From fba3e1ae0c0f4c1d73f55b9f97674c3ed7e695e0 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 25 Sep 2016 08:35:18 +0200
Subject: [PATCH 01/24] GnuPG 2.1: Add option to configure gpgconf binary
 location

---
 plugins/enigma/config.inc.php.dist         | 4 ++++
 plugins/enigma/lib/enigma_driver_gnupg.php | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/plugins/enigma/config.inc.php.dist b/plugins/enigma/config.inc.php.dist
index 581ac8534b3..aa4280f419b 100644
--- a/plugins/enigma/config.inc.php.dist
+++ b/plugins/enigma/config.inc.php.dist
@@ -24,6 +24,10 @@ $config['enigma_pgp_binary'] = '';
 // It's used with GnuPG 2.x.
 $config['enigma_pgp_agent'] = '';
 
+// Location of gpgconf binary. By default it will be auto-detected.
+// It's used with GnuPG >= 2.1.
+$config['enigma_pgp_gpgconf'] = '';
+
 // Enables signatures verification feature.
 $config['enigma_signatures'] = true;
 
diff --git a/plugins/enigma/lib/enigma_driver_gnupg.php b/plugins/enigma/lib/enigma_driver_gnupg.php
index 3c02f9f4392..267af4fd1de 100644
--- a/plugins/enigma/lib/enigma_driver_gnupg.php
+++ b/plugins/enigma/lib/enigma_driver_gnupg.php
@@ -43,6 +43,7 @@ function init()
         $debug   = $this->rc->config->get('enigma_debug');
         $binary  = $this->rc->config->get('enigma_pgp_binary');
         $agent   = $this->rc->config->get('enigma_pgp_agent');
+        $gpgconf = $this->rc->config->get('enigma_pgp_gpgconf');
 
         if (!$homedir) {
             return new enigma_error(enigma_error::INTERNAL,
@@ -88,6 +89,9 @@ function init()
         if ($agent) {
             $options['agent'] = $agent;
         }
+        if ($gpgconf) {
+            $options['gpgconf'] = $gpgconf;
+        }
 
         // Create Crypt_GPG object
         try {

From 7829da358d80bc0a07b6b86dfc01f52abe7bce2f Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 25 Sep 2016 13:05:21 +0200
Subject: [PATCH 02/24] GnuPG 2.1: Fix importing newly generated (secret) keys
 using GnuPG 2.1

---
 plugins/enigma/enigma.js                    |  5 +++--
 plugins/enigma/lib/enigma_driver.php        |  7 ++++---
 plugins/enigma/lib/enigma_driver_gnupg.php  | 14 ++++++++++----
 plugins/enigma/lib/enigma_driver_phpssl.php |  2 +-
 plugins/enigma/lib/enigma_engine.php        |  6 +++---
 plugins/enigma/lib/enigma_ui.php            |  3 ++-
 6 files changed, 23 insertions(+), 14 deletions(-)

diff --git a/plugins/enigma/enigma.js b/plugins/enigma/enigma.js
index 081fea21b95..3dc3e9a8957 100644
--- a/plugins/enigma/enigma.js
+++ b/plugins/enigma/enigma.js
@@ -99,7 +99,7 @@ rcube_webmail.prototype.enigma_key_create_save = function()
         size = $('#key-size').val();
 
     $('[name="identity[]"]:checked').each(function() {
-      users.push(this.value);
+        users.push(this.value);
     });
 
     // validate the form
@@ -124,7 +124,8 @@ rcube_webmail.prototype.enigma_key_create_save = function()
 
         openpgp.generateKeyPair(options).then(function(keypair) {
             // success
-            var post = {_a: 'import', _keys: keypair.privateKeyArmored, _generated: 1};
+            var post = {_a: 'import', _keys: keypair.privateKeyArmored, _generated: 1,
+                _passwd: password, _keyid: keypair.key.primaryKey.fingerprint};
 
             // send request to server
             rcmail.http_post('plugin.enigmakeys', post, lock);
diff --git a/plugins/enigma/lib/enigma_driver.php b/plugins/enigma/lib/enigma_driver.php
index 1ed5fbc3d9c..eaa4364b476 100644
--- a/plugins/enigma/lib/enigma_driver.php
+++ b/plugins/enigma/lib/enigma_driver.php
@@ -77,12 +77,13 @@ abstract function verify($text, $signature);
     /**
      * Key/Cert file import.
      *
-     * @param string  File name or file content
-     * @param bollean True if first argument is a filename
+     * @param string File name or file content
+     * @param bolean True if first argument is a filename
+     * @param array  Optional key => password map
      *
      * @return mixed Import status array or enigma_error
      */
-    abstract function import($content, $isfile = false);
+    abstract function import($content, $isfile = false, $passwords = array());
 
     /**
      * Key/Cert export.
diff --git a/plugins/enigma/lib/enigma_driver_gnupg.php b/plugins/enigma/lib/enigma_driver_gnupg.php
index 267af4fd1de..b6f87946eab 100644
--- a/plugins/enigma/lib/enigma_driver_gnupg.php
+++ b/plugins/enigma/lib/enigma_driver_gnupg.php
@@ -201,14 +201,20 @@ function verify($text, $signature)
     /**
      * Key file import.
      *
-     * @param string  File name or file content
-     * @param bollean True if first argument is a filename
+     * @param string File name or file content
+     * @param bolean True if first argument is a filename
+     * @param array  Optional key => password map
      *
      * @return mixed Import status array or enigma_error
      */
-    public function import($content, $isfile=false)
+    public function import($content, $isfile = false, $passwords = array())
     {
         try {
+            // GnuPG 2.1 requires secret key passphrases on import
+            foreach ($passwords as $keyid => $pass) {
+                $this->gpg->addPassphrase($keyid, $pass);
+            }
+
             if ($isfile)
                 return $this->gpg->importKeyFile($content);
             else
@@ -251,7 +257,7 @@ public function export($keyid, $with_private = false)
      *
      * @return mixed Array of enigma_key objects or enigma_error
      */
-    public function list_keys($pattern='')
+    public function list_keys($pattern = '')
     {
         try {
             $keys = $this->gpg->getKeys($pattern);
diff --git a/plugins/enigma/lib/enigma_driver_phpssl.php b/plugins/enigma/lib/enigma_driver_phpssl.php
index 967811da0f8..8cffc62f08d 100644
--- a/plugins/enigma/lib/enigma_driver_phpssl.php
+++ b/plugins/enigma/lib/enigma_driver_phpssl.php
@@ -122,7 +122,7 @@ function verify($struct, $message)
         return $sig;
     }
 
-    public function import($content, $isfile=false)
+    public function import($content, $isfile = false, $passwords = array())
     {
     }
 
diff --git a/plugins/enigma/lib/enigma_engine.php b/plugins/enigma/lib/enigma_engine.php
index f3236778957..f75be365786 100644
--- a/plugins/enigma/lib/enigma_engine.php
+++ b/plugins/enigma/lib/enigma_engine.php
@@ -1113,10 +1113,10 @@ function generate_key($data)
      *
      * @return mixed Import status data array or enigma_error
      */
-    function import_key($content, $isfile=false)
+    function import_key($content, $isfile = false)
     {
         $this->load_pgp_driver();
-        $result = $this->pgp_driver->import($content, $isfile);
+        $result = $this->pgp_driver->import($content, $isfile, $this->get_passwords());
 
         if ($result instanceof enigma_error) {
             rcube::raise_error(array(
@@ -1174,7 +1174,7 @@ function password_handler()
         $passwd = rcube_utils::get_input_value('_passwd', rcube_utils::INPUT_POST, true);
 
         if ($keyid && $passwd !== null && strlen($passwd)) {
-            $this->save_password($keyid, $passwd);
+            $this->save_password(strtoupper($keyid), $passwd);
         }
     }
 
diff --git a/plugins/enigma/lib/enigma_ui.php b/plugins/enigma/lib/enigma_ui.php
index b7fc011611d..650ea2166f7 100644
--- a/plugins/enigma/lib/enigma_ui.php
+++ b/plugins/enigma/lib/enigma_ui.php
@@ -498,8 +498,9 @@ private function key_import()
     {
         // Import process
         if ($data = rcube_utils::get_input_value('_keys', rcube_utils::INPUT_POST)) {
-            // Import from generation form (ajax request)
             $this->enigma->load_engine();
+            $this->enigma->engine->password_handler();
+
             $result = $this->enigma->engine->import_key($data);
 
             if (is_array($result)) {

From 571a10751f500553d4b65fda1b8e8fd9bd32283f Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Thu, 20 Oct 2016 11:29:50 +0200
Subject: [PATCH 03/24] Display error when trying to upload more files than
 specified in max_file_uploads (#5483)

---
 CHANGELOG                               |  1 +
 program/include/rcmail.php              | 14 +++++++++++---
 program/js/app.js                       |  4 ++++
 program/localization/en_US/messages.inc |  1 +
 4 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index fc683ef037c..5dabc9e09c9 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Display error when trying to upload more files than specified in max_file_uploads (#5483)
 - Add missing sql upgrade file for 'ip' column resize in session table (#5465)
 - Do not show inline images of unsupported mimetype (#5463)
 - Password: Added LDAP PPolicy driver (#5364)
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index 4402da0f6c2..a6d07695f51 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -2061,6 +2061,8 @@ public function upload_progress()
      * Initializes file uploading interface.
      *
      * @param int $max_size Optional maximum file size in bytes
+     *
+     * @return string Human-readable file size limit
      */
     public function upload_init($max_size = null)
     {
@@ -2088,12 +2090,18 @@ public function upload_init($max_size = null)
             $max_filesize = $max_size;
         }
 
+        $max_filesize_txt = $this->show_bytes($max_filesize);
         $this->output->set_env('max_filesize', $max_filesize);
-        $max_filesize = $this->show_bytes($max_filesize);
         $this->output->set_env('filesizeerror', $this->gettext(array(
-            'name' => 'filesizeerror', 'vars' => array('size' => $max_filesize))));
+            'name' => 'filesizeerror', 'vars' => array('size' => $max_filesize_txt))));
+
+        if ($max_filecount = ini_get('max_file_uploads')) {
+            $this->output->set_env('max_filecount', $max_filecount);
+            $this->output->set_env('filecounterror', $this->gettext(array(
+                'name' => 'filecounterror', 'vars' => array('count' => $max_filecount))));
+        }
 
-        return $max_filesize;
+        return $max_filesize_txt;
     }
 
     /**
diff --git a/program/js/app.js b/program/js/app.js
index 6e000d83ed3..8449735694f 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -4876,6 +4876,10 @@ function rcube_webmail()
         this.display_message(this.env.filesizeerror, 'error');
         return false;
       }
+      if (this.env.max_filecount && this.env.filecounterror && numfiles > this.env.max_filecount) {
+        this.display_message(this.env.filecounterror, 'error');
+        return false;
+      }
 
       var frame_name = this.async_upload_form(form, action || 'upload', function(e) {
         var d, content = '';
diff --git a/program/localization/en_US/messages.inc b/program/localization/en_US/messages.inc
index ccf931776d2..945bb22c205 100644
--- a/program/localization/en_US/messages.inc
+++ b/program/localization/en_US/messages.inc
@@ -119,6 +119,7 @@ $messages['messageopenerror'] = 'Could not load message from server.';
 $messages['filelinkerror'] = 'Attaching the file failed.';
 $messages['fileuploaderror'] = 'File upload failed.';
 $messages['filesizeerror'] = 'The uploaded file exceeds the maximum size of $size.';
+$messages['filecounterror'] = 'You can upload maximum $count files at once.';
 $messages['msgsizeerror'] = 'Failed to attach a file. Maximum size of a message ($size) exceeded.';
 $messages['copysuccess'] = 'Successfully copied $nr contacts.';
 $messages['movesuccess'] = 'Successfully moved $nr contacts.';

From edea8732a6534c31c54aa48f7982434f7049e599 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Thu, 20 Oct 2016 15:48:42 +0200
Subject: [PATCH 04/24] Fix regression where UI object could be not created on
 some pages (#5484)

---
 program/include/rcmail_output_html.php | 4 ++++
 skins/larry/includes/footer.html       | 3 +++
 skins/larry/includes/header.html       | 8 --------
 skins/larry/includes/links.html        | 4 +++-
 skins/larry/ui.js                      | 8 +++++---
 5 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/program/include/rcmail_output_html.php b/program/include/rcmail_output_html.php
index 7bca9561e4a..1c281a69001 100644
--- a/program/include/rcmail_output_html.php
+++ b/program/include/rcmail_output_html.php
@@ -1096,6 +1096,10 @@ protected function xml_command($matches)
                 }
                 break;
 
+            case 'add_label':
+                $this->add_label($attrib['name']);
+                break;
+
             // include a file
             case 'include':
                 $old_base_path = $this->base_path;
diff --git a/skins/larry/includes/footer.html b/skins/larry/includes/footer.html
index cade440bd6b..f64420d27c5 100644
--- a/skins/larry/includes/footer.html
+++ b/skins/larry/includes/footer.html
@@ -1,2 +1,5 @@
 <roundcube:object name="message" id="messagestack" condition="env:task != 'login'" />
 
+<script type="text/javascript">
+if (!window.UI) { var UI = new rcube_mail_ui(); }
+</script>
diff --git a/skins/larry/includes/header.html b/skins/larry/includes/header.html
index 5efe5b60043..1289d5681b5 100644
--- a/skins/larry/includes/header.html
+++ b/skins/larry/includes/header.html
@@ -1,13 +1,5 @@
 <script type="text/javascript">
-
-// UI startup
 var UI = new rcube_mail_ui();
-$(document).ready(function(){
-  UI.set('errortitle', '<roundcube:label name="errortitle" quoting="javascript" />');
-  UI.set('toggleoptions', '<roundcube:label name="toggleadvancedoptions" quoting="javascript" />');
-  UI.init();
-});
-
 </script>
 
 <div id="header">
diff --git a/skins/larry/includes/links.html b/skins/larry/includes/links.html
index 99bd03f7105..a894ad6f931 100644
--- a/skins/larry/includes/links.html
+++ b/skins/larry/includes/links.html
@@ -4,4 +4,6 @@
 <roundcube:if condition="in_array(env:task, array('mail','addressbook','settings'))" />
 <link rel="stylesheet" type="text/css" href="/<roundcube:var name="env:task" />.css" />
 <roundcube:endif />
-<script type="text/javascript" src="/ui.js"></script>
\ No newline at end of file
+<script type="text/javascript" src="/ui.js"></script>
+<roundcube:add_label name="errortitle" />
+<roundcube:add_label name="toggleadvancedoptions" />
diff --git a/skins/larry/ui.js b/skins/larry/ui.js
index 59a09d6feb3..4b2cd80573a 100644
--- a/skins/larry/ui.js
+++ b/skins/larry/ui.js
@@ -60,6 +60,8 @@ function rcube_mail_ui()
     if (bw.tablet) {
       $('#viewport').attr('content', "width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0");
     }
+
+    $(document).ready(function() { me.init(); });
   }
 
 
@@ -288,8 +290,8 @@ function rcube_mail_ui()
       else if (rcmail.env.action == 'edit-prefs') {
         var legend = $('#preferences-details fieldset.advanced legend'),
           toggle = $('<a href="#toggle"></a>')
-            .text(env.toggleoptions)
-            .attr('title', env.toggleoptions)
+            .text(rcmail.gettext('toggleadvancedoptions'))
+            .attr('title', rcmail.gettext('toggleadvancedoptions'))
             .addClass('advanced-toggle');
 
         legend.click(function(e) {
@@ -449,7 +451,7 @@ function rcube_mail_ui()
           resizable: false,
           closeOnEscape: true,
           dialogClass: 'popupmessage ' + p.type,
-          title: env.errortitle,
+          title: rcmail.gettext('errortitle'),
           close: dialog_close,
           hide: {effect: 'fadeOut'},
           width: 420,

From ecefdca21dba3bce4dc597a48bf93b67931f6c94 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 23 Oct 2016 15:51:28 +0200
Subject: [PATCH 05/24] GnuPG 2.1: Support password input on private key export

---
 plugins/enigma/enigma.js                    | 30 ++++++++++---
 plugins/enigma/enigma.php                   |  2 +
 plugins/enigma/lib/enigma_driver.php        |  3 +-
 plugins/enigma/lib/enigma_driver_gnupg.php  |  8 +++-
 plugins/enigma/lib/enigma_driver_phpssl.php |  2 +-
 plugins/enigma/lib/enigma_engine.php        |  2 +-
 plugins/enigma/lib/enigma_ui.php            | 48 ++++++++++++++++-----
 7 files changed, 74 insertions(+), 21 deletions(-)

diff --git a/plugins/enigma/enigma.js b/plugins/enigma/enigma.js
index 3dc3e9a8957..f5ae0e4ac00 100644
--- a/plugins/enigma/enigma.js
+++ b/plugins/enigma/enigma.js
@@ -167,12 +167,12 @@ rcube_webmail.prototype.enigma_export = function(selected)
     var priv = false,
         list = this.keys_list,
         keys = selected ? list.get_selection().join(',') : '*',
-        args = {_a: 'export', _keys: keys};
+        args = {_keys: keys};
 
     if (!keys.length)
         return;
 
-    // find out wether selected keys are private
+    // find out whether selected keys are private
     if (keys == '*')
         priv = true;
     else
@@ -192,7 +192,7 @@ rcube_webmail.prototype.enigma_export = function(selected)
             [{
                 text: this.get_label('enigma.onlypubkeys'),
                 click: function(e) {
-                    rcmail.goto_url('plugin.enigmakeys', args, false, true);
+                    rcmail.enigma_export_submit(args);
                     $(this).remove();
                 }
             },
@@ -200,14 +200,32 @@ rcube_webmail.prototype.enigma_export = function(selected)
                 text: this.get_label('enigma.withprivkeys'),
                 click: function(e) {
                     args._priv = 1;
-                    rcmail.goto_url('plugin.enigmakeys', args, false, true);
+                    rcmail.enigma_export_submit(args);
                     $(this).remove();
                 }
             }],
             {width: 400}
         );
 
-    this.goto_url('plugin.enigmakeys', args, false, true);
+    this.enigma_export_submit(args);
+};
+
+// Sumbitting request for key(s) export
+// Done this way to handle password input
+rcube_webmail.prototype.enigma_export_submit = function(data)
+{
+    var id = 'keyexport-' + new Date().getTime(),
+        form = $('<form>').attr({target: id, method: 'post', style: 'display:none',
+            action: '?_action=plugin.enigmakeys&_task=settings&_a=export'}),
+        iframe = $('<iframe>').attr({name: id, style: 'display:none'})
+
+    form.append($('<input>').attr({name: '_token', value: this.env.request_token}));
+    $.each(data, function(i, v) {
+        form.append($('<input>').attr({name: i, value: v}));
+    });
+
+    iframe.appendTo(document.body);
+    form.appendTo(document.body).submit();
 };
 
 // Submit key(s) import form
@@ -521,7 +539,7 @@ rcube_webmail.prototype.enigma_password_submit = function(data)
         return this.enigma_password_compose_submit(data);
     }
 
-    var lock = this.set_busy(true, 'loading'),
+    var lock = data.nolock ? null : this.set_busy(true, 'loading'),
       form = $('<form>').attr({method: 'post', action: data.action || location.href, style: 'display:none'})
         .append($('<input>').attr({type: 'hidden', name: '_keyid', value: data.key}))
         .append($('<input>').attr({type: 'hidden', name: '_passwd', value: data.password}))
diff --git a/plugins/enigma/enigma.php b/plugins/enigma/enigma.php
index 3224baab463..55c3e3f3fd2 100644
--- a/plugins/enigma/enigma.php
+++ b/plugins/enigma/enigma.php
@@ -85,6 +85,8 @@ function init()
             if (empty($_REQUEST['_framed']) || strpos($this->rc->action, 'plugin.enigma') === 0) {
                 $this->ui->add_css();
             }
+
+            $this->password_handler();
         }
         else if ($this->rc->task == 'cli') {
             $this->add_hook('user_delete_commit', array($this, 'user_delete'));
diff --git a/plugins/enigma/lib/enigma_driver.php b/plugins/enigma/lib/enigma_driver.php
index eaa4364b476..fa03c227452 100644
--- a/plugins/enigma/lib/enigma_driver.php
+++ b/plugins/enigma/lib/enigma_driver.php
@@ -90,10 +90,11 @@ abstract function import($content, $isfile = false, $passwords = array());
      *
      * @param string Key ID
      * @param bool   Include private key
+     * @param array  Optional key => password map
      *
      * @return mixed Key content or enigma_error
      */
-    abstract function export($key, $with_private = false);
+    abstract function export($key, $with_private = false, $passwords = array());
 
     /**
      * Keys listing.
diff --git a/plugins/enigma/lib/enigma_driver_gnupg.php b/plugins/enigma/lib/enigma_driver_gnupg.php
index b6f87946eab..900c30c3da0 100644
--- a/plugins/enigma/lib/enigma_driver_gnupg.php
+++ b/plugins/enigma/lib/enigma_driver_gnupg.php
@@ -230,15 +230,21 @@ public function import($content, $isfile = false, $passwords = array())
      *
      * @param string Key ID
      * @param bool   Include private key
+     * @param array  Optional key => password map
      *
      * @return mixed Key content or enigma_error
      */
-    public function export($keyid, $with_private = false)
+    public function export($keyid, $with_private = false, $passwords = array())
     {
         try {
             $key = $this->gpg->exportPublicKey($keyid, true);
 
             if ($with_private) {
+                // GnuPG 2.1 requires secret key passphrases on export
+                foreach ($passwords as $keyid => $pass) {
+                    $this->gpg->addPassphrase($keyid, $pass);
+                }
+
                 $priv = $this->gpg->exportPrivateKey($keyid, true);
                 $key .= $priv;
             }
diff --git a/plugins/enigma/lib/enigma_driver_phpssl.php b/plugins/enigma/lib/enigma_driver_phpssl.php
index 8cffc62f08d..a2b16fa93be 100644
--- a/plugins/enigma/lib/enigma_driver_phpssl.php
+++ b/plugins/enigma/lib/enigma_driver_phpssl.php
@@ -126,7 +126,7 @@ public function import($content, $isfile = false, $passwords = array())
     {
     }
 
-    public function export($key, $with_private = false)
+    public function export($key, $with_private = false, $passwords = array())
     {
     }
 
diff --git a/plugins/enigma/lib/enigma_engine.php b/plugins/enigma/lib/enigma_engine.php
index f75be365786..55b25262943 100644
--- a/plugins/enigma/lib/enigma_engine.php
+++ b/plugins/enigma/lib/enigma_engine.php
@@ -1145,7 +1145,7 @@ function import_key($content, $isfile = false)
     function export_key($key, $fp = null, $include_private = false)
     {
         $this->load_pgp_driver();
-        $result = $this->pgp_driver->export($key, $include_private);
+        $result = $this->pgp_driver->export($key, $include_private, $this->get_passwords());
 
         if ($result instanceof enigma_error) {
             rcube::raise_error(array(
diff --git a/plugins/enigma/lib/enigma_ui.php b/plugins/enigma/lib/enigma_ui.php
index 650ea2166f7..335917283e0 100644
--- a/plugins/enigma/lib/enigma_ui.php
+++ b/plugins/enigma/lib/enigma_ui.php
@@ -161,7 +161,10 @@ function password_prompt($status, $params = array())
             $data = array_merge($params, $data);
         }
 
