Context Navigation

source: trunk/expressoMail1_2/inc/class.db_functions.inc.php @ 1036

Revision 1036, 14.9 KB checked in by amuller, 15 years ago (diff)
Ticket #559 - Atualização de segurança
Property svn:eol-style set to `native` Property svn:executable set to ``*

Line
1	<?php
2	$GLOBALS['phpgw_info']['flags'] = array(
3	'currentapp' => 'expressoMail1_2',
4	'nonavbar' => true,
5	'noheader' => true
6	);
7
8	require_once $_SERVER[ 'DOCUMENT_ROOT' ] . '/header.inc.php';
9	define('PHPGW_INCLUDE_ROOT','../');
10	define('PHPGW_API_INC','../phpgwapi/inc');
11	include_once(PHPGW_API_INC.'/class.db.inc.php');
12	include_once('class.dynamic_contacts.inc.php');
13
14	class db_functions
15	{
16
17	var $db;
18	var $user_id;
19	var $related_ids;
20
21	function db_functions(){
22	$this->db = new db();
23	$this->db->Halt_On_Error = 'no';
24	$this->db->connect(
25	$_SESSION['phpgw_info']['expressomail']['server']['db_name'],
26	$_SESSION['phpgw_info']['expressomail']['server']['db_host'],
27	$_SESSION['phpgw_info']['expressomail']['server']['db_port'],
28	$_SESSION['phpgw_info']['expressomail']['server']['db_user'],
29	$_SESSION['phpgw_info']['expressomail']['server']['db_pass'],
30	$_SESSION['phpgw_info']['expressomail']['server']['db_type']
31	);
32	$this -> user_id = $_SESSION['phpgw_info']['expressomail']['user']['account_id'];
33	}
34
35	// BEGIN of functions.
36	function get_cc_contacts()
37	{
38	$result = array();
39	$stringDropDownContacts = '';
40
41	$query_related = $this->get_query_related('A.id_owner'); // field name for owner
42
43	// Traz os contatos pessoais e compartilhados
44	$query = 'select A.names_ordered, C.connection_value from phpgw_cc_contact A, '.
45	'phpgw_cc_contact_conns B, phpgw_cc_connections C where '.
46	'A.id_contact = B.id_contact and B.id_connection = C.id_connection '.
47	'and B.id_typeof_contact_connection = 1 and ('.$query_related.') group by '.
48	'A.names_ordered,C.connection_value order by lower(A.names_ordered)';
49
50	if (!$this->db->query($query))
51	return null;
52	while($this->db->next_record())
53	$result[] = $this->db->row();
54
55	if (count($result) != 0)
56	{
57	// Monta string
58	foreach($result as $contact)
59	$stringDropDownContacts = $stringDropDownContacts . $contact['names_ordered']. ';' . $contact['connection_value'] . ',';
60	//Retira ultima virgula.
61	$stringDropDownContacts = substr($stringDropDownContacts,0,(strlen($stringDropDownContacts) - 1));
62	}
63	else
64	return null;
65
66	return $stringDropDownContacts;
67	}
68	// Get Related Ids for sharing contacts or groups.
69	function get_query_related($field_name){
70	$query_related = $field_name .'='.$this -> user_id;
71	// Only at first time, it gets all related ids...
72	if(!$this->related_ids) {
73	$query = 'select id_related from phpgw_cc_contact_rels where id_contact='.$this -> user_id.' and id_typeof_contact_relation=1';
74	if (!$this->db->query($query)){
75	return $query_related;
76	}
77
78	while($this->db->next_record()){
79	$row = $this->db->row();
80	$result[] = $row['id_related'];
81	}
82	if($result)
83	$this->related_ids = implode(",",$result);
84	}
85	if($this->related_ids)
86	$query_related .= ' or '.$field_name.' in ('.$this->related_ids.')';
87
88	return $query_related;
89	}
90	function get_cc_groups()
91	{
92	// Pesquisa no CC os Grupos Pessoais.
93	$stringDropDownContacts = '';
94	$result = array();
95	$query_related = $this->get_query_related('owner'); // field name for 'owner'
96	$query = 'select title, short_name, owner from phpgw_cc_groups where '.$query_related.' order by lower(title)';
97
98	// Executa a query
99	if (!$this->db->query($query))
100	return null;
101	// Retorna cada resultado
102	while($this->db->next_record())
103	$result[] = $this->db->row();
104
105	// Se houver grupos ....
106	if (count($result) != 0)
107	{
108	// Create Ldap Object, if exists related Ids for sharing groups.
