robin.thoni
/
docker-roundcube-server
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 10 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
16 Commits
2 Branches
Tree: 9ffa51aae8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '9ffa51aae8'
${ noResults }
docker-roundcube-server/roundcube/roundcubemail-1.2.2/program/lib/Roundcube/rcube_user.php

rcube_user.php 26KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842 
  1. <?php

  2. 

  3. /**

  4.  +-----------------------------------------------------------------------+

  5.  | This file is part of the Roundcube Webmail client                     |

  6.  | Copyright (C) 2005-2012, The Roundcube Dev Team                       |

  7.  |                                                                       |

  8.  | Licensed under the GNU General Public License version 3 or            |

  9.  | any later version with exceptions for skins & plugins.                |

  10.  | See the README file for a full license statement.                     |

  11.  |                                                                       |

  12.  | PURPOSE:                                                              |

  13.  |   This class represents a system user linked and provides access      |

  14.  |   to the related database records.                                    |

  15.  +-----------------------------------------------------------------------+

  16.  | Author: Thomas Bruederli <roundcube@gmail.com>                        |

  17.  | Author: Aleksander Machniak <alec@alec.pl>                            |

  18.  +-----------------------------------------------------------------------+

  19. */

  20. 

  21. /**

  22.  * Class representing a system user

  23.  *

  24.  * @package    Framework

  25.  * @subpackage Core

  26.  */

  27. class rcube_user

  28. {

  29.     public $ID;

  30.     public $data;

  31.     public $language;

  32.     public $prefs;

  33. 

  34.     /**

  35.      * Holds database connection.

  36.      *

  37.      * @var rcube_db

  38.      */

  39.     private $db;

  40. 

  41.     /**

  42.      * Framework object.

  43.      *

  44.      * @var rcube

  45.      */

  46.     private $rc;

  47. 

  48.     /**

  49.      * Internal identities cache

  50.      *

  51.      * @var array

  52.      */

  53.     private $identities = array();

  54. 

  55.     /**

  56.      * Internal emails cache

  57.      *

  58.      * @var array

  59.      */

  60.     private $emails;

  61. 

  62. 

  63.     const SEARCH_ADDRESSBOOK = 1;

  64.     const SEARCH_MAIL = 2;

  65. 

  66.     /**

  67.      * Object constructor

  68.      *

  69.      * @param int   $id      User id

  70.      * @param array $sql_arr SQL result set

  71.      */

  72.     function __construct($id = null, $sql_arr = null)

  73.     {

  74.         $this->rc = rcube::get_instance();

  75.         $this->db = $this->rc->get_dbh();

  76. 

  77.         if ($id && !$sql_arr) {

  78.             $sql_result = $this->db->query(

  79.                 "SELECT * FROM " . $this->db->table_name('users', true)

  80.                 . " WHERE `user_id` = ?", $id);

  81.             $sql_arr = $this->db->fetch_assoc($sql_result);

  82.         }

  83. 

  84.         if (!empty($sql_arr)) {

  85.             $this->ID       = $sql_arr['user_id'];

  86.             $this->data     = $sql_arr;

  87.             $this->language = $sql_arr['language'];

  88.         }

  89.     }

  90. 

  91.     /**

  92.      * Build a user name string (as e-mail address)

  93.      *

  94.      * @param  string $part Username part (empty or 'local' or 'domain', 'mail')

  95.      * @return string Full user name or its part

  96.      */

  97.     function get_username($part = null)

  98.     {

  99.         if ($this->data['username']) {

  100.             // return real name

  101.             if (!$part) {

  102.                 return $this->data['username'];

  103.             }

  104. 

  105.             list($local, $domain) = explode('@', $this->data['username']);

  106. 

  107.             // at least we should always have the local part

  108.             if ($part == 'local') {

  109.                 return $local;

  110.             }

  111.             // if no domain was provided...

