X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Fdb_prefs.php;h=87990fddb2a7068c9f8b0860f7cffbb1b5235196;hp=960a8bbe2776ea81345ed3bd83fb8c79d8d11449;hb=712a518f5a94d77054bca499038699990fd4a5a2;hpb=88a99543763d8a85d201267d387493c07997d7c5

diff --git a/functions/db_prefs.php b/functions/db_prefs.php
index 960a8bbe..87990fdd 100644
--- a/functions/db_prefs.php
+++ b/functions/db_prefs.php
@@ -1,16 +1,12 @@
 <?php
 
-/*
+/**
  * db_prefs.php
  *
- * Copyright (c) 1999-2003 The SquirrelMail Project Team
- * Licensed under the GNU GPL. For full terms see the file COPYING.
- *
  * This contains functions for manipulating user preferences
  * stored in a database, accessed though the Pear DB layer.
  *
  * Database:
- * ---------
  *
  * The preferences table should have three columns:
  *    user       char  \  primary
@@ -25,22 +21,41 @@
  * Configuration of databasename, username and password is done
  * by using conf.pl or the administrator plugin
  *
- * $Id$
+ * @copyright &copy; 1999-2009 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
+ * @version $Id$
+ * @package squirrelmail
+ * @subpackage prefs
+ * @since 1.1.3
  */
 
+/** @ignore */
+if (!defined('SM_PATH')) define('SM_PATH','../');
+
+/** Unknown database */
 define('SMDB_UNKNOWN', 0);
+/** MySQL */
 define('SMDB_MYSQL', 1);
+/** PostgreSQL */
 define('SMDB_PGSQL', 2);
 
-require_once('DB.php');
-require_once(SM_PATH . 'config/config.php');
+/**
+ * don't display errors (no code execution in functions/*.php).
+ * will handle error in dbPrefs class.
+ */
+@include_once('DB.php');
 
 global $prefs_are_cached, $prefs_cache;
 
+/**
+ * @ignore
+ */
 function cachePrefValues($username) {
     global $prefs_are_cached, $prefs_cache;
 
+    sqgetGlobalVar('prefs_are_cached', $prefs_are_cached, SQ_SESSION );
     if ($prefs_are_cached) {
+        sqgetGlobalVar('prefs_cache', $prefs_cache, SQ_SESSION );
         return;
     }
 
@@ -67,22 +82,129 @@ function cachePrefValues($username) {
     sqsession_register($prefs_are_cached, 'prefs_are_cached');
 }
 
+/**
+ * Class used to handle connections to prefs database and operations with preferences
+ *
+ * @package squirrelmail
+ * @subpackage prefs
+ * @since 1.1.3
+ *
+ */
 class dbPrefs {
+    /**
+     * Table used to store preferences
+     * @var string
+     */
     var $table = 'userprefs';
+
+    /**
+     * Field used to store owner of preference
+     * @var string
+     */
     var $user_field = 'user';
+
+    /**
+     * Field used to store preference name
+     * @var string
+     */
     var $key_field = 'prefkey';
+
+    /**
+     * Field used to store preference value
+     * @var string
+     */
     var $val_field = 'prefval';
 
+    /**
+     * Database connection object
+     * @var object
+     */
     var $dbh   = NULL;
+
+    /**
+     * Error messages
+     * @var string
+     */
     var $error = NULL;
+
+    /**
+     * Database type (SMDB_* constants)
+     * Is used in setKey().
+     * @var integer
+     */
     var $db_type = SMDB_UNKNOWN;
 
+    /**
+     * Default preferences
+     * @var array
+     */
     var $default = Array('theme_default' => 0,
                          'show_html_default' => '0');
 
+    /**
+     * Preference owner field size
+     * @var integer
+     * @since 1.5.1
+     */
+    var $user_size = 128;
+
+    /**
+     * Preference key field size
+     * @var integer
+     * @since 1.5.1
+     */
+    var $key_size = 64;
+
+    /**
+     * Preference value field size
+     * @var integer
+     * @since 1.5.1
+     */
+    var $val_size = 65536;
+
+
+
+    /**
+     * initialize the default preferences array.
+     *
+     */
+    function dbPrefs() {
+        // Try and read the default preferences file.
+        $default_pref = SM_PATH . 'config/default_pref';
+        if (@file_exists($default_pref)) {
+            if ($file = @fopen($default_pref, 'r')) {
+                while (!feof($file)) {
+                    $pref = fgets($file, 1024);
+                    $i = strpos($pref, '=');
+                    if ($i > 0) {
+                        $this->default[trim(substr($pref, 0, $i))] = trim(substr($pref, $i + 1));
+                    }
+                }
+                fclose($file);
+            }
+        }
+    }
+
+    /**
+     * initialize DB connection object
+     *
+     * @return boolean true, if object is initialized
+     *
+     */
     function open() {
         global $prefs_dsn, $prefs_table;
         global $prefs_user_field, $prefs_key_field, $prefs_val_field;
+        global $prefs_user_size, $prefs_key_size, $prefs_val_size;
+
+        /* test if Pear DB class is available and freak out if it is not */
+        if (! class_exists('DB')) {
+            // same error also in abook_database.php
+            $this->error  = _("Could not include PEAR database functions required for the database backend.") . "\n";
+            $this->error .= sprintf(_("Is PEAR installed, and is the include path set correctly to find %s?"),
+                              'DB.php') . "\n";
+            $this->error .= _("Please contact your system administrator and report this error.");
+            return false;
+        }
 
