$disable_thread_sort = 'false' if ( !$disable_thread_sort );
$disable_server_sort = 'false' if ( !$disable_server_sort );
+# since 1.5.2
+$abook_file_line_length = 2048 if ( !$abook_file_line_length );
+
if ( $ARGV[0] eq '--install-plugin' ) {
print "Activating plugin " . $ARGV[1] . "\n";
push @plugins, $ARGV[1];
print "3. Global address book file : $WHT$abook_global_file$NRM\n";
print "4. Allow writing into global file address book : $WHT$abook_global_file_writeable$NRM\n";
print "5. Allow listing of global file address book : $WHT$abook_global_file_listing$NRM\n";
+ print "6. Allowed address book line length : $WHT$abook_file_line_length$NRM\n";
print "\n";
print "R Return to Main Menu\n";
} elsif ( $menu == 7 ) {
elsif ( $command == 3 ) { $abook_global_file=command63(); }
elsif ( $command == 4 ) { command64(); }
elsif ( $command == 5 ) { command65(); }
+ elsif ( $command == 6 ) { command_abook_file_line_length(); }
} elsif ( $menu == 7 ) {
if ( $command == 1 ) { $motd = command71(); }
} elsif ( $menu == 8 ) {
return $abook_global_file_listing;
}
+# controls $abook_file_line_length setting
+sub command_abook_file_line_length {
+ print "This setting controls space allocated to file based address book records.\n";
+ print "End users will be unable to save address book entry, if total entry size \n";
+ print "(quoted address book fields + 4 delimiters + linefeed) exceeds allowed \n";
+ print "address book length size.\n";
+ print "\n";
+ print "Same setting is applied to personal and global file based address books.\n";
+ print "\n";
+ print "It is strongly recommended to keep default setting value. Change it only\n";
+ print "if you really want to store address book entries that are bigger than two\n";
+ print "kilobytes (2048).\n";
+ print "\n";
+
+ print "Enter allowed address book line length [$abook_file_line_length]: ";
+ my $tmp = <STDIN>;
+ $tmp = trim($tmp);
+ # value is not modified, if user hits Enter or enters space
+ if ($tmp ne '') {
+ # make sure that input is numeric
+ if ($tmp =~ /^\d+$/) {
+ $abook_file_line_length = $tmp;
+ } else {
+ print "If you want to change this setting, you must enter number.\n";
+ print "If you want to keep original setting - enter space.\n\n";
+ print "Press Enter to continue...";
+ $tmp = <STDIN>;
+ }
+ }
+}
+
sub command91 {
print "If you want to store your users address book details in a database then\n";
print "you need to set this DSN to a valid value. The format for this is:\n";
print CF "\$abook_global_file_writeable = $abook_global_file_writeable;\n\n";
# boolean
print CF "\$abook_global_file_listing = $abook_global_file_listing;\n\n";
+ # integer
+ print CF "\$abook_file_line_length = $abook_file_line_length;\n\n";
# boolean
print CF "\$no_list_for_subscribe = $no_list_for_subscribe;\n";
* @var string
*/
var $umask;
+ /**
+ * Sets max entry size (number of bytes used for all address book fields
+ * (including escapes) + 4 delimiters + 1 linefeed)
+ * @var integer
+ * @since 1.5.2
+ */
+ var $line_length = 2048;
/* ========================== Private ======================= */
if(isset($param['listing'])) {
$this->listing = $param['listing'];
}
+ if(isset($param['line_length']) && ! empty($param['line_length'])) {
+ $this->line_length = (int) $param['line_length'];
+ }
$this->open(true);
} else {
}
@rewind($this->filehandle);
- while ($row = @fgetcsv($this->filehandle, 2048, '|')) {
- $line = join(' ', $row);
- /**
- * TODO: regexp search is supported only in local_file backend.
- * Do we check format of regexp or ignore errors?
- */
- // errors on eregi call are suppressed in order to prevent display of regexp compilation errors
- if(@eregi($expr, $line)) {
- array_push($res, array('nickname' => $row[0],
- 'name' => $this->fullname($row[1], $row[2]),
- 'firstname' => $row[1],
- 'lastname' => $row[2],
- 'email' => $row[3],
- 'label' => $row[4],
- 'backend' => $this->bnum,
- 'source' => &$this->sname));
+ while ($row = @fgetcsv($this->filehandle, $this->line_length, '|')) {
+ if (count($row)<5) {
+ /**
+ * address book is corrupted.
+ */
+ global $oTemplate;
+ error_box(_("Address book is corrupted. Required fields are missing."));
+ $oTemplate->display('footer.tpl');
+ die();
+ } else {
+ $line = join(' ', $row);
+ /**
+ * TODO: regexp search is supported only in local_file backend.
+ * Do we check format of regexp or ignore errors?
+ */
+ // errors on eregi call are suppressed in order to prevent display of regexp compilation errors
+ if(@eregi($expr, $line)) {
+ array_push($res, array('nickname' => $row[0],
+ 'name' => $this->fullname($row[1], $row[2]),
+ 'firstname' => $row[1],
+ 'lastname' => $row[2],
+ 'email' => $row[3],
+ 'label' => $row[4],
+ 'backend' => $this->bnum,
+ 'source' => &$this->sname));
+ }
}
}
$this->open();
@rewind($this->filehandle);
- while ($row = @fgetcsv($this->filehandle, 2048, '|')) {
- if(strtolower($row[0]) == $alias) {
- return array('nickname' => $row[0],
- 'name' => $this->fullname($row[1], $row[2]),
- 'firstname' => $row[1],
- 'lastname' => $row[2],
- 'email' => $row[3],
- 'label' => $row[4],
- 'backend' => $this->bnum,
- 'source' => &$this->sname);
+ while ($row = @fgetcsv($this->filehandle, $this->line_length, '|')) {
+ if (count($row)<5) {
+ /**
+ * address book is corrupted.
