githubFork/roundcubemail.git

yllar

2006-12-14 38bf9d3b71067a51ffc9a915ea288929d1fb08e4

commit \| author \| age
4e17e6	1	<?php
T	2
	3	/*
	4	+-----------------------------------------------------------------------+
	5	\| program/steps/addressbook/save.inc \|
	6	\| \|
	7	\| This file is part of the RoundCube Webmail client \|
	8	\| Copyright (C) 2005, RoundCube Dev. - Switzerland \|
30233b	9	\| Licensed under the GNU GPL \|
4e17e6	10	\| \|
T	11	\| PURPOSE: \|
	12	\| Save a contact entry or to add a new one \|
	13	\| \|
	14	+-----------------------------------------------------------------------+
	15	\| Author: Thomas Bruederli <roundcube@gmail.com> \|
	16	+-----------------------------------------------------------------------+
	17
	18	$Id$
	19
	20	*/
	21
10a699	22	// check input
d1d2c4	23	if ((empty($_POST['_name']) \|\| empty($_POST['_email'])) && empty($_GET['_framed']))
10a699	24	{
T	25	show_message('formincomplete', 'warning');
ea7c46	26	rcmail_overwrite_action(empty($_POST['_cid']) ? 'add' : 'show');
10a699	27	return;
T	28	}
	29
d1d2c4	30	// setup some vars we need
64009e	31	$a_save_cols = array('name', 'firstname', 'surname', 'email');
d1d2c4	32	$contacts_table = get_table_name('contacts');
10a699	33
4e17e6	34	// update an existing contact
ea7c46	35	if (!empty($_POST['_cid']))
4e17e6	36	{
T	37	$a_write_sql = array();
	38
	39	foreach ($a_save_cols as $col)
	40	{
	41	$fname = '_'.$col;
	42	if (!isset($_POST[$fname]))
	43	continue;
	44
13c1af	45	$a_write_sql[] = sprintf("%s=%s",
T	46	$DB->quoteIdentifier($col),
ea7c46	47	$DB->quote(get_input_value($fname, RCUBE_INPUT_POST)));
4e17e6	48	}
T	49
	50	if (sizeof($a_write_sql))
	51	{
d1d2c4	52	$DB->query("UPDATE $contacts_table
107bde	53	SET changed=".$DB->now().", ".join(', ', $a_write_sql)."
d7cb77	54	WHERE contact_id=?
S	55	AND user_id=?
1cded8	56	AND del<>1",
d7cb77	57	$_POST['_cid'],
S	58	$_SESSION['user_id']);
4e17e6	59
T	60	$updated = $DB->affected_rows();
	61	}
	62
	63	if ($updated)
	64	{
ea7c46	65	if ($_framed)
4e17e6	66	{
T	67	// define list of cols to be displayed
	68	$a_show_cols = array('name', 'email');
	69	$a_js_cols = array();
	70
d1d2c4	71	$sql_result = $DB->query("SELECT * FROM $contacts_table
d7cb77	72	WHERE contact_id=?
S	73	AND user_id=?
1cded8	74	AND del<>1",
4e17e6	75	$_POST['_cid'],
d7cb77	76	$_SESSION['user_id']);
4e17e6	77
T	78	$sql_arr = $DB->fetch_assoc($sql_result);
	79	foreach ($a_show_cols as $col)
	80	$a_js_cols[] = (string)$sql_arr[$col];
	81
	82	// update the changed col in list
	83	$OUTPUT->add_script(sprintf("if(parent.%s)parent.%s.update_contact_row('%d', %s);",
	84	$JS_OBJECT_NAME,
	85	$JS_OBJECT_NAME,
	86	$_POST['_cid'],
	87	array2js($a_js_cols)));
	88
	89	}
6b47de	90
T	91	// show confirmation
	92	show_message('successfullysaved', 'confirmation');
	93	rcmail_overwrite_action('show');
4e17e6	94	}
T	95	else
	96	{
	97	// show error message
	98	show_message('errorsaving', 'error');
10a699	99	rcmail_overwrite_action('show');
4e17e6	100	}
T	101	}
	102
	103	// insert a new contact
	104	else
	105	{
	106	$a_insert_cols = $a_insert_values = array();
d1d2c4	107
10a699	108	// check for existing contacts
d1d2c4	109	$sql = "SELECT 1 FROM $contacts_table
S	110	WHERE user_id = {$_SESSION['user_id']}
	111	AND del <> '1' ";
	112
	113	// get email and name, build sql for existing user check
	114	if (isset($_GET['_emails']) && isset($_GET['_names']))
	115	{
	116	$sql .= "AND email IN (";
ea7c46	117	$emails = explode(',', get_input_value('_emails', RCUBE_INPUT_GET));
T	118	$names = explode(',', get_input_value('_names', RCUBE_INPUT_GET));
d1d2c4	119	$count = count($emails);
S	120	$n = 0;
	121	foreach ($emails as $email)
	122	{
	123	$end = (++$n == $count) ? '' : ',';
ea7c46	124	$sql .= $DB->quote($email) . $end;
d1d2c4	125	}
S	126	$sql .= ")";
	127	$ldap_form = true;
	128	}
