mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-24 17:04:14 +01:00
changed currentapp to addressbook, to not allow access without run-rights for addressbook
This commit is contained in:
parent
137094385d
commit
570e481ddf
317
phpgwapi/addressbook.php
Normal file
317
phpgwapi/addressbook.php
Normal file
@ -0,0 +1,317 @@
|
||||
<?php
|
||||
/**************************************************************************\
|
||||
* eGroupWare - email/addressbook *
|
||||
* http://www.eGroupWare.org *
|
||||
* Originaly written by Bettina Gille [ceb@phpgroupware.org] *
|
||||
* ----------------------------------------------- *
|
||||
* This program is free software; you can redistribute it and/or modify it *
|
||||
* under the terms of the GNU General Public License as published by the *
|
||||
* Free Software Foundation; either version 2 of the License, or (at your *
|
||||
* option) any later version. *
|
||||
\**************************************************************************/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
$GLOBALS['phpgw_info']['flags'] = array(
|
||||
'noheader' => True,
|
||||
'nonavbar' => True,
|
||||
'currentapp' => 'addressbook',
|
||||
'enable_nextmatchs_class' => True
|
||||
);
|
||||
|
||||
include('../header.inc.php');
|
||||
|
||||
// add a content-type header to overwrite an existing default charset in apache (AddDefaultCharset directiv)
|
||||
header('Content-type: text/html; charset='.$GLOBALS['phpgw']->translation->charset());
|
||||
|
||||
include('templates/'.$GLOBALS['phpgw_info']['user']['preferences']['common']['template_set'].'/head.inc.php');
|
||||
|
||||
$GLOBALS['phpgw']->template->set_root(PHPGW_TEMPLATE_DIR);
|
||||
$GLOBALS['phpgw']->template->set_file(array(
|
||||
'addressbook_list_t' => 'addressbook.tpl',
|
||||
));
|
||||
$GLOBALS['phpgw']->template->set_block('addressbook_list_t','addressbook_list','list');
|
||||
|
||||
$contacts = CreateObject('phpgwapi.contacts');
|
||||
$cats = CreateObject('phpgwapi.categories');
|
||||
$cats->app_name = 'addressbook';
|
||||
|
||||
$include_personal = True;
|
||||
|
||||
$GLOBALS['phpgw']->template->set_var(array(
|
||||
'lang_search' => lang('Search'),
|
||||
'lang_select_cats' => lang('Show all categorys'),
|
||||
'lang_done' => lang('Done'),
|
||||
'to' => lang('To'),
|
||||
'cc' => lang('Cc'),
|
||||
'bcc' => lang('Bcc'),
|
||||
'lang_email' => lang('Select work email address'),
|
||||
'lang_hemail' => lang('Select home email address'),
|
||||
'lang_to_title' => lang('Select all %1 %2 for %3')
|
||||
));
|
||||
|
||||
$start = (int)get_var('start',array('POST','GET'),0);
|
||||
$filter = get_var('filter',array('POST','GET'),'none');
|
||||
$cat_id = (int)get_var('cat_id',array('POST','GET'),0);
|
||||
$query = get_var('query',array('POST','GET'));
|
||||
$sort = get_var('sort',array('POST','GET'));
|
||||
$order = get_var('order',array('POST','GET'));
|
||||
list($all) = @each($_POST['all']);
|
||||
$inserted = $_GET['inserted'];
|
||||
|
||||
$common_vars = array(
|
||||
'filter' => $filter,
|
||||
'cat_id' => $cat_id,
|
||||
'query' => $query,
|
||||
'sort' => $sort,
|
||||
'order' => $order,
|
||||
);
|
||||
|
||||
$link = '/phpgwapi/addressbook.php';
|
||||
$full_link = $GLOBALS['phpgw']->link($link,$common_vars+array(
|
||||
'start' => $start,
|
||||
));
|
||||
$GLOBALS['phpgw']->template->set_var('form_action',$full_link);
|
||||
|
||||
$qfilter = 'tid=n';
|
||||
switch($filter)
|
||||
{
|
||||
case 'none':
|
||||
break;
|
||||
case 'private':
|
||||
$qfilter .=',access=private';
|
||||
// fall-through
|
||||
case 'yours':
|
||||
$qfilter .= ',owner='.$GLOBALS['phpgw_info']['user']['account_id'];
|
||||
break;
|
||||
default:
