X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Fabook_database.php;h=8ae859e02720cbef01a353a8f323d2d188dfea58;hb=716cc530b6c5c50ffb64db64b804b40677458e1d;hp=cd29624de766652b3d8c0d061c8f87256e444df7;hpb=eee5aa69042d3947e08669e2d4384774c9f4ae6b;p=squirrelmail.git
diff --git a/functions/abook_database.php b/functions/abook_database.php
index cd29624d..8ae859e0 100644
--- a/functions/abook_database.php
+++ b/functions/abook_database.php
@@ -3,7 +3,18 @@
/**
* abook_database.php
*
- * @copyright © 1999-2006 The SquirrelMail Project Team
+ * Supported database schema
+ *
+ * owner varchar(128) NOT NULL
+ * nickname varchar(16) NOT NULL
+ * firstname varchar(128)
+ * lastname varchar(128)
+ * email varchar(128) NOT NULL
+ * label varchar(255)
+ * PRIMARY KEY (owner,nickname)
+ *
+ *
+ * @copyright © 1999-2007 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
@@ -101,9 +112,9 @@ class abook_database extends addressbook_backend {
/* test if Pear DB class is available and freak out if it is not */
if (! class_exists('DB')) {
// same error also in db_prefs.php
- $error = _("Could not include PEAR database functions required for the database backend.") . "
\n";
+ $error = _("Could not include PEAR database functions required for the database backend.") . "\n";
$error .= sprintf(_("Is PEAR installed, and is the include path set correctly to find %s?"),
- 'DB.php') . "
\n";
+ 'DB.php') . "\n";
$error .= _("Please contact your system administrator and report this error.");
return $this->set_error($error);
}
@@ -165,6 +176,13 @@ class abook_database extends addressbook_backend {
}
$this->dbh = $dbh;
+
+ /**
+ * field names are lowercased.
+ * We use unquoted identifiers and they use upper case in Oracle
+ */
+ $this->dbh->setOption('portability', DB_PORTABILITY_LOWERCASE);
+
return true;
}
@@ -180,8 +198,11 @@ class abook_database extends addressbook_backend {
/**
* Search the database
+ *
+ * Backend supports only * and ? wildcards. Complex eregs are not supported.
+ * Search is case insensitive.
* @param string $expr search expression
- * @return array search results
+ * @return array search results. boolean false on error
*/
function search($expr) {
$ret = array();
@@ -198,15 +219,26 @@ class abook_database extends addressbook_backend {
if ($expr=='*' && ! $this->listing)
return array();
- /* Make regexp from glob'ed expression */
+ /* lowercase expression in order to make it case insensitive */
+ $expr = strtolower($expr);
+
+ /* escape SQL wildcards */
+ $expr = str_replace('_', '\\_', $expr);
+ $expr = str_replace('%', '\\%', $expr);
+
+ /* Convert wildcards to SQL syntax */
$expr = str_replace('?', '_', $expr);
$expr = str_replace('*', '%', $expr);
$expr = $this->dbh->quoteString($expr);
$expr = "%$expr%";
+ /* create escape expression */
+ $escape = 'ESCAPE \'' . $this->dbh->quoteString('\\') . '\'';
+
$query = sprintf("SELECT * FROM %s WHERE owner='%s' AND " .
