From 2965a981b7ec22866fbdf2d567d87e2d068d3617 Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Fri, 31 Jul 2015 16:04:08 -0400
Subject: [PATCH] Allow to search and import missing PGP pubkeys from keyservers using Publickey.js
---
program/lib/Roundcube/rcube_contacts.php | 358 +++++++++++++++++++++++++++++++++--------------------------
1 files changed, 202 insertions(+), 156 deletions(-)
diff --git a/program/lib/Roundcube/rcube_contacts.php b/program/lib/Roundcube/rcube_contacts.php
index 6d01368..23e0b71 100644
--- a/program/lib/Roundcube/rcube_contacts.php
+++ b/program/lib/Roundcube/rcube_contacts.php
@@ -167,11 +167,9 @@
}
$sql_result = $this->db->query(
- "SELECT * FROM ".$this->db->table_name($this->db_groups).
- " WHERE del<>1".
- " AND user_id=?".
- $sql_filter.
- " ORDER BY name",
+ "SELECT * FROM " . $this->db->table_name($this->db_groups, true)
+ . " WHERE `del` <> 1 AND `user_id` = ?" . $sql_filter
+ . " ORDER BY `name`",
$this->user_id);
while ($sql_result && ($sql_arr = $this->db->fetch_assoc($sql_result))) {
@@ -192,10 +190,8 @@
function get_group($group_id)
{
$sql_result = $this->db->query(
- "SELECT * FROM ".$this->db->table_name($this->db_groups).
- " WHERE del<>1".
- " AND contactgroup_id=?".
- " AND user_id=?",
+ "SELECT * FROM " . $this->db->table_name($this->db_groups, true)
+ . " WHERE `del` <> 1 AND `contactgroup_id` = ? AND `user_id` = ?",
$group_id, $this->user_id);
if ($sql_result && ($sql_arr = $this->db->fetch_assoc($sql_result))) {
@@ -228,25 +224,25 @@
$length = $subset != 0 ? abs($subset) : $this->page_size;
if ($this->group_id)
- $join = " LEFT JOIN ".$this->db->table_name($this->db_groupmembers)." AS m".
- " ON (m.contact_id = c.".$this->primary_key.")";
+ $join = " LEFT JOIN " . $this->db->table_name($this->db_groupmembers, true) . " AS m".
+ " ON (m.`contact_id` = c.`".$this->primary_key."`)";
$order_col = (in_array($this->sort_col, $this->table_cols) ? $this->sort_col : 'name');
- $order_cols = array('c.'.$order_col);
+ $order_cols = array("c.`$order_col`");
if ($order_col == 'firstname')
- $order_cols[] = 'c.surname';
+ $order_cols[] = 'c.`surname`';
else if ($order_col == 'surname')
- $order_cols[] = 'c.firstname';
+ $order_cols[] = 'c.`firstname`';
if ($order_col != 'name')
- $order_cols[] = 'c.name';
- $order_cols[] = 'c.email';
+ $order_cols[] = 'c.`name`';
+ $order_cols[] = 'c.`email`';
$sql_result = $this->db->limitquery(
- "SELECT * FROM ".$this->db->table_name($this->db_name)." AS c" .
+ "SELECT * FROM " . $this->db->table_name($this->db_name, true) . " AS c" .
$join .
- " WHERE c.del<>1" .
- " AND c.user_id=?" .
- ($this->group_id ? " AND m.contactgroup_id=?" : "").
+ " WHERE c.`del` <> 1" .
+ " AND c.`user_id` = ?" .
+ ($this->group_id ? " AND m.`contactgroup_id` = ?" : "").
($this->filter ? " AND (".$this->filter.")" : "") .
" ORDER BY ". $this->db->concat($order_cols) .
