X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=program%2Fsteps%2Faddressbook%2Fsave.inc;fp=program%2Fsteps%2Faddressbook%2Fsave.inc;h=1627d0727eace9ff3b4d245154f4f5df3cd6d8bb;hb=0af63e79917234f76cfa7ec74e9d97b24fbf9b55;hp=0000000000000000000000000000000000000000;hpb=38f53b1d7d882df852551d91da5410d3bcc92a6a;p=roundcube.git diff --git a/program/steps/addressbook/save.inc b/program/steps/addressbook/save.inc new file mode 100644 index 0000000..1627d07 --- /dev/null +++ b/program/steps/addressbook/save.inc @@ -0,0 +1,260 @@ + | + +-----------------------------------------------------------------------+ + + $Id: save.inc 159 2006-03-03 16:34:35Z roundcube $ + +*/ + +// check input +if ((empty($_POST['_name']) || empty($_POST['_email'])) && empty($_GET['_framed'])) + { + show_message('formincomplete', 'warning'); + rcmail_overwrite_action(empty($_POST['_cid']) ? 'add' : 'show'); + return; + } + +// setup some vars we need +$a_save_cols = array('name', 'firstname', 'surname', 'email'); +$contacts_table = get_table_name('contacts'); + +// update an existing contact +if (!empty($_POST['_cid'])) + { + $a_write_sql = array(); + + foreach ($a_save_cols as $col) + { + $fname = '_'.$col; + if (!isset($_POST[$fname])) + continue; + + $a_write_sql[] = sprintf("%s=%s", + $DB->quoteIdentifier($col), + $DB->quote(get_input_value($fname, RCUBE_INPUT_POST))); + } + + if (sizeof($a_write_sql)) + { + $DB->query("UPDATE $contacts_table + SET changed=now(), ".join(', ', $a_write_sql)." + WHERE contact_id=? + AND user_id=? + AND del<>1", + $_POST['_cid'], + $_SESSION['user_id']); + + $updated = $DB->affected_rows(); + } + + if ($updated) + { + $_action = 'show'; + show_message('successfullysaved', 'confirmation'); + + if ($_framed) + { + // define list of cols to be displayed + $a_show_cols = array('name', 'email'); + $a_js_cols = array(); + + $sql_result = $DB->query("SELECT * FROM $contacts_table + WHERE contact_id=? + AND user_id=? + AND del<>1", + $_POST['_cid'], + $_SESSION['user_id']); + + $sql_arr = $DB->fetch_assoc($sql_result); + foreach ($a_show_cols as $col) + $a_js_cols[] = (string)$sql_arr[$col]; + + // update the changed col in list + $OUTPUT->add_script(sprintf("if(parent.%s)parent.%s.update_contact_row('%d', %s);", + $JS_OBJECT_NAME, + $JS_OBJECT_NAME, + $_POST['_cid'], + array2js($a_js_cols))); + + // show confirmation + show_message('successfullysaved', 'confirmation'); + } + } + else + { + // show error message + show_message('errorsaving', 'error'); + rcmail_overwrite_action('show'); + } + } + +// insert a new contact +else + { + $a_insert_cols = $a_insert_values = array(); + + // check for existing contacts + $sql = "SELECT 1 FROM $contacts_table + WHERE user_id = {$_SESSION['user_id']} + AND del <> '1' "; + + // get email and name, build sql for existing user check + if (isset($_GET['_emails']) && isset($_GET['_names'])) + { + $sql .= "AND email IN ("; + $emails = explode(',', get_input_value('_emails', RCUBE_INPUT_GET)); + $names = explode(',', get_input_value('_names', RCUBE_INPUT_GET)); + $count = count($emails); + $n = 0; + foreach ($emails as $email) + { + $end = (++$n == $count) ? '' : ','; + $sql .= $DB->quote($email) . $end; + } + $sql .= ")"; + $ldap_form = true; + } + else if (isset($_POST['_email'])) + $sql .= "AND email = " . $DB->quote(get_input_value('_email', RCUBE_INPUT_POST)); + + $sql_result = $DB->query($sql); + + // show warning message + if ($DB->num_rows($sql_result)) + { + show_message('contactexists', 'warning'); + + if ($ldap_form) + rcmail_overwrite_action('ldappublicsearch'); + else + rcmail_overwrite_action('add'); + + return; + } + + if ($ldap_form) + { + $n = 0; + foreach ($emails as $email) + { + $DB->query("INSERT INTO $contacts_table + (user_id, name, email + VALUES ({$_SESSION['user_id']}," . $DB->quote($names[$n++]) . "," . + $DB->quote($email) . ")"); + $insert_id[] = $DB->insert_id(); + } + } + else + { + foreach ($a_save_cols as $col) + { + $fname = '_'.$col; + if (!isset($_POST[$fname])) + continue; + + $a_insert_cols[] = $col; + $a_insert_values[] = $DB->quote(get_input_value($fname, RCUBE_INPUT_POST)); + } + + if (sizeof($a_insert_cols)) + { + $DB->query("INSERT INTO $contacts_table + (user_id, changed, del, ".join(', ', $a_insert_cols).") + VALUES (?, now(), 0, ".join(', ', $a_insert_values).")", + $_SESSION['user_id']); + + $insert_id = $DB->insert_id(get_sequence_name('contacts')); + } + } + + if ($insert_id) + { + if (!$ldap_form) + { + $_action = 'show'; + $_GET['_cid'] = $insert_id; + + if ($_framed) + { + // add contact row or jump to the page where it should appear + $commands = sprintf("if(parent.%s)parent.", $JS_OBJECT_NAME); + $sql_result = $DB->query("SELECT * FROM $contacts_table + WHERE contact_id=? + AND user_id=?", + $insert_id, + $_SESSION['user_id']); + $commands .= rcmail_js_contacts_list($sql_result, $JS_OBJECT_NAME); + + $commands .= sprintf("if(parent.%s)parent.%s.select('%d');\n", + $JS_OBJECT_NAME, + $JS_OBJECT_NAME, + $insert_id); + + // update record count display + $commands .= sprintf("if(parent.%s)parent.%s.set_rowcount('%s');\n", + $JS_OBJECT_NAME, + $JS_OBJECT_NAME, + rcmail_get_rowcount_text()); + + $OUTPUT->add_script($commands); + } + + // show confirmation + show_message('successfullysaved', 'confirmation'); + } + else + { + // add contact row or jump to the page where it should appear + $commands = ''; + foreach ($insert_id as $id) + { + $sql_result = $DB->query("SELECT * FROM $contacts_table + WHERE contact_id = $id + AND user_id = {$_SESSION['user_id']}"); + + $commands .= sprintf("if(parent.%s)parent.", $JS_OBJECT_NAME); + $commands .= rcmail_js_contacts_list($sql_result, $JS_OBJECT_NAME); + $last_id = $id; + } + + // display the last insert id + $commands .= sprintf("if(parent.%s)parent.%s.select('%d');\n", + $JS_OBJECT_NAME, + $JS_OBJECT_NAME, + $last_id); + + // update record count display + $commands .= sprintf("if(parent.%s)parent.%s.set_rowcount('%s');\n", + $JS_OBJECT_NAME, + $JS_OBJECT_NAME, + rcmail_get_rowcount_text()); + + $OUTPUT->add_script($commands); + rcmail_overwrite_action('ldappublicsearch'); + } + + // show confirmation + show_message('successfullysaved', 'confirmation'); + } + else + { + // show error message + show_message('errorsaving', 'error'); + rcmail_overwrite_action('add'); + } + } + +?>