From e58f3d8c2bc8ee41174b3cabb4ccddd7b9c918c9 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Thu, 09 May 2013 04:05:25 -0400
Subject: [PATCH] Validate e-mail address in new_user_dialog (#1486498), use AJAX for form submission, don't reload the page after successful form submission

---
 plugins/new_user_dialog/new_user_dialog.php |   61 ++++++++++++++++++++----------
 1 files changed, 41 insertions(+), 20 deletions(-)

diff --git a/plugins/new_user_dialog/new_user_dialog.php b/plugins/new_user_dialog/new_user_dialog.php
index 8d641c9..39a7076 100644
--- a/plugins/new_user_dialog/new_user_dialog.php
+++ b/plugins/new_user_dialog/new_user_dialog.php
@@ -10,10 +10,12 @@
  * @version @package_version@
  * @license GNU GPLv3+
  * @author Thomas Bruederli
+ * @author Aleksander Machniak
  */
 class new_user_dialog extends rcube_plugin
 {
   public $task = 'login|mail';
+  public $noframe = true;
 
   function init()
   {
@@ -32,8 +34,9 @@
   function create_identity($p)
   {
     // set session flag when a new user was created and the default identity seems to be incomplete
-    if ($p['login'] && !$p['complete'])
+    if ($p['login'] && !$p['complete']) {
       $_SESSION['plugin.newuserdialog'] = true;
+    }
   }
 
   /**
@@ -86,7 +89,6 @@
             'id' => 'newuserdialog',
             'action' => $rcmail->url('plugin.newusersave'),
             'method' => 'post'),
-          html::tag('h3', null, rcube::Q($this->gettext('identitydialogtitle'))) .
           html::p('hint', rcube::Q($this->gettext('identitydialoghint'))) .
           $table->show() .
           html::p(array('class' => 'formbuttons'),
@@ -94,12 +96,23 @@
               'class' => 'button mainaction', 'value' => $this->gettext('save'))))
         ));
 
+      $title = rcube::JQ($this->gettext('identitydialogtitle'));
+
       // disable keyboard events for messages list (#1486726)
-      $rcmail->output->add_script(
-        "rcmail.message_list.key_press = function(){};
-         rcmail.message_list.key_down = function(){};
-         $('#newuserdialog').show().dialog({ modal:true, resizable:false, closeOnEscape:false, width:420 });
-         $('input[name=_name]').focus();
+      $rcmail->output->add_script("
+        $('#newuserdialog').show()
+          .dialog({modal:true, resizable:false, closeOnEscape:false, width:450, title:'$title'})
+          .submit(function() {
+            var i, request = {}, form = $(this).serializeArray();
+
+            for (i in form)
+              request[form[i].name] = form[i].value;
+
+            rcmail.http_post('plugin.newusersave', request, true);
+            return false;
+          });
+        $('input[name=_name]').focus();
+        rcube_webmail.prototype.new_user_dialog_close = function() { $('#newuserdialog').dialog('close'); }
         ", 'docready');
 
       $this->include_stylesheet('newuserdialog.css');
@@ -107,16 +120,16 @@
   }
 
   /**
-   * Handler for submitted form
+   * Handler for submitted form (ajax request)
    *
    * Check fields and save to default identity if valid.
    * Afterwards the session flag is removed and we're done.
    */
   function save_data()
   {
-    $rcmail = rcmail::get_instance();
-    $identity = $rcmail->user->get_identity();
-    $identities_level = intval($rcmail->config->get('identities_level', 0));
+    $rcmail      = rcmail::get_instance();
+    $identity    = $rcmail->user->get_identity();
+    $ident_level = intval($rcmail->config->get('identities_level', 0));
 
     $save_data = array(
       'name'         => rcube_utils::get_input_value('_name', rcube_utils::INPUT_POST),
@@ -126,18 +139,26 @@
     );
 
     // don't let the user alter the e-mail address if disabled by config
-    if (in_array($identities_level, array(1,3,4)))
+    if (in_array($ident_level, array(1,3,4))) {
       $save_data['email'] = $identity['email'];
-    else
-      $save_data['email'] = rcube_utils::idn_to_ascii($save_data['email']);
-
-    // save data if not empty
-    if (!empty($save_data['name']) && !empty($save_data['email'])) {
-      $rcmail->user->update_identity($identity['identity_id'], $save_data);
-      $rcmail->session->remove('plugin.newuserdialog');
     }
 
-    $rcmail->output->redirect('');
+    if (empty($save_data['name']) || empty($save_data['email'])) {
+      $rcmail->output->show_message('formincomplete', 'error');
+    }
+    else if (!rcube_utils::check_email($save_data['email'] = rcube_utils::idn_to_ascii($save_data['email']))) {
+      $rcmail->output->show_message('emailformaterror', 'error', array('email' => $save_data['email']));
+    }
+    else {
+      // save data
+      $rcmail->user->update_identity($identity['identity_id'], $save_data);
+      $rcmail->session->remove('plugin.newuserdialog');
+      // hide dialog
+      $rcmail->output->command('new_user_dialog_close');
+      $rcmail->output->show_message('successfullysaved', 'confirmation');
+    }
+
+    $rcmail->output->send();
   }
 
 }

--
Gitblit v1.9.1