X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;ds=sidebyside;f=functions%2Faddressbook.php;h=5c5dbcb2bbf80aa221577e1e6eb115c2468a4b46;hb=ea72131677da03d6287fe826838231be356e4607;hp=b0dd88c32d1f60454813340f1ba787204be864f9;hpb=caa596b29982636a056f813f41b43d1ec036d6a2;p=squirrelmail.git diff --git a/functions/addressbook.php b/functions/addressbook.php index b0dd88c3..5c5dbcb2 100644 --- a/functions/addressbook.php +++ b/functions/addressbook.php @@ -4,7 +4,7 @@ * * Functions require SM_PATH and support of forms.php functions * - * @copyright © 1999-2007 The SquirrelMail Project Team + * @copyright 1999-2012 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package squirrelmail @@ -54,6 +54,7 @@ function addressbook_init($showerr = true, $onlylocal = false) { /* File */ $filename = getHashedFile($username, $data_dir, "$username.abook"); $r = $abook->add_backend('local_file', Array('filename' => $filename, + 'umask' => 0077, 'line_length' => $abook_file_line_length, 'create' => true)); if(!$r && $showerr) { @@ -85,7 +86,7 @@ function addressbook_init($showerr = true, $onlylocal = false) { } $r = $abook->add_backend('local_file',array('filename'=>$abook_global_filename, - 'name' => _("Global address book"), + 'name' => _("Global Address Book"), 'detect_writeable' => false, 'line_length' => $abook_file_line_length, 'writeable'=> $abook_global_file_writeable, @@ -107,7 +108,7 @@ function addressbook_init($showerr = true, $onlylocal = false) { $r = $abook->add_backend('database', Array('dsn' => $addrbook_global_dsn, 'owner' => 'global', - 'name' => _("Global address book"), + 'name' => _("Global Address Book"), 'writeable' => $addrbook_global_writeable, 'listing' => $addrbook_global_listing, 'table' => $addrbook_global_table)); @@ -161,7 +162,7 @@ function addressbook_init($showerr = true, $onlylocal = false) { * display address book init errors. */ if ($abook_init_error!='' && $showerr) { - error_box(nl2br(htmlspecialchars($abook_init_error))); + error_box(nl2br(sm_encode_html_special_chars($abook_init_error))); } /* Return the initialized object */ @@ -191,7 +192,7 @@ function abook_create_form($form_url, $name, $title, $button, global $oTemplate; - $output = addForm($form_url, 'post', 'f_add'); + $output = addForm($form_url, 'post', 'f_add', '', '', array(), TRUE); if ($button == _("Update address")) { $edit = true; @@ -363,9 +364,8 @@ function show_abook_sort_button($abook_sort_order, $alt_tag, $which = 8; } - $uri = $form_url .'?abook_sort_order=' . $which; - foreach ($uri_extra as $key => $value) - $uri = set_url_var($uri, $key, $value, FALSE); + $uri_extra['abook_sort_order'] = $which; + $uri = set_uri_vars($form_url, $uri_extra, FALSE); /* Now that we have everything figured out, show the actual button. */ return create_hyperlink($uri, @@ -414,7 +414,7 @@ class AddressBook { * * Extra field can be used to add link to form, which allows * to modify all fields supported by backend. This is the only field - * that is not sanitized with htmlspecialchars. Backends MUST make + * that is not sanitized with sm_encode_html_special_chars. Backends MUST make * sure that field data is sanitized and displayed correctly inside * table cell. Use of html formating in other address book fields is * not allowed. Backends that don't return 'extra' row in address book @@ -428,7 +428,7 @@ class AddressBook { * Constructor function. */ function AddressBook() { - $this->localbackendname = _("Personal address book"); + $this->localbackendname = _("Personal Address Book"); } /** @@ -515,14 +515,27 @@ class AddressBook { * @return string email address with real name prepended */ function full_address($row) { - global $data_dir, $username; - $addrsrch_fullname = getPref($data_dir, $username, 'addrsrch_fullname'); - if ($addrsrch_fullname == 'fullname') - return $row['name'] . ' <' . trim($row['email']) . '>'; - else if ($addrsrch_fullname == 'nickname') - return $row['nickname'] . ' <' . trim($row['email']) . '>'; - else // "noprefix" - return trim($row['email']); + global $data_dir, $username, $addrsrch_fullname; + + // allow multiple addresses in one row (poor person's grouping - bah) + // (separate with commas) + // + $return = ''; + $addresses = explode(',', $row['email']); + foreach ($addresses as $address) { + + if (!empty($return)) $return .= ', '; + + if ($addrsrch_fullname == 'fullname') + $return .= '"' . $row['name'] . '" <' . trim($address) . '>'; + else if ($addrsrch_fullname == 'nickname') + $return .