X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=src%2Faddressbook.php;h=24e1fc7f9ac9cdbb9e294d821c959feb18297123;hp=262eb2d1a928a841336d41a614ba1597e83ec1fc;hb=e6d142e72805d9dcda53d0d44d510cae9ce29b98;hpb=2741cc971dda152eafd38936a1c6e97e3987f022 diff --git a/src/addressbook.php b/src/addressbook.php index 262eb2d1..24e1fc7f 100644 --- a/src/addressbook.php +++ b/src/addressbook.php @@ -1,149 +1,93 @@ localbackend == 0) { + plain_error_message(_("No personal address book is defined. Contact administrator.")); + exit(); } -/** - * Output form to add and modify address data - */ -function address_form($name, $submittext, $values = array()) { - global $color, $squirrelmail_language; - - if ($squirrelmail_language == 'ja_JP') - { - echo html_tag( 'table', - addressbook_inp_field(_("Nickname"), 'nickname', $name, 15, $values, - ' ' . _("Must be unique") . '') . - addressbook_inp_field(_("E-mail address"), 'email', $name, 45, $values, '') . - addressbook_inp_field(_("Last name"), 'lastname', $name, 45, $values, '') . - addressbook_inp_field(_("First name"), 'firstname', $name, 45, $values, '') . - addressbook_inp_field(_("Additional info"), 'label', $name, 45, $values, '') . - list_writable_backends($name) . - html_tag( 'tr', - html_tag( 'td', - '', - 'center', $color[4], 'colspan="2"') - ) - , 'center', '', 'border="0" cellpadding="1" width="90%"') ."\n"; - } else { - echo html_tag( 'table', - addressbook_inp_field(_("Nickname"), 'nickname', $name, 15, $values, - ' ' . _("Must be unique") . '') . - addressbook_inp_field(_("E-mail address"), 'email', $name, 45, $values, '') . - addressbook_inp_field(_("First name"), 'firstname', $name, 45, $values, '') . - addressbook_inp_field(_("Last name"), 'lastname', $name, 45, $values, '') . - addressbook_inp_field(_("Additional info"), 'label', $name, 45, $values, '') . - list_writable_backends($name) . - html_tag( 'tr', - html_tag( 'td', - '', - 'center', $color[4], 'colspan="2"') - ) - , 'center', '', 'border="0" cellpadding="1" width="90%"') ."\n"; -} +$current_backend = $abook->localbackend; +if (sqgetGlobalVar('new_bnum', $new_backend, SQ_FORM) + && array_key_exists($new_backend, $abook->backends)) { + $current_backend = (int) $new_backend; } -function list_writable_backends($name) { - global $color, $abook; - if ( $name != 'addaddr' ) { return; } - if ( $abook->numbackends > 1 ) { - $ret = ""; - return html_tag( 'tr', - html_tag( 'td', _("Add to:"),'right', $color[4] ) . - html_tag( 'td', $ret, 'left', $color[4] )) . "\n"; - } else { - return html_tag( 'tr', - html_tag( 'td', - addHidden('backend', '1'), - 'center', $color[4], 'colspan="2"')) . "\n"; - } -} - -/* Open addressbook, with error messages on but without LDAP (the * - * second "true"). Don't need LDAP here anyway */ -$abook = addressbook_init(true, true); -if($abook->localbackend == 0) { - plain_error_message( - _("No personal address book is defined. Contact administrator."), - $color); - exit(); } -displayPageHeader($color, 'None'); - $defdata = array(); $formerror = ''; $abortform = false; @@ -151,28 +95,27 @@ $showaddrlist = true; $defselected = array(); $form_url = 'addressbook.php'; - /* Handle user's actions */ if(sqgetGlobalVar('REQUEST_METHOD', $req_method, SQ_SERVER) && $req_method == 'POST') { + // first, validate security token + sm_validate_security_token($submitted_token, 3600, TRUE); + /************************************************** * Add new address * **************************************************/ if (isset($addaddr)) { - foreach( $addaddr as $k => $adr ) { - $addaddr[$k] = strip_tags( $adr ); + if (isset($backend)) { + $r = $abook->add($addaddr, $backend); + } else { + $r = $abook->add($addaddr, $abook->localbackend); } - if (isset($backend)) { - $r = $abook->add($addaddr, $backend); - } else { - $r = $abook->add($addaddr, $abook->localbackend); - } /* Handle error messages */ if (!$r) { /* Remove backend name from error string */ $errstr = $abook->error; - $errstr = ereg_replace('^\[.*\] *', '', $errstr); + $errstr = preg_replace('/^\[.*\] */', '', $errstr); $formerror = $errstr; $showaddrlist = false; @@ -187,14 +130,14 @@ if(sqgetGlobalVar('REQUEST_METHOD', $req_method, SQ_SERVER) && $req_method == 'P $orig_sel = $sel; sort($sel); - /* The selected addresses are identidied by "backend:nickname". * + /* The selected addresses are identified by "backend_nickname". * * Sort the list and process one backend at the time */ $prevback = -1; $subsel = array(); $delfailed = false; for ($i = 0 ; (($i < sizeof($sel)) && !