projects / squirrelmail.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Undefined index in addressbook backends. Possible trigger is import plugins.
[squirrelmail.git] / functions / abook_database.php
1 <?php
2
3 /**
4 * abook_database.php
5 *
6 * @copyright &copy; 1999-2005 The SquirrelMail Project Team
7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
8 * @version $Id$
9 * @package squirrelmail
10 * @subpackage addressbook
11 */
12
13 /** Needs the DB functions */
14 if (!include_once('DB.php')) {
15 // same error also in db_prefs.php
16 require_once(SM_PATH . 'functions/display_messages.php');
17 $error = _("Could not include PEAR database functions required for the database backend.") . "<br />\n";
18 $error .= sprintf(_("Is PEAR installed, and is the include path set correctly to find %s?"),
19 '<tt>DB.php</tt>') . "<br />\n";
20 $error .= _("Please contact your system administrator and report this error.");
21 error_box($error, $color);
22 exit;
23 }
24
25 /**
26 * Address book in a database backend
27 *
28 * Backend for personal/shared address book stored in a database,
29 * accessed using the DB-classes in PEAR.
30 *
31 * IMPORTANT: The PEAR modules must be in the include path
32 * for this class to work.
33 *
34 * An array with the following elements must be passed to
35 * the class constructor (elements marked ? are optional):
36 * <pre>
37 * dsn => database DNS (see PEAR for syntax)
38 * table => table to store addresses in (must exist)
39 * owner => current user (owner of address data)
40 * ? name => name of address book
41 * ? writeable => set writeable flag (true/false)
42 * ? listing => enable/disable listing
43 * </pre>
44 * The table used should have the following columns:
45 * owner, nickname, firstname, lastname, email, label
46 * The pair (owner,nickname) should be unique (primary key).
47 *
48 * NOTE. This class should not be used directly. Use the
49 * "AddressBook" class instead.
50 * @package squirrelmail
51 * @subpackage addressbook
52 */
53 class abook_database extends addressbook_backend {
54 /**
55 * Backend type
56 * @var string
57 */
58 var $btype = 'local';
59 /**
60 * Backend name
61 * @var string
62 */
63 var $bname = 'database';
64
65 /**
66 * Data Source Name (connection description)
67 * @var string
68 */
69 var $dsn = '';
70 /**
71 * Table that stores addresses
72 * @var string
73 */
74 var $table = '';
75 /**
76 * Owner name
77 *
78 * Limits list of database entries visible to end user
79 * @var string
80 */
81 var $owner = '';
82 /**
83 * Database Handle
84 * @var resource
85 */
86 var $dbh = false;
87 /**
88 * Enable/disable writing into address book
89 * @var bool
90 */
91 var $writeable = true;
92 /**
93 * Enable/disable address book listing
94 * @var bool
95 */
96 var $listing = true;
97
98 /* ========================== Private ======================= */
99
100 /**
101 * Constructor
102 * @param array $param address book backend options
103 */
104 function abook_database($param) {
105 $this->sname = _("Personal address book");
106
107 if (is_array($param)) {
108 if (empty($param['dsn']) ||
109 empty($param['table']) ||
110 empty($param['owner'])) {
111 return $this->set_error('Invalid parameters');
112 }
113
114 $this->dsn = $param['dsn'];
115 $this->table = $param['table'];
116 $this->owner = $param['owner'];
117
118 if (!empty($param['name'])) {
119 $this->sname = $param['name'];
120 }
121
122 if (isset($param['writeable'])) {
123 $this->writeable = $param['writeable'];
124 }
125
126 if (isset($param['listing'])) {
127 $this->listing = $param['listing'];
128 }
129
130 $this->open(true);
131 }
132 else {
133 return $this->set_error('Invalid argument to constructor');
134 }
135 }
136
137
138 /**
139 * Open the database.
