summaryrefslogtreecommitdiff
path: root/program/steps/addressbook
diff options
context:
space:
mode:
Diffstat (limited to 'program/steps/addressbook')
-rw-r--r--program/steps/addressbook/func.inc3
-rw-r--r--program/steps/addressbook/ldapsearchform.inc264
-rw-r--r--program/steps/addressbook/save.inc162
3 files changed, 383 insertions, 46 deletions
diff --git a/program/steps/addressbook/func.inc b/program/steps/addressbook/func.inc
index 8065219b0..ee3b8804a 100644
--- a/program/steps/addressbook/func.inc
+++ b/program/steps/addressbook/func.inc
@@ -81,6 +81,7 @@ function rcmail_contacts_list($attrib)
$javascript = sprintf("%s.gui_object('contactslist', '%s');\n", $JS_OBJECT_NAME, $attrib['id']);
$javascript .= sprintf("%s.set_env('current_page', %d);\n", $JS_OBJECT_NAME, $CONTACTS_LIST['page']);
$javascript .= sprintf("%s.set_env('pagecount', %d);\n", $JS_OBJECT_NAME, ceil($rowcount/$CONFIG['pagesize']));
+ $javascript .= "rcmail.set_env('newcontact', '" . rcube_label('newcontact') . "');";
//$javascript .= sprintf("%s.set_env('contacts', %s);", $JS_OBJECT_NAME, array2js($a_js_message_arr));
$OUTPUT->add_script($javascript);
@@ -191,4 +192,4 @@ function rcmail_get_rowcount_text($max=NULL)
return $out;
}
-?> \ No newline at end of file
+?>
diff --git a/program/steps/addressbook/ldapsearchform.inc b/program/steps/addressbook/ldapsearchform.inc
new file mode 100644
index 000000000..f7d7cc9f5
--- /dev/null
+++ b/program/steps/addressbook/ldapsearchform.inc
@@ -0,0 +1,264 @@
+<?php
+
+/*
+ +-----------------------------------------------------------------------+
+ | program/steps/addressbook/ldapsearch.inc |
+ | |
+ | This file is part of the RoundCube Webmail client |
+ | Copyright (C) 2005, RoundCube Dev. - Switzerland |
+ | Licensed under the GNU GPL |
+ | |
+ | PURPOSE: |
+ | Show an ldap search form in the addressbook |
+ | |
+ +-----------------------------------------------------------------------+
+ | Author: Justin Randell <justin.randell@gmail.com> |
+ +-----------------------------------------------------------------------+
+
+ $Id$
+
+*/
+require_once 'include/rcube_ldap.inc';
+
+/**
+ * draw the ldap public search form
+ */
+function rcmail_ldap_public_search_form($attrib)
+ {
+ global $CONFIG, $JS_OBJECT_NAME, $OUTPUT;
+ if (!$CONFIG['ldap_public'])
+ {
+ // no ldap servers to search
+ show_message('noldapserver', 'warning');
+ rcmail_overwrite_action('add');
+ return false;
+ }
+ else
+ {
+ // store some information in the session
+ $_SESSION['ldap_public']['server_count'] = $server_count = count($CONFIG['ldap_public']);
+ $_SESSION['ldap_public']['server_names'] = $server_names = array_keys($CONFIG['ldap_public']);
+ }
+
+ list($form_start, $form_end) = get_form_tags($attrib);
+ $out = "$form_start<table id=\"ldap_public_search_table\">\n\n";
+
+ // search name field
+ $search_name = new textfield(array('name' => '_ldap_public_search_name',
+ 'id' => 'rcmfd_ldap_public_search_name'));
+ $out .= "<tr><td class=\"title\"><label for=\"rcmfd_ldap_public_search_name\">" .
+ rep_specialchars_output(rcube_label('ldappublicsearchname')) .
