robin.thoni
/
docker-roundcube-server
關註 1
收藏 0
複製 0
程式碼 問題管理 0 合併請求 0 版本發佈 10 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24 Commit
2 分支
目錄樹: ad3f0fe5b1
分支列表 標籤列表
${ item.name }
Create branch ${ searchTerm }
from 'ad3f0fe5b1'
${ noResults }
docker-roundcube-server/roundcube/roundcubemail-1.3.6/program/lib/Roundcube/rcube_user.php

rcube_user.php 26KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845 
  1. <?php

  2. 

  3. /**

  4.  +-----------------------------------------------------------------------+

  5.  | This file is part of the Roundcube Webmail client                     |

  6.  | Copyright (C) 2005-2012, The Roundcube Dev Team                       |

  7.  |                                                                       |

  8.  | Licensed under the GNU General Public License version 3 or            |

  9.  | any later version with exceptions for skins & plugins.                |

  10.  | See the README file for a full license statement.                     |

  11.  |                                                                       |

  12.  | PURPOSE:                                                              |

  13.  |   This class represents a system user linked and provides access      |

  14.  |   to the related database records.                                    |

  15.  +-----------------------------------------------------------------------+

  16.  | Author: Thomas Bruederli <roundcube@gmail.com>                        |

  17.  | Author: Aleksander Machniak <alec@alec.pl>                            |

  18.  +-----------------------------------------------------------------------+

  19. */

  20. 

  21. /**

  22.  * Class representing a system user

  23.  *

  24.  * @package    Framework

  25.  * @subpackage Core

  26.  */

  27. class rcube_user

  28. {

  29.     public $ID;

  30.     public $data;

  31.     public $language;

  32.     public $prefs;

  33. 

  34.     /**

  35.      * Holds database connection.

  36.      *

  37.      * @var rcube_db

  38.      */

  39.     private $db;

  40. 

  41.     /**

  42.      * Framework object.

  43.      *

  44.      * @var rcube

  45.      */

  46.     private $rc;

  47. 

  48.     /**

  49.      * Internal identities cache

  50.      *

  51.      * @var array

  52.      */

  53.     private $identities = array();

  54. 

  55.     /**

  56.      * Internal emails cache

  57.      *

  58.      * @var array

  59.      */

  60.     private $emails;

  61. 

  62. 

  63.     const SEARCH_ADDRESSBOOK = 1;

  64.     const SEARCH_MAIL = 2;

  65. 

  66.     /**

  67.      * Object constructor

  68.      *

  69.      * @param int   $id      User id

  70.      * @param array $sql_arr SQL result set

  71.      */

  72.     function __construct($id = null, $sql_arr = null)

  73.     {

  74.         $this->rc = rcube::get_instance();

  75.         $this->db = $this->rc->get_dbh();

  76. 

  77.         if ($id && !$sql_arr) {

  78.             $sql_result = $this->db->query(

  79.                 "SELECT * FROM " . $this->db->table_name('users', true)

  80.                 . " WHERE `user_id` = ?", $id);

  81.             $sql_arr = $this->db->fetch_assoc($sql_result);

  82.         }

  83. 

  84.         if (!empty($sql_arr)) {

  85.             $this->ID       = $sql_arr['user_id'];

  86.             $this->data     = $sql_arr;

  87.             $this->language = $sql_arr['language'];

  88.         }

  89.     }

  90. 

  91.     /**

  92.      * Build a user name string (as e-mail address)

  93.      *

  94.      * @param  string $part Username part (empty or 'local' or 'domain', 'mail')

  95.      * @return string Full user name or its part

  96.      */

  97.     function get_username($part = null)

  98.     {

  99.         if ($this->data['username']) {

  100.             // return real name

  101.             if (!$part) {

  102.                 return $this->data['username'];

  103.             }

  104. 

  105.             list($local, $domain) = explode('@', $this->data['username']);

  106. 