" " . $this->sort_order,
@@ -264,7 +260,7 @@
if ($read_vcard)
$sql_arr = $this->convert_db_data($sql_arr);
else {
- $sql_arr['email'] = explode(self::SEPARATOR, $sql_arr['email']);
+ $sql_arr['email'] = $sql_arr['email'] ? explode(self::SEPARATOR, $sql_arr['email']) : array();
$sql_arr['email'] = array_map('trim', $sql_arr['email']);
}
@@ -306,51 +302,32 @@
*/
function search($fields, $value, $mode=0, $select=true, $nocount=false, $required=array())
{
- if (!is_array($fields))
- $fields = array($fields);
if (!is_array($required) && !empty($required))
$required = array($required);
- $where = $and_where = array();
+ $where = $and_where = $post_search = array();
$mode = intval($mode);
$WS = ' ';
$AS = self::SEPARATOR;
- foreach ($fields as $idx => $col) {
- // direct ID search
- if ($col == 'ID' || $col == $this->primary_key) {
- $ids = !is_array($value) ? explode(self::SEPARATOR, $value) : $value;
- $ids = $this->db->array2list($ids, 'integer');
- $where[] = 'c.' . $this->primary_key.' IN ('.$ids.')';
- continue;
- }
- // fulltext search in all fields
- else if ($col == '*') {
- $words = array();
- foreach (explode($WS, rcube_utils::normalize_string($value)) as $word) {
- switch ($mode) {
- case 1: // strict
- $words[] = '(' . $this->db->ilike('words', $word . '%')
- . ' OR ' . $this->db->ilike('words', '%' . $WS . $word . $WS . '%')
- . ' OR ' . $this->db->ilike('words', '%' . $WS . $word) . ')';
- break;
- case 2: // prefix
- $words[] = '(' . $this->db->ilike('words', $word . '%')
- . ' OR ' . $this->db->ilike('words', '%' . $WS . $word . '%') . ')';
- break;
- default: // partial
- $words[] = $this->db->ilike('words', '%' . $word . '%');
- }
- }
- $where[] = '(' . join(' AND ', $words) . ')';
- }
- else {
- $val = is_array($value) ? $value[$idx] : $value;
+ // direct ID search
+ if ($fields == 'ID' || $fields == $this->primary_key) {
+ $ids = !is_array($value) ? explode(self::SEPARATOR, $value) : $value;
+ $ids = $this->db->array2list($ids, 'integer');
+ $where[] = 'c.' . $this->primary_key.' IN ('.$ids.')';
+ }
+ else if (is_array($value)) {
+ foreach ((array)$fields as $idx => $col) {
+ $val = $value[$idx];
+
+ if (!strlen($val))
+ continue;
+
// table column
if (in_array($col, $this->table_cols)) {
switch ($mode) {
case 1: // strict
- $where[] = '(' . $this->db->quoteIdentifier($col) . ' = ' . $this->db->quote($val)
+ $where[] = '(' . $this->db->quote_identifier($col) . ' = ' . $this->db->quote($val)
. ' OR ' . $this->db->ilike($col, $val . $AS . '%')
. ' OR ' . $this->db->ilike($col, '%' . $AS . $val . $AS . '%')
. ' OR ' . $this->db->ilike($col, '%' . $AS . $val) . ')';
@@ -366,36 +343,35 @@
// vCard field
else {
if (in_array($col, $this->fulltext_cols)) {
- foreach (rcube_utils::normalize_string($val, true) as $word) {
- switch ($mode) {
- case 1: // strict
- $words[] = '(' . $this->db->ilike('words', $word . $WS . '%')
- . ' OR ' . $this->db->ilike('words', '%' . $AS . $word . $WS .'%')
- . ' OR ' . $this->db->ilike('words', '%' . $AS . $word) . ')';
- break;
- case 2: // prefix
- $words[] = '(' . $this->db->ilike('words', $word . '%')
- . ' OR ' . $this->db->ilike('words', $AS . $word . '%') . ')';
- break;
- default: // partial
- $words[] = $this->db->ilike('words', '%' . $word . '%');
- }
- }
- $where[] = '(' . join(' AND ', $words) . ')';
+ $where[] = $this->fulltext_sql_where($val, $mode, 'words');
}
- if (is_array($value))
- $post_search[$col] = mb_strtolower($val);
+ $post_search[$col] = mb_strtolower($val);
}
+ }
+ }
+ // fulltext search in all fields
+ else if ($fields == '*') {
+ $where[] = $this->fulltext_sql_where($value, $mode, 'words');
+ }
+ else {
+ // require each word in to be present in one of the fields
+ foreach (rcube_utils::tokenize_string($value, 1) as $word) {
