/**
* abook_local_file.php
*
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
* Licensed under the GNU GPL. For full terms see the file COPYING.
*
* Backend for addressbook as a pipe separated file
* NOTE! Previous locks are broken by this function */
function overwrite(&$rows) {
$this->unlock();
- $newfh = @fopen($this->filename, 'w');
+ $newfh = @fopen($this->filename.'.tmp', 'w');
+
if(!$newfh) {
- return $this->set_error("$file: " . _("Open failed"));
+ return $this->set_error($this->filename. '.tmp:' . _("Open failed"));
}
- for($i = 0 ; $i < sizeof($rows) ; $i++) {
+ for($i = 0, $cnt=sizeof($rows) ; $i < $cnt ; $i++) {
if(is_array($rows[$i])) {
- fwrite($newfh, join('|', $rows[$i]) . "\n");
+ for($j = 0, $cnt_part=count($rows[$i]) ; $j < $cnt_part ; $j++) {
+ $rows[$i][$j] = $this->quotevalue($rows[$i][$j]);
+ }
+ $tmpwrite = @fwrite($newfh, join('|', $rows[$i]) . "\n");
+ if ($tmpwrite == -1) {
+ return $this->set_error($this->filename . '.tmp:' . _("Write failed"));
+ }
}
}
fclose($newfh);
+ if (!@copy($this->filename . '.tmp' , $this->filename)) {
+ return $this->set_error($this->filename . ':' . _("Unable to update"));
+ }
+ @unlink($this->filename . '.tmp');
$this->unlock();
$this->open(true);
return true;
}
/* Here is the data to write */
- $data = $userdata['nickname'] . '|' . $userdata['firstname'] . '|' .
- $userdata['lastname'] . '|' . $userdata['email'] . '|' .
- $userdata['label'];
+ $data = $this->quotevalue($userdata['nickname']) . '|' .
+ $this->quotevalue($userdata['firstname']) . '|' .
+ $this->quotevalue($userdata['lastname']) . '|' .
+ $this->quotevalue($userdata['email']) . '|' .
+ $this->quotevalue($userdata['label']);
+
/* Strip linefeeds */
$data = ereg_replace("[\r\n]", ' ', $data);
/* Add linefeed at end */
return true;
}
+ /* Function for quoting values before saving */
+ function quotevalue($value) {
+ /* Quote the field if it contains | or ". Double quotes need to
+ * be replaced with "" */
+ if(ereg("[|\"]", $value)) {
+ $value = '"' . str_replace('"', '""', $value) . '"';
+ }
+ return $value;
+ }
+
} /* End of class abook_local_file */
?>
\ No newline at end of file