- "(firstname LIKE '%s' OR lastname LIKE '%s')",
- $this->table, $this->owner, $expr, $expr);
+ "(LOWER(firstname) LIKE '%s' %s OR LOWER(lastname) LIKE '%s' %s)",
+ $this->table, $this->owner, $expr, $escape, $expr, $escape);
+
$res = $this->dbh->query($query);
if (DB::isError($res)) {
@@ -216,7 +248,7 @@ class abook_database extends addressbook_backend {
while ($row = $res->fetchRow(DB_FETCHMODE_ASSOC)) {
array_push($ret, array('nickname' => $row['nickname'],
- 'name' => "$row[firstname] $row[lastname]",
+ 'name' => $this->fullname($row['firstname'], $row['lastname']),
'firstname' => $row['firstname'],
'lastname' => $row['lastname'],
'email' => $row['email'],
@@ -255,7 +287,7 @@ class abook_database extends addressbook_backend {
if ($row = $res->fetchRow(DB_FETCHMODE_ASSOC)) {
return array('nickname' => $row['nickname'],
- 'name' => "$row[firstname] $row[lastname]",
+ 'name' => $this->fullname($row['firstname'], $row['lastname']),
'firstname' => $row['firstname'],
'lastname' => $row['lastname'],
'email' => $row['email'],
@@ -293,7 +325,7 @@ class abook_database extends addressbook_backend {
while ($row = $res->fetchRow(DB_FETCHMODE_ASSOC)) {
array_push($ret, array('nickname' => $row['nickname'],
- 'name' => "$row[firstname] $row[lastname]",
+ 'name' => $this->fullname($row['firstname'], $row['lastname']),
'firstname' => $row['firstname'],
'lastname' => $row['lastname'],
'email' => $row['email'],
@@ -311,7 +343,7 @@ class abook_database extends addressbook_backend {
*/
function add($userdata) {
if (!$this->writeable) {
- return $this->set_error(_("Addressbook is read-only"));
+ return $this->set_error(_("Address book is read-only"));
}
if (!$this->open()) {
@@ -337,13 +369,13 @@ class abook_database extends addressbook_backend {
/* Do the insert */
$r = $this->dbh->simpleQuery($query);
- if ($r == DB_OK) {
- return true;
+
+ /* Check for errors */
+ if (DB::isError($r)) {
+ return $this->set_error(sprintf(_("Database error: %s"),
+ DB::errorMessage($r)));
}
-
- /* Fail */
- return $this->set_error(sprintf(_("Database error: %s"),
- DB::errorMessage($r)));
+ return true;
}
/**
@@ -354,7 +386,7 @@ class abook_database extends addressbook_backend {
*/
function remove($alias) {
if (!$this->writeable) {
- return $this->set_error(_("Addressbook is read-only"));
+ return $this->set_error(_("Address book is read-only"));
}
if (!$this->open()) {
@@ -375,13 +407,13 @@ class abook_database extends addressbook_backend {
/* Delete entry */
$r = $this->dbh->simpleQuery($query);
- if ($r == DB_OK) {
- return true;
- }
- /* Fail */
- return $this->set_error(sprintf(_("Database error: %s"),
- DB::errorMessage($r)));
+ /* Check for errors */
+ if (DB::isError($r)) {
+ return $this->set_error(sprintf(_("Database error: %s"),
+ DB::errorMessage($r)));
+ }
+ return true;
}
/**
@@ -392,7 +424,7 @@ class abook_database extends addressbook_backend {
*/
function modify($alias, $userdata) {
if (!$this->writeable) {
- return $this->set_error(_("Addressbook is read-only"));
+ return $this->set_error(_("Address book is read-only"));
}
if (!$this->open()) {
@@ -405,6 +437,16 @@ class abook_database extends addressbook_backend {
return $this->set_error(sprintf(_("User \"%s\" does not exist"),$alias));
}
+ /* make sure that new nickname is not used */
+ if (strtolower($alias) != strtolower($userdata['nickname'])) {
+ /* same check as in add() */
+ $ret = $this->lookup($userdata['nickname']);
+ if (!empty($ret)) {
+ $error = sprintf(_("User '%s' already exist."), $ret['nickname']);
+ return $this->set_error($error);
+ }
+ }
+
/* Create query */
$query = sprintf("UPDATE %s SET nickname='%s', firstname='%s', ".
"lastname='%s', email='%s', label='%s' ".
@@ -420,15 +462,14 @@ class abook_database extends addressbook_backend {
/* Do the insert */
$r = $this->dbh->simpleQuery($query);
- if ($r == DB_OK) {
- return true;
- }
- /* Fail */
- return $this->set_error(sprintf(_("Database error: %s"),
- DB::errorMessage($r)));
+ /* Check for errors */
+ if (DB::isError($r)) {
+ return $this->set_error(sprintf(_("Database error: %s"),
+ DB::errorMessage($r)));
+ }
+ return true;
}
} /* End of class abook_database */
// vim: et ts=4
-?>