Hopefully a fix for acl issues, and the strip_html loop

addressbook/inc/class.boaddressbook.inc.php

@@ -23,6 +23,51 @@
 			'add_email'       => True,
 			'update_entry'    => True
 		);
+		var $soap_functions = array(
+			'read_entries' => array(
+				'in' => array(
+					'int',
+					'int',
+					'struct',
+					'string',
+					'int'
+				),
+				'out' => array(
+					'array'
+				)
+			),
+			'read_entry' => array(
+				'in' => array(
+					'int',
+					'struct'
+				),
+				'out' => array(
+					'array'
+				)
+			),
+			'read_last_entry' => array(
+				'in' => array(
+					'struct'
+				),
+				'out' => array(
+					'array'
+				)
+			),
+			'add_entry' => array(
+				'in' => array(
+					'int',
+					'struct'
+				),
+				'out' => array()
+			),
+			'update_entry' => array(
+				'in' => array(
+					'int',
+					'struct'
+				),
+				'out' => array()
+			)
+		);
 
 		var $debug = False;
 
@@ -43,6 +88,8 @@
 			global $phpgw;
 
 			$this->so = CreateObject('addressbook.soaddressbook');
+			$this->rights = $this->so->rights;
+			$this->grants = $this->so->grants;
 
 			if($session)
 			{
@@ -94,28 +141,38 @@
 		{
 			global $phpgw;
 
-			if ($dirty == ''){$dirty = array();}
+			if ($dirty == '')
+			{
+				$dirty = array();
+			}
 			for($i=0;$i<count($dirty);$i++)
 			{
-				while (list($name,$value) = each($dirty[$i]))
+				if(gettype($dirty[$i]) == 'array')
 				{
-					$cleaned[$i][$name] = $phpgw->strip_html($dirty[$i][$name]);
+					while (list($name,$value) = @each($dirty[$i]))
+					{
+						$cleaned[$i][$name] = $phpgw->strip_html($dirty[$i][$name]);
+					}
+				}
+				else
+				{
+					$cleaned[$i] == $phpgw->strip_html($dirty[$i]);
 				}
 			}
 			return $cleaned;
 		}
 
-		function read_entries($start,$limit,$qcols,$qfilter,$userid='')
+		function read_entries($start,$limit,$qcols,$qfilter)
 		{
-			$entries = $this->so->read_entries($start,$limit,$qcols,$this->query,$qfilter,$this->sort,$this->order,$userid);
+			$entries = $this->so->read_entries($start,$limit,$qcols,$this->query,$qfilter,$this->sort,$this->order);
 			$this->total = $this->so->contacts->total_records;
 			if($this->debug) { echo '<br>Total records="' . $this->total . '"'; }
 			return $this->strip_html($entries);
 		}
 
-		function read_entry($id,$fields,$userid='')
+		function read_entry($id,$fields)
 		{
-			$entry = $this->so->read_entry($id,$fields,$userid);
+			$entry = $this->so->read_entry($id,$fields);
 			return $this->strip_html($entry);
 		}
 
@@ -152,7 +209,11 @@
 				$vcard = CreateObject('phpgwapi.vcard');
 				$entry = $vcard->in_file($filename);
 				/* _debug_array($entry);exit; */
-				$this->so->add_entry($phpgw_info['user']['account_id'],$entry,'private','','n');
+				$entry['owner'] = $phpgw_info['user']['account_id'];
+				$entry['access'] = 'private';
+				$entry['tid'] = 'n';
+				/* _debug_array($entry);exit; */
+				$this->so->add_entry($entry);
 				$ab_id = $this->get_lastid();
 
 				/* Delete the temp file. */
@@ -189,33 +250,9 @@
 				. $phpgw->link('/index.php',"menuaction=addressbook.uiaddressbook.view&ab_id=$ab_id&referer=$referer"));
 		}
 