+ $groups = array();
+ foreach ((array)$fields as $idx => $col) {
+ $groups[] = $this->fulltext_sql_where($word, $mode, $col);
+ }
+ $where[] = '(' . join(' OR ', $groups) . ')';
}
}
foreach (array_intersect($required, $this->table_cols) as $col) {
- $and_where[] = $this->db->quoteIdentifier($col).' <> '.$this->db->quote('');
+ $and_where[] = $this->db->quote_identifier($col).' <> '.$this->db->quote('');
}
+ $required = array_diff($required, $this->table_cols);
if (!empty($where)) {
// use AND operator for advanced searches
- $where = join(is_array($value) ? ' AND ' : ' OR ', $where);
+ $where = join(" AND ", $where);
}
if (!empty($and_where))
@@ -403,7 +379,7 @@
// Post-searching in vCard data fields
// we will search in all records and then build a where clause for their IDs
- if (!empty($post_search)) {
+ if (!empty($post_search) || !empty($required)) {
$ids = array(0);
// build key name regexp
$regexp = '/^(' . implode(array_keys($post_search), '|') . ')(?:.*)$/';
@@ -412,7 +388,7 @@
$this->set_search_set($where);
// count result pages
- $cnt = $this->count();
+ $cnt = $this->count()->count;
$pages = ceil($cnt / $this->page_size);
$scnt = count($post_search);
@@ -422,14 +398,33 @@
while ($row = $this->result->next()) {
$id = $row[$this->primary_key];
$found = array();
- foreach (preg_grep($regexp, array_keys($row)) as $col) {
- $pos = strpos($col, ':');
- $colname = $pos ? substr($col, 0, $pos) : $col;
- $search = $post_search[$colname];
- foreach ((array)$row[$col] as $value) {
- if ($this->compare_search_value($colname, $value, $search, $mode)) {
- $found[$colname] = true;
- break 2;
+ if (!empty($post_search)) {
+ foreach (preg_grep($regexp, array_keys($row)) as $col) {
+ $pos = strpos($col, ':');
+ $colname = $pos ? substr($col, 0, $pos) : $col;
+ $search = $post_search[$colname];
+ foreach ((array)$row[$col] as $value) {
+ if ($this->compare_search_value($colname, $value, $search, $mode)) {
+ $found[$colname] = true;
+ break 2;
+ }
+ }
+ }
+ }
+ // check if required fields are present
+ if (!empty($required)) {
+ foreach ($required as $req) {
+ $hit = false;
+ foreach ($row as $c => $values) {
+ if ($c === $req || strpos($c, $req.':') === 0) {
+ if ((is_string($row[$c]) && strlen($row[$c])) || !empty($row[$c])) {
+ $hit = true;
+ break;
+ }
+ }
+ }
+ if (!$hit) {
+ continue 2;
}
}
}
@@ -442,7 +437,7 @@
// build WHERE clause
$ids = $this->db->array2list($ids, 'integer');
- $where = 'c.' . $this->primary_key.' IN ('.$ids.')';
+ $where = 'c.`' . $this->primary_key.'` IN ('.$ids.')';
// reset counter
unset($this->cache['count']);
@@ -464,6 +459,34 @@
return $this->result;
}
+ /**
+ * Helper method to compose SQL where statements for fulltext searching
+ */
+ private function fulltext_sql_where($value, $mode, $col = 'words', $bool = 'AND')
+ {
+ $WS = ' ';
+ $AS = $col == 'words' ? $WS : self::SEPARATOR;
+ $words = $col == 'words' ? rcube_utils::normalize_string($value, true) : array($value);
+
+ $where = array();
+ foreach ($words as $word) {
+ switch ($mode) {
+ case 1: // strict
+ $where[] = '(' . $this->db->ilike($col, $word . '%')
+ . ' OR ' . $this->db->ilike($col, '%' . $WS . $word . $WS . '%')
+ . ' OR ' . $this->db->ilike($col, '%' . $WS . $word) . ')';
+ break;
+ case 2: // prefix
+ $where[] = '(' . $this->db->ilike($col, $word . '%')
+ . ' OR ' . $this->db->ilike($col, '%' . $AS . $word . '%') . ')';
+ break;
+ default: // partial
+ $where[] = $this->db->ilike($col, '%' . $word . '%');
+ }
+ }
+
+ return count($where) ? '(' . join(" $bool ", $where) . ')' : '';
+ }
/**
* Count number of available contacts in database
@@ -486,17 +509,17 @@
private function _count()
{
if ($this->group_id)
- $join = " LEFT JOIN ".$this->db->table_name($this->db_groupmembers)." AS m".
