rcube_user.php
No OneTemporary
Actions

Authored By

Unknown

Size

31 KB

Referenced Files

None

Subscribers

None

rcube_user.php
View Options

	<?php

	/**
	+-----------------------------------------------------------------------+
	\| This file is part of the Roundcube Webmail client \|
	\| \|
	\| Copyright (C) The Roundcube Dev Team \|
	\| \|
	\| Licensed under the GNU General Public License version 3 or \|
	\| any later version with exceptions for skins & plugins. \|
	\| See the README file for a full license statement. \|
	\| \|
	\| PURPOSE: \|
	\| This class represents a system user linked and provides access \|
	\| to the related database records. \|
	+-----------------------------------------------------------------------+
	\| Author: Thomas Bruederli <roundcube@gmail.com> \|
	\| Author: Aleksander Machniak <alec@alec.pl> \|
	+-----------------------------------------------------------------------+
	*/

	/**
	* Class representing a system user
	*
	* @package Framework
	* @subpackage Core
	*/
	class rcube_user
	{
	/** @var int User identifier */
	public $ID;

	/** @var array User properties */
	public $data;

	/** @var string User language code */
	public $language;

	/** @var array User preferences */
	public $prefs;


	/** @var rcube_db Holds database connection */
	private $db;

	/** @var rcube Framework object */
	private $rc;

	/** @var array Internal identities cache */
	private $identities = [];

	/** @var array Internal emails cache */
	private $emails;


	const SEARCH_ADDRESSBOOK = 1;
	const SEARCH_MAIL = 2;


	/**
	* Object constructor
	*
	* @param int $id User id
	* @param array $sql_arr SQL result set
	*/
	function __construct($id = null, $sql_arr = null)
	{
	$this->rc = rcube::get_instance();
	$this->db = $this->rc->get_dbh();

	if ($id && !$sql_arr) {
	$sql_result = $this->db->query(
	"SELECT * FROM " . $this->db->table_name('users', true)
	. " WHERE `user_id` = ?", $id
	);

	$sql_arr = $this->db->fetch_assoc($sql_result);
	}

	if (!empty($sql_arr)) {
	$this->ID = (int) $sql_arr['user_id'] ?? 0;
	$this->data = $sql_arr;
	$this->language = $sql_arr['language'] ?? null;
	}
	}

	/**
	* Build a user name string (as e-mail address)
	*
	* @param string $part Username part (empty or 'local' or 'domain', 'mail')
	*
	* @return string Full user name or its part
	*/
	function get_username($part = null)
	{
	if (!empty($this->data['username'])) {
	// return real name
	if (!$part) {
	return $this->data['username'];
	}

	list($local, $domain) = rcube_utils::explode('@', $this->data['username']);

	// at least we should always have the local part
	if ($part == 'local') {
	return $local;
	}
	// if no domain was provided...
	if (empty($domain)) {
	$domain = $this->rc->config->mail_domain($this->data['mail_host']);
	}

	if ($part == 'domain') {
	return $domain;
	}

	if (!empty($domain)) {
	return $local . '@' . $domain;
	}

	return $local;
	}
	}

	/**
	* Get the preferences saved for this user
	*
	* @return array Hash array with prefs
	*/
	function get_prefs()
	{
	if (isset($this->prefs)) {
	return $this->prefs;
	}

	$this->prefs = [];

	if (!empty($this->language)) {
	$this->prefs['language'] = $this->language;
	}

	if ($this->ID) {
	// Preferences from session (write-master is unavailable)
	if (!empty($_SESSION['preferences'])) {
	// Check last write attempt time, try to write again (every 5 minutes)
	if ($_SESSION['preferences_time'] < time() - 5 * 60) {
	$saved_prefs = unserialize($_SESSION['preferences']);
	$this->rc->session->remove('preferences');
	$this->rc->session->remove('preferences_time');
	$this->save_prefs($saved_prefs);
	}
	else {
	$this->data['preferences'] = $_SESSION['preferences'];
	}
	}

	if ($this->data['preferences']) {
	$this->prefs += (array) unserialize($this->data['preferences']);
	}
	}

	return $this->prefs;
	}

	/**
	* Write the given user prefs to the user's record
	*
	* @param array $a_user_prefs User prefs to save
	* @param bool $no_session Simplified language/preferences handling
	*
	* @return bool True on success, False on failure
	*/
	function save_prefs($a_user_prefs, $no_session = false)
	{
	if (!$this->ID) {
	return false;
	}