  112.             if (empty($domain)) {

  113.                 $domain = $this->rc->config->mail_domain($this->data['mail_host']);

  114.             }

  115. 

  116.             if ($part == 'domain') {

  117.                 return $domain;

  118.             }

  119. 

  120.             if (!empty($domain))

  121.                 return $local . '@' . $domain;

  122.             else

  123.                 return $local;

  124.         }

  125. 

  126.         return false;

  127.     }

  128. 

  129.     /**

  130.      * Get the preferences saved for this user

  131.      *

  132.      * @return array Hash array with prefs

  133.      */

  134.     function get_prefs()

  135.     {

  136.         if (isset($this->prefs)) {

  137.             return $this->prefs;

  138.         }

  139. 

  140.         $this->prefs = array();

  141. 

  142.         if (!empty($this->language))

  143.             $this->prefs['language'] = $this->language;

  144. 

  145.         if ($this->ID) {

  146.             // Preferences from session (write-master is unavailable)

  147.             if (!empty($_SESSION['preferences'])) {

  148.                 // Check last write attempt time, try to write again (every 5 minutes)

  149.                 if ($_SESSION['preferences_time'] < time() - 5 * 60) {

  150.                     $saved_prefs = unserialize($_SESSION['preferences']);

  151.                     $this->rc->session->remove('preferences');

  152.                     $this->rc->session->remove('preferences_time');

  153.                     $this->save_prefs($saved_prefs);

  154.                 }

  155.                 else {

  156.                     $this->data['preferences'] = $_SESSION['preferences'];

  157.                 }

  158.             }

  159. 

  160.             if ($this->data['preferences']) {

  161.                 $this->prefs += (array)unserialize($this->data['preferences']);

  162.             }

  163.         }

  164. 

  165.         return $this->prefs;

  166.     }

  167. 

  168.     /**

  169.      * Write the given user prefs to the user's record

  170.      *

  171.      * @param array $a_user_prefs User prefs to save

  172.      * @param bool  $no_session   Simplified language/preferences handling

  173.      *

  174.      * @return boolean True on success, False on failure

  175.      */

  176.     function save_prefs($a_user_prefs, $no_session = false)

  177.     {

  178.         if (!$this->ID)

  179.             return false;

  180. 

  181.         $plugin = $this->rc->plugins->exec_hook('preferences_update', array(

  182.             'userid' => $this->ID, 'prefs' => $a_user_prefs, 'old' => (array)$this->get_prefs()));

  183. 

  184.         if (!empty($plugin['abort'])) {

  185.             return;

  186.         }

  187. 

  188.         $a_user_prefs = $plugin['prefs'];

  189.         $old_prefs    = $plugin['old'];

  190.         $config       = $this->rc->config;

  191. 

  192.         // merge (partial) prefs array with existing settings

  193.         $this->prefs = $save_prefs = $a_user_prefs + $old_prefs;

  194.         unset($save_prefs['language']);

  195. 

  196.         // don't save prefs with default values if they haven't been changed yet

  197.         foreach ($a_user_prefs as $key => $value) {

  198.             if ($value === null || (!isset($old_prefs[$key]) && ($value == $config->get($key)))) {

  199.                 unset($save_prefs[$key]);

  200.             }

  201.         }

  202. 

  203.         $save_prefs = serialize($save_prefs);

  204.         if (!$no_session) {

  205.             $this->language = $_SESSION['language'];

  206.         }

  207. 

  208.         $this->db->query(

  209.             "UPDATE ".$this->db->table_name('users', true).

  210.             " SET `preferences` = ?, `language` = ?".

  211.             " WHERE `user_id` = ?",

  212.             $save_prefs,

  213.             $this->language,

  214.             $this->ID);

  215. 

  216.         // Update success

  217.         if ($this->db->affected_rows() !== false) {

  218.             $this->data['preferences'] = $save_prefs;

  219. 

