rc2: program/steps/utils/save

annotate program/steps/utils/save_pref.inc @ 0:4681f974d28b

vanilla 1.3.3 distro, I hope

author	Charlie Root
date	Thu, 04 Jan 2018 15:52:31 -0500
parents
children

rev	line source
0 4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	1 <?php
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	2
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	3 /**
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	4 +-----------------------------------------------------------------------+
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	5 \| program/steps/utils/save_pref.inc \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	6 \| \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	7 \| This file is part of the Roundcube Webmail client \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	8 \| Copyright (C) 2005-2013, The Roundcube Dev Team \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	9 \| \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	10 \| Licensed under the GNU General Public License version 3 or \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	11 \| any later version with exceptions for skins & plugins. \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	12 \| See the README file for a full license statement. \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	13 \| \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	14 \| PURPOSE: \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	15 \| Save preferences setting in database \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	16 \| \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	17 +-----------------------------------------------------------------------+
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	18 \| Author: Aleksander Machniak <alec@alec.pl> \|
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	19 +-----------------------------------------------------------------------+
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	20 */
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	21
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	22 $name = rcube_utils::get_input_value('_name', rcube_utils::INPUT_POST);
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	23 $value = rcube_utils::get_input_value('_value', rcube_utils::INPUT_POST);
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	24 $sessname = rcube_utils::get_input_value('_session', rcube_utils::INPUT_POST);
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	25
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	26 // Whitelisted preferences and session variables, others
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	27 // can be added by plugins
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	28 $whitelist = array(
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	29 'list_cols',
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	30 'collapsed_folders',
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	31 'collapsed_abooks',
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	32 );
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	33 $whitelist_sess = array(
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	34 'list_attrib/columns',
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	35 );
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	36
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	37 $whitelist = array_merge($whitelist, $RCMAIL->plugins->allowed_prefs);
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	38 $whitelist_sess = array_merge($whitelist_sess, $RCMAIL->plugins->allowed_session_prefs);
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	39
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	40 if (!in_array($name, $whitelist) \|\| ($sessname && !in_array($sessname, $whitelist_sess))) {
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	41 rcube::raise_error(array('code' => 500, 'type' => 'php',
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	42 'file' => __FILE__, 'line' => __LINE__,
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	43 'message' => sprintf("Hack attempt detected (user: %s)", $RCMAIL->get_user_name())),
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	44 true, false);
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	45
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	46 $OUTPUT->reset();
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	47 $OUTPUT->send();
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	48 }
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	49
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	50 // save preference value
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	51 $RCMAIL->user->save_prefs(array($name => $value));
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	52
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	53 // update also session if requested
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	54 if ($sessname) {
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	55 // Support multidimensional arrays...
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	56 $vars = explode('/', $sessname);
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	57
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	58 // ... up to 3 levels
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	59 if (count($vars) == 1)
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	60 $_SESSION[$vars[0]] = $value;
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	61 else if (count($vars) == 2)
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	62 $_SESSION[$vars[0]][$vars[1]] = $value;
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	63 else if (count($vars) == 3)
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	64 $_SESSION[$vars[0]][$vars[1]][$vars[2]] = $value;
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	65 }
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	66
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	67 $OUTPUT->reset();
4681f974d28b vanilla 1.3.3 distro, I hope Charlie Root parents: diff changeset	68 $OUTPUT->send();

Mercurial > hg > rc2

annotate program/steps/utils/save_pref.inc @ 0:4681f974d28b