From 59478e06c25303a790a0840ab2ac30662c4ef781 Mon Sep 17 00:00:00 2001
From: Hugues Hiegel <root@paranoid>
Date: Tue, 5 Aug 2014 16:46:22 +0200
Subject:  c'est la merde..

---
 program/include/rcmail_output_html.php | 145 +++++++++++++++++++--------------
 1 file changed, 83 insertions(+), 62 deletions(-)

(limited to 'program/include/rcmail_output_html.php')

diff --git a/program/include/rcmail_output_html.php b/program/include/rcmail_output_html.php
index a2ec29ca3..465d92f83 100644
--- a/program/include/rcmail_output_html.php
+++ b/program/include/rcmail_output_html.php
@@ -67,7 +67,6 @@ class rcmail_output_html extends rcmail_output
         //$this->framed = $framed;
         $this->set_env('task', $task);
         $this->set_env('x_frame_options', $this->config->get('x_frame_options', 'sameorigin'));
-        $this->set_env('standard_windows', (bool) $this->config->get('standard_windows'));
 
         // add cookie info
         $this->set_env('cookie_domain', ini_get('session.cookie_domain'));
@@ -106,6 +105,7 @@ class rcmail_output_html extends rcmail_output
         ));
     }
 
+
     /**
      * Set environment variable
      *
@@ -121,6 +121,7 @@ class rcmail_output_html extends rcmail_output
         }
     }
 
+
     /**
      * Getter for the current page title
      *
@@ -144,17 +145,17 @@ class rcmail_output_html extends rcmail_output
         return $title;
     }
 
+
     /**
      * Set skin
      */
     public function set_skin($skin)
     {
         $valid = false;
-        $path  = RCUBE_INSTALL_PATH . 'skins/';
 
-        if (!empty($skin) && is_dir($path . $skin) && is_readable($path . $skin)) {
-            $skin_path = 'skins/' . $skin;
-            $valid     = true;
+        if (!empty($skin) && is_dir('skins/'.$skin) && is_readable('skins/'.$skin)) {
+            $skin_path = 'skins/'.$skin;
+            $valid = true;
         }
         else {
             $skin_path = $this->config->get('skin_path');
@@ -182,16 +183,13 @@ class rcmail_output_html extends rcmail_output
         $this->skin_paths[] = $skin_path;
 
         // read meta file and check for dependecies
-        $meta = @file_get_contents(RCUBE_INSTALL_PATH . $skin_path . '/meta.json');
-        $meta = @json_decode($meta, true);
-        if ($meta['extends']) {
-            $path = RCUBE_INSTALL_PATH . 'skins/';
-            if (is_dir($path . $meta['extends']) && is_readable($path . $meta['extends'])) {
-                $this->load_skin('skins/' . $meta['extends']);
-            }
+        $meta = @json_decode(@file_get_contents($skin_path.'/meta.json'), true);
+        if ($meta['extends'] && is_dir('skins/' . $meta['extends'])) {
+            $this->load_skin('skins/' . $meta['extends']);
         }
     }
 
+
     /**
      * Check if a specific template exists
      *
@@ -200,18 +198,17 @@ class rcmail_output_html extends rcmail_output
      */
     public function template_exists($name)
     {
+        $found = false;
         foreach ($this->skin_paths as $skin_path) {
-            $filename = RCUBE_INSTALL_PATH . $skin_path . '/templates/' . $name . '.html';
-            if ((is_file($filename) && is_readable($filename))
-                || ($this->deprecated_templates[$name] && $this->template_exists($this->deprecated_templates[$name]))
-            ) {
-                return true;
-            }
+            $filename = $skin_path . '/templates/' . $name . '.html';
+            $found = (is_file($filename) && is_readable($filename)) || ($this->deprecated_templates[$name] && $this->template_exists($this->deprecated_templates[$name]));
+            if ($found)
+                break;
         }
-
-        return false;
+        return $found;
     }
 
+
     /**
      * Find the given file in the current skin path stack
      *
@@ -236,6 +233,7 @@ class rcmail_output_html extends rcmail_output
         return false;
     }
 
+
     /**
      * Register a GUI object to the client script
      *
@@ -248,6 +246,7 @@ class rcmail_output_html extends rcmail_output
         $this->add_script(self::JS_OBJECT_NAME.".gui_object('$obj', '$id');");
     }
 