         if(isset($this->dbh)) {
             return true;
@@ -106,6 +228,15 @@ class dbPrefs {
         if (!empty($prefs_val_field)) {
             $this->val_field = $prefs_val_field;
         }
+        if (!empty($prefs_user_size)) {
+            $this->user_size = (int) $prefs_user_size;
+        }
+        if (!empty($prefs_key_size)) {
+            $this->key_size = (int) $prefs_key_size;
+        }
+        if (!empty($prefs_val_size)) {
+            $this->val_size = (int) $prefs_val_size;
+        }
         $dbh = DB::connect($prefs_dsn, true);
 
         if(DB::isError($dbh)) {
@@ -117,6 +248,12 @@ class dbPrefs {
         return true;
     }
 
+    /**
+     * Function used to handle database connection errors
+     *
+     * @param object PEAR Error object
+     *
+     */
     function failQuery($res = NULL) {
         if($res == NULL) {
             printf(_("Preference database error (%s). Exiting abnormally"),
@@ -128,23 +265,51 @@ class dbPrefs {
         exit;
     }
 
-
+    /**
+     * Get user's prefs setting
+     *
+     * @param string $user user name
+     * @param string $key preference name
+     * @param mixed $default (since 1.2.5) default value
+     *
+     * @return mixed preference value
+     *
+     */
     function getKey($user, $key, $default = '') {
         global $prefs_cache;
 
-        cachePrefValues($user);
+        $temp = array(&$user, &$key);
+        $result = do_hook('get_pref_override', $temp);
+        if (is_null($result)) {
+            cachePrefValues($user);
 
-        if (isset($prefs_cache[$key])) {
-            return $prefs_cache[$key];
-        } else {
-            if (isset($this->default[$key])) {
-                return $this->default[$key];
+            if (isset($prefs_cache[$key])) {
+                $result = $prefs_cache[$key];
             } else {
-                return $default;
+//FIXME: is there a justification for having two prefs hooks so close?  who uses them?
+                $temp = array(&$user, &$key);
+                $result = do_hook('get_pref', $temp);
+                if (is_null($result)) {
+                    if (isset($this->default[$key])) {
+                        $result = $this->default[$key];
+                    } else {
+                        $result = $default;
+                    }
+                }
             }
         }
+        return $result;
     }
 
+    /**
+     * Delete user's prefs setting
+     *
+     * @param string $user user name
+     * @param string $key  preference name
+     *
+     * @return boolean
+     *
+     */
     function deleteKey($user, $key) {
         global $prefs_cache;
 
@@ -168,10 +333,63 @@ class dbPrefs {
         return true;
     }
 
+    /**
+     * Set user's preference
+     *
+     * @param string $user  user name
+     * @param string $key   preference name
+     * @param mixed  $value preference value
+     *
+     * @return boolean
+     *
+     */
     function setKey($user, $key, $value) {
         if (!$this->open()) {
             return false;
         }
+
+        /**
+         * Check if username fits into db field
+         */
+        if (strlen($user) > $this->user_size) {
+            $this->error = "Oversized username value."
+                ." Your preferences can't be saved."
+                ." See the administrator's manual or contact your system administrator.";
+
+            /**
+             * Debugging function. Can be used to log all issues that trigger
+             * oversized field errors. Function should be enabled in all three
+             * strlen checks. See http://www.php.net/error-log
+             */
+            // error_log($user.'|'.$key.'|'.$value."\n",3,'/tmp/oversized_log');
+
+            // error is fatal
+            $this->failQuery(null);
+        }
+        /**
+         * Check if preference key fits into db field
+         */
+        if (strlen($key) > $this->key_size) {
+            $err_msg = "Oversized user's preference key."
+                ." Some preferences were not saved."
+                ." See the administrator's manual or contact your system administrator.";
+            // error is not fatal. Only some preference is not saved.
+            trigger_error($err_msg,E_USER_WARNING);
+            return false;
+        }
+        /**
+         * Check if preference value fits into db field
+         */
+        if (strlen($value) > $this->val_size) {
+            $err_msg = "Oversized user's preference value."
+                ." Some preferences were not saved."
+                ." See the administrator's manual or contact your system administrator.";
+            // error is not fatal. Only some preference is not saved.
+            trigger_error($err_msg,E_USER_WARNING);
+            return false;
+        }
+
+
         if ($this->db_type == SMDB_MYSQL) {
             $query = sprintf("REPLACE INTO %s (%s, %s, %s) ".
                              "VALUES('%s','%s','%s')",
@@ -242,6 +460,14 @@ class dbPrefs {
         return true;
     }
 