-        if ($this->rc->action == 'send' || $this->rc->action == 'plugin.enigmaimport') {
+        // @TODO: Get user name/address when keyid == user,
+        //        it may happen on GnuPG 2.1
+
+        if (preg_match('/^(send|plugin.enigmaimport|plugin.enigmakeys)$/', $this->rc->action)) {
             $this->rc->output->command('enigma_password_request', $data);
         }
         else {
@@ -464,28 +467,51 @@ function tpl_key_data($attrib)
      */
     private function key_export()
     {
-        $this->rc->request_security_check(rcube_utils::INPUT_GET);
-
-        $keys   = rcube_utils::get_input_value('_keys', rcube_utils::INPUT_GPC);
-        $priv   = rcube_utils::get_input_value('_priv', rcube_utils::INPUT_GPC);
+        $keys   = rcube_utils::get_input_value('_keys', rcube_utils::INPUT_POST);
+        $priv   = rcube_utils::get_input_value('_priv', rcube_utils::INPUT_POST);
         $engine = $this->enigma->load_engine();
         $list   = $keys == '*' ? $engine->list_keys() : explode(',', $keys);
 
-        if (is_array($list)) {
+        if (is_array($list) && ($fp = fopen('php://memory', 'rw'))) {
             $filename = 'export.pgp';
             if (count($list) == 1) {
                 $filename = (is_object($list[0]) ? $list[0]->id : $list[0]) . '.pgp';
             }
 
+            $status = null;
+            foreach ($list as $key) {
+                $status = $engine->export_key(is_object($key) ? $key->id : $key, $fp, (bool) $priv);
+
+                if ($status instanceof enigma_error) {
+                    $code = $status->getCode();
+
+                    // No/bad passphrase, display error and ask for pass
+                    if ($code == enigma_error::BADPASS) {
+                        $this->password_prompt($status, array(
+                                'input_keys'   => $keys,
+                                'input_priv'   => 1,
+                                'input_task'   => 'settings',
+                                'input_action' => 'plugin.enigmakeys',
+                                'input_a'      => 'export',
+                                'action'       => '?',
+                                'iframe'       => true,
+                                'nolock'       => true,
+                        ));
+                        fclose($fp);
+                        $this->rc->output->send('iframe');
+                    }
+                }
+            }
+
             // send downlaod headers
             header('Content-Type: application/pgp-keys');
             header('Content-Disposition: attachment; filename="' . $filename . '"');
 
-            if ($fp = fopen('php://output', 'w')) {
-                foreach ($list as $key) {
-                    $engine->export_key(is_object($key) ? $key->id : $key, $fp, (bool) $priv);
-                }
+            rewind($fp);
+            while (!feof($fp)) {
+                echo fread($fp, 1024 * 1024);
             }
+            fclose($fp);
         }
 
         exit;
@@ -1075,7 +1101,7 @@ function message_ready($p)
                     ));
                 }
                 else {
-                    $this->rc->output->show_message($msg, $type ?: 'error', $vars);
+                    $this->rc->output->show_message($msg, 'error', $vars);
                 }
             }
 

From b6c061656f36a31c96c0d16600dd69d613e1fd1b Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 23 Oct 2016 17:10:52 +0200
Subject: [PATCH 06/24] GnuPG 2.1: Support password prompt on private key
 import

---
 plugins/enigma/enigma.js         | 41 ++++++++++++++++++++------------
 plugins/enigma/lib/enigma_ui.php | 10 +++++---
 2 files changed, 33 insertions(+), 18 deletions(-)

diff --git a/plugins/enigma/enigma.js b/plugins/enigma/enigma.js
index f5ae0e4ac00..087b9bfd968 100644
--- a/plugins/enigma/enigma.js
+++ b/plugins/enigma/enigma.js
@@ -231,7 +231,9 @@ rcube_webmail.prototype.enigma_export_submit = function(data)
 // Submit key(s) import form
 rcube_webmail.prototype.enigma_import = function()
 {
-    var form, file;
+    var form, file, lock,
+        id = 'keyexport-' + new Date().getTime(),
+        iframe = $('<iframe>').attr({name: id, style: 'display:none'});
 
     if (form = this.gui_objects.importform) {
         file = document.getElementById('rcmimportfile');
@@ -240,13 +242,11 @@ rcube_webmail.prototype.enigma_import = function()
             return;
         }
 
-        var lock = this.set_busy(true, 'importwait');
-
-        form.action = this.add_url(form.action, '_unlock', lock);
-        form.submit();
-
-        this.lock_form(form, true);
-   }
+        lock = this.set_busy(true, 'importwait');
+        iframe.appendTo(document.body);
+        $(form).attr({target: id, action: this.add_url(form.action, '_unlock', lock)})
+            .submit();
+    }
 };
 
 // Ssearch for key(s) for import
@@ -535,12 +535,23 @@ rcube_webmail.prototype.enigma_password_request = function(data)
 // submit entered password
 rcube_webmail.prototype.enigma_password_submit = function(data)
 {
+    var lock, form;
+
     if (this.env.action == 'compose' && !data['compose-init']) {
         return this.enigma_password_compose_submit(data);
     }
+    else if (this.env.action == 'plugin.enigmakeys' && (form = this.gui_objects.importform)) {
+        if (!$('input[name="_keyid"]', form).length) {
+            $(form).append($('<input>').attr({type: 'hidden', name: '_keyid', value: data.key}))
+                .append($('<input>').attr({type: 'hidden', name: '_passwd', value: data.password}))
+        }
+
+        return this.enigma_import();
+    }
 
-    var lock = data.nolock ? null : this.set_busy(true, 'loading'),
-      form = $('<form>').attr({method: 'post', action: data.action || location.href, style: 'display:none'})
+    lock = data.nolock ? null : this.set_busy(true, 'loading');
+    form = $('<form>')
+        .attr({method: 'post', action: data.action || location.href, style: 'display:none'})
         .append($('<input>').attr({type: 'hidden', name: '_keyid', value: data.key}))
         .append($('<input>').attr({type: 'hidden', name: '_passwd', value: data.password}))
         .append($('<input>').attr({type: 'hidden', name: '_token', value: this.env.request_token}))
@@ -548,14 +559,14 @@ rcube_webmail.prototype.enigma_password_submit = function(data)
 
     // Additional form fields for request parameters
     $.each(data, function(i, v) {
-      if (i.indexOf('input') == 0)
-        form.append($('<input>').attr({type: 'hidden', name: i.substring(5), value: v}))
+        if (i.indexOf('input') == 0)
+            form.append($('<input>').attr({type: 'hidden', name: i.substring(5), value: v}))
     });
 
     if (data.iframe) {
-      var name = 'enigma_frame_' + (new Date()).getTime(),
-        frame = $('<iframe>').attr({style: 'display:none', name: name}).appendTo(document.body);
-      form.attr('target', name);
+        var name = 'enigma_frame_' + (new Date()).getTime(),
+            frame = $('<iframe>').attr({style: 'display:none', name: name}).appendTo(document.body);
+        form.attr('target', name);
     }
 
     form.appendTo(document.body).submit();
diff --git a/plugins/enigma/lib/enigma_ui.php b/plugins/enigma/lib/enigma_ui.php
index 335917283e0..410f669229f 100644
--- a/plugins/enigma/lib/enigma_ui.php
+++ b/plugins/enigma/lib/enigma_ui.php
@@ -485,7 +485,6 @@ private function key_export()
                 if ($status instanceof enigma_error) {
                     $code = $status->getCode();
 
-                    // No/bad passphrase, display error and ask for pass
                     if ($code == enigma_error::BADPASS) {
                         $this->password_prompt($status, array(
                                 'input_keys'   => $keys,
@@ -564,12 +563,15 @@ private function key_import()
 
                 $this->rc->output->show_message('enigma.keysimportsuccess', 'confirmation',
                     array('new' => $result['imported'], 'old' => $result['unchanged']));
-
-                $this->rc->output->send('iframe');
+            }
+            else if ($result instanceof enigma_error && $result->getCode() == enigma_error::BADPASS) {
+                $this->password_prompt($result);
             }
             else {
                 $this->rc->output->show_message('enigma.keysimportfailed', 'error');
             }
+
+            $this->rc->output->send('iframe');
         }
         else if ($err = $_FILES['_file']['error']) {
             if ($err == UPLOAD_ERR_INI_SIZE || $err == UPLOAD_ERR_FORM_SIZE) {
@@ -578,6 +580,8 @@ private function key_import()
             } else {
                 $this->rc->output->show_message('fileuploaderror', 'error');
             }
+
+            $this->rc->output->send('iframe');
         }
 
         $this->rc->output->add_handlers(array(

From 172707181665945e99539877b37df3a7cd4fe956 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Mon, 24 Oct 2016 10:29:04 +0200
Subject: [PATCH 07/24] Better handling of rcube_text_editor.replace()'s input
 argument, some simplification

---
 program/js/app.js    |  8 ++------
 program/js/editor.js | 10 ++++++++--
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/program/js/app.js b/program/js/app.js
index 8449735694f..63c6894a5fd 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -4446,14 +4446,10 @@ function rcube_webmail()
     return result;
   };
 
+  // Inserts a predefined response to the compose editor
   this.insert_response = function(key)
   {
-    var insert = this.env.textresponses[key] ? this.env.textresponses[key].text : null;
-
-    if (!insert)
-      return false;
-
-    this.editor.replace(insert);
+    return this.editor.replace(this.env.textresponses[key]);
   };
 
   /**
diff --git a/program/js/editor.js b/program/js/editor.js
index 6eb473b6211..4bc6ae406a5 100644
--- a/program/js/editor.js
+++ b/program/js/editor.js
@@ -412,15 +412,21 @@ function rcube_text_editor(config, id)
   {
     var format, ed = this.editor;
 
+    if (!input)
+      return false;
+
     // insert into tinymce editor
     if (ed) {
       ed.getWin().focus(); // correct focus in IE & Chrome
 
-      if ($.type(input) == 'object') {
+      if ($.type(input) == 'object' && ('html' in input)) {
         input = input.html;
         format = 'html';
       }
       else {
+        if ($.type(input) == 'object')
+          input = input.text || '';
+
         input = rcmail.quote_html(input).replace(/\r?\n/g, '<br/>');
         format = 'text';
       }
@@ -435,7 +441,7 @@ function rcube_text_editor(config, id)
         end = value.substring(selection.end, value.length);
 
       if ($.type(input) == 'object')
-        input = input.text;
+        input = input.text || '';
 
       // insert response text
       ed.value = pre + input + end;

From 1618387de74f737ce47b63d6a4e1150a3d51d722 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sat, 29 Oct 2016 10:32:06 +0200
Subject: [PATCH 08/24] Enigma: Support GnuPG 2.1 (#5313)

---
 CHANGELOG          | 1 +
 composer.json-dist | 5 ++---
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 5dabc9e09c9..2c5113a2a11 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -34,6 +34,7 @@ CHANGELOG Roundcube Webmail
 - Remove PHP mail() support, smtp_server is required now (#5340)
 - Display full message subject in onmouseover on truncated subject in mail view (#5346)
 - Searching in both contacts and groups when LDAP addressbook with group_filters option is used
+- Enigma: Support GnuPG 2.1 (#5313)
 - Enigma: Support key generation for multiple identities (#5383)
 - Enigma: Import keys from key-server(s) (#5286)
 - Enigma: Search missing public keys on a key-server in mail compose (#5286)
diff --git a/composer.json-dist b/composer.json-dist
index c25a1f72620..07cec526d87 100644
--- a/composer.json-dist
+++ b/composer.json-dist
@@ -29,7 +29,7 @@
         "pear-pear.php.net/net_idna2": "~0.1.1",
         "pear-pear.php.net/mail_mime": "~1.10.0",
         "pear-pear.php.net/net_smtp": "~1.7.1",
-        "pear-pear.php.net/crypt_gpg": "~1.4.2",
+        "pear-pear.php.net/crypt_gpg": "~1.6.0@beta",
         "roundcube/net_sieve": "~1.5.0"
     },
     "require-dev": {
@@ -38,6 +38,5 @@
     "suggest": {
         "pear-pear.php.net/net_ldap2": "~2.2.0 required for connecting to LDAP address books",
         "kolab/Net_LDAP3": "dev-master required for connecting to LDAP address books"
-    },
-    "minimum-stability": "dev"
+    }
 }

From e3b61cd487fffb802179702a4a9ac553273b0c1e Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sat, 29 Oct 2016 10:59:39 +0200
Subject: [PATCH 09/24] Plugin API: Added get_compose_responses hook (#5457)

---
 CHANGELOG                  |  1 +
 program/include/rcmail.php | 12 ++++++++++--
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 2c5113a2a11..5e8939ad0fe 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Plugin API: Added get_compose_responses hook (#5457)
 - Display error when trying to upload more files than specified in max_file_uploads (#5483)
 - Add missing sql upgrade file for 'ip' column resize in session table (#5465)
 - Do not show inline images of unsupported mimetype (#5463)
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index a6d07695f51..415717cc1b6 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -380,7 +380,7 @@ public function get_compose_responses($sorted = false, $user_only = false)
         if (!$user_only) {
             foreach ($this->config->get('compose_responses_static', array()) as $response) {
                 if (empty($response['key'])) {
-                    $response['key']    = substr(md5($response['name']), 0, 16);
+                    $response['key'] = substr(md5($response['name']), 0, 16);
                 }
 
                 $response['static'] = true;
@@ -405,7 +405,15 @@ public function get_compose_responses($sorted = false, $user_only = false)
             ksort($responses, SORT_LOCALE_STRING);
         }
 
-        return array_values($responses);
+        $responses = array_values($responses);
+
+        $hook = $this->plugins->exec_hook('get_compose_responses', array(
+            'list'      => $responses,
+            'sorted'    => $sorted,
+            'user_only' => $user_only,
+        ));
+
+        return $hook['list'];
     }
 
     /**

From ecfe177173adadfe6fa6c00ae20d333d08cdc756 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sat, 29 Oct 2016 11:17:00 +0200
Subject: [PATCH 10/24] CS fixes, use $this instead of local variable

---
 program/include/rcmail.php | 32 +++++++++++++++-----------------
 1 file changed, 15 insertions(+), 17 deletions(-)

diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index 415717cc1b6..0a3051f69a1 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -1330,12 +1330,6 @@ public function folder_list($attrib)
 
         $attrib += array('maxlength' => 100, 'realnames' => false, 'unreadwrap' => ' (%s)');
 
-        $rcmail  = rcmail::get_instance();
-        $storage = $rcmail->get_storage();
-
-        // add some labels to client
-        $rcmail->output->add_label('purgefolderconfirm', 'deletemessagesconfirm');
-
         $type = $attrib['type'] ? $attrib['type'] : 'ul';
         unset($attrib['type']);
 
@@ -1348,6 +1342,7 @@ public function folder_list($attrib)
         }
 
         // get current folder
+        $storage   = $this->get_storage();
         $mbox_name = $storage->get_folder();
 
         // build the folders tree
@@ -1359,12 +1354,12 @@ public function folder_list($attrib)
             $a_mailboxes = array();
 
             foreach ($a_folders as $folder) {
-                $rcmail->build_folder_tree($a_mailboxes, $folder, $delimiter);
+                $this->build_folder_tree($a_mailboxes, $folder, $delimiter);
             }
         }
 
         // allow plugins to alter the folder tree or to localize folder names
-        $hook = $rcmail->plugins->exec_hook('render_mailboxlist', array(
+        $hook = $this->plugins->exec_hook('render_mailboxlist', array(
             'list'      => $a_mailboxes,
             'delimiter' => $delimiter,
             'type'      => $type,
@@ -1380,32 +1375,35 @@ public function folder_list($attrib)
 
             // add no-selection option
             if ($attrib['noselection']) {
-                $select->add(html::quote($rcmail->gettext($attrib['noselection'])), '');
+                $select->add(html::quote($this->gettext($attrib['noselection'])), '');
             }
 
-            $rcmail->render_folder_tree_select($a_mailboxes, $mbox_name, $attrib['maxlength'], $select, $attrib['realnames']);
+            $this->render_folder_tree_select($a_mailboxes, $mbox_name, $attrib['maxlength'], $select, $attrib['realnames']);
             $out = $select->show($attrib['default']);
         }
         else {
             $js_mailboxlist = array();
-            $tree = $rcmail->render_folder_tree_html($a_mailboxes, $mbox_name, $js_mailboxlist, $attrib);
+            $tree = $this->render_folder_tree_html($a_mailboxes, $mbox_name, $js_mailboxlist, $attrib);
 
             if ($type != 'js') {
                 $out = html::tag('ul', $attrib, $tree, html::$common_attrib);
 
-                $rcmail->output->include_script('treelist.js');
-                $rcmail->output->add_gui_object('mailboxlist', $attrib['id']);
-                $rcmail->output->set_env('unreadwrap', $attrib['unreadwrap']);
-                $rcmail->output->set_env('collapsed_folders', (string)$rcmail->config->get('collapsed_folders'));
+                $this->output->include_script('treelist.js');
+                $this->output->add_gui_object('mailboxlist', $attrib['id']);
+                $this->output->set_env('unreadwrap', $attrib['unreadwrap']);
+                $this->output->set_env('collapsed_folders', (string) $this->config->get('collapsed_folders'));
             }
 
-            $rcmail->output->set_env('mailboxes', $js_mailboxlist);
+            $this->output->set_env('mailboxes', $js_mailboxlist);
 
             // we can't use object keys in javascript because they are unordered
             // we need sorted folders list for folder-selector widget
-            $rcmail->output->set_env('mailboxes_list', array_keys($js_mailboxlist));
+            $this->output->set_env('mailboxes_list', array_keys($js_mailboxlist));
         }
 
+        // add some labels to client
+        $this->output->add_label('purgefolderconfirm', 'deletemessagesconfirm');
+
         return $out;
     }
 

From c42d447a553fa9f189fab556d22bde2e1fd8c971 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 30 Oct 2016 14:04:38 +0100
Subject: [PATCH 11/24] Removed unused moxieplayer.swf

---
 program/js/editor.js                            |   2 +-
 .../js/tinymce/plugins/media/moxieplayer.swf    | Bin 20017 -> 0 bytes
 program/js/tinymce/plugins/media/plugin.min.js  |   2 +-
 3 files changed, 2 insertions(+), 2 deletions(-)
 delete mode 100644 program/js/tinymce/plugins/media/moxieplayer.swf