- " ON (m.contact_id=c.".$this->primary_key.")";
+ $join = " LEFT JOIN " . $this->db->table_name($this->db_groupmembers, true) . " AS m".
+ " ON (m.`contact_id` = c.`".$this->primary_key."`)";
// count contacts for this user
$sql_result = $this->db->query(
- "SELECT COUNT(c.contact_id) AS rows".
- " FROM ".$this->db->table_name($this->db_name)." AS c".
+ "SELECT COUNT(c.`contact_id`) AS rows".
+ " FROM " . $this->db->table_name($this->db_name, true) . " AS c".
$join.
- " WHERE c.del<>1".
- " AND c.user_id=?".
- ($this->group_id ? " AND m.contactgroup_id=?" : "").
+ " WHERE c.`del` <> 1".
+ " AND c.`user_id` = ?".
+ ($this->group_id ? " AND m.`contactgroup_id` = ?" : "").
($this->filter ? " AND (".$this->filter.")" : ""),
$this->user_id,
$this->group_id
@@ -534,10 +557,10 @@
return $assoc ? $first : $this->result;
$this->db->query(
- "SELECT * FROM ".$this->db->table_name($this->db_name).
- " WHERE contact_id=?".
- " AND user_id=?".
- " AND del<>1",
+ "SELECT * FROM " . $this->db->table_name($this->db_name, true).
+ " WHERE `contact_id` = ?".
+ " AND `user_id` = ?".
+ " AND `del` <> 1",
$id,
$this->user_id
);
@@ -566,9 +589,11 @@
return $results;
$sql_result = $this->db->query(
- "SELECT cgm.contactgroup_id, cg.name FROM " . $this->db->table_name($this->db_groupmembers) . " AS cgm" .
- " LEFT JOIN " . $this->db->table_name($this->db_groups) . " AS cg ON (cgm.contactgroup_id = cg.contactgroup_id AND cg.del<>1)" .
- " WHERE cgm.contact_id=?",
+ "SELECT cgm.`contactgroup_id`, cg.`name` "
+ . " FROM " . $this->db->table_name($this->db_groupmembers, true) . " AS cgm"
+ . " LEFT JOIN " . $this->db->table_name($this->db_groups, true) . " AS cg"
+ . " ON (cgm.`contactgroup_id` = cg.`contactgroup_id` AND cg.`del` <> 1)"
+ . " WHERE cgm.`contact_id` = ?",
$id
);
while ($sql_result && ($sql_arr = $this->db->fetch_assoc($sql_result))) {
@@ -592,8 +617,8 @@
// validate e-mail addresses
$valid = parent::validate($save_data, $autofix);
- // require at least one e-mail address (syntax check is already done)
- if ($valid && !array_filter($this->get_col_values('email', $save_data, true))) {
+ // require at least one email address or a name
+ if ($valid && !strlen($save_data['firstname'].$save_data['surname'].$save_data['name']) && !array_filter($this->get_col_values('email', $save_data, true))) {
$this->set_error(self::ERROR_VALIDATE, 'noemailwarning');
$valid = false;
}
@@ -626,18 +651,18 @@
}
}
- $save_data = $this->convert_save_data($save_data);
+ $save_data = $this->convert_save_data($save_data);
$a_insert_cols = $a_insert_values = array();
foreach ($save_data as $col => $value) {
- $a_insert_cols[] = $this->db->quoteIdentifier($col);
+ $a_insert_cols[] = $this->db->quote_identifier($col);
$a_insert_values[] = $this->db->quote($value);
}
if (!$existing->count && !empty($a_insert_cols)) {
$this->db->query(
- "INSERT INTO ".$this->db->table_name($this->db_name).
- " (user_id, changed, del, ".join(', ', $a_insert_cols).")".
+ "INSERT INTO " . $this->db->table_name($this->db_name, true).
+ " (`user_id`, `changed`, `del`, ".join(', ', $a_insert_cols).")".
" VALUES (".intval($this->user_id).", ".$this->db->now().", 0, ".join(', ', $a_insert_values).")"