+ "</label></td><td>" . $search_name->show() . "</td></tr>\n";
+
+
+ // there's more than one server to search for, show a dropdown menu
+ if ($server_count > 1)
+ {
+ $select_server = new select(array('name' => '_ldap_public_servers',
+ 'id' => 'rcfmd_ldap_public_servers'));
+
+ $select_server->add($server_names, $server_names);
+
+ $out .= '<tr><td class="title"><label for="rcfmd_ldap_public_servers">' .
+ rep_specialchars_output(rcube_label('ldappublicserverselect')) .
+ "</label></td><td>" . $select_server->show() . "</td></tr>\n";
+ }
+
+ // foreach configured ldap server, set up the search fields
+ for ($i = 0; $i < $server_count; $i++)
+ {
+ $server = $CONFIG['ldap_public'][$server_names[$i]];
+
+ // only display one search fields select - js takes care of the rest
+ if (!$i)
+ {
+ $field_name = '_ldap_public_search_field';
+ $field_id = 'rcfmd_ldap_public_search_field';
+
+ $search_fields = new select(array('name' => $field_name,
+ 'id' => $field_id));
+
+ $search_fields->add($server['search_fields'], $server['search_fields']);
+ $out .= '<tr><td class="title"><label for="' . $field_id . '">' .
+ rep_specialchars_output(rcube_label('ldappublicsearchfield')) .
+ "</label></td><td>" . $search_fields->show() . "</td></tr>\n";
+
+ $search_type = new checkbox(array('name' => '_ldap_public_search_type',
+ 'id' => 'rcmfd_ldap_public_search_type', 'value' => 0));
+
+ $out .= '<tr id="ldap_fuzzy_search"><td class="title"><label for="rcmfd_ldap_public_search_type">' .
+ rep_specialchars_output(rcube_label('ldappublicsearchtype')) .
+ "</label></td><td>" . $search_type->show() . "</td></tr>\n";
+ }
+
+ // store the search fields in a js array for each server
+ $js = '';
+ foreach ($server['search_fields'] as $k => $search_field)
+ $js .= "'$search_field', ";
+
+ // store whether this server accepts fuzzy search as last item in array
+ $js .= $server['fuzzy_search'] ? "'fuzzy'" : "'exact'";
+ $OUTPUT->add_script("rcmail.set_env('{$server_names[$i]}_search_fields', new Array($js));");
+ }
+
+ // add contact button label text
+ $OUTPUT->add_script("rcmail.set_env('addcontact', '" . rcube_label('addcontact') . "');");
+
+ $out .= "\n</table>$form_end";
+ return $out;
+ }
+
+/**
+ * get search values and return ldap contacts
+ */
+function rcmail_ldap_public_list()
+ {
+ // just return if we are not being called from a search form
+ if (!isset($_POST['_action']))
+ return null;
+
+ global $CONFIG, $OUTPUT, $JS_OBJECT_NAME;
+
+ // show no search name warning and exit
+ if (empty($_POST['_ldap_public_search_name']) || trim($_POST['_ldap_public_search_name']) == '')
+ {
+ show_message('nosearchname', 'warning');
+ return false;
+ }
+
+ // set up ldap server(s) array or bail
+ if ($_SESSION['ldap_public']['server_count'] > 1)
+ // show no ldap server warning and exit
+ if (empty($_POST['_ldap_public_servers']))
+ {
+ show_message('noldappublicserver', 'warning');
+ return false;
+ }
+ else
+ $server_name = $_POST['_ldap_public_servers'];
+ else if ($_SESSION['ldap_public']['server_count'] == 1)
+ $server_name = $_SESSION['ldap_public']['server_names'][0];
+ else
+ return false;
+
+ // get search parameters
+ $search_value = $_POST['_ldap_public_search_name'];
+ $search_field = $_POST['_ldap_public_search_field'];
+
+ // only use the post var for search type if the ldap server allows 'like'
+ $exact = true;
+ if ($CONFIG['ldap_public'][$server_name]['fuzzy_search'])
+ $exact = isset($_POST['_ldap_public_search_type']) ? true : false;
+
+ // perform an ldap search
+ $contacts = rcmail_ldap_contact_search($search_value,
+ $search_field,
+ $CONFIG['ldap_public'][$server_name],
+ $exact);
+
+ // if no results, show a warning and return