diff --git a/program/js/editor.js b/program/js/editor.js
index 4bc6ae406a5..efdabd8eb00 100644
--- a/program/js/editor.js
+++ b/program/js/editor.js
@@ -39,7 +39,7 @@ function rcube_text_editor(config, id)
     abs_url = location.href.replace(/[?#].*$/, '').replace(/\/$/, ''),
     conf = {
       selector: '#' + ($('#' + id).is('.mce_editor') ? id : 'fake-editor-id'),
-      cache_suffix: 's=4031300',
+      cache_suffix: 's=4031301',
       theme: 'modern',
       language: config.lang,
       content_css: rcmail.assets_path('program/js/tinymce/roundcube/content.css'),
diff --git a/program/js/tinymce/plugins/media/moxieplayer.swf b/program/js/tinymce/plugins/media/moxieplayer.swf
deleted file mode 100644
index 19c771bea50c6665fe0ee5f46515e9686427dbc7..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 20017
zcmV)0K+eBIS5pf5iU0t3+T6ScSX9T?Fn(w5-MzcZ0t+H4HdGWPt6(p&p@KrxHG)y2
zAj`7rt}ZOHU`veHdu*}A-h1z{CB_!(0(Oli8cVE+z4Je3?l#oq{k`A+d%ov;KOWB9
zDQC{ioH=vK+zb6V;Tp&JE#tV7gliR0isQJ!#f}k<Yn+v4YSgh+Y-s;<YlgiMl$wN_
zv$HcBMMn1P*RMvu+BIxhJtJ#2Y}ha|s#avJTGaugx_v-Kw!VM$411;Uri?%<qur2Y
z$;`IcGD5MePqpP_Hwh1SQcW|siDu?xSsBSRL!{AaOgCm^+aqh%s0oD942?{-taN>L
zQ+;Np)nd>ixyb(2?Pi;ycRzh!V|9~NZ#OrN^dMrNY)iJ)*fcuLmTC-*wHo_})(MUF
z^k>)-3L>X@Cfd|%nR@J9!(dB~%*?W-<rrX2CLqN+dv`$+nK`Lei`{I@YMPVLJHysb
z8p2bHIEE~vKHF9l!&QgvR((d#9DPq?)0p<G&0S`5)Mp!;#^+>&)~uxstrb<Xwloc_
zZ5;U?x1BYxflawqn%jJ1t|f)N{Zhq4DhCkA@unR6xk()jn!%1ASEbwfTa1}j{QzSY
z*G$>Zm*WU0tHnJb{V(31+iiUDn2^IU*QV~jJhS1j`jgDTv-Bw`rkT+#7X3X$oG_+T
zm%sEE)&!Jj`A3AmA^WdbDsPcHI`;IWnk$B6cKVG326kAK_xqyIiVAaP%;*xKRrh!3
z)}zm=?aSKdbbflH%*`k72LICR%-cadIzK%(qo7IMq+jnXo1KwrahzV6kg!lJ*FUs)
z$ftd+5p_(*XC~g>`}%=laqEforbq9M+8DPrAhBNk`kSXu4>pwg!>8En#M05mgoK2M
z)92402?+@qZ=4j_*4i;$nD+B1f8B^XckXmtc=6)J#M|?}dJs3_!S2T=Pv8Fb(+5#*
zV#{K-|Jt`(uk5>Pw}%`H?J@KGl8cIn*UumNKMn2Fx%2YaS#1w>k-yx3pvsxp4qdx;
zRXz=UdiPwU?+=7a88P?Me%~hT$c*mXeolpvbDIrr8vfw?M#H^>C3<N4muo$-oH1NC
z@AR}{JxA*gPb^>m(A#&fAKp7KrkM50?g6r6*Du-j6;JPVbWH678y@a`T_gO#Y}?*|
zy$Q?PkNLX)x;1<D>@h!{H09-AU7lUGpDLbSZeY{wcU!h@m2$~VA0MwBGketOiOt^K
zzES(DXZIGJXnE?^k;#=dK6-Iy_4-zqz8`;g`Q5wg_w`+SYSo0&^$#62JiM~!-m%Di
z(u81zr^ej9cdyQ&SC$(`r;V9Y{`Ir_#V&Q2+UL`RU7NznHpu*ON0R#KjobIPUv2;7
z`PfGd`v0|H-JAw3$M@Oy^7O4g=k~ku%dw}!%9l<qJ<6}_6l422*B)PM_xi;0rrUa*
zS+zU))XR<0w^nPm&Zus`mNq^jq1?bhWy_Y8?cBHM`kTLg|M`dU119OFhb8RYw71{Y
zLE9HR-*xBVxU3qb&*_?+i(B@%@$ZjIptvpwecsBy*_)_tyZTlyT|c9H(>sMF-rDrX
zrdJ<uYVp>sou1U5({#}H?dCOZ_{$H4T|fVP<F%E`=cV>MIVbMxJ=4;Ep7+fw%d>l%
zPmQ&_+urbL{jf79n;kuR^b5!4J&nbL`EhH?G=1||%bZIaV#Wn;>@oQ5w6#6<B_ALB
z?&U4(rETebF5d1BLeb`v={1rf>}_iKZyWH~1jsU<;L(pJw=Sn|R`{m&?7F>!XV)^0
zT{*aM;-^gqeYWw=o9h#sHMU$DIq21&%d@U-DE`S88(@#lcboWU!SdD_1<Q5S=3k0^
z(puYf)9_b;H?A6BdQA<FZ=ITW@n-4!_wU;p7ruGCWI@w4VcUH#ZSLv6_}Pn{C;L9U
zQr$ZL>qlc6KffNesPp<{+m*qEZ@(E-Vd0|=uXk=q|GDq|i#N)CcK7UB!<)-Nf1iE;
zLN>KQc<F)9AH1#7<go2_%h7WRwpa>Ir?))k`+5G(c7?6`Kgnx-;o8A*f9{BXRDVj=
z!mH0)4es~nz=hV*lS?NR!im}a%{cn5e2t76zuqiA@OFiV7biD4Irh=JvF~~|FD!BY
z-aYNBuMU<x=Od|=HP2^fS#SK>@9K$&h=}vmw_o0$vG=7Z{Bv#fme&uNt(DK^92<71
zRsN3YQ>FxNZ2#nV|4yBzg*RM(Y3YRN3ymxNl4sa=*>9b!TzUH81<}I}{NN}l<h*Tr
zH~nb4_A{nU`#h<A`pH?fN3HF;Id-%ze2Tbs-~2a^CN-^F<I{3KU%YaBR_zOS&aA%h
z=*F=T=I<}1-ddP(ZbipuleezdpIOyuk*!tn3#rd~kG>ywxcJK5yDxvzX=T%?OHOTS
zcHS_t$)VsH-K#!<^D?lqC4WiW#zzY_4u4YU*RaZgdQDqRC`jL3qxV<-O<#n5bz@rR
z^Kf?VO}iZYdPhi9O74rbdFMK<oBhUjasGGf=j?m??9zoFhwyVRE@^t~*|WZRkw=#o
zYk11ixPq<6_|8lFSeHFMXnUOi>^Ro3?Cu)3`fh%B|HtBGB<3Cd>h|WIr*7U}JhAE6
z?&aU6KiTgS8Ps@U`EOn<oSiy;mOgUNlfc(-42RcCzj*IL{q&39J#Rea>txHJ@w1YX
zp6m`hH6rWC;m0}K8sFYAwp0118&~f9<M)@1t~S2C^V5z^v*KPrzFxn3=YMZ!ySg`N
z%V(!P+x_ff@5y(&Z?kq?`1nZIQNE??9cUPN;n0NHr+dC!*STE7yD^5}Czk#6i__<V
z2afy;bV`e(J5mZt>TfkVHNV;X#m}z}ZuW4e<MG5Nb4pBDKJ`>c$f27J&n=($dAk?0
zw*I)ya#`DCcI)fA<3?^=eKM!o_2`(LnZNHJTF!8B$LS+aJCt2@yDTaH^<UA^S-(B+
z_6q89@*X{DCQK=_FMj9oISoHq-*ETyD_>nJ)#97E0q06YOzYi#_*XMZU3v24&w@RD
z*6EtQv|ZkchK*Y?qZFL17Yo;R+n)UH+PKIzb=qx9J@$K<UrQ%6`+4bSGlsvYb75??
z5*MFU6w78*>ap>U=);rGi;XVFHvJ=D?%6)q50$+!xG-s9zp8)dESPe$8-Hle^DWoM
zo_$L9{5<+y#<G56lJ^Yk^xfC<?tQcKK$BCQYjoN0n|gxoMtX;xwLY!aC}PX6F@9Bc
z%zYDA_#nSgkA=^9$LrTW{P4qyB`+K79Bml0ZJ#n@UuyrJiQNx;v!G1ki^dl!J-0Ys
z#vh)d+;r>rImI7dTl988i^nw&#Vs=qKG3k)qA3#}SGx1CQ{c|9mtPfs`U;Hn%SF#8
z)W5Q0@#4kTEAA;V;!2;RF$HP3kj&IuC+A+9`^UaFk9=N(jvo$kf26Z|r=wnphA(~^
z^r`B}-m{^1diUzpcU|(HSGsR}E9KR>u%t(s&$iru`&-koJFg6I3>??5_mSu2{<dry
z@O(ygQ%9da#Fy%a3u@Ha;(y@PXD^=2Kl--smyg;U>oaZo<HptZ?Xv9jqnS;*oIZQD
z@4!>@nj~G=*L&rXmoWog%!_aOaL>AY`xnjLJ}I`V|KE#l_gpaL)YLuUZ_4euCr%zV
z(6`g?eIGr4^0vj{Z_oQjXEr-n`ND%Y4ed8aH+`_@tLGgXHoLit9(dXOa0kuhtJ5;)
zFFG>hP^0cUvqr>!KQW<4%GGsCC-zGmH0bTCb3F#nedYL}(Wjs8+Vs`}d`Q{#L>qpi
zd52$a`Rr`=M^53GxT#g%j=Iw6<=f|1$L&3FY(}I{UY+feACAfGQyBMfV%1w>dhf~n
zo`iG$4;Gi)_jbyYmjO4PkNvjv#`4y`N{+q1@|?e6{=P9Y3&kVPpUyeivrmolztv1?
z^5X3@%P)(=%Xik_UU_RkmnkoPy<hFX9=~T>-UdG1E1(<}&foC&+O;hPmv1(tow@9(
zDjj~Qo7{Hd^Ed1ItgF|%N$~u=Z*Je5-n-W?t1eVLw`0fCEe*7*4{TA??NP9zFz$u<
z;^R*b?Yvm#&fh&|T)xq|?u2W-Qcvt&G9aQ;+`iu3OLptfq(;-arbNTkNprrqzv^n;
z8e>naZ!%jq!E&vj-Gm8iRxbSf{K|Xvs=r;==X0xk-#Fcb&(Ad2wD9%r3Ww^RJQ$of
z5o#<YYvvcbaArWWoreytJbZBZq4CG#Czf6LGU@vM^VX+z8r1mY>!+2@EAsz()w^JK
z;_{_zknK&N=gL#PhA$g<;$cXML#EX|hhN{cM4$8X@H?Y?ON7)on4TEFulJnQC%%|?
zVtM4lt<#>ae*CjKYm9y4g*zKxKDlvs<k_Tz`yJ|OyQ%*EbK!+ev#ot9Sfiirc=2Rr
zqns-hCjPi1s$RDyHTJIQ)w|b-k-b(uom{=f_!D28>TuW?SGQ%ajteV1_X}9{d7ZH4
z>-w}zJ$wCHg5g2guOHTZo4&#E+nOU)j%92*u=C=Y`(3|&^(c8wVEHiQ?RhBl^WDAr
zcAX<Bt4}8SJYE0b;j}wjp6oglv+?EDo{#^md1hAIldt-Au9DV0X!h!6#ZtCcpP>vW
zaq#Ay=g*C+YPHDva_j1E&h4mLZ{IU()4H)YOI>b%sG-F3Q(NYaOX@VO)4V4hPOf-)
zyYCrb&%vAL=AD>v`q{n7Q?7=@N7OJi`6)f|rZ#eKse<+StGlgl{R){)?<)T?u39zz
z*xjpxADxbT@#*J7`uJ^IFtGdAhiu7t&j)TYE<N>p^qgxg&JVrQ=kGsjT8{kudgPSo
zLl1j&y|({iMA^6Nj$Pba{07^N!w17F@0(C1>*(}5Ti*HB?FP&F<>9rv!Ih>x{c1|R
zx92w<9042A=WpZEn=1|_nqf^*+kS+RdZ`EXp7=@lzBTP$N&62Q^7iuz`#!09uIttj
zW5%UE?tSWJLh5N-*s6`uS39c5`WSrHz)}x>*ZXk$0lD3;A2q;U)IR9w*Z$bCb<<M6
zyx8K<h)uGsw|+}7B)+_`m@(#D^>dr7-z<H%ah0{t$$Fy(em!W5b>*pN)y^c|EY^FR
zk74tfggZO5oh_D?lYUv}p2zN)Q#uZwHeLRD*tPgdr#pZD;}1bQ<6li5{V;7@zOHiR
z->)q?-~H`$qp^LjZ<6O#fYO_bn_oVeS!bnf{@!21()CU<OJ1cdJ@mYjbx@rP*Y-0`
zuB`ba$rLzf@t4!KutPO_ZMhQj6W5m>xHP)|BBv4lKmU{a=I<UqH?y@aEUpXSILhi8
zH-lI?w68JC4q;uBiZyFQRSY#|7;I^ljGj#@c1nz`-k@T$roO7iEP8{CvavmTfYlgk
zNo!IuH77gUmQgXZpCv8Z+@xYH=xa7wdYZE#U$<gtwk@+sMW~B>uN%gIJ?z;KSyl{9
z)f;;E%(CTVq+$P1?Dhe=KF4nS82-o6``WBI>Bb&8ng1|E-Kc-;lLkTa#|QdYCsU5q
z3K6l<_z!(*Mt!7H2Hqh2OSfA8&@bEAKf7Y6$(8}U{lb`)rq9q<47FPZ8ez|BRtz=R
zthTHs6)VNEA0TP7VyCPeqjMW-1Gdp>G-T^jt<c8=b1*tb!GY3kY2Ndz*c5A(jd50)
zp?X6$6AlB6o@KMz-5U-wtz2}=i*f+gk!8#@>a$%_u^LU;Oe9imAUWx*4^9Dwl4L2A
zt=J=3uAxz6T-|F%Ir}IZ!{nSDyk#oV)ocT~{#OLt@P9=xTe7o__UwPbX&fod^*>t%
zin7-_Li<|m7OxHY$hy3R|Kkh$C`OT$eH7#UrF{gc=-Q;J%q&~aETi3?s?YK)%Two;
zjq0`PdZ~kkMMa}h6#H??W&;mL>bhC*G5YTjaS40m$NHq^m`uj3_j<HsKVIwenz{EP
z|9uxFZIP1+(k-p7ZrzXU+y{E-qr3OdSl&DM&sgv6;y)pNY$yMdMdBo!yHwM&+&ce(
z;C@7<{u={6iuVx~d=&5FO!x@uf1eE=CGTE-?T_i74~@Y`SNkt$-i!SgwD;EfkC-1@
zDjE^@%Car#Mx#}qX*Z@-bWxM6jC2_5M7hs$J;>^<mY&dy@xU|42NbdId*qyKtBLl(
zMbKrpVVcawIPDNvyi7|*hS773tu{TnA|Ke++AighZb?hCx^=3-n2~MtD4{wHJSwOT
z=pcKh(FpxL);tmo-v>s}Yt#QTLs+Mdm#(YZ@PpYl{0B?uny$+n)<im4u;LuMmz@1K
zY@>@HV@>`4H|(TqP4B6ke_7-IRGV3=LEZn*WTKoD;m-dUvng2=Y3>c&4#5Aj_QT^V
zIG0@Ozh3kIRF?r`2bZm6Ypm<BnIH3zJ{AjobjAOQ=)LHFMSO4F|APCmrQ5BRG%vd(
zaZRdpIY{+fn_TPTZmiUY9eCFvZ{R-rXp=sA-d*OPW|a3@^ci6F-lJ?a_BC4F1RE3?
zrAUm~FtkB!uf<BM_+NGuY8G`Aq;RwD|B{bTzo?7gCiOAr<Np%R0W)|rvM*?d1>b0M
zoGDA6Zmh{^xEh>{TSIGg;OO_W@MmYUJb@GX+AL{m_DMkv*sqLiyDSDDs`UPr8q(Ww
z-<D4Qf;Gq!va?_va!Fq0y3}3}#rw54W+#Bm=14gHvEZ>JFi~b@Ux|L2#f}tJEiBpT
z`pj1PY`xgRX0sag8G=41+veL!YL`gLfL>2yaFIHkh~5HRmAB7HPc>$#B)UC~wsd7j
zyiCaGX*J5Cv$FI9l!;mT3_E@xA?skXz<SyO|BYF3875mXsh8eh0Fz-!wOB3L14=}D
zmpWwGGL2c;7NcDeo0GvdkOvw<4kU7E_I#IiZB^}TU~oO`lKAJ7z~onARy#d#tG_~e
z)NUmvNK)a0=uUR1W0_ziWM)~ijp_tTdZyLbf}MBg@=zp|iIBuvjMg-t4o+j&LZ2m<
zhLR<i^_fO7y?+gZEz9U1*O9q)#;lfB3(UdC>q7^*G>R&rw<SZ$%38u0b`dLJMRGf<
z<ol;v<(YaA96O(3%vMVCfSfPvGi*YJk?}-s&(1RH)0J%VF(=Qo*<oB+UznB6N9qM8
z)}ohvfi()3qpEO8lrO`K%jm#nr?A*NpbL|xwAd5iOk^6<<dP~;q~&C>4_P$Q1aUKC
z^%ko!%@?NXDXA<OmTU_g&w)nY%q%0Gxejbf8a#%5fhn$$1N3QWY>V1jpdGfvt}?@1
zBy5%4Z0jdwl~~JWud*BTRw*kWVKuh6$f>c1tKgpodOgcFz*Sbo;TJj4cDpg#uf>3D
zBNI?obn+-C+hVmV-A%#HoorMTxtP~R_Hb^P3Moqx8R+WesZwOyq|;g=uC0E6EhoE`
zB}>}680n*<@~%Gr(C%+7T3yPL(HFRjU*WvhA&{-H$Z7SDa~||8eLuYB)5I}`BaS}X
zU^ZrjxJUn>uaIT4Wy|cS0)!0EUnq^xS4h{}dy7uboAf6G<ZM&ANRO`abUct<q(@gp
zmMxnJjZAONH0xzdmC7Y8>TA%$45IDQ3^le)eV-g-3%6#5y@rjmqD~P_7AwesT?r#*
zq_qPrtIT$(7D*%;w$8Go`S!HhQuWqETU#5{`C2hew6$iH%AUsT7D(1ELJo<ltZr@O
z3w}T%$cwaYwX?)@Rtf#bm6Bh&QE$)5GN!eW*5WF5#sv!L;Hvn7xI`PWbM)2(I0`<}
zDxE^)k}a<~X_sR`X#g2J(+GY=>w@AKX4@i_WT4nXVyDu@>MrhFS9k79X?MQV^mtF2
zcx!f+8qOgsg!vCyA$WYF)B5T&492vgW0i2pom;O<IyLzHLm{cPk{<KbsEGLzfQH_u
zHJT;~vxJu_Zsb)jm$bR&eLdlyWke1~Tdl0xUede2w<?#LV2k52M11ISkntbPNU+0%
znKJI6&$1h{1T^9*M3M}E4~yueyq}~AJ7r2mjZ|y}-lkNcmMSERpz&N8IMF@Mu#+@;
zJ~5ITrNDe!a65c5J+?*dRMs8z8AfYycA|9P1Gn_5RrGK=HOd|?{jBKWbj?K82C5vF
zp9u7`RE)VSD>{+n5{~F3BZHxh*#WkUL|acV<Y*L_Jy6@2fsiKd3k45X{F$cq;u0&n
zkwF2rX%iQhke~#@UoZxVPUXzQe#km8#S6JcET@3O!E~{rJ?I>)3UJjla@CY^E3J>5
z2vL&oF3x9H=krS+>B$bL%B?=Sc(PqR*)N?+x1;Mwy;tt~UinM4R8C-;(7VvpyWm2T
zj*Xvpp>`|5Vz1pwCDp}2R-SIj%CcoC(7=PL?&8XH^)uMgGjp<yX;M#3(PHgZf!?P<
zl0_aO47n5_$WxgXl=pzcoMV)+)EAU|RyNp(o;^VX)ON7@u7Yox(^N1*!5$Z@k(Z0*
z|DI7P?sd*QCriYW)g|4kNZ0pgyP$-Oq&`K-L$~vwn}sy6ReqpKZ5~_TgLO`OsKI<Y
zW476r7SkUTg5AgI=A(^MvH$>cDk)yWtOC6^%=mj<QZO7T%wae^CGXj&WEqG<?EaE_
z4a!?8%Yh1*A2lGff)kX1uSeD1vkdlHwwH&faE&ULZc=3I`~`oY^H_BWw`dpjApI>F
zut}hk<1*4LV3AZ7dn=nEhdBsYPE2Q$(p9#X^tfU!YRr|f2YPRi#67tb?Z{9MWeIqM
z1$3?gnFRq42p8Crq3~8)&xntHvRo@Fsvi4XIWoO}qy=#^^j7hUn2rf?y7oSGYSgR|
zRikFTsQUFZ=xlr;y<uji&R-H<Jlw3Tj!sC3NlfU`F($fIS06o|ayxjpX#-Rp+D3Qn
z(Xwq^%g>a!0E5+H=<U-Xx>G`oRI6h8npOLC=%{PmF(x5FYVmdL18emCLf5uaJLuFV
zx_#>yr{*@m8R=>ClbSkpaQ1Uu*sy*Ysj-!=b9<@T-*bs2A;flS+cu$P$Cwxwg2xa@
z2<>$p+Z93Z7zT!*$i(x~Da$Hlz<m^eIq9MS_5l58_Wic8Q-%fnB~*#U)4bibM3=t_
za@r}Q5BMJzlf{_E*oxS)gv98MiIV8Eb1zG18`mmE%_<;>$pp!kJGsK@B&MVZ35mK6
zYG*eV7(fKo!?nwP&hWLrR1Ao5X5z5jq&FCSz?Rt|(5wN{BY-lrs#tJiL^<VivaF<8
z1*c4T<S9C#wj@)jIp6?VGDJ&8nz6smB)8|Jf;RLs>+QOJ8BV8cKv0ngw~^!lgcYs)
zcqm)GC=#193s#I0V(EV&QpP)OZ}grbRIva$8m}r8z`Y)AV`39!?B*gEPgpCXNuOh7
z^8m)RGiK!Yu@1~wpqr~`uj`S}GP-Sy((bB~gA3d<+pNaZ&?zw%!xKA528#z(l7c}+
z;;+xn2KU+%7Q#-0Kqy-3+I46flNck%Eif93NuE>@?@ICrvXE#t#?MmJ9^fo`Vt7@j
zj%_;{K?d#FayV9S24w8)32>IpGLzM213h9i_V!Ca-Qo5b{p>}G0c^!imNE_Og9oUG
zbU@T;UJY_QIMHo=+UfALw~dMZB1R?U+vy<7A{Ay>d{|a8Eq>9hTE(>LkqC@TjBXvH
z0AI4D*<wu-EU*N@030pmW>O9GT54d}t1`K7PgI`ct8j*j78$#B5Kve8q~Z=RuB540
zJ`psgRb|Tn8>Pn!7P*0Ga8>)5M4Urnrvy1DrMNF+d}7)s#&qlv+cCObj4x~sn^zo)
zxR10gtim@st0&X*G3X9ZV}BmZrc4TvT#Jd$R<S5va&ACbq6mN=;lpYrM)2vD3;}r=
z@PT~G7-?curMhp0d^0Wmjn;$=&<E&T+S4HxG^2AMvA{k6WF<Yo>(5(S+0x-G`5JPv
zFi4b2K`vv~$V=b*!l?zpXQl~CXieRvAoOK`oD^+2JG^(UrJ%{jX;pgE=@BJkTkPxh
z-Z0*hr!#}X>r?IS0K3u0!<rzsf7!@mg%s&7w=8==rcr^X1uqSS%pAKJq}pl{PzkD-
z&1R=ZmKfJArlTKAd$>-Sj44=BUBL4#ldKk;8tDu<Jrq3Dz93B)f3?iXvV+UlGfSUo
zwiqDZHG&ToYq44t==88q7(5WH@X5$YXIl^4cKc}3eHV*+yC^&A;1t2R=%|o#of0u3
z^^!3!XGraRcdc;QJC(<>sXQji$LsP}78TVfDoWwH!If8M<>IdSxSXJtXw`yTwNebw
zl35iJMWdofBM~gN4ZKofCKh6sOYwr3sZaaTm}QfL!pJfhA%Zo71E|#Jfa?dUeSiX(
z#uSl&86gwwn_#xtvxQ7sR<<Gwric;__26lyv3S>(H9#;~tVS6qt*ikG6Zp7zu;d+$
zJ!AT3&LGKEn>DK1ExA$m$Yzz2KB?BIS~IBV9@#yzYBg+u-)c^b=1CFN8Z~p}sx@m~
zt(m)H1R^!6+C2>$;8*J8BGE0mS*7lgNfF&6s{vv)XAKg;v5*QY;K-G#)?g$AV}GMT
zk&|HrBamsN-9I5cNvN2G5x2oes>tA6Sh7hIA-TIfLI4OW4u|UV4-7wT)JO%k9Ky#m
zV{|s@K`m*d8%^pa^s-qpND`^xn_z_F3!G)@z_*B3!8E)zo7m6>qn9Zdj25d?{h~9Z
zkg}aR2w-UJ0ti(XOuC9v*wMxL?5cFf8VXmOp={y0){%j87t>Mf(ylEUBZceF@_e#w
zZEgL)71rC0GWL>yx25)y8Bms~(dvVL7zY&efT{$$mt}#IWt2-Xg@6?T^Y+tO(15G}
zR~{n=8N0$)dEN%loJ=t%lNlQU-!>^Rk&1W<l$fxh=zMeJx+`LpDt1B4{vJ@k&+<g)
zS9vn_DV~6z<_Y)}p1%i=xdsBd1uD<CcmZjWU*JLWjn2rn0IuGih}tN+)fdt2TY}2d
zdshdz@28`4vTdjYh4#AkVDX$Km76toU+F5(d2^(8me}PS51f)q7in_obqJ|Mqx#e2
zN&+rez;6`<JnS;|>P768W6!pj1_WeFw{FHx;2E-w;$e5?(pL;}>4lYC3QT0oO35Xw
zL@S5U<mxKugYgGgZJEJp)Mu#-w#)$?&;;52nG%$=K59N+rV4SlP#*?(-QG50+E}_8
zgu`#79pdCt_|iF;1oOeNV0Ca%a7b{);PBvx;K-6SWn6Hh;O4<yOLi;Sy=1aNujpBF
zJdtrFXOoh1NXhx6<YH2C8B_!xAtjHJ;A5oZ38FYjO5Q-E2c+a*_#8<~j-`rmwB%$e
z;}kO?3EoE)hu~R)gwzZ<N<)s(kmEGu1PwV!LzKa<Xo<++>AZ{!8BaozL*_ybP{Tv!
z6U>AxhDQlm$TC(cafE~%#foDj<ODoJ{*sW!0y!a&sE9zQubM<g)%2-VyH4GD^&1f4
z8%!Fj8buaw(zF?r{hF7GB+-f%EuGB@|5hzxh$1p1)>)$|Lt67~B1^})DhRKPCy}3(
zZCkEg17-C{(!RVdv_k_@o`|X{B=U2<P34aD8~7wtC6S4W7M;GR-(Z^{5-L(b<mDm}
zMWPg`N~Aub;42b8QP7A&fG7ltq?jlxE|OqTRzj4O6opcvytGKlh@`AY%85dG5p)`@
zAc~blS(qrREb>)EMO9I#CMrJ>d9A3ZE($e7Rg_3-ib5?>U0Wn|M0H(JT~Ack7u5|!
zbwknjQ&HVm^lc)ln~LgYqF=PAZXxn5MRhAt9V4n^MRjXY-9}W$iRyS!{h6q4E2`Ux
z>h_{qC#pM$>d!@WN0B6m>O@i9NmPF!syd6RE~5XJ%FaY2-9=TBNP38>6tP&USj-@*
z(v(K3H1T4PSq!p>LA}JF-eQnd3`!S+GQ=R87?ddn^$~-z#2~vElr0A3h(UeDpnhUd
ze=%r)7&K4}`brG?S_~Q_27Mz24HkoPi5N5lU?{*afZ+fm07e3g0vHW224E~~#yFx(
zBgzya22TL^7HTHKBr`-%(PR?j`ijAm;n7bdQ{XWb;5&e9kz|Ubk4UCLr|D3UDiWYf
zfHE<N1c(zL9y}9Z7QpvVo((XUh>CecEVTgg3jr1ZECE;wu$+ke3V5z0VwrkknfhXx
zRghZ^um)f)z&e2S02=@{0&D`<46p@YE5J5@?EpIfb^`nWqwNBUZA7vg9(w@x0_=mP
z&%`o6!s91^{ZREYzyZh~gy$iE!$d6m3lYm7Ct`(D01kjWfP8=gfYShH0L}uO12_+G
z0pKFQC4kESzXDtVxC-za!0!Op0Imc40b|?*xJATDw*mfy{2h3HCRVx&k9z?3iAWz3
zu}VF$N`0})-;jF*@EG6;AU_3o2JjrpF92QwyaIR)@CM*5z&n6KfLtn883HgAU>Lw~
zfDsh-3t%)A{l`$TDr`u#@l>of0pMGJi2#$JeF_ynnF`PE0H#qfVmdr$P*FRJiovr1
z=0JHaz<hv(0E+>Z0xSnu39uSqEx>w!4FDUdSbY;bHv?<|*b1->U<bet0K2KE+DpY6
zKSF*#fLSENaDO0sfQpfa0geFtLQ8|Tu!zDbXm9}J0pwFrD1hf_fHMGR0nP!O2e<%m
z5#SQQWvcv@3d$=0R{?$ll_UHP_1CEAd!33kuR{J0fExfe0d4`@rlQ}U@Vo<K+=b^o
zfcpRs03HJT1@Je(BY?*MPk_!!qHF`Rd`gwiU<mSpiVa^w(;I-d0Pg^Dd65hO7z!{9
zU^u`CfRO;B07e6h0T>G~ju-vM!*c?_w*V6XuE2CA@yael*<B`*ULu(cl~Z`J(Nuu%
z0H*QEBqDw~1FB~Nd=D_2FAWNIKI8_$p21@g0N|6}uywq093jftL?%YA;7g0jWxS|d
z4ls`>#1<=gWsXv8f%32l@Y6-Q8Xju^)&i{K#TIRpRTZ$&yz)D$QceT?O*ZnP?<Q#7