109	if($this->related_ids){
110	$_SESSION['phpgw_info']['expressomail']['user']['cc_related_ids']= array();
111	include_once("class.ldap_functions.inc.php");
112	$ldap = new ldap_functions();
113	}
114	$owneruid = '';
115	foreach($result as $group){
116	// Searching uid (LDAP), if exists related Ids for sharing groups.
117	// Save into user session. It will used before send mail (verify permission).
118	if(!$_SESSION['phpgw_info']['expressomail']['user']['cc_related_ids'][$group['owner']] && $ldap){
119	$_SESSION['phpgw_info']['expressomail']['user']['cc_related_ids'][$group['owner']] = $ldap -> uidnumber2uid($group['owner']);
120	}
121	if($this->user_id != $group['owner'])
122	$owneruid = "::".$_SESSION['phpgw_info']['expressomail']['user']['cc_related_ids'][$group['owner']];
123	else
124	$owneruid = '';
125
126	$stringDropDownContacts .= $group['title']. ';' . ($group['short_name'].$owneruid) . ',';
127	}
128	//Retira ultima virgula.
129	$stringDropDownContacts = substr($stringDropDownContacts,0,(strlen($stringDropDownContacts) - 1));
130	}
131	else
132	return null;
133	return $stringDropDownContacts;
134	}
135
136	function getContactsByGroupAlias($alias)
137	{
138	list($alias,$uid) = explode("::",$alias);
139	$cc_related_ids = $_SESSION['phpgw_info']['expressomail']['user']['cc_related_ids'];
140	// Explode personal group, If exists related ids (the user has permission to send email).
141	if(is_array($cc_related_ids) && $uid){
142	$owner = array_search($uid,$cc_related_ids);
143	}
144
145	$query = "select C.id_connection, A.names_ordered, C.connection_value from phpgw_cc_contact A, ".
146	"phpgw_cc_contact_conns B, phpgw_cc_connections C,phpgw_cc_contact_grps D,phpgw_cc_groups E where ".
147	"A.id_contact = B.id_contact and B.id_connection = C.id_connection ".
148	"and B.id_typeof_contact_connection = 1 and ".
149	"A.id_owner =".($owner ? $owner : $this->user_id)." and ".
150	"D.id_group = E.id_group and ".
151	"D.id_connection = C.id_connection and E.short_name = '".$alias."'";
152
153	if (!$this->db->query($query))
154	{
155	exit ('Query failed! File: '.__FILE__.' on line'.__LINE__);
156	}
157
158	$return = false;
159
160	while($this->db->next_record())
161	{
162	$return[] = $this->db->row();
163	}
164
165	return $return;
166	}
167
168	function getAddrs($array_addrs) {
169	$array_addrs_final = array();
170
171	for($i = 0; $i < count($array_addrs); $i++){
172	$j = count($array_addrs_final);
173
174	if(!strchr($array_addrs[$i],'@')
175	&& strchr($array_addrs[$i],'<')
176	&& strchr($array_addrs[$i],'>')) {
177
178	$alias = substr($array_addrs[$i], strpos($array_addrs[$i],'<'), strpos($array_addrs[$i],'>'));
179	$alias = str_replace('<','', str_replace('>','',$alias));
180
181	$arrayContacts = $this -> getContactsByGroupAlias($alias);
182
183	if($arrayContacts) {
184	foreach($arrayContacts as $index => $contact){
185	if($contact['names_ordered']) {
186	$array_addrs_final[$j] = '"'.$contact['names_ordered'].'" <'.$contact['connection_value'].'>';
187	}
188	else
189	$array_addrs_final[$j] = $contact['connection_value'];
190
191	$j++;
192	}
193	}
194	}
195	else
196	$array_addrs_final[$j++] = $array_addrs[$i];
197	}
198	return $array_addrs_final;
199	}
200
201	function get_dropdown_contacts(){
202
203	$contacts = $this -> get_cc_contacts();
204	$groups = $this -> get_cc_groups();
205
206	if(($contacts) && ($groups))
207	$stringDropDownContacts = $contacts . ',' . $groups;
208	elseif ((!$contacts) && (!$groups))
209	$stringDropDownContacts = '';
210	elseif (($contacts) && (!$groups))
211	$stringDropDownContacts = $contacts;
212	elseif ((!$contacts) && ($groups))
213	$stringDropDownContacts = $groups;
214
215	if($_SESSION['phpgw_info']['user']['preferences']['expressoMail']['number_of_contacts'] &&
216	$_SESSION['phpgw_info']['user']['preferences']['expressoMail']['use_dynamic_contacts']) {
217	$dynamic_contact = new dynamic_contacts();
218	$dynamic = $dynamic_contact->dynamic_contact_toString();
219	if ($dynamic)
