From ed1d212ae2daea5e4bd043417610177093e99f19 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sat, 16 Jan 2016 03:03:51 -0500
Subject: [PATCH] Improved SVG cleanup code
---
program/lib/Roundcube/rcube_contacts.php | 631 +++++++++++++++++++++++++++++++--------------------------
1 files changed, 345 insertions(+), 286 deletions(-)
diff --git a/program/lib/Roundcube/rcube_contacts.php b/program/lib/Roundcube/rcube_contacts.php
index a98b138..5ac5759 100644
--- a/program/lib/Roundcube/rcube_contacts.php
+++ b/program/lib/Roundcube/rcube_contacts.php
@@ -1,6 +1,6 @@
<?php
-/*
+/**
+-----------------------------------------------------------------------+
| This file is part of the Roundcube Webmail client |
| Copyright (C) 2006-2012, The Roundcube Dev Team |
@@ -16,7 +16,6 @@
+-----------------------------------------------------------------------+
*/
-
/**
* Model class for the local address book database
*
@@ -26,40 +25,41 @@
class rcube_contacts extends rcube_addressbook
{
// protected for backward compat. with some plugins
- protected $db_name = 'contacts';
- protected $db_groups = 'contactgroups';
+ protected $db_name = 'contacts';
+ protected $db_groups = 'contactgroups';
protected $db_groupmembers = 'contactgroupmembers';
- protected $vcard_fieldmap = array();
+ protected $vcard_fieldmap = array();
/**
* Store database connection.
*
* @var rcube_db
*/
- private $db = null;
+ private $db = null;
private $user_id = 0;
- private $filter = null;
- private $result = null;
+ private $filter = null;
+ private $result = null;
private $cache;
- private $table_cols = array('name', 'email', 'firstname', 'surname');
+ private $table_cols = array('name', 'email', 'firstname', 'surname');
private $fulltext_cols = array('name', 'firstname', 'surname', 'middlename', 'nickname',
- 'jobtitle', 'organization', 'department', 'maidenname', 'email', 'phone',
- 'address', 'street', 'locality', 'zipcode', 'region', 'country', 'website', 'im', 'notes');
+ 'jobtitle', 'organization', 'department', 'maidenname', 'email', 'phone',
+ 'address', 'street', 'locality', 'zipcode', 'region', 'country', 'website', 'im', 'notes');
// public properties
public $primary_key = 'contact_id';
public $name;
- public $readonly = false;
- public $groups = true;
- public $undelete = true;
+ public $readonly = false;
+ public $groups = true;
+ public $undelete = true;
public $list_page = 1;
public $page_size = 10;
- public $group_id = 0;
- public $ready = false;
- public $coltypes = array('name', 'firstname', 'surname', 'middlename', 'prefix', 'suffix', 'nickname',
- 'jobtitle', 'organization', 'department', 'assistant', 'manager',
- 'gender', 'maidenname', 'spouse', 'email', 'phone', 'address',
- 'birthday', 'anniversary', 'website', 'im', 'notes', 'photo');
+ public $group_id = 0;
+ public $ready = false;
+ public $coltypes = array('name', 'firstname', 'surname', 'middlename', 'prefix', 'suffix', 'nickname',
+ 'jobtitle', 'organization', 'department', 'assistant', 'manager',
+ 'gender', 'maidenname', 'spouse', 'email', 'phone', 'address',
+ 'birthday', 'anniversary', 'website', 'im', 'notes', 'photo');
+ public $date_cols = array('birthday', 'anniversary');
const SEPARATOR = ',';
@@ -67,16 +67,15 @@
/**
* Object constructor
*
- * @param object Instance of the rcube_db class
- * @param integer User-ID
+ * @param object $dbconn Instance of the rcube_db class
+ * @param integer $user User-ID
*/
function __construct($dbconn, $user)
{
- $this->db = $dbconn;
+ $this->db = $dbconn;
$this->user_id = $user;
- $this->ready = $this->db && !$this->db->is_error();
+ $this->ready = $this->db && !$this->db->is_error();
}
-
/**
* Returns addressbook name
@@ -85,7 +84,6 @@
{
return $this->name;
}
-
/**
* Save a search string for future listings
@@ -98,7 +96,6 @@
$this->cache = null;
}
-
/**
* Getter for saved search properties
*
@@ -109,7 +106,6 @@
return $this->filter;
}
-
/**
* Setter for the current group
* (empty, has to be re-implemented by extending class)
@@ -117,9 +113,8 @@
function set_group($gid)
{
$this->group_id = $gid;
- $this->cache = null;
+ $this->cache = null;
}
-
/**
* Reset all saved results and search parameters
@@ -128,31 +123,46 @@
{
$this->result = null;
$this->filter = null;
- $this->cache = null;
+ $this->cache = null;
}
-
/**
* List all active contact groups of this source
*
- * @param string Search string to match group name
- * @return array Indexed list of contact groups, each a hash array
+ * @param string $search Search string to match group name
+ * @param int $mode Matching mode:
+ * 0 - partial (*abc*),
+ * 1 - strict (=),
+ * 2 - prefix (abc*)
+ *
+ * @return array Indexed list of contact groups, each a hash array
*/
- function list_groups($search = null)
+ function list_groups($search = null, $mode = 0)
{
$results = array();
if (!$this->groups)
return $results;
- $sql_filter = $search ? " AND " . $this->db->ilike('name', '%'.$search.'%') : '';
+ if ($search) {
+ switch (intval($mode)) {
+ case 1:
+ $sql_filter = $this->db->ilike('name', $search);
+ break;
+ case 2:
+ $sql_filter = $this->db->ilike('name', $search . '%');
+ break;
+ default:
+ $sql_filter = $this->db->ilike('name', '%' . $search . '%');
+ }
+
+ $sql_filter = " AND $sql_filter";
+ }
$sql_result = $this->db->query(
- "SELECT * FROM ".$this->db->table_name($this->db_groups).