z46p@YE5J5@?EpIfb^`nWunS-}z#f3Tyx8Ulz%RTQ*+Xn|0<tFoP60Ro@&NJy+9+H4
zh~#%by3UtY!=6FzHozTTd52ev{tqDk7hl>}jC=}2U+|*tCBQ3y*8o6C_l8#<Cw|I_
z1VrpD;JgDU1jrS{7DE7r0t^Ef4%;^ZV5Fd|u25F;FAc_M6qH8`%C9xbl|%!(B=|kz
zHOjGqM%hcF?4ePPgWMCU5!*}<#5SPQ+VmCM^b^~B3#EyIauT#o2AB$P7O|#6{dj;W
zg5MOdb#10We!8H{&?x(Als1jBpGG+YaA!gr`5uOz127L@fuKy+h{}Zm>=P7M2+Bo>
zvPe)a!RHb|xfGvE1?4h)E)$e_FdSJWC|6>6CG=Yj{nh}ih5R~rt_Rp4C~p#t@)p2&
z7<Qtd@x$jvfZi~>Eik*Sf*AP&z&L<?g7O!tQQqdEZ8Yv4wBI4ht-z6ApvyLR{*1#N
z6_m%IydU5=z;>wL0kDGjD78MN13=sYK->b9yNE&=1v~@sY_k$J<Rnb#6o5leR`K~k
z`uifnvA<X(gyR%Mt#&=}Lm5ISJP1eGS2L`F{~&R-N$mosA__vlFM@&`6H%h$!l7RD
zsH=}O3km*PKRl-pl$?rJtNn>eC9TByBX~#`{ZRq<cq6E#N<y$ji5W;Z{O=dU_rJ_=
zzW*Vvn=oSyB%B{+AmRKm<L^Bs4Q4c6I3yszmH4Tg2^R<%C1iM|udfnz4LDE?@r!w;
zMTxIF{g81A7vuiJ#r|)}xEJZ-9w|CaZ)y4H4@DAeway<I5rUM(aXBg#0r;S!TRek7
zJSqP{+56{%344{4Qa>3dlql)z>rJ>6CL!)zsUqisdTNU_5g`~8UqlElIwgE6TvK(e
zLMFHpLHLj@L_o<BR6q@LMVkIye&1i_|E^4F$dtwm{y}9K=?u8wpAK1RC#v^Pu*4VV
zQX~e-olF$m;E@hrU>)H-6(veK)tmq+?3;?mcEU48sZi;0h@ljKb!9PE4wLejgkn+w
zlZue=l>`~)A)!PjW3tRCLGY+b<>NzrO9BN-IN3kRt#5HQvwxLWw=z(A7hD-a!rmtu
zfRe)V9_b;xbfiibcjA<&Tt(@_(X!zjSCy-VNd#1?)t_)&Nwr#w0$rWsYH*Pp7sb_t
zCaxC8)#mDOTwS%g9?V3gst>7;PXm@VgdGw1M!0F85{_>SOl<;-Zb~?@8Q}t&6Rt!w
zaI^*CO0^_hNGrmXjv-u`Si+TUO}KJx2v<H1hOEfNf2P!sww1Yd@yY<0RQnRjK<*Qw
ztH5bHKzl9zbIL)4%SCl0T+IYdMiV>ruJ;Ay>UO4Fy)Kli--YKIbfsLwFDcjPOP>3*
z8|4~z<GCi?Dc7_+&oxV;T=OKJi%zCoi)5Z_*@JSedhlFK3gu$;lxv+zxi+ah7iXYc
zyn*LFOQT%dG@ff`q+EL=&*@B*>tN!!&wEm?V^5w-FjFqk%yXSAl>5TMbDeupu1hbT
z>)M-gU-ss?ZdS^5xAI(4I^mKt2-m|#xRgx7>HAPFHH&ZtJK@r@DQC>)Ia3bhdiJH9
zxgX&y{R!7=Kzn6zzU{!TGOB!y8#IXHzTpN}<ZOd0ahbWKBG)IERN}IRK+Zk{a@j*6
zmopS{eTNa;iQ!Q0Hyq0SM?h}C2*?c_3AwLELhkEPkQ+1#a^H-G+~CoW%Z2E&A~yum
zO59M0GAnY!Agu(1#zB4rq?NdlWIPZTW)Ly~l=3J@d2TfM7V=}rL`cU%XiK<pWHO}V
zA+ROf1PE;j_bmjsgqsLaE#W4S>12Si1UD5#g(^#O(+Qcu<b5WoqAbPDCj2ad^8G!j
zz|Df_mO!rDOri|omJm7ziVGmzCEQ|Cx16#xx1Lm;2k7&$8js&X!X$YSVWPYk9_67Q
zrb}76jHSyVt;nrl`IRhP1!*X^nx$(Xt-!5?v>dmN;K5tZCb$6^OZbh_W0UmQ4390K
zGPc6<my@l)kQHPb<X1w<1KI76u7;EX*&UEyOLoHS*O4C}-9dIix)Y*k!u<eoG~sqZ
zBu%*85K9wo5BU+&edH%de<X8&9s6PB6}X?teyBMB!L>|TjysB3nKG2iBOoC%?hUDW
z5QaHT4#JRUAnNA1vyf8m97NwdcOFv8T_8swy$C7KT_V3gdKps6{Ys8P{tBd&yGo8h
z{x?V|_d7Wb`D>6;?m9UE`9C0~+zoOP@;4!++%0kn^0y(S+@Hh&`8$wO?k>rL{5?o1
zcc0`#{sE+vdq@f({}-f``<tAG^bt7&>0@#h(kGDe+*5K6^3NdUx##3O<X=F_b1%sS
z$iE^NA$?6Mf^>l7QlCo%r3lu-9={TFm##n>O!%vSSxBxz-(30|ux}VeCJv{+Lpp+9
zgLEXl4(TWwLX~0MSjvRb7X<4MqO8nKpe1ggWWicNuwbp2-ewqovh)sf1MZ@%(|aiE
z^ghZueE{iX`Vi77^e;%K(!U}7jy{5P8hs4ubovC+8T2WnGwCx(XVK><_4Ea#v*}An
z=g?P>&ZVy*okuHFQHFC1DSZQDR^i^VbPIV$lvTMUlrMCjo~0B|&oUYYGuucNxfG<5
z=7JBgiVlJNYC06sHIRZ-(qWKa2Px03r^CT!ZJ=e#DI>ToR5k+KuK-{V$GrnN9|djO
z=x9i{(=m|l0H=K{4d7wCFfxwHiSRuo;ar3}Ujyt$I`1ltryQ*c?Bw{W+!SB|QGSap
z^C+1}<y2Te$s{W0g+-K1rgA}8Ldg^=mkG-#nM&nyVFe}MQMo9rqGTGCD}*(aOs8_C
zu#OVg@wo)gH;DWUn9yM|lLiP!$SfKl`vs&`=9<FyFooiTpA9%C$sE8rMdkvI10)ev
z$c>>e8^GL7$$XsBPD&Qwly*_F5T~?<En)%X7E^8o<u+5UWGJZ&o<t=Q2aZP-5)Ved
z8fhnRe09=Z;Dp+wgTTqGBthWhpcn@ToCw-*I=H+FP^7#-l%UmSVx+W`ka7a&bC8g_
z0;fJk;D`&v_c$SoD1=U0MLr=10MG9&A>Rm`KWsupfzynmBt+l>=EHoUF%Vc+LEwrl
zr(_EhgEmnTCUC`J6=el3_&9`b5Cig#sMg>e@KmAnb3~;qrrMuqo^A=HP)h}cQgw<r
zqC!WU3C)$A4dc$i!ytr?FvuJ!(}_9Uk<!jw&C!W7YaMZ%BV{QyEu*I8)U0)8S5WOi
z8oQDb`?-R!!ct#yT*}YH-Bu7r7R18-#m=Mz>4tFzxx=I#Y7jM*LD!~=sq%6#RH^`-
zQf0BT0CP1Zf#CfBR;sMm8d|NEC=WPYSf~&c@|3kSWgRuGr}_;P^5Oc8_(<7AO`EBH
z3w7u|<s7=k9IT6{RH=g1IvnxgoH@dwYl5|cz$;bdp*Fr6m;2dSM^efBeA8AMyN#0g
zlEnOp6HUfLVAT!KOc9}LA_8DHsyR%bgsusM!`9lNYsxv2YQ)#z%+(#H>Y+Li9Y+%2
zR*#P&=17MrGEAl4K^;l8<7;!~S`HKZM(SWk99o608FA>E;}CKlJip3$rXOeuHSMDL
zrrlJxhtlMlSY_HvP5Y?1W>O1X3q%$Ls#1UEi0T}12FB59n<9?_a56@c^dpV`k#e~|
z(sW`ZR$}@|qS#!n`<_s&N!m|YC({}lzn>Ca3~9}gpWz@wHw6!YRKt{d(<1^QD6W>G
z)gGWoyl)`Hnn^LN4E>;w2Dp$CsXIWq<oe;}`pFH#%?)5`N(uzj&~OkNs+j9ToeHL_
zDxDIUa){=cW{|M7#VK`6Tgjr>!!Y_03d3_gh!T?A5ZlcSQzDaop(zakG5!}y^hZ%J
z)f6z4DRsiqbYK#p!q-*7IV=2d=)j~lx;7jN!7*w&PW30Sum1-vC!H-CTyI&dq^46e
zB^G&vrBWsbO=*oKKnf6fmHG-nexHpplDu@--@3?2kOz<hz&GV#FH=5^uPZaxahU3)
z@TQ5hxdI7DrAf58(o>pDo2xvfDYUtdr!<u|S9?m|(dNFM(lpxK&r_OCoBO*;)Koy5
zYn&yAsgZswVVQ==9EYhsZYNae_7P4aO4+@HOFE6{y3@D^<P3;_pdf()NMf;+I?0Xl
zOlN7tS#zU&1qE`zh+@ccZJy~IHJzv0=QOA+$0awYVs4NU3A+G0nNml$6R5V-wd7o~
z8iakK^Gp{g6QO3>mlUKvskN>(r}1MIcnVT3Qr#%Zr8K~k&bn$Ko=>h9ZmyTqO4kYr
z6-PqV*(Uzyoq}<H!%`Xqz)Vx>q(qu7QT;Z;a+fJ2ztY8FX^ZsRadjnlI8|+3rz%og
zNSg<CBKj-9qR14v=_+kr%q1Qoh*t9;SBaW_qs@zBDd~FxrQd1uV5jJmgk$Yr&qcFl
zU{#ptH6U11ca4&y>nwMj5{(A7Bq}fJOD^JUMARqgq^yFrCcYIa|3Pn1u9N_}YZF2J
zQ*(MmfQ+f12JT$FzDy6n>5?Q7uuMbAVo4yeFq|xoy-8`#87Kgj)SkB}_7<G2p~O=;
z+*LW;S?Nu0VHjP^8V7sYT;$ztxg_Z})`2wKX67UW*Wbvs{#x$!*K)7F)<3P^0o&-|
zL22Z{e#V1(lG-)ZGW`k8jV}t(9U#=I@)4rD1EYFP98uhisAakf)4V4!q83{-wtF$c
zRe6_sF``xxdPNyg%Zm}UiZTMuRk(hK#E)7MKO9wHMI2WKO;HG}L>G<cunJ&-gyre(
zgGrF2wk%@!;#%ue24y>!skd@PE9bDv@@ScwvdYk6U_f1(%wdYvJ)mw?<}kI!BA)gA
za6YfI9Pr%{YOVuRLMgZfl^sz=E=3lV@&}1ZQAMRZq){pAsFW)3+l4F3e$16yV{Alt
z9>=Z(y{O6&mDD!03o*w*O&DIGs2x$s<EZv~Y95CYP?->!Tn;mg!<AKmK0*-m`HSLE
zpTTbz3WVdKEgUf=-=r!ba?#zX8g!DCgie3EI>p0p7anKS4%#CqV81u)CxTqz8;^o#
z5G0*#B>CxJ{|eH12kLGBw1#{fpZtiX93YO^*_4<cQB5F<Vyb|$XplLDQP!GNu3i5z
zeM0%Cpd}S*^)qlI1%L7!Tv;XPL`p=35BO3@XAUK8IIcQOT3!|={epTiwFLZj5g0Gq
zx5i5rCogNec==Um7n!*O)YQRiJ#4bNng)h;k((2sCLKq6Z@n3UOrh)pZd>k4Y7iWG
z`2}%&%6J+Y^a%*XOKN&Wp#gZIoyEt#28SvL6y<oDR5g{=ya6|>D$$Rp(4}t#Hdce2
zb`EcPi&ffrnAs2rN6i7^^$x^mDsgH!8wHONrP(wnG)Msm!r&aq!VEGUBssu|ObU)>
zRm2#a7bG2BCu*K-utv>L^YjNn_@@!v?mkGdw38w_enKvBlRU&oW+BN4M9C#yG?k2I
zE^!k*<R)tWfankp(Zh^rwwvgX4~Y)(5IyWBnj_;C%FmJM0cRMl3<(b<ZBi!C&|;N<
z^Ao^;Y8N2)@^PReaMFj7ltOCC<)e88g?@Q~z==E)FwNN+r_vXF^ENn@p&w3VDA7bX
zr-JkbIZP8t7*`Aod>&>O=V*91id>HVlzXE6aH1XGpXl)a=0ue^QQQk>Z=7j=oM|l1
zbohre9Zob=F=HMk&GTE&Jiqmtr^7wZ0Uzwr2+uAZX9Es&@6w152OQzqrQ>d*UwuGy
zq=)DUM)Yep(UBh#9qA!@!cBD02Si7Ch@NCbzi|^C^&!zw9-=4RL<fIBboBc~bBUYk
z=ntum{utFE<O8x}JY-KXvO`%k*aUILd`NZ-(Uf<RJ%u}oj(qG8o}jobLLqdHH0;BX
z#(G9_u#twdkv>J7u^)~!mT1a4M*^wvjPos7ghJ#TXT*o&jPs0>$Hp1yVbr(}#~J5g
zRGypcD1y<kh+W2`3Lni#lmN#BD<l$m=J9|(iQ$i7_{Bi&59I@4aCpEeXcNXk-?1NQ
z8|rKu2TEU|oC?lN_}P?Ue6IS8W-vrfc_|$>2ikB}<4Ndhh`{`rdpDjWb;yhDKun*n
zp5FItKB#9Y{u~s#IuLoK`;Op3LW@ZY%GaNj7NiN~xO|`@If;Y%25O47gY6%LOvp2_
zDdYuwU04W<8c!%p4y=nK4?LWF@MNHJ0;@#lBhL(uQoeaO)_x0yNugArCnGUrA`t-X
z7?I4-nb6#C&N@tAhX%FtvO#C^w2LJZg!4(N%8HWxF@KHfC<sI?PrF3IDF$Y00!6GP
zZYwo`BGF>0&^`WZ4#vnwp#{mzN09=#$;T~+ea%N50g50Wk2Rd#d^|I7FyJ{D>`gve
z4=@q=sPI9n=cBeoX+~X!(w1)?1dE!)gsrwDY{jZdGIp9^G~*BoDV8pRr^su3Jrx(g
z1LUFaWax_@Iz=Uo;EQ?z?cukJD0x)_0CNiQ+{{dcyi(<Mf4)N^iYh>4<cCBCz;73Y
z(><GxyE2WS7nTU_!M9+zsrg%)JdtV_Q1e8ZJc()-QS&64Jeg{jQ1fJ(JcVkPQS%g<
zJe6u!Q1eup{2kS<qUP^t@-(VlL(S7@@^q?QN6pjG+E0famdWuRCEq-QIP${7<8Ylb
zaEd}Pmj?-+BkiJu31Qnzua(UL4^OEogS?zYw9EKB?Q%Z96GU-v#`E&qOCH7d1aD<p
zIHJP1Gl*x}O6_MMj{>bsdO)!*&or7hjp5zdu{`>>`$=AY@r#9pjxRX#Eab&(n3qz8
z!pv$Ue$HY13<rLW<Nv|mRXG_t6N$`a+aWDr9^r|Pk0xb2I9I%B0v|~h=qKPR=L1n6
zpAt|T1`^7re9P-5@?7$_e5n3gY+pcRypL}`*BwHIq3DZ-=Ds88Jo8RdCh>vN1&)I?
zCA}k{{m@YjQ?ZaDOcno*P}U)N5?{qUiAV1>WioG?!Z)8soR>SSVk+N!zPm#A9S@7<
zr|}#Kru=vw|BvjqJjcHy+`<nQvrt;hBDR=vxESt(#lYy{Fgl<uW^2m)w>1U)r)%<B
z%)<8<v*<rr%o5lom5=+-EX7S$YGIS7e|(c?5`->3Wu04H4mvGkG^Cwg4tXCnGX@*b
z7_1-y^-)JL6}SN`(pECvrHNOQzUVSzM!TMOU|Z~u1SDeya%rW9&_*P*ipY5%^+ZsT
zRnG#gjX-M^2}I=qPe&g1gpNooFt{kuyoD~Z4$~UqHUwK?_@>OMT0=mCEy9|`Ij9v`
z*^k|wvTP2h<9S3oifa4jYx}Xv;RKG~eRl3v6FID~HCy2(^1%?FAQ|XA8hSIse3;@@
zo@>+(>8<fBd=oBwEtm@*br_b{lfY6i<3MJz))U=Kp3^9t`B}Kd+&Yv^bvZx|<ILL#
zrrU`lsT72>-}CXMh;9#yf7cV4(nmd+S)3oKK^~ern>UD|xm64byq(T7FMv+-Nq#{*
z98mK-f-7+3r3$Gs-8~{WbU#2eTqV8=ms=&mps1ps!>203^>ZOL%>&tw(9P$mE6+MD
z;00FJE#$dW1)Ge+w2R3nMEX#(h@a}b`q%&xs8%bI*O4mbbvW0J?uu}!ViPc2tqxCG
z%qQ{eQjlGcF5y!cNAY3`c^uDE-C`CbZUzxltAkzmQ`l{)r+Eu_R%&%j$^xQQ1VMz5
zvXq4DC-EuE2y;M|kt$Gfb^eaV^8`C;@K(-QIn`AO)V97)ZJ9)EsYGpQ5o%LEM(sN<
zYTIBt)#^Z3(=@N9?M0iWdo}IAIruFVr28Y(EkPK^<AXYwFt&)jONe<b?CV+*7>W|K
zmcXto<(qFH(q$+sFXNkUl*+8vUc$PqCrlFYW)w4FoNhVq#F)r4jKzSlSTgnSbZ+-<
zFG@Ek!&?G)OPqL1TzGrD@b*dc*05t0Sd-(7r1>U-%VDSHjnoHKqcm%%d;4A;qw}Lg
zXE}6RPVh(qoy~;t11eHNO!HAsQi%wwSm3E(6n>H@ECmWnB_9l)Y^3H}yaw7Yp)CWn
zWlpqZPPDCFXfLJpuK=_aPP7$Hv~6B!KTFhB0@_L^+Da$db}zI8651+BC8{Kqs6EJ|
z#$yPFB!tz3sYjJlJs#$nrll*uECg{Y!72oCJHdCC^apI535+Wu=jnD6_TmC^lK%Js
zB+N%$3SC&d4tL7nL@ycK<-yqJ!I<QQu^X+Wx)KfrGN6!T08a;#9fc%2cy<7H&&P1X
z-@~mU;qHYcsMTfj!j$WA_Ia_Zcy0vVaBGk9tgv7NXw`k-Evfwuy5CMzMN3;14QkbN
z0nW;ZbeZ$|tNC6O6uFVT77A;;BnR7_2D$R2GE2f5FGhWngMB^K&N|Av$<rVaq6s64
z204sdkK5^L;-kq>jQ}$|#t+pV=NCYgYym^I(lE}i6k@t?X*78cMb?IsuZBJJ<<`I+
z`f_W*vioxDc>IKGJ<rJmZUfKBgSa1=DXxZ0ghRk=$a0dWze@1#&PzLbRO3%zia_-y
z%_X|IEK=FexHhuLI~~&kl;@xxNN+O<Emca&pzFh)vsuivS-Px7?zEpnT<;(pNn1!|
zhkqD}-vV}KGr<l{@8u`wkp>Fjy<lfo9~X_*9N8#&G(R(`O~92&lWBl+SVyD_e&{wD
zy5+T>ONcbZ;{P;7CgX_b>;y|bz|3)olWPizYwS9BHtPr|2hnL#MS|0`>7SjZa`4+l
zUDo9{)rEeC2)@ad{HDXiPvnJM;H<WQ*PiCJXL#*dUVDz$p69g}c<n`Adx_Ux=C!}_
z+AF;FDzE*G|H3cV|7^-;UVDviL2@_q=L+&-x9}v_-yn42a%Bctn4dweDTnWeg;cp|
zD<23Oohr*`d1sX#a`K3u4Dx{Ug@vggO5715gPAN~zJdR_P#3kcN!#G~Y~u+Ic!Ss8
z<XcefEk1TT0RRsF@lQuUaQY`7y90+lR{(KG0MBuqIEdP_4Kgfe!!%mKGzwB>Fr@Y_
zAG;HABMbr}gW$8EJIzW`g)j~<@cp$^BF+*{Q#KjMrOHy}#kUj|=EF>X0Ug5&pE#oO
z0>GioYr{@APVXM@LrZXKSi0{nL7$_*b3x|zcaP!L@fueIChOu`*8DSy{&B#A=$-A&
z2|(iU`rUnVocukUOa1rgubd<Tuq)F!iO@DlKLDG4;K_)y`PzrP`-MK<-{lvCQT7%e
z+VFk()Yx4-u>%*vqBck_BdoaLI?Uy3|K=B*%}@HCMi^u!NPjfQap^FoLavZ4fR&sg
zGC@%8q^`3FDvQMtDpW*JKrNQ*?^a`YYOqc72W$lD9Mdp<D0r%%7^|`3T8c%Dt2m5z
z)~*i34cd-6Nc)IYZiztc!O)<_w43jXcP^gd2y{wW??-e5n+U`tVVeW%V{K9x7Gq&&
zbEz~vs|+t>*bD{jV;n)IeZt4?;mHE+Gk(DWMgcWn=xV%6MYIw44wT_PXR44c7%{@B
zYjNfh53GD>P_e>7=_Oe{zL+@Yd@q5Gv<<1efG(kX`6pDi5A=wN`w`Tq!2Ja3Q^oBE
z^(k;agZlL69C%8FX83W(*}N2CGczkG!l)5v(X9N38xA{`S5)@$nd}9C+Bm>V!sl1k
zd;o>7fVf_8yhR-912_ly&@TSwZ(8FAMV`RAkO&ZZ;Vlb$2X~p620Kib+<x#Oo|vzI
z(z^m7haW1pury~G??kCURX*)Na>F>a0`HWw&uH+P8E|3C!_u<PKqP?Zm(j50v8aX7
zW`y;F(Po4&Unws>#AP#vP#$I!!4~OAnn~hk63%>yxU-jugS~Zkn0|A;3mFO%@$o5>
ze3iI7`JyYhigbrj5u)btyi43+wz%W?;H8HkJzN6sV#rW}Zx?|M!)GfP&ejBvwSk}=
zU5LY7jSF2Jq?`6^?-7djU+?bkUHf5wnIp+B3<Xx^<e+nAD2EFdVtu@yVE&a+$8ZXt
z*rp%s%<=5i=q0D~H`M8=UUnj1W@iVHSx&}~FC+3{X#JhIu%Y4zR9qvTSMd1G(^K|t
zM=4?U4l}R^4jdo9d2k>p>Ej34FK}@DxubA!g1KXGaDutxaBzaT6L4^Xx#3I}@OoT#
zjc`Q<biZYF4#-}!UXn~PlE<ghypCXUTGtWfc`bWg3LTyDHxFvA5~m1a?{J6dSE4(~
zqi~I6z3~D9$)4i5B2-{l7nOzHRPb7xb;S3lPK5dIA&jQ3yAsF0-j!%vHoqcXep9?=
z3<p~>k7~C=Y)zBrQ|(S_o==k(Q0*>iUO<x<QtcjUUWn5lOFw#ZIF7pB2<P$ctHS^o
zBLwfFu}vl^hzXQJe~ok;^UOE!diEx}g{G9s<oFSn=?=+bUyHHJ6eyVT`Joy#W<x<s
zOr(O3Tse-J8G}r^uaco@DTzLDkr%{9u-Hu7lavD9beh+nVegE2^KF7p!Tcw|58&?L
zwS+-*m~Il&S-$^JgCYgo9MXb-mrw<r6-BC8DZ-$PFsRC;oaa-{@=Wii%2UNur9Pi8
zt57MFwG?7NL1Cdnp%7E$3OTq9`MmiSk-m$&MPe`T9DW=Z%Zwd<9#=`4uvH#=k>_GB
z0bJ%e?RWuS;~Clf<gpJ387f(%@KS1KVAyfe{mK*kdTz7y^;~OCeue#Uz*V#t3i2EJ
z+l2oe9d5#3<MA&Su7k&2lAA<jO1W|ybC=JtK>Qr<yySCo4dyFj^ZkS8fD>{TCj?D(
z<OJA!;Di`qP?SjmpKFQ`djlM>n@)xZ;1P(7A;5)Na#_G}m>_ruse(dqjs%wW7SBnM
zv%?{U9>A&C=Y;8(*q4On%Gj;I9qF^Td}bSUuTe4cw_%wA_a`h<rdHp9WuD`?$&?pm
z@`214f)JdmFw`L6r;f5b(_M);ROWdzdBj;qzV<s|LF_|90-J!0MHu9)0&r91dC^26
z2O0(7e2Cyx6ySvWqNj>;DsT}=6=0#MLYr_9$tmFV$x*FHmLMD%$yn-eE+KUF^mM8z
z{+``um~P{*DPIXcOrZDJ8t=mzmE2S+m&xP<(DRkS;>v>e8(<I|+8IJvtxkB!2yByB
zb~Y&h)PBC{0iSPr$b-ILfETl@>MyAJ+g%kOK#@jL*;FCl^oWlyOM$GTARjqgfc^D@
z3$PEU>;hQYca&Gi<l{kNB)*n3$dby%m*aBFot1{qm4S!-n7tcw<QE_n6!|=tyw`Pp
z3<}Z?r}ceNF9DrWWlYS$>kKaiMDkMwROKk%2PE;%FJQBR2b&c-F4L$C{FYvzZOX@&
z=W@$?=92Hw&JrN(ct&{r6CO&lU8Sd3n(Hb(!_s_L={f)2AO)rue0T_)n|uuFameXZ
zEtko603(t@<3qXJ(6dP|`S_PSm-~`Gr(Gmy7Yo`Y5G`nz3SmClWkR?%kEXohO|N<F
zN+G<H96yqEqzc}92C)dlA8&a5TOKp-czq$u<O=#B0%nE^`e7_HT+nZz`33qBLOzs6
z3i?q(e#&UUG)B;mh1@v7G+xk8V2x}Q@RWE3nTNc7C}Y|TkW!gk=Mtt0=UhxXn^Ymb
z0*4in7@(YMN6`Y)8v-)UN~59l7E2!yk(q2W^e(y;z35hqugGDAlWqYRR7alaTfu$i
zoz<7IdScP)kBl^n@~{V=!WLADuf*k60*)4-ad7v`m4T4q0nk5$@C?OX|2OYoH@-j-
zPAkWKPh|?Z@}%2s3q^G!nGari2+qTcL8enB3d}Z45<nx$oEq_*MvI~ix(yVf9CRWx
z4U+{E=tPk4)##}dU`)&OA&7A;nGkRSBwD5r3KTBIB&kHNs7F#Z_zf0!j+LhhaE=80
zQUvXWP*6#lA^Ye_@IFth40#x@mcR#`f}sQ)2g#8Czhn?oyGdaBEcQEr)AoyfMW|j<
z&f3jh4Sl^E`bsG?=C0co31cWa_Rh{|-d#QVNomm@{fhS3<m%yICgTNx;6VTbM@n+j
z1TYQUbb;eba$qcklH6=6SIOiz<Y*txg^rNEfX7P&IlDwa!=DEhUsH^i41Ku~=kf}G
zK45Bw5WK0-PN6{+KoejrAk7wZX`ZBI7qYJeAMiN0{3PF0A=Z}_4^mE<@5FXiFU0z_
zlu_I!cqndiQ~cXQ@vov3p=g&VZYn|%>bqfm0kcLL9m~5qK}A!kA{d6;E@*cMc;^rs
z%$h2(nE)^FMq;PX0>9FqA+Yy3`OraDw8LZeS{&2~-mvW8S;g-}8aZ|*Z2K-@HBvo6
zJhS-;^4i^kb`Nq;yI1%^z#A61)B(fNutL<ZfMO8x3qV&w%PaxU1@;~Wy*1wuuE2mq
zQk5ZcJQJEKgad-kBGHt9;*YK()hM9&ldH&UUIO(;yt621?m%&ot5v4C1jQMyqFi&F
zL*4Bxikdx8-0vzXH0z+a#8p&k=0kC&tEkdUg5ok)(MK}`ia)!GYE2dt)14(>O&XL|
zx*Gj7ouJs)S@PGw!PoY4mNc4%P}=N54Zy<-`|m6UYDz;fk2;IR@DmWcE({AoPdO||
zp)CE=yTYKDw}pe>7S4EEnD@5uPxkxN^(%i@Sm9lv!Rxo5*YB`*h0q_p+M92fSDUZR
zV1J%~mqB412y?#H=3Vg@Gm~?`0hP%!@U$6Z=n3Sb7oaQhCm~LChsG(NPYK%0?sGt!
z76ihQ@<0y17ua=h9$pQ~obvEq8U2G*l7El~!_H-n?JVBq*m^F`J+3V%D5sv&t|USD
zl1V$-siv5=)*cX~OYeiiP;>>`NOx3B$AFiM9i7g&=@uU_5|xqUExSy^zc|b9*@pkh
zS^kGH1Dy&H6)i&nwb%yF?;$w9h{R5C3s?M51dqKAKpYpomc-5$XpZwPiw{d%jH-VT
z42MAqVjcFTTI*k_@-E7U-INysr6gb0-xn0LOj6Ld*_GBD0pAGB74VI~JOSgAc~k^X
z_m%sSR{=T!+{%>T&4DHH+ot(~Zh^p_Sgl(q5X~5nJ4Er{95_hILeC^czG;yVC>?n8
z-#|~>(GiGO&|F0XTJjsjG?Y*BD_|zLAPoI;)<?uXIj&AQtdpOR6cENmfYYp7Eb!jb
zNEJfEtLT;pf(GyO^FdcIn^jtxEc8JlNF(30RM0IGWSU|hH0hQL0;9P?z<Y)HEQT%t
z?#)WU6~F&Mx&%TLJs%_F1=RBe&O%C^UyS3e7QXs6zab9r*w_V(RPh!n-m(hz_aSfD
z9SO_6abA~ji>T|Hq*cN{d_z;rd09{azZ9XKZ@ZUJo|lV$(l<GU_}xz&-VZE=AYLxA
zPlF2o@zbDXRDiy&PlF0S@@Y^ZME$D;(;C5@T`Ro*X;2}qU^%Wp2ID2IbFbhXgDych
z?JbD3g1YW6H&NI9<$58sOL21;zK^G#&qcPts(jSt8DE`W$T;%MBd8<k9SN%y|Bevz
zNL;~Iif_A1C5@pe8-%cHx-pcdY!pm|Sd_jQ+Xj@>enyX<Sx)jZOS=PZhg5}U$;7_U
z#WwudraFF6=QW<gG?F?$s@dwiX&XuLEmYDRqML(vQapR{MEH&1|CHl4!0{^0ZKwE-
zGL(G{OG8Vs%M|E_@0db?sOKfx4%iJJbtCqD<OpgSJc&JW$t2w-f##u?V%jWJ-a-~H
z(rpol6Um8#C_rK-b-i)gD*XE!r(pLRr?SwmS+Qp9-<FX7Zw%P4w_spmz;YQ3Pz#bM
Mg9DHc0Jc!!L}z*R?*IS*

