*
* Functions require SM_PATH and support of forms.php functions
*
- * @copyright © 1999-2007 The SquirrelMail Project Team
+ * @copyright 1999-2017 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
/* File */
$filename = getHashedFile($username, $data_dir, "$username.abook");
$r = $abook->add_backend('local_file', Array('filename' => $filename,
+ 'umask' => 0077,
'line_length' => $abook_file_line_length,
'create' => true));
if(!$r && $showerr) {
* display address book init errors.
*/
if ($abook_init_error!='' && $showerr) {
- error_box(nl2br(htmlspecialchars($abook_init_error)));
+ error_box(nl2br(sm_encode_html_special_chars($abook_init_error)));
}
/* Return the initialized object */
global $oTemplate;
- $output = addForm($form_url, 'post', 'f_add');
+ $output = addForm($form_url, 'post', 'f_add', '', '', array(), TRUE);
if ($button == _("Update address")) {
$edit = true;
*
* Extra field can be used to add link to form, which allows
* to modify all fields supported by backend. This is the only field
- * that is not sanitized with htmlspecialchars. Backends MUST make
+ * that is not sanitized with sm_encode_html_special_chars. Backends MUST make
* sure that field data is sanitized and displayed correctly inside
* table cell. Use of html formating in other address book fields is
* not allowed. Backends that don't return 'extra' row in address book
var $add_extra_field = false;
/**
- * Constructor function.
+ * Constructor (PHP5 style, required in some future version of PHP)
*/
- function AddressBook() {
+ function __construct() {
$this->localbackendname = _("Personal Address Book");
}
+ /**
+ * Constructor (PHP4 style, kept for compatibility reasons)
+ */
+ function AddressBook() {
+ self::__construct();
+ }
+
/**
* Return an array of backends of a given type,
* or all backends if no type is specified.
* @param array $row address book entry
* @return string email address with real name prepended
*/
- function full_address($row) {
- global $data_dir, $username;
- $addrsrch_fullname = getPref($data_dir, $username, 'addrsrch_fullname');
- if ($addrsrch_fullname == 'fullname')
- return '"' . $row['name'] . '" <' . trim($row['email']) . '>';
- else if ($addrsrch_fullname == 'nickname')
- return '"' . $row['nickname'] . '" <' . trim($row['email']) . '>';
- else // "noprefix"
- return trim($row['email']);
+ static function full_address($row) {
+ global $data_dir, $username, $addrsrch_fullname;
+
+ // allow multiple addresses in one row (poor person's grouping - bah)
+ // (separate with commas)
+ //
+ $return = '';
+ $addresses = explode(',', $row['email']);
+ foreach ($addresses as $address) {
+
+ if (!empty($return)) $return .= ', ';
+
+ if ($addrsrch_fullname == 'fullname')
+ $return .= '"' . $row['name'] . '" <' . trim($address) . '>';
+ else if ($addrsrch_fullname == 'nickname')
+ $return .= '"' . $row['nickname'] . '" <' . trim($address) . '>';
+ else // "noprefix"
+ $return .= trim($address);
+
+ }
+
+ return $return;
}
/**
}
/* Blocks use of space, :, |, #, " and ! in nickname */
- if (eregi('[ \\:\\|\\#\\"\\!]', $userdata['nickname'])) {
+ if (preg_match('/[ :|#"!]/', $userdata['nickname'])) {
$this->error = _("Nickname contains illegal characters");
return false;
}
return false;
}
- if (eregi('[\\: \\|\\#"\\!]', $userdata['nickname'])) {
+ if (preg_match('/[: |#"!]/', $userdata['nickname'])) {
$this->error = _("Nickname contains illegal characters");
return false;
}
* not found, or false if an error occured.
*
*/
- function lookup($value, $field) {
+ function lookup($value, $field=SM_ABOOK_FIELD_NICKNAME) {
$this->set_error('lookup is not implemented');
return false;
}