+ if (!$contacts)
+ {
+ show_message('nocontactsreturned', 'warning');
+ return false;
+ }
+
+ // add id to message list table if not specified
+ if (!strlen($attrib['id']))
+ $attrib['id'] = 'ldapAddressList';
+
+ // define table class
+ $attrib['class'] = 'records-table';
+ $attrib['cellspacing'] = 0;
+
+ // define list of cols to be displayed
+ $a_show_cols = array('name', 'email');
+
+ // create XHTML table
+ $out = rcube_table_output($attrib, $contacts, $a_show_cols, 'row_id');
+
+ // set client env
+ $javascript = "$JS_OBJECT_NAME.gui_object('ldapcontactslist', '{$attrib['id']}');\n";
+ $OUTPUT->add_script($javascript);
+
+ return $out;
+ }
+
+/**
+ * perform search for contacts from given public ldap server
+ */
+function rcmail_ldap_contact_search($search_value, $search_field, $server, $exact=true)
+ {
+ global $CONFIG;
+
+ $attributes = array($server['name_field'], $server['mail_field']);
+
+ $LDAP = new rcube_ldap();
+ if ($LDAP->connect($server['hosts'], $server['port'], $server['protocol']))
+ {
+ $filter = "$search_field=" . ($exact ? $search_value : "*$search_value*");
+ $result = $LDAP->search($server['base_dn'],
+ $filter,
+ $attributes,
+ $server['scope'],
+ $sort=null);
+
+ // add any results to contact array
+ if ($result['count'])
+ {
+ for ($n = 0; $n < $result['count']; $n++)
+ {
+ $contacts[$n]['name'] = $result[$n][$server['name_field']][0];
+ $contacts[$n]['email'] = $result[$n][$server['mail_field']][0];
+ $contacts[$n]['row_id'] = $n + 1;
+ }
+ }
+ }
+ else
+ return false;
+
+ // cleanup
+ $LDAP->close();
+
+ if (!$result['count'])
+ return false;
+
+ // weed out duplicate emails
+ for ($n = 0; $n < $result['count']; $n++)
+ for ($i = 0; $i < $result['count']; $i++)
+ if ($contacts[$i]['email'] == $contacts[$n]['email'] && $i != $n)
+ unset($contacts[$n]);
+
+ return $contacts;
+ }
+
+function get_form_tags($attrib)
+ {
+ global $OUTPUT, $JS_OBJECT_NAME, $EDIT_FORM, $SESS_HIDDEN_FIELD;
+
+ $form_start = '';
+ if (!strlen($EDIT_FORM))
+ {
+ $hiddenfields = new hiddenfield(array('name' => '_task', 'value' => $GLOBALS['_task']));
+ $hiddenfields->add(array('name' => '_action', 'value' => 'ldappublicsearch'));
+
+ if ($_GET['_framed'] || $_POST['_framed'])
+ $hiddenfields->add(array('name' => '_framed', 'value' => 1));
+
+ $form_start .= !strlen($attrib['form']) ? '<form name="form" action="./" method="post">' : '';
+ $form_start .= "\n$SESS_HIDDEN_FIELD\n";
+ $form_start .= $hiddenfields->show();
+ }
+
+ $form_end = (strlen($EDIT_FORM) && !strlen($attrib['form'])) ? '</form>' : '';
+ $form_name = strlen($attrib['form']) ? $attrib['form'] : 'form';
+
+ $OUTPUT->add_script("$JS_OBJECT_NAME.gui_object('ldappublicsearchform', '$form_name');");
+
+ $EDIT_FORM = $form_name;
+
+ return array($form_start, $form_end);
+ }
+
+parse_template('ldappublicsearch');
+?>
diff --git a/program/steps/addressbook/save.inc b/program/steps/addressbook/save.inc
index f5ba139b9..24e375ef7 100644
--- a/program/steps/addressbook/save.inc
+++ b/program/steps/addressbook/save.inc
@@ -19,18 +19,17 @@
*/
-
-$a_save_cols = array('name', 'firstname', 'surname', 'email');
-
-
// check input
-if (empty($_POST['_name']) || empty($_POST['_email']))
+if ((empty($_POST['_name']) || empty($_POST['_email'])) && empty($_GET['_framed']))
{
show_message('formincomplete', 'warning');
rcmail_overwrite_action($_POST['_cid'] ? 'show' : 'add');
return;
}
+// setup some vars we need
+$a_save_cols = array('name', 'firstname', 'surname', 'email');
+$contacts_table = get_table_name('contacts');
// update an existing contact
if ($_POST['_cid'])
@@ -48,7 +47,7 @@ if ($_POST['_cid'])
if (sizeof($a_write_sql))
{
- $DB->query("UPDATE ".get_table_name('contacts')."
