| commit | author | age | ||
| 4e17e6 | 1 | <?php |
| T | 2 | |
| 3 | /* | |
| 4 | +-----------------------------------------------------------------------+ | |
| 5 | | program/steps/addressbook/save.inc | | |
| 6 | | | | |
| 7 | | This file is part of the RoundCube Webmail client | | |
| 8 | | Copyright (C) 2005, RoundCube Dev. - Switzerland | | |
| 30233b | 9 | | Licensed under the GNU GPL | |
| 4e17e6 | 10 | | | |
| T | 11 | | PURPOSE: | |
| 12 | | Save a contact entry or to add a new one | | |
| 13 | | | | |
| 14 | +-----------------------------------------------------------------------+ | |
| 15 | | Author: Thomas Bruederli <roundcube@gmail.com> | | |
| a06be9 | 16 | | Author: Tobias 'tri' Richter <tobias@datenwerkstatt-richter.de> | |
| 4e17e6 | 17 | +-----------------------------------------------------------------------+ |
| T | 18 | |
| 19 | $Id$ | |
| 20 | ||
| 21 | */ | |
| 22 | ||
| 10a699 | 23 | // check input |
| d1d2c4 | 24 | if ((empty($_POST['_name']) || empty($_POST['_email'])) && empty($_GET['_framed'])) |
| 10a699 | 25 | { |
| T | 26 | show_message('formincomplete', 'warning'); |
| ea7c46 | 27 | rcmail_overwrite_action(empty($_POST['_cid']) ? 'add' : 'show'); |
| 10a699 | 28 | return; |
| T | 29 | } |
| 30 | ||
| d1d2c4 | 31 | // setup some vars we need |
| a06be9 | 32 | $a_save_cols = array('name', 'email', 'first_name', 'middle_name', 'last_name', 'edu_title', 'addon', 'nickname', 'company', 'organisation', 'department', 'job_title', 'note', 'tel_work1_voice', 'tel_work2_voice', 'tel_home1_voice', 'tel_home2_voice', 'tel_cell_voice', 'tel_car_voice', 'tel_pager_voice', 'tel_additional', 'tel_work_fax', 'tel_home_fax', 'tel_isdn', 'tel_preferred', 'tel_telex', 'work_street', 'work_zip', 'work_city', 'work_region', 'work_country', 'home_street', 'home_zip', 'home_city', 'home_region', 'home_country', 'postal_street', 'postal_zip', 'postal_city', 'postal_region', 'postal_country', 'url_work', 'role', 'birthday', 'rev', 'lang'); |
| d1d2c4 | 33 | $contacts_table = get_table_name('contacts'); |
| 10a699 | 34 | |
| 4e17e6 | 35 | // update an existing contact |
| ea7c46 | 36 | if (!empty($_POST['_cid'])) |
| 4e17e6 | 37 | { |
| T | 38 | $a_write_sql = array(); |
| 39 | ||
| 40 | foreach ($a_save_cols as $col) | |
| 41 | { | |
| 42 | $fname = '_'.$col; | |
| 43 | if (!isset($_POST[$fname])) | |
| 44 | continue; | |
| 45 | ||
| 13c1af | 46 | $a_write_sql[] = sprintf("%s=%s", |
| T | 47 | $DB->quoteIdentifier($col), |
| ea7c46 | 48 | $DB->quote(get_input_value($fname, RCUBE_INPUT_POST))); |
| 4e17e6 | 49 | } |
| T | 50 | |
| 51 | if (sizeof($a_write_sql)) | |
| 52 | { | |
| d1d2c4 | 53 | $DB->query("UPDATE $contacts_table |
| e0ddd4 | 54 | SET changed=now(), ".join(', ', $a_write_sql)." |
| d7cb77 | 55 | WHERE contact_id=? |
| S | 56 | AND user_id=? |
| 1cded8 | 57 | AND del<>1", |
| d7cb77 | 58 | $_POST['_cid'], |
| S | 59 | $_SESSION['user_id']); |
| 4e17e6 | 60 | |
| T | 61 | $updated = $DB->affected_rows(); |
| 62 | } | |
| 63 | ||
| 64 | if ($updated) | |
| 65 | { | |
| 66 | $_action = 'show'; | |
| 67 | show_message('successfullysaved', 'confirmation'); | |
| 68 | ||
| ea7c46 | 69 | if ($_framed) |
| 4e17e6 | 70 | { |
| T | 71 | // define list of cols to be displayed |
| 72 | $a_show_cols = array('name', 'email'); | |
| 73 | $a_js_cols = array(); | |
| 74 | ||
