $attrib_str = html::attrib_string(
  1242. $attrib,
  1243. array(
  1244. 'style', 'class', 'id', 'width', 'height', 'border', 'hspace',
  1245. 'vspace', 'align', 'alt', 'tabindex', 'title'
  1246. )
  1247. );
  1248. $btn_content = sprintf('<img src="%s"%s />', $this->abs_url($attrib['image']), $attrib_str);
  1249. if ($attrib['label']) {
  1250. $btn_content .= ' '.$attrib['label'];
  1251. }
  1252. $link_attrib = array('href', 'onclick', 'onmouseover', 'onmouseout', 'onmousedown', 'onmouseup', 'target');
  1253. }
  1254. else if ($attrib['type'] == 'link') {
  1255. $btn_content = isset($attrib['content']) ? $attrib['content'] : ($attrib['label'] ? $attrib['label'] : $attrib['command']);
  1256. $link_attrib = array_merge(html::$common_attrib, array('href', 'onclick', 'tabindex', 'target'));
  1257. if ($attrib['innerclass'])
  1258. $btn_content = html::span($attrib['innerclass'], $btn_content);
  1259. }
  1260. else if ($attrib['type'] == 'input') {
  1261. $attrib['type'] = 'button';
  1262. if ($attrib['label']) {
  1263. $attrib['value'] = $attrib['label'];
  1264. }
  1265. if ($attrib['command']) {
  1266. $attrib['disabled'] = 'disabled';
  1267. }
  1268. $out = html::tag('input', $attrib, null, array('type', 'value', 'onclick', 'id', 'class', 'style', 'tabindex', 'disabled'));
  1269. }
  1270. // generate html code for button
  1271. if ($btn_content) {
  1272. $attrib_str = html::attrib_string($attrib, $link_attrib);
  1273. $out = sprintf('<a%s>%s</a>', $attrib_str, $btn_content);
  1274. }
  1275. if ($attrib['wrapper']) {
  1276. $out = html::tag($attrib['wrapper'], null, $out);
  1277. }
  1278. if ($menuitem) {
  1279. $class = $attrib['menuitem-class'] ? ' class="' . $attrib['menuitem-class'] . '"' : '';
  1280. $out = '<li role="menuitem"' . $class . '>' . $out . '</li>';
  1281. }
  1282. return $out;
  1283. }
  1284. /**
  1285. * Link an external script file
  1286. *
  1287. * @param string $file File URL
  1288. * @param string $position Target position [head|foot]
  1289. */
  1290. public function include_script($file, $position='head')
  1291. {
  1292. if (!preg_match('|^https?://|i', $file) && $file[0] != '/') {
  1293. $file = $this->file_mod($this->scripts_path . $file);
  1294. }
  1295. if (!is_array($this->script_files[$position])) {
  1296. $this->script_files[$position] = array();
  1297. }
  1298. if (!in_array($file, $this->script_files[$position])) {
  1299. $this->script_files[$position][] = $file;
  1300. }
  1301. }
  1302. /**
  1303. * Add inline javascript code
  1304. *
  1305. * @param string $script JS code snippet
  1306. * @param string $position Target position [head|head_top|foot]
  1307. */
  1308. public function add_script($script, $position='head')
  1309. {
  1310. if (!isset($this->scripts[$position])) {
  1311. $this->scripts[$position] = "\n" . rtrim($script);
  1312. }
  1313. else {
  1314. $this->scripts[$position] .= "\n" . rtrim($script);
  1315. }
  1316. }
  1317. /**
  1318. * Link an external css file
  1319. *
  1320. * @param string $file File URL
  1321. */
  1322. public function include_css($file)
  1323. {
  1324. $this->css_files[] = $file;
  1325. }
  1326. /**
  1327. * Add HTML code to the page header
  1328. *
  1329. * @param string $str HTML code
  1330. */
  1331. public function add_header($str)
  1332. {