diff --git a/program/js/tinymce/plugins/media/plugin.min.js b/program/js/tinymce/plugins/media/plugin.min.js
index f7eff6c4047..852aa9168b0 100644
--- a/program/js/tinymce/plugins/media/plugin.min.js
+++ b/program/js/tinymce/plugins/media/plugin.min.js
@@ -1 +1 @@
-tinymce.PluginManager.add("media",function(a,b){function c(a){return a=a.toLowerCase(),-1!=a.indexOf(".mp3")?"audio/mpeg":-1!=a.indexOf(".wav")?"audio/wav":-1!=a.indexOf(".mp4")?"video/mp4":-1!=a.indexOf(".webm")?"video/webm":-1!=a.indexOf(".ogg")?"video/ogg":-1!=a.indexOf(".swf")?"application/x-shockwave-flash":""}function d(b){var c=a.settings.media_scripts;if(c)for(var d=0;d<c.length;d++)if(-1!==b.indexOf(c[d].filter))return c[d]}function e(){function b(a){var b,c,f,g;b=d.find("#width")[0],c=d.find("#height")[0],f=b.value(),g=c.value(),d.find("#constrain")[0].checked()&&e&&j&&f&&g&&(a.control==b?(g=Math.round(f/e*g),isNaN(g)||c.value(g)):(f=Math.round(g/j*f),isNaN(f)||b.value(f))),e=f,j=g}function c(){k=h(this.value()),this.parent().parent().fromJSON(k)}var d,e,j,k,l=[{name:"source1",type:"filepicker",filetype:"media",size:40,autofocus:!0,label:"Source",onchange:function(a){tinymce.each(a.meta,function(a,b){d.find("#"+b).value(a)})}}];a.settings.media_alt_source!==!1&&l.push({name:"source2",type:"filepicker",filetype:"media",size:40,label:"Alternative source"}),a.settings.media_poster!==!1&&l.push({name:"poster",type:"filepicker",filetype:"image",size:40,label:"Poster"}),a.settings.media_dimensions!==!1&&l.push({type:"container",label:"Dimensions",layout:"flex",align:"center",spacing:5,items:[{name:"width",type:"textbox",maxLength:5,size:3,onchange:b,ariaLabel:"Width"},{type:"label",text:"x"},{name:"height",type:"textbox",maxLength:5,size:3,onchange:b,ariaLabel:"Height"},{name:"constrain",type:"checkbox",checked:!0,text:"Constrain proportions"}]}),k=i(a.selection.getNode()),e=k.width,j=k.height;var m={id:"mcemediasource",type:"textbox",flex:1,name:"embed",value:f(),multiline:!0,label:"Source"};m[p]=c,d=a.windowManager.open({title:"Insert/edit video",data:k,bodyType:"tabpanel",body:[{title:"General",type:"form",onShowTab:function(){k=h(this.next().find("#embed").value()),this.fromJSON(k)},items:l},{title:"Embed",type:"container",layout:"flex",direction:"column",align:"stretch",padding:10,spacing:10,onShowTab:function(){this.find("#embed").value(g(this.parent().toJSON()))},items:[{type:"label",text:"Paste your embed code below:",forId:"mcemediasource"},m]}],onSubmit:function(){var b,c,d,e;for(b=a.dom.select("img[data-mce-object]"),a.insertContent(g(this.toJSON())),c=a.dom.select("img[data-mce-object]"),d=0;d<b.length;d++)for(e=c.length-1;e>=0;e--)b[d]==c[e]&&c.splice(e,1);a.selection.select(c[0]),a.nodeChanged()}})}function f(){var b=a.selection.getNode();return b.getAttribute("data-mce-object")?a.selection.getContent():void 0}function g(e){var f="";if(!e.source1&&(tinymce.extend(e,h(e.embed)),!e.source1))return"";if(e.source2||(e.source2=""),e.poster||(e.poster=""),e.source1=a.convertURL(e.source1,"source"),e.source2=a.convertURL(e.source2,"source"),e.source1mime=c(e.source1),e.source2mime=c(e.source2),e.poster=a.convertURL(e.poster,"poster"),e.flashPlayerUrl=a.convertURL(b+"/moxieplayer.swf","movie"),tinymce.each(o,function(a){var b,c,d;if(b=a.regex.exec(e.source1)){for(d=a.url,c=0;b[c];c++)d=d.replace("$"+c,function(){return b[c]});e.source1=d,e.type=a.type,e.allowFullscreen=a.allowFullscreen,e.width=e.width||a.w,e.height=e.height||a.h}}),e.embed)f=k(e.embed,e,!0);else{var g=d(e.source1);if(g&&(e.type="script",e.width=g.width,e.height=g.height),e.width=e.width||300,e.height=e.height||150,tinymce.each(e,function(b,c){e[c]=a.dom.encode(b)}),"iframe"==e.type){var i=e.allowFullscreen?' allowFullscreen="1"':"";f+='<iframe src="'+e.source1+'" width="'+e.width+'" height="'+e.height+'"'+i+"></iframe>"}else"application/x-shockwave-flash"==e.source1mime?(f+='<object data="'+e.source1+'" width="'+e.width+'" height="'+e.height+'" type="application/x-shockwave-flash">',e.poster&&(f+='<img src="'+e.poster+'" width="'+e.width+'" height="'+e.height+'" />'),f+="</object>"):-1!=e.source1mime.indexOf("audio")?a.settings.audio_template_callback?f=a.settings.audio_template_callback(e):f+='<audio controls="controls" src="'+e.source1+'">'+(e.source2?'\n<source src="'+e.source2+'"'+(e.source2mime?' type="'+e.source2mime+'"':"")+" />\n":"")+"</audio>":"script"==e.type?f+='<script src="'+e.source1+'"></script>':f=a.settings.video_template_callback?a.settings.video_template_callback(e):'<video width="'+e.width+'" height="'+e.height+'"'+(e.poster?' poster="'+e.poster+'"':"")+' controls="controls">\n<source src="'+e.source1+'"'+(e.source1mime?' type="'+e.source1mime+'"':"")+" />\n"+(e.source2?'<source src="'+e.source2+'"'+(e.source2mime?' type="'+e.source2mime+'"':"")+" />\n":"")+"</video>"}return f}function h(a){var b={};return new tinymce.html.SaxParser({validate:!1,allow_conditional_comments:!0,special:"script,noscript",start:function(a,c){if(b.source1||"param"!=a||(b.source1=c.map.movie),"iframe"!=a&&"object"!=a&&"embed"!=a&&"video"!=a&&"audio"!=a||(b.type||(b.type=a),b=tinymce.extend(c.map,b)),"script"==a){var e=d(c.map.src);if(!e)return;b={type:"script",source1:c.map.src,width:e.width,height:e.height}}"source"==a&&(b.source1?b.source2||(b.source2=c.map.src):b.source1=c.map.src),"img"!=a||b.poster||(b.poster=c.map.src)}}).parse(a),b.source1=b.source1||b.src||b.data,b.source2=b.source2||"",b.poster=b.poster||"",b}function i(b){return b.getAttribute("data-mce-object")?h(a.serializer.serialize(b,{selection:!0})):{}}function j(b){if(a.settings.media_filter_html===!1)return b;var c,d=new tinymce.html.Writer;return new tinymce.html.SaxParser({validate:!1,allow_conditional_comments:!1,special:"script,noscript",comment:function(a){d.comment(a)},cdata:function(a){d.cdata(a)},text:function(a,b){d.text(a,b)},start:function(b,e,f){if(c=!0,"script"!=b&&"noscript"!=b){for(var g=0;g<e.length;g++){if(0===e[g].name.indexOf("on"))return;"style"==e[g].name&&(e[g].value=a.dom.serializeStyle(a.dom.parseStyle(e[g].value),b))}d.start(b,e,f),c=!1}},end:function(a){c||d.end(a)}},new tinymce.html.Schema({})).parse(b),d.getContent()}function k(a,b,c){function d(a,b){var c,d,e,f;for(c in b)if(e=""+b[c],a.map[c])for(d=a.length;d--;)f=a[d],f.name==c&&(e?(a.map[c]=e,f.value=e):(delete a.map[c],a.splice(d,1)));else e&&(a.push({name:c,value:e}),a.map[c]=e)}var e,f=new tinymce.html.Writer,g=0;return new tinymce.html.SaxParser({validate:!1,allow_conditional_comments:!0,special:"script,noscript",comment:function(a){f.comment(a)},cdata:function(a){f.cdata(a)},text:function(a,b){f.text(a,b)},start:function(a,h,i){switch(a){case"video":case"object":case"embed":case"img":case"iframe":d(h,{width:b.width,height:b.height})}if(c)switch(a){case"video":d(h,{poster:b.poster,src:""}),b.source2&&d(h,{src:""});break;case"iframe":d(h,{src:b.source1});break;case"source":if(g++,2>=g&&(d(h,{src:b["source"+g],type:b["source"+g+"mime"]}),!b["source"+g]))return;break;case"img":if(!b.poster)return;e=!0}f.start(a,h,i)},end:function(a){if("video"==a&&c)for(var h=1;2>=h;h++)if(b["source"+h]){var i=[];i.map={},h>g&&(d(i,{src:b["source"+h],type:b["source"+h+"mime"]}),f.start("source",i,!0))}if(b.poster&&"object"==a&&c&&!e){var j=[];j.map={},d(j,{src:b.poster,width:b.width,height:b.height}),f.start("img",j,!0)}f.end(a)}},new tinymce.html.Schema({})).parse(a),f.getContent()}function l(b,c){var d,e,f,g,h;for(f=b.attributes,g=f.length;g--;)d=f[g].name,e=f[g].value,"width"!==d&&"height"!==d&&"style"!==d&&("data"!=d&&"src"!=d||(e=a.convertURL(e,d)),c.attr("data-mce-p-"+d,e));h=b.firstChild&&b.firstChild.value,h&&(c.attr("data-mce-html",escape(h)),c.firstChild=null)}function m(a){var b,c=a.name;return b=new tinymce.html.Node("img",1),b.shortEnded=!0,l(a,b),b.attr({width:a.attr("width")||"300",height:a.attr("height")||("audio"==c?"30":"150"),style:a.attr("style"),src:tinymce.Env.transparentSrc,"data-mce-object":c,"class":"mce-object mce-object-"+c}),b}function n(a){var b,c,d,e=a.name;return b=new tinymce.html.Node("span",1),b.attr({contentEditable:"false",style:a.attr("style"),"data-mce-object":e,"class":"mce-preview-object mce-object-"+e}),l(a,b),c=new tinymce.html.Node(e,1),c.attr({src:a.attr("src"),allowfullscreen:a.attr("allowfullscreen"),width:a.attr("width")||"300",height:a.attr("height")||("audio"==e?"30":"150"),frameborder:"0"}),d=new tinymce.html.Node("span",1),d.attr("class","mce-shim"),b.append(c),b.append(d),b}var o=[{regex:/youtu\.be\/([\w\-.]+)/,type:"iframe",w:560,h:314,url:"//www.youtube.com/embed/$1",allowFullscreen:!0},{regex:/youtube\.com(.+)v=([^&]+)/,type:"iframe",w:560,h:314,url:"//www.youtube.com/embed/$2",allowFullscreen:!0},{regex:/youtube.com\/embed\/([a-z0-9\-_]+(?:\?.+)?)/i,type:"iframe",w:560,h:314,url:"//www.youtube.com/embed/$1",allowFullscreen:!0},{regex:/vimeo\.com\/([0-9]+)/,type:"iframe",w:425,h:350,url:"//player.vimeo.com/video/$1?title=0&byline=0&portrait=0&color=8dc7dc",allowfullscreen:!0},{regex:/vimeo\.com\/(.*)\/([0-9]+)/,type:"iframe",w:425,h:350,url:"//player.vimeo.com/video/$2?title=0&amp;byline=0",allowfullscreen:!0},{regex:/maps\.google\.([a-z]{2,3})\/maps\/(.+)msid=(.+)/,type:"iframe",w:425,h:350,url:'//maps.google.com/maps/ms?msid=$2&output=embed"',allowFullscreen:!1},{regex:/dailymotion\.com\/video\/([^_]+)/,type:"iframe",w:480,h:270,url:"//www.dailymotion.com/embed/video/$1",allowFullscreen:!0}],p=tinymce.Env.ie&&tinymce.Env.ie<=8?"onChange":"onInput";a.on("ResolveName",function(a){var b;1==a.target.nodeType&&(b=a.target.getAttribute("data-mce-object"))&&(a.name=b)}),a.on("preInit",function(){var b=a.schema.getSpecialElements();tinymce.each("video audio iframe object".split(" "),function(a){b[a]=new RegExp("</"+a+"[^>]*>","gi")});var c=a.schema.getBoolAttrs();tinymce.each("webkitallowfullscreen mozallowfullscreen allowfullscreen".split(" "),function(a){c[a]={}}),a.parser.addNodeFilter("iframe,video,audio,object,embed,script",function(b){for(var c,e,f,g=b.length;g--;)c=b[g],c.parent&&(c.parent.attr("data-mce-object")||("script"!=c.name||(f=d(c.attr("src"))))&&(f&&(f.width&&c.attr("width",f.width.toString()),f.height&&c.attr("height",f.height.toString())),e="iframe"==c.name&&a.settings.media_live_embeds!==!1&&tinymce.Env.ceFalse?n(c):m(c),c.replace(e)))}),a.serializer.addAttributeFilter("data-mce-object",function(a,b){for(var c,d,e,f,g,h,i,k,l=a.length;l--;)if(c=a[l],c.parent){for(i=c.attr(b),d=new tinymce.html.Node(i,1),"audio"!=i&&"script"!=i&&(k=c.attr("class"),k&&-1!==k.indexOf("mce-preview-object")?d.attr({width:c.firstChild.attr("width"),height:c.firstChild.attr("height")}):d.attr({width:c.attr("width"),height:c.attr("height")})),d.attr({style:c.attr("style")}),f=c.attributes,e=f.length;e--;){var m=f[e].name;0===m.indexOf("data-mce-p-")&&d.attr(m.substr(11),f[e].value)}"script"==i&&d.attr("type","text/javascript"),g=c.attr("data-mce-html"),g&&(h=new tinymce.html.Node("#text",3),h.raw=!0,h.value=j(unescape(g)),d.append(h)),c.replace(d)}})}),a.on("click keyup",function(){var b=a.selection.getNode();b&&a.dom.hasClass(b,"mce-preview-object")&&a.dom.getAttrib(b,"data-mce-selected")&&b.setAttribute("data-mce-selected","2")}),a.on("ObjectSelected",function(a){var b=a.target.getAttribute("data-mce-object");"audio"!=b&&"script"!=b||a.preventDefault()}),a.on("objectResized",function(a){var b,c=a.target;c.getAttribute("data-mce-object")&&(b=c.getAttribute("data-mce-html"),b&&(b=unescape(b),c.setAttribute("data-mce-html",escape(k(b,{width:a.width,height:a.height})))))}),a.addButton("media",{tooltip:"Insert/edit video",onclick:e,stateSelector:["img[data-mce-object]","span[data-mce-object]"]}),a.addMenuItem("media",{icon:"media",text:"Insert/edit video",onclick:e,context:"insert",prependToContext:!0}),a.on("setContent",function(){a.$("span.mce-preview-object").each(function(b,c){var d=a.$(c);0===d.find("span.mce-shim",c).length&&d.append('<span class="mce-shim"></span>')})}),a.addCommand("mceMedia",e),this.showDialog=e});
\ No newline at end of file
+tinymce.PluginManager.add("media",function(a){function c(a){return a=a.toLowerCase(),-1!=a.indexOf(".mp3")?"audio/mpeg":-1!=a.indexOf(".wav")?"audio/wav":-1!=a.indexOf(".mp4")?"video/mp4":-1!=a.indexOf(".webm")?"video/webm":-1!=a.indexOf(".ogg")?"video/ogg":-1!=a.indexOf(".swf")?"application/x-shockwave-flash":""}function d(b){var c=a.settings.media_scripts;if(c)for(var d=0;d<c.length;d++)if(-1!==b.indexOf(c[d].filter))return c[d]}function e(){function b(a){var b,c,f,g;b=d.find("#width")[0],c=d.find("#height")[0],f=b.value(),g=c.value(),d.find("#constrain")[0].checked()&&e&&j&&f&&g&&(a.control==b?(g=Math.round(f/e*g),isNaN(g)||c.value(g)):(f=Math.round(g/j*f),isNaN(f)||b.value(f))),e=f,j=g}function c(){k=h(this.value()),this.parent().parent().fromJSON(k)}var d,e,j,k,l=[{name:"source1",type:"filepicker",filetype:"media",size:40,autofocus:!0,label:"Source",onchange:function(a){tinymce.each(a.meta,function(a,b){d.find("#"+b).value(a)})}}];a.settings.media_alt_source!==!1&&l.push({name:"source2",type:"filepicker",filetype:"media",size:40,label:"Alternative source"}),a.settings.media_poster!==!1&&l.push({name:"poster",type:"filepicker",filetype:"image",size:40,label:"Poster"}),a.settings.media_dimensions!==!1&&l.push({type:"container",label:"Dimensions",layout:"flex",align:"center",spacing:5,items:[{name:"width",type:"textbox",maxLength:5,size:3,onchange:b,ariaLabel:"Width"},{type:"label",text:"x"},{name:"height",type:"textbox",maxLength:5,size:3,onchange:b,ariaLabel:"Height"},{name:"constrain",type:"checkbox",checked:!0,text:"Constrain proportions"}]}),k=i(a.selection.getNode()),e=k.width,j=k.height;var m={id:"mcemediasource",type:"textbox",flex:1,name:"embed",value:f(),multiline:!0,label:"Source"};m[p]=c,d=a.windowManager.open({title:"Insert/edit video",data:k,bodyType:"tabpanel",body:[{title:"General",type:"form",onShowTab:function(){k=h(this.next().find("#embed").value()),this.fromJSON(k)},items:l},{title:"Embed",type:"container",layout:"flex",direction:"column",align:"stretch",padding:10,spacing:10,onShowTab:function(){this.find("#embed").value(g(this.parent().toJSON()))},items:[{type:"label",text:"Paste your embed code below:",forId:"mcemediasource"},m]}],onSubmit:function(){var b,c,d,e;for(b=a.dom.select("img[data-mce-object]"),a.insertContent(g(this.toJSON())),c=a.dom.select("img[data-mce-object]"),d=0;d<b.length;d++)for(e=c.length-1;e>=0;e--)b[d]==c[e]&&c.splice(e,1);a.selection.select(c[0]),a.nodeChanged()}})}function f(){var b=a.selection.getNode();return b.getAttribute("data-mce-object")?a.selection.getContent():void 0}function g(e){var f="";if(!e.source1&&(tinymce.extend(e,h(e.embed)),!e.source1))return"";if(e.source2||(e.source2=""),e.poster||(e.poster=""),e.source1=a.convertURL(e.source1,"source"),e.source2=a.convertURL(e.source2,"source"),e.source1mime=c(e.source1),e.source2mime=c(e.source2),e.poster=a.convertURL(e.poster,"poster"),tinymce.each(o,function(a){var b,c,d;if(b=a.regex.exec(e.source1)){for(d=a.url,c=0;b[c];c++)d=d.replace("$"+c,function(){return b[c]});e.source1=d,e.type=a.type,e.allowFullscreen=a.allowFullscreen,e.width=e.width||a.w,e.height=e.height||a.h}}),e.embed)f=k(e.embed,e,!0);else{var g=d(e.source1);if(g&&(e.type="script",e.width=g.width,e.height=g.height),e.width=e.width||300,e.height=e.height||150,tinymce.each(e,function(b,c){e[c]=a.dom.encode(b)}),"iframe"==e.type){var i=e.allowFullscreen?' allowFullscreen="1"':"";f+='<iframe src="'+e.source1+'" width="'+e.width+'" height="'+e.height+'"'+i+"></iframe>"}else"application/x-shockwave-flash"==e.source1mime?(f+='<object data="'+e.source1+'" width="'+e.width+'" height="'+e.height+'" type="application/x-shockwave-flash">',e.poster&&(f+='<img src="'+e.poster+'" width="'+e.width+'" height="'+e.height+'" />'),f+="</object>"):-1!=e.source1mime.indexOf("audio")?a.settings.audio_template_callback?f=a.settings.audio_template_callback(e):f+='<audio controls="controls" src="'+e.source1+'">'+(e.source2?'\n<source src="'+e.source2+'"'+(e.source2mime?' type="'+e.source2mime+'"':"")+" />\n":"")+"</audio>":"script"==e.type?f+='<script src="'+e.source1+'"></script>':f=a.settings.video_template_callback?a.settings.video_template_callback(e):'<video width="'+e.width+'" height="'+e.height+'"'+(e.poster?' poster="'+e.poster+'"':"")+' controls="controls">\n<source src="'+e.source1+'"'+(e.source1mime?' type="'+e.source1mime+'"':"")+" />\n"+(e.source2?'<source src="'+e.source2+'"'+(e.source2mime?' type="'+e.source2mime+'"':"")+" />\n":"")+"</video>"}return f}function h(a){var b={};return new tinymce.html.SaxParser({validate:!1,allow_conditional_comments:!0,special:"script,noscript",start:function(a,c){if(b.source1||"param"!=a||(b.source1=c.map.movie),"iframe"!=a&&"object"!=a&&"embed"!=a&&"video"!=a&&"audio"!=a||(b.type||(b.type=a),b=tinymce.extend(c.map,b)),"script"==a){var e=d(c.map.src);if(!e)return;b={type:"script",source1:c.map.src,width:e.width,height:e.height}}"source"==a&&(b.source1?b.source2||(b.source2=c.map.src):b.source1=c.map.src),"img"!=a||b.poster||(b.poster=c.map.src)}}).parse(a),b.source1=b.source1||b.src||b.data,b.source2=b.source2||"",b.poster=b.poster||"",b}function i(b){return b.getAttribute("data-mce-object")?h(a.serializer.serialize(b,{selection:!0})):{}}function j(b){if(a.settings.media_filter_html===!1)return b;var c,d=new tinymce.html.Writer;return new tinymce.html.SaxParser({validate:!1,allow_conditional_comments:!1,special:"script,noscript",comment:function(a){d.comment(a)},cdata:function(a){d.cdata(a)},text:function(a,b){d.text(a,b)},start:function(b,e,f){if(c=!0,"script"!=b&&"noscript"!=b){for(var g=0;g<e.length;g++){if(0===e[g].name.indexOf("on"))return;"style"==e[g].name&&(e[g].value=a.dom.serializeStyle(a.dom.parseStyle(e[g].value),b))}d.start(b,e,f),c=!1}},end:function(a){c||d.end(a)}},new tinymce.html.Schema({})).parse(b),d.getContent()}function k(a,b,c){function d(a,b){var c,d,e,f;for(c in b)if(e=""+b[c],a.map[c])for(d=a.length;d--;)f=a[d],f.name==c&&(e?(a.map[c]=e,f.value=e):(delete a.map[c],a.splice(d,1)));else e&&(a.push({name:c,value:e}),a.map[c]=e)}var e,f=new tinymce.html.Writer,g=0;return new tinymce.html.SaxParser({validate:!1,allow_conditional_comments:!0,special:"script,noscript",comment:function(a){f.comment(a)},cdata:function(a){f.cdata(a)},text:function(a,b){f.text(a,b)},start:function(a,h,i){switch(a){case"video":case"object":case"embed":case"img":case"iframe":d(h,{width:b.width,height:b.height})}if(c)switch(a){case"video":d(h,{poster:b.poster,src:""}),b.source2&&d(h,{src:""});break;case"iframe":d(h,{src:b.source1});break;case"source":if(g++,2>=g&&(d(h,{src:b["source"+g],type:b["source"+g+"mime"]}),!b["source"+g]))return;break;case"img":if(!b.poster)return;e=!0}f.start(a,h,i)},end:function(a){if("video"==a&&c)for(var h=1;2>=h;h++)if(b["source"+h]){var i=[];i.map={},h>g&&(d(i,{src:b["source"+h],type:b["source"+h+"mime"]}),f.start("source",i,!0))}if(b.poster&&"object"==a&&c&&!e){var j=[];j.map={},d(j,{src:b.poster,width:b.width,height:b.height}),f.start("img",j,!0)}f.end(a)}},new tinymce.html.Schema({})).parse(a),f.getContent()}function l(b,c){var d,e,f,g,h;for(f=b.attributes,g=f.length;g--;)d=f[g].name,e=f[g].value,"width"!==d&&"height"!==d&&"style"!==d&&("data"!=d&&"src"!=d||(e=a.convertURL(e,d)),c.attr("data-mce-p-"+d,e));h=b.firstChild&&b.firstChild.value,h&&(c.attr("data-mce-html",escape(h)),c.firstChild=null)}function m(a){var b,c=a.name;return b=new tinymce.html.Node("img",1),b.shortEnded=!0,l(a,b),b.attr({width:a.attr("width")||"300",height:a.attr("height")||("audio"==c?"30":"150"),style:a.attr("style"),src:tinymce.Env.transparentSrc,"data-mce-object":c,"class":"mce-object mce-object-"+c}),b}function n(a){var b,c,d,e=a.name;return b=new tinymce.html.Node("span",1),b.attr({contentEditable:"false",style:a.attr("style"),"data-mce-object":e,"class":"mce-preview-object mce-object-"+e}),l(a,b),c=new tinymce.html.Node(e,1),c.attr({src:a.attr("src"),allowfullscreen:a.attr("allowfullscreen"),width:a.attr("width")||"300",height:a.attr("height")||("audio"==e?"30":"150"),frameborder:"0"}),d=new tinymce.html.Node("span",1),d.attr("class","mce-shim"),b.append(c),b.append(d),b}var o=[{regex:/youtu\.be\/([\w\-.]+)/,type:"iframe",w:560,h:314,url:"//www.youtube.com/embed/$1",allowFullscreen:!0},{regex:/youtube\.com(.+)v=([^&]+)/,type:"iframe",w:560,h:314,url:"//www.youtube.com/embed/$2",allowFullscreen:!0},{regex:/youtube.com\/embed\/([a-z0-9\-_]+(?:\?.+)?)/i,type:"iframe",w:560,h:314,url:"//www.youtube.com/embed/$1",allowFullscreen:!0},{regex:/vimeo\.com\/([0-9]+)/,type:"iframe",w:425,h:350,url:"//player.vimeo.com/video/$1?title=0&byline=0&portrait=0&color=8dc7dc",allowfullscreen:!0},{regex:/vimeo\.com\/(.*)\/([0-9]+)/,type:"iframe",w:425,h:350,url:"//player.vimeo.com/video/$2?title=0&amp;byline=0",allowfullscreen:!0},{regex:/maps\.google\.([a-z]{2,3})\/maps\/(.+)msid=(.+)/,type:"iframe",w:425,h:350,url:'//maps.google.com/maps/ms?msid=$2&output=embed"',allowFullscreen:!1},{regex:/dailymotion\.com\/video\/([^_]+)/,type:"iframe",w:480,h:270,url:"//www.dailymotion.com/embed/video/$1",allowFullscreen:!0}],p=tinymce.Env.ie&&tinymce.Env.ie<=8?"onChange":"onInput";a.on("ResolveName",function(a){var b;1==a.target.nodeType&&(b=a.target.getAttribute("data-mce-object"))&&(a.name=b)}),a.on("preInit",function(){var b=a.schema.getSpecialElements();tinymce.each("video audio iframe object".split(" "),function(a){b[a]=new RegExp("</"+a+"[^>]*>","gi")});var c=a.schema.getBoolAttrs();tinymce.each("webkitallowfullscreen mozallowfullscreen allowfullscreen".split(" "),function(a){c[a]={}}),a.parser.addNodeFilter("iframe,video,audio,object,embed,script",function(b){for(var c,e,f,g=b.length;g--;)c=b[g],c.parent&&(c.parent.attr("data-mce-object")||("script"!=c.name||(f=d(c.attr("src"))))&&(f&&(f.width&&c.attr("width",f.width.toString()),f.height&&c.attr("height",f.height.toString())),e="iframe"==c.name&&a.settings.media_live_embeds!==!1&&tinymce.Env.ceFalse?n(c):m(c),c.replace(e)))}),a.serializer.addAttributeFilter("data-mce-object",function(a,b){for(var c,d,e,f,g,h,i,k,l=a.length;l--;)if(c=a[l],c.parent){for(i=c.attr(b),d=new tinymce.html.Node(i,1),"audio"!=i&&"script"!=i&&(k=c.attr("class"),k&&-1!==k.indexOf("mce-preview-object")?d.attr({width:c.firstChild.attr("width"),height:c.firstChild.attr("height")}):d.attr({width:c.attr("width"),height:c.attr("height")})),d.attr({style:c.attr("style")}),f=c.attributes,e=f.length;e--;){var m=f[e].name;0===m.indexOf("data-mce-p-")&&d.attr(m.substr(11),f[e].value)}"script"==i&&d.attr("type","text/javascript"),g=c.attr("data-mce-html"),g&&(h=new tinymce.html.Node("#text",3),h.raw=!0,h.value=j(unescape(g)),d.append(h)),c.replace(d)}})}),a.on("click keyup",function(){var b=a.selection.getNode();b&&a.dom.hasClass(b,"mce-preview-object")&&a.dom.getAttrib(b,"data-mce-selected")&&b.setAttribute("data-mce-selected","2")}),a.on("ObjectSelected",function(a){var b=a.target.getAttribute("data-mce-object");"audio"!=b&&"script"!=b||a.preventDefault()}),a.on("objectResized",function(a){var b,c=a.target;c.getAttribute("data-mce-object")&&(b=c.getAttribute("data-mce-html"),b&&(b=unescape(b),c.setAttribute("data-mce-html",escape(k(b,{width:a.width,height:a.height})))))}),a.addButton("media",{tooltip:"Insert/edit video",onclick:e,stateSelector:["img[data-mce-object]","span[data-mce-object]"]}),a.addMenuItem("media",{icon:"media",text:"Insert/edit video",onclick:e,context:"insert",prependToContext:!0}),a.on("setContent",function(){a.$("span.mce-preview-object").each(function(b,c){var d=a.$(c);0===d.find("span.mce-shim",c).length&&d.append('<span class="mce-shim"></span>')})}),a.addCommand("mceMedia",e),this.showDialog=e});
\ No newline at end of file