  107.             // at least we should always have the local part

  108.             if ($part == 'local') {

  109.                 return $local;

  110.             }

  111.             // if no domain was provided...

  112.             if (empty($domain)) {

  113.                 $domain = $this->rc->config->mail_domain($this->data['mail_host']);

  114.             }

  115. 

  116.             if ($part == 'domain') {

  117.                 return $domain;

  118.             }

  119. 

  120.             if (!empty($domain))

  121.                 return $local . '@' . $domain;

  122.             else

  123.                 return $local;

  124.         }

  125. 

  126.         return false;

  127.     }

  128. 

  129.     /**

  130.      * Get the preferences saved for this user

  131.      *

  132.      * @return array Hash array with prefs

  133.      */

  134.     function get_prefs()

  135.     {

  136.         if (isset($this->prefs)) {

  137.             return $this->prefs;

  138.         }

  139. 

  140.         $this->prefs = array();

  141. 

  142.         if (!empty($this->language))

  143.             $this->prefs['language'] = $this->language;

  144. 

  145.         if ($this->ID) {

  146.             // Preferences from session (write-master is unavailable)

  147.             if (!empty($_SESSION['preferences'])) {

  148.                 // Check last write attempt time, try to write again (every 5 minutes)

  149.                 if ($_SESSION['preferences_time'] < time() - 5 * 60) {

  150.                     $saved_prefs = unserialize($_SESSION['preferences']);

  151.                     $this->rc->session->remove('preferences');

  152.                     $this->rc->session->remove('preferences_time');

  153.                     $this->save_prefs($saved_prefs);

  154.                 }

  155.                 else {

  156.                     $this->data['preferences'] = $_SESSION['preferences'];

  157.                 }

  158.             }

  159. 

  160.             if ($this->data['preferences']) {

  161.                 $this->prefs += (array)unserialize($this->data['preferences']);

  162.             }

  163.         }

  164. 

  165.         return $this->prefs;

  166.     }

  167. 

  168.     /**

  169.      * Write the given user prefs to the user's record

  170.      *

  171.      * @param array $a_user_prefs User prefs to save

  172.      * @param bool  $no_session   Simplified language/preferences handling

  173.      *

  174.      * @return boolean True on success, False on failure

  175.      */

  176.     function save_prefs($a_user_prefs, $no_session = false)

  177.     {

  178.         if (!$this->ID)

  179.             return false;

  180. 

  181.         $plugin = $this->rc->plugins->exec_hook('preferences_update', array(

  182.             'userid' => $this->ID, 'prefs' => $a_user_prefs, 'old' => (array)$this->get_prefs()));

  183. 

  184.         if (!empty($plugin['abort'])) {

  185.             return;

  186.         }

  187. 

  188.         $a_user_prefs = $plugin['prefs'];

  189.         $old_prefs    = $plugin['old'];

  190.         $config       = $this->rc->config;

  191.         $defaults     = $config->all();

  192. 

  193.         // merge (partial) prefs array with existing settings

  194.         $this->prefs = $save_prefs = $a_user_prefs + $old_prefs;

  195.         unset($save_prefs['language']);

  196. 

  197.         // don't save prefs with default values if they haven't been changed yet

  198.         // Warning: we use result of rcube_config::all() here instead of just get() (#5782)

  199.         foreach ($a_user_prefs as $key => $value) {

  200.             if ($value === null || (!isset($old_prefs[$key]) && $value === $defaults[$key])) {

  201.                 unset($save_prefs[$key]);

  202.             }

  203.         }

  204. 

  205.         $save_prefs = serialize($save_prefs);

  206.         if (!$no_session) {

  207.             $this->language = $_SESSION['language'];

  208.         }

  209. 

  210.         $this->db->query(

  211.             "UPDATE ".$this->db->table_name('users', true).

  212.             " SET `preferences` = ?, `language` = ?".