+ $DB->query("UPDATE $contacts_table
SET changed=now(), ".join(', ', $a_write_sql)."
WHERE contact_id=?
AND user_id=?
@@ -70,7 +69,7 @@ if ($_POST['_cid'])
$a_show_cols = array('name', 'email');
$a_js_cols = array();
- $sql_result = $DB->query("SELECT * FROM ".get_table_name('contacts')."
+ $sql_result = $DB->query("SELECT * FROM $contacts_table
WHERE contact_id=?
AND user_id=?
AND del<>1",
@@ -104,64 +103,137 @@ if ($_POST['_cid'])
else
{
$a_insert_cols = $a_insert_values = array();
-
+
// check for existing contacts
- $sql_result = $DB->query("SELECT 1 FROM ".get_table_name('contacts')."
- WHERE user_id=?
- AND email=?
- AND del<>1",
- $_SESSION['user_id'],
- $_POST['_email']);
+ $sql = "SELECT 1 FROM $contacts_table
+ WHERE user_id = {$_SESSION['user_id']}
+ AND del <> '1' ";
+
+ // get email and name, build sql for existing user check
+ if (isset($_GET['_emails']) && isset($_GET['_names']))
+ {
+ $sql .= "AND email IN (";
+ $emails = explode(',', $_GET['_emails']);
+ $names = explode(',', $_GET['_names']);
+ $count = count($emails);
+ $n = 0;
+ foreach ($emails as $email)
+ {
+ $end = (++$n == $count) ? '' : ',';
+ $sql .= $DB->quote(strip_tags($email)) . $end;
+ }
+ $sql .= ")";
+ $ldap_form = true;
+ }
+ else if (isset($_POST['_email']))
+ $sql .= "AND email = " . $DB->quote(strip_tags($_POST['_email']));
+
+ $sql_result = $DB->query($sql);
// show warning message
if ($DB->num_rows($sql_result))
{
show_message('contactexists', 'warning');
- $_action = 'add';
+
+ if ($ldap_form)
+ rcmail_overwrite_action('ldappublicsearch');
+ else
+ rcmail_overwrite_action('add');
+
return;
}
- foreach ($a_save_cols as $col)
+ if ($ldap_form)
{
- $fname = '_'.$col;
- if (!isset($_POST[$fname]))
- continue;
-
- $a_insert_cols[] = $col;
- $a_insert_values[] = $DB->quote(strip_tags($_POST[$fname]));
+ $n = 0;
+ foreach ($emails as $email)
+ {
+ $DB->query("INSERT INTO $contacts_table
+ (user_id, name, email)
+ VALUES ({$_SESSION['user_id']}," . $DB->quote(strip_tags($names[$n++])) . "," .
+ $DB->quote(strip_tags($email)) . ")");
+ $insert_id[] = $DB->insert_id();
+ }
}
-
- if (sizeof($a_insert_cols))
+ else
{
- $DB->query("INSERT INTO ".get_table_name('contacts')."