- " WHERE del<>1".
- " AND user_id=?".
- $sql_filter.
- " ORDER BY name",
+ "SELECT * FROM " . $this->db->table_name($this->db_groups, true)
+ . " WHERE `del` <> 1 AND `user_id` = ?" . $sql_filter
+ . " ORDER BY `name`",
$this->user_id);
while ($sql_result && ($sql_arr = $this->db->fetch_assoc($sql_result))) {
@@ -163,20 +173,18 @@
return $results;
}
-
/**
* Get group properties such as name and email address(es)
*
- * @param string Group identifier
+ * @param string $group_id Group identifier
+ *
* @return array Group properties as hash array
*/
function get_group($group_id)
{
$sql_result = $this->db->query(
- "SELECT * FROM ".$this->db->table_name($this->db_groups).
- " WHERE del<>1".
- " AND contactgroup_id=?".
- " AND user_id=?",
+ "SELECT * FROM " . $this->db->table_name($this->db_groups, true)
+ . " WHERE `del` <> 1 AND `contactgroup_id` = ? AND `user_id` = ?",
$group_id, $this->user_id);
if ($sql_result && ($sql_arr = $this->db->fetch_assoc($sql_result))) {
@@ -193,9 +201,10 @@
* @param array List of cols to show, Null means all
* @param int Only return this number of records, use negative values for tail
* @param boolean True to skip the count query (select only)
+ *
* @return array Indexed list of contact records, each a hash array
*/
- function list_records($cols=null, $subset=0, $nocount=false)
+ function list_records($cols = null, $subset = 0, $nocount = false)
{
if ($nocount || $this->list_page <= 1) {
// create dummy result, we don't need a count now
@@ -206,28 +215,28 @@
}
$start_row = $subset < 0 ? $this->result->first + $this->page_size + $subset : $this->result->first;
- $length = $subset != 0 ? abs($subset) : $this->page_size;
+ $length = $subset != 0 ? abs($subset) : $this->page_size;
if ($this->group_id)
- $join = " LEFT JOIN ".$this->db->table_name($this->db_groupmembers)." AS m".
- " ON (m.contact_id = c.".$this->primary_key.")";
+ $join = " LEFT JOIN " . $this->db->table_name($this->db_groupmembers, true) . " AS m".
+ " ON (m.`contact_id` = c.`".$this->primary_key."`)";
- $order_col = (in_array($this->sort_col, $this->table_cols) ? $this->sort_col : 'name');
- $order_cols = array('c.'.$order_col);
+ $order_col = (in_array($this->sort_col, $this->table_cols) ? $this->sort_col : 'name');
+ $order_cols = array("c.`$order_col`");
if ($order_col == 'firstname')
- $order_cols[] = 'c.surname';
+ $order_cols[] = 'c.`surname`';
else if ($order_col == 'surname')
- $order_cols[] = 'c.firstname';
+ $order_cols[] = 'c.`firstname`';
if ($order_col != 'name')
- $order_cols[] = 'c.name';
- $order_cols[] = 'c.email';
+ $order_cols[] = 'c.`name`';
+ $order_cols[] = 'c.`email`';
$sql_result = $this->db->limitquery(
- "SELECT * FROM ".$this->db->table_name($this->db_name)." AS c" .
+ "SELECT * FROM " . $this->db->table_name($this->db_name, true) . " AS c" .
$join .
- " WHERE c.del<>1" .
- " AND c.user_id=?" .
- ($this->group_id ? " AND m.contactgroup_id=?" : "").
+ " WHERE c.`del` <> 1" .
+ " AND c.`user_id` = ?" .
+ ($this->group_id ? " AND m.`contactgroup_id` = ?" : "").
($this->filter ? " AND (".$this->filter.")" : "") .
" ORDER BY ". $this->db->concat($order_cols) .