	$config = $this->rc->config;
	$transient = $config->transient_options();
	$a_user_prefs = array_diff_key($a_user_prefs, array_flip($transient));

	if (empty($a_user_prefs)) {
	return true;
	}

	$plugin = $this->rc->plugins->exec_hook('preferences_update', [
	'userid' => $this->ID,
	'prefs' => $a_user_prefs,
	'old' => (array)$this->get_prefs()
	]);

	if (!empty($plugin['abort'])) {
	return false;
	}

	$a_user_prefs = $plugin['prefs'];
	$old_prefs = $plugin['old'];
	$defaults = $config->all();

	// merge (partial) prefs array with existing settings
	$this->prefs = $save_prefs = $a_user_prefs + $old_prefs;
	unset($save_prefs['language']);

	// don't save prefs with default values if they haven't been changed yet
	// Warning: we use result of rcube_config::all() here instead of just get() (#5782)
	foreach ($a_user_prefs as $key => $value) {
	if ($value === null \|\| (!isset($old_prefs[$key]) && isset($defaults[$key]) && $value === $defaults[$key])) {
	unset($save_prefs[$key]);
	}
	}

	$save_prefs = serialize($save_prefs);
	if (!$no_session) {
	$this->language = $_SESSION['language'];
	}

	$this->db->query(
	"UPDATE ".$this->db->table_name('users', true).
	" SET `preferences` = ?, `language` = ?".
	" WHERE `user_id` = ?",
	$save_prefs,
	$this->language,
	$this->ID
	);

	// Update success
	if ($this->db->affected_rows() !== false) {
	$this->data['preferences'] = $save_prefs;

	if (!$no_session) {
	$config->set_user_prefs($this->prefs);

	if (isset($_SESSION['preferences'])) {
	$this->rc->session->remove('preferences');
	$this->rc->session->remove('preferences_time');
	}
	}

	return true;
	}
	// Update error, but we are using replication (we have read-only DB connection)
	// and we are storing session not in the SQL database
	// we can store preferences in session and try to write later (see get_prefs())
	else if (!$no_session && $this->db->is_replicated()
	&& $config->get('session_storage', 'db') != 'db'
	) {
	$_SESSION['preferences'] = $save_prefs;
	$_SESSION['preferences_time'] = time();
	$config->set_user_prefs($this->prefs);
	$this->data['preferences'] = $save_prefs;
	}

	return false;
	}

	/**
	* Generate a unique hash to identify this user with
	*/
	function get_hash()
	{
	$prefs = $this->get_prefs();

	// generate a random hash and store it in user prefs
	if (empty($prefs['client_hash'])) {
	$prefs['client_hash'] = rcube_utils::random_bytes(16);
	$this->save_prefs(['client_hash' => $prefs['client_hash']]);
	}

	return $prefs['client_hash'];
	}

	/**
	* Return a list of all user emails (from identities)
	*
	* @param bool $default Return only default identity
	*
	* @return array List of emails (identity_id, name, email) or single email-data
	*/
	function list_emails($default = false)
	{
	if ($this->emails === null) {
	$this->emails = [];

	$sql_result = $this->db->query(
	"SELECT `identity_id`, `name`, `email`"
	." FROM " . $this->db->table_name('identities', true)
	." WHERE `user_id` = ? AND `del` <> 1"
	." ORDER BY `standard` DESC, `name` ASC, `email` ASC, `identity_id` ASC",
	$this->ID
	);

	while ($sql_arr = $this->db->fetch_assoc($sql_result)) {
	$this->emails[] = $sql_arr;
	}
	}

	return $default ? $this->emails[0] : $this->emails;
	}

	/**
	* Get default identity of this user
	*
	* @param int $id Identity ID. If empty, the default identity is returned
	*
	* @return array Hash array with all cols of the identity record
	*/
	function get_identity($id = null)
	{
	$id = (int) $id;