-		function OLDcopy_entry($ab_id)
+		function add_entry($fields)
 		{
-			global $phpgw,$phpgw_info;
-
-			$addnew = $this->read_entry($ab_id,$this->so->contacts->stock_contact_fields,$phpgw_info['user']['account_id']);
-
-			$addnew[0]['note'] .= "\nCopied from ".$phpgw->accounts->id2name($addnew[0]['owner']).", record #".$addnew[0]['id'].".";
-			$addnew[0]['owner'] = $phpgw_info['user']['account_id'];
-			$addnew[0]['id']    = '';
-			$fields = $addnew[0];
-
-			if ($addnew['tid'])
-			{
-				$this->so->add_entry($fields['owner'],$fields,$fields['access'],$fields['cat_id'],$fields['tid']);
-			}
-			else
-			{
-				$this->so->add_entry($fields['owner'],$fields,$fields['access'],$fields['cat_id']);
-			}
-
-			$ab_id = $this->get_lastid();
-			Header("Location: " . $phpgw->link('/index.php',"menuaction=addressbook.uiaddressbook.edit&ab_id=$ab_id"));
-		}
-
-		function add_entry($userid,$fields)
-		{
-			return $this->so->add_entry($userid,$fields);
+			return $this->so->add_entry($fields);
 		}
 
 		function get_lastid()
@@ -223,9 +260,9 @@
 			return $this->so->get_lastid();
 		}
 
-		function update_entry($userid,$fields)
+		function update_entry($fields)
 		{
-			return $this->so->update_entry($userid,$fields);
+			return $this->so->update_entry($fields);
 		}
 
 		function delete_entry($ab_id)
@@ -239,7 +276,7 @@
 			$phpgw->preferences->read_repository();
 			if (is_array($prefs))
 			{
-/*				_debug_array($prefs);exit; */
+				/* _debug_array($prefs);exit; */
 				while (list($pref,$x) = each($qfields))
 				{
 					/* echo '<br>checking: ' . $pref . '=' . $prefs[$pref]; */

addressbook/inc/class.soaddressbook.inc.php

@@ -16,12 +16,36 @@
 	{
 		var $contacts;
 		var $rights;
+		var $grants;
+		var $owner;
 
 		function soaddressbook()
 		{
-			global $rights;
+			global $phpgw,$phpgw_info,$owner;
 
+			if(!isset($owner)) { $owner = 0; } 
+
+			$grants = $phpgw->acl->get_grants('addressbook');
+			if(!isset($owner) || !$owner)
+			{
+				$owner = $phpgw_info['user']['account_id'];
+				$rights = PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE + 16;
+			}
+			else
+			{
+				if($grants[$owner])
+				{
+					$rights = $grants[$owner];
+					if (!($rights & PHPGW_ACL_READ))
+					{
+						$owner = $phpgw_info['user']['account_id'];
+						$rights = PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE + 16;
+					}
+				}
+			}
 			$this->rights = $rights;
+			$this->grants = $grants;
+			$this->owner  = $owner;
 		}
 
 		function makeobj()
@@ -49,7 +73,7 @@
 			}
 			else
 			{
-				$rtrn = array('No access' => 'No access');
+				$rtrn = array(0 => array('No access' => 'No access'));
 				return $rtrn;
 			}
 		}

addressbook/inc/class.uiaddressbook.inc.php

@@ -73,7 +73,7 @@
 			$this->filter   = $this->bo->filter;
 			$this->cat_id   = $this->bo->cat_id;
 			if($this->debug) { $this->_debug_sqsof(); }
-/*			_debug_array($this); */
+			/* _debug_array($this); */
 		}
 
 		function _debug_sqsof()
@@ -416,7 +416,7 @@
 			else
 			{
 				/* read the entry list */
-				$entries = $this->bo->read_entries($this->start,$this->limit,$columns_to_display,$qfilter,$userid);
+				$entries = $this->bo->read_entries($this->start,$this->limit,$columns_to_display,$qfilter);
 				$total_records = $this->bo->total;
 			}
 
@@ -609,7 +609,7 @@
 				$referer = urlencode($fields['referer']);
 				unset($fields['referer']);
 