  1333. $this->header .= "\n" . $str;
  1334. }
  1335. /**
  1336. * Add HTML code to the page footer
  1337. * To be added right befor </body>
  1338. *
  1339. * @param string $str HTML code
  1340. */
  1341. public function add_footer($str)
  1342. {
  1343. $this->footer .= "\n" . $str;
  1344. }
  1345. /**
  1346. * Process template and write to stdOut
  1347. *
  1348. * @param string $templ HTML template
  1349. * @param string $base_path Base for absolute paths
  1350. */
  1351. protected function _write($templ = '', $base_path = '')
  1352. {
  1353. $output = trim($templ);
  1354. if (empty($output)) {
  1355. $output = html::doctype('html5') . "\n" . $this->default_template;
  1356. $is_empty = true;
  1357. }
  1358. // set default page title
  1359. if (empty($this->pagetitle)) {
  1360. $this->pagetitle = 'Roundcube Mail';
  1361. }
  1362. // declare page language
  1363. if (!empty($_SESSION['language'])) {
  1364. $lang = substr($_SESSION['language'], 0, 2);
  1365. $output = preg_replace('/<html/', '<html lang="' . html::quote($lang) . '"', $output, 1);
  1366. if (!headers_sent()) {
  1367. header('Content-Language: ' . $lang);
  1368. }
  1369. }
  1370. // replace specialchars in content
  1371. $page_title = html::quote($this->pagetitle);
  1372. $page_header = '';
  1373. $page_footer = '';
  1374. // include meta tag with charset
  1375. if (!empty($this->charset)) {
  1376. if (!headers_sent()) {
  1377. header('Content-Type: text/html; charset=' . $this->charset);
  1378. }
  1379. $page_header = '<meta http-equiv="content-type"';
  1380. $page_header.= ' content="text/html; charset=';
  1381. $page_header.= $this->charset . '" />'."\n";
  1382. }
  1383. // definition of the code to be placed in the document header and footer
  1384. if (is_array($this->script_files['head'])) {
  1385. foreach ($this->script_files['head'] as $file) {
  1386. $page_header .= html::script($file);
  1387. }
  1388. }
  1389. $head_script = $this->scripts['head_top'] . $this->scripts['head'];
  1390. if (!empty($head_script)) {
  1391. $page_header .= html::script(array(), $head_script);
  1392. }
  1393. if (!empty($this->header)) {
  1394. $page_header .= $this->header;
  1395. }
  1396. // put docready commands into page footer
  1397. if (!empty($this->scripts['docready'])) {
  1398. $this->add_script('$(document).ready(function(){ ' . $this->scripts['docready'] . "\n});", 'foot');
  1399. }
  1400. if (is_array($this->script_files['foot'])) {
  1401. foreach ($this->script_files['foot'] as $file) {
  1402. $page_footer .= html::script($file);
  1403. }
  1404. }
  1405. if (!empty($this->footer)) {
  1406. $page_footer .= $this->footer . "\n";
  1407. }
  1408. if (!empty($this->scripts['foot'])) {
  1409. $page_footer .= html::script(array(), $this->scripts['foot']);
  1410. }
  1411. // find page header
  1412. if ($hpos = stripos($output, '</head>')) {
  1413. $page_header .= "\n";
  1414. }
  1415. else {
  1416. if (!is_numeric($hpos)) {
  1417. $hpos = stripos($output, '<body');
  1418. }
  1419. if (!is_numeric($hpos) && ($hpos = stripos($output, '<html'))) {
  1420. while ($output[$hpos] != '>') {
  1421. $hpos++;
  1422. }
  1423. $hpos++;
  1424. }
  1425. $page_header = "<head>\n<title>$page_title</title>\n$page_header\n</head>\n";
  1426. }
  1427. // add page hader
  1428. if ($hpos) {
