From cead5c727147faac362e742aa7bcecf07f68cd99 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Thu, 18 May 2006 17:24:42 -0400
Subject: [PATCH] Updated CHANGELOG
---
program/steps/mail/addcontact.inc | 31 ++++++++++++++-----------------
1 files changed, 14 insertions(+), 17 deletions(-)
diff --git a/program/steps/mail/addcontact.inc b/program/steps/mail/addcontact.inc
index 465ed31..a0e1e93 100644
--- a/program/steps/mail/addcontact.inc
+++ b/program/steps/mail/addcontact.inc
@@ -21,21 +21,19 @@
$REMOTE_REQUEST = TRUE;
-if ($_GET['_address'])
+if (!empty($_GET['_address']))
{
- $contact_arr = $IMAP->decode_address_list($_GET['_address']);
+ $contact_arr = $IMAP->decode_address_list(get_input_value('_address', RCUBE_INPUT_GET, TRUE));
if (sizeof($contact_arr))
{
$contact = $contact_arr[1];
if ($contact['mailto'])
- $sql_result = $DB->query(sprintf("SELECT 1 FROM %s
- WHERE user_id=%d
- AND email='%s'
- AND del!='1'",
- get_table_name('contacts'),
- $_SESSION['user_id'],
- $contact['mailto']));
+ $sql_result = $DB->query("SELECT 1 FROM ".get_table_name('contacts')."
+ WHERE user_id=?
+ AND email=?
+ AND del<>1",
+ $_SESSION['user_id'],$contact['mailto']);
// contact entry with this mail address exists
if ($sql_result && $DB->num_rows($sql_result))
@@ -43,15 +41,14 @@
else if ($contact['mailto'])
{
- $DB->query(sprintf("INSERT INTO %s
- (user_id, name, email)
- VALUES (%d, '%s', '%s')",
- get_table_name('contacts'),
- $_SESSION['user_id'],
- $contact['name'],
- $contact['mailto']));
+ $DB->query("INSERT INTO ".get_table_name('contacts')."
+ (user_id, changed, del, name, email)
+ VALUES (?, now(), 0, ?, ?)",
+ $_SESSION['user_id'],
+ $contact['name'],
+ $contact['mailto']);
- $added = $DB->insert_id();
+ $added = $DB->insert_id(get_sequence_name('contacts'));
}
}
--
Gitblit v1.9.1