  220.             if (!$no_session) {

  221.                 $config->set_user_prefs($this->prefs);

  222. 

  223.                 if (isset($_SESSION['preferences'])) {

  224.                     $this->rc->session->remove('preferences');

  225.                     $this->rc->session->remove('preferences_time');

  226.                 }

  227.             }

  228. 

  229.             return true;

  230.         }

  231.         // Update error, but we are using replication (we have read-only DB connection)

  232.         // and we are storing session not in the SQL database

  233.         // we can store preferences in session and try to write later (see get_prefs())

  234.         else if (!$no_session && $this->db->is_replicated()

  235.             && $config->get('session_storage', 'db') != 'db'

  236.         ) {

  237.             $_SESSION['preferences'] = $save_prefs;

  238.             $_SESSION['preferences_time'] = time();

  239.             $config->set_user_prefs($this->prefs);

  240.             $this->data['preferences'] = $save_prefs;

  241.         }

  242. 

  243.         return false;

  244.     }

  245. 

  246.     /**

  247.      * Generate a unique hash to identify this user whith

  248.      */

  249.     function get_hash()

  250.     {

  251.         $prefs = $this->get_prefs();

  252. 

  253.         // generate a random hash and store it in user prefs

  254.         if (empty($prefs['client_hash'])) {

  255.             $prefs['client_hash'] = md5($this->data['username'] . mt_rand() . $this->data['mail_host']);

  256.             $this->save_prefs(array('client_hash' => $prefs['client_hash']));

  257.         }

  258. 

  259.         return $prefs['client_hash'];

  260.     }

  261. 

  262.     /**

  263.      * Return a list of all user emails (from identities)

  264.      *

  265.      * @param bool Return only default identity

  266.      *

  267.      * @return array List of emails (identity_id, name, email)

  268.      */

  269.     function list_emails($default = false)

  270.     {

  271.         if ($this->emails === null) {

  272.             $this->emails = array();

  273. 

  274.             $sql_result = $this->db->query(

  275.                 "SELECT `identity_id`, `name`, `email`"

  276.                 ." FROM " . $this->db->table_name('identities', true)

  277.                 ." WHERE `user_id` = ? AND `del` <> 1"

  278.                 ." ORDER BY `standard` DESC, `name` ASC, `email` ASC, `identity_id` ASC",

  279.                 $this->ID);

  280. 

  281.             while ($sql_arr = $this->db->fetch_assoc($sql_result)) {

  282.                 $this->emails[] = $sql_arr;

  283.             }

  284.         }

  285. 

  286.         return $default ? $this->emails[0] : $this->emails;

  287.     }

  288. 

  289.     /**

  290.      * Get default identity of this user

  291.      *

  292.      * @param  int   $id Identity ID. If empty, the default identity is returned

  293.      * @return array Hash array with all cols of the identity record

  294.      */

  295.     function get_identity($id = null)

  296.     {

  297.         $id = (int)$id;

  298.         // cache identities for better performance

  299.         if (!array_key_exists($id, $this->identities)) {

  300.             $result = $this->list_identities($id ? "AND `identity_id` = $id" : '');

  301.             $this->identities[$id] = $result[0];

  302.         }

  303. 

  304.         return $this->identities[$id];

  305.     }

  306. 

  307.     /**

  308.      * Return a list of all identities linked with this user

  309.      *

  310.      * @param string $sql_add   Optional WHERE clauses

  311.      * @param bool   $formatted Format identity email and name

  312.      *

  313.      * @return array List of identities

  314.      */

  315.     function list_identities($sql_add = '', $formatted = false)

  316.     {

  317.         $result = array();

  318. 

  319.         $sql_result = $this->db->query(

  320.             "SELECT * FROM ".$this->db->table_name('identities', true).

  321.             " WHERE `del` <> 1 AND `user_id` = ?".

  322.             ($sql_add ? " ".$sql_add : "").