  1429. $output = substr_replace($output, $page_header, $hpos, 0);
  1430. }
  1431. else {
  1432. $output = $page_header . $output;
  1433. }
  1434. // add page footer
  1435. if (($fpos = strripos($output, '</body>')) || ($fpos = strripos($output, '</html>'))) {
  1436. $output = substr_replace($output, $page_footer."\n", $fpos, 0);
  1437. }
  1438. else {
  1439. $output .= "\n".$page_footer;
  1440. }
  1441. // add css files in head, before scripts, for speed up with parallel downloads
  1442. if (!empty($this->css_files) && !$is_empty
  1443. && (($pos = stripos($output, '<script ')) || ($pos = stripos($output, '</head>')))
  1444. ) {
  1445. $css = '';
  1446. foreach ($this->css_files as $file) {
  1447. $css .= html::tag('link', array('rel' => 'stylesheet',
  1448. 'type' => 'text/css', 'href' => $file, 'nl' => true));
  1449. }
  1450. $output = substr_replace($output, $css, $pos, 0);
  1451. }
  1452. $output = $this->parse_with_globals($this->fix_paths($output));
  1453. if ($this->assets_path) {
  1454. $output = $this->fix_assets_paths($output);
  1455. }
  1456. $output = $this->postrender($output);
  1457. // trigger hook with final HTML content to be sent
  1458. $hook = $this->app->plugins->exec_hook("send_page", array('content' => $output));
  1459. if (!$hook['abort']) {
  1460. if ($this->charset != RCUBE_CHARSET) {
  1461. echo rcube_charset::convert($hook['content'], RCUBE_CHARSET, $this->charset);
  1462. }
  1463. else {
  1464. echo $hook['content'];
  1465. }
  1466. }
  1467. }
  1468. /**
  1469. * Returns iframe object, registers some related env variables
  1470. *
  1471. * @param array $attrib HTML attributes
  1472. * @param boolean $is_contentframe Register this iframe as the 'contentframe' gui object
  1473. *
  1474. * @return string IFRAME element
  1475. */
  1476. public function frame($attrib, $is_contentframe = false)
  1477. {
  1478. static $idcount = 0;
  1479. if (!$attrib['id']) {
  1480. $attrib['id'] = 'rcmframe' . ++$idcount;
  1481. }
  1482. $attrib['name'] = $attrib['id'];
  1483. $attrib['src'] = $attrib['src'] ? $this->abs_url($attrib['src'], true) : 'program/resources/blank.gif';
  1484. // register as 'contentframe' object
  1485. if ($is_contentframe || $attrib['contentframe']) {
  1486. $this->set_env('contentframe', $attrib['contentframe'] ? $attrib['contentframe'] : $attrib['name']);
  1487. $this->set_env('blankpage', $this->asset_url($attrib['src']));
  1488. }
  1489. return html::iframe($attrib);
  1490. }
  1491. /* ************* common functions delivering gui objects ************** */
  1492. /**
  1493. * Create a form tag with the necessary hidden fields
  1494. *
  1495. * @param array $attrib Named tag parameters
  1496. * @param string $content HTML content of the form
  1497. *
  1498. * @return string HTML code for the form
  1499. */
  1500. public function form_tag($attrib, $content = null)
  1501. {
  1502. if ($this->env['extwin']) {
  1503. $hiddenfield = new html_hiddenfield(array('name' => '_extwin', 'value' => '1'));
  1504. $hidden = $hiddenfield->show();
  1505. }
  1506. else if ($this->framed || $this->env['framed']) {
  1507. $hiddenfield = new html_hiddenfield(array('name' => '_framed', 'value' => '1'));
  1508. $hidden = $hiddenfield->show();
  1509. }
  1510. if (!$content) {
  1511. $attrib['noclose'] = true;