" " . $this->sort_order,
@@ -245,7 +254,7 @@
if ($read_vcard)
$sql_arr = $this->convert_db_data($sql_arr);
else {
- $sql_arr['email'] = explode(self::SEPARATOR, $sql_arr['email']);
+ $sql_arr['email'] = $sql_arr['email'] ? explode(self::SEPARATOR, $sql_arr['email']) : array();
$sql_arr['email'] = array_map('trim', $sql_arr['email']);
}
@@ -269,11 +278,10 @@
return $this->result;
}
-
/**
* Search contacts
*
- * @param mixed $fields The field name of array of field names to search in
+ * @param mixed $fields The field name or array of field names to search in
* @param mixed $value Search value (or array of values when $fields is array)
* @param int $mode Matching mode:
* 0 - partial (*abc*),
@@ -285,53 +293,35 @@
*
* @return object rcube_result_set Contact records and 'count' value
*/
- function search($fields, $value, $mode=0, $select=true, $nocount=false, $required=array())
+ function search($fields, $value, $mode = 0, $select = true, $nocount = false, $required = array())
{
- if (!is_array($fields))
- $fields = array($fields);
- if (!is_array($required) && !empty($required))
+ if (!is_array($required) && !empty($required)) {
$required = array($required);
+ }
- $where = $and_where = array();
- $mode = intval($mode);
- $WS = ' ';
- $AS = self::SEPARATOR;
+ $where = $and_where = $post_search = array();
+ $mode = intval($mode);
+ $WS = ' ';
+ $AS = self::SEPARATOR;
- foreach ($fields as $idx => $col) {
- // direct ID search
- if ($col == 'ID' || $col == $this->primary_key) {
- $ids = !is_array($value) ? explode(self::SEPARATOR, $value) : $value;
- $ids = $this->db->array2list($ids, 'integer');
- $where[] = 'c.' . $this->primary_key.' IN ('.$ids.')';
- continue;
- }
- // fulltext search in all fields
- else if ($col == '*') {
- $words = array();
- foreach (explode($WS, rcube_utils::normalize_string($value)) as $word) {
- switch ($mode) {
- case 1: // strict
- $words[] = '(' . $this->db->ilike('words', $word . '%')
- . ' OR ' . $this->db->ilike('words', '%' . $WS . $word . $WS . '%')
- . ' OR ' . $this->db->ilike('words', '%' . $WS . $word) . ')';
- break;
- case 2: // prefix
- $words[] = '(' . $this->db->ilike('words', $word . '%')
- . ' OR ' . $this->db->ilike('words', '%' . $WS . $word . '%') . ')';
- break;
- default: // partial
- $words[] = $this->db->ilike('words', '%' . $word . '%');
- }
- }
- $where[] = '(' . join(' AND ', $words) . ')';
- }
- else {
- $val = is_array($value) ? $value[$idx] : $value;
+ // direct ID search
+ if ($fields == 'ID' || $fields == $this->primary_key) {
+ $ids = !is_array($value) ? explode(self::SEPARATOR, $value) : $value;
+ $ids = $this->db->array2list($ids, 'integer');
+ $where[] = 'c.' . $this->primary_key.' IN ('.$ids.')';
+ }
+ else if (is_array($value)) {
+ foreach ((array)$fields as $idx => $col) {
+ $val = $value[$idx];
+
+ if (!strlen($val))
+ continue;
+
// table column
if (in_array($col, $this->table_cols)) {
switch ($mode) {
case 1: // strict
- $where[] = '(' . $this->db->quoteIdentifier($col) . ' = ' . $this->db->quote($val)
+ $where[] = '(' . $this->db->quote_identifier($col) . ' = ' . $this->db->quote($val)
. ' OR ' . $this->db->ilike($col, $val . $AS . '%')
. ' OR ' . $this->db->ilike($col, '%' . $AS . $val . $AS . '%')
. ' OR ' . $this->db->ilike($col, '%' . $AS . $val) . ')';
@@ -347,36 +337,36 @@
// vCard field
else {
if (in_array($col, $this->fulltext_cols)) {
- foreach (rcube_utils::normalize_string($val, true) as $word) {
- switch ($mode) {
- case 1: // strict
- $words[] = '(' . $this->db->ilike('words', $word . $WS . '%')
- . ' OR ' . $this->db->ilike('words', '%' . $AS . $word . $WS .'%')
- . ' OR ' . $this->db->ilike('words', '%' . $AS . $word) . ')';
- break;
- case 2: // prefix
- $words[] = '(' . $this->db->ilike('words', $word . '%')
- . ' OR ' . $this->db->ilike('words', $AS . $word . '%') . ')';
- break;
- default: // partial
- $words[] = $this->db->ilike('words', '%' . $word . '%');
- }
- }
- $where[] = '(' . join(' AND ', $words) . ')';
+ $where[] = $this->fulltext_sql_where($val, $mode, 'words');
}
- if (is_array($value))
- $post_search[$col] = mb_strtolower($val);
+ $post_search[$col] = mb_strtolower($val);
}
+ }
+ }
+ // fulltext search in all fields
+ else if ($fields == '*') {
+ $where[] = $this->fulltext_sql_where($value, $mode, 'words');
+ }
+ else {
+ // require each word in to be present in one of the fields