  323.             " ORDER BY `standard` DESC, `name` ASC, `email` ASC, `identity_id` ASC",

  324.             $this->ID);

  325. 

  326.         while ($sql_arr = $this->db->fetch_assoc($sql_result)) {

  327.             if ($formatted) {

  328.                 $ascii_email = format_email($sql_arr['email']);

  329.                 $utf8_email  = format_email(rcube_utils::idn_to_utf8($ascii_email));

  330. 

  331.                 $sql_arr['email_ascii'] = $ascii_email;

  332.                 $sql_arr['email']       = $utf8_email;

  333.                 $sql_arr['ident']       = format_email_recipient($ascii_email, $sql_arr['name']);

  334.             }

  335. 

  336.             $result[] = $sql_arr;

  337.         }

  338. 

  339.         return $result;

  340.     }

  341. 

  342.     /**

  343.      * Update a specific identity record

  344.      *

  345.      * @param int    $iid  Identity ID

  346.      * @param array  $data Hash array with col->value pairs to save

  347.      * @return boolean True if saved successfully, false if nothing changed

  348.      */

  349.     function update_identity($iid, $data)

  350.     {

  351.         if (!$this->ID)

  352.             return false;

  353. 

  354.         $query_cols = $query_params = array();

  355. 

  356.         foreach ((array)$data as $col => $value) {

  357.             $query_cols[]   = $this->db->quote_identifier($col) . ' = ?';

  358.             $query_params[] = $value;

  359.         }

  360.         $query_params[] = $iid;

  361.         $query_params[] = $this->ID;

  362. 

  363.         $sql = "UPDATE ".$this->db->table_name('identities', true).

  364.             " SET `changed` = ".$this->db->now().", ".join(', ', $query_cols).

  365.             " WHERE `identity_id` = ?".

  366.                 " AND `user_id` = ?".

  367.                 " AND `del` <> 1";

  368. 

  369.         call_user_func_array(array($this->db, 'query'),

  370.             array_merge(array($sql), $query_params));

  371. 

  372.         // clear the cache

  373.         $this->identities = array();

  374.         $this->emails     = null;

  375. 

  376.         return $this->db->affected_rows();

  377.     }

  378. 

  379.     /**

  380.      * Create a new identity record linked with this user

  381.      *

  382.      * @param array $data Hash array with col->value pairs to save

  383.      * @return int  The inserted identity ID or false on error

  384.      */

  385.     function insert_identity($data)

  386.     {

  387.         if (!$this->ID)

  388.             return false;

  389. 

  390.         unset($data['user_id']);

  391. 

  392.         $insert_cols = $insert_values = array();

  393.         foreach ((array)$data as $col => $value) {

  394.             $insert_cols[]   = $this->db->quote_identifier($col);

  395.             $insert_values[] = $value;

  396.         }

  397.         $insert_cols[]   = $this->db->quote_identifier('user_id');

  398.         $insert_values[] = $this->ID;

  399. 

  400.         $sql = "INSERT INTO ".$this->db->table_name('identities', true).

  401.             " (`changed`, ".join(', ', $insert_cols).")".

  402.             " VALUES (".$this->db->now().", ".join(', ', array_pad(array(), sizeof($insert_values), '?')).")";

  403. 

  404.         call_user_func_array(array($this->db, 'query'),

  405.             array_merge(array($sql), $insert_values));

  406. 

  407.         // clear the cache

  408.         $this->identities = array();

  409.         $this->emails     = null;

  410. 

  411.         return $this->db->insert_id('identities');

  412.     }

  413. 

  414.     /**

  415.      * Mark the given identity as deleted

  416.      *

  417.      * @param  int     $iid Identity ID

  418.      * @return boolean True if deleted successfully, false if nothing changed

  419.      */

  420.     function delete_identity($iid)

  421.     {

  422.         if (!$this->ID)

  423.             return false;

  424. 