+
     /**
      * Call a client method
      *
@@ -263,6 +262,7 @@ class rcmail_output_html extends rcmail_output
           $this->js_commands[] = $cmd;
     }
 
+
     /**
      * Add a localized label to the client environment
      */
@@ -277,6 +277,7 @@ class rcmail_output_html extends rcmail_output
         }
     }
 
+
     /**
      * Invoke display_message command
      *
@@ -303,6 +304,7 @@ class rcmail_output_html extends rcmail_output
         }
     }
 
+
     /**
      * Delete all stored env variables and commands
      *
@@ -325,6 +327,7 @@ class rcmail_output_html extends rcmail_output
         $this->body         = '';
     }
 
+
     /**
      * Redirect to a certain url
      *
@@ -340,6 +343,7 @@ class rcmail_output_html extends rcmail_output
         exit;
     }
 
+
     /**
      * Send the request output to the client.
      * This will either parse a skin tempalte or send an AJAX response
@@ -373,6 +377,7 @@ class rcmail_output_html extends rcmail_output
         }
     }
 
+
     /**
      * Process template and write to stdOut
      *
@@ -408,6 +413,7 @@ class rcmail_output_html extends rcmail_output
         $this->_write($template, $this->config->get('skin_path'));
     }
 
+
     /**
      * Parse a specific skin template and deliver to stdout (or return)
      *
@@ -532,6 +538,7 @@ class rcmail_output_html extends rcmail_output
         }
     }
 
+
     /**
      * Return executable javascript code for all registered commands
      *
@@ -563,6 +570,7 @@ class rcmail_output_html extends rcmail_output
         return $out;
     }
 
+
     /**
      * Make URLs starting with a slash point to skin directory
      *
@@ -582,6 +590,7 @@ class rcmail_output_html extends rcmail_output
             return $str;
     }
 
+
     /**
      * Show error page and terminate script execution
      *
@@ -616,6 +625,7 @@ class rcmail_output_html extends rcmail_output
             array($this, 'globals_callback'), $input);
     }
 
+
     /**
      * Callback funtion for preg_replace_callback() in parse_with_globals()
      */
@@ -624,6 +634,7 @@ class rcmail_output_html extends rcmail_output
         return $GLOBALS[$matches[1]];
     }
 
+
     /**
      * Correct absolute paths in images and other tags
      * add timestamp to .js and .css filename
@@ -635,6 +646,7 @@ class rcmail_output_html extends rcmail_output
             array($this, 'file_callback'), $output);
     }
 
+
     /**
      * Callback function for preg_replace_callback in write()
      *
@@ -643,7 +655,7 @@ class rcmail_output_html extends rcmail_output
     protected function file_callback($matches)
     {
         $file = $matches[3];
-        $file = preg_replace('!^/this/!', '/', $file);
+        $file[0] = preg_replace('!^/this/!', '/', $file[0]);
 
         // correct absolute paths
         if ($file[0] == '/') {
@@ -660,6 +672,7 @@ class rcmail_output_html extends rcmail_output
         return $matches[1] . '=' . $matches[2] . $file . $matches[4];
     }
 
+
     /**
      * Public wrapper to dipp into template parsing.
      *
@@ -676,6 +689,7 @@ class rcmail_output_html extends rcmail_output
         return $input;
     }
 
+
     /**
      * Parse for conditional tags
      *
@@ -713,18 +727,21 @@ class rcmail_output_html extends rcmail_output
         return $input;
     }
 
+
     /**
      * Determines if a given condition is met
      *
+     * @todo   Get rid off eval() once I understand what this does.
      * @todo   Extend this to allow real conditions, not just "set"
      * @param  string Condition statement
      * @return boolean True if condition is met, False if not
      */
     protected function check_condition($condition)
     {
-        return $this->eval_expression($condition);
+        return eval("return (".$this->parse_expression($condition).");");
     }
 
+
     /**
      * Inserts hidden field with CSRF-prevention-token into POST forms
      */
@@ -741,16 +758,16 @@ class rcmail_output_html extends rcmail_output
         return $out;
     }
 