-				$this->bo->add_entry($phpgw_info['user']['account_id'],$fields);
+				$this->bo->add_entry($fields);
 
 				$ab_id = $this->bo->get_lastid();
 
@@ -656,7 +656,7 @@
 				$referer = urlencode($fields['referer']);
 				unset($fields['referer']);
 	
-				$this->bo->update_entry($userid,$fields);
+				$this->bo->update_entry($fields);
 	
 				Header("Location: "
 					. $phpgw->link('/index.php',"menuaction=addressbook.uiaddressbook.view&ab_id=" . $fields['ab_id'] . "&referer=$referer"));
@@ -755,8 +755,9 @@
 		{
 			global $phpgw,$phpgw_info,$ab_id,$submit,$referer;
 
-			// First, make sure they have permission to this entry
+			/* First, make sure they have permission to this entry */
 			$check = $this->bo->read_entry($ab_id,array('owner' => 'owner'));
+
 			$perms = $this->contacts->check_perms($this->contacts->grants[$check[0]['owner']],PHPGW_ACL_READ);
 
 			if ( (!$perms) && ($check[0]['owner'] != $phpgw_info['user']['account_id']) )
@@ -793,7 +794,7 @@
 				}
 			}
 
-			// No prefs?
+			/* No prefs? */
 			if (!$columns_to_display )
 			{
 				$columns_to_display = array(
@@ -949,7 +950,7 @@
 
 			if (!$catname) { $catname = lang('none'); }
 
-			// These are in the footer
+			/* These are in the footer */
 			$this->template->set_var('lang_owner',lang('Record owner'));
 			$this->template->set_var('owner',$phpgw->common->grab_owner_name($record_owner));
 			$this->template->set_var('lang_access',lang('Record access'));
@@ -1040,11 +1041,11 @@
 
 			while (list($col, $descr) = each($qfields))
 			{
-				// echo "<br>test: $col - $i $j - " . count($abc);
+				/* echo "<br>test: $col - $i $j - " . count($abc); */
 				$i++; $j++;
 				$showcol = $this->display_name($col);
 				if (!$showcol) { $showcol = $col; }
-				// yank the *'s prior to testing for a valid column description
+				/* yank the *'s prior to testing for a valid column description */
 				$coltest = ereg_replace("\*","",$showcol);
 				if ($coltest)
 				{
@@ -1384,7 +1385,7 @@
 
 			if ($format != "view")
 			{
-				// Preferred phone number radio buttons
+				/* Preferred phone number radio buttons */
 				$pref[0] = '<font size="-2">';
 				$pref[1] = '(' . lang('pref') . ')</font>';
 				while (list($name,$val) = each($this->contacts->tel_types))
@@ -1674,6 +1675,6 @@
 			$this->template->set_var('row_text',$phpgw_info['theme']['row_text']);
 
 			$this->template->pfp('out','form');
-		} //end form function
+		} /* end form function */
 	}
 ?>

addressbook/inc/functions.inc.php

@@ -12,30 +12,6 @@
 
   /* $Id$ */
 
-	/* I don't think this is needed anymore */
-	/* Perform acl check, set $rights */
-	if(!isset($owner)) { $owner = 0; } 
-
-	$grants = $phpgw->acl->get_grants('addressbook');
-
-	if(!isset($owner) || !$owner)
-	{
-		$owner = $phpgw_info['user']['account_id'];
-		$rights = PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE + 16;
-	}
-	else
-	{
-		if($grants[$owner])
-		{
-			$rights = $grants[$owner];
-			if (!($rights & PHPGW_ACL_READ))
-			{
-				$owner = $phpgw_info['user']['account_id'];
-				$rights = PHPGW_ACL_READ + PHPGW_ACL_ADD + PHPGW_ACL_EDIT + PHPGW_ACL_DELETE + 16;
-			}
-		}
-	}
-
 	function formatted_list($name,$list,$id='',$default=False,$java=False)
 	{
 		if ($java)