	// cache identities for better performance
	if (!array_key_exists($id, $this->identities)) {
	$result = $this->list_identities($id ? "AND `identity_id` = $id" : '');
	$this->identities[$id] = $result[0];
	}

	return $this->identities[$id];
	}

	/**
	* Return a list of all identities linked with this user
	*
	* @param string $sql_add Optional WHERE clauses
	* @param bool $formatted Format identity email and name
	*
	* @return array List of identities
	*/
	function list_identities($sql_add = '', $formatted = false)
	{
	$result = [];

	$sql_result = $this->db->query(
	"SELECT * FROM ".$this->db->table_name('identities', true)
	. " WHERE `del` <> 1 AND `user_id` = ?" . ($sql_add ? " $sql_add" : "")
	. " ORDER BY `standard` DESC, `name` ASC, `email` ASC, `identity_id` ASC",
	$this->ID
	);

	while ($sql_arr = $this->db->fetch_assoc($sql_result)) {
	if ($formatted) {
	$ascii_email = format_email($sql_arr['email']);
	$utf8_email = format_email(rcube_utils::idn_to_utf8($ascii_email));

	$sql_arr['email_ascii'] = $ascii_email;
	$sql_arr['email'] = $utf8_email;
	$sql_arr['ident'] = format_email_recipient($ascii_email, $sql_arr['name']);
	}

	$result[] = $sql_arr;
	}

	return $result;
	}

	/**
	* Update a specific identity record
	*
	* @param int $iid Identity ID
	* @param array $data Hash array with col->value pairs to save
	*
	* @return bool True if saved successfully, false if nothing changed
	*/
	function update_identity($iid, $data)
	{
	if (!$this->ID) {
	return false;
	}

	$query_cols = $query_params = [];

	foreach ((array) $data as $col => $value) {
	$query_cols[] = $this->db->quote_identifier($col) . ' = ?';
	$query_params[] = $value;
	}
	$query_params[] = $iid;
	$query_params[] = $this->ID;

	$sql = "UPDATE ".$this->db->table_name('identities', true).
	" SET `changed` = ".$this->db->now() . ", " . implode(', ', $query_cols)
	. " WHERE `identity_id` = ?"
	. " AND `user_id` = ?"
	. " AND `del` <> 1";

	$this->db->query($sql, $query_params);

	// clear the cache
	$this->identities = [];
	$this->emails = null;

	return $this->db->affected_rows() > 0;
	}

	/**
	* Create a new identity record linked with this user
	*
	* @param array $data Hash array with col->value pairs to save
	*
	* @return int\|false The inserted identity ID or false on error
	*/
	function insert_identity($data)
	{
	if (!$this->ID) {
	return false;
	}

	unset($data['user_id']);

	$insert_cols = [];
	$insert_values = [];

	foreach ((array) $data as $col => $value) {
	$insert_cols[] = $this->db->quote_identifier($col);
	$insert_values[] = $value;
	}

	$insert_cols[] = $this->db->quote_identifier('user_id');
	$insert_values[] = $this->ID;

	$sql = "INSERT INTO " . $this->db->table_name('identities', true)
	. " (`changed`, " . implode(', ', $insert_cols) . ")"
	. " VALUES (" . $this->db->now() . ", " . implode(', ', array_pad([], count($insert_values), '?')) . ")";

	$insert = $this->db->query($sql, $insert_values);

	// clear the cache
	$this->identities = [];
	$this->emails = null;

	return $this->db->affected_rows($insert) ? $this->db->insert_id('identities') : false;
	}

	/**
	* Mark the given identity as deleted
	*
	* @param int $iid Identity ID
	*
	* @return bool True if deleted successfully, false if nothing changed
	*/
	function delete_identity($iid)
	{
	if (!$this->ID) {
	return false;
	}

	$sql_result = $this->db->query(
	"SELECT count(*) AS ident_count FROM " . $this->db->table_name('identities', true)
	. " WHERE `user_id` = ? AND `del` <> 1",
	$this->ID
	);

	$sql_arr = $this->db->fetch_assoc($sql_result);

	// we'll not delete last identity
	if ($sql_arr['ident_count'] <= 1) {
	return false;
	}