  213.             " WHERE `user_id` = ?",

  214.             $save_prefs,

  215.             $this->language,

  216.             $this->ID);

  217. 

  218.         // Update success

  219.         if ($this->db->affected_rows() !== false) {

  220.             $this->data['preferences'] = $save_prefs;

  221. 

  222.             if (!$no_session) {

  223.                 $config->set_user_prefs($this->prefs);

  224. 

  225.                 if (isset($_SESSION['preferences'])) {

  226.                     $this->rc->session->remove('preferences');

  227.                     $this->rc->session->remove('preferences_time');

  228.                 }

  229.             }

  230. 

  231.             return true;

  232.         }

  233.         // Update error, but we are using replication (we have read-only DB connection)

  234.         // and we are storing session not in the SQL database

  235.         // we can store preferences in session and try to write later (see get_prefs())

  236.         else if (!$no_session && $this->db->is_replicated()

  237.             && $config->get('session_storage', 'db') != 'db'

  238.         ) {

  239.             $_SESSION['preferences'] = $save_prefs;

  240.             $_SESSION['preferences_time'] = time();

  241.             $config->set_user_prefs($this->prefs);

  242.             $this->data['preferences'] = $save_prefs;

  243.         }

  244. 

  245.         return false;

  246.     }

  247. 

  248.     /**

  249.      * Generate a unique hash to identify this user whith

  250.      */

  251.     function get_hash()

  252.     {

  253.         $prefs = $this->get_prefs();

  254. 

  255.         // generate a random hash and store it in user prefs

  256.         if (empty($prefs['client_hash'])) {

  257.             $prefs['client_hash'] = rcube_utils::random_bytes(16);

  258.             $this->save_prefs(array('client_hash' => $prefs['client_hash']));

  259.         }

  260. 

  261.         return $prefs['client_hash'];

  262.     }

  263. 

  264.     /**

  265.      * Return a list of all user emails (from identities)

  266.      *

  267.      * @param bool Return only default identity

  268.      *

  269.      * @return array List of emails (identity_id, name, email)

  270.      */

  271.     function list_emails($default = false)

  272.     {

  273.         if ($this->emails === null) {

  274.             $this->emails = array();

  275. 

  276.             $sql_result = $this->db->query(

  277.                 "SELECT `identity_id`, `name`, `email`"

  278.                 ." FROM " . $this->db->table_name('identities', true)

  279.                 ." WHERE `user_id` = ? AND `del` <> 1"

  280.                 ." ORDER BY `standard` DESC, `name` ASC, `email` ASC, `identity_id` ASC",

  281.                 $this->ID);

  282. 

  283.             while ($sql_arr = $this->db->fetch_assoc($sql_result)) {

  284.                 $this->emails[] = $sql_arr;

  285.             }

  286.         }

  287. 

  288.         return $default ? $this->emails[0] : $this->emails;

  289.     }

  290. 

  291.     /**

  292.      * Get default identity of this user

  293.      *

  294.      * @param  int   $id Identity ID. If empty, the default identity is returned

  295.      * @return array Hash array with all cols of the identity record

  296.      */

  297.     function get_identity($id = null)

  298.     {

  299.         $id = (int)$id;

  300.         // cache identities for better performance

  301.         if (!array_key_exists($id, $this->identities)) {

  302.             $result = $this->list_identities($id ? "AND `identity_id` = $id" : '');

  303.             $this->identities[$id] = $result[0];

  304.         }

  305. 

  306.         return $this->identities[$id];

  307.     }

  308. 

  309.     /**

  310.      * Return a list of all identities linked with this user

  311.      *

  312.      * @param string $sql_add   Optional WHERE clauses

  313.      * @param bool   $formatted Format identity email and name

  314.      *

  315.      * @return array List of identities

  316.      */

  317.     function list_identities($sql_add = '', $formatted = false)

  318.     {

  319.         $result = array();

  320. 

