| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * addressbook.php |
| 5 | * |
| 6 | * Copyright (c) 1999-2003 The SquirrelMail Project Team |
| 7 | * Licensed under the GNU GPL. For full terms see the file COPYING. |
| 8 | * |
| 9 | * Manage personal address book. |
| 10 | * |
| 11 | * $Id$ |
| 12 | */ |
| 13 | |
| 14 | /* Path for SquirrelMail required files. */ |
| 15 | define('SM_PATH','../'); |
| 16 | |
| 17 | /* SquirrelMail required files. */ |
| 18 | require_once(SM_PATH . 'include/validate.php'); |
| 19 | require_once(SM_PATH . 'functions/display_messages.php'); |
| 20 | require_once(SM_PATH . 'functions/addressbook.php'); |
| 21 | require_once(SM_PATH . 'functions/strings.php'); |
| 22 | require_once(SM_PATH . 'functions/html.php'); |
| 23 | |
| 24 | /* lets get the global vars we may need */ |
| 25 | $key = $_COOKIE['key']; |
| 26 | |
| 27 | $username = $_SESSION['username']; |
| 28 | $onetimepad = $_SESSION['onetimepad']; |
| 29 | $base_uri = $_SESSION['base_uri']; |
| 30 | $delimiter = $_SESSION['delimiter']; |
| 31 | |
| 32 | /* From the address form */ |
| 33 | if ( isset($_POST['addaddr']) ) { |
| 34 | $addaddr = &$_POST['addaddr']; |
| 35 | } |
| 36 | if ( isset($_POST['editaddr']) ) { |
| 37 | $editaddr = &$_POST['editaddr']; |
| 38 | } |
| 39 | if ( isset($_POST['deladdr']) ) { |
| 40 | $deladdr = &$_POST['deladdr']; |
| 41 | } |
| 42 | $sel = &$_POST['sel']; |
| 43 | |
| 44 | if (isset($_POST['oldnick'])) { |
| 45 | $oldnick = $_POST['oldnick']; |
| 46 | } |
| 47 | if (isset($_POST['backend'])) { |
| 48 | $backend = $_POST['backend']; |
| 49 | } |
| 50 | if (isset($_POST['doedit'])) { |
| 51 | $doedit = $_POST['doedit']; |
| 52 | } |
| 53 | |
| 54 | /* Make an input field */ |
| 55 | function adressbook_inp_field($label, $field, $name, $size, $values, $add) { |
| 56 | global $color; |
| 57 | $td_str = '<INPUT NAME="' . $name . '[' . $field . ']" SIZE="' . $size . '" VALUE="'; |
| 58 | if (isset($values[$field])) { |
| 59 | $td_str .= htmlspecialchars( strip_tags( $values[$field] ) ); |
| 60 | } |
| 61 | $td_str .= '">' . $add . ''; |
| 62 | return html_tag( 'tr' , |
| 63 | html_tag( 'td', $label . ':', 'right', $color[4]) . |
| 64 | html_tag( 'td', $td_str, 'left', $color[4]) |
| 65 | ) |
| 66 | . "\n"; |
| 67 | } |
| 68 | |
| 69 | /* Output form to add and modify address data */ |
| 70 | function address_form($name, $submittext, $values = array()) { |
| 71 | global $color; |
| 72 | |
| 73 | echo html_tag( 'table', |
| 74 | adressbook_inp_field(_("Nickname"), 'nickname', $name, 15, $values, |
| 75 | ' <SMALL>' . _("Must be unique") . '</SMALL>') . |
| 76 | adressbook_inp_field(_("E-mail address"), 'email', $name, 45, $values, '') . |
| 77 | adressbook_inp_field(_("First name"), 'firstname', $name, 45, $values, '') . |
| 78 | adressbook_inp_field(_("Last name"), 'lastname', $name, 45, $values, '') . |
| 79 | adressbook_inp_field(_("Additional info"), 'label', $name, 45, $values, '') . |
| 80 | html_tag( 'tr', |
| 81 | html_tag( 'td', |
| 82 | '<INPUT TYPE=submit NAME="' . $name . '[SUBMIT]" VALUE="' . |
