summaryrefslogtreecommitdiff
path: root/program/steps/addressbook/save.inc
blob: 3e2cfae8f24a475cf2a10a81faf5b79e8b4d6cad (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
<?php

/*
 +-----------------------------------------------------------------------+
 | program/steps/addressbook/save.inc                                    |
 |                                                                       |
 | This file is part of the RoundCube Webmail client                     |
 | Copyright (C) 2005, RoundCube Dev. - Switzerland                      |
 | Licensed under the GNU GPL                                            |
 |                                                                       |
 | PURPOSE:                                                              |
 |   Save a contact entry or to add a new one                            |
 |                                                                       |
 +-----------------------------------------------------------------------+
 | Author: Thomas Bruederli <roundcube@gmail.com>                        |
 +-----------------------------------------------------------------------+

 $Id$

*/


$a_save_cols = array('name', 'firstname', 'surname', 'email');


// update an existing contact
if ($_POST['_cid'])
  {
  $a_write_sql = array();

  foreach ($a_save_cols as $col)
    {
    $fname = '_'.$col;
    if (!isset($_POST[$fname]))
      continue;
    
    $a_write_sql[] = sprintf("%s='%s'", $col, addslashes(strip_tags($_POST[$fname])));
    }

  if (sizeof($a_write_sql))
    {
    $DB->query("UPDATE ".get_table_name('contacts')."
                SET    ".join(', ', $a_write_sql)."
                WHERE  contact_id=?
                AND    user_id=?
                AND    del<>'1'",
                $_POST['_cid'],
                $_SESSION['user_id']);
                       
    $updated = $DB->affected_rows();
    }
       
  if ($updated)
    {
    $_action = 'show';
    show_message('successfullysaved', 'confirmation');    
    
    if ($_POST['_framed'])
      {
      // define list of cols to be displayed
      $a_show_cols = array('name', 'email');
      $a_js_cols = array();
  
      $sql_result = $DB->query("SELECT * FROM ".get_table_name('contacts')."
                                WHERE  contact_id=?
                                AND    user_id=?
                                AND    del<>'1'",
                               $_POST['_cid'],
                               $_SESSION['user_id']);
                         
      $sql_arr = $DB->fetch_assoc($sql_result);
      foreach ($a_show_cols as $col)
        $a_js_cols[] = (string)$sql_arr[$col];

      // update the changed col in list
      $OUTPUT->add_script(sprintf("if(parent.%s)parent.%s.update_contact_row('%d', %s);",
                          $JS_OBJECT_NAME,
                          $JS_OBJECT_NAME,
                          $_POST['_cid'],
                          array2js($a_js_cols)));

      // show confirmation
      show_message('successfullysaved', 'confirmation');
      }
    }
  else
    {
    // show error message
    show_message('errorsaving', 'error');
    $_action = 'show';
    }
  }

// insert a new contact
else
  {
  $a_insert_cols = $a_insert_values = array();

  foreach ($a_save_cols as $col)
    {
    $fname = '_'.$col;
    if (!isset($_POST[$fname]))
      continue;
    
    $a_insert_cols[] = $col;
    $a_insert_values[] = sprintf("'%s'", addslashes(strip_tags($_POST[$fname])));
    }
    
  if (sizeof($a_insert_cols))
    {
    $DB->query("INSERT INTO ".get_table_name('contacts')."
                (user_id, ".join(', ', $a_insert_cols).")
                VALUES (?, ".join(', ', $a_insert_values).")",
                $_SESSION['user_id']);
                       
    $insert_id = $DB->insert_id();
    }
    
  if ($insert_id)
    {
    $_action = 'show';
    $_GET['_cid'] = $insert_id;

    if ($_POST['_framed'])
      {
      // add contact row or jump to the page where it should appear
      $commands = sprintf("if(parent.%s)parent.", $JS_OBJECT_NAME);
      $sql_result = $DB->query("SELECT * FROM ".get_table_name('contacts')."
                                WHERE  contact_id=?
                                AND    user_id=?",
                                $insert_id,
                                $_SESSION['user_id']);
      $commands .= rcmail_js_contacts_list($sql_result, $JS_OBJECT_NAME);

      $commands .= sprintf("if(parent.%s)parent.%s.select('%d');\n",
                           $JS_OBJECT_NAME, 
                           $JS_OBJECT_NAME,
                           $insert_id);
      
      // update record count display
      $commands .= sprintf("if(parent.%s)parent.%s.set_rowcount('%s');\n",
                           $JS_OBJECT_NAME, 
                           $JS_OBJECT_NAME,
                           rcmail_get_rowcount_text());

      $OUTPUT->add_script($commands);
      
      // show confirmation
      show_message('successfullysaved', 'confirmation');      
      }
    }
  else
    {
    // show error message
    show_message('errorsaving', 'error');
    $_action = 'add';
    }
  }


?>