	$this->db->query(
	"UPDATE " . $this->db->table_name('identities', true)
	. " SET `del` = 1, `changed` = " . $this->db->now()
	. " WHERE `user_id` = ? AND `identity_id` = ?",
	$this->ID,
	$iid
	);

	// clear the cache
	$this->identities = [];
	$this->emails = null;

	return $this->db->affected_rows() > 0;
	}

	/**
	* Make this identity the default one for this user
	*
	* @param int $iid The identity ID
	*/
	function set_default($iid)
	{
	if ($this->ID && $iid) {
	$this->db->query(
	"UPDATE " . $this->db->table_name('identities', true)
	. " SET `standard` = '0'"
	. " WHERE `user_id` = ? AND `identity_id` <> ?",
	$this->ID,
	$iid
	);

	$this->db->query(
	"UPDATE " . $this->db->table_name('identities', true)
	. " SET `standard` = '1'"
	. " WHERE `user_id` = ? AND `identity_id` = ?",
	$this->ID,
	$iid
	);

	$this->identities = [];
	}
	}

	/**
	* Update user's last_login timestamp
	*/
	function touch()
	{
	if ($this->ID) {
	$this->db->query(
	"UPDATE " . $this->db->table_name('users', true)
	. " SET `last_login` = " . $this->db->now()
	. " WHERE `user_id` = ?",
	$this->ID
	);
	}
	}

	/**
	* Update user's failed_login timestamp and counter
	*/
	function failed_login()
	{
	if ($this->ID && $this->rc->config->get('login_rate_limit', 3)) {
	$counter = 0;

	if (empty($this->data['failed_login'])) {
	$failed_login = new DateTime('now');
	$counter = 1;
	}
	else {
	$failed_login = new DateTime($this->data['failed_login']);
	$threshold = new DateTime('- 60 seconds');

	if ($failed_login < $threshold) {
	$failed_login = new DateTime('now');
	$counter = 1;
	}
	}

	$this->db->query(
	"UPDATE " . $this->db->table_name('users', true)
	. " SET `failed_login` = ?"
	. ", `failed_login_counter` = " . ($counter ?: "`failed_login_counter` + 1")
	. " WHERE `user_id` = ?",
	$failed_login, $this->ID
	);
	}
	}

	/**
	* Checks if the account is locked, e.g. as a result of brute-force prevention
	*/
	function is_locked()
	{
	if (empty($this->data['failed_login'])) {
	return false;
	}

	if ($rate = (int) $this->rc->config->get('login_rate_limit', 3)) {
	$last_failed = new DateTime($this->data['failed_login']);
	$threshold = new DateTime('- 60 seconds');

	if ($last_failed > $threshold && $this->data['failed_login_counter'] >= $rate) {
	return true;
	}
	}

	return false;
	}

	/**
	* Clear the saved object state
	*/
	function reset()
	{
	$this->ID = null;
	$this->data = null;
	}

	/**
	* Find a user record matching the given name and host
	*
	* @param string $user IMAP user name
	* @param string $host IMAP host name
	*
	* @return rcube_user New user instance
	*/
	static function query($user, $host)
	{
	$dbh = rcube::get_instance()->get_dbh();
	$config = rcube::get_instance()->config;

	// query for matching user name
	$sql_result = $dbh->query("SELECT * FROM " . $dbh->table_name('users', true)
	." WHERE `mail_host` = ? AND `username` = ?", $host, $user);

	$sql_arr = $dbh->fetch_assoc($sql_result);

	// username not found, try aliases from identities
	if (empty($sql_arr) && $config->get('user_aliases') && strpos($user, '@')) {
	$sql_result = $dbh->limitquery("SELECT u.*"
	. " FROM " . $dbh->table_name('users', true) . " u"
	. " JOIN " . $dbh->table_name('identities', true) . " i ON (i.`user_id` = u.`user_id`)"
	. " WHERE `email` = ? AND `del` <> 1",
	0, 1, $user
	);

	$sql_arr = $dbh->fetch_assoc($sql_result);
	}

	// user already registered -> overwrite username
	if ($sql_arr) {
	return new rcube_user($sql_arr['user_id'], $sql_arr);
	}
	}