  425.         $sql_result = $this->db->query(

  426.             "SELECT count(*) AS ident_count FROM ".$this->db->table_name('identities', true).

  427.             " WHERE `user_id` = ? AND `del` <> 1",

  428.             $this->ID);

  429. 

  430.         $sql_arr = $this->db->fetch_assoc($sql_result);

  431. 

  432.         // we'll not delete last identity

  433.         if ($sql_arr['ident_count'] <= 1)

  434.             return -1;

  435. 

  436.         $this->db->query(

  437.             "UPDATE ".$this->db->table_name('identities', true).

  438.             " SET `del` = 1, `changed` = ".$this->db->now().

  439.             " WHERE `user_id` = ?".

  440.                 " AND `identity_id` = ?",

  441.             $this->ID,

  442.             $iid);

  443. 

  444.         // clear the cache

  445.         $this->identities = array();

  446.         $this->emails     = null;

  447. 

  448.         return $this->db->affected_rows();

  449.     }

  450. 

  451.     /**

  452.      * Make this identity the default one for this user

  453.      *

  454.      * @param int $iid The identity ID

  455.      */

  456.     function set_default($iid)

  457.     {

  458.         if ($this->ID && $iid) {

  459.             $this->db->query(

  460.                 "UPDATE ".$this->db->table_name('identities', true).

  461.                 " SET `standard` = '0'".

  462.                 " WHERE `user_id` = ? AND `identity_id` <> ?",

  463.                 $this->ID,

  464.                 $iid);

  465. 

  466.             unset($this->identities[0]);

  467.         }

  468.     }

  469. 

  470.     /**

  471.      * Update user's last_login timestamp

  472.      */

  473.     function touch()

  474.     {

  475.         if ($this->ID) {

  476.             $this->db->query(

  477.                 "UPDATE ".$this->db->table_name('users', true).

  478.                 " SET `last_login` = ".$this->db->now().

  479.                 " WHERE `user_id` = ?",

  480.                 $this->ID);

  481.         }

  482.     }

  483. 

  484.     /**

  485.      * Update user's failed_login timestamp and counter

  486.      */

  487.     function failed_login()

  488.     {

  489.         if ($this->ID && ($rate = (int) $this->rc->config->get('login_rate_limit', 3))) {

  490.             if (empty($this->data['failed_login'])) {

  491.                 $failed_login = new DateTime('now');

  492.                 $counter      = 1;

  493.             }

  494.             else {

  495.                 $failed_login = new DateTime($this->data['failed_login']);

  496.                 $threshold    = new DateTime('- 60 seconds');

  497. 

  498.                 if ($failed_login < $threshold) {

  499.                     $failed_login = new DateTime('now');

  500.                     $counter      = 1;

  501.                 }

  502.             }

  503. 

  504.             $this->db->query(

  505.                 "UPDATE " . $this->db->table_name('users', true)

  506.                     . " SET `failed_login` = " . $this->db->fromunixtime($failed_login->format('U'))

  507.                     . ", `failed_login_counter` = " . ($counter ?: "`failed_login_counter` + 1")

  508.                 . " WHERE `user_id` = ?",

  509.                 $this->ID);

  510.         }

  511.     }

  512. 

  513.     /**

  514.      * Checks if the account is locked, e.g. as a result of brute-force prevention

  515.      */

  516.     function is_locked()

  517.     {

  518.         if (empty($this->data['failed_login'])) {

  519.             return false;

  520.         }

  521. 

  522.         if ($rate = (int) $this->rc->config->get('login_rate_limit', 3)) {

  523.             $last_failed = new DateTime($this->data['failed_login']);

  524.             $threshold   = new DateTime('- 60 seconds');

  525. 

  526.             if ($last_failed > $threshold && $this->data['failed_login_counter'] >= $rate) {

  527.                 return true;

  528.             }

  529.         }

  530. 