140 * @param bool $new new connection if it is true
141 * @return bool
142 */
143 function open($new = false) {
144 $this->error = '';
145
146 /* Return true is file is open and $new is unset */
147 if ($this->dbh && !$new) {
148 return true;
149 }
150
151 /* Close old file, if any */
152 if ($this->dbh) {
153 $this->close();
154 }
155
156 $dbh = DB::connect($this->dsn, true);
157
158 if (DB::isError($dbh)) {
159 return $this->set_error(sprintf(_("Database error: %s"),
160 DB::errorMessage($dbh)));
161 }
162
163 $this->dbh = $dbh;
164 return true;
165 }
166
167 /**
168 * Close the file and forget the filehandle
169 */
170 function close() {
171 $this->dbh->disconnect();
172 $this->dbh = false;
173 }
174
175 /* ========================== Public ======================== */
176
177 /**
178 * Search the database
179 * @param string $expr search expression
180 * @return array search results
181 */
182 function search($expr) {
183 $ret = array();
184 if(!$this->open()) {
185 return false;
186 }
187
188 /* To be replaced by advanded search expression parsing */
189 if (is_array($expr)) {
190 return;
191 }
192
193 // don't allow wide search when listing is disabled.
194 if ($expr=='*' && ! $this->listing)
195 return array();
196
197 /* Make regexp from glob'ed expression */
198 $expr = str_replace('?', '_', $expr);
199 $expr = str_replace('*', '%', $expr);
200 $expr = $this->dbh->quoteString($expr);
201 $expr = "%$expr%";
202
203 $query = sprintf("SELECT * FROM %s WHERE owner='%s' AND " .
204 "(firstname LIKE '%s' OR lastname LIKE '%s')",
205 $this->table, $this->owner, $expr, $expr);
206 $res = $this->dbh->query($query);
207
208 if (DB::isError($res)) {
209 return $this->set_error(sprintf(_("Database error: %s"),
210 DB::errorMessage($res)));
211 }
212
213 while ($row = $res->fetchRow(DB_FETCHMODE_ASSOC)) {
214 array_push($ret, array('nickname' => $row['nickname'],
215 'name' => "$row[firstname] $row[lastname]",
216 'firstname' => $row['firstname'],
217 'lastname' => $row['lastname'],
218 'email' => $row['email'],
219 'label' => $row['label'],
220 'backend' => $this->bnum,
221 'source' => &$this->sname));
222 }
223 return $ret;
224 }
225
226 /**
227 * Lookup alias
228 * @param string $alias alias
229 * @return array search results
230 */
231 function lookup($alias) {
232 if (empty($alias)) {
233 return array();
234 }
235
236 $alias = strtolower($alias);
237
238 if (!$this->open()) {
239 return false;
240 }
241
242 $query = sprintf("SELECT * FROM %s WHERE owner='%s' AND LOWER(nickname)='%s'",
243 $this->table, $this->owner, $this->dbh->quoteString($alias));
244
245 $res = $this->dbh->query($query);
246
247 if (DB::isError($res)) {
248 return $this->set_error(sprintf(_("Database error: %s"),
249 DB::errorMessage($res)));
250 }
251
252 if ($row = $res->fetchRow(DB_FETCHMODE_ASSOC)) {
253 return array('nickname' => $row['nickname'],
254 'name' => "$row[firstname] $row[lastname]",
255 'firstname' => $row['firstname'],
256 'lastname' => $row['lastname'],
257 'email' => $row['email'],
258 'label' => $row['label'],
259 'backend' => $this->bnum,
260 'source' => &$this->sname);
261 }
262 return array();
263 }
264
265 /**
266 * List all addresses
267 * @return array search results
268 */
269 function list_addr() {
270 $ret = array();
271 if (!$this->open()) {
272 return false;
273 }
274
275 if(isset($this->listing) && !$this->listing) {
276 return array();
277 }
278
279
280 $query = sprintf("SELECT * FROM %s WHERE owner='%s'",
281 $this->table, $this->owner);
282
283 $res = $this->dbh->query($query);
284
285 if (DB::isError($res)) {
286 return $this->set_error(sprintf(_("Database error: %s"),
287 DB::errorMessage($res)));
288 }
289
290 while ($row = $res->fetchRow(DB_FETCHMODE_ASSOC)) {
291 array_push($ret, array('nickname' => $row['nickname'],
292 'name' => "$row[firstname] $row[lastname]",
293 'firstname' => $row['firstname'],
294 'lastname' => $row['lastname'],
295 'email' => $row['email'],
296 'label' => $row['label'],
297 'backend' => $this->bnum,
298 'source' => &$this->sname));
299 }
300 return $ret;
301 }
302
303 /**
304 * Add address
305 * @param array $userdata added data
306 * @return bool
307 */
308 function add($userdata) {
309 if (!$this->writeable) {
310 return $this->set_error(_("Addressbook is read-only"));
311 }
312
313 if (!$this->open()) {
314 return false;
315 }
316
317 /* See if user exist already */
318 $ret = $this->lookup($userdata['nickname']);
319 if (!empty($ret)) {
320 return $this->set_error(sprintf(_("User \"%s\" already exists"),$ret['nickname']));
321 }
322
323 /* Create query */
324 $query = sprintf("INSERT INTO %s (owner, nickname, firstname, " .