  1512. }
  1513. return html::tag('form',
  1514. $attrib + array('action' => $this->app->comm_path, 'method' => "get"),
  1515. $hidden . $content,
  1516. array('id','class','style','name','method','action','enctype','onsubmit')
  1517. );
  1518. }
  1519. /**
  1520. * Build a form tag with a unique request token
  1521. *
  1522. * @param array $attrib Named tag parameters including 'action' and 'task' values
  1523. * which will be put into hidden fields
  1524. * @param string $content Form content
  1525. *
  1526. * @return string HTML code for the form
  1527. */
  1528. public function request_form($attrib, $content = '')
  1529. {
  1530. $hidden = new html_hiddenfield();
  1531. if ($attrib['task']) {
  1532. $hidden->add(array('name' => '_task', 'value' => $attrib['task']));
  1533. }
  1534. if ($attrib['action']) {
  1535. $hidden->add(array('name' => '_action', 'value' => $attrib['action']));
  1536. }
  1537. // we already have a <form> tag
  1538. if ($attrib['form']) {
  1539. if ($this->framed || $this->env['framed']) {
  1540. $hidden->add(array('name' => '_framed', 'value' => '1'));
  1541. }
  1542. return $hidden->show() . $content;
  1543. }
  1544. unset($attrib['task'], $attrib['request']);
  1545. $attrib['action'] = './';
  1546. return $this->form_tag($attrib, $hidden->show() . $content);
  1547. }
  1548. /**
  1549. * GUI object 'username'
  1550. * Showing IMAP username of the current session
  1551. *
  1552. * @param array $attrib Named tag parameters (currently not used)
  1553. *
  1554. * @return string HTML code for the gui object
  1555. */
  1556. public function current_username($attrib)
  1557. {
  1558. static $username;
  1559. // alread fetched
  1560. if (!empty($username)) {
  1561. return $username;
  1562. }
  1563. // Current username is an e-mail address
  1564. if (strpos($_SESSION['username'], '@')) {
  1565. $username = $_SESSION['username'];
  1566. }
  1567. // get e-mail address from default identity
  1568. else if ($sql_arr = $this->app->user->get_identity()) {
  1569. $username = $sql_arr['email'];
  1570. }
  1571. else {
  1572. $username = $this->app->user->get_username();
  1573. }
  1574. return rcube_utils::idn_to_utf8($username);
  1575. }
  1576. /**
  1577. * GUI object 'loginform'
  1578. * Returns code for the webmail login form
  1579. *
  1580. * @param array $attrib Named parameters
  1581. *
  1582. * @return string HTML code for the gui object
  1583. */
  1584. protected function login_form($attrib)
  1585. {
  1586. $default_host = $this->config->get('default_host');
  1587. $autocomplete = (int) $this->config->get('login_autocomplete');
  1588. $_SESSION['temp'] = true;
  1589. // save original url
  1590. $url = rcube_utils::get_input_value('_url', rcube_utils::INPUT_POST);
  1591. if (empty($url) && !preg_match('/_(task|action)=logout/', $_SERVER['QUERY_STRING']))
  1592. $url = $_SERVER['QUERY_STRING'];
  1593. // Disable autocapitalization on iPad/iPhone (#1488609)
  1594. $attrib['autocapitalize'] = 'off';
  1595. $form_name = !empty($attrib['form']) ? $attrib['form'] : 'form';
  1596. // set atocomplete attribute
  1597. $user_attrib = $autocomplete > 0 ? array() : array('autocomplete' => 'off');
  1598. $host_attrib = $autocomplete > 0 ? array() : array('autocomplete' => 'off');