  531.         return false;

  532.     }

  533. 

  534.     /**

  535.      * Clear the saved object state

  536.      */

  537.     function reset()

  538.     {

  539.         $this->ID   = null;

  540.         $this->data = null;

  541.     }

  542. 

  543.     /**

  544.      * Find a user record matching the given name and host

  545.      *

  546.      * @param string $user IMAP user name

  547.      * @param string $host IMAP host name

  548.      * @return rcube_user New user instance

  549.      */

  550.     static function query($user, $host)

  551.     {

  552.         $dbh    = rcube::get_instance()->get_dbh();

  553.         $config = rcube::get_instance()->config;

  554. 

  555.         // query for matching user name

  556.         $sql_result = $dbh->query("SELECT * FROM " . $dbh->table_name('users', true)

  557.             ." WHERE `mail_host` = ? AND `username` = ?", $host, $user);

  558. 

  559.         $sql_arr = $dbh->fetch_assoc($sql_result);

  560. 

  561.         // username not found, try aliases from identities

  562.         if (empty($sql_arr) && $config->get('user_aliases') && strpos($user, '@')) {

  563.             $sql_result = $dbh->limitquery("SELECT u.*"

  564.                 ." FROM " . $dbh->table_name('users', true) . " u"

  565.                 ." JOIN " . $dbh->table_name('identities', true) . " i ON (i.`user_id` = u.`user_id`)"

  566.                 ." WHERE `email` = ? AND `del` <> 1", 0, 1, $user);

  567. 

  568.             $sql_arr = $dbh->fetch_assoc($sql_result);

  569.         }

  570. 

  571.         // user already registered -> overwrite username

  572.         if ($sql_arr) {

  573.             return new rcube_user($sql_arr['user_id'], $sql_arr);

  574.         }

  575. 

  576.         return false;

  577.     }

  578. 

  579.     /**

  580.      * Create a new user record and return a rcube_user instance

  581.      *

  582.      * @param string $user IMAP user name

  583.      * @param string $host IMAP host

  584.      * @return rcube_user New user instance

  585.      */

  586.     static function create($user, $host)

  587.     {

  588.         $user_name  = '';

  589.         $user_email = '';

  590.         $rcube      = rcube::get_instance();

  591.         $dbh        = $rcube->get_dbh();

  592. 

  593.         // try to resolve user in virtuser table and file

  594.         if ($email_list = self::user2email($user, false, true)) {

  595.             $user_email = is_array($email_list[0]) ? $email_list[0]['email'] : $email_list[0];

  596.         }

  597. 

  598.         $data = $rcube->plugins->exec_hook('user_create', array(

  599.             'host'       => $host,

  600.             'user'       => $user,

  601.             'user_name'  => $user_name,

  602.             'user_email' => $user_email,

  603.             'email_list' => $email_list,

  604.             'language'   =>  $_SESSION['language'],

  605.         ));

  606. 

  607.         // plugin aborted this operation

  608.         if ($data['abort']) {

  609.             return false;

  610.         }

  611. 

  612.         $dbh->query(

  613.             "INSERT INTO ".$dbh->table_name('users', true).

  614.             " (`created`, `last_login`, `username`, `mail_host`, `language`)".

  615.             " VALUES (".$dbh->now().", ".$dbh->now().", ?, ?, ?)",

  616.             $data['user'],

  617.             $data['host'],

  618.             $data['language']);

  619. 

  620.         if ($user_id = $dbh->insert_id('users')) {

  621.             // create rcube_user instance to make plugin hooks work

  622.             $user_instance = new rcube_user($user_id, array(

  623.                 'user_id'   => $user_id,

  624.                 'username'  => $data['user'],

  625.                 'mail_host' => $data['host'],

  626.                 'language'  => $data['language'],

  627.             ));

  628.             $rcube->user = $user_instance;

  629.             $mail_domain = $rcube->config->mail_domain($data['host']);

  630.             $user_name   = $data['user_name'];

  631.             $user_email  = $data['user_email'];

  632.             $email_list  = $data['email_list'];

  633. 

