diff options
-rw-r--r-- | program/include/rcube_user.php | 793 |
1 files changed, 398 insertions, 395 deletions
diff --git a/program/include/rcube_user.php b/program/include/rcube_user.php index 2d0eff2da..ec107282a 100644 --- a/program/include/rcube_user.php +++ b/program/include/rcube_user.php @@ -29,457 +29,460 @@ */ class rcube_user { - public $ID = null; - public $data = null; - public $language = null; - - private $db = null; - - - /** - * Object constructor - * - * @param object DB Database connection - */ - function __construct($id = null, $sql_arr = null) - { - $this->db = rcmail::get_instance()->get_dbh(); - - if ($id && !$sql_arr) + public $ID = null; + public $data = null; + public $language = null; + + private $db = null; + + + /** + * Object constructor + * + * @param object DB Database connection + */ + function __construct($id = null, $sql_arr = null) { - $sql_result = $this->db->query("SELECT * FROM ".get_table_name('users')." WHERE user_id=?", $id); - $sql_arr = $this->db->fetch_assoc($sql_result); - } + $this->db = rcmail::get_instance()->get_dbh(); - if (!empty($sql_arr)) + if ($id && !$sql_arr) { + $sql_result = $this->db->query( + "SELECT * FROM ".get_table_name('users')." WHERE user_id = ?", $id); + $sql_arr = $this->db->fetch_assoc($sql_result); + } + + if (!empty($sql_arr)) { + $this->ID = $sql_arr['user_id']; + $this->data = $sql_arr; + $this->language = $sql_arr['language']; + } + } + + + /** + * Build a user name string (as e-mail address) + * + * @return string Full user name + */ + function get_username() { - $this->ID = $sql_arr['user_id']; - $this->data = $sql_arr; - $this->language = $sql_arr['language']; + if ($this->data['username']) { + if (!strpos($this->data['username'], '@')) + return $this->data['username'] . '@' . $this->data['mail_host']; + else + return $this->data['username']; + } + + return false; } - } - - - /** - * Build a user name string (as e-mail address) - * - * @return string Full user name - */ - function get_username() - { - return $this->data['username'] ? $this->data['username'] . (!strpos($this->data['username'], '@') ? '@'.$this->data['mail_host'] : '') : false; - } - - - /** - * Get the preferences saved for this user - * - * @return array Hash array with prefs - */ - function get_prefs() - { - if (!empty($this->language)) - $prefs = array('language' => $this->language); + + + /** + * Get the preferences saved for this user + * + * @return array Hash array with prefs + */ + function get_prefs() + { + if (!empty($this->language)) + $prefs = array('language' => $this->language); - if ($this->ID && $this->data['preferences']) - $prefs += (array)unserialize($this->data['preferences']); + if ($this->ID && $this->data['preferences']) + $prefs += (array)unserialize($this->data['preferences']); - return $prefs; - } + return $prefs; + } - /** - * Write the given user prefs to the user's record - * - * @param array User prefs to save - * @return boolean True on success, False on failure - */ - function save_prefs($a_user_prefs) - { - if (!$this->ID) - return false; + /** + * Write the given user prefs to the user's record + * + * @param array User prefs to save + * @return boolean True on success, False on failure + */ + function save_prefs($a_user_prefs) + { + if (!$this->ID) + return false; - $config = rcmail::get_instance()->config; - $old_prefs = (array)$this->get_prefs(); + $config = rcmail::get_instance()->config; + $old_prefs = (array)$this->get_prefs(); - // merge (partial) prefs array with existing settings - $save_prefs = $a_user_prefs + $old_prefs; - unset($save_prefs['language']); + // merge (partial) prefs array with existing settings + $save_prefs = $a_user_prefs + $old_prefs; + unset($save_prefs['language']); - // don't save prefs with default values if they haven't been changed yet - foreach ($a_user_prefs as $key => $value) { - if (!isset($old_prefs[$key]) && ($value == $config->get($key))) - unset($save_prefs[$key]); - } + // don't save prefs with default values if they haven't been changed yet + foreach ($a_user_prefs as $key => $value) { + if (!isset($old_prefs[$key]) && ($value == $config->get($key))) + unset($save_prefs[$key]); + } - $save_prefs = serialize($save_prefs); - - $this->db->query( - "UPDATE ".get_table_name('users')." - SET preferences=?, - language=? - WHERE user_id=?", - $save_prefs, - $_SESSION['language'], - $this->ID); - - $this->language = $_SESSION['language']; - if ($this->db->affected_rows()) { - $config->set_user_prefs($a_user_prefs); - $this->data['preferences'] = $save_prefs; - return true; + $save_prefs = serialize($save_prefs); + + $this->db->query( + "UPDATE ".get_table_name('users'). + " SET preferences = ?". + ", language = ?". + " WHERE user_id = ?", + $save_prefs, + $_SESSION['language'], + $this->ID); + + $this->language = $_SESSION['language']; + + if ($this->db->affected_rows()) { + $config->set_user_prefs($a_user_prefs); + $this->data['preferences'] = $save_prefs; + return true; + } + + return false; } - return false; - } - - - /** - * Get default identity of this user - * - * @param int Identity ID. If empty, the default identity is returned - * @return array Hash array with all cols of the identity record - */ - function get_identity($id = null) - { - $result = $this->list_identities($id ? sprintf('AND identity_id=%d', $id) : ''); - return $result[0]; - } - - - /** - * Return a list of all identities linked with this user - * - * @return array List of identities - */ - function list_identities($sql_add = '') - { - // get contacts from DB - $sql_result = $this->db->query( - "SELECT * FROM ".get_table_name('identities')." - WHERE del<>1 AND user_id=? - $sql_add - ORDER BY ".$this->db->quoteIdentifier('standard')." DESC, name ASC, identity_id ASC", - $this->ID); - - $result = array(); - while ($sql_arr = $this->db->fetch_assoc($sql_result)) { - $result[] = $sql_arr; + + /** + * Get default identity of this user + * + * @param int Identity ID. If empty, the default identity is returned + * @return array Hash array with all cols of the identity record + */ + function get_identity($id = null) + { + $result = $this->list_identities($id ? sprintf('AND identity_id = %d', $id) : ''); + return $result[0]; } + + + /** + * Return a list of all identities linked with this user + * + * @return array List of identities + */ + function list_identities($sql_add = '') + { + $result = array(); + + $sql_result = $this->db->query( + "SELECT * FROM ".get_table_name('identities'). + " WHERE del <> 1 AND user_id = ?". + ($sql_add ? " ".$sql_add : ""). + " ORDER BY ".$this->db->quoteIdentifier('standard')." DESC, name ASC, identity_id ASC", + $this->ID); - return $result; - } - - - /** - * Update a specific identity record - * - * @param int Identity ID - * @param array Hash array with col->value pairs to save - * @return boolean True if saved successfully, false if nothing changed - */ - function update_identity($iid, $data) - { - if (!$this->ID) - return false; - - $query_cols = $query_params = array(); + while ($sql_arr = $this->db->fetch_assoc($sql_result)) { + $result[] = $sql_arr; + } - foreach ((array)$data as $col => $value) - { - $query_cols[] = $this->db->quoteIdentifier($col) . '=?'; - $query_params[] = $value; + return $result; } - $query_params[] = $iid; - $query_params[] = $this->ID; - $sql = "UPDATE ".get_table_name('identities')." - SET changed=".$this->db->now().", ".join(', ', $query_cols)." - WHERE identity_id=? - AND user_id=? - AND del<>1"; - call_user_func_array(array($this->db, 'query'), - array_merge(array($sql), $query_params)); + /** + * Update a specific identity record + * + * @param int Identity ID + * @param array Hash array with col->value pairs to save + * @return boolean True if saved successfully, false if nothing changed + */ + function update_identity($iid, $data) + { + if (!$this->ID) + return false; + + $query_cols = $query_params = array(); - return $this->db->affected_rows(); - } + foreach ((array)$data as $col => $value) { + $query_cols[] = $this->db->quoteIdentifier($col) . ' = ?'; + $query_params[] = $value; + } + $query_params[] = $iid; + $query_params[] = $this->ID; + + $sql = "UPDATE ".get_table_name('identities'). + " SET changed = ".$this->db->now().", ".join(', ', $query_cols). + " WHERE identity_id = ?". + " AND user_id = ?". + " AND del <> 1"; + + call_user_func_array(array($this->db, 'query'), + array_merge(array($sql), $query_params)); + + return $this->db->affected_rows(); + } - /** - * Create a new identity record linked with this user - * - * @param array Hash array with col->value pairs to save - * @return int The inserted identity ID or false on error - */ - function insert_identity($data) - { - if (!