220	$stringDropDownContacts .= ($stringDropDownContacts ? ',' : '') . $dynamic;
221	}
222	return $stringDropDownContacts;
223	}
224	/*
225	function update_preferences($params){
226
227	$aux = explode("##",$params['prefe_string']);
228	$new_prefe = array();
229
230	foreach($aux as $key=>$tmp){
231	if($key == 0){
232	$new_prefe['max_email_per_page'] = $tmp;
233	}
234	if($key == 1){
235	$new_prefe['save_deleted_msg'] = $tmp;
236	}
237	if($key == 2){
238	$new_prefe['delete_trash_messages_after_n_days'] = $tmp;
239	}
240	if($key == 3){
241	$new_prefe['delete_and_show_previous_message'] = $tmp;
242	}
243	if($key == 4){
244	$new_prefe['alert_new_msg'] = $tmp;
245	}
246	if($key == 5){
247	$new_prefe['mainscreen_showmail'] = $tmp;
248	}
249	if($key == 10){
250	$new_prefe['signature'] = $tmp;
251	}
252	if($key == 7){
253	$new_prefe['hide_folders'] = $tmp;
254	}
255	if($key == 6){
256	$new_prefe['save_in_folder'] = $tmp;
257	}
258	if($key == 8){
259	$new_prefe['line_height'] = $tmp;
260	}
261	if($key == 9){
262	$new_prefe['font_size'] = $tmp;
263	}
264	if($key == 11){
265	$new_prefe['use_shortcuts'] = $tmp;
266	}
267	}
268
269	$string_serial = serialize($new_prefe);
270	$string_serial = get_magic_quotes_gpc() ? $string_serial : addslashes($string_serial);
271	$query = "update phpgw_preferences set preference_value = '".$string_serial."' where preference_app = 'expressoMail'".
272	" and preference_owner = '".$this->user_id."'";
273
274	if (!$this->db->query($query))
275	return "Failed!";
276	else
277	return "OK!";
278	}
279	*/
280	function update_preferences($params){
281	$string_serial = urldecode($params['prefe_string']);
282	$string_serial = get_magic_quotes_gpc() ? $string_serial : addslashes($string_serial);
283	$query = "update phpgw_preferences set preference_value = '".$string_serial."' where preference_app = 'expressoMail'".
284	" and preference_owner = '".$this->user_id."'";
285
286	if (!$this->db->query($query))
287	return $this->db->error;
288	else
289	return array("success" => true);
290	}
291	function getUserByEmail($params){
292	// Follow the referral
293	$email = $params['email'];
294	$query = 'select A.names_ordered, C.connection_name, C.connection_value, A.photo'.
295	' from phpgw_cc_contact A, phpgw_cc_contact_conns B, '.
296	'phpgw_cc_connections C where A.id_contact = B.id_contact'.
297	' and B.id_connection = C.id_connection and A.id_contact ='.
298	'(select A.id_contact from phpgw_cc_contact A, phpgw_cc_contact_conns B,'.
299	'phpgw_cc_connections C where A.id_contact = B.id_contact'.
300	' and B.id_connection = C.id_connection and A.id_owner = '.$this -> user_id.
301	' and C.connection_value = \''.$email.'\') and '.
302	'C.connection_is_default = true and B.id_typeof_contact_connection = 2';
303
304	if (!$this->db->query($query))
305	return null;
306
307
308	if($this->db->next_record()) {
309	$result = $this->db->row();
310
311	$obj = array("cn" => $result['names_ordered'],
312	"email" => $email,
313	"type" => "personal",
314	"telefone" => $result['connection_value']);
315
316	if($result['photo'])
317	$_SESSION['phpgw_info']['expressomail']['contact_photo'] = array($result['photo']);
318
319	return $obj;
320	}
321	return $result;
322	}
323
324	function get_dynamic_contacts()
325	{
326	// Pesquisa os emails e ultima inserção nos contatos dinamicos.
327	if(!$this->db->select('phpgw_expressomail_contacts','data',
328	'id_owner ='.$this -> user_id,
329	__LINE__,__FILE__))
330	{
331	return $this->db->Error;
332	}
333	while($this->db->next_record())
334	{
335	$result[] = $this->db->row();
336	}
337	if($result) foreach($result as $item)
338	{
339	$contacts = unserialize($item['data']);
340	}
341	if (count($contacts) == 0)
342	{
343	return null;
344	}
345	//Sort by email
346	function cmp($a, $b) { return strcmp($a["email"], $b["email"]);}
347	usort($contacts,"cmp");
348	return $contacts;
349	}
350	function update_contacts($contacts=array())
351	{
352	// Atualiza um email nos contatos dinamicos.