	129	else if (isset($_POST['_email']))
ea7c46	130	$sql .= "AND email = " . $DB->quote(get_input_value('_email', RCUBE_INPUT_POST));
d1d2c4	131
S	132	$sql_result = $DB->query($sql);
10a699	133
T	134	// show warning message
	135	if ($DB->num_rows($sql_result))
	136	{
	137	show_message('contactexists', 'warning');
d1d2c4	138
S	139	if ($ldap_form)
	140	rcmail_overwrite_action('ldappublicsearch');
	141	else
	142	rcmail_overwrite_action('add');
	143
10a699	144	return;
T	145	}
4e17e6	146
d1d2c4	147	if ($ldap_form)
4e17e6	148	{
d1d2c4	149	$n = 0;
S	150	foreach ($emails as $email)
	151	{
	152	$DB->query("INSERT INTO $contacts_table
949dea	153	(user_id, name, email)
ea7c46	154	VALUES ({$_SESSION['user_id']}," . $DB->quote($names[$n++]) . "," .
T	155	$DB->quote($email) . ")");
d1d2c4	156	$insert_id[] = $DB->insert_id();
S	157	}
4e17e6	158	}
d1d2c4	159	else
4e17e6	160	{
d1d2c4	161	foreach ($a_save_cols as $col)
S	162	{
	163	$fname = '_'.$col;
	164	if (!isset($_POST[$fname]))
	165	continue;
	166
	167	$a_insert_cols[] = $col;
ea7c46	168	$a_insert_values[] = $DB->quote(get_input_value($fname, RCUBE_INPUT_POST));
d1d2c4	169	}
S	170
	171	if (sizeof($a_insert_cols))
	172	{
	173	$DB->query("INSERT INTO $contacts_table
107bde	174	(user_id, changed, del, ".join(', ', $a_insert_cols).")
T	175	VALUES (?, ".$DB->now().", 0, ".join(', ', $a_insert_values).")",
d7cb77	176	$_SESSION['user_id']);
4e17e6	177
d1d2c4	178	$insert_id = $DB->insert_id(get_sequence_name('contacts'));
S	179	}
4e17e6	180	}
T	181
	182	if ($insert_id)
	183	{
d1d2c4	184	if (!$ldap_form)
S	185	{
ea7c46	186	if ($_framed)
d1d2c4	187	{
S	188	// add contact row or jump to the page where it should appear
	189	$commands = sprintf("if(parent.%s)parent.", $JS_OBJECT_NAME);
	190	$sql_result = $DB->query("SELECT * FROM $contacts_table
	191	WHERE contact_id=?
	192	AND user_id=?",
	193	$insert_id,
	194	$_SESSION['user_id']);
	195	$commands .= rcmail_js_contacts_list($sql_result, $JS_OBJECT_NAME);
	196
6b47de	197	$commands .= sprintf("if(parent.%s)parent.%s.contact_list.select('%d');\n",
d1d2c4	198	$JS_OBJECT_NAME,
S	199	$JS_OBJECT_NAME,
	200	$insert_id);
6b47de	201
d1d2c4	202	// update record count display
S	203	$commands .= sprintf("if(parent.%s)parent.%s.set_rowcount('%s');\n",
	204	$JS_OBJECT_NAME,
	205	$JS_OBJECT_NAME,
	206	rcmail_get_rowcount_text());
	207
	208	$OUTPUT->add_script($commands);
	209	}
	210
	211	// show confirmation
6b47de	212	show_message('successfullysaved', 'confirmation');
T	213	$_GET['_cid'] = $insert_id;
d1d2c4	214	}
S	215	else
4e17e6	216	{
T	217	// add contact row or jump to the page where it should appear
d1d2c4	218	$commands = '';
S	219	foreach ($insert_id as $id)
	220	{
	221	$sql_result = $DB->query("SELECT * FROM $contacts_table
	222	WHERE contact_id = $id
	223	AND user_id = {$_SESSION['user_id']}");
	224
	225	$commands .= sprintf("if(parent.%s)parent.", $JS_OBJECT_NAME);
	226	$commands .= rcmail_js_contacts_list($sql_result, $JS_OBJECT_NAME);
	227	$last_id = $id;
	228	}
4e17e6	229
d1d2c4	230	// display the last insert id
6b47de	231	$commands .= sprintf("if(parent.%s)parent.%s.contact_list.select('%d');\n",
d1d2c4	232	$JS_OBJECT_NAME,
S	233	$JS_OBJECT_NAME,
	234	$last_id);
	235
4e17e6	236	// update record count display
T	237	$commands .= sprintf("if(parent.%s)parent.%s.set_rowcount('%s');\n",
	238	$JS_OBJECT_NAME,
	239	$JS_OBJECT_NAME,
	240	rcmail_get_rowcount_text());
	241
	242	$OUTPUT->add_script($commands);
d1d2c4	243	rcmail_overwrite_action('ldappublicsearch');
4e17e6	244	}
d1d2c4	245
S	246	// show confirmation
	247	show_message('successfullysaved', 'confirmation');
6b47de	248	rcmail_overwrite_action('show');
4e17e6	249	}
T	250	else
	251	{
	252	// show error message
	253	show_message('errorsaving', 'error');
10a699	254	rcmail_overwrite_action('add');
4e17e6	255	}
T	256	}
	257
d1d2c4	258	?>