From b545d3e8388d18a64d50b6f7879804cf4e7812ca Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Thu, 18 Feb 2010 13:01:53 -0500
Subject: [PATCH] Fix loading of plugin configs: user prefs will always survive (#1486368)

---
 program/include/rcube_user.php |  215 +++++++++++++++++++++++++++++++++--------------------
 1 files changed, 135 insertions(+), 80 deletions(-)

diff --git a/program/include/rcube_user.php b/program/include/rcube_user.php
index 8c77fdc..41a8bb5 100644
--- a/program/include/rcube_user.php
+++ b/program/include/rcube_user.php
@@ -5,7 +5,7 @@
  | program/include/rcube_user.inc                                        |
  |                                                                       |
  | This file is part of the RoundCube Webmail client                     |
- | Copyright (C) 2005-2008, RoundCube Dev. - Switzerland                 |
+ | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland                 |
  | Licensed under the GNU GPL                                            |
  |                                                                       |
  | PURPOSE:                                                              |
@@ -16,7 +16,7 @@
  | Author: Thomas Bruederli <roundcube@gmail.com>                        |
  +-----------------------------------------------------------------------+
 
- $Id: rcube_user.inc 933 2007-11-29 14:17:32Z thomasb $
+ $Id$
 
 */
 
@@ -123,7 +123,7 @@
 
     $this->language = $_SESSION['language'];
     if ($this->db->affected_rows()) {
-      $config->merge($a_user_prefs);
+      $config->set_user_prefs($a_user_prefs);
       return true;
     }
 
@@ -135,12 +135,12 @@
    * Get default identity of this user
    *
    * @param int  Identity ID. If empty, the default identity is returned
-   * @return array Hash array with all cols of the 
+   * @return array Hash array with all cols of the identity record
    */
   function get_identity($id = null)
   {
-    $sql_result = $this->list_identities($id ? sprintf('AND identity_id=%d', $id) : '');
-    return $this->db->fetch_assoc($sql_result);
+    $result = $this->list_identities($id ? sprintf('AND identity_id=%d', $id) : '');
+    return $result[0];
   }
   
   
@@ -160,7 +160,12 @@
        ORDER BY ".$this->db->quoteIdentifier('standard')." DESC, name ASC, identity_id ASC",
       $this->ID);
     
-    return $sql_result;
+    $result = array();
+    while ($sql_arr = $this->db->fetch_assoc($sql_result)) {
+      $result[] = $sql_arr;
+    }
+    
+    return $result;
   }
   
   
@@ -176,23 +181,24 @@
     if (!$this->ID)
       return false;
     
-    $write_sql = array();
+    $query_cols = $query_params = array();
     
     foreach ((array)$data as $col => $value)
     {
-      $write_sql[] = sprintf("%s=%s",
-        $this->db->quoteIdentifier($col),
-        $this->db->quote($value));
+      $query_cols[] = $this->db->quoteIdentifier($col) . '=?';
+      $query_params[] = $value;
     }
-    
-    $this->db->query(
-      "UPDATE ".get_table_name('identities')."
-       SET ".join(', ', $write_sql)."
+    $query_params[] = $iid;
+    $query_params[] = $this->ID;
+
+    $sql = "UPDATE ".get_table_name('identities')."
+       SET ".join(', ', $query_cols)."
        WHERE  identity_id=?
        AND    user_id=?
-       AND    del<>1",
-      $iid,
-      $this->ID);
+       AND    del<>1";
+
+    call_user_func_array(array($this->db, 'query'),
+                        array_merge(array($sql), $query_params));
     
     return $this->db->affected_rows();
   }
@@ -213,16 +219,19 @@
     foreach ((array)$data as $col => $value)
     {
       $insert_cols[] = $this->db->quoteIdentifier($col);
-      $insert_values[] = $this->db->quote($value);
+      $insert_values[] = $value;
     }
+    $insert_cols[] = 'user_id';
+    $insert_values[] = $this->ID;
 
-    $this->db->query(
-      "INSERT INTO ".get_table_name('identities')."
-        (user_id, ".join(', ', $insert_cols).")
-       VALUES (?, ".join(', ', $insert_values).")",
-      $this->ID);
+    $sql = "INSERT INTO ".get_table_name('identities')."
+        (".join(', ', $insert_cols).")
+       VALUES (".join(', ', array_pad(array(), sizeof($insert_values), '?')).")";
 