+ $words = $mode == 1 ? array($value) : rcube_utils::tokenize_string($value, 1);
+ foreach ($words as $word) {
+ $groups = array();
+ foreach ((array)$fields as $idx => $col) {
+ $groups[] = $this->fulltext_sql_where($word, $mode, $col);
+ }
+ $where[] = '(' . join(' OR ', $groups) . ')';
}
}
foreach (array_intersect($required, $this->table_cols) as $col) {
- $and_where[] = $this->db->quoteIdentifier($col).' <> '.$this->db->quote('');
+ $and_where[] = $this->db->quote_identifier($col).' <> '.$this->db->quote('');
}
+ $required = array_diff($required, $this->table_cols);
if (!empty($where)) {
// use AND operator for advanced searches
- $where = join(is_array($value) ? ' AND ' : ' OR ', $where);
+ $where = join(" AND ", $where);
}
if (!empty($and_where))
@@ -384,7 +374,7 @@
// Post-searching in vCard data fields
// we will search in all records and then build a where clause for their IDs
- if (!empty($post_search)) {
+ if (!empty($post_search) || !empty($required)) {
$ids = array(0);
// build key name regexp
$regexp = '/^(' . implode(array_keys($post_search), '|') . ')(?:.*)$/';
@@ -393,7 +383,7 @@
$this->set_search_set($where);
// count result pages
- $cnt = $this->count();
+ $cnt = $this->count()->count;
$pages = ceil($cnt / $this->page_size);
$scnt = count($post_search);
@@ -401,32 +391,35 @@
for ($i=0; $i<$pages; $i++) {
$this->list_records(null, $i, true);
while ($row = $this->result->next()) {
- $id = $row[$this->primary_key];
+ $id = $row[$this->primary_key];
$found = array();
- foreach (preg_grep($regexp, array_keys($row)) as $col) {
- $pos = strpos($col, ':');
- $colname = $pos ? substr($col, 0, $pos) : $col;
- $search = $post_search[$colname];
- foreach ((array)$row[$col] as $value) {
- // composite field, e.g. address
- foreach ((array)$value as $val) {
- $val = mb_strtolower($val);
- switch ($mode) {
- case 1:
- $got = ($val == $search);
- break;
- case 2:
- $got = ($search == substr($val, 0, strlen($search)));
- break;
- default:
- $got = (strpos($val, $search) !== false);
- break;
- }
-
- if ($got) {
+ if (!empty($post_search)) {
+ foreach (preg_grep($regexp, array_keys($row)) as $col) {
+ $pos = strpos($col, ':');
+ $colname = $pos ? substr($col, 0, $pos) : $col;
+ $search = $post_search[$colname];
+ foreach ((array)$row[$col] as $value) {
+ if ($this->compare_search_value($colname, $value, $search, $mode)) {
$found[$colname] = true;
break 2;
}
+ }
+ }
+ }
+ // check if required fields are present
+ if (!empty($required)) {
+ foreach ($required as $req) {
+ $hit = false;
+ foreach ($row as $c => $values) {
+ if ($c === $req || strpos($c, $req.':') === 0) {
+ if ((is_string($row[$c]) && strlen($row[$c])) || !empty($row[$c])) {
+ $hit = true;
+ break;
+ }
+ }
+ }
+ if (!$hit) {
+ continue 2;
}
}
}
@@ -439,7 +432,7 @@
// build WHERE clause
$ids = $this->db->array2list($ids, 'integer');
- $where = 'c.' . $this->primary_key.' IN ('.$ids.')';
+ $where = 'c.`' . $this->primary_key.'` IN ('.$ids.')';
// reset counter
unset($this->cache['count']);
@@ -461,6 +454,34 @@
return $this->result;
}
+ /**
+ * Helper method to compose SQL where statements for fulltext searching
+ */
+ private function fulltext_sql_where($value, $mode, $col = 'words', $bool = 'AND')
+ {
+ $WS = ' ';
+ $AS = $col == 'words' ? $WS : self::SEPARATOR;
+ $words = $col == 'words' ? rcube_utils::normalize_string($value, true) : array($value);
+
+ $where = array();
+ foreach ($words as $word) {
+ switch ($mode) {
+ case 1: // strict
+ $where[] = '(' . $this->db->ilike($col, $word . '%')
+ . ' OR ' . $this->db->ilike($col, '%' . $WS . $word . $WS . '%')
+ . ' OR ' . $this->db->ilike($col, '%' . $WS . $word) . ')';
+ break;
+ case 2: // prefix
+ $where[] = '(' . $this->db->ilike($col, $word . '%')
+ . ' OR ' . $this->db->ilike($col, '%' . $AS . $word . '%') . ')';
+ break;
+ default: // partial
+ $where[] = $this->db->ilike($col, '%' . $word . '%');
+ }
+ }
+
+ return count($where) ? '(' . join(" $bool ", $where) . ')' : '';
+ }
/**
* Count number of available contacts in database
@@ -474,7 +495,6 @@
return new rcube_result_set($count, ($this->list_page-1) * $this->page_size);
}
-
/**
* Count number of available contacts in database
*
@@ -483,17 +503,17 @@
private function _count()
{
if ($this->group_id)
- $join = " LEFT JOIN ".$this->db->table_name($this->db_groupmembers)." AS m".