| 83 | $submittext . '">', |
| 84 | 'center', $color[4], 'colspan="2"') |
| 85 | ) |
| 86 | , 'center', '', 'border="0" cellpadding="1" width="90%"') ."\n"; |
| 87 | } |
| 88 | |
| 89 | /* Open addressbook, with error messages on but without LDAP (the * |
| 90 | * second "true"). Don't need LDAP here anyway */ |
| 91 | $abook = addressbook_init(true, true); |
| 92 | if($abook->localbackend == 0) { |
| 93 | plain_error_message( |
| 94 | _("No personal address book is defined. Contact administrator."), |
| 95 | $color); |
| 96 | exit(); |
| 97 | } |
| 98 | |
| 99 | displayPageHeader($color, 'None'); |
| 100 | |
| 101 | $defdata = array(); |
| 102 | $formerror = ''; |
| 103 | $abortform = false; |
| 104 | $showaddrlist = true; |
| 105 | $defselected = array(); |
| 106 | $form_url = 'addressbook.php'; |
| 107 | |
| 108 | |
| 109 | /* Handle user's actions */ |
| 110 | if($_SERVER['REQUEST_METHOD'] == 'POST') { |
| 111 | |
| 112 | /************************************************** |
| 113 | * Add new address * |
| 114 | **************************************************/ |
| 115 | if (!empty($addaddr['nickname'])) { |
| 116 | foreach( $addaddr as $k => $adr ) { |
| 117 | $addaddr[$k] = strip_tags( $adr ); |
| 118 | } |
| 119 | $r = $abook->add($addaddr, $abook->localbackend); |
| 120 | |
| 121 | /* Handle error messages */ |
| 122 | if (!$r) { |
| 123 | /* Remove backend name from error string */ |
| 124 | $errstr = $abook->error; |
| 125 | $errstr = ereg_replace('^\[.*\] *', '', $errstr); |
| 126 | |
| 127 | $formerror = $errstr; |
| 128 | $showaddrlist = false; |
| 129 | $defdata = $addaddr; |
| 130 | } |
| 131 | } else { |
| 132 | |
| 133 | /************************************************ |
| 134 | * Delete address(es) * |
| 135 | ************************************************/ |
| 136 | if ((!empty($deladdr)) && sizeof($sel) > 0) { |
| 137 | $orig_sel = $sel; |
| 138 | sort($sel); |
| 139 | |
| 140 | /* The selected addresses are identidied by "backend:nickname". * |
| 141 | * Sort the list and process one backend at the time */ |
| 142 | $prevback = -1; |
| 143 | $subsel = array(); |
| 144 | $delfailed = false; |
| 145 | |
| 146 | for ($i = 0 ; (($i < sizeof($sel)) && !$delfailed) ; $i++) { |
| 147 | list($sbackend, $snick) = explode(':', $sel[$i]); |
| 148 | |
| 149 | /* When we get to a new backend, process addresses in * |
| 150 | * previous one. */ |
| 151 | if ($prevback != $sbackend && $prevback != -1) { |
| 152 | |
| 153 | $r = $abook->remove($subsel, $prevback); |
| 154 | if (!$r) { |
| 155 | $formerror = $abook->error; |
| 156 | $i = sizeof($sel); |
| 157 | $delfailed = true; |
| 158 | break; |
| 159 | } |
| 160 | $subsel = array(); |
| 161 | } |
| 162 | |
| 163 | /* Queue for processing */ |
| 164 | array_push($subsel, $snick); |
| 165 | $prevback = $sbackend; |
| 166 | } |
| 167 | |
| 168 | if (!$delfailed) { |
| 169 | $r = $abook->remove($subsel, $prevback); |
| 170 | if (!$r) { /* Handle errors */ |
| 171 | $formerror = $abook->error; |
| 172 | $delfailed = true; |