+ */
+ global $oTemplate;
+ error_box(_("Address book is corrupted. Required fields are missing."));
+ $oTemplate->display('footer.tpl');
+ die();
+ } else {
+ if(strtolower($row[0]) == $alias) {
+ return array('nickname' => $row[0],
+ 'name' => $this->fullname($row[1], $row[2]),
+ 'firstname' => $row[1],
+ 'lastname' => $row[2],
+ 'email' => $row[3],
+ 'label' => $row[4],
+ 'backend' => $this->bnum,
+ 'source' => &$this->sname);
+ }
}
}
$this->open();
@rewind($this->filehandle);
- while ($row = @fgetcsv($this->filehandle, 2048, '|')) {
- array_push($res, array('nickname' => $row[0],
- 'name' => $this->fullname($row[1], $row[2]),
- 'firstname' => $row[1],
- 'lastname' => $row[2],
- 'email' => $row[3],
- 'label' => $row[4],
- 'backend' => $this->bnum,
- 'source' => &$this->sname));
+ while ($row = @fgetcsv($this->filehandle, $this->line_length, '|')) {
+ if (count($row)<5) {
+ /**
+ * address book is corrupted. Don't be nice to people that
+ * violate address book formating.
+ */
+ global $oTemplate;
+ error_box(_("Address book is corrupted. Required fields are missing."));
+ $oTemplate->display('footer.tpl');
+ die();
+ } else {
+ array_push($res, array('nickname' => $row[0],
+ 'name' => $this->fullname($row[1], $row[2]),
+ 'firstname' => $row[1],
+ 'lastname' => $row[2],
+ 'email' => $row[3],
+ 'label' => $row[4],
+ 'backend' => $this->bnum,
+ 'source' => &$this->sname));
+ }
}
return $res;
}
/* Strip linefeeds */
$data = ereg_replace("[\r\n]", ' ', $data);
+
+ /**
+ * Make sure that entry fits into allocated record space.
+ * One byte is reserved for linefeed
+ */
+ if (strlen($data) >= $this->line_length) {
+ return $this->set_error(_("Address book entry is too big"));
+ }
+
/* Add linefeed at end */
$data = $data . "\n";
@rewind($this->filehandle);
$i = 0;
$rows = array();
- while($row = @fgetcsv($this->filehandle, 2048, '|')) {
+ while($row = @fgetcsv($this->filehandle, $this->line_length, '|')) {
if(!in_array($row[0], $alias)) {
$rows[$i++] = $row;
}
return $this->set_error(_("Could not lock datafile"));
}
+ /* calculate userdata size */
+ $data = $this->quotevalue($userdata['nickname']) . '|'
+ . $this->quotevalue($userdata['firstname']) . '|'
+ . $this->quotevalue((!empty($userdata['lastname'])?$userdata['lastname']:'')) . '|'
+ . $this->quotevalue($userdata['email']) . '|'
+ . $this->quotevalue((!empty($userdata['label'])?$userdata['label']:''));
+ /* make sure that it fits into allocated space */
+ if (strlen($data) >= $this->line_length) {
+ return $this->set_error(_("Address book entry is too big"));
+ }
+
/* Read file into memory, modifying the data for the
* user identified by $alias */
$this->open(true);
@rewind($this->filehandle);
$i = 0;
$rows = array();
- while($row = @fgetcsv($this->filehandle, 2048, '|')) {
+ while($row = @fgetcsv($this->filehandle, $this->line_length, '|')) {
if(strtolower($row[0]) != strtolower($alias)) {
$rows[$i++] = $row;
} else {
global $addrbook_dsn, $addrbook_table;
global $abook_global_file, $abook_global_file_writeable, $abook_global_file_listing;
global $addrbook_global_dsn, $addrbook_global_table, $addrbook_global_writeable, $addrbook_global_listing;
+ global $abook_file_line_length;
/* Create a new addressbook object */
$abook = new AddressBook;
/* File */
$filename = getHashedFile($username, $data_dir, "$username.abook");
$r = $abook->add_backend('local_file', Array('filename' => $filename,
- 'create' => true));
+ 'line_length' => $abook_file_line_length,
+ 'create' => true));
if(!$r && $showerr) {
// no need to use $abook->error, because message explains error.
$abook_init_error.=sprintf( _("Error opening file %s"), $filename );
$r = $abook->add_backend('local_file',array('filename'=>$abook_global_filename,
'name' => _("Global address book"),
'detect_writeable' => false,
+ 'line_length' => $abook_file_line_length,
'writeable'=> $abook_global_file_writeable,
'listing' => $abook_global_file_listing));
$abook_init_error.=_("Error initializing other address books.") . "\n" . $abook->error;
}
-
/* Load configured LDAP servers (if PHP has LDAP support) */
if (isset($ldap_server) && is_array($ldap_server)) {
reset($ldap_server);
projects / squirrelmail.git / commitdiff