- " ON (m.contact_id=c.".$this->primary_key.")";
+ $join = " LEFT JOIN " . $this->db->table_name($this->db_groupmembers, true) . " AS m".
+ " ON (m.`contact_id` = c.`".$this->primary_key."`)";
// count contacts for this user
$sql_result = $this->db->query(
- "SELECT COUNT(c.contact_id) AS rows".
- " FROM ".$this->db->table_name($this->db_name)." AS c".
+ "SELECT COUNT(c.`contact_id`) AS rows".
+ " FROM " . $this->db->table_name($this->db_name, true) . " AS c".
$join.
- " WHERE c.del<>1".
- " AND c.user_id=?".
- ($this->group_id ? " AND m.contactgroup_id=?" : "").
+ " WHERE c.`del` <> 1".
+ " AND c.`user_id` = ?".
+ ($this->group_id ? " AND m.`contactgroup_id` = ?" : "").
($this->filter ? " AND (".$this->filter.")" : ""),
$this->user_id,
$this->group_id
@@ -506,7 +526,6 @@
return $this->cache['count'];
}
-
/**
* Return the last result set
*
@@ -517,24 +536,26 @@
return $this->result;
}
-
/**
* Get a specific contact record
*
- * @param mixed record identifier(s)
+ * @param mixed $id Record identifier(s)
+ * @param bool $assoc Enables returning associative array
+ *
* @return mixed Result object with all record fields or False if not found
*/
- function get_record($id, $assoc=false)
+ function get_record($id, $assoc = false)
{
// return cached result
- if ($this->result && ($first = $this->result->first()) && $first[$this->primary_key] == $id)
+ if ($this->result && ($first = $this->result->first()) && $first[$this->primary_key] == $id) {
return $assoc ? $first : $this->result;
+ }
$this->db->query(
- "SELECT * FROM ".$this->db->table_name($this->db_name).
- " WHERE contact_id=?".
- " AND user_id=?".
- " AND del<>1",
+ "SELECT * FROM " . $this->db->table_name($this->db_name, true).
+ " WHERE `contact_id` = ?".
+ " AND `user_id` = ?".
+ " AND `del` <> 1",
$id,
$this->user_id
);
@@ -548,40 +569,44 @@
return $assoc && $record ? $record : $this->result;
}
-
/**
* Get group assignments of a specific contact record
*
- * @param mixed Record identifier
+ * @param mixed $id Record identifier
+ *
* @return array List of assigned groups as ID=>Name pairs
*/
function get_record_groups($id)
{
- $results = array();
+ $results = array();
- if (!$this->groups)
- return $results;
+ if (!$this->groups) {
+ return $results;
+ }
- $sql_result = $this->db->query(
- "SELECT cgm.contactgroup_id, cg.name FROM " . $this->db->table_name($this->db_groupmembers) . " AS cgm" .
- " LEFT JOIN " . $this->db->table_name($this->db_groups) . " AS cg ON (cgm.contactgroup_id = cg.contactgroup_id AND cg.del<>1)" .
- " WHERE cgm.contact_id=?",
- $id
- );
- while ($sql_result && ($sql_arr = $this->db->fetch_assoc($sql_result))) {
- $results[$sql_arr['contactgroup_id']] = $sql_arr['name'];
- }
+ $sql_result = $this->db->query(
+ "SELECT cgm.`contactgroup_id`, cg.`name` "
+ . " FROM " . $this->db->table_name($this->db_groupmembers, true) . " AS cgm"
+ . " LEFT JOIN " . $this->db->table_name($this->db_groups, true) . " AS cg"
+ . " ON (cgm.`contactgroup_id` = cg.`contactgroup_id` AND cg.`del` <> 1)"
+ . " WHERE cgm.`contact_id` = ?",
+ $id
+ );
- return $results;
+ while ($sql_result && ($sql_arr = $this->db->fetch_assoc($sql_result))) {
+ $results[$sql_arr['contactgroup_id']] = $sql_arr['name'];
+ }
+
+ return $results;
}
-
/**
* Check the given data before saving.
* If input not valid, the message to display can be fetched using get_error()
*
- * @param array Assoziative array with data to save
- * @param boolean Try to fix/complete record automatically
+ * @param array $save_data Associative array with data to save
+ * @param boolean $autofix Try to fix/complete record automatically
+ *
* @return boolean True if input is valid, False if not.