  321.         $sql_result = $this->db->query(

  322.             "SELECT * FROM ".$this->db->table_name('identities', true).

  323.             " WHERE `del` <> 1 AND `user_id` = ?".

  324.             ($sql_add ? " ".$sql_add : "").

  325.             " ORDER BY `standard` DESC, `name` ASC, `email` ASC, `identity_id` ASC",

  326.             $this->ID);

  327. 

  328.         while ($sql_arr = $this->db->fetch_assoc($sql_result)) {

  329.             if ($formatted) {

  330.                 $ascii_email = format_email($sql_arr['email']);

  331.                 $utf8_email  = format_email(rcube_utils::idn_to_utf8($ascii_email));

  332. 

  333.                 $sql_arr['email_ascii'] = $ascii_email;

  334.                 $sql_arr['email']       = $utf8_email;

  335.                 $sql_arr['ident']       = format_email_recipient($ascii_email, $sql_arr['name']);

  336.             }

  337. 

  338.             $result[] = $sql_arr;

  339.         }

  340. 

  341.         return $result;

  342.     }

  343. 

  344.     /**

  345.      * Update a specific identity record

  346.      *

  347.      * @param int    $iid  Identity ID

  348.      * @param array  $data Hash array with col->value pairs to save

  349.      * @return boolean True if saved successfully, false if nothing changed

  350.      */

  351.     function update_identity($iid, $data)

  352.     {

  353.         if (!$this->ID)

  354.             return false;

  355. 

  356.         $query_cols = $query_params = array();

  357. 

  358.         foreach ((array)$data as $col => $value) {

  359.             $query_cols[]   = $this->db->quote_identifier($col) . ' = ?';

  360.             $query_params[] = $value;

  361.         }

  362.         $query_params[] = $iid;

  363.         $query_params[] = $this->ID;

  364. 

  365.         $sql = "UPDATE ".$this->db->table_name('identities', true).

  366.             " SET `changed` = ".$this->db->now().", ".join(', ', $query_cols).

  367.             " WHERE `identity_id` = ?".

  368.                 " AND `user_id` = ?".

  369.                 " AND `del` <> 1";

  370. 

  371.         call_user_func_array(array($this->db, 'query'),

  372.             array_merge(array($sql), $query_params));

  373. 

  374.         // clear the cache

  375.         $this->identities = array();

  376.         $this->emails     = null;

  377. 

  378.         return $this->db->affected_rows();

  379.     }

  380. 

  381.     /**

  382.      * Create a new identity record linked with this user

  383.      *

  384.      * @param array $data Hash array with col->value pairs to save

  385.      * @return int  The inserted identity ID or false on error

  386.      */

  387.     function insert_identity($data)

  388.     {

  389.         if (!$this->ID)

  390.             return false;

  391. 

  392.         unset($data['user_id']);

  393. 

  394.         $insert_cols   = array();

  395.         $insert_values = array();

  396. 

  397.         foreach ((array)$data as $col => $value) {

  398.             $insert_cols[]   = $this->db->quote_identifier($col);

  399.             $insert_values[] = $value;

  400.         }

  401. 

  402.         $insert_cols[]   = $this->db->quote_identifier('user_id');

  403.         $insert_values[] = $this->ID;

  404. 

  405.         $sql = "INSERT INTO ".$this->db->table_name('identities', true).

  406.             " (`changed`, ".join(', ', $insert_cols).")".

  407.             " VALUES (".$this->db->now().", ".join(', ', array_pad(array(), count($insert_values), '?')).")";

  408. 

  409.         $insert = $this->db->query($sql, $insert_values);

  410. 

  411.         // clear the cache

  412.         $this->identities = array();

  413.         $this->emails     = null;

  414. 

  415.         return $this->db->insert_id('identities');

  416.     }

  417. 