353	if(!$this->db->update('phpgw_expressomail_contacts ','data=\''.serialize($contacts).'\'',
354	'id_owner ='.$this -> user_id,
355	__LINE__,__FILE__))
356	{
357	return $this->db->Error;
358	}
359	return $contacts;
360	}
361
362	function insert_contact($contact)
363	{
364	$contacts[] = array( 'timestamp' => time(),
365	'email' => $contact );
366
367	// Insere um email nos contatos dinamicos.
368	$query = 'INSERT INTO phpgw_expressomail_contacts (data, id_owner) ' .
369	'values ( \''.serialize($contacts).'\', '.$this->user_id.')';
370
371	if(!$this->db->query($query,__LINE__,__FILE__))
372	return $this->db->Error;
373	return $contacts;
374	}
375
376	function remove_dynamic_contact($user_id,$line,$file)
377	{
378	$where = $user_id.' = id_owner';
379	$this->db->delete('phpgw_expressomail_contacts',$where,$line,$file);
380	}
381
382	function import_vcard($params){
383
384	include_once('class.imap_functions.inc.php');
385	$objImap = new imap_functions();
386	$msg_number = $params['msg_number'];
387	$idx_file = $params['idx_file'];
388	$msg_part = $params['msg_part'];
389	$msg_folder = $params['msg_folder'];
390	$encoding = strtolower($params['encoding']);
391	$fileContent = "";
392
393	if($msg_number && $msg_part && $msg_folder && (intval($idx_file == '0' ? '1' : $idx_file))) {
394	$mbox_stream = $objImap->open_mbox($msg_folder);
395	$fileContent = imap_fetchbody($mbox_stream, $msg_number, $msg_part, FT_UID);
396	include_once('class.imap_attachment.inc.php');
397	$imap_attachment = new imap_attachment();
398	$a = $imap_attachment->download_attachment($mbox_stream, $msg_number);
399	$filename = $a[$idx_file]['name'];
400	}
401	else
402	$filename = $idx_file;
403
404	if($fileContent) {
405	if($encoding == 'base64')
406	$calendar = imap_base64($fileContent);
407	else if($encoding == 'quoted-printable')
408	$calendar = quoted_printable_decode($fileContent);
409	else
410	$calendar = $fileContent;
411	}
412
413	$uiicalendar = CreateObject("calendar.uiicalendar");
414	return $uiicalendar = $uiicalendar->import_from_mail($calendar);
415	}
416
417	function insert_certificate($email,$certificate,$serialnumber,$authoritykeyidentifier=null)
418	{
419	if(!$email \|\| !$certificate \|\| !$serialnumber \|\| !$authoritykeyidentifier)
420	return false;
421	// Insere uma chave publica na tabela phpgw_certificados.
422	$data = array ('email' => $email,
423	'chave_publica' => $certificate,
424	'serialnumber' => $serialnumber,
425	'authoritykeyidentifier' => $authoritykeyidentifier);
426
427	if(!$this->db->insert('phpgw_certificados',$data,array(),__LINE__,__FILE__)){
428	return $this->db->Error;
429	}
430	return true;
431	}
432
433	function get_certificate($email=null)
434	{
435	if(!$email) return false;
436	$result = array();
437
438	$where = array ('email' => $email,
439	'revogado' => 0,
440	'expirado' => 0);
441
442	if(!$this->db->select('phpgw_certificados','chave_publica', $where, __LINE__,__FILE__))
443	{
444	$result['dberr1'] = $this->db->Error;
445	return $result;
446	}
447	$regs = array();
448	while($this->db->next_record())
449	{
450	$regs[] = $this->db->row();
451	}
452	if (count($regs) == 0)
453	{
454	$result['dberr2'] = ' Certificado nao localizado.';
455	return $result;
456	}
457	$result['certs'] = $regs;
458	return $result;
459	}
460
461	function update_certificate($serialnumber=null,$email=null,$authoritykeyidentifier,$expirado,$revogado)
462	{
463	if(!$email \|\| !$serialnumber) return false;
464	if(!$expirado)
465	$expirado = 0;
466	if(!$revogado)
467	$revogado = 0;
468
469	$data = array ('expirado' => $expirado,
470	'revogado' => $revogado);
471
472	$where = array ('email' => $email,
473	'serialnumber' => $serialnumber,
474	'authoritykeyidentifier' => $authoritykeyidentifier);
475
476	if(!$this->db->update('phpgw_certificados',$data,$where,__LINE__,__FILE__))
477	{
478	return $this->db->Error;
479	}
480	return true;
481	}
482
483	}
484	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: