From 7dfb1fba5001299300736e6b5d95d9400575e3e7 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Thu, 18 Sep 2008 14:59:02 -0400
Subject: [PATCH] Set the right number of arguments for setcookie()
---
program/steps/addressbook/edit.inc | 88 +++++++++++++++++++++-----------------------
1 files changed, 42 insertions(+), 46 deletions(-)
diff --git a/program/steps/addressbook/edit.inc b/program/steps/addressbook/edit.inc
index 245c024..61c660d 100644
--- a/program/steps/addressbook/edit.inc
+++ b/program/steps/addressbook/edit.inc
@@ -5,7 +5,7 @@
| program/steps/addressbook/edit.inc |
| |
| This file is part of the RoundCube Webmail client |
- | Copyright (C) 2005, RoundCube Dev. - Switzerland |
+ | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland |
| Licensed under the GNU GPL |
| |
| PURPOSE: |
@@ -20,30 +20,27 @@
*/
-if (($_GET['_cid'] || $_POST['_cid']) && $_action=='edit')
- {
- $cid = $_POST['_cid'] ? $_POST['_cid'] : $_GET['_cid'];
- $DB->query("SELECT * FROM ".get_table_name('contacts')."
- WHERE contact_id=?
- AND user_id=?
- AND del<>1",
- $cid,
- $_SESSION['user_id']);
-
- $CONTACT_RECORD = $DB->fetch_assoc();
+if (($cid = get_input_value('_cid', RCUBE_INPUT_GPC)) && ($record = $CONTACTS->get_record($cid, true)))
+ $OUTPUT->set_env('cid', $record['ID']);
- if (is_array($CONTACT_RECORD))
- $OUTPUT->add_script(sprintf("%s.set_env('cid', '%s');", $JS_OBJECT_NAME, $CONTACT_RECORD['contact_id']));
- }
-
-
+// adding not allowed here
+if ($CONTACTS->readonly)
+{
+ $OUTPUT->show_message('sourceisreadonly');
+ rcmail_overwrite_action('show');
+ return;
+}
function rcmail_contact_editform($attrib)
- {
- global $CONTACT_RECORD, $JS_OBJECT_NAME;
+{
+ global $RCMAIL, $CONTACTS, $OUTPUT;
- if (!$CONTACT_RECORD && $GLOBALS['_action']!='add')
- return rcube_label('contactnotfound');
+ // check if we have a valid result
+ if ($RCMAIL->action != 'add' && !(($result = $CONTACTS->get_result()) && ($record = $result->first())))
+ {
+ $OUTPUT->show_message('contactnotfound');
+ return false;
+ }
// add some labels to client
rcube_add_label('noemailwarning');
@@ -51,15 +48,14 @@
list($form_start, $form_end) = get_form_tags($attrib);
unset($attrib['form']);
-
// a specific part is requested
if ($attrib['part'])
- {
+ {
$out = $form_start;
- $out .= rcmail_get_edit_field($attrib['part'], $CONTACT_RECORD[$attrib['part']], $attrib);
+ $out .= rcmail_get_edit_field($attrib['part'], $record[$attrib['part']], $attrib);
return $out;
- }
+ }
// return the complete address edit form as table
@@ -67,41 +63,41 @@
$a_show_cols = array('name', 'firstname', 'surname', 'email');
foreach ($a_show_cols as $col)
- {
+ {
$attrib['id'] = 'rcmfd_'.$col;
- $title = rcube_label($col);
- $value = rcmail_get_edit_field($col, $CONTACT_RECORD[$col], $attrib);
+ $value = rcmail_get_edit_field($col, $record[$col], $attrib);
$out .= sprintf("<tr><td class=\"title\"><label for=\"%s\">%s</label></td><td>%s</td></tr>\n",
$attrib['id'],
- $title,
+ Q(rcube_label($col)),
$value);
- }
+ }
$out .= "\n</table>$form_end";
return $out;
- }
+}
+
+$OUTPUT->add_handler('contacteditform', 'rcmail_contact_editform');
// similar function as in /steps/settings/edit_identity.inc
function get_form_tags($attrib)
{
- global $CONTACT_RECORD, $OUTPUT, $JS_OBJECT_NAME, $EDIT_FORM, $SESS_HIDDEN_FIELD;
+ global $CONTACTS, $EDIT_FORM, $RCMAIL;
+ $result = $CONTACTS->get_result();
$form_start = '';
if (!strlen($EDIT_FORM))
{
- $hiddenfields = new hiddenfield(array('name' => '_task', 'value' => $GLOBALS['_task']));
+ $hiddenfields = new html_hiddenfield(array('name' => '_task', 'value' => $RCMAIL->task));
$hiddenfields->add(array('name' => '_action', 'value' => 'save'));
+ $hiddenfields->add(array('name' => '_source', 'value' => get_input_value('_source', RCUBE_INPUT_GPC)));
+ $hiddenfields->add(array('name' => '_framed', 'value' => (empty($_REQUEST['_framed']) ? 0 : 1)));
- if ($GLOBALS['_framed'])
- $hiddenfields->add(array('name' => '_framed', 'value' => 1));
+ if (($result = $CONTACTS->get_result()) && ($record = $result->first()))
+ $hiddenfields->add(array('name' => '_cid', 'value' => $record['ID']));
- if ($CONTACT_RECORD['contact_id'])
- $hiddenfields->add(array('name' => '_cid', 'value' => $CONTACT_RECORD['contact_id']));
-
- $form_start = !strlen($attrib['form']) ? '<form name="form" action="./" method="post">' : '';
- $form_start .= "\n$SESS_HIDDEN_FIELD\n";
+ $form_start = !strlen($attrib['form']) ? $RCMAIL->output->form_tag(array('name' => "form", 'method' => "post")) : '';
$form_start .= $hiddenfields->show();
}
@@ -109,18 +105,18 @@
$form_name = strlen($attrib['form']) ? $attrib['form'] : 'form';
if (!strlen($EDIT_FORM))
- $OUTPUT->add_script("$JS_OBJECT_NAME.gui_object('editform', '$form_name');");
+ $RCMAIL->output->add_gui_object('editform', $form_name);
$EDIT_FORM = $form_name;
- return array($form_start, $form_end);
+ return array($form_start, $form_end);
}
-if (!$CONTACT_RECORD && template_exists('addcontact'))
- parse_template('addcontact');
+if (!$CONTACTS->get_result() && $OUTPUT->template_exists('addcontact'))
+ $OUTPUT->send('addcontact');
// this will be executed if no template for addcontact exists
-parse_template('editcontact');
-?>
\ No newline at end of file
+$OUTPUT->send('editcontact');
+?>
--
Gitblit v1.9.1