= '"' . $row['nickname'] . '" <' . trim($address) . '>'; + else // "noprefix" + $return .= trim($address); + + } + + return $return; } /** @@ -595,13 +608,29 @@ class AddressBook { /** - * Lookup an address by alias. + * Lookup an address by the indicated field. + * * Only possible in local backends. - * @param string $alias - * @param integer backend number - * @return array lookup results. False, if not found. + * + * @param string $value The value to look up + * @param integer $bnum The number of the backend to + * look within (OPTIONAL; defaults + * to look in all local backends) + * @param integer $field The field to look in, should be one + * of the SM_ABOOK_FIELD_* constants + * defined in include/constants.php + * (OPTIONAL; defaults to nickname field) + * NOTE: uniqueness is only guaranteed + * when the nickname field is used here; + * otherwise, the first matching address + * is returned. + * + * @return mixed Array with lookup results when the value + * was found, an empty array if the value was + * not found, or false if an error occured. + * */ - function lookup($alias, $bnum = -1) { + function lookup($value, $bnum = -1, $field = SM_ABOOK_FIELD_NICKNAME) { $ret = array(); @@ -610,7 +639,7 @@ class AddressBook { $this->error = _("Unknown address book backend"); return false; } - $res = $this->backends[$bnum]->lookup($alias); + $res = $this->backends[$bnum]->lookup($value, $field); if (is_array($res)) { return $res; } else { @@ -623,13 +652,18 @@ class AddressBook { for ($i = 0 ; $i < sizeof($sel) ; $i++) { $backend = &$sel[$i]; $backend->error = ''; - $res = $backend->lookup($alias); + $res = $backend->lookup($value, $field); + + // return an address if one is found + // (empty array means lookup concluded + // but no result found - in this case, + // proceed to next backend) + // if (is_array($res)) { - if(!empty($res)) - return $res; + if (!empty($res)) return $res; } else { - $this->error = $backend->error; - return false; + $this->error = $backend->error; + return false; } } @@ -697,7 +731,7 @@ class AddressBook { } /* Blocks use of space, :, |, #, " and ! in nickname */ - if (eregi('[ \\:\\|\\#\\"\\!]', $userdata['nickname'])) { + if (preg_match('/[ :|#"!]/', $userdata['nickname'])) { $this->error = _("Nickname contains illegal characters"); return false; } @@ -797,7 +831,7 @@ class AddressBook { return false; } - if (eregi('[\\: \\|\\#"\\!]', $userdata['nickname'])) { + if (preg_match('/[: |#"!]/', $userdata['nickname'])) { $this->error = _("Nickname contains illegal characters"); return false; } @@ -907,11 +941,23 @@ class addressbook_backend { } /** - * Find entry in backend by alias - * @param string $alias name used for id - * @return bool + * Find entry in backend by the indicated field + * + * @param string $value The value to look up + * @param integer $field The field to look in, should be one + * of the SM_ABOOK_FIELD_* constants + * defined in include/constants.php + * NOTE: uniqueness is only guaranteed + * when the nickname field is used here; + * otherwise, the first matching address + * is returned. + * + * @return mixed Array with lookup results when the value + * was found, an empty array if the value was + * not found, or false if an error occured. + * */ - function lookup($alias) { + function lookup($value, $field=SM_ABOOK_FIELD_NICKNAME) { $this->set_error('lookup is not implemented'); return false; } @@ -970,15 +1016,13 @@ class addressbook_backend { * @since 1.5.2 */ function fullname($firstname,$lastname) { - /** - * i18n: allows to control fullname layout in address book listing - * first %s is for first name, second %s is for last name. - * Translate it to '%2$s %1$s', if surname must be displayed first in your language. - * Please note that variables can be set to empty string and extra formating - * (for example '%2$s, %1$s' as in 'Smith, John') might break. Use it only for - * setting name and surname order. scripts will remove all prepended and appended - * whitespace. - */ + // i18n: allows to control fullname layout in address book listing + // first %s is for first name, second %s is for last name. + // Translate it to '%2$s %1$s', if surname must be displayed first in your language. + // Please note that variables can be set to empty string and extra formating + // (for example '%2$s, %1$s' as in 'Smith, John') might break. Use it only for + // setting name and surname order. scripts will remove all prepended and appended + // whitespace. return trim(sprintf(dgettext('squirrelmail',"%s %s"),$firstname,$lastname)); } }