);
@@ -655,26 +680,27 @@
*
* @param mixed Record identifier
* @param array Assoziative array with save data
+ *
* @return boolean True on success, False on error
*/
function update($id, $save_cols)
{
- $updated = false;
+ $updated = false;
$write_sql = array();
- $record = $this->get_record($id, true);
+ $record = $this->get_record($id, true);
$save_cols = $this->convert_save_data($save_cols, $record);
foreach ($save_cols as $col => $value) {
- $write_sql[] = sprintf("%s=%s", $this->db->quoteIdentifier($col), $this->db->quote($value));
+ $write_sql[] = sprintf("%s=%s", $this->db->quote_identifier($col), $this->db->quote($value));
}
if (!empty($write_sql)) {
$this->db->query(
- "UPDATE ".$this->db->table_name($this->db_name).
- " SET changed=".$this->db->now().", ".join(', ', $write_sql).
- " WHERE contact_id=?".
- " AND user_id=?".
- " AND del<>1",
+ "UPDATE " . $this->db->table_name($this->db_name, true).
+ " SET `changed` = ".$this->db->now().", ".join(', ', $write_sql).
+ " WHERE `contact_id` = ?".
+ " AND `user_id` = ?".
+ " AND `del` <> 1",
$id,
$this->user_id
);
@@ -683,7 +709,7 @@
$this->result = null; // clear current result (from get_record())
}
- return $updated;
+ return $updated ? true : false;
}
@@ -715,6 +741,11 @@
// copy values into vcard object
$vcard = new rcube_vcard($record['vcard'] ? $record['vcard'] : $save_data['vcard'], RCUBE_CHARSET, false, $this->vcard_fieldmap);
$vcard->reset();
+
+ // don't store groups in vCard (#1490277)
+ $vcard->set('groups', null);
+ unset($save_data['groups']);
+
foreach ($save_data as $key => $values) {
list($field, $section) = explode(':', $key);
$fulltext = in_array($field, $this->fulltext_cols);
@@ -770,10 +801,10 @@
// flag record as deleted (always)
$this->db->query(
- "UPDATE ".$this->db->table_name($this->db_name).
- " SET del=1, changed=".$this->db->now().
- " WHERE user_id=?".
- " AND contact_id IN ($ids)",
+ "UPDATE " . $this->db->table_name($this->db_name, true).
+ " SET `del` = 1, `changed` = ".$this->db->now().
+ " WHERE `user_id` = ?".
+ " AND `contact_id` IN ($ids)",
$this->user_id
);
@@ -797,10 +828,10 @@
// clear deleted flag
$this->db->query(
- "UPDATE ".$this->db->table_name($this->db_name).
- " SET del=0, changed=".$this->db->now().
- " WHERE user_id=?".
- " AND contact_id IN ($ids)",
+ "UPDATE " . $this->db->table_name($this->db_name, true).
+ " SET `del` = 0, `changed` = ".$this->db->now().
+ " WHERE `user_id` = ?".
+ " AND `contact_id` IN ($ids)",
$this->user_id
);
@@ -812,16 +843,32 @@
/**
* Remove all records from the database
+ *
+ * @param bool $with_groups Remove also groups
+ *
+ * @return int Number of removed records
*/
- function delete_all()
+ function delete_all($with_groups = false)
{
$this->cache = null;
- $this->db->query("UPDATE ".$this->db->table_name($this->db_name).
- " SET del=1, changed=".$this->db->now().
- " WHERE user_id = ?", $this->user_id);
+ $now = $this->db->now();
- return $this->db->affected_rows();
+ $this->db->query("UPDATE " . $this->db->table_name($this->db_name, true)
+ . " SET `del` = 1, `changed` = $now"
+ . " WHERE `user_id` = ?", $this->user_id);
+
+ $count = $this->db->affected_rows();
+
+ if ($with_groups) {
+ $this->db->query("UPDATE " . $this->db->table_name($this->db_groups, true)
+ . " SET `del` = 1, `changed` = $now"
+ . " WHERE `user_id` = ?", $this->user_id);
+
+ $count += $this->db->affected_rows();
+ }
+
+ return $count;
}
@@ -839,13 +886,14 @@
$name = $this->unique_groupname($name);
$this->db->query(
- "INSERT INTO ".$this->db->table_name($this->db_groups).