+
     /**
-     * Parse & evaluate a given expression and return its result.
-     *
-     * @param string Expression statement
+     * Parses expression and replaces variables
      *
-     * @return mixed Expression result
+     * @param  string Expression statement
+     * @return string Expression value
      */
-    protected function eval_expression ($expression)
+    protected function parse_expression($expression)
     {
-        $expression = preg_replace(
+        return preg_replace(
             array(
                 '/session:([a-z0-9_]+)/i',
                 '/config:([a-z0-9_]+)(:([a-z0-9_]+))?/i',
@@ -762,31 +779,17 @@ class rcmail_output_html extends rcmail_output
             ),
             array(
                 "\$_SESSION['\\1']",
-                "\$app->config->get('\\1',rcube_utils::get_boolean('\\3'))",
-                "\$env['\\1']",
+                "\$this->app->config->get('\\1',rcube_utils::get_boolean('\\3'))",
+                "\$this->env['\\1']",
                 "rcube_utils::get_input_value('\\1', rcube_utils::INPUT_GPC)",
                 "\$_COOKIE['\\1']",
-                "\$browser->{'\\1'}",
+                "\$this->browser->{'\\1'}",
                 $this->template_name,
             ),
-            $expression
-        );
-
-        $fn = create_function('$app,$browser,$env', "return ($expression);");
-        if (!$fn) {
-            rcube::raise_error(array(
-                'code' => 505,
-                'type' => 'php',
-                'file' => __FILE__,
-                'line' => __LINE__,
-                'message' => "Expression parse error on: ($expression)"), true, false);
-
-            return null;
-        }
-
-        return $fn($this->app, $this->browser, $this->env);
+            $expression);
     }
 
+
     /**
      * Search for special tags in input and replace them
      * with the appropriate content
@@ -801,6 +804,7 @@ class rcmail_output_html extends rcmail_output
         return preg_replace_callback('/<roundcube:([-_a-z]+)\s+((?:[^>]|\\\\>)+)(?<!\\\\)>/Ui', array($this, 'xml_command'), $input);
     }
 
+
     /**
      * Callback function for parsing an xml command tag
      * and turn it into real html content
@@ -835,7 +839,7 @@ class rcmail_output_html extends rcmail_output
             // show a label
             case 'label':
                 if ($attrib['expression'])
-                    $attrib['name'] = $this->eval_expression($attrib['expression']);
+                    $attrib['name'] = eval("return " . $this->parse_expression($attrib['expression']) .";");
 
                 if ($attrib['name'] || $attrib['command']) {
                     // @FIXME: 'noshow' is useless, remove?
@@ -967,7 +971,8 @@ class rcmail_output_html extends rcmail_output
 
             // return code for a specified eval expression
             case 'exp':
-                return html::quote($this->eval_expression($attrib['expression']));
+                $value = $this->parse_expression($attrib['expression']);
+                return eval("return html::quote($value);");
 
             // return variable
             case 'var':
@@ -1004,13 +1009,12 @@ class rcmail_output_html extends rcmail_output
                 }
 
                 return html::quote($value);
-
-            case 'form':
-                return $this->form_tag($attrib);
+                break;
         }
         return '';
     }
 
+
     /**
      * Include a specific file and return it's contents
      *
@@ -1027,6 +1031,7 @@ class rcmail_output_html extends rcmail_output
         return $out;
     }
 
+
     /**
      * Create and register a button
      *
@@ -1175,13 +1180,10 @@ class rcmail_output_html extends rcmail_output
             $out = sprintf('<a%s>%s</a>', $attrib_str, $btn_content);
         }
 
-        if ($attrib['wrapper']) {
-            $out = html::tag($attrib['wrapper'], null, $out);
-        }
-
         return $out;
     }
 
+
     /**
      * Link an external script file
      *
@@ -1212,6 +1214,7 @@ class rcmail_output_html extends rcmail_output
         $this->script_files[$position][] = $file;
     }
 
+
     /**
      * Add inline javascript code
      *
@@ -1228,6 +1231,7 @@ class rcmail_output_html extends rcmail_output
         }
     }
 
+
     /**
      * Link an external css file
      *
@@ -1238,6 +1242,7 @@ class rcmail_output_html extends rcmail_output
         $this->css_files[] = $file;
     }
 
+
     /**
      * Add HTML code to the page header
      *
@@ -1248,6 +1253,7 @@ class rcmail_output_html extends rcmail_output
         $this->header .= "\n" . $str;
     }
 