*/
public function validate(&$save_data, $autofix = false)
@@ -589,8 +614,8 @@
// validate e-mail addresses
$valid = parent::validate($save_data, $autofix);
- // require at least one e-mail address (syntax check is already done)
- if ($valid && !array_filter($this->get_col_values('email', $save_data, true))) {
+ // require at least one email address or a name
+ if ($valid && !strlen($save_data['firstname'].$save_data['surname'].$save_data['name']) && !array_filter($this->get_col_values('email', $save_data, true))) {
$this->set_error(self::ERROR_VALIDATE, 'noemailwarning');
$valid = false;
}
@@ -598,17 +623,19 @@
return $valid;
}
-
/**
* Create a new contact record
*
- * @param array Associative array with save data
+ * @param array $save_data Associative array with save data
+ * @param bool $check Enables validity checks
+ *
* @return integer|boolean The created record ID on success, False on error
*/
- function insert($save_data, $check=false)
+ function insert($save_data, $check = false)
{
- if (!is_array($save_data))
+ if (!is_array($save_data)) {
return false;
+ }
$insert_id = $existing = false;
@@ -623,59 +650,55 @@
}
}
- $save_data = $this->convert_save_data($save_data);
+ $save_data = $this->convert_save_data($save_data);
$a_insert_cols = $a_insert_values = array();
foreach ($save_data as $col => $value) {
- $a_insert_cols[] = $this->db->quoteIdentifier($col);
+ $a_insert_cols[] = $this->db->quote_identifier($col);
$a_insert_values[] = $this->db->quote($value);
}
if (!$existing->count && !empty($a_insert_cols)) {
$this->db->query(
- "INSERT INTO ".$this->db->table_name($this->db_name).
- " (user_id, changed, del, ".join(', ', $a_insert_cols).")".
+ "INSERT INTO " . $this->db->table_name($this->db_name, true).
+ " (`user_id`, `changed`, `del`, ".join(', ', $a_insert_cols).")".
" VALUES (".intval($this->user_id).", ".$this->db->now().", 0, ".join(', ', $a_insert_values).")"
);
$insert_id = $this->db->insert_id($this->db_name);
}
- // also add the newly created contact to the active group
- if ($insert_id && $this->group_id)
- $this->add_to_group($this->group_id, $insert_id);
-
$this->cache = null;
return $insert_id;
}
-
/**
* Update a specific contact record
*
- * @param mixed Record identifier
- * @param array Assoziative array with save data
+ * @param mixed $id Record identifier
+ * @param array $save_cols Associative array with save data
+ *
* @return boolean True on success, False on error
*/
function update($id, $save_cols)
{
- $updated = false;
+ $updated = false;
$write_sql = array();
- $record = $this->get_record($id, true);
+ $record = $this->get_record($id, true);
$save_cols = $this->convert_save_data($save_cols, $record);
foreach ($save_cols as $col => $value) {
- $write_sql[] = sprintf("%s=%s", $this->db->quoteIdentifier($col), $this->db->quote($value));
+ $write_sql[] = sprintf("%s=%s", $this->db->quote_identifier($col), $this->db->quote($value));
}
if (!empty($write_sql)) {
$this->db->query(
- "UPDATE ".$this->db->table_name($this->db_name).
- " SET changed=".$this->db->now().", ".join(', ', $write_sql).
- " WHERE contact_id=?".
- " AND user_id=?".
- " AND del<>1",
+ "UPDATE " . $this->db->table_name($this->db_name, true).
+ " SET `changed` = ".$this->db->now().", ".join(', ', $write_sql).
+ " WHERE `contact_id` = ?".
+ " AND `user_id` = ?".
+ " AND `del` <> 1",
$id,
$this->user_id
);
@@ -684,10 +707,12 @@
$this->result = null; // clear current result (from get_record())
}
- return $updated;
+ return $updated ? true : false;
}
-
+ /**
+ * Convert data stored in the database into output format
+ */
private function convert_db_data($sql_arr)
{
$record = array();
@@ -707,18 +732,29 @@
return $record;
}
-
+ /**
+ * Convert input data for storing in the database
+ */
private function convert_save_data($save_data, $record = array())
{
$out = array();
$words = '';
// copy values into vcard object
- $vcard = new rcube_vcard($record['vcard'] ? $record['vcard'] : $save_data['vcard'], RCUBE_CHARSET, false, $this->vcard_fieldmap);
+ $vcard = new rcube_vcard($record['vcard'] ?: $save_data['vcard'], RCUBE_CHARSET, false, $this->vcard_fieldmap);
$vcard->reset();
+
+ // don't store groups in vCard (#1490277)
+ $vcard->set('groups', null);
+ unset($save_data['groups']);
+
foreach ($save_data as $key => $values) {
list($field, $section) = explode(':', $key);
$fulltext = in_array($field, $this->fulltext_cols);
+ // avoid casting DateTime objects to array
+ if (is_object($values) && is_a($values, 'DateTime')) {
+ $values = array(0 => $values);
+ }
foreach ((array)$values as $value) {
if (isset($value))
$vcard->set($field, $value, $section);
@@ -751,26 +787,26 @@
return $out;
}
-
/**
* Mark one or more contact records as deleted
*
- * @param array Record identifiers
- * @param boolean Remove record(s) irreversible (unsupported)
+ * @param array $ids Record identifiers
+ * @param boolean $force Remove record(s) irreversible (unsupported)
*/
- function delete($ids, $force=true)
+ function delete($ids, $force = true)
{
- if (!is_array($ids))
+ if (!is_array($ids)) {
$ids = explode(self::SEPARATOR, $ids);
+ }
$ids = $this->db->array2list($ids, 'integer');
// flag record as deleted (always)
$this->db->query(
- "UPDATE ".$this->db->table_name($this->db_name).
