X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Fabook_database.php;h=8735125b942870ff5033660c9d50b76c76402283;hp=ceeba5e9e4b14c86760e7f5bf5f89f53e041a1a5;hb=6ab8321f9c45946886a5c34a2df36f418b9aed3a;hpb=bf55ebab05a152f1f21ed28451429365378ad67f diff --git a/functions/abook_database.php b/functions/abook_database.php index ceeba5e9..8735125b 100644 --- a/functions/abook_database.php +++ b/functions/abook_database.php @@ -14,7 +14,7 @@ * PRIMARY KEY (owner,nickname) * * - * @copyright © 1999-2007 The SquirrelMail Project Team + * @copyright 1999-2013 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package squirrelmail @@ -264,8 +264,12 @@ class abook_database extends addressbook_backend { $escape = 'ESCAPE \'' . $this->dbh->quoteString('\\') . '\''; $query = sprintf("SELECT * FROM %s WHERE owner='%s' AND " . - "(LOWER(firstname) LIKE '%s' %s OR LOWER(lastname) LIKE '%s' %s)", - $this->table, $this->owner, $expr, $escape, $expr, $escape); + "(LOWER(firstname) LIKE '%s' %s " . + "OR LOWER(lastname) LIKE '%s' %s " . + "OR LOWER(email) LIKE '%s' %s " . + "OR LOWER(nickname) LIKE '%s' %s)", + $this->table, $this->owner, $expr, $escape, $expr, $escape, + $expr, $escape, $expr, $escape); $res = $this->dbh->query($query); @@ -316,8 +320,13 @@ class abook_database extends addressbook_backend { return false; } + $db_field = $this->get_field_name($field); + if ($db_field == 'ERROR') { + return $this->set_error(sprintf(_("Unknown field name: %s"), $field)); + } + $query = sprintf("SELECT * FROM %s WHERE owner = '%s' AND LOWER(%s) = '%s'", - $this->table, $this->owner, $this->get_field_name($field), + $this->table, $this->owner, $db_field, $this->dbh->quoteString($value)); $res = $this->dbh->query($query);