$this->ID) - return false; - - unset($data['user_id']); - - $insert_cols = $insert_values = array(); - foreach ((array)$data as $col => $value) + /** + * Create a new identity record linked with this user + * + * @param array Hash array with col->value pairs to save + * @return int The inserted identity ID or false on error + */ + function insert_identity($data) { - $insert_cols[] = $this->db->quoteIdentifier($col); - $insert_values[] = $value; - } - $insert_cols[] = 'user_id'; - $insert_values[] = $this->ID; + if (!$this->ID) + return false; + + unset($data['user_id']); + + $insert_cols = $insert_values = array(); + foreach ((array)$data as $col => $value) { + $insert_cols[] = $this->db->quoteIdentifier($col); + $insert_values[] = $value; + } + $insert_cols[] = 'user_id'; + $insert_values[] = $this->ID; - $sql = "INSERT INTO ".get_table_name('identities')." - (changed, ".join(', ', $insert_cols).") - VALUES (".$this->db->now().", ".join(', ', array_pad(array(), sizeof($insert_values), '?')).")"; + $sql = "INSERT INTO ".get_table_name('identities'). + " (changed, ".join(', ', $insert_cols).")". + " VALUES (".$this->db->now().", ".join(', ', array_pad(array(), sizeof($insert_values), '?')).")"; - call_user_func_array(array($this->db, 'query'), - array_merge(array($sql), $insert_values)); + call_user_func_array(array($this->db, 'query'), + array_merge(array($sql), $insert_values)); - return $this->db->insert_id('identities'); - } + return $this->db->insert_id('identities'); + } - /** - * Mark the given identity as deleted - * - * @param int Identity ID - * @return boolean True if deleted successfully, false if nothing changed - */ - function delete_identity($iid) - { - if (!$this->ID) - return false; - - $sql_result = $this->db->query( - "SELECT count(*) AS ident_count FROM ".get_table_name('identities')." - WHERE user_id = ? AND del <> 1", - $this->ID); - - $sql_arr = $this->db->fetch_assoc($sql_result); - if ($sql_arr['ident_count'] <= 1) - return false; + /** + * Mark the given identity as deleted + * + * @param int Identity ID + * @return boolean True if deleted successfully, false if nothing changed + */ + function delete_identity($iid) + { + if (!$this->ID) + return false; + + $sql_result = $this->db->query( + "SELECT count(*) AS ident_count FROM ".get_table_name('identities'). + " WHERE user_id = ? AND del <> 1", + $this->ID); + + $sql_arr = $this->db->fetch_assoc($sql_result); + + // we'll not delete last identity + if ($sql_arr['ident_count'] <= 1) + return false; - $this->db->query( - "UPDATE ".get_table_name('identities')." - SET del=1, changed=".$this->db->now()." - WHERE user_id=? - AND identity_id=?", - $this->ID, - $iid); - - return $this->db->affected_rows(); - } + $this->db->query( + "UPDATE ".get_table_name('identities'). + " SET del = 1, changed = ".$this->db->now(). + " WHERE user_id = ?". + " AND identity_id = ?", + $this->ID, + $iid); + + return $this->db->affected_rows(); + } - /** - * Make this identity the default one for this user - * - * @param int The identity ID - */ - function set_default($iid) - { - if ($this->ID && $iid) + /** + * Make this identity the default one for this user + * + * @param int The identity ID + */ + function set_default($iid) { - $this->db->query( - "UPDATE ".get_table_name('identities')." - SET ".$this->db->quoteIdentifier('standard')."='0' - WHERE user_id=? - AND identity_id<>? - AND del<>1", - $this->ID, - $iid); + if ($this->ID && $iid) { + $this->db->query( + "UPDATE ".get_table_name('identities'). + " SET ".$this->db->quoteIdentifier('standard')." = '0'". + " WHERE user_id = ?". + " AND identity_id <> ?". + " AND del <> 1", + $this->ID, + $iid); + } } - } - /** - * Update user's last_login timestamp - */ - function touch() - { - if ($this->ID) + /** + * Update user's last_login timestamp + */ + function touch() { - $this->db->query( - "UPDATE ".get_table_name('users')." - SET last_login=".$this->db->now()." - WHERE user_id=?", - $this->ID); + if ($this->ID) { + $this->db->query( + "UPDATE ".get_table_name('users'). + " SET last_login = ".