From 391d0d203977e12cad7a8c856fcf97f3b8f4fb55 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 1 Nov 2016 18:26:47 +0100
Subject: [PATCH 12/24] Remove "@version @package_version@"

---
 plugins/acl/acl.js                                             | 3 ---
 plugins/acl/acl.php                                            | 1 -
 .../additional_message_headers/additional_message_headers.php  | 1 -
 plugins/attachment_reminder/attachment_reminder.php            | 1 -
 plugins/database_attachments/database_attachments.php          | 1 -
 plugins/debug_logger/debug_logger.php                          | 1 -
 plugins/emoticons/emoticons.php                                | 1 -
 plugins/hide_blockquote/hide_blockquote.php                    | 1 -
 plugins/http_authentication/http_authentication.php            | 1 -
 plugins/identity_select/identity_select.php                    | 1 -
 plugins/krb_authentication/krb_authentication.php              | 1 -
 plugins/managesieve/managesieve.php                            | 1 -
 plugins/markasjunk/markasjunk.php                              | 1 -
 plugins/new_user_dialog/new_user_dialog.php                    | 1 -
 plugins/new_user_identity/new_user_identity.php                | 1 -
 plugins/newmail_notifier/newmail_notifier.php                  | 1 -
 plugins/password/README                                        | 1 -
 plugins/password/password.php                                  | 1 -
 plugins/show_additional_headers/show_additional_headers.php    | 1 -
 plugins/subscriptions_option/subscriptions_option.php          | 1 -
 plugins/vcard_attachments/vcard_attachments.php                | 1 -
 plugins/virtuser_file/virtuser_file.php                        | 1 -
 plugins/virtuser_query/virtuser_query.php                      | 1 -
 23 files changed, 25 deletions(-)

diff --git a/plugins/acl/acl.js b/plugins/acl/acl.js
index 364765047d4..1b92ed86d63 100644
--- a/plugins/acl/acl.js
+++ b/plugins/acl/acl.js
@@ -1,8 +1,5 @@
 /**
  * ACL plugin script
- *
- * @version @package_version@
- * @author Aleksander Machniak <alec@alec.pl>
  */
 
 if (window.rcmail) {
diff --git a/plugins/acl/acl.php b/plugins/acl/acl.php
index 30b5da99fef..9896d7a13ae 100644
--- a/plugins/acl/acl.php
+++ b/plugins/acl/acl.php
@@ -3,7 +3,6 @@
 /**
  * Folders Access Control Lists Management (RFC4314, RFC2086)
  *
- * @version @package_version@
  * @author Aleksander Machniak <alec@alec.pl>
  *
  * Copyright (C) 2011-2012, Kolab Systems AG
diff --git a/plugins/additional_message_headers/additional_message_headers.php b/plugins/additional_message_headers/additional_message_headers.php
index 58e4d414816..4db93ee69d0 100644
--- a/plugins/additional_message_headers/additional_message_headers.php
+++ b/plugins/additional_message_headers/additional_message_headers.php
@@ -9,7 +9,6 @@
  * Enable the plugin in config.inc.php and add your desired headers:
  * $config['additional_message_headers'] = array('User-Agent' => 'My-Very-Own-Webmail');
  *
- * @version @package_version@
  * @author Ziba Scott
  * @website http://roundcube.net
  */
diff --git a/plugins/attachment_reminder/attachment_reminder.php b/plugins/attachment_reminder/attachment_reminder.php
index 84cc5f3b32e..74df25f61e4 100644
--- a/plugins/attachment_reminder/attachment_reminder.php
+++ b/plugins/attachment_reminder/attachment_reminder.php
@@ -4,7 +4,6 @@
  *
  * A plugin that reminds a user to attach the files
  *
- * @version @package_version@
  * @author Thomas Yu - Sian, Liu
  * @author Aleksander Machniak <machniak@kolabsys.com>
  *
diff --git a/plugins/database_attachments/database_attachments.php b/plugins/database_attachments/database_attachments.php
index aacafae4e0b..91335d4cf5b 100644
--- a/plugins/database_attachments/database_attachments.php
+++ b/plugins/database_attachments/database_attachments.php
@@ -12,7 +12,6 @@
  *
  * @author Ziba Scott <ziba@umich.edu>
  * @author Aleksander Machniak <alec@alec.pl>
- * @version @package_version@
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2
diff --git a/plugins/debug_logger/debug_logger.php b/plugins/debug_logger/debug_logger.php
index c66b8b6acff..98758ae3c1a 100644
--- a/plugins/debug_logger/debug_logger.php
+++ b/plugins/debug_logger/debug_logger.php
@@ -15,7 +15,6 @@
  * Enable the plugin in config.inc.php and add your desired
  * log types and files.
  *
- * @version @package_version@
  * @author Ziba Scott
  * @website http://roundcube.net
  *
diff --git a/plugins/emoticons/emoticons.php b/plugins/emoticons/emoticons.php
index d5f0e9a162d..18c4e149d65 100644
--- a/plugins/emoticons/emoticons.php
+++ b/plugins/emoticons/emoticons.php
@@ -6,7 +6,6 @@
  * Plugin to replace emoticons in plain text message body with real icons.
  * Also it enables emoticons in HTML compose editor. Both features are optional.
  *
- * @version @package_version@
  * @license GNU GPLv3+
  * @author Thomas Bruederli
  * @author Aleksander Machniak
diff --git a/plugins/hide_blockquote/hide_blockquote.php b/plugins/hide_blockquote/hide_blockquote.php
index cf999be67b4..e3a4684a3d6 100644
--- a/plugins/hide_blockquote/hide_blockquote.php
+++ b/plugins/hide_blockquote/hide_blockquote.php
@@ -10,7 +10,6 @@
  * // 0 - no limit (no hidding).
  * $config['hide_blockquote_limit'] = 0;
  *
- * @version @package_version@
  * @license GNU GPLv3+
  * @author Aleksander Machniak <alec@alec.pl>
  */
diff --git a/plugins/http_authentication/http_authentication.php b/plugins/http_authentication/http_authentication.php
index d3be5b7f5ee..e84cda243bf 100644
--- a/plugins/http_authentication/http_authentication.php
+++ b/plugins/http_authentication/http_authentication.php
@@ -13,7 +13,6 @@
  *
  * For other configuration options, see config.inc.php.dist!
  *
- * @version @package_version@
  * @license GNU GPLv3+
  * @author Thomas Bruederli
  */
diff --git a/plugins/identity_select/identity_select.php b/plugins/identity_select/identity_select.php
index 7973b5dadef..7909ebb61cb 100644
--- a/plugins/identity_select/identity_select.php
+++ b/plugins/identity_select/identity_select.php
@@ -12,7 +12,6 @@
  * Enable the plugin in config.inc.php and add your desired headers:
  *   $config['identity_select_headers'] = array('Delivered-To');
  *
- * @version @package_version@
  * @author Aleksander Machniak <alec@alec.pl>
  * @license GNU GPLv3+
  */
diff --git a/plugins/krb_authentication/krb_authentication.php b/plugins/krb_authentication/krb_authentication.php
index fe6f843cc8e..00a323fd32e 100644
--- a/plugins/krb_authentication/krb_authentication.php
+++ b/plugins/krb_authentication/krb_authentication.php
@@ -8,7 +8,6 @@
  *
  * For other configuration options, see config.inc.php.dist!
  *
- * @version @package_version@
  * @license GNU GPLv3+
  * @author Jeroen van Meeuwen
  */
diff --git a/plugins/managesieve/managesieve.php b/plugins/managesieve/managesieve.php
index 68d56a1ab6a..336479a9722 100644
--- a/plugins/managesieve/managesieve.php
+++ b/plugins/managesieve/managesieve.php
@@ -7,7 +7,6 @@
  * It's clickable interface which operates on text scripts and communicates
  * with server using managesieve protocol. Adds Filters tab in Settings.
  *
- * @version @package_version@
  * @author Aleksander Machniak <alec@alec.pl>
  *
  * Configuration (see config.inc.php.dist)
diff --git a/plugins/markasjunk/markasjunk.php b/plugins/markasjunk/markasjunk.php
index 1f92390e548..aff3acc8488 100644
--- a/plugins/markasjunk/markasjunk.php
+++ b/plugins/markasjunk/markasjunk.php
@@ -6,7 +6,6 @@
  * Sample plugin that adds a new button to the mailbox toolbar
  * to mark the selected messages as Junk and move them to the Junk folder
  *
- * @version @package_version@
  * @license GNU GPLv3+
  * @author Thomas Bruederli
  */
diff --git a/plugins/new_user_dialog/new_user_dialog.php b/plugins/new_user_dialog/new_user_dialog.php
index 936eca3a3a5..6f93fcaca98 100644
--- a/plugins/new_user_dialog/new_user_dialog.php
+++ b/plugins/new_user_dialog/new_user_dialog.php
@@ -7,7 +7,6 @@
  * and sets a session flag in case it is incomplete. An overlay box will appear
  * on the screen until the user has reviewed/completed his identity.
  *
- * @version @package_version@
  * @license GNU GPLv3+
  * @author Thomas Bruederli
  * @author Aleksander Machniak
diff --git a/plugins/new_user_identity/new_user_identity.php b/plugins/new_user_identity/new_user_identity.php
index b9054880eb6..8c686ede0e4 100644
--- a/plugins/new_user_identity/new_user_identity.php
+++ b/plugins/new_user_identity/new_user_identity.php
@@ -6,7 +6,6 @@
  *
  * This plugin requires that a working public_ldap directory be configured.
  *
- * @version @package_version@
  * @author Kris Steinhoff
  * @license GNU GPLv3+
  */
diff --git a/plugins/newmail_notifier/newmail_notifier.php b/plugins/newmail_notifier/newmail_notifier.php
index 74a0913815c..58b4a52b69c 100644
--- a/plugins/newmail_notifier/newmail_notifier.php
+++ b/plugins/newmail_notifier/newmail_notifier.php
@@ -8,7 +8,6 @@
  * 2. Sound   - play wav file
  * 3. Desktop - display desktop notification (using window.Notification API)
  *
- * @version @package_version@
  * @author Aleksander Machniak <alec@alec.pl>
  *
  * Copyright (C) 2011-2016, Kolab Systems AG
diff --git a/plugins/password/README b/plugins/password/README
index 88cc849dd63..c4bb7bea0cb 100644
--- a/plugins/password/README
+++ b/plugins/password/README
@@ -17,7 +17,6 @@
  You should have received a copy of the GNU General Public License
  along with this program. If not, see http://www.gnu.org/licenses/.
 