  1599. $pass_attrib = $autocomplete > 1 ? array() : array('autocomplete' => 'off');
  1600. $input_task = new html_hiddenfield(array('name' => '_task', 'value' => 'login'));
  1601. $input_action = new html_hiddenfield(array('name' => '_action', 'value' => 'login'));
  1602. $input_tzone = new html_hiddenfield(array('name' => '_timezone', 'id' => 'rcmlogintz', 'value' => '_default_'));
  1603. $input_url = new html_hiddenfield(array('name' => '_url', 'id' => 'rcmloginurl', 'value' => $url));
  1604. $input_user = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser', 'required' => 'required')
  1605. + $attrib + $user_attrib);
  1606. $input_pass = new html_passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd', 'required' => 'required')
  1607. + $attrib + $pass_attrib);
  1608. $input_host = null;
  1609. if (is_array($default_host) && count($default_host) > 1) {
  1610. $input_host = new html_select(array('name' => '_host', 'id' => 'rcmloginhost'));
  1611. foreach ($default_host as $key => $value) {
  1612. if (!is_array($value)) {
  1613. $input_host->add($value, (is_numeric($key) ? $value : $key));
  1614. }
  1615. else {
  1616. $input_host = null;
  1617. break;
  1618. }
  1619. }
  1620. }
  1621. else if (is_array($default_host) && ($host = key($default_host)) !== null) {
  1622. $hide_host = true;
  1623. $input_host = new html_hiddenfield(array(
  1624. 'name' => '_host', 'id' => 'rcmloginhost', 'value' => is_numeric($host) ? $default_host[$host] : $host) + $attrib);
  1625. }
  1626. else if (empty($default_host)) {
  1627. $input_host = new html_inputfield(array('name' => '_host', 'id' => 'rcmloginhost')
  1628. + $attrib + $host_attrib);
  1629. }
  1630. $this->add_gui_object('loginform', $form_name);
  1631. // create HTML table with two cols
  1632. $table = new html_table(array('cols' => 2));
  1633. $table->add('title', html::label('rcmloginuser', html::quote($this->app->gettext('username'))));
  1634. $table->add('input', $input_user->show(rcube_utils::get_input_value('_user', rcube_utils::INPUT_GPC)));
  1635. $table->add('title', html::label('rcmloginpwd', html::quote($this->app->gettext('password'))));
  1636. $table->add('input', $input_pass->show());
  1637. // add host selection row
  1638. if (is_object($input_host) && !$hide_host) {
  1639. $table->add('title', html::label('rcmloginhost', html::quote($this->app->gettext('server'))));
  1640. $table->add('input', $input_host->show(rcube_utils::get_input_value('_host', rcube_utils::INPUT_GPC)));
  1641. }
  1642. $out = $input_task->show();
  1643. $out .= $input_action->show();
  1644. $out .= $input_tzone->show();
  1645. $out .= $input_url->show();
  1646. $out .= $table->show();
  1647. if ($hide_host) {
  1648. $out .= $input_host->show();
  1649. }
  1650. if (rcube_utils::get_boolean($attrib['submit'])) {
  1651. $submit = new html_inputfield(array('type' => 'submit', 'id' => 'rcmloginsubmit',
  1652. 'class' => 'button mainaction', 'value' => $this->app->gettext('login')));
  1653. $out .= html::p('formbuttons', $submit->show());
  1654. }
  1655. // surround html output with a form tag
  1656. if (empty($attrib['form'])) {
  1657. $out = $this->form_tag(array('name' => $form_name, 'method' => 'post'), $out);
  1658. }
  1659. // include script for timezone detection
  1660. $this->include_script('jstz.min.js');
  1661. return $out;