  634.             if (empty($email_list)) {

  635.                 if (empty($user_email)) {

  636.                     $user_email = strpos($data['user'], '@') ? $user : sprintf('%s@%s', $data['user'], $mail_domain);

  637.                 }

  638.                 $email_list[] = $user_email;

  639.             }

  640.             // identities_level check

  641.             else if (count($email_list) > 1 && $rcube->config->get('identities_level', 0) > 1) {

  642.                 $email_list = array($email_list[0]);

  643.             }

  644. 

  645.             if (empty($user_name)) {

  646.                 $user_name = $data['user'];

  647.             }

  648. 

  649.             // create new identities records

  650.             $standard = 1;

  651.             foreach ($email_list as $row) {

  652.                 $record = array();

  653. 

  654.                 if (is_array($row)) {

  655.                     if (empty($row['email'])) {

  656.                         continue;

  657.                     }

  658.                     $record = $row;

  659.                 }

  660.                 else {

  661.                     $record['email'] = $row;

  662.                 }

  663. 

  664.                 if (empty($record['name'])) {

  665.                     $record['name'] = $user_name != $record['email'] ? $user_name : '';

  666.                 }

  667. 

  668.                 $record['user_id']  = $user_id;

  669.                 $record['standard'] = $standard;

  670. 

  671.                 $plugin = $rcube->plugins->exec_hook('identity_create',

  672.                     array('login' => true, 'record' => $record));

  673. 

  674.                 if (!$plugin['abort'] && $plugin['record']['email']) {

  675.                     $rcube->user->insert_identity($plugin['record']);

  676.                 }

  677.                 $standard = 0;

  678.             }

  679.         }

  680.         else {

  681.             rcube::raise_error(array(

  682.                 'code' => 500,

  683.                 'type' => 'php',

  684.                 'line' => __LINE__,

  685.                 'file' => __FILE__,

  686.                 'message' => "Failed to create new user"), true, false);

  687.         }

  688. 

  689.         return $user_id ? $user_instance : false;

  690.     }

  691. 

  692.     /**

  693.      * Resolve username using a virtuser plugins

  694.      *

  695.      * @param string $email E-mail address to resolve

  696.      * @return string Resolved IMAP username

  697.      */

  698.     static function email2user($email)

  699.     {

  700.         $rcube = rcube::get_instance();

  701.         $plugin = $rcube->plugins->exec_hook('email2user',

  702.             array('email' => $email, 'user' => NULL));

  703. 

  704.         return $plugin['user'];

  705.     }

  706. 

  707.     /**

  708.      * Resolve e-mail address from virtuser plugins

  709.      *

  710.      * @param string $user User name

  711.      * @param boolean $first If true returns first found entry

  712.      * @param boolean $extended If true returns email as array (email and name for identity)

  713.      * @return mixed Resolved e-mail address string or array of strings

  714.      */

  715.     static function user2email($user, $first=true, $extended=false)

  716.     {

  717.         $rcube = rcube::get_instance();

  718.         $plugin = $rcube->plugins->exec_hook('user2email',

  719.             array('email' => NULL, 'user' => $user,

  720.                 'first' => $first, 'extended' => $extended));

  721. 

  722.         return empty($plugin['email']) ? NULL : $plugin['email'];

  723.     }

  724. 

  725.     /**

  726.      * Return a list of saved searches linked with this user

  727.      *

  728.      * @param int  $type  Search type

  729.      *

  730.      * @return array List of saved searches indexed by search ID

  731.      */

  732.     function list_searches($type)

  733.     {

  734.         $plugin = $this->rc->plugins->exec_hook('saved_search_list', array('type' => $type));

  735. 

