X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Faddressbook.php;h=d35e9eeaeee0c23548a0d11766565cd655399c56;hb=50a361f6e63a3aa80b64a0fd65477c0add52ff02;hp=b4a31a363119de0743ebec9d48f07cd9e5ff7408;hpb=e4a468a78b04cf18a3d1fe9478eb36f9a76175df;p=squirrelmail.git
diff --git a/functions/addressbook.php b/functions/addressbook.php
index b4a31a36..d35e9eea 100644
--- a/functions/addressbook.php
+++ b/functions/addressbook.php
@@ -1,32 +1,49 @@
$username,
'table' => $addrbook_table));
if (!$r && $showerr) {
- echo _("Error initializing addressbook database.");
- exit;
+ $abook_init_error.=_("Error initializing addressbook database.") . "
\n" . $abook->error;
}
} else {
/* File */
@@ -50,19 +66,21 @@ function addressbook_init($showerr = true, $onlylocal = false) {
$r = $abook->add_backend('local_file', Array('filename' => $filename,
'create' => true));
if(!$r && $showerr) {
- printf( _("Error opening file %s"), $filename );
- exit;
+ // no need to use $abook->error, because message explains error.
+ $abook_init_error.=sprintf( _("Error opening file %s"), $filename );
}
-
}
- /* This would be for the global addressbook */
- if (isset($abook_global_file) && isset($abook_global_file_writeable)
- && trim($abook_global_file)!=''){
+ /* Global file based addressbook */
+ if (isset($abook_global_file) &&
+ isset($abook_global_file_writeable) &&
+ isset($abook_global_file_listing) &&
+ trim($abook_global_file)!=''){
+
// Detect place of address book
if (! preg_match("/[\/\\\]/",$abook_global_file)) {
/* no path chars, address book stored in data directory
- * make sure that there is a slash between data directory
+ * make sure that there is a slash between data directory
* and address book file name
*/
$abook_global_filename=$data_dir
@@ -74,13 +92,17 @@ function addressbook_init($showerr = true, $onlylocal = false) {
} else {
$abook_global_filename=SM_PATH . $abook_global_file;
}
+
$r = $abook->add_backend('local_file',array('filename'=>$abook_global_filename,
'name' => _("Global address book"),
'detect_writeable' => false,
- 'writeable'=> $abook_global_file_writeable));
+ 'writeable'=> $abook_global_file_writeable,
+ 'listing' => $abook_global_file_listing));
+
+ /* global abook init error is not fatal. add error message and continue */
if (!$r && $showerr) {
- echo _("Error initializing global addressbook.");
- exit;
+ if ($abook_init_error!='') $abook_init_error.="
\n";
+ $abook_init_error.=_("Error initializing global addressbook.") . "
\n" . $abook->error;
}
}
@@ -97,36 +119,46 @@ function addressbook_init($showerr = true, $onlylocal = false) {
'writeable' => $addrbook_global_writeable,
'listing' => $addrbook_global_listing,
'table' => $addrbook_global_table));
+ /* global abook init error is not fatal. add error message and continue */
+ if (!$r && $showerr) {
+ if ($abook_init_error!='') $abook_init_error.="
\n";
+ $abook_init_error.=_("Error initializing global addressbook.") . "
\n" . $abook->error;
+ }
}
/*
* hook allows to include different address book backends.
* plugins should extract $abook and $r from arguments
* and use same add_backend commands as above functions.
- * @since 1.5.1
+ * @since 1.5.1 and 1.4.5
*/
$hookReturn = do_hook('abook_init', $abook, $r);
$abook = $hookReturn[1];
$r = $hookReturn[2];
- if ($onlylocal) {
- return $abook;
- }
-
- /* Load configured LDAP servers (if PHP has LDAP support) */
- if (isset($ldap_server) && is_array($ldap_server) && function_exists('ldap_connect')) {
- reset($ldap_server);
- while (list($undef,$param) = each($ldap_server)) {
- if (is_array($param)) {
- $r = $abook->add_backend('ldap_server', $param);
- if (!$r && $showerr) {
- printf( ' ' . _("Error initializing LDAP server %s:") .
- "
\n", $param['host']);
- echo ' ' . $abook->error;
- exit;
+ if (! $onlylocal) {
+ /* Load configured LDAP servers (if PHP has LDAP support) */
+ if (isset($ldap_server) && is_array($ldap_server)) {
+ reset($ldap_server);
+ while (list($undef,$param) = each($ldap_server)) {
+ if (is_array($param)) {
+ $r = $abook->add_backend('ldap_server', $param);
+ if (!$r && $showerr) {
+ if ($abook_init_error!='') $abook_init_error.="
\n";
+ $abook_init_error.=sprintf(_("Error initializing LDAP server %s:") .
+ "
\n", $param['host']);
+ $abook_init_error.= $abook->error;
+ }
}
}
- }
+ } // end of ldap server init
+ } // end of remote abook backend init
+
+ /**
+ * display address book init errors.