325 "lastname, email, label) VALUES('%s','%s','%s'," .
326 "'%s','%s','%s')",
327 $this->table, $this->owner,
328 $this->dbh->quoteString($userdata['nickname']),
329 $this->dbh->quoteString($userdata['firstname']),
330 $this->dbh->quoteString((!empty($userdata['lastname'])?$userdata['lastname']:'')),
331 $this->dbh->quoteString($userdata['email']),
332 $this->dbh->quoteString((!empty($userdata['label'])?$userdata['label']:'')) );
333
334 /* Do the insert */
335 $r = $this->dbh->simpleQuery($query);
336 if ($r == DB_OK) {
337 return true;
338 }
339
340 /* Fail */
341 return $this->set_error(sprintf(_("Database error: %s"),
342 DB::errorMessage($r)));
343 }
344
345 /**
346 * Delete address
347 * @param string $alias alias that has to be deleted
348 * @return bool
349 */
350 function remove($alias) {
351 if (!$this->writeable) {
352 return $this->set_error(_("Addressbook is read-only"));
353 }
354
355 if (!$this->open()) {
356 return false;
357 }
358
359 /* Create query */
360 $query = sprintf("DELETE FROM %s WHERE owner='%s' AND (",
361 $this->table, $this->owner);
362
363 $sepstr = '';
364 while (list($undef, $nickname) = each($alias)) {
365 $query .= sprintf("%s nickname='%s' ", $sepstr,
366 $this->dbh->quoteString($nickname));
367 $sepstr = 'OR';
368 }
369 $query .= ')';
370
371 /* Delete entry */
372 $r = $this->dbh->simpleQuery($query);
373 if ($r == DB_OK) {
374 return true;
375 }
376
377 /* Fail */
378 return $this->set_error(sprintf(_("Database error: %s"),
379 DB::errorMessage($r)));
380 }
381
382 /**
383 * Modify address
384 * @param string $alias modified alias
385 * @param array $userdata new data
386 * @return bool
387 */
388 function modify($alias, $userdata) {
389 if (!$this->writeable) {
390 return $this->set_error(_("Addressbook is read-only"));
391 }
392
393 if (!$this->open()) {
394 return false;
395 }
396
397 /* See if user exist */
398 $ret = $this->lookup($alias);
399 if (empty($ret)) {
400 return $this->set_error(sprintf(_("User \"%s\" does not exist"),$alias));
401 }
402
403 /* Create query */
404 $query = sprintf("UPDATE %s SET nickname='%s', firstname='%s', ".
405 "lastname='%s', email='%s', label='%s' ".
406 "WHERE owner='%s' AND nickname='%s'",
407 $this->table,
408 $this->dbh->quoteString($userdata['nickname']),
409 $this->dbh->quoteString($userdata['firstname']),
410 $this->dbh->quoteString((!empty($userdata['lastname'])?$userdata['lastname']:'')),
411 $this->dbh->quoteString($userdata['email']),
412 $this->dbh->quoteString((!empty($userdata['label'])?$userdata['label']:'')),
413 $this->owner,
414 $this->dbh->quoteString($alias) );
415
416 /* Do the insert */
417 $r = $this->dbh->simpleQuery($query);
418 if ($r == DB_OK) {
419 return true;
420 }
421
422 /* Fail */
423 return $this->set_error(sprintf(_("Database error: %s"),
424 DB::errorMessage($r)));
425 }
426 } /* End of class abook_database */
427
428 // vim: et ts=4
429 ?>
Unnamed repository; edit this file 'description' to name the repository.