-    return $this->db->insert_id(get_sequence_name('identities'));
+    call_user_func_array(array($this->db, 'query'),
+                        array_merge(array($sql), $insert_values));
+
+    return $this->db->insert_id('identities');
   }
   
   
@@ -346,13 +355,26 @@
    */
   static function create($user, $host)
   {
+    $user_name  = '';
     $user_email = '';
     $rcmail = rcmail::get_instance();
-    $dbh = $rcmail->get_dbh();
 
-    // try to resolve user in virtusertable
-    if ($rcmail->config->get('virtuser_file') && !strpos($user, '@'))
-      $user_email = rcube_user::user2email($user);
+    // try to resolve user in virtuser table and file
+    if ($email_list = self::user2email($user, false, true)) {
+      $user_email = is_array($email_list[0]) ? $email_list[0][0] : $email_list[0];
+    }
+
+    $data = $rcmail->plugins->exec_hook('create_user',
+	array('user'=>$user, 'user_name'=>$user_name, 'user_email'=>$user_email));
+
+    // plugin aborted this operation
+    if ($data['abort'])
+      return false;
+
+    $user_name = $data['user_name'];
+    $user_email = $data['user_email'];
+
+    $dbh = $rcmail->get_dbh();
 
     $dbh->query(
       "INSERT INTO ".get_table_name('users')."
@@ -360,44 +382,65 @@
        VALUES (".$dbh->now().", ".$dbh->now().", ?, ?, ?, ?)",
       strip_newlines($user),
       strip_newlines($host),
-      strip_newlines($user_email),
+      strip_newlines($data['alias'] ? $data['alias'] : $user_email),
       $_SESSION['language']);
 
-    if ($user_id = $dbh->insert_id(get_sequence_name('users')))
+    if ($user_id = $dbh->insert_id('users'))
     {
+      // create rcube_user instance to make plugin hooks work
+      $user_instance = new rcube_user($user_id);
+      $rcmail->user = $user_instance;
+
       $mail_domain = $rcmail->config->mail_domain($host);
 
       if ($user_email=='')
         $user_email = strpos($user, '@') ? $user : sprintf('%s@%s', $user, $mail_domain);
 
-      $user_name = $user != $user_email ? $user : '';
-
-      // try to resolve the e-mail address from the virtuser table
-      if ($virtuser_query = $rcmail->config->get('virtuser_query') &&
-          ($sql_result = $dbh->query(preg_replace('/%u/', $dbh->escapeSimple($user), $virtuser_query))) &&
-          ($dbh->num_rows() > 0))
-      {
-        while ($sql_arr = $dbh->fetch_array($sql_result))
-        {
-          $dbh->query(
-            "INSERT INTO ".get_table_name('identities')."
-              (user_id, del, standard, name, email)
-             VALUES (?, 0, 1, ?, ?)",
-            $user_id,
-            strip_newlines($user_name),
-            preg_replace('/^@/', $user . '@', $sql_arr[0]));
-        }
+      if ($user_name == '') {
+        $user_name = $user != $user_email ? $user : '';
       }
-      else
-      {
-        // also create new identity records
-        $dbh->query(
-          "INSERT INTO ".get_table_name('identities')."
-            (user_id, del, standard, name, email)
-           VALUES (?, 0, 1, ?, ?)",
-          $user_id,
-          strip_newlines($user_name),
-          strip_newlines($user_email));
+
+      if (empty($email_list))
+        $email_list[] = strip_newlines($user_email);
+      // identities_level check
+      else if (count($email_list) > 1 && $rcmail->config->get('identities_level', 0) > 1)
+        $email_list = array($email_list[0]);
+
+      // create new identities records
+      $standard = 1;
+      foreach ($email_list as $row) {
+        if (is_array($row)) {
+          $email = $row[0];
+          $name = $row[1] ? $row[1] : $user_name;
+        }
+        else {
+          $email = $row;
+          $name = $user_name;
+        }
+
+        $plugin = $rcmail->plugins->exec_hook('create_identity', array(
+          'login' => true,
+          'record' => array(
+            'user_id' => $user_id,
+            'name' => strip_newlines($name),
+            'email' => $email,
+            'standard' => $standard,
+            'signature' => '',
+          ),
+        ));
+          
+        if (!$plugin['abort'] && $plugin['record']['email']) {
+          $dbh->query(
+              "INSERT INTO ".get_table_name('identities')."
+                (user_id, del, standard, name, email, signature)
+               VALUES (?, 0, ?, ?, ?, ?)",
+              $user_id,
+              $plugin['record']['standard'],
+              $plugin['record']['name'] != NULL ? $plugin['record']['name'] : '',
+              $plugin['record']['email'],
+              $plugin['record']['signature']);
+        }
+        $standard = 0;
       }
     }
     else
@@ -410,64 +453,77 @@
         'message' => "Failed to create new user"), true, false);
     }
     