  418.     /**

  419.      * Mark the given identity as deleted

  420.      *

  421.      * @param  int     $iid Identity ID

  422.      * @return boolean True if deleted successfully, false if nothing changed

  423.      */

  424.     function delete_identity($iid)

  425.     {

  426.         if (!$this->ID)

  427.             return false;

  428. 

  429.         $sql_result = $this->db->query(

  430.             "SELECT count(*) AS ident_count FROM ".$this->db->table_name('identities', true).

  431.             " WHERE `user_id` = ? AND `del` <> 1",

  432.             $this->ID);

  433. 

  434.         $sql_arr = $this->db->fetch_assoc($sql_result);

  435. 

  436.         // we'll not delete last identity

  437.         if ($sql_arr['ident_count'] <= 1)

  438.             return -1;

  439. 

  440.         $this->db->query(

  441.             "UPDATE ".$this->db->table_name('identities', true).

  442.             " SET `del` = 1, `changed` = ".$this->db->now().

  443.             " WHERE `user_id` = ?".

  444.                 " AND `identity_id` = ?",

  445.             $this->ID,

  446.             $iid);

  447. 

  448.         // clear the cache

  449.         $this->identities = array();

  450.         $this->emails     = null;

  451. 

  452.         return $this->db->affected_rows();

  453.     }

  454. 

  455.     /**

  456.      * Make this identity the default one for this user

  457.      *

  458.      * @param int $iid The identity ID

  459.      */

  460.     function set_default($iid)

  461.     {

  462.         if ($this->ID && $iid) {

  463.             $this->db->query(

  464.                 "UPDATE ".$this->db->table_name('identities', true).

  465.                 " SET `standard` = '0'".

  466.                 " WHERE `user_id` = ? AND `identity_id` <> ?",

  467.                 $this->ID,

  468.                 $iid);

  469. 

  470.             unset($this->identities[0]);

  471.         }

  472.     }

  473. 

  474.     /**

  475.      * Update user's last_login timestamp

  476.      */

  477.     function touch()

  478.     {

  479.         if ($this->ID) {

  480.             $this->db->query(

  481.                 "UPDATE ".$this->db->table_name('users', true).

  482.                 " SET `last_login` = ".$this->db->now().

  483.                 " WHERE `user_id` = ?",

  484.                 $this->ID);

  485.         }

  486.     }

  487. 

  488.     /**

  489.      * Update user's failed_login timestamp and counter

  490.      */

  491.     function failed_login()

  492.     {

  493.         if ($this->ID && ($rate = (int) $this->rc->config->get('login_rate_limit', 3))) {

  494.             if (empty($this->data['failed_login'])) {

  495.                 $failed_login = new DateTime('now');

  496.                 $counter      = 1;

  497.             }

  498.             else {

  499.                 $failed_login = new DateTime($this->data['failed_login']);

  500.                 $threshold    = new DateTime('- 60 seconds');

  501. 

  502.                 if ($failed_login < $threshold) {

  503.                     $failed_login = new DateTime('now');

  504.                     $counter      = 1;

  505.                 }

  506.             }

  507. 

  508.             $this->db->query(

  509.                 "UPDATE " . $this->db->table_name('users', true)

  510.                     . " SET `failed_login` = ?"

  511.                     . ", `failed_login_counter` = " . ($counter ?: "`failed_login_counter` + 1")

  512.                 . " WHERE `user_id` = ?",

  513.                 $failed_login, $this->ID);

  514.         }

  515.     }

  516. 

  517.     /**

  518.      * Checks if the account is locked, e.g. as a result of brute-force prevention

  519.      */

  520.     function is_locked()

  521.     {

  522.         if (empty($this->data['failed_login'])) {

  523.             return false;

  524.         }

  525. 

  526.         if ($rate = (int) $this->rc->config->get('login_rate_limit', 3)) {

  527.             $last_failed = new DateTime($this->data['failed_login']);

  528.             $threshold   = new DateTime('- 60 seconds');

  529. 