	/**
	* Create a new user record and return a rcube_user instance
	*
	* @param string $user IMAP user name
	* @param string $host IMAP host
	*
	* @return rcube_user\|null New user instance on success, Null on error/abort
	*/
	static function create($user, $host)
	{
	$user_name = '';
	$user_email = '';
	$rcube = rcube::get_instance();
	$dbh = $rcube->get_dbh();

	// try to resolve user in virtuser table and file
	if ($email_list = self::user2email($user, false, true)) {
	$user_email = is_array($email_list[0]) ? $email_list[0]['email'] : $email_list[0];
	}

	$data = $rcube->plugins->exec_hook('user_create', [
	'host' => $host,
	'user' => $user,
	'user_name' => $user_name,
	'user_email' => $user_email,
	'email_list' => $email_list,
	'language' => $_SESSION['language'] ?? null,
	'preferences' => [],
	]);

	// plugin aborted this operation
	if ($data['abort']) {
	return;
	}

	$insert = $dbh->query(
	"INSERT INTO " . $dbh->table_name('users', true)
	. " (`created`, `last_login`, `username`, `mail_host`, `language`, `preferences`)"
	. " VALUES (" . $dbh->now() . ", " . $dbh->now() . ", ?, ?, ?, ?)",
	$data['user'],
	$data['host'],
	$data['language'],
	serialize($data['preferences'])
	);

	if ($dbh->affected_rows($insert) && ($user_id = $dbh->insert_id('users'))) {
	// create rcube_user instance to make plugin hooks work
	$user_instance = new rcube_user($user_id, [
	'user_id' => $user_id,
	'username' => $data['user'],
	'mail_host' => $data['host'],
	'language' => $data['language'],
	'preferences' => serialize($data['preferences']),
	]);

	$rcube->user = $user_instance;
	$mail_domain = $rcube->config->mail_domain($data['host']);
	$user_name = $data['user_name'];
	$user_email = $data['user_email'];
	$email_list = $data['email_list'];

	if (empty($email_list)) {
	if (empty($user_email)) {
	$user_email = strpos($data['user'], '@') ? $user : sprintf('%s@%s', $data['user'], $mail_domain);
	}
	$email_list[] = $user_email;
	}
	// identities_level check
	else if (count($email_list) > 1 && $rcube->config->get('identities_level', 0) > 1) {
	$email_list = [$email_list[0]];
	}

	if (empty($user_name)) {
	$user_name = $data['user'];
	}

	// create new identities records
	$standard = 1;
	foreach ($email_list as $row) {
	$record = [];

	if (is_array($row)) {
	if (empty($row['email'])) {
	continue;
	}
	$record = $row;
	}
	else {
	$record['email'] = $row;
	}

	if (empty($record['name'])) {
	$record['name'] = $user_name != $record['email'] ? $user_name : '';
	}

	$record['user_id'] = $user_id;
	$record['standard'] = $standard;

	$plugin = $rcube->plugins->exec_hook('identity_create',
	['login' => true, 'record' => $record]);

	if (!$plugin['abort'] && $plugin['record']['email']) {
	$rcube->user->insert_identity($plugin['record']);
	}

	$standard = 0;
	}
	}
	else {
	rcube::raise_error([
	'code' => 500, 'line' => __LINE__, 'file' => __FILE__,
	'message' => "Failed to create new user"
	],
	true, false
	);
	}

	return !empty($user_instance) ? $user_instance : null;
	}

	/**
	* Resolve username using a virtuser plugins
	*
	* @param string $email E-mail address to resolve
	*
	* @return string Resolved IMAP username
	*/
	static function email2user($email)
	{
	$rcube = rcube::get_instance();
	$plugin = $rcube->plugins->exec_hook('email2user', ['email' => $email, 'user' => null]);

	return $plugin['user'];
	}

	/**
	* Resolve e-mail address from virtuser plugins
	*
	* @param string $user User name
	* @param bool $first If true returns first found entry
	* @param bool $extended If true returns email as array (email and name for identity)
	*
	* @return mixed Resolved e-mail address string or array of strings
	*/
	static function user2email($user, $first = true, $extended = false)
	{
	$rcube = rcube::get_instance();
	$plugin = $rcube->plugins->exec_hook('user2email', [
	'email' => null,
	'user' => $user,
	'first' => $first,
	'extended' => $extended
	]);