$this->db->now(). + " WHERE user_id = ?", + $this->ID); + } } - } - /** - * Clear the saved object state - */ - function reset() - { - $this->ID = null; - $this->data = null; - } + /** + * Clear the saved object state + */ + function reset() + { + $this->ID = null; + $this->data = null; + } - /** - * Find a user record matching the given name and host - * - * @param string IMAP user name - * @param string IMAP host name - * @return object rcube_user New user instance - */ - static function query($user, $host) - { - $dbh = rcmail::get_instance()->get_dbh(); + /** + * Find a user record matching the given name and host + * + * @param string IMAP user name + * @param string IMAP host name + * @return object rcube_user New user instance + */ + static function query($user, $host) + { + $dbh = rcmail::get_instance()->get_dbh(); - // query for matching user name - $query = "SELECT * FROM ".get_table_name('users')." WHERE mail_host=? AND %s=?"; - $sql_result = $dbh->query(sprintf($query, 'username'), $host, $user); + // query for matching user name + $query = "SELECT * FROM ".get_table_name('users')." WHERE mail_host = ? AND %s = ?"; + $sql_result = $dbh->query(sprintf($query, 'username'), $host, $user); - // query for matching alias - if (!($sql_arr = $dbh->fetch_assoc($sql_result))) { - $sql_result = $dbh->query(sprintf($query, 'alias'), $host, $user); - $sql_arr = $dbh->fetch_assoc($sql_result); - } + // query for matching alias + if (!($sql_arr = $dbh->fetch_assoc($sql_result))) { + $sql_result = $dbh->query(sprintf($query, 'alias'), $host, $user); + $sql_arr = $dbh->fetch_assoc($sql_result); + } - // user already registered -> overwrite username - if ($sql_arr) - return new rcube_user($sql_arr['user_id'], $sql_arr); - else - return false; - } + // user already registered -> overwrite username + if ($sql_arr) + return new rcube_user($sql_arr['user_id'], $sql_arr); + else + return false; + } - /** - * Create a new user record and return a rcube_user instance - * - * @param string IMAP user name - * @param string IMAP host - * @return object rcube_user New user instance - */ - static function create($user, $host) - { - $user_name = ''; - $user_email = ''; - $rcmail = rcmail::get_instance(); - - // try to resolve user in virtuser table and file - if ($email_list = self::user2email($user, false, true)) { - $user_email = is_array($email_list[0]) ? $email_list[0]['email'] : $email_list[0]; - } - - $data = $rcmail->plugins->exec_hook('create_user', - array('user'=>$user, 'user_name'=>$user_name, 'user_email'=>$user_email)); - - // plugin aborted this operation - if ($data['abort']) - return false; - - $user_name = $data['user_name']; - $user_email = $data['user_email']; - - $dbh = $rcmail->get_dbh(); - - $dbh->query( - "INSERT INTO ".get_table_name('users')." - (created, last_login, username, mail_host, alias, language) - VALUES (".$dbh->now().", ".$dbh->now().", ?, ?, ?, ?)", - strip_newlines($user), - strip_newlines($host), - strip_newlines($data['alias'] ? $data['alias'] : $user_email), - $_SESSION['language']); - - if ($user_id = $dbh->insert_id('users')) + /** + * Create a new user record and return a rcube_user instance + * + * @param string IMAP user name + * @param string IMAP host + * @return object rcube_user New user instance + */ + static function create($user, $host) { - // create rcube_user instance to make plugin hooks work - $user_instance = new rcube_user($user_id); - $rcmail->user = $user_instance; - - $mail_domain = $rcmail->config->mail_domain($host); - - if ($user_email=='') - $user_email = strpos($user, '@') ? $user : sprintf('%s@%s', $user, $mail_domain); + $user_name = ''; + $user_email = ''; + $rcmail = rcmail::get_instance(); - if ($user_name == '') { - $user_name = $user != $user_email ? $user : ''; - } - - if (empty($email_list)) - $email_list[] = strip_newlines($user_email); - // identities_level check - else if (count($email_list) > 1 && $rcmail->config->get('identities_level', 0) > 1) - $email_list = array($email_list[0]); - - // create new identities records - $standard = 1; - foreach ($email_list as $row) { - $record = array(); + // try to resolve user in virtuser table and file + if ($email_list = self::user2email($user, false, true)) { + $user_email = is_array($email_list[0]) ? $email_list[0]['email'] : $email_list[0]; + } - if (is_array($row)) { - $record = $row; + $data = $rcmail->plugins->exec_hook('create_user', + array('user'=>$user, 'user_name'=>$user_name, 'user_email'=>$user_email)); + + // plugin aborted this operation + if ($data['abort']) + return false; + + $user_name = $data['user_name']; + $user_email = $data['user_email']; + + $dbh = $rcmail->get_dbh(); + + $dbh->query( + "INSERT INTO ".get_table_name('users'). + " (created, last_login, username, mail_host, alias, language)". + " VALUES (".