  1662. }
  1663. /**
  1664. * GUI object 'preloader'
  1665. * Loads javascript code for images preloading
  1666. *
  1667. * @param array $attrib Named parameters
  1668. * @return void
  1669. */
  1670. protected function preloader($attrib)
  1671. {
  1672. $images = preg_split('/[\s\t\n,]+/', $attrib['images'], -1, PREG_SPLIT_NO_EMPTY);
  1673. $images = array_map(array($this, 'abs_url'), $images);
  1674. $images = array_map(array($this, 'asset_url'), $images);
  1675. if (empty($images) || $_REQUEST['_task'] == 'logout') {
  1676. return;
  1677. }
  1678. $this->add_script('var images = ' . self::json_serialize($images, $this->devel_mode) .';
  1679. for (var i=0; i<images.length; i++) {
  1680. img = new Image();
  1681. img.src = images[i];
  1682. }', 'docready');
  1683. }
  1684. /**
  1685. * GUI object 'searchform'
  1686. * Returns code for search function
  1687. *
  1688. * @param array $attrib Named parameters
  1689. *
  1690. * @return string HTML code for the gui object
  1691. */
  1692. protected function search_form($attrib)
  1693. {
  1694. // add some labels to client
  1695. $this->add_label('searching');
  1696. $attrib['name'] = '_q';
  1697. if (empty($attrib['id'])) {
  1698. $attrib['id'] = 'rcmqsearchbox';
  1699. }
  1700. if ($attrib['type'] == 'search' && !$this->browser->khtml) {
  1701. unset($attrib['type'], $attrib['results']);
  1702. }
  1703. $input_q = new html_inputfield($attrib);
  1704. $out = $input_q->show();
  1705. $this->add_gui_object('qsearchbox', $attrib['id']);
  1706. // add form tag around text field
  1707. if (empty($attrib['form'])) {
  1708. $out = $this->form_tag(array(
  1709. 'name' => "rcmqsearchform",
  1710. 'onsubmit' => self::JS_OBJECT_NAME . ".command('search'); return false",
  1711. 'style' => "display:inline"
  1712. ), $out);
  1713. }
  1714. return $out;
  1715. }
  1716. /**
  1717. * Builder for GUI object 'message'
  1718. *
  1719. * @param array Named tag parameters
  1720. * @return string HTML code for the gui object
  1721. */
  1722. protected function message_container($attrib)
  1723. {
  1724. if (isset($attrib['id']) === false) {
  1725. $attrib['id'] = 'rcmMessageContainer';
  1726. }
  1727. $this->add_gui_object('message', $attrib['id']);
  1728. return html::div($attrib, '');
  1729. }
  1730. /**
  1731. * GUI object 'charsetselector'
  1732. *
  1733. * @param array $attrib Named parameters for the select tag
  1734. *
  1735. * @return string HTML code for the gui object
  1736. */
  1737. public function charset_selector($attrib)
  1738. {
  1739. // pass the following attributes to the form class
  1740. $field_attrib = array('name' => '_charset');
  1741. foreach ($attrib as $attr => $value) {
  1742. if (in_array($attr, array('id', 'name', 'class', 'style', 'size', 'tabindex'))) {
  1743. $field_attrib[$attr] = $value;
  1744. }
  1745. }
  1746. $charsets = array(
  1747. 'UTF-8' => 'UTF-8 ('.$this->app->gettext('unicode').')',
  1748. 'US-ASCII' => 'ASCII ('.$this->app->gettext('english').')',
  1749. 'ISO-8859-1' => 'ISO-8859-1 ('.$this->app->gettext('westerneuropean').')',
  1750. 'ISO-8859-2' => 'ISO-8859-2 ('.$this->app->gettext('easterneuropean').')',
  1751. 'ISO-8859-4' => 'ISO-8859-4 ('.$this->app->gettext('baltic').')',
  1752. 'ISO-8859-5' => 'ISO-8859-5 ('.$this->app->gettext('cyrillic').')',