| d1d2c4 | 75 | $sql_result = $DB->query("SELECT * FROM $contacts_table |
| d7cb77 | 76 | WHERE contact_id=? |
| S | 77 | AND user_id=? |
| 1cded8 | 78 | AND del<>1", |
| 4e17e6 | 79 | $_POST['_cid'], |
| d7cb77 | 80 | $_SESSION['user_id']); |
| 4e17e6 | 81 | |
| T | 82 | $sql_arr = $DB->fetch_assoc($sql_result); |
| 83 | foreach ($a_show_cols as $col) | |
| 84 | $a_js_cols[] = (string)$sql_arr[$col]; | |
| 85 | ||
| 86 | // update the changed col in list | |
| 87 | $OUTPUT->add_script(sprintf("if(parent.%s)parent.%s.update_contact_row('%d', %s);", | |
| 88 | $JS_OBJECT_NAME, | |
| 89 | $JS_OBJECT_NAME, | |
| 90 | $_POST['_cid'], | |
| 91 | array2js($a_js_cols))); | |
| 92 | ||
| 93 | // show confirmation | |
| 94 | show_message('successfullysaved', 'confirmation'); | |
| 95 | } | |
| 96 | } | |
| 97 | else | |
| 98 | { | |
| 99 | // show error message | |
| 100 | show_message('errorsaving', 'error'); | |
| 10a699 | 101 | rcmail_overwrite_action('show'); |
| 4e17e6 | 102 | } |
| T | 103 | } |
| 104 | ||
| 105 | // insert a new contact | |
| 106 | else | |
| 107 | { | |
| 108 | $a_insert_cols = $a_insert_values = array(); | |
| d1d2c4 | 109 | |
| 10a699 | 110 | // check for existing contacts |
| d1d2c4 | 111 | $sql = "SELECT 1 FROM $contacts_table |
| S | 112 | WHERE user_id = {$_SESSION['user_id']} |
| 113 | AND del <> '1' "; | |
| 114 | ||
| 115 | // get email and name, build sql for existing user check | |
| 116 | if (isset($_GET['_emails']) && isset($_GET['_names'])) | |
| 117 | { | |
| 118 | $sql .= "AND email IN ("; | |
| ea7c46 | 119 | $emails = explode(',', get_input_value('_emails', RCUBE_INPUT_GET)); |
| T | 120 | $names = explode(',', get_input_value('_names', RCUBE_INPUT_GET)); |
| d1d2c4 | 121 | $count = count($emails); |
| S | 122 | $n = 0; |
| 123 | foreach ($emails as $email) | |
| 124 | { | |
| 125 | $end = (++$n == $count) ? '' : ','; | |
| ea7c46 | 126 | $sql .= $DB->quote($email) . $end; |
| d1d2c4 | 127 | } |
| S | 128 | $sql .= ")"; |
| 129 | $ldap_form = true; | |
| 130 | } | |
| 131 | else if (isset($_POST['_email'])) | |
| ea7c46 | 132 | $sql .= "AND email = " . $DB->quote(get_input_value('_email', RCUBE_INPUT_POST)); |
| d1d2c4 | 133 | |
| S | 134 | $sql_result = $DB->query($sql); |
| 10a699 | 135 | |
| T | 136 | // show warning message |
| 137 | if ($DB->num_rows($sql_result)) | |
| 138 | { | |
| 139 | show_message('contactexists', 'warning'); | |
| d1d2c4 | 140 | |
| S | 141 | if ($ldap_form) |
| 142 | rcmail_overwrite_action('ldappublicsearch'); | |
| 143 | else | |
| 144 | rcmail_overwrite_action('add'); | |
| 145 | ||
| 10a699 | 146 | return; |
| T | 147 | } |
| 4e17e6 | 148 | |
| d1d2c4 | 149 | if ($ldap_form) |
| 4e17e6 | 150 | { |
| d1d2c4 | 151 | $n = 0; |
| S | 152 | foreach ($emails as $email) |
| 153 | { | |
| 154 | $DB->query("INSERT INTO $contacts_table | |
| ea7c46 | 155 | (user_id, name, email |
| T | 156 | VALUES ({$_SESSION['user_id']}," . $DB->quote($names[$n++]) . "," . |
| 157 | $DB->quote($email) . ")"); | |
| d1d2c4 | 158 | $insert_id[] = $DB->insert_id(); |
| S | 159 | } |
| 4e17e6 | 160 | } |
| d1d2c4 | 161 | else |
| 4e17e6 | 162 | { |
| d1d2c4 | 163 | foreach ($a_save_cols as $col) |
| S | 164 | { |
| 165 | $fname = '_'.$col; | |
| 166 | if (!isset($_POST[$fname])) | |
| 167 | continue; | |
| 168 | ||
| 169 | $a_insert_cols[] = $col; | |