- @version @package_version@
  @author Aleksander Machniak <alec@alec.pl>
  @author <see driver files for driver authors>
  -----------------------------------------------------------------------
diff --git a/plugins/password/password.php b/plugins/password/password.php
index 2c594df801e..926683bb783 100644
--- a/plugins/password/password.php
+++ b/plugins/password/password.php
@@ -3,7 +3,6 @@
 /**
  * Password Plugin for Roundcube
  *
- * @version @package_version@
  * @author Aleksander Machniak <alec@alec.pl>
  *
  * Copyright (C) 2005-2015, The Roundcube Dev Team
diff --git a/plugins/show_additional_headers/show_additional_headers.php b/plugins/show_additional_headers/show_additional_headers.php
index b7f01104c08..87de51fca7b 100644
--- a/plugins/show_additional_headers/show_additional_headers.php
+++ b/plugins/show_additional_headers/show_additional_headers.php
@@ -9,7 +9,6 @@
  * Enable the plugin in config.inc.php and add your desired headers:
  *   $config['show_additional_headers'] = array('User-Agent');
  *
- * @version @package_version@
  * @author Thomas Bruederli
  * @license GNU GPLv3+
  */
diff --git a/plugins/subscriptions_option/subscriptions_option.php b/plugins/subscriptions_option/subscriptions_option.php
index fa40631354c..5b38ca93e14 100644
--- a/plugins/subscriptions_option/subscriptions_option.php
+++ b/plugins/subscriptions_option/subscriptions_option.php
@@ -19,7 +19,6 @@
  * 'dont_override' list and the global option has changed, don't expect
  * to see the change until the folder list cache is refreshed.
  *
- * @version @package_version@
  * @author Ziba Scott
  * @license GNU GPLv3+
  */
diff --git a/plugins/vcard_attachments/vcard_attachments.php b/plugins/vcard_attachments/vcard_attachments.php
index 622f8907ce2..ebc494e45b5 100644
--- a/plugins/vcard_attachments/vcard_attachments.php
+++ b/plugins/vcard_attachments/vcard_attachments.php
@@ -3,7 +3,6 @@
 /**
  * Detect VCard attachments and show a button to add them to address book
  *
- * @version @package_version@
  * @license GNU GPLv3+
  * @author Thomas Bruederli, Aleksander Machniak
  */
diff --git a/plugins/virtuser_file/virtuser_file.php b/plugins/virtuser_file/virtuser_file.php
index f2b357aaf9a..2d78717a599 100644
--- a/plugins/virtuser_file/virtuser_file.php
+++ b/plugins/virtuser_file/virtuser_file.php
@@ -8,7 +8,6 @@
  * addresses
  * $rcmail['virtuser_file'] = '';
  *
- * @version @package_version@
  * @license GNU GPLv3+
  * @author Aleksander Machniak
  */
diff --git a/plugins/virtuser_query/virtuser_query.php b/plugins/virtuser_query/virtuser_query.php
index c08d6bd38ff..08db1dd2192 100644
--- a/plugins/virtuser_query/virtuser_query.php
+++ b/plugins/virtuser_query/virtuser_query.php
@@ -20,7 +20,6 @@
  * By default Roundcube database is used. To use different database (or host)
  * you can specify DSN string in $config['virtuser_query_dsn'] option.
  *
- * @version @package_version@
  * @author Aleksander Machniak <alec@alec.pl>
  * @author Steffen Vogel
  * @author Tim Gerundt

From bd12d94fae0df1963b1114d06513943d26d43669 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Wed, 2 Nov 2016 13:22:26 +0100
Subject: [PATCH 13/24] Fix missing contact ID for contacts from non-sql
 addressbooks

---
 program/steps/mail/autocomplete.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/program/steps/mail/autocomplete.inc b/program/steps/mail/autocomplete.inc
index bc1b3570c56..9801af1d9e9 100644
--- a/program/steps/mail/autocomplete.inc
+++ b/program/steps/mail/autocomplete.inc
@@ -96,7 +96,7 @@ if (!empty($book_types) && strlen($search)) {
                         $contact = array(
                             'name'   => $contact,
                             'type'   => $sql_arr['_type'],
-                            'id'     => $sql_arr['contact_id'],
+                            'id'     => $sql_arr['ID'],
                             'source' => $abook_id,
                         );
 

From 485c50a5f36cb9eca9f0ac4e0917fb9545d3e603 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 4 Nov 2016 15:08:36 +0100
Subject: [PATCH 14/24] Fix error checking on get_script() result + some CS
 fixes

---
 .../lib/Roundcube/rcube_sieve_engine.php      | 26 ++++++++++++-------
 1 file changed, 17 insertions(+), 9 deletions(-)

diff --git a/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php b/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php
index 0ceb7a72bc6..7e3b0c7fa2b 100644
--- a/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php
+++ b/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php
@@ -292,7 +292,8 @@ function actions()
                     if ($result === true) {
                         $this->rc->output->show_message('managesieve.filterdeleted', 'confirmation');
                         $this->rc->output->command('managesieve_updatelist', 'del', array('id' => $fid));
-                    } else {
+                    }
+                    else {
                         $this->rc->output->show_message('managesieve.filterdeleteerror', 'error');
                     }
                 }
@@ -329,7 +330,8 @@ function actions()
                         $this->rc->output->show_message('managesieve.moved', 'confirmation');
                         $this->rc->output->command('managesieve_updatelist', 'list',
                             array('list' => $result, 'clear' => true, 'set' => $to));
-                    } else {
+                    }
+                    else {
                         $this->rc->output->show_message('managesieve.moveerror', 'error');
                     }
                 }
@@ -351,7 +353,8 @@ function actions()
                             $this->rc->output->show_message('managesieve.activated', 'confirmation');
                         $this->rc->output->command('managesieve_updatelist', 'update',
                             array('id' => $fid, 'disabled' => $rule['disabled']));
-                    } else {
+                    }
+                    else {
                         if ($rule['disabled'])
                             $this->rc->output->show_message('managesieve.deactivateerror', 'error');
                         else
@@ -369,7 +372,8 @@ function actions()
                     $this->rc->output->show_message('managesieve.setactivated', 'confirmation');
                     $this->rc->output->command('managesieve_updatelist', 'setact',
                         array('name' => $script_name, 'active' => true, 'all' => !$kep14));
-                } else {
+                }
+                else {
                     $this->rc->output->show_message('managesieve.setactivateerror', 'error');
                 }
             }
@@ -382,7 +386,8 @@ function actions()
                     $this->rc->output->show_message('managesieve.setdeactivated', 'confirmation');
                     $this->rc->output->command('managesieve_updatelist', 'setact',
                         array('name' => $script_name, 'active' => false));
-                } else {
+                }
+                else {
                     $this->rc->output->show_message('managesieve.setdeactivateerror', 'error');
                 }
             }
@@ -395,7 +400,8 @@ function actions()
                     $this->rc->output->command('managesieve_updatelist', 'setdel',
                         array('name' => $script_name));
                     $this->rc->session->remove('managesieve_current');
-                } else {
+                }
+                else {
                     $this->rc->output->show_message('managesieve.setdeleteerror', 'error');
                 }
             }
@@ -405,7 +411,7 @@ function actions()
                 $script_name = rcube_utils::get_input_value('_set', rcube_utils::INPUT_GPC, true);
                 $script      = $this->sieve->get_script($script_name);
 
-                if (is_a($script, 'PEAR_Error')) {
+                if ($script === false) {
                     exit;
                 }
 
@@ -583,9 +589,11 @@ function save()
                 $this->rc->output->show_message('managesieve.setcreated', 'confirmation');
                 $this->rc->output->command('parent.managesieve_updatelist', 'setadd',
                     array('name' => $name, 'index' => $index));
-            } else if ($msg) {
+            }
+            else if ($msg) {
                 $this->rc->output->command('display_message', $msg, 'error');
-            } else if ($error) {
+            }
+            else if ($error) {
                 $this->rc->output->show_message($error, 'error');
             }
         }

From 059dc8b63571a721ea71ab4d260ee1906eed652c Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 4 Nov 2016 19:11:01 +0100
Subject: [PATCH 15/24] identity_select: Support Received header (#5085)

---
 CHANGELOG                                   |  1 +
 plugins/identity_select/composer.json       |  2 +-
 plugins/identity_select/identity_select.php | 31 +++++++++++++++++++--
 3 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 5e8939ad0fe..5c92ba85fcc 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- identity_select: Support Received header (#5085)
 - Plugin API: Added get_compose_responses hook (#5457)
 - Display error when trying to upload more files than specified in max_file_uploads (#5483)
 - Add missing sql upgrade file for 'ip' column resize in session table (#5465)
diff --git a/plugins/identity_select/composer.json b/plugins/identity_select/composer.json
index c312393606e..7304bd46339 100644
--- a/plugins/identity_select/composer.json
+++ b/plugins/identity_select/composer.json
@@ -3,7 +3,7 @@
     "type": "roundcube-plugin",
     "description": "On reply to a message user identity selection is based on\n\t\tcontent of standard headers like From, To, Cc and Return-Path.\n\t\tHere you can add header(s) set by your SMTP server (e.g.\n\t\tDelivered-To, Envelope-To, X-Envelope-To, X-RCPT-TO) to make\n\t\tidentity selection more accurate.",
     "license": "GPLv3+",
-    "version": "1.0",
+    "version": "1.1",
     "authors": [
         {
             "name": "Aleksander Machniak",
diff --git a/plugins/identity_select/identity_select.php b/plugins/identity_select/identity_select.php
index 7909ebb61cb..07aa97b4785 100644
--- a/plugins/identity_select/identity_select.php
+++ b/plugins/identity_select/identity_select.php
@@ -12,6 +12,10 @@
  * Enable the plugin in config.inc.php and add your desired headers:
  *   $config['identity_select_headers'] = array('Delivered-To');
  *
+ * Note: 'Received' header is also supported, but has bigger impact
+ *       on performance, as it's body is potentially much bigger
+ *       than other headers used by Roundcube
+ *
  * @author Aleksander Machniak <alec@alec.pl>
  * @license GNU GPLv3+
  */
@@ -52,9 +56,9 @@ function select($p)
         $rcmail = rcmail::get_instance();
 
         foreach ((array)$rcmail->config->get('identity_select_headers', array()) as $header) {
-            if ($header = $p['message']->headers->get($header, false)) {
+            if ($emails = $this->get_email_from_header($p['message'], $header)) {
                 foreach ($p['identities'] as $idx => $ident) {
-                    if (in_array($ident['email_ascii'], (array)$header)) {
+                    if (in_array($ident['email_ascii'], $emails)) {
                         $p['selected'] = $idx;
                         break 2;
                     }
@@ -64,4 +68,27 @@ function select($p)
 
         return $p;
     }
+
+    /**
+     * Extract email address from specified message header
+     */
+    protected function get_email_from_header($message, $header)
+    {
+        $value = $message->headers->get($header, false);
+
+        if (strtolower($header) == 'received') {
+            // find first email address in all Received headers
+            $email = null;
+            foreach ((array) $value as $entry) {
+                if (preg_match('/[\s\t]+for[\s\t]+<([^>]+)>/', $entry, $matches)) {
+                    $email = $matches[1];
+                    break;
+                }
+            }
+
+            $value = $email;
+        }
+
+        return (array) $value;
+    }
 }

From 2dbbaf77397cf944039b7e6e72910d1959ae0225 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 6 Nov 2016 09:39:16 +0100
Subject: [PATCH 16/24] Warn about too many disclosed recipients in composed
 email [max_disclosed_recipients] (#5132) Allow to omit a subject when sending
 an email (#5068)

---
 CHANGELOG                               |   2 +
 config/defaults.inc.php                 |   8 +-
 program/js/app.js                       | 102 +++++++++++++++++-------
 program/js/common.js                    |  19 +++--
 program/localization/en_US/labels.inc   |   1 +
 program/localization/en_US/messages.inc |   3 +
 program/steps/mail/compose.inc          |   4 +-
 program/steps/mail/sendmail.inc         |  11 ++-
 8 files changed, 108 insertions(+), 42 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 5c92ba85fcc..1afbe2b299f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,8 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Allow to omit a subject when sending an email (#5068)
+- Warn about too many disclosed recipients in composed email [max_disclosed_recipients] (#5132)
 - identity_select: Support Received header (#5085)
 - Plugin API: Added get_compose_responses hook (#5457)
 - Display error when trying to upload more files than specified in max_file_uploads (#5483)
diff --git a/config/defaults.inc.php b/config/defaults.inc.php
index 74cd611e73e..4207f0b284c 100644
--- a/config/defaults.inc.php
+++ b/config/defaults.inc.php
@@ -521,9 +521,15 @@
 // Size in bytes (possible unit suffix: K, M, G)
 $config['max_message_size'] = '100M';
 
-// Maximum number of recipients per message. Default: 0 (no limit)
+// Maximum number of recipients per message (including To, Cc, Bcc).
+// Default: 0 (no limit)
 $config['max_recipients'] = 0;
 
+// Maximum number of recipients per message exluding Bcc header.
+// This is a soft limit, which means we only display a warning to the user.
+// Default: 5
+$config['max_disclosed_recipients'] = 5;
+
 // Maximum allowed number of members of an address group. Default: 0 (no limit)
 // If 'max_recipients' is set this value should be less or equal
 $config['max_group_members'] = 0;
diff --git a/program/js/app.js b/program/js/app.js
index 63c6894a5fd..24ae6410ae4 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -4345,14 +4345,23 @@ function rcube_webmail()
   };
 
   // checks the input fields before sending a message
-  this.check_compose_input = function(cmd)
+  this.check_compose_input = function(cmd, skip_recipients_checks)
   {
     // check input fields
-    var input_to = $("[name='_to']"),
+    var key, recipients, dialog,
+      limit = this.env.max_disclosed_recipients,
+      input_to = $("[name='_to']"),
       input_cc = $("[name='_cc']"),
       input_bcc = $("[name='_bcc']"),
       input_from = $("[name='_from']"),
-      input_subject = $("[name='_subject']");
+      input_subject = $("[name='_subject']"),
+      get_recipients = function(fields) {
+        fields = $.map(fields, function(v) {
+          v = $.trim(v.val());
+          return v.length ? v : null;
+        });
+        return fields.join(',').replace(/^[\s,;]+/, '').replace(/[\s,;]+$/, '');
+      };
 
     // check sender (if have no identities)
     if (input_from.prop('type') == 'text' && !rcube_check_email(input_from.val(), true)) {
@@ -4362,53 +4371,92 @@ function rcube_webmail()
     }
 
     // check for empty recipient
-    var recipients = input_to.val() ? input_to.val() : (input_cc.val() ? input_cc.val() : input_bcc.val());
-    if (!rcube_check_email(recipients.replace(/^\s+/, '').replace(/[\s,;]+$/, ''), true)) {
+    recipients = get_recipients([input_to, input_cc, input_bcc]);
+    if (!skip_recipients_checks && !rcube_check_email(recipients, true)) {
       alert(this.get_label('norecipientwarning'));
       input_to.focus();
       return false;
     }
 
     // check if all files has been uploaded
-    for (var key in this.env.attachments) {
+    for (key in this.env.attachments) {
       if (typeof this.env.attachments[key] === 'object' && !this.env.attachments[key].complete) {
         alert(this.get_label('notuploadedwarning'));
         return false;
       }
     }
 
+    // check disclosed recipients limit
+    if (limit && !skip_recipients_checks && !this.env.disclosed_recipients_warned
+      && rcube_check_email(recipients = get_recipients([input_to, input_cc]), true, true) > limit
+    ) {
+      var save_func = function(move_to_bcc) {
+          if (move_to_bcc) {
+            var bcc = input_bcc.val();
+            input_bcc.val((bcc ? (bcc + ', ') : '') + recipients).change();
+            input_to.val('').change();
+            input_cc.val('').change();
+          }
+
+          dialog.dialog('close');
+          ref.check_compose_input(cmd, true);
+        };
+
+      dialog = this.show_popup_dialog(
+        this.get_label('disclosedrecipwarning'),
+        this.get_label('disclosedreciptitle'),
+        [{
+            text: this.get_label('sendmessage'),
+            click: function() { save_func(false); },
+            'class': 'mainaction'
+          }, {
+            text: this.get_label('bccinstead'),
+            click: function() { save_func(true); }
+          }, {
+            text: this.get_label('cancel'),
+            click: function() { dialog.dialog('close'); }
+          }],
+        {dialogClass: 'warning'}
+      );
+
+      this.env.disclosed_recipients_warned = true;
+      return false;
+    }
+
     // display localized warning for missing subject
-    if (input_subject.val() == '') {
-      var buttons = {},
-        myprompt = $('<div class="prompt">').html('<div class="message">' + this.get_label('nosubjectwarning') + '</div>')
-          .appendTo(document.body),
-        prompt_value = $('<input>').attr({type: 'text', size: 30}).val(this.get_label('nosubject'))
-          .appendTo(myprompt),
+    if (!this.env.nosubject_warned && input_subject.val() == '') {
+      var prompt_value = $('<input>').attr({type: 'text', size: 40}),
+        myprompt = $('<div class="prompt">')
+          .append($('<div class="message">').text(this.get_label('nosubjectwarning')))
+          .append(prompt_value),
         save_func = function() {
           input_subject.val(prompt_value.val());
-          myprompt.dialog('close');
+          dialog.dialog('close');
           ref.command(cmd, { nocheck:true });  // repeat command which triggered this
         };
 
-      buttons[this.get_label('sendmessage')] = function() {
-        save_func($(this));
-      };
-      buttons[this.get_label('cancel')] = function() {
-        input_subject.focus();
-        $(this).dialog('close');
-      };
-
-      myprompt.dialog({
-        modal: true,
-        resizable: false,
-        buttons: buttons,
-        close: function(event, ui) { $(this).remove(); }
-      });
+      dialog = this.show_popup_dialog(
+        myprompt,
+        this.get_label('nosubjecttitle'),
+        [{
+            text: this.get_label('sendmessage'),
+            click: function() { save_func(); },
+            'class': 'mainaction'
+          }, {
+            text: this.get_label('cancel'),
+            click: function() {
+              input_subject.focus();
+              dialog.dialog('close');
+            }
+          }],
+        {dialogClass: 'warning'}
+      );
 
       prompt_value.select().keydown(function(e) {
         if (e.which == 13) save_func();
       });
 
+      this.env.nosubject_warned = true;
       return false;
     }
 
diff --git a/program/js/common.js b/program/js/common.js
index e021820aae4..2abc594f93d 100644
--- a/program/js/common.js
+++ b/program/js/common.js
@@ -407,10 +407,14 @@ triggerEvent: function(evt, e)
 // check if input is a valid email address
 // By Cal Henderson <cal@iamcal.com>
 // http://code.iamcal.com/php/rfc822/
-function rcube_check_email(input, inline)
+function rcube_check_email(input, inline, count)
 {
-  if (input && window.RegExp) {
-    var qtext = '[^\\x0d\\x22\\x5c\\x80-\\xff]',
+  if (!input)
+    return count ? 0 : false;
+
+  if (count) inline = true;
+
+  var qtext = '[^\\x0d\\x22\\x5c\\x80-\\xff]',
       dtext = '[^\\x0d\\x5b-\\x5d\\x80-\\xff]',
       atom = '[^\\x00-\\x20\\x22\\x28\\x29\\x2c\\x2e\\x3a-\\x3c\\x3e\\x40\\x5b-\\x5d\\x7f-\\xff]+',
       quoted_pair = '\\x5c[\\x00-\\x7f]',
@@ -443,12 +447,13 @@ function rcube_check_email(input, inline)
       delim = '[,;\\s\\n]',
       local_part = word+'(\\x2e'+word+')*',
       addr_spec = '(('+local_part+'\\x40'+domain+')|('+icann_addr+'))',
-      reg1 = inline ? new RegExp('(^|<|'+delim+')'+addr_spec+'($|>|'+delim+')', 'i') : new RegExp('^'+addr_spec+'$', 'i');
+      rx_flag = count ? 'ig' : 'i',
+      rx = inline ? new RegExp('(^|<|'+delim+')'+addr_spec+'($|>|'+delim+')', rx_flag) : new RegExp('^'+addr_spec+'$', 'i');
 