+    /**
+     * Fill preference cache array
+     *
+     * @param string $user user name
+     *
+     * @since 1.2.3
+     *
+     */
     function fillPrefsCache($user) {
         global $prefs_cache;
 
@@ -270,8 +496,11 @@ class dbPrefs {
 } /* end class dbPrefs */
 
 
-/* returns the value for the pref $string */
-function getPref($data_dir, $username, $string, $default = '') {
+/**
+ * Returns the value for the requested preference
+ * @ignore
+ */
+function getPref($data_dir, $username, $pref_name, $default = '') {
     $db = new dbPrefs;
     if(isset($db->error)) {
         printf( _("Preference database error (%s). Exiting abnormally"),
@@ -279,36 +508,43 @@ function getPref($data_dir, $username, $string, $default = '') {
         exit;
     }
 
-    return $db->getKey($username, $string, $default);
+    return $db->getKey($username, $pref_name, $default);
 }
 
-/* Remove the pref $string */
-function removePref($data_dir, $username, $string) {
+/**
+ * Remove the desired preference setting ($pref_name)
+ * @ignore
+ */
+function removePref($data_dir, $username, $pref_name) {
+    global $prefs_cache;
     $db = new dbPrefs;
     if(isset($db->error)) {
         $db->failQuery();
     }
 
-    $db->deleteKey($username, $string);
+    $db->deleteKey($username, $pref_name);
 
-    if (isset($prefs_cache[$string])) {
-        unset($prefs_cache[$string]);
+    if (isset($prefs_cache[$pref_name])) {
+        unset($prefs_cache[$pref_name]);
     }
 
     sqsession_register($prefs_cache , 'prefs_cache');
     return;
 }
 
-/* sets the pref, $string, to $set_to */
-function setPref($data_dir, $username, $string, $set_to) {
+/**
+ * Sets the desired preference setting ($pref_name) to whatever is in $value
+ * @ignore
+ */
+function setPref($data_dir, $username, $pref_name, $value) {
     global $prefs_cache;
 
-    if (isset($prefs_cache[$string]) && ($prefs_cache[$string] == $set_to)) {
-	return;
+    if (isset($prefs_cache[$pref_name]) && ($prefs_cache[$pref_name] == $value)) {
+        return;
     }
 
-    if ($set_to === '') {
-        removePref($data_dir, $username, $string);
+    if ($value === '') {
+        removePref($data_dir, $username, $pref_name);
         return;
     }
 
@@ -317,16 +553,19 @@ function setPref($data_dir, $username, $string, $set_to) {
         $db->failQuery();
     }
 
-    $db->setKey($username, $string, $set_to);
-    $prefs_cache[$string] = $set_to;
+    $db->setKey($username, $pref_name, $value);
+    $prefs_cache[$pref_name] = $value;
     assert_options(ASSERT_ACTIVE, 1);
     assert_options(ASSERT_BAIL, 1);
-    assert ('$set_to == $prefs_cache[$string]');
+    assert ('$value == $prefs_cache[$pref_name]');
     sqsession_register($prefs_cache , 'prefs_cache');
     return;
 }
 
-/* This checks if the prefs are available */
+/**
+ * This checks if the prefs are available
+ * @ignore
+ */
 function checkForPrefs($data_dir, $username) {
     $db = new dbPrefs;
     if(isset($db->error)) {
@@ -334,18 +573,24 @@ function checkForPrefs($data_dir, $username) {
     }
 }
 
-/* Writes the Signature */
-function setSig($data_dir, $username, $number, $string) {
+/**
+ * Writes the Signature
+ * @ignore
+ */
+function setSig($data_dir, $username, $number, $value) {
     if ($number == "g") {
         $key = '___signature___';
     } else {
         $key = sprintf('___sig%s___', $number);
     }
-    setPref($data_dir, $username, $key, $string);
+    setPref($data_dir, $username, $key, $value);
     return;
 }
 
-/* Gets the signature */
+/**
+ * Gets the signature
+ * @ignore
+ */
 function getSig($data_dir, $username, $number) {
     if ($number == "g") {
         $key = '___signature___';
@@ -354,5 +599,3 @@ function getSig($data_dir, $username, $number) {
     }
     return getPref($data_dir, $username, $key);
 }
-
-?>