Fix storing 'safe' flag on a message. The key for session value should include

folder name. A message with the same UID may exist in another folder.

program/lib/Roundcube/rcube_message.php

@@ -93,7 +93,7 @@ class rcube_message
         $this->subject = $this->mime->decode_mime_string($this->headers->subject);
         list(, $this->sender) = each($this->mime->decode_address_list($this->headers->from, 1));
 
-        $this->set_safe((intval($_GET['_safe']) || $_SESSION['safe_messages'][$uid]));
+        $this->set_safe((intval($_GET['_safe']) || $_SESSION['safe_messages'][$this->folder.':'.$uid]));
         $this->opt = array(
             'safe' => $this->is_safe,
             'prefer_html' => $this->app->config->get('prefer_html'),
@@ -144,8 +144,7 @@ class rcube_message
      */
     public function set_safe($safe = true)
     {
-        $this->is_safe = $safe;
-        $_SESSION['safe_messages'][$this->uid] = $this->is_safe;
+        $_SESSION['safe_messages'][$this->folder.':'.$this->uid] = $this->is_safe = $safe;
     }