  530.             if ($last_failed > $threshold && $this->data['failed_login_counter'] >= $rate) {

  531.                 return true;

  532.             }

  533.         }

  534. 

  535.         return false;

  536.     }

  537. 

  538.     /**

  539.      * Clear the saved object state

  540.      */

  541.     function reset()

  542.     {

  543.         $this->ID   = null;

  544.         $this->data = null;

  545.     }

  546. 

  547.     /**

  548.      * Find a user record matching the given name and host

  549.      *

  550.      * @param string $user IMAP user name

  551.      * @param string $host IMAP host name

  552.      * @return rcube_user New user instance

  553.      */

  554.     static function query($user, $host)

  555.     {

  556.         $dbh    = rcube::get_instance()->get_dbh();

  557.         $config = rcube::get_instance()->config;

  558. 

  559.         // query for matching user name

  560.         $sql_result = $dbh->query("SELECT * FROM " . $dbh->table_name('users', true)

  561.             ." WHERE `mail_host` = ? AND `username` = ?", $host, $user);

  562. 

  563.         $sql_arr = $dbh->fetch_assoc($sql_result);

  564. 

  565.         // username not found, try aliases from identities

  566.         if (empty($sql_arr) && $config->get('user_aliases') && strpos($user, '@')) {

  567.             $sql_result = $dbh->limitquery("SELECT u.*"

  568.                 ." FROM " . $dbh->table_name('users', true) . " u"

  569.                 ." JOIN " . $dbh->table_name('identities', true) . " i ON (i.`user_id` = u.`user_id`)"

  570.                 ." WHERE `email` = ? AND `del` <> 1", 0, 1, $user);

  571. 

  572.             $sql_arr = $dbh->fetch_assoc($sql_result);

  573.         }

  574. 

  575.         // user already registered -> overwrite username

  576.         if ($sql_arr) {

  577.             return new rcube_user($sql_arr['user_id'], $sql_arr);

  578.         }

  579. 

  580.         return false;

  581.     }

  582. 

  583.     /**

  584.      * Create a new user record and return a rcube_user instance

  585.      *

  586.      * @param string $user IMAP user name

  587.      * @param string $host IMAP host

  588.      * @return rcube_user New user instance

  589.      */

  590.     static function create($user, $host)

  591.     {

  592.         $user_name  = '';

  593.         $user_email = '';

  594.         $rcube      = rcube::get_instance();

  595.         $dbh        = $rcube->get_dbh();

  596. 

  597.         // try to resolve user in virtuser table and file

  598.         if ($email_list = self::user2email($user, false, true)) {

  599.             $user_email = is_array($email_list[0]) ? $email_list[0]['email'] : $email_list[0];

  600.         }

  601. 

  602.         $data = $rcube->plugins->exec_hook('user_create', array(

  603.             'host'       => $host,

  604.             'user'       => $user,

  605.             'user_name'  => $user_name,

  606.             'user_email' => $user_email,

  607.             'email_list' => $email_list,

  608.             'language'   =>  $_SESSION['language'],

  609.         ));

  610. 

  611.         // plugin aborted this operation

  612.         if ($data['abort']) {

  613.             return false;

  614.         }

  615. 

  616.         $insert = $dbh->query(

  617.             "INSERT INTO ".$dbh->table_name('users', true).

  618.             " (`created`, `last_login`, `username`, `mail_host`, `language`)".

  619.             " VALUES (".$dbh->now().", ".$dbh->now().", ?, ?, ?)",

  620.             $data['user'],

  621.             $data['host'],

  622.             $data['language']);

  623. 