  736.         if ($plugin['abort']) {

  737.             return (array) $plugin['result'];

  738.         }

  739. 

  740.         $result = array();

  741. 

  742.         $sql_result = $this->db->query(

  743.             "SELECT `search_id` AS id, `name`"

  744.             ." FROM ".$this->db->table_name('searches', true)

  745.             ." WHERE `user_id` = ? AND `type` = ?"

  746.             ." ORDER BY `name`",

  747.             (int) $this->ID, (int) $type);

  748. 

  749.         while ($sql_arr = $this->db->fetch_assoc($sql_result)) {

  750.             $sql_arr['data'] = unserialize($sql_arr['data']);

  751.             $result[$sql_arr['id']] = $sql_arr;

  752.         }

  753. 

  754.         return $result;

  755.     }

  756. 

  757.     /**

  758.      * Return saved search data.

  759.      *

  760.      * @param int  $id  Row identifier

  761.      *

  762.      * @return array Data

  763.      */

  764.     function get_search($id)

  765.     {

  766.         $plugin = $this->rc->plugins->exec_hook('saved_search_get', array('id' => $id));

  767. 

  768.         if ($plugin['abort']) {

  769.             return $plugin['result'];

  770.         }

  771. 

  772.         $sql_result = $this->db->query(

  773.             "SELECT `name`, `data`, `type`"

  774.             . " FROM ".$this->db->table_name('searches', true)

  775.             . " WHERE `user_id` = ?"

  776.                 ." AND `search_id` = ?",

  777.             (int) $this->ID, (int) $id);

  778. 

  779.         while ($sql_arr = $this->db->fetch_assoc($sql_result)) {

  780.             return array(

  781.                 'id'   => $id,

  782.                 'name' => $sql_arr['name'],

  783.                 'type' => $sql_arr['type'],

  784.                 'data' => unserialize($sql_arr['data']),

  785.             );

  786.         }

  787. 

  788.         return null;

  789.     }

  790. 

  791.     /**

  792.      * Deletes given saved search record

  793.      *

  794.      * @param  int  $sid  Search ID

  795.      *

  796.      * @return boolean True if deleted successfully, false if nothing changed

  797.      */

  798.     function delete_search($sid)

  799.     {

  800.         if (!$this->ID)

  801.             return false;

  802. 

  803.         $this->db->query(

  804.             "DELETE FROM ".$this->db->table_name('searches', true)

  805.             ." WHERE `user_id` = ?"

  806.                 ." AND `search_id` = ?",

  807.             (int) $this->ID, $sid);

  808. 

  809.         return $this->db->affected_rows();

  810.     }

  811. 

  812.     /**

  813.      * Create a new saved search record linked with this user

  814.      *

  815.      * @param array $data Hash array with col->value pairs to save

  816.      *

  817.      * @return int  The inserted search ID or false on error

  818.      */

  819.     function insert_search($data)

  820.     {

  821.         if (!$this->ID)

  822.             return false;

  823. 

  824.         $insert_cols[]   = 'user_id';

  825.         $insert_values[] = (int) $this->ID;

  826.         $insert_cols[]   = $this->db->quote_identifier('type');

  827.         $insert_values[] = (int) $data['type'];

  828.         $insert_cols[]   = $this->db->quote_identifier('name');

  829.         $insert_values[] = $data['name'];

  830.         $insert_cols[]   = $this->db->quote_identifier('data');

  831.         $insert_values[] = serialize($data['data']);

  832. 

  833.         $sql = "INSERT INTO ".$this->db->table_name('searches', true)

  834.             ." (".join(', ', $insert_cols).")"

  835.             ." VALUES (".join(', ', array_pad(array(), sizeof($insert_values), '?')).")";

  836. 

  837.         call_user_func_array(array($this->db, 'query'),

  838.             array_merge(array($sql), $insert_values));

  839. 

  840.         return $this->db->insert_id('searches');

  841.     }

  842. }