-    return reg1.test(input) ? true : false;
-  }
+  if (count)
+    return input.match(rx).length;
 
-  return false;
+  return rx.test(input);
 };
 
 // recursively copy an object
diff --git a/program/localization/en_US/labels.inc b/program/localization/en_US/labels.inc
index e1d6ca7b77a..84a26889418 100644
--- a/program/localization/en_US/labels.inc
+++ b/program/localization/en_US/labels.inc
@@ -266,6 +266,7 @@ $labels['keyid']          = 'Key ID';
 $labels['keylength']      = 'Bits';
 $labels['keyexpired']     = 'Expired';
 $labels['keyrevoked']     = 'Revoked';
+$labels['bccinstead']     = 'Use Bcc';
 
 $labels['editidents']    = 'Edit identities';
 $labels['spellcheck']    = 'Spell';
diff --git a/program/localization/en_US/messages.inc b/program/localization/en_US/messages.inc
index 945bb22c205..916ae23dc28 100644
--- a/program/localization/en_US/messages.inc
+++ b/program/localization/en_US/messages.inc
@@ -94,7 +94,10 @@ $messages['nonamewarning']  = 'Please enter a name.';
 $messages['nopagesizewarning'] = 'Please enter a page size.';
 $messages['nosenderwarning'] = 'Please enter sender email address.';
 $messages['norecipientwarning'] = 'Please enter at least one recipient.';
+$messages['disclosedrecipwarning'] = 'All recipients will see each others e-mail addresses. To prevent this and protect their privacy you can use the Bcc field.';
+$messages['disclosedreciptitle'] = 'Too many public recipients';
 $messages['nosubjectwarning']  = 'The "Subject" field is empty. Would you like to enter one now?';
+$messages['nosubjecttitle']  = 'No subject';
 $messages['nobodywarning'] = 'Send this message without text?';
 $messages['notsentwarning'] = 'Message has not been sent. Do you want to discard your message?';
 $messages['restoresavedcomposedata'] = 'A previously composed but unsent message was found.\n\nSubject: $subject\nSaved: $date\n\nDo you want to restore this message?';
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index 5d882b474d1..18411a3e2fc 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -88,7 +88,8 @@ $OUTPUT->add_label('nosubject', 'nosenderwarning', 'norecipientwarning', 'nosubj
     'selectimportfile', 'messageissent', 'loadingdata', 'nopubkeyfor', 'nopubkeyforsender',
     'encryptnoattachments','encryptedsendialog','searchpubkeyservers', 'importpubkeys',
     'encryptpubkeysfound',  'search', 'close', 'import', 'keyid', 'keylength', 'keyexpired',
-    'keyrevoked', 'keyimportsuccess', 'keyservererror', 'attaching', 'namex', 'attachmentrename');
+    'keyrevoked', 'keyimportsuccess', 'keyservererror', 'attaching', 'namex', 'attachmentrename',
+    'disclosedrecipwarning', 'disclosedreciptitle', 'bccinstead', 'nosubjecttitle');
 
 $OUTPUT->set_pagetitle($RCMAIL->gettext('compose'));
 
@@ -99,6 +100,7 @@ $OUTPUT->set_env('top_posting', intval($RCMAIL->config->get('reply_mode')) > 0);
 $OUTPUT->set_env('sig_below', $RCMAIL->config->get('sig_below'));
 $OUTPUT->set_env('recipients_separator', trim($RCMAIL->config->get('recipients_separator', ',')));
 $OUTPUT->set_env('save_localstorage', (bool)$RCMAIL->config->get('compose_save_localstorage'));
+$OUTPUT->set_env('max_disclosed_recipients', (int) $RCMAIL->config->get('max_disclosed_recipients', 5));
 $OUTPUT->set_env('is_sent', false);
 $OUTPUT->set_env('mimetypes', rcmail_supported_mimetypes());
 
diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc
index 56f5c53d45e..7cf1d94b75d 100644
--- a/program/steps/mail/sendmail.inc
+++ b/program/steps/mail/sendmail.inc
@@ -44,9 +44,7 @@ if (!isset($COMPOSE['id'])) {
 }
 
 if (!$savedraft) {
-    if (empty($_POST['_to']) && empty($_POST['_cc']) && empty($_POST['_bcc'])
-        && empty($_POST['_subject']) && $_POST['_message']
-    ) {
+    if (empty($_POST['_to']) && empty($_POST['_cc']) && empty($_POST['_bcc']) && $_POST['_message']) {
         $OUTPUT->show_message('sendingfailed', 'error');
         $OUTPUT->send('iframe');
     }
@@ -171,10 +169,11 @@ if (($max_recipients = (int) $RCMAIL->config->get('max_recipients')) > 0) {
 $dont_override = (array) $RCMAIL->config->get('dont_override');
 $mdn_enabled   = in_array('mdn_default', $dont_override) ? $RCMAIL->config->get('mdn_default') : !empty($_POST['_mdn']);
 $dsn_enabled   = in_array('dsn_default', $dont_override) ? $RCMAIL->config->get('dsn_default') : !empty($_POST['_dsn']);
+$subject       = trim(rcube_utils::get_input_value('_subject', rcube_utils::INPUT_POST, TRUE, $message_charset));
 
-// add subject
-$headers['Subject'] = trim(rcube_utils::get_input_value('_subject', rcube_utils::INPUT_POST, TRUE, $message_charset));
-
+if (strlen($subject)) {
+    $headers['Subject'] = $subject;
+}
 if (!empty($identity_arr['organization'])) {
     $headers['Organization'] = $identity_arr['organization'];
 }

From cf866990f2e95ceb35470e80479675715022d7e8 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 6 Nov 2016 09:41:43 +0100
Subject: [PATCH 17/24] Get rid of "popupmessage" class

It wasn't widely used and made the dialogs look inconsistent
---
 plugins/enigma/enigma.js |  2 +-
 skins/larry/styles.css   | 18 ------------------
 skins/larry/ui.js        |  2 +-
 3 files changed, 2 insertions(+), 20 deletions(-)

diff --git a/plugins/enigma/enigma.js b/plugins/enigma/enigma.js
index 033185b3262..1c81963576b 100644
--- a/plugins/enigma/enigma.js
+++ b/plugins/enigma/enigma.js
@@ -602,7 +602,7 @@ rcube_webmail.prototype.enigma_key_not_found = function(data)
                 rcmail.enigma_find_publickey(data.email);
             }
         }],
-        {width: 400, dialogClass: 'popupmessage error'}
+        {width: 400, dialogClass: 'error'}
     );
 };
 
diff --git a/skins/larry/styles.css b/skins/larry/styles.css
index cf21c9069f2..4fbbd71bfef 100644
--- a/skins/larry/styles.css
+++ b/skins/larry/styles.css
@@ -711,24 +711,6 @@ a.iconlink.upload {
 	background-position: 0 -30px;
 }
 
-.ui-dialog.popupmessage .ui-dialog-titlebar {
-	padding: 8px 1em 4px 1em;
-	background: #e3e3e3;
-	background: -moz-linear-gradient(top, #e3e3e3 0%, #cfcfcf 100%);
-	background: -webkit-gradient(linear, left top, left bottom, color-stop(0%,#e3e3e3), color-stop(100%,#cfcfcf));
-	background: -ms-linear-gradient(top, #e3e3e3 0%, #cfcfcf 100%);
-	background: linear-gradient(to bottom, #e3e3e3 0%, #cfcfcf 100%);
-}
-
-.ui-dialog.popupmessage .ui-widget-content {
-	font-size: 12px;
-	background: #eee;
-	background: -moz-linear-gradient(top, #eee 0%, #dcdcdc 100%);
-	background: -webkit-gradient(linear, left top, left bottom, color-stop(0%,#eee), color-stop(100%,#dcdcdc));
-	background: -ms-linear-gradient(top, #eee 0%, #dcdcdc 100%);
-	background: linear-gradient(to bottom, #eee 0%, #dcdcdc 100%);
-}
-
 .ui-autocomplete {
 	max-height: 160px;
 	overflow-x: hidden;
diff --git a/skins/larry/ui.js b/skins/larry/ui.js
index 4b2cd80573a..215778b1448 100644
--- a/skins/larry/ui.js
+++ b/skins/larry/ui.js
@@ -450,7 +450,7 @@ function rcube_mail_ui()
         .dialog({
           resizable: false,
           closeOnEscape: true,
-          dialogClass: 'popupmessage ' + p.type,
+          dialogClass: p.type,
           title: rcmail.gettext('errortitle'),
           close: dialog_close,
           hide: {effect: 'fadeOut'},

From 0a4e3b2d3fe88cf7faaf281df5c7828fe19fec9a Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 6 Nov 2016 10:31:37 +0100
Subject: [PATCH 18/24] Icons alignment fix

---
 skins/larry/styles.css | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/skins/larry/styles.css b/skins/larry/styles.css
index 4fbbd71bfef..5f6f095eba7 100644
--- a/skins/larry/styles.css
+++ b/skins/larry/styles.css
@@ -698,17 +698,17 @@ a.iconlink.upload {
 
 .ui-dialog.warning .ui-dialog-title {
 	color: #960;
-	background-position: 0 -90px;
+	background-position: 0 -91px;
 }
 
 .ui-dialog.error .ui-dialog-title {
 	color: #cf2734;
-	background-position: 0 -60px;
+	background-position: 0 -62px;
 }
 
 .ui-dialog.confirmation .ui-dialog-title {
 	color: #093;
-	background-position: 0 -30px;
+	background-position: 0 -32px;
 }
 
 .ui-autocomplete {

From 386af483ce7368c62330ccc4c236e550794ab1e6 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 6 Nov 2016 10:58:26 +0100
Subject: [PATCH 19/24] Fix redundant keep-alive/refresh after session error on
 compose page (#5500)

---
 CHANGELOG         | 1 +
 program/js/app.js | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/CHANGELOG b/CHANGELOG
index 1afbe2b299f..803c09ec359 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -57,6 +57,7 @@ CHANGELOG Roundcube Webmail
 - Managesieve: Unhide advanced rule controls if there are inputs with errors
 - Managesieve: Display warning message when filter form contains errors
 - Control search engine crawlers via X-Robots-Tag header instead of <meta> and robots.txt (#5098)
+- Fix redundant keep-alive/refresh after session error on compose page (#5500)
 - Fix flickering of header topline in min-mode (#5426)
 - Fix bug where folders list would scroll to top when clicking on subscription checkbox (#5447)
 - Fix decoding of GB2312/GBK text when iconv is not installed (#5448)
diff --git a/program/js/app.js b/program/js/app.js
index 24ae6410ae4..5cbff6e2791 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -8486,6 +8486,12 @@ function rcube_webmail()
     if (this.env.action == 'compose') {
       this.save_compose_form_local();
       this.compose_skip_unsavedcheck = true;
+      // stop keep-alive and refresh processes
+      this.env.session_lifetime = 0;
+      if (this._keepalive)
+        clearInterval(this._keepalive);
+      if (this._refresh)
+        clearInterval(this._refresh);
     }
     else if (redirect_url) {
       setTimeout(function(){ ref.redirect(redirect_url, true); }, 2000);

From c3e7d93c439b4b36f2f254e1a1cb17ad6ec76082 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 6 Nov 2016 14:00:03 +0100
Subject: [PATCH 20/24] Make "Add contact" image/text ignored when
 copying/selecting recipients in main headers (#5103)

---
 program/steps/mail/func.inc | 5 +++--
 skins/classic/common.css    | 9 +++++++++
 skins/larry/styles.css      | 8 ++++++++
 3 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index b3f60c93885..28d9e4a091e 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -1675,8 +1675,9 @@ function rcmail_address_string($input, $max=null, $linked=false, $addicon=null,
                             rcmail_output::JS_OBJECT_NAME, rcube::JQ($string)),
                     ),
                     html::img(array(
-                        'src' => $RCMAIL->output->abs_url($addicon, true),
-                        'alt' => "Add contact",
+                        'src'   => $RCMAIL->output->abs_url($addicon, true),
+                        'alt'   => "Add contact",
+                        'class' => 'noselect',
                 )));
             }
         }
diff --git a/skins/classic/common.css b/skins/classic/common.css
index 2773cb10099..54b1c9cc95f 100644
--- a/skins/classic/common.css
+++ b/skins/classic/common.css
@@ -161,6 +161,15 @@ img
   display: none;
 }
 
+.noselect
+{
+  user-select: none;
+  -moz-user-select: none;
+  -khtml-user-select: none;
+  -ms-user-select: none;
+  -webkit-user-select: none;
+}
+
 /* fixes vertical alignment of checkboxes and labels */
 label input,
 label span
diff --git a/skins/larry/styles.css b/skins/larry/styles.css
index 5f6f095eba7..143c135a60c 100644
--- a/skins/larry/styles.css
+++ b/skins/larry/styles.css
@@ -98,6 +98,14 @@ label input + span {
 	vertical-align: middle;
 }
 
+.noselect {
+	user-select: none;
+	-moz-user-select: none;
+	-khtml-user-select: none;
+	-ms-user-select: none;
+	-webkit-user-select: none;
+}
+
 /*** buttons ***/
 
 input.button {

From d02e6ea45ea3b5e8e446599ce09175047ecdec71 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Mon, 7 Nov 2016 13:39:43 +0100
Subject: [PATCH 21/24] Fix so templating system does not mess with external
 (e.g. email) content (#5499)

---
 CHANGELOG                              |  1 +
 program/include/rcmail_output_html.php | 54 ++++++++++++++++++++------
 2 files changed, 44 insertions(+), 11 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 803c09ec359..de90b8863b1 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -57,6 +57,7 @@ CHANGELOG Roundcube Webmail
 - Managesieve: Unhide advanced rule controls if there are inputs with errors
 - Managesieve: Display warning message when filter form contains errors
 - Control search engine crawlers via X-Robots-Tag header instead of <meta> and robots.txt (#5098)
+- Fix so templating system does not mess with external (e.g. email) content (#5499)
 - Fix redundant keep-alive/refresh after session error on compose page (#5500)
 - Fix flickering of header topline in min-mode (#5426)
 - Fix bug where folders list would scroll to top when clicking on subscription checkbox (#5447)
diff --git a/program/include/rcmail_output_html.php b/program/include/rcmail_output_html.php
index 1c281a69001..9847f271396 100644
--- a/program/include/rcmail_output_html.php
+++ b/program/include/rcmail_output_html.php
@@ -31,6 +31,7 @@ class rcmail_output_html extends rcmail_output
 
     protected $message;
     protected $template_name;
+    protected $objects      = array();
     protected $js_env       = array();
     protected $js_labels    = array();
     protected $js_commands  = array();
@@ -638,15 +639,11 @@ function parse($name = 'main', $exit = true, $write = true)
         $output = $hook['content'];
         unset($hook['content']);
 
-        // make sure all <form> tags have a valid request token
-        $output       = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $output);
-        $this->footer = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $this->footer);
-
         // remove plugin skin paths from current context
         $this->skin_paths = array_slice($this->skin_paths, count($plugin_skin_paths));
 
         if (!$write) {
-            return $output;
+            return $this->postrender($output);
         }
 
         $this->write(trim($output));
@@ -888,6 +885,7 @@ public function just_parse($input)
     {
         $input = $this->parse_conditions($input);
         $input = $this->parse_xml($input);
+        $input = $this->postrender($input);
 
         return $input;
     }
@@ -970,7 +968,7 @@ protected function alter_form_tag($matches)
      *
      * @return mixed Expression result
      */
-    protected function eval_expression ($expression)
+    protected function eval_expression($expression)
     {
         $expression = preg_replace(
             array(
@@ -1012,13 +1010,18 @@ protected function eval_expression ($expression)
      * with the appropriate content
      *
      * @param string $input Input string to parse
+     * @param bool   $reset Reset stored objects
      *
      * @return string Altered input string
      * @todo   Use DOM-parser to traverse template HTML
      * @todo   Maybe a cache.
      */
-    protected function parse_xml($input)
+    protected function parse_xml($input, $reset = true)
     {
+        if ($reset) {
+            $this->objects = array();
+        }
+
         return preg_replace_callback('/<roundcube:([-_a-z]+)\s+((?:[^>]|\\\\>)+)(?<!\\\\)>/Ui', array($this, 'xml_command'), $input);
     }
 
@@ -1118,7 +1121,7 @@ protected function xml_command($matches)
                       $incl = file_get_contents($path);
                     }
                     $incl = $this->parse_conditions($incl);
-                    $incl = $this->parse_xml($incl);
+                    $incl = $this->parse_xml($incl, false);
                     $incl = $this->fix_paths($incl);
                     $this->base_path = $old_base_path;
                     return $incl;
@@ -1141,14 +1144,15 @@ protected function xml_command($matches)
 
             // return code for a specific application object
             case 'object':
-                $object = strtolower($attrib['name']);
+                $object  = strtolower($attrib['name']);
                 $content = '';
 
                 // we are calling a class/method
                 if (($handler = $this->object_handlers[$object]) && is_array($handler)) {
                     if ((is_object($handler[0]) && method_exists($handler[0], $handler[1])) ||
                     (is_string($handler[0]) && class_exists($handler[0])))
-                    $content = call_user_func($handler, $attrib);
+                    $content  = call_user_func($handler, $attrib);
+                    $external = true;
                 }
                 // execute object handler function
                 else if (function_exists($handler)) {
@@ -1211,6 +1215,13 @@ protected function xml_command($matches)
 
                 // exec plugin hooks for this template object
                 $hook = $this->app->plugins->exec_hook("template_object_$object", $attrib + array('content' => $content));
+
+                if (strlen($hook['content']) && !empty($external)) {
+                    $object_id                 = uniqid('TEMPLOBJECT:', true);
+                    $this->objects[$object_id] = $hook['content'];
+                    $hook['content']           = $object_id;
+                }
+
                 return $hook['content'];
 
             // return code for a specified eval expression
@@ -1276,6 +1287,25 @@ protected function include_php($file)
         return $out;
     }
 
+    /**
+     * Put objects' content back into template output
+     */
+    protected function postrender($output)
+    {
+        // insert objects' contents
+        foreach ($this->objects as $key => $val) {
+            $output = str_replace($key, $val, $output);
+        }
+
+        // reset objects
+        $this->objects = array();
+
+        // make sure all <form> tags have a valid request token
+        $output = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $output);
+
+        return $output;
+    }
+
     /**
      * Create and register a button
      *
@@ -1540,7 +1570,7 @@ public function add_footer($str)
      * @param string $templ     HTML template
      * @param string $base_path Base for absolute paths
      */
-    public function _write($templ = '', $base_path = '')
+    protected function _write($templ = '', $base_path = '')
     {
         $output = trim($templ);
 
@@ -1664,6 +1694,8 @@ public function _write($templ = '', $base_path = '')
             $output = $this->fix_assets_paths($output);
         }
 
+        $output = $this->postrender($output);
+
         // trigger hook with final HTML content to be sent
         $hook = $this->app->plugins->exec_hook("send_page", array('content' => $output));
         if (!$hook['abort']) {

From d59bf988e31dff698df89c62094ff05049ef9f70 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Mon, 7 Nov 2016 13:43:21 +0100
Subject: [PATCH 22/24] Fix style of Save button in password form (larry)

---
 plugins/password/password.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/plugins/password/password.php b/plugins/password/password.php
index 926683bb783..5480a8741f6 100644
--- a/plugins/password/password.php
+++ b/plugins/password/password.php
@@ -282,11 +282,12 @@ function password_form()
                 'class'   => 'button mainaction',
                 'label'   => 'save',
         ));
+        $form_buttons = html::p(array('class' => 'formbuttons'), $submit_button);
 
         $out = html::div(array('class' => 'box'),
             html::div(array('id' => 'prefs-title', 'class' => 'boxtitle'), $this->gettext('changepasswd'))
             . html::div(array('class' => 'boxcontent'),
-                $disabled_msg . $table->show() . $rules . html::p(null, $submit_button)));
+                $disabled_msg . $table->show() . $rules . $form_buttons));
 
         $rcmail->output->add_gui_object('passform', 'password-form');
 

From e17e8851f175a5f1a07057ebfd14a380a1163046 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Mon, 7 Nov 2016 18:38:20 +0100
Subject: [PATCH 23/24] CS improvements, _xor() method replaced with an
 anonymous function

---
 program/lib/Roundcube/rcube_imap_generic.php | 32 +++++++++-----------
 1 file changed, 14 insertions(+), 18 deletions(-)

diff --git a/program/lib/Roundcube/rcube_imap_generic.php b/program/lib/Roundcube/rcube_imap_generic.php
index 4751d15fa8e..85bb2405b9e 100644
--- a/program/lib/Roundcube/rcube_imap_generic.php
+++ b/program/lib/Roundcube/rcube_imap_generic.php
@@ -542,6 +542,14 @@ protected function authenticate($user, $pass, $type = 'PLAIN')
                 // RFC2195: CRAM-MD5
                 $ipad = '';
                 $opad = '';
+                $xor  = function($str1, $str2) {
+                    $result = '';
+                    $size   = strlen($str1);
+                    for ($i=0; $i<$size; $i++) {
+                        $result .= chr(ord($str1[$i]) ^ ord($str2[$i]));
+                    }
+                    return $result;
+                };
 
                 // initialize ipad, opad
                 for ($i=0; $i<64; $i++) {
@@ -550,14 +558,11 @@ protected function authenticate($user, $pass, $type = 'PLAIN')
                 }
 
                 // pad $pass so it's 64 bytes
-                $padLen = 64 - strlen($pass);
-                for ($i=0; $i<$padLen; $i++) {
-                    $pass .= chr(0);
-                }
+                $pass = str_pad($pass, 64, chr(0));
 
                 // generate hash
-                $hash  = md5($this->_xor($pass, $opad) . pack("H*",
-                    md5($this->_xor($pass, $ipad) . base64_decode($challenge))));
+                $hash  = md5($xor($pass, $opad) . pack("H*",
+                    md5($xor($pass, $ipad) . base64_decode($challenge))));
                 $reply = base64_encode($user . ' ' . $hash);
 
                 // send result
@@ -3830,6 +3835,9 @@ public static function tokenizeResponse(&$str, $num=0)
         return $num == 1 ? $result[0] : $result;
     }
 
+    /**
+     * Joins IMAP command line elements (recursively)
+     */
     protected static function r_implode($element)
     {
         $string = '';
@@ -3935,18 +3943,6 @@ public static function uncompressMessageSet($messages)
         return $result;
     }
 
-    protected function _xor($string, $string2)
-    {
-        $result = '';
-        $size   = strlen($string);
-
-        for ($i=0; $i<$size; $i++) {
-            $result .= chr(ord($string[$i]) ^ ord($string2[$i]));
-        }
-
-        return $result;
-    }
-
     /**
      * Clear internal status cache
      */

From 0e5a167cd2f2b9b709426da7295a32567fc45563 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <machniak@kolabsys.com>
Date: Tue, 8 Nov 2016 14:58:31 +0100
Subject: [PATCH 24/24] Fix recognizing Sent folder on search if current folder
 has been changed by plugins in meantime

---
 program/steps/mail/search.inc | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/program/steps/mail/search.inc b/program/steps/mail/search.inc
index 64763d928fd..25900a5d07d 100644
--- a/program/steps/mail/search.inc
+++ b/program/steps/mail/search.inc
@@ -134,6 +134,12 @@ if ($search_str) {
         array_unshift($mboxes, $mbox);
     }
 
+    if ($scope != 'all') {
+        // Remember current folder, it can change in meantime (plugins)
+        // but we need it to e.g. recognize Sent folder to handle From/To column later
+        $RCMAIL->output->set_env('mailbox', $mbox);
+    }
+
     $result = $RCMAIL->storage->search($mboxes, $search_str, $imap_charset, $sort_column);
 }