-    return $user_id ? new rcube_user($user_id) : false;
+    return $user_id ? $user_instance : false;
   }
   
   
   /**
-   * Resolve username using a virtuser table
+   * Resolve username using a virtuser file
    *
    * @param string E-mail address to resolve
    * @return string Resolved IMAP username
    */
   static function email2user($email)
   {
-    $user = $email;
-    $r = self::findinvirtual('^' . quotemeta($email) . '[[:space:]]');
+    $r = self::findinvirtual('/^' . preg_quote($email, '/') . '\s/');
 
     for ($i=0; $i<count($r); $i++)
     {
       $data = trim($r[$i]);
       $arr = preg_split('/\s+/', $data);
       if (count($arr) > 0)
-      {
-        $user = trim($arr[count($arr)-1]);
-        break;
-      }
+        return trim($arr[count($arr)-1]);
     }
 
-    return $user;
+    return NULL;
   }
 
 
   /**
-   * Resolve e-mail address from virtuser table
+   * Resolve e-mail address from virtuser file/table
    *
    * @param string User name
-   * @return string Resolved e-mail address
+   * @param boolean If true returns first found entry
+   * @param boolean If true returns email as array (email and name for identity)
+   * @return mixed Resolved e-mail address string or array of strings
    */
-  static function user2email($user)
+  static function user2email($user, $first=true, $extended=false)
   {
-    $email = '';
-    $r = self::findinvirtual('[[:space:]]' . quotemeta($user) . '[[:space:]]*$');
+    $result = array();
+    $rcmail = rcmail::get_instance();
+    $dbh = $rcmail->get_dbh();
 
+    // SQL lookup
+    if ($virtuser_query = $rcmail->config->get('virtuser_query')) {
+      $sql_result = $dbh->query(preg_replace('/%u/', $dbh->escapeSimple($user), $virtuser_query));
+      while ($sql_arr = $dbh->fetch_array($sql_result))
+        if (strpos($sql_arr[0], '@')) {
+          $result[] = ($extended && count($sql_arr) > 1) ? $sql_arr : $sql_arr[0];
+          if ($first)
+            return $result[0];
+        }
+    }
+    // File lookup
+    $r = self::findinvirtual('/\s' . preg_quote($user, '/') . '\s*$/');
     for ($i=0; $i<count($r); $i++)
     {
       $data = $r[$i];
       $arr = preg_split('/\s+/', $data);
-      if (count($arr) > 0)
+      if (count($arr) > 0 && strpos($arr[0], '@'))
       {
-        $email = trim(str_replace('\\@', '@', $arr[0]));
-        break;
+        $result[] = trim(str_replace('\\@', '@', $arr[0]));
+
+        if ($first)
+          return $result[0];
       }
     }
-
-    return $email;
+    
+    return empty($result) ? NULL : $result;
   }
   
   
   /**
-   * Find matches of the given pattern in virtuser table
+   * Find matches of the given pattern in virtuser file
    * 
    * @param string Regular expression to search for
    * @return array Matching entries
@@ -490,13 +546,12 @@
       if (empty($line) || $line{0}=='#')
         continue;
         
-      if (eregi($pattern, $line))
+      if (preg_match($pattern, $line))
         $result[] = $line;
     }
     
     return $result;
   }
-
 
 }
 

--
Gitblit v1.9.1