$dbh->now().", ".$dbh->now().", ?, ?, ?, ?)", + strip_newlines($user), + strip_newlines($host), + strip_newlines($data['alias'] ? $data['alias'] : $user_email), + $_SESSION['language']); + + if ($user_id = $dbh->insert_id('users')) { + // create rcube_user instance to make plugin hooks work + $user_instance = new rcube_user($user_id); + $rcmail->user = $user_instance; + + $mail_domain = $rcmail->config->mail_domain($host); + + if ($user_email == '') { + $user_email = strpos($user, '@') ? $user : sprintf('%s@%s', $user, $mail_domain); + } + if ($user_name == '') { + $user_name = $user != $user_email ? $user : ''; + } + + if (empty($email_list)) + $email_list[] = strip_newlines($user_email); + // identities_level check + else if (count($email_list) > 1 && $rcmail->config->get('identities_level', 0) > 1) + $email_list = array($email_list[0]); + + // create new identities records + $standard = 1; + foreach ($email_list as $row) { + $record = array(); + + if (is_array($row)) { + $record = $row; + } + else { + $record['email'] = $row; + } + + if (empty($record['name'])) + $record['name'] = $user_name; + $record['name'] = strip_newlines($record['name']); + $record['user_id'] = $user_id; + $record['standard'] = $standard; + + $plugin = $rcmail->plugins->exec_hook('create_identity', + array('login' => true, 'record' => $record)); + + if (!$plugin['abort'] && $plugin['record']['email']) { + $rcmail->user->insert_identity($plugin['record']); + } + $standard = 0; + } } else { - $record['email'] = $row; + raise_error(array( + 'code' => 500, + 'type' => 'php', + 'line' => __LINE__, + 'file' => __FILE__, + 'message' => "Failed to create new user"), true, false); } + + return $user_id ? $user_instance : false; + } + + + /** + * Resolve username using a virtuser plugins + * + * @param string E-mail address to resolve + * @return string Resolved IMAP username + */ + static function email2user($email) + { + $rcmail = rcmail::get_instance(); + $plugin = $rcmail->plugins->exec_hook('email2user', + array('email' => $email, 'user' => NULL)); - if (empty($record['name'])) - $record['name'] = $user_name; - $record['name'] = strip_newlines($record['name']); - $record['user_id'] = $user_id; - $record['standard'] = $standard; - - $plugin = $rcmail->plugins->exec_hook('create_identity', - array('login' => true, 'record' => $record)); - - if (!$plugin['abort'] && $plugin['record']['email']) { - $rcmail->user->insert_identity($plugin['record']); - } - $standard = 0; - } + return $plugin['user']; } - else + + + /** + * Resolve e-mail address from virtuser plugins + * + * @param string User name + * @param boolean If true returns first found entry + * @param boolean If true returns email as array (email and name for identity) + * @return mixed Resolved e-mail address string or array of strings + */ + static function user2email($user, $first=true, $extended=false) { - raise_error(array( - 'code' => 500, - 'type' => 'php', - 'line' => __LINE__, - 'file' => __FILE__, - 'message' => "Failed to create new user"), true, false); + $rcmail = rcmail::get_instance(); + $plugin = $rcmail->plugins->exec_hook('user2email', + array('email' => NULL, 'user' => $user, + 'first' => $first, 'extended' => $extended)); + + return empty($plugin['email']) ? NULL : $plugin['email']; } - - return $user_id ? $user_instance : false; - } - - - /** - * Resolve username using a virtuser plugins - * - * @param string E-mail address to resolve - * @return string Resolved IMAP username - */ - static function email2user($email) - { - $rcmail = rcmail::get_instance(); - $plugin = $rcmail->plugins->exec_hook('email2user', - array('email' => $email, 'user' => NULL)); - - return $plugin['user']; - } - - - /** - * Resolve e-mail address from virtuser plugins - * - * @param string User name - * @param boolean If true returns first found entry - * @param boolean If true returns email as array (email and name for identity) - * @return mixed Resolved e-mail address string or array of strings - */ - static function user2email($user, $first=true, $extended=false) - { - $rcmail = rcmail::get_instance(); - $plugin = $rcmail->plugins->exec_hook('user2email', - array('email' => NULL, 'user' => $user, - 'first' => $first, 'extended' => $extended)); - - return empty($plugin['email']) ? NULL : $plugin['email']; - } } |