| 173 | } |
| 174 | } |
| 175 | |
| 176 | if ($delfailed) { |
| 177 | $showaddrlist = true; |
| 178 | $defselected = $orig_sel; |
| 179 | } |
| 180 | |
| 181 | } else { |
| 182 | |
| 183 | /*********************************************** |
| 184 | * Update/modify address * |
| 185 | ***********************************************/ |
| 186 | if (!empty($editaddr)) { |
| 187 | |
| 188 | /* Stage one: Copy data into form */ |
| 189 | if (isset($sel) && sizeof($sel) > 0) { |
| 190 | if(sizeof($sel) > 1) { |
| 191 | $formerror = _("You can only edit one address at the time"); |
| 192 | $showaddrlist = true; |
| 193 | $defselected = $sel; |
| 194 | } else { |
| 195 | $abortform = true; |
| 196 | list($ebackend, $enick) = explode(':', $sel[0]); |
| 197 | $olddata = $abook->lookup($enick, $ebackend); |
| 198 | |
| 199 | /* Display the "new address" form */ |
| 200 | echo '<FORM ACTION="' . $form_url . '" METHOD="POST">' . |
| 201 | "\n" . |
| 202 | html_tag( 'table', |
| 203 | html_tag( 'tr', |
| 204 | html_tag( 'td', |
| 205 | "\n". '<strong>' . _("Update address") . '</strong>' ."\n", |
| 206 | 'center', $color[0] ) |
| 207 | ), |
| 208 | 'center', '', 'width="100%" ' ); |
| 209 | address_form("editaddr", _("Update address"), $olddata); |
| 210 | echo '<INPUT TYPE=hidden NAME=oldnick VALUE="' . |
| 211 | htmlspecialchars($olddata["nickname"]) . "\">\n" . |
| 212 | '<INPUT TYPE=hidden NAME=backend VALUE="' . |
| 213 | htmlspecialchars($olddata["backend"]) . "\">\n" . |
| 214 | '<INPUT TYPE=hidden NAME=doedit VALUE=1>' . "\n" . |
| 215 | '</FORM>'; |
| 216 | } |
| 217 | } else { |
| 218 | |
| 219 | /* Stage two: Write new data */ |
| 220 | if ($doedit = 1) { |
| 221 | $newdata = $editaddr; |
| 222 | $r = $abook->modify($oldnick, $newdata, $backend); |
| 223 | |
| 224 | /* Handle error messages */ |
| 225 | if (!$r) { |
| 226 | /* Display error */ |
| 227 | echo html_tag( 'table', |
| 228 | html_tag( 'tr', |
| 229 | html_tag( 'td', |
| 230 | "\n". '<br><strong><font color="' . $color[2] . |
| 231 | '">' . _("ERROR") . ': ' . $abook->error . '</font></strong>' ."\n", |
| 232 | 'center' ) |
| 233 | ), |
| 234 | 'center', '', 'width="100%"' ); |
| 235 | |
| 236 | /* Display the "new address" form again */ |
| 237 | echo '<FORM ACTION="' . $form_url . |
| 238 | '" METHOD="POST">' . "\n" . |
| 239 | html_tag( 'table', |
| 240 | html_tag( 'tr', |
| 241 | html_tag( 'td', |
| 242 | "\n". '<br><strong>' . _("Update address") . '</strong>' ."\n", |
| 243 | 'center', $color[0] ) |
| 244 | ), |
| 245 | 'center', '', 'width="100%"' ) . |
| 246 | address_form("editaddr", _("Update address"), $newdata); |
| 247 | echo '<INPUT TYPE=hidden NAME=oldnick VALUE="' . |
| 248 | htmlspecialchars($oldnick) . "\">\n" . |
| 249 | '<INPUT TYPE=hidden NAME=backend VALUE="' . |
| 250 | htmlspecialchars($backend) . "\">\n" . |
| 251 | '<INPUT TYPE=hidden NAME=doedit VALUE=1>' . |
| 252 | "\n" . '</FORM>'; |
| 253 | $abortform = true; |
| 254 | } |
| 255 | } else { |
| 256 | |
| 257 | /* Should not get here... */ |