$delfailed) ; $i++) { - list($sbackend, $snick) = explode(':', $sel[$i]); + list($sbackend, $snick) = explode('_', $sel[$i], 2); /* When we get to a new backend, process addresses in * * previous one. */ @@ -228,13 +171,56 @@ if(sqgetGlobalVar('REQUEST_METHOD', $req_method, SQ_SERVER) && $req_method == 'P $defselected = $orig_sel; } + /************************************************ + * Compose to selected address(es) * + ************************************************/ + } else if ((!empty($compose_to)) && sizeof($sel) > 0) { + $orig_sel = $sel; + sort($sel); + + // The selected addresses are identified by "backend_nickname" + $lookup_failed = false; + $send_to = ''; + + for ($i = 0 ; (($i < sizeof($sel)) && !$lookup_failed) ; $i++) { + list($sbackend, $snick) = explode('_', $sel[$i], 2); + + $data = $abook->lookup($snick, $sbackend); + + if (!$data) { + $formerror = $abook->error; + $lookup_failed = true; + break; + } else { + $addr = $abook->full_address($data); + if (!empty($addr)) + $send_to .= $addr . ', '; + } + } + + + if ($lookup_failed || empty($send_to)) { + $showaddrlist = true; + $defselected = $sel; + + // we skipped the page header above for this functionality, so add it here + displayPageHeader($color); + } + + + // send off to compose screen + else { + $send_to = trim($send_to, ', '); + header('Location: ' . $base_uri . 'src/compose.php?send_to=' . rawurlencode($send_to)); + exit; + } + } else { /*********************************************** * Update/modify address * ***********************************************/ if (!empty($editaddr)) { - /* Stage one: Copy data into form */ if (isset($sel) && sizeof($sel) > 0) { if(sizeof($sel) > 1) { @@ -243,77 +229,65 @@ if(sqgetGlobalVar('REQUEST_METHOD', $req_method, SQ_SERVER) && $req_method == 'P $defselected = $sel; } else { $abortform = true; - list($ebackend, $enick) = explode(':', $sel[0]); + list($ebackend, $enick) = explode('_', current($sel), 2); $olddata = $abook->lookup($enick, $ebackend); - - /* Display the "new address" form */ - echo '
'; + // Test if $olddata really contains anything and return an error message if it doesn't + if (!$olddata) { + error_box(nl2br(htmlspecialchars($abook->error))); + } else { + /* Display the "new address" form */ + echo abook_create_form($form_url, 'editaddr', + _("Update address"), + _("Update address"), + $current_backend, + $olddata); + echo addHidden('oldnick', $olddata['nickname']). + addHidden('backend', $olddata['backend']). + addHidden('doedit', '1'). + ''; + } } - } else { - + } elseif ($doedit == 1) { /* Stage two: Write new data */ - if ($doedit = 1) { - $newdata = $editaddr; - $r = $abook->modify($oldnick, $newdata, $backend); - - /* Handle error messages */ - if (!$r) { - /* Display error */ - echo html_tag( 'table', - html_tag( 'tr', - html_tag( 'td', - "\n". '' . _("ERROR") . ': ' . $abook->error . '' ."\n", - 'center' ) - ), - 'center', '', 'width="100%"' ); - - /* Display the "new address" form again */ - echo ''; - $abortform = true; - } - } else { + $newdata = $editaddr; + $r = $abook->modify($oldnick, $newdata, $backend); - /* Should not get here... */ - plain_error_message(_("Unknown error"), $color); + /* Handle error messages */ + if (!$r) { + /* Display error */ + plain_error_message( nl2br(htmlspecialchars($abook->error))); + + /* Display the "new address" form again */ + echo abook_create_form($form_url, 'editaddr', + _("Update address"), + _("Update address"), + $current_backend, + $newdata); + echo addHidden('oldnick', $oldnick). + addHidden('backend', $backend). + addHidden('doedit', '1'). + "\n" . ''; $abortform = true; } - } - } /* !empty($editaddr) - Update/modify address */ - } /* (!empty($deladdr)) && sizeof($sel) > 0 - Delete address(es) */ - } /* !empty($addaddr['nickname']) - Add new address */ + } else { + /** + * $editaddr is set, but $sel (address selection in address listing) + * and $doedit (address edit form) are not set. + * Assume that user clicked on "Edit address" without selecting any address. + */ + $formerror = _("Please select address that you want to edit"); + $showaddrlist = true; + } /* end of edit stage detection */ + } /* !empty($editaddr) - Update/modify address */ + } /* (!empty($deladdr)) && sizeof($sel) > 0 - Delete address(es) + or (!empty($compose_to)) && sizeof($sel) > 0 - Compose to address(es) */ + } /* !empty($addaddr['nickname']) - Add new address */ // Some times we end output before forms are printed if($abortform) { - echo "