	return empty($plugin['email']) ? null : $plugin['email'];
	}

	/**
	* Return a list of saved searches linked with this user
	*
	* @param int $type Search type
	*
	* @return array List of saved searches indexed by search ID
	*/
	function list_searches($type)
	{
	$plugin = $this->rc->plugins->exec_hook('saved_search_list', ['type' => $type]);

	if ($plugin['abort']) {
	return (array) $plugin['result'];
	}

	$result = [];

	$sql_result = $this->db->query(
	"SELECT `search_id` AS id, `name`"
	. " FROM " . $this->db->table_name('searches', true)
	. " WHERE `user_id` = ? AND `type` = ?"
	. " ORDER BY `name`",
	(int) $this->ID, (int) $type
	);

	while ($sql_arr = $this->db->fetch_assoc($sql_result)) {
	$result[$sql_arr['id']] = $sql_arr;
	}

	return $result;
	}

	/**
	* Return saved search data.
	*
	* @param int $id Row identifier
	*
	* @return array Data
	*/
	function get_search($id)
	{
	$plugin = $this->rc->plugins->exec_hook('saved_search_get', ['id' => $id]);

	if ($plugin['abort']) {
	return (array) $plugin['result'];
	}

	$sql_result = $this->db->query(
	"SELECT `name`, `data`, `type`"
	. " FROM ".$this->db->table_name('searches', true)
	. " WHERE `user_id` = ? AND `search_id` = ?",
	(int) $this->ID, (int) $id
	);

	while ($sql_arr = $this->db->fetch_assoc($sql_result)) {
	return [
	'id' => $id,
	'name' => $sql_arr['name'],
	'type' => $sql_arr['type'],
	'data' => unserialize($sql_arr['data']),
	];
	}

	return [];
	}

	/**
	* Deletes given saved search record
	*
	* @param int $sid Search ID
	*
	* @return bool True if deleted successfully, false if nothing changed
	*/
	function delete_search($sid)
	{
	if (!$this->ID) {
	return false;
	}

	$this->db->query(
	"DELETE FROM " . $this->db->table_name('searches', true)
	." WHERE `user_id` = ? AND `search_id` = ?",
	(int) $this->ID, $sid
	);

	return $this->db->affected_rows() > 0;
	}

	/**
	* Create a new saved search record linked with this user
	*
	* @param array $data Hash array with col->value pairs to save
	*
	* @return int The inserted search ID or false on error
	*/
	function insert_search($data)
	{
	if (!$this->ID) {
	return false;
	}

	$insert_cols[] = 'user_id';
	$insert_values[] = (int) $this->ID;
	$insert_cols[] = $this->db->quote_identifier('type');
	$insert_values[] = (int) $data['type'];
	$insert_cols[] = $this->db->quote_identifier('name');
	$insert_values[] = $data['name'];
	$insert_cols[] = $this->db->quote_identifier('data');
	$insert_values[] = serialize($data['data']);

	$sql = "INSERT INTO " . $this->db->table_name('searches', true)
	. " (" . implode(', ', $insert_cols) . ")"
	. " VALUES (" . implode(', ', array_pad([], count($insert_values), '?')) . ")";

	$insert = $this->db->query($sql, $insert_values);

	return $this->db->affected_rows($insert) ? $this->db->insert_id('searches') : false;
	}

	/**
	* Get a saved response of this user.
	*
	* @param int $id Response ID
	*
	* @return array\|null Hash array with all cols of the response record, NULL if not found
	*/
	function get_response($id)
	{
	$sql_result = $this->db->query(
	"SELECT * FROM " . $this->db->table_name('responses', true)
	. " WHERE `user_id` = ? AND `response_id` = ? AND `del` = 0",
	$this->ID, $id
	);

	if ($sql_arr = $this->db->fetch_assoc($sql_result)) {
	$sql_arr['id'] = $sql_arr['response_id'];
	$sql_arr['is_html'] = !empty($sql_arr['is_html']);

	unset($sql_arr['response_id']);

	return $sql_arr;
	}
	}

	/**
	* Return a list of all responses of this user.
	*
	* @return array List of responses (id, name)
	*/
	function list_responses()
	{
	// Migrate the old responses existing in user preferences
	if (!empty($this->prefs['compose_responses'])) {
	foreach ($this->prefs['compose_responses'] as $response) {
	$this->insert_response([
	'name' => $response['name'],
	'data' => $response['text'],
	]);
	}