| ea7c46 | 170 | $a_insert_values[] = $DB->quote(get_input_value($fname, RCUBE_INPUT_POST)); |
| d1d2c4 | 171 | } |
| S | 172 | |
| 173 | if (sizeof($a_insert_cols)) | |
| 174 | { | |
| 175 | $DB->query("INSERT INTO $contacts_table | |
| 1cded8 | 176 | (user_id, changed, del, ".join(', ', $a_insert_cols).") |
| T | 177 | VALUES (?, now(), 0, ".join(', ', $a_insert_values).")", |
| d7cb77 | 178 | $_SESSION['user_id']); |
| 4e17e6 | 179 | |
| d1d2c4 | 180 | $insert_id = $DB->insert_id(get_sequence_name('contacts')); |
| S | 181 | } |
| 4e17e6 | 182 | } |
| T | 183 | |
| 184 | if ($insert_id) | |
| 185 | { | |
| d1d2c4 | 186 | if (!$ldap_form) |
| S | 187 | { |
| 188 | $_action = 'show'; | |
| 189 | $_GET['_cid'] = $insert_id; | |
| 4e17e6 | 190 | |
| ea7c46 | 191 | if ($_framed) |
| d1d2c4 | 192 | { |
| S | 193 | // add contact row or jump to the page where it should appear |
| 194 | $commands = sprintf("if(parent.%s)parent.", $JS_OBJECT_NAME); | |
| 195 | $sql_result = $DB->query("SELECT * FROM $contacts_table | |
| 196 | WHERE contact_id=? | |
| 197 | AND user_id=?", | |
| 198 | $insert_id, | |
| 199 | $_SESSION['user_id']); | |
| 200 | $commands .= rcmail_js_contacts_list($sql_result, $JS_OBJECT_NAME); | |
| 201 | ||
| 202 | $commands .= sprintf("if(parent.%s)parent.%s.select('%d');\n", | |
| 203 | $JS_OBJECT_NAME, | |
| 204 | $JS_OBJECT_NAME, | |
| 205 | $insert_id); | |
| 206 | ||
| 207 | // update record count display | |
| 208 | $commands .= sprintf("if(parent.%s)parent.%s.set_rowcount('%s');\n", | |
| 209 | $JS_OBJECT_NAME, | |
| 210 | $JS_OBJECT_NAME, | |
| 211 | rcmail_get_rowcount_text()); | |
| 212 | ||
| 213 | $OUTPUT->add_script($commands); | |
| 214 | } | |
| 215 | ||
| 216 | // show confirmation | |
| 217 | show_message('successfullysaved', 'confirmation'); | |
| 218 | } | |
| 219 | else | |
| 4e17e6 | 220 | { |
| T | 221 | // add contact row or jump to the page where it should appear |
| d1d2c4 | 222 | $commands = ''; |
| S | 223 | foreach ($insert_id as $id) |
| 224 | { | |
| 225 | $sql_result = $DB->query("SELECT * FROM $contacts_table | |
| 226 | WHERE contact_id = $id | |
| 227 | AND user_id = {$_SESSION['user_id']}"); | |
| 228 | ||
| 229 | $commands .= sprintf("if(parent.%s)parent.", $JS_OBJECT_NAME); | |
| 230 | $commands .= rcmail_js_contacts_list($sql_result, $JS_OBJECT_NAME); | |
| 231 | $last_id = $id; | |
| 232 | } | |
| 4e17e6 | 233 | |
| d1d2c4 | 234 | // display the last insert id |
| 4e17e6 | 235 | $commands .= sprintf("if(parent.%s)parent.%s.select('%d');\n", |
| d1d2c4 | 236 | $JS_OBJECT_NAME, |
| S | 237 | $JS_OBJECT_NAME, |
| 238 | $last_id); | |
| 239 | ||
| 4e17e6 | 240 | // update record count display |
| T | 241 | $commands .= sprintf("if(parent.%s)parent.%s.set_rowcount('%s');\n", |
| 242 | $JS_OBJECT_NAME, | |
| 243 | $JS_OBJECT_NAME, | |
| 244 | rcmail_get_rowcount_text()); | |
| 245 | ||
| 246 | $OUTPUT->add_script($commands); | |
| d1d2c4 | 247 | rcmail_overwrite_action('ldappublicsearch'); |
| 4e17e6 | 248 | } |
| d1d2c4 | 249 | |
| S | 250 | // show confirmation |
| 251 | show_message('successfullysaved', 'confirmation'); | |
| 4e17e6 | 252 | } |
| T | 253 | else |
| 254 | { | |
| 255 | // show error message | |
| 256 | show_message('errorsaving', 'error'); | |
| 10a699 | 257 | rcmail_overwrite_action('add'); |
| 4e17e6 | 258 | } |
| T | 259 | } |
| 260 | ||
| d1d2c4 | 261 | ?> |