| 258 | plain_error_message(_("Unknown error"), $color); |
| 259 | $abortform = true; |
| 260 | } |
| 261 | } |
| 262 | } /* !empty($editaddr) - Update/modify address */ |
| 263 | } /* (!empty($deladdr)) && sizeof($sel) > 0 - Delete address(es) */ |
| 264 | } /* !empty($addaddr['nickname']) - Add new address */ |
| 265 | |
| 266 | // Some times we end output before forms are printed |
| 267 | if($abortform) { |
| 268 | echo "</BODY></HTML>\n"; |
| 269 | exit(); |
| 270 | } |
| 271 | } |
| 272 | |
| 273 | |
| 274 | /* =================================================================== * |
| 275 | * The following is only executed on a GET request, or on a POST when * |
| 276 | * a user is added, or when "delete" or "modify" was successful. * |
| 277 | * =================================================================== */ |
| 278 | |
| 279 | /* Display error messages */ |
| 280 | if (!empty($formerror)) { |
| 281 | echo html_tag( 'table', |
| 282 | html_tag( 'tr', |
| 283 | html_tag( 'td', |
| 284 | "\n". '<br><strong><font color="' . $color[2] . |
| 285 | '">' . _("ERROR") . ': ' . $formerror . '</font></strong>' ."\n", |
| 286 | 'center' ) |
| 287 | ), |
| 288 | 'center', '', 'width="100%"' ); |
| 289 | } |
| 290 | |
| 291 | |
| 292 | /* Display the address management part */ |
| 293 | if ($showaddrlist) { |
| 294 | /* Get and sort address list */ |
| 295 | $alist = $abook->list_addr(); |
| 296 | if(!is_array($alist)) { |
| 297 | plain_error_message($abook->error, $color); |
| 298 | exit; |
| 299 | } |
| 300 | |
| 301 | usort($alist,'alistcmp'); |
| 302 | $prevbackend = -1; |
| 303 | $headerprinted = false; |
| 304 | |
| 305 | echo html_tag( 'p', '<a href="#AddAddress">' . _("Add address") . '</a>', 'center' ) . "\n"; |
| 306 | |
| 307 | /* List addresses */ |
| 308 | if (count($alist) > 0) { |
| 309 | echo '<FORM ACTION="' . $form_url . '" METHOD="POST">' . "\n"; |
| 310 | while(list($undef,$row) = each($alist)) { |
| 311 | |
| 312 | /* New table header for each backend */ |
| 313 | if($prevbackend != $row['backend']) { |
| 314 | if($prevbackend < 0) { |
| 315 | echo html_tag( 'table', |
| 316 | html_tag( 'tr', |
| 317 | html_tag( 'td', |
| 318 | '<INPUT TYPE=submit NAME=editaddr VALUE="' . |
| 319 | _("Edit selected") . "\">\n" . |
| 320 | '<INPUT TYPE=submit NAME=deladdr VALUE="' . |
| 321 | _("Delete selected") . "\">\n", |
| 322 | 'center', '', 'colspan="5"' ) |
| 323 | ) . |
| 324 | html_tag( 'tr', |
| 325 | html_tag( 'td', ' <br>', 'center', '', 'colspan="5"' ) |
| 326 | ) , |
| 327 | 'center' ); |
| 328 | } |
| 329 | |
| 330 | echo html_tag( 'table', |
| 331 | html_tag( 'tr', |
| 332 | html_tag( 'td', "\n" . '<strong>' . $row['source'] . '</strong>' . "\n", 'center', $color[0] ) |
| 333 | ) , |
| 334 | 'center', '', 'width="95%"' ) ."\n" |
| 335 | . html_tag( 'table', '', 'center', '', 'border="0" cellpadding="1" cellspacing="0" width="90%"' ) . |
| 336 | html_tag( 'tr', "\n" . |
| 337 | html_tag( 'th', ' ', 'left', '', 'width="1%"' ) . |
| 338 | html_tag( 'th', _("Nickname"), 'left', '', 'width="1%"' ) . |