- " SET del=1, changed=".$this->db->now().
- " WHERE user_id=?".
- " AND contact_id IN ($ids)",
+ "UPDATE " . $this->db->table_name($this->db_name, true).
+ " SET `del` = 1, `changed` = ".$this->db->now().
+ " WHERE `user_id` = ?".
+ " AND `contact_id` IN ($ids)",
$this->user_id
);
@@ -779,25 +815,25 @@
return $this->db->affected_rows();
}
-
/**
* Undelete one or more contact records
*
- * @param array Record identifiers
+ * @param array $ids Record identifiers
*/
function undelete($ids)
{
- if (!is_array($ids))
+ if (!is_array($ids)) {
$ids = explode(self::SEPARATOR, $ids);
+ }
$ids = $this->db->array2list($ids, 'integer');
// clear deleted flag
$this->db->query(
- "UPDATE ".$this->db->table_name($this->db_name).
- " SET del=0, changed=".$this->db->now().
- " WHERE user_id=?".
- " AND contact_id IN ($ids)",
+ "UPDATE " . $this->db->table_name($this->db_name, true).
+ " SET `del` = 0, `changed` = ".$this->db->now().
+ " WHERE `user_id` = ?".
+ " AND `contact_id` IN ($ids)",
$this->user_id
);
@@ -806,26 +842,41 @@
return $this->db->affected_rows();
}
-
/**
* Remove all records from the database
+ *
+ * @param bool $with_groups Remove also groups
+ *
+ * @return int Number of removed records
*/
- function delete_all()
+ function delete_all($with_groups = false)
{
$this->cache = null;
- $this->db->query("UPDATE ".$this->db->table_name($this->db_name).
- " SET del=1, changed=".$this->db->now().
- " WHERE user_id = ?", $this->user_id);
+ $now = $this->db->now();
- return $this->db->affected_rows();
+ $this->db->query("UPDATE " . $this->db->table_name($this->db_name, true)
+ . " SET `del` = 1, `changed` = $now"
+ . " WHERE `user_id` = ?", $this->user_id);
+
+ $count = $this->db->affected_rows();
+
+ if ($with_groups) {
+ $this->db->query("UPDATE " . $this->db->table_name($this->db_groups, true)
+ . " SET `del` = 1, `changed` = $now"
+ . " WHERE `user_id` = ?", $this->user_id);
+
+ $count += $this->db->affected_rows();
+ }
+
+ return $count;
}
-
/**
* Create a contact group with the given name
*
- * @param string The group name
+ * @param string $name The group name
+ *
* @return mixed False on error, array with record props in success
*/
function create_group($name)
@@ -836,32 +887,33 @@
$name = $this->unique_groupname($name);
$this->db->query(
- "INSERT INTO ".$this->db->table_name($this->db_groups).
- " (user_id, changed, name)".
+ "INSERT INTO " . $this->db->table_name($this->db_groups, true).
+ " (`user_id`, `changed`, `name`)".
" VALUES (".intval($this->user_id).", ".$this->db->now().", ".$this->db->quote($name).")"
);
- if ($insert_id = $this->db->insert_id($this->db_groups))
+ if ($insert_id = $this->db->insert_id($this->db_groups)) {
$result = array('id' => $insert_id, 'name' => $name);
+ }
return $result;
}
-
/**
* Delete the given group (and all linked group members)
*
- * @param string Group identifier
+ * @param string $gid Group identifier
+ *
* @return boolean True on success, false if no data was changed
*/
function delete_group($gid)
{
// flag group record as deleted
- $sql_result = $this->db->query(
- "UPDATE ".$this->db->table_name($this->db_groups).
- " SET del=1, changed=".$this->db->now().
- " WHERE contactgroup_id=?".
- " AND user_id=?",
+ $this->db->query(
+ "UPDATE " . $this->db->table_name($this->db_groups, true)
+ . " SET `del` = 1, `changed` = " . $this->db->now()
+ . " WHERE `contactgroup_id` = ?"