	$this->save_prefs(['compose_responses' => null]);
	}

	$sql_result = $this->db->query(
	"SELECT `response_id`, `name` FROM " . $this->db->table_name('responses', true)
	. " WHERE `user_id` = ? AND `del` = 0"
	. " ORDER BY `name`",
	$this->ID
	);

	$result = [];

	while ($sql_arr = $this->db->fetch_assoc($sql_result)) {
	$result[] = [
	'id' => $sql_arr['response_id'],
	'name' => $sql_arr['name'],
	];
	}

	return $result;
	}

	/**
	* Update a specific response record.
	*
	* @param int $id Response ID
	* @param array $data Hash array with col->value pairs to save
	*
	* @return bool True if saved successfully, false if nothing changed
	*/
	function update_response($id, $data)
	{
	if (!$this->ID) {
	return false;
	}

	$query_cols = $query_params = [];

	foreach (['name', 'data', 'is_html'] as $col) {
	if (isset($data[$col])) {
	$query_cols[] = $this->db->quote_identifier($col) . ' = ?';
	$query_params[] = $col == 'is_html' ? intval($data[$col]) : $data[$col];
	}
	}
	$query_params[] = $id;
	$query_params[] = $this->ID;

	$sql = "UPDATE " . $this->db->table_name('responses', true)
	. " SET `changed` = " . $this->db->now() . ", " . implode(', ', $query_cols)
	. " WHERE `response_id` = ? AND `user_id` = ? AND `del` = 0";

	$this->db->query($sql, $query_params);

	return $this->db->affected_rows() > 0;
	}

	/**
	* Create a new response record for the user.
	*
	* @param array $data Hash array with col->value pairs to save
	*
	* @return int\|false The inserted response ID or false on error
	*/
	function insert_response($data)
	{
	if (!$this->ID) {
	return false;
	}

	$query_cols = [$this->db->quote_identifier('user_id')];
	$query_params = [$this->ID];

	foreach (['name', 'data', 'is_html'] as $col) {
	if (isset($data[$col])) {
	$query_cols[] = $this->db->quote_identifier($col);
	$query_params[] = $col == 'is_html' ? intval($data[$col]) : $data[$col];
	}
	}

	$sql = "INSERT INTO " . $this->db->table_name('responses', true)
	. " (`changed`, " . implode(', ', $query_cols) . ")"
	. " VALUES (" . $this->db->now() . ", " . trim(str_repeat('?, ', count($query_cols)), ', ') . ")";

	$insert = $this->db->query($sql, $query_params);

	return $this->db->affected_rows($insert) ? $this->db->insert_id('responses') : false;
	}

	/**
	* Delete the given response record
	*
	* @param int $id Response ID
	*
	* @return bool True if deleted successfully, false otherwise
	*/
	function delete_response($id)
	{
	if (!$this->ID) {
	return false;
	}

	$this->db->query(
	"UPDATE " . $this->db->table_name('responses', true)
	. " SET `del` = 1 WHERE `user_id` = ? AND `response_id` = ?",
	$this->ID,
	$id
	);

	return $this->db->affected_rows() > 0;
	}
	}

File Metadata

Mime Type: text/x-php
Expires: Sat, Apr 4, 3:25 AM (1 d, 15 h)
Storage Engine: local-disk
Storage Format: Raw Data
Storage Handle: 32/3a/bca264d1ebd432fea5c82bb914a2
Default Alt Text: rcube_user.php (31 KB)

rcube_user.phpNo OneTemporaryActions

rcube_user.phpView Options

File Metadata

Event Timeline

rcube_user.php
No OneTemporary
Actions

rcube_user.php
View Options