| 339 | html_tag( 'th', _("Name"), 'left', '', 'width="1%"' ) . |
| 340 | html_tag( 'th', _("E-mail"), 'left', '', 'width="1%"' ) . |
| 341 | html_tag( 'th', _("Info"), 'left', '', 'width="1%"' ) , |
| 342 | '', $color[9] ) . "\n"; |
| 343 | |
| 344 | $line = 0; |
| 345 | $headerprinted = true; |
| 346 | } /* End of header */ |
| 347 | |
| 348 | $prevbackend = $row['backend']; |
| 349 | |
| 350 | /* Check if this user is selected */ |
| 351 | if(in_array($row['backend'] . ':' . $row['nickname'], $defselected)) { |
| 352 | $selected = 'CHECKED'; |
| 353 | } else { |
| 354 | $selected = ''; |
| 355 | } |
| 356 | |
| 357 | /* Print one row */ |
| 358 | $tr_bgcolor = ''; |
| 359 | if ($line % 2) { $tr_bgcolor = $color[0]; } |
| 360 | echo html_tag( 'tr', '') . |
| 361 | html_tag( 'td', |
| 362 | '<SMALL>' . |
| 363 | '<INPUT TYPE=checkbox ' . $selected . ' NAME="sel[]" VALUE="' . |
| 364 | $row['backend'] . ':' . $row['nickname'] . '"></SMALL>' , |
| 365 | 'center', '', 'valign="top" width="1%"' ) . |
| 366 | html_tag( 'td', ' ' . $row['nickname'] . ' ', 'left', '', 'valign="top" width="1%" nowrap' ) . |
| 367 | html_tag( 'td', ' ' . $row['name'] . ' ', 'left', '', 'valign="top" width="1%" nowrap' ) . |
| 368 | html_tag( 'td', '', 'left', '', 'valign="top" width="1%" nowrap' ) . ' '; |
| 369 | $email = $abook->full_address($row); |
| 370 | if ($compose_new_win == '1') { |
| 371 | echo '<a href="javascript:void(0)" onclick=comp_in_new(false,"compose.php?send_to='.rawurlencode($email).'")>'; |
| 372 | } |
| 373 | else { |
| 374 | echo '<A HREF="compose.php?send_to=' . rawurlencode($email).'">'; |
| 375 | } |
| 376 | echo htmlspecialchars($row['email']) . '</A> </td>'."\n". |
| 377 | html_tag( 'td', ' ' . htmlspecialchars($row['label']) . ' ', 'left', '', 'valign="top" width="1%"' ) . |
| 378 | "</tr>\n"; |
| 379 | $line++; |
| 380 | } |
| 381 | |
| 382 | /* End of list. Close table. */ |
| 383 | if ($headerprinted) { |
| 384 | echo html_tag( 'tr', |
| 385 | html_tag( 'td', |
| 386 | '<INPUT TYPE="submit" NAME="editaddr" VALUE="' . _("Edit selected") . |
| 387 | "\">\n" . |
| 388 | '<INPUT TYPE="submit" NAME="deladdr" VALUE="' . _("Delete selected") . |
| 389 | "\">\n", |
| 390 | 'center', '', 'colspan="5"' ) |
| 391 | ); |
| 392 | } |
| 393 | echo '</table></FORM>'; |
| 394 | } |
| 395 | } /* end of addresslist */ |
| 396 | |
| 397 | |
| 398 | /* Display the "new address" form */ |
| 399 | echo '<a name="AddAddress"></a>' . "\n" . |
| 400 | '<FORM ACTION="' . $form_url . '" NAME=f_add METHOD="POST">' . "\n" . |
| 401 | html_tag( 'table', |
| 402 | html_tag( 'tr', |
| 403 | html_tag( 'td', "\n". '<strong>' . sprintf(_("Add to %s"), $abook->localbackendname) . '</strong>' . "\n", |
| 404 | 'center', $color[0] |
| 405 | ) |
| 406 | ) |
| 407 | , 'center', '', 'width="100%"' ) ."\n"; |
| 408 | address_form('addaddr', _("Add address"), $defdata); |
| 409 | echo '</FORM>'; |
| 410 | |
| 411 | /* Add hook for anything that wants on the bottom */ |
| 412 | do_hook('addressbook_bottom'); |
| 413 | ?> |
| 414 | |
| 415 | </BODY></HTML> |