  1753. 'ISO-8859-6' => 'ISO-8859-6 ('.$this->app->gettext('arabic').')',
  1754. 'ISO-8859-7' => 'ISO-8859-7 ('.$this->app->gettext('greek').')',
  1755. 'ISO-8859-8' => 'ISO-8859-8 ('.$this->app->gettext('hebrew').')',
  1756. 'ISO-8859-9' => 'ISO-8859-9 ('.$this->app->gettext('turkish').')',
  1757. 'ISO-8859-10' => 'ISO-8859-10 ('.$this->app->gettext('nordic').')',
  1758. 'ISO-8859-11' => 'ISO-8859-11 ('.$this->app->gettext('thai').')',
  1759. 'ISO-8859-13' => 'ISO-8859-13 ('.$this->app->gettext('baltic').')',
  1760. 'ISO-8859-14' => 'ISO-8859-14 ('.$this->app->gettext('celtic').')',
  1761. 'ISO-8859-15' => 'ISO-8859-15 ('.$this->app->gettext('westerneuropean').')',
  1762. 'ISO-8859-16' => 'ISO-8859-16 ('.$this->app->gettext('southeasterneuropean').')',
  1763. 'WINDOWS-1250' => 'Windows-1250 ('.$this->app->gettext('easterneuropean').')',
  1764. 'WINDOWS-1251' => 'Windows-1251 ('.$this->app->gettext('cyrillic').')',
  1765. 'WINDOWS-1252' => 'Windows-1252 ('.$this->app->gettext('westerneuropean').')',
  1766. 'WINDOWS-1253' => 'Windows-1253 ('.$this->app->gettext('greek').')',
  1767. 'WINDOWS-1254' => 'Windows-1254 ('.$this->app->gettext('turkish').')',
  1768. 'WINDOWS-1255' => 'Windows-1255 ('.$this->app->gettext('hebrew').')',
  1769. 'WINDOWS-1256' => 'Windows-1256 ('.$this->app->gettext('arabic').')',
  1770. 'WINDOWS-1257' => 'Windows-1257 ('.$this->app->gettext('baltic').')',
  1771. 'WINDOWS-1258' => 'Windows-1258 ('.$this->app->gettext('vietnamese').')',
  1772. 'ISO-2022-JP' => 'ISO-2022-JP ('.$this->app->gettext('japanese').')',
  1773. 'ISO-2022-KR' => 'ISO-2022-KR ('.$this->app->gettext('korean').')',
  1774. 'ISO-2022-CN' => 'ISO-2022-CN ('.$this->app->gettext('chinese').')',
  1775. 'EUC-JP' => 'EUC-JP ('.$this->app->gettext('japanese').')',
  1776. 'EUC-KR' => 'EUC-KR ('.$this->app->gettext('korean').')',
  1777. 'EUC-CN' => 'EUC-CN ('.$this->app->gettext('chinese').')',
  1778. 'BIG5' => 'BIG5 ('.$this->app->gettext('chinese').')',
  1779. 'GB2312' => 'GB2312 ('.$this->app->gettext('chinese').')',
  1780. );
  1781. if ($post = rcube_utils::get_input_value('_charset', rcube_utils::INPUT_POST)) {
  1782. $set = $post;
  1783. }
  1784. else if (!empty($attrib['selected'])) {
  1785. $set = $attrib['selected'];
  1786. }
  1787. else {
  1788. $set = $this->get_charset();
  1789. }
  1790. $set = strtoupper($set);
  1791. if (!isset($charsets[$set]) && preg_match('/^[A-Z0-9-]+$/', $set)) {
  1792. $charsets[$set] = $set;
  1793. }
  1794. $select = new html_select($field_attrib);
  1795. $select->add(array_values($charsets), array_keys($charsets));
  1796. return $select->show($set);
  1797. }
  1798. /**
  1799. * Include content from config/about.<LANG>.html if available
  1800. */
  1801. protected function about_content($attrib)
  1802. {
  1803. $content = '';
  1804. $filenames = array(
  1805. 'about.' . $_SESSION['language'] . '.html',
  1806. 'about.' . substr($_SESSION['language'], 0, 2) . '.html',
  1807. 'about.html',
  1808. );
  1809. foreach ($filenames as $file) {
  1810. $fn = RCUBE_CONFIG_DIR . $file;
  1811. if (is_readable($fn)) {
  1812. $content = file_get_contents($fn);
  1813. $content = $this->parse_conditions($content);
  1814. $content = $this->parse_xml($content);
  1815. break;
  1816. }
  1817. }
  1818. return $content;
  1819. }
  1820. }