From fbf77b4493f1b77c99751d8a86365c712ae3fb1b Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Fri, 18 Nov 2005 10:35:15 -0500
Subject: [PATCH] Added Japanese localization

---
 program/steps/addressbook/save.inc |   39 ++++++++++++++++++++++++++++++++-------
 1 files changed, 32 insertions(+), 7 deletions(-)

diff --git a/program/steps/addressbook/save.inc b/program/steps/addressbook/save.inc
index 3e2cfae..2f54e43 100644
--- a/program/steps/addressbook/save.inc
+++ b/program/steps/addressbook/save.inc
@@ -23,6 +23,15 @@
 $a_save_cols = array('name', 'firstname', 'surname', 'email');
 
 
+// check input
+if (empty($_POST['_name']) || empty($_POST['_email']))
+  {
+  show_message('formincomplete', 'warning');
+  rcmail_overwrite_action($_POST['_cid'] ? 'show' : 'add');
+  return;
+  }
+
+
 // update an existing contact
 if ($_POST['_cid'])
   {
@@ -34,13 +43,13 @@
     if (!isset($_POST[$fname]))
       continue;
     
-    $a_write_sql[] = sprintf("%s='%s'", $col, addslashes(strip_tags($_POST[$fname])));
+    $a_write_sql[] = sprintf("%s=%s", $DB->quoteIdentifier($col), $DB->quote(strip_tags($_POST[$fname])));
     }
 
   if (sizeof($a_write_sql))
     {
     $DB->query("UPDATE ".get_table_name('contacts')."
-                SET    ".join(', ', $a_write_sql)."
+                SET    changed=now(), ".join(', ', $a_write_sql)."
                 WHERE  contact_id=?
                 AND    user_id=?
                 AND    del<>'1'",
@@ -87,7 +96,7 @@
     {
     // show error message
     show_message('errorsaving', 'error');
-    $_action = 'show';
+    rcmail_overwrite_action('show');
     }
   }
 
@@ -95,6 +104,22 @@
 else
   {
   $a_insert_cols = $a_insert_values = array();
+  
+  // check for existing contacts
+  $sql_result = $DB->query("SELECT 1 FROM ".get_table_name('contacts')."
+                            WHERE  user_id=?
+                            AND    email=?
+                            AND    del<>'1'",
+                           $_SESSION['user_id'],
+                           $_POST['_email']);
+
+  // show warning message
+  if ($DB->num_rows($sql_result))
+    {
+    show_message('contactexists', 'warning');
+    $_action = 'add';
+    return;
+    }
 
   foreach ($a_save_cols as $col)
     {
@@ -103,14 +128,14 @@
       continue;
     
     $a_insert_cols[] = $col;
-    $a_insert_values[] = sprintf("'%s'", addslashes(strip_tags($_POST[$fname])));
+    $a_insert_values[] = $DB->quote(strip_tags($_POST[$fname]));
     }
     
   if (sizeof($a_insert_cols))
     {
     $DB->query("INSERT INTO ".get_table_name('contacts')."
-                (user_id, ".join(', ', $a_insert_cols).")
-                VALUES (?, ".join(', ', $a_insert_values).")",
+                (user_id, changed, ".join(', ', $a_insert_cols).")
+                VALUES (?, now(), ".join(', ', $a_insert_values).")",
                 $_SESSION['user_id']);
                        
     $insert_id = $DB->insert_id();
@@ -153,7 +178,7 @@
     {
     // show error message
     show_message('errorsaving', 'error');
-    $_action = 'add';
+    rcmail_overwrite_action('add');
     }
   }
 

--
Gitblit v1.9.1