- " (user_id, changed, name)".
+ "INSERT INTO " . $this->db->table_name($this->db_groups, true).
+ " (`user_id`, `changed`, `name`)".
" VALUES (".intval($this->user_id).", ".$this->db->now().", ".$this->db->quote($name).")"
);
- if ($insert_id = $this->db->insert_id($this->db_groups))
+ if ($insert_id = $this->db->insert_id($this->db_groups)) {
$result = array('id' => $insert_id, 'name' => $name);
+ }
return $result;
}
@@ -860,11 +908,11 @@
function delete_group($gid)
{
// flag group record as deleted
- $sql_result = $this->db->query(
- "UPDATE ".$this->db->table_name($this->db_groups).
- " SET del=1, changed=".$this->db->now().
- " WHERE contactgroup_id=?".
- " AND user_id=?",
+ $this->db->query(
+ "UPDATE " . $this->db->table_name($this->db_groups, true)
+ . " SET `del` = 1, `changed` = " . $this->db->now()
+ . " WHERE `contactgroup_id` = ?"
+ . " AND `user_id` = ?",
$gid, $this->user_id
);
@@ -872,7 +920,6 @@
return $this->db->affected_rows();
}
-
/**
* Rename a specific contact group
@@ -887,14 +934,14 @@
$name = $this->unique_groupname($newname);
$sql_result = $this->db->query(
- "UPDATE ".$this->db->table_name($this->db_groups).
- " SET name=?, changed=".$this->db->now().
- " WHERE contactgroup_id=?".
- " AND user_id=?",
+ "UPDATE " . $this->db->table_name($this->db_groups, true).
+ " SET `name` = ?, `changed` = ".$this->db->now().
+ " WHERE `contactgroup_id` = ?".
+ " AND `user_id` = ?",
$name, $gid, $this->user_id
);
- return $this->db->affected_rows() ? $name : false;
+ return $this->db->affected_rows($sql_result) ? $name : false;
}
@@ -916,9 +963,9 @@
// get existing assignments ...
$sql_result = $this->db->query(
- "SELECT contact_id FROM ".$this->db->table_name($this->db_groupmembers).
- " WHERE contactgroup_id=?".
- " AND contact_id IN (".$this->db->array2list($ids, 'integer').")",
+ "SELECT `contact_id` FROM " . $this->db->table_name($this->db_groupmembers, true).
+ " WHERE `contactgroup_id` = ?".
+ " AND `contact_id` IN (".$this->db->array2list($ids, 'integer').")",
$group_id
);
while ($sql_result && ($sql_arr = $this->db->fetch_assoc($sql_result))) {
@@ -929,8 +976,8 @@
foreach ($ids as $contact_id) {
$this->db->query(
- "INSERT INTO ".$this->db->table_name($this->db_groupmembers).
- " (contactgroup_id, contact_id, created)".
+ "INSERT INTO " . $this->db->table_name($this->db_groupmembers, true).
+ " (`contactgroup_id`, `contact_id`, `created`)".
" VALUES (?, ?, ".$this->db->now().")",
$group_id,
$contact_id
@@ -962,13 +1009,13 @@
$ids = $this->db->array2list($ids, 'integer');
$sql_result = $this->db->query(
- "DELETE FROM ".$this->db->table_name($this->db_groupmembers).
- " WHERE contactgroup_id=?".
- " AND contact_id IN ($ids)",
+ "DELETE FROM " . $this->db->table_name($this->db_groupmembers, true).
+ " WHERE `contactgroup_id` = ?".
+ " AND `contact_id` IN ($ids)",
$group_id
);
- return $this->db->affected_rows();
+ return $this->db->affected_rows($sql_result);
}
@@ -985,10 +1032,10 @@
do {
$sql_result = $this->db->query(
- "SELECT 1 FROM ".$this->db->table_name($this->db_groups).
- " WHERE del<>1".
- " AND user_id=?".
- " AND name=?",
+ "SELECT 1 FROM " . $this->db->table_name($this->db_groups, true).
+ " WHERE `del` <> 1".
+ " AND `user_id` = ?".
+ " AND `name` = ?",
$this->user_id,
$checkname);
@@ -1000,5 +1047,4 @@
return $checkname;
}
-
}
--
Gitblit v1.9.1