+
     /**
      * Add HTML code to the page footer
      * To be added right befor </body>
@@ -1259,6 +1265,7 @@ class rcmail_output_html extends rcmail_output
         $this->footer .= "\n" . $str;
     }
 
+
     /**
      * Process template and write to stdOut
      *
@@ -1267,7 +1274,12 @@ class rcmail_output_html extends rcmail_output
      */
     public function _write($templ = '', $base_path = '')
     {
-        $output = empty($templ) ? $this->default_template : trim($templ);
+        $output = trim($templ);
+
+        if (empty($output)) {
+            $output   = $this->default_template;
+            $is_empty = true;
+        }
 
         // set default page title
         if (empty($this->pagetitle)) {
@@ -1358,8 +1370,8 @@ class rcmail_output_html extends rcmail_output
         }
 
         // add css files in head, before scripts, for speed up with parallel downloads
-        if (!empty($this->css_files) && 
-            (($pos = stripos($output, '<script ')) || ($pos = stripos($output, '</head>')))
+        if (!empty($this->css_files) && !$is_empty
+            && (($pos = stripos($output, '<script ')) || ($pos = stripos($output, '</head>')))
         ) {
             $css = '';
             foreach ($this->css_files as $file) {
@@ -1383,6 +1395,7 @@ class rcmail_output_html extends rcmail_output
         }
     }
 
+
     /**
      * Returns iframe object, registers some related env variables
      *
@@ -1413,6 +1426,7 @@ class rcmail_output_html extends rcmail_output
 
     /*  ************* common functions delivering gui objects **************  */
 
+
     /**
      * Create a form tag with the necessary hidden fields
      *
@@ -1434,11 +1448,12 @@ class rcmail_output_html extends rcmail_output
         $attrib['noclose'] = true;
 
       return html::tag('form',
-        $attrib + array('action' => $this->app->comm_path, 'method' => "get"),
+        $attrib + array('action' => "./", 'method' => "get"),
         $hidden . $content,
         array('id','class','style','name','method','action','enctype','onsubmit'));
     }
 
+
     /**
      * Build a form tag with a unique request token
      *
@@ -1469,6 +1484,7 @@ class rcmail_output_html extends rcmail_output
             return $this->form_tag($attrib, $hidden->show() . $content);
     }
 
+
     /**
      * GUI object 'username'
      * Showing IMAP username of the current session
@@ -1500,6 +1516,7 @@ class rcmail_output_html extends rcmail_output
         return rcube_utils::idn_to_utf8($username);
     }
 
+
     /**
      * GUI object 'loginform'
      * Returns code for the webmail login form
@@ -1531,9 +1548,9 @@ class rcmail_output_html extends rcmail_output
         $input_action = new html_hiddenfield(array('name' => '_action', 'value' => 'login'));
         $input_tzone  = new html_hiddenfield(array('name' => '_timezone', 'id' => 'rcmlogintz', 'value' => '_default_'));
         $input_url    = new html_hiddenfield(array('name' => '_url', 'id' => 'rcmloginurl', 'value' => $url));
-        $input_user   = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser', 'required' => 'required')
+        $input_user   = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser')
             + $attrib + $user_attrib);
-        $input_pass   = new html_passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd', 'required' => 'required')
+        $input_pass   = new html_passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd')
             + $attrib + $pass_attrib);
         $input_host   = null;
 
@@ -1599,6 +1616,7 @@ class rcmail_output_html extends rcmail_output
         return $out;
     }
 
+
     /**
      * GUI object 'preloader'
      * Loads javascript code for images preloading
@@ -1621,6 +1639,7 @@ class rcmail_output_html extends rcmail_output
             }', 'docready');
     }
 
+
     /**
      * GUI object 'searchform'
      * Returns code for search function
@@ -1659,6 +1678,7 @@ class rcmail_output_html extends rcmail_output
         return $out;
     }
 
+
     /**
      * Builder for GUI object 'message'
      *
@@ -1676,6 +1696,7 @@ class rcmail_output_html extends rcmail_output
         return html::div($attrib, '');
     }
 
+
     /**
      * GUI object 'charsetselector'
      *
-- 
cgit v1.2.3