+ . " AND `user_id` = ?",
$gid, $this->user_id
);
@@ -870,84 +922,90 @@
return $this->db->affected_rows();
}
-
/**
* Rename a specific contact group
*
- * @param string Group identifier
- * @param string New name to set for this group
+ * @param string $gid Group identifier
+ * @param string $name New name to set for this group
+ * @param string $new_gid (not used)
+ *
* @return boolean New name on success, false if no data was changed
*/
- function rename_group($gid, $newname, &$new_gid)
+ function rename_group($gid, $name, &$new_gid)
{
// make sure we have a unique name
- $name = $this->unique_groupname($newname);
+ $name = $this->unique_groupname($name);
$sql_result = $this->db->query(
- "UPDATE ".$this->db->table_name($this->db_groups).
- " SET name=?, changed=".$this->db->now().
- " WHERE contactgroup_id=?".
- " AND user_id=?",
+ "UPDATE " . $this->db->table_name($this->db_groups, true).
+ " SET `name` = ?, `changed` = ".$this->db->now().
+ " WHERE `contactgroup_id` = ?".
+ " AND `user_id` = ?",
$name, $gid, $this->user_id
);
- return $this->db->affected_rows() ? $name : false;
+ return $this->db->affected_rows($sql_result) ? $name : false;
}
-
/**
* Add the given contact records the a certain group
*
- * @param string Group identifier
- * @param array List of contact identifiers to be added
- * @return int Number of contacts added
+ * @param string Group identifier
+ * @param array|string List of contact identifiers to be added
+ *
+ * @return int Number of contacts added
*/
function add_to_group($group_id, $ids)
{
- if (!is_array($ids))
+ if (!is_array($ids)) {
$ids = explode(self::SEPARATOR, $ids);
+ }
- $added = 0;
+ $added = 0;
$exists = array();
// get existing assignments ...
$sql_result = $this->db->query(
- "SELECT contact_id FROM ".$this->db->table_name($this->db_groupmembers).
- " WHERE contactgroup_id=?".
- " AND contact_id IN (".$this->db->array2list($ids, 'integer').")",
+ "SELECT `contact_id` FROM " . $this->db->table_name($this->db_groupmembers, true).
+ " WHERE `contactgroup_id` = ?".
+ " AND `contact_id` IN (".$this->db->array2list($ids, 'integer').")",
$group_id
);
+
while ($sql_result && ($sql_arr = $this->db->fetch_assoc($sql_result))) {
$exists[] = $sql_arr['contact_id'];
}
+
// ... and remove them from the list
$ids = array_diff($ids, $exists);
foreach ($ids as $contact_id) {
$this->db->query(
- "INSERT INTO ".$this->db->table_name($this->db_groupmembers).
- " (contactgroup_id, contact_id, created)".
+ "INSERT INTO " . $this->db->table_name($this->db_groupmembers, true).
+ " (`contactgroup_id`, `contact_id`, `created`)".
" VALUES (?, ?, ".$this->db->now().")",
$group_id,
$contact_id
);
- if ($error = $this->db->is_error())
+ if ($error = $this->db->is_error()) {
$this->set_error(self::ERROR_SAVING, $error);
- else
+ }
+ else {
$added++;
+ }
}
return $added;
}
-
/**
* Remove the given contact records from a certain group
*
- * @param string Group identifier
- * @param array List of contact identifiers to be removed
- * @return int Number of deleted group members
+ * @param string Group identifier
+ * @param array|string List of contact identifiers to be removed
+ *
+ * @return int Number of deleted group members
*/
function remove_from_group($group_id, $ids)
{
@@ -957,33 +1015,34 @@
$ids = $this->db->array2list($ids, 'integer');
$sql_result = $this->db->query(
- "DELETE FROM ".$this->db->table_name($this->db_groupmembers).
- " WHERE contactgroup_id=?".
- " AND contact_id IN ($ids)",
+ "DELETE FROM " . $this->db->table_name($this->db_groupmembers, true).
+ " WHERE `contactgroup_id` = ?".
+ " AND `contact_id` IN ($ids)",
$group_id
);
- return $this->db->affected_rows();
+ return $this->db->affected_rows($sql_result);
}
-
/**
* Check for existing groups with the same name
*
- * @param string Name to check
+ * @param string $name Name to check
+ *
* @return string A group name which is unique for the current use
*/
private function unique_groupname($name)
{
$checkname = $name;
- $num = 2; $hit = false;
+ $num = 2;
+ $hit = false;
do {
$sql_result = $this->db->query(
- "SELECT 1 FROM ".$this->db->table_name($this->db_groups).
- " WHERE del<>1".
- " AND user_id=?".
- " AND name=?",
+ "SELECT 1 FROM " . $this->db->table_name($this->db_groups, true).
+ " WHERE `del` <> 1".
+ " AND `user_id` = ?".
+ " AND `name` = ?",
$this->user_id,
$checkname);
@@ -991,9 +1050,9 @@
if ($hit = $this->db->fetch_array($sql_result)) {
$checkname = $name . ' ' . $num++;
}
- } while ($hit);
+ }
+ while ($hit);
return $checkname;
}
-
}
--
Gitblit v1.9.1