|
||||
if(is_numeric($filter))
|
||||
{
|
||||
$qfilter = ',owner='.$filter;
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
if ($cat_id)
|
||||
{
|
||||
$qfilter .= ',cat_id='.$cat_id;
|
||||
}
|
||||
|
||||
if ($GLOBALS['phpgw_info']['user']['preferences']['common']['maxmatchs'] > 0)
|
||||
{
|
||||
$offset = $GLOBALS['phpgw_info']['user']['preferences']['common']['maxmatchs'];
|
||||
}
|
||||
else
|
||||
{
|
||||
$offset = 15;
|
||||
}
|
||||
|
||||
$account_id = $GLOBALS['phpgw_info']['user']['account_id'];
|
||||
|
||||
$cols = array (
|
||||
'n_given' => 'n_given',
|
||||
'n_family' => 'n_family',
|
||||
'org_name' => 'org_name',
|
||||
'email' => 'email',
|
||||
'email_home' => 'email_home'
|
||||
);
|
||||
|
||||
if ($all)
|
||||
{
|
||||
$qfilter .= ',email'.($all[0] == 'h' ? '_home' : '')."=!''";
|
||||
$entries = $contacts->read(0,0,$cols,$query,$qfilter,$sort,$order,$account_id);
|
||||
//echo "<pre>".print_r($entries,True)."</pre>\n";
|
||||
if (!$entries)
|
||||
{
|
||||
$all = False;
|
||||
$inserted = 0;
|
||||
}
|
||||
}
|
||||
if (!$all)
|
||||
{
|
||||
$entries = $contacts->read($start,$offset,$cols,$query,$qfilter,$sort,$order,$account_id);
|
||||
}
|
||||
//------------------------------------------- nextmatch --------------------------------------------
|
||||
$GLOBALS['phpgw']->template->set_var('left',$GLOBALS['phpgw']->nextmatchs->left(
|
||||
$link,$start,$contacts->total_records,'&'.explode('&',$common_vars)));
|
||||
$GLOBALS['phpgw']->template->set_var('right',$GLOBALS['phpgw']->nextmatchs->right(
|
||||
$link,$start,$contacts->total_records,'&'.explode('&',$common_vars)));
|
||||
foreach(array(
|
||||
'n_given' => lang('Firstname'),
|
||||
'n_family' => lang('Lastname'),
|
||||
'org_name' => lang('Company'),
|
||||
) as $col => $translation)
|
||||
{
|
||||
$GLOBALS['phpgw']->template->set_var('sort_'.$col,$GLOBALS['phpgw']->nextmatchs->show_sort_order(
|
||||
$sort,$col,$order,$link,$translation,'&cat_id='.$cat_id));
|
||||
}
|
||||
|
||||
if ($contacts->total_records > $offset)
|
||||
{
|
||||
$GLOBALS['phpgw']->template->set_var('lang_showing',lang('showing %1 - %2 of %3',
|
||||
1+$start,$start+$offset>$contacts->total_records ? $contacts->total_records : $start+$offset,
|
||||
$contacts->total_records));
|
||||
}
|
||||
|
||||
else
|
||||
{
|
||||
$GLOBALS['phpgw']->template->set_var('lang_showing',lang('showing %1',$contacts->total_records));
|
||||
}
|
||||
// --------------------------------------- end nextmatch ------------------------------------------
|
||||
|
||||
foreach(array(
|
||||
'work' => lang('work email'),
|
||||
'home' => lang('home email')
|
||||
) as $type => $lang_type)
|
||||
{
|
||||
foreach(array(
|
||||
'to' => lang('To'),
|
||||
'cc' => lang('Cc'),
|
||||
'bcc'=> lang('Bcc')) as $target => $lang_target)
|
||||
{
|
||||
$GLOBALS['phpgw']->template->set_var('title_'.$type.'_'.$target,
|
||||
lang('Insert all %1 addresses of the %2 contacts in %3',$lang_type,
|
||||
$contacts->total_records,$lang_target));
|
||||
}
|
||||
}
|
||||
|
||||
// ------------------- list header variable template-declaration -----------------------
|
||||
$GLOBALS['phpgw']->template->set_var('cats_list',$cats->formated_list('select','all',$cat_id,'True'));
|
||||
|
||||
$filter_list = '';
|
||||
foreach(array(
|
||||
'none' => lang('Show all'),
|
||||
'yours' => lang('Only yours'),
|
||||
'private' => lang('Only private'),
|
||||
) as $id => $translation)
|
||||
{
|
||||
$filter_list .= "<option value=\"$id\"".($filter == $id ? ' selected':'').">$translation</option>\n";
|
||||
}
|
||||
$GLOBALS['phpgw']->template->set_var(array(
|
||||
'query' => $query,
|
||||
'filter_list' => $filter_list,