+ foreach ($a_save_cols as $col)
+ {
+ $fname = '_'.$col;
+ if (!isset($_POST[$fname]))
+ continue;
+
+ $a_insert_cols[] = $col;
+ $a_insert_values[] = $DB->quote(strip_tags($_POST[$fname]));
+ }
+
+ if (sizeof($a_insert_cols))
+ {
+ $DB->query("INSERT INTO $contacts_table
(user_id, changed, del, ".join(', ', $a_insert_cols).")
VALUES (?, now(), 0, ".join(', ', $a_insert_values).")",
$_SESSION['user_id']);
- $insert_id = $DB->insert_id(get_sequence_name('contacts'));
+ $insert_id = $DB->insert_id(get_sequence_name('contacts'));
+ }
}
if ($insert_id)
{
- $_action = 'show';
- $_GET['_cid'] = $insert_id;
+ if (!$ldap_form)
+ {
+ $_action = 'show';
+ $_GET['_cid'] = $insert_id;
- if ($_POST['_framed'])
+ if ($_POST['_framed'])
+ {
+ // add contact row or jump to the page where it should appear
+ $commands = sprintf("if(parent.%s)parent.", $JS_OBJECT_NAME);
+ $sql_result = $DB->query("SELECT * FROM $contacts_table
+ WHERE contact_id=?
+ AND user_id=?",
+ $insert_id,
+ $_SESSION['user_id']);
+ $commands .= rcmail_js_contacts_list($sql_result, $JS_OBJECT_NAME);
+
+ $commands .= sprintf("if(parent.%s)parent.%s.select('%d');\n",
+ $JS_OBJECT_NAME,
+ $JS_OBJECT_NAME,
+ $insert_id);
+
+ // update record count display
+ $commands .= sprintf("if(parent.%s)parent.%s.set_rowcount('%s');\n",
+ $JS_OBJECT_NAME,
+ $JS_OBJECT_NAME,
+ rcmail_get_rowcount_text());
+
+ $OUTPUT->add_script($commands);
+ }
+
+ // show confirmation
+ show_message('successfullysaved', 'confirmation');
+ }
+ else
{
// add contact row or jump to the page where it should appear
- $commands = sprintf("if(parent.%s)parent.", $JS_OBJECT_NAME);
- $sql_result = $DB->query("SELECT * FROM ".get_table_name('contacts')."
- WHERE contact_id=?
- AND user_id=?",
- $insert_id,
- $_SESSION['user_id']);
- $commands .= rcmail_js_contacts_list($sql_result, $JS_OBJECT_NAME);
+ $commands = '';
+ foreach ($insert_id as $id)
+ {
+ $sql_result = $DB->query("SELECT * FROM $contacts_table
+ WHERE contact_id = $id
+ AND user_id = {$_SESSION['user_id']}");
+
+ $commands .= sprintf("if(parent.%s)parent.", $JS_OBJECT_NAME);
+ $commands .= rcmail_js_contacts_list($sql_result, $JS_OBJECT_NAME);
+ $last_id = $id;
+ }
+ // display the last insert id
$commands .= sprintf("if(parent.%s)parent.%s.select('%d');\n",
- $JS_OBJECT_NAME,
- $JS_OBJECT_NAME,
- $insert_id);
-
+ $JS_OBJECT_NAME,
+ $JS_OBJECT_NAME,
+ $last_id);
+
// update record count display
$commands .= sprintf("if(parent.%s)parent.%s.set_rowcount('%s');\n",
$JS_OBJECT_NAME,
@@ -169,10 +241,11 @@ else
rcmail_get_rowcount_text());
$OUTPUT->add_script($commands);
-
- // show confirmation
- show_message('successfullysaved', 'confirmation');
+ rcmail_overwrite_action('ldappublicsearch');
}
+
+ // show confirmation
+ show_message('successfullysaved', 'confirmation');
}
else
{
@@ -182,5 +255,4 @@ else
}
}
-
-?> \ No newline at end of file
+?>