X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Fabook_local_file.php;h=9f7acf7a5bfaa2565bab00b86ecd1244c15cfc25;hb=46beee9f7b85b741b3920624bcf342d7ccb4a5e5;hp=904893e4ca7349b9487d0f0d81477b5595403de5;hpb=06b4facd9478c9f1b4464a0f6ef3895ec8d92bf9;p=squirrelmail.git

diff --git a/functions/abook_local_file.php b/functions/abook_local_file.php
index 904893e4..9f7acf7a 100644
--- a/functions/abook_local_file.php
+++ b/functions/abook_local_file.php
@@ -134,6 +134,7 @@ class abook_local_file extends addressbook_backend {
     /* Overwrite the file with data from $rows
      * NOTE! Previous locks are broken by this function */
     function overwrite(&$rows) {
+        $this->unlock();
         $newfh = @fopen($this->filename, 'w');
         if(!$newfh) {
             return $this->set_error("$file: " . _("Open failed"));
@@ -141,6 +142,9 @@ class abook_local_file extends addressbook_backend {
         
         for($i = 0 ; $i < sizeof($rows) ; $i++) {
             if(is_array($rows[$i])) {
+                for($j = 0 ; $j < count($rows[$i]) ; $j++) {
+                    $rows[$i][$j] = $this->quotevalue($rows[$i][$j]);
+                }
                 fwrite($newfh, join('|', $rows[$i]) . "\n");
             }
         }       
@@ -246,9 +250,12 @@ class abook_local_file extends addressbook_backend {
         }
   
         /* Here is the data to write */
-        $data = $userdata['nickname'] . '|' . $userdata['firstname'] . '|' .
-                $userdata['lastname'] . '|' . $userdata['email'] . '|' .
-                $userdata['label'];
+        $data = $this->quotevalue($userdata['nickname']) . '|' .
+                $this->quotevalue($userdata['firstname']) . '|' .
+                $this->quotevalue($userdata['lastname']) . '|' .
+                $this->quotevalue($userdata['email']) . '|' .
+                $this->quotevalue($userdata['label']);
+
         /* Strip linefeeds */
         $data = ereg_replace("[\r\n]", ' ', $data);
         /* Add linefeed at end */
@@ -358,5 +365,15 @@ class abook_local_file extends addressbook_backend {
         return true;
     }
      
+    /* Function for quoting values before saving */
+    function quotevalue($value) {
+        /* Quote the field if it contains | or ". Double quotes need to
+         * be replaced with "" */
+        if(ereg("[|\"]", $value)) {
+            $value = '"' . str_replace('"', '""', $value) . '"';
+        }
+        return $value;
+    }
+
 } /* End of class abook_local_file */
 ?>
\ No newline at end of file