|
||||
));
|
||||
// --------------------------- end header declaration ----------------------------------
|
||||
|
||||
$all_emails = array();
|
||||
if ($entries)
|
||||
foreach ($entries as $entry)
|
||||
{
|
||||
$GLOBALS['phpgw']->template->set_var('tr_class',
|
||||
$GLOBALS['phpgw']->nextmatchs->alternate_row_color('',True));
|
||||
|
||||
$firstname = $entry['n_given'];
|
||||
if (!$firstname)
|
||||
{
|
||||
$firstname = ' ';
|
||||
}
|
||||
$lastname = $entry['n_family'];
|
||||
if (!$lastname)
|
||||
{
|
||||
$lastname = ' ';
|
||||
}
|
||||
// thanks to dave.hall@mbox.com.au for adding company
|
||||
$company = $entry['org_name'];
|
||||
if (!$company)
|
||||
{
|
||||
$company = ' ';
|
||||
}
|
||||
|
||||
$personal_firstname = '';
|
||||
$personal_lastname = '';
|
||||
$personal_part = '';
|
||||
if ((isset($firstname)) &&
|
||||
($firstname != '') &&
|
||||
($firstname != ' '))
|
||||
{
|
||||
$personal_firstname = $firstname.' ';
|
||||
}
|
||||
if ((isset($lastname)) &&
|
||||
($lastname != '') &&
|
||||
($lastname != ' '))
|
||||
{
|
||||
$personal_lastname = $lastname;
|
||||
}
|
||||
$personal_part = $personal_firstname.$personal_lastname;
|
||||
|
||||
if (($personal_part == '') ||
|
||||
($include_personal == False))
|
||||
{
|
||||
$id = $entry['id'];
|
||||
$email = $entry['email'];
|
||||
$hemail = $entry['email_home'];
|
||||
}
|
||||
else
|
||||
{
|
||||
$id = $entry['id'];
|
||||
if ((isset($entry['email'])) &&
|
||||
(trim($entry['email']) != ''))
|
||||
{
|
||||
$email = '"'.$personal_part.'" <'.$entry['email'].'>';
|
||||
}
|
||||
else
|
||||
{
|
||||
$email = $entry['email'];
|
||||
}
|
||||
if ((isset($entry['email_home'])) &&
|
||||
(trim($entry['email_home']) != ''))
|
||||
{
|
||||
$hemail = '"'.$personal_part.'" <'.$entry['email_home'].'>';
|
||||
}
|
||||
else
|
||||
{
|
||||
$hemail = $entry['email_home'];
|
||||
}
|
||||
}
|
||||
if ($all)
|
||||
{
|
||||
$all_emails[] = $all[0] == 'h' ? $hemail : $email;
|
||||
}
|
||||
else
|
||||
{
|
||||
$email = htmlspecialchars($email);
|
||||
$hemail = htmlspecialchars($hemail);
|
||||
|
||||
// --------------------- template declaration for list records --------------------------
|
||||
$GLOBALS['phpgw']->template->set_var(array(
|
||||
'firstname' => $firstname,
|
||||
'lastname' => $lastname,
|
||||
'company' => $company
|
||||
));
|
||||
|
||||
$GLOBALS['phpgw']->template->set_var('id',$id);
|
||||
$GLOBALS['phpgw']->template->set_var('email',$email);
|
||||
$GLOBALS['phpgw']->template->set_var('hemail',$hemail);
|
||||
|
||||
$GLOBALS['phpgw']->template->parse('list','addressbook_list',True);
|
||||
}
|
||||
}
|
||||
// --------------------------- end record declaration ---------------------------
|
||||
|
||||
if ($all && count($all_emails))
|
||||
{
|
||||
$full_link .= '&inserted='.count($all_emails);
|
||||
$target = substr($all,1);
|
||||
echo "<script type=\"text/javascript\">
|
||||
if (opener.document.doit.$target.value != '')
|
||||
{
|
||||
opener.document.doit.$target.value += ',';
|
||||
}
|
||||
opener.document.doit.$target.value += '".str_replace("'","\\'",implode(',',$all_emails))."';
|
||||
window.location.href = '$full_link';
|
||||
</script>
|
||||
</body>
|
||||
</html>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($inserted || $inserted === 0)
|
||||
{
|
||||
$GLOBALS['phpgw']->template->set_var('message','<b>'.
|
||||
lang('%1 email addresses inserted',(int)$_GET['inserted']).'</b>');
|
||||
}
|
||||
$GLOBALS['phpgw']->template->parse('out','addressbook_list_t',True);
|
||||
$GLOBALS['phpgw']->template->p('out');
|
||||
}
|
||||
$GLOBALS['phpgw']->common->phpgw_exit();
|
||||
?>
|
Loading…
Reference in New Issue
Block a user