+ */
+ if ($abook_init_error!='' && $showerr) {
+ error_box($abook_init_error,$color);
}
/* Return the initialized object */
@@ -153,12 +185,12 @@ function abook_create_form($form_url,$name,$title,$button,$defdata=array()) {
'center', $color[0]
)
)
- , 'center', '', 'width="100%"' ) ."\n";
+ , 'center', '', 'width="90%"' ) ."\n";
address_form($name, $button, $defdata);
}
-/*
+/**
* Had to move this function outside of the Addressbook Class
* PHP 4.0.4 Seemed to be having problems with inline functions.
* Note: this can return now since we don't support 4.0.4 anymore.
@@ -382,6 +414,14 @@ function show_abook_sort_button($abook_sort_order, $alt_tag, $Down, $Up ) {
* @subpackage addressbook
*/
class AddressBook {
+
+ /*
+ Cleaning errors from html with htmlspecialchars:
+ Errors from the backend are cleaned up in this class because we not always
+ have control over it when error output is generated in the backend.
+ If this appears to be wrong place then clean it up at the source (the backend)
+ */
+
/**
* Enabled address book backends
* @var array
@@ -407,6 +447,20 @@ class AddressBook {
* @var string
*/
var $localbackendname = '';
+ /**
+ * Controls use of 'extra' field
+ *
+ * Extra field can be used to add link to form, which allows
+ * to modify all fields supported by backend. This is the only field
+ * that is not sanitized with htmlspecialchars. Backends MUST make
+ * sure that field data is sanitized and displayed correctly inside
+ * table cell. Use of html formating in other address book fields is
+ * not allowed. Backends that don't return 'extra' row in address book
+ * data should not modify this object property.
+ * @var boolean
+ * @since 1.5.1
+ */
+ var $add_extra_field = false;
/**
* Constructor function.
@@ -510,7 +564,7 @@ class AddressBook {
if (is_array($res)) {
$ret = array_merge($ret, $res);
} else {
- $this->error .= "
\n" . $backend->error;
+ $this->error .= "
\n" . htmlspecialchars($backend->error);
$failed++;
}
}
@@ -526,7 +580,7 @@ class AddressBook {
$ret = $this->backends[$bnum]->search($expression);
if (!is_array($ret)) {
- $this->error .= "
\n" . $this->backends[$bnum]->error;
+ $this->error .= "
\n" . htmlspecialchars($this->backends[$bnum]->error);
$ret = FALSE;
}
}
@@ -567,7 +621,7 @@ class AddressBook {
if (is_array($res)) {
return $res;
} else {
- $this->error = $backend->error;
+ $this->error = htmlspecialchars($this->backends[$bnum]->error);
return false;
}
}
@@ -581,7 +635,7 @@ class AddressBook {
if(!empty($res))
return $res;
} else {
- $this->error = $backend->error;
+ $this->error = htmlspecialchars($backend->error);
return false;
}
}
@@ -611,7 +665,7 @@ class AddressBook {
if (is_array($res)) {
$ret = array_merge($ret, $res);
} else {
- $this->error = $backend->error;
+ $this->error = htmlspecialchars($backend->error);
return false;
}
}
@@ -661,7 +715,7 @@ class AddressBook {
if ($res) {
return $bnum;
} else {
- $this->error = $this->backends[$bnum]->error;
+ $this->error = htmlspecialchars($this->backends[$bnum]->error);
return false;
}
@@ -698,7 +752,7 @@ class AddressBook {
if ($res) {
return $bnum;
} else {
- $this->error = $this->backends[$bnum]->error;
+ $this->error = htmlspecialchars($this->backends[$bnum]->error);
return false;
}
@@ -753,7 +807,7 @@ class AddressBook {
if ($res) {
return $bnum;
} else {
- $this->error = $this->backends[$bnum]->error;
+ $this->error = htmlspecialchars($this->backends[$bnum]->error);
return false;
}
@@ -824,6 +878,10 @@ class addressbook_backend {
/**
* Search for entries in backend
+ *
+ * Working backend should support use of wildcards. * symbol
+ * should match one or more symbols. ? symbol should match any
+ * single symbol.
* @param string $expression
* @return bool
*/
@@ -844,6 +902,9 @@ class addressbook_backend {
/**
* List all entries in backend
+ *
+ * Working backend should provide this function or at least
+ * dummy function that returns empty array.
* @return bool
*/
function list_addr() {
@@ -893,8 +954,8 @@ require_once(SM_PATH . 'functions/abook_ldap_server.php');
/* Only load database backend if database is configured */
if((isset($addrbook_dsn) && !empty($addrbook_dsn)) ||
- (isset($addrbook_global_dsn) && !empty($addrbook_global_dsn)) ) {
- include_once(SM_PATH . 'functions/abook_database.php');
+ (isset($addrbook_global_dsn) && !empty($addrbook_global_dsn))) {
+ include_once(SM_PATH . 'functions/abook_database.php');
}
/*
@@ -902,8 +963,8 @@ if((isset($addrbook_dsn) && !empty($addrbook_dsn)) ||
* class must follow address book class coding standards.
*
* see addressbook_backend class and functions/abook_*.php files.
- * @since 1.5.1
+ * @since 1.5.1 and 1.4.5
*/
do_hook('abook_add_class');
-?>
\ No newline at end of file
+?>