  624.         if ($dbh->affected_rows($insert) && ($user_id = $dbh->insert_id('users'))) {

  625.             // create rcube_user instance to make plugin hooks work

  626.             $user_instance = new rcube_user($user_id, array(

  627.                 'user_id'   => $user_id,

  628.                 'username'  => $data['user'],

  629.                 'mail_host' => $data['host'],

  630.                 'language'  => $data['language'],

  631.             ));

  632.             $rcube->user = $user_instance;

  633.             $mail_domain = $rcube->config->mail_domain($data['host']);

  634.             $user_name   = $data['user_name'];

  635.             $user_email  = $data['user_email'];

  636.             $email_list  = $data['email_list'];

  637. 

  638.             if (empty($email_list)) {

  639.                 if (empty($user_email)) {

  640.                     $user_email = strpos($data['user'], '@') ? $user : sprintf('%s@%s', $data['user'], $mail_domain);

  641.                 }

  642.                 $email_list[] = $user_email;

  643.             }

  644.             // identities_level check

  645.             else if (count($email_list) > 1 && $rcube->config->get('identities_level', 0) > 1) {

  646.                 $email_list = array($email_list[0]);

  647.             }

  648. 

  649.             if (empty($user_name)) {

  650.                 $user_name = $data['user'];

  651.             }

  652. 

  653.             // create new identities records

  654.             $standard = 1;

  655.             foreach ($email_list as $row) {

  656.                 $record = array();

  657. 

  658.                 if (is_array($row)) {

  659.                     if (empty($row['email'])) {

  660.                         continue;

  661.                     }

  662.                     $record = $row;

  663.                 }

  664.                 else {

  665.                     $record['email'] = $row;

  666.                 }

  667. 

  668.                 if (empty($record['name'])) {

  669.                     $record['name'] = $user_name != $record['email'] ? $user_name : '';

  670.                 }

  671. 

  672.                 $record['user_id']  = $user_id;

  673.                 $record['standard'] = $standard;

  674. 

  675.                 $plugin = $rcube->plugins->exec_hook('identity_create',

  676.                     array('login' => true, 'record' => $record));

  677. 

  678.                 if (!$plugin['abort'] && $plugin['record']['email']) {

  679.                     $rcube->user->insert_identity($plugin['record']);

  680.                 }

  681.                 $standard = 0;

  682.             }

  683.         }

  684.         else {

  685.             rcube::raise_error(array(

  686.                 'code' => 500,

  687.                 'type' => 'php',

  688.                 'line' => __LINE__,

  689.                 'file' => __FILE__,

  690.                 'message' => "Failed to create new user"), true, false);

  691.         }

  692. 

  693.         return $user_id ? $user_instance : false;

  694.     }

  695. 

  696.     /**

  697.      * Resolve username using a virtuser plugins

  698.      *

  699.      * @param string $email E-mail address to resolve

  700.      * @return string Resolved IMAP username

  701.      */

  702.     static function email2user($email)

  703.     {

  704.         $rcube = rcube::get_instance();

  705.         $plugin = $rcube->plugins->exec_hook('email2user',

  706.             array('email' => $email, 'user' => NULL));

  707. 

  708.         return $plugin['user'];

  709.     }

  710. 

  711.     /**

  712.      * Resolve e-mail address from virtuser plugins

  713.      *

  714.      * @param string $user User name

  715.      * @param boolean $first If true returns first found entry

  716.      * @param boolean $extended If true returns email as array (email and name for identity)

  717.      * @return mixed Resolved e-mail address string or array of strings

  718.      */

  719.     static function user2email($user, $first=true, $extended=false)

  720.     {

  721.         $rcube = rcube::get_instance();

  722.         $plugin = $rcube->plugins->exec_hook('user2email',

  723.             array('email' => NULL, 'user' => $user,

  724.                 'first' => $first, 'extended' => $extended));

  725. 

  726.         return empty($plugin['email']) ? NULL : $plugin['email'];

  727.     }

  728. 

  729.     /**

  730.      * Return a list of saved searches linked with this user

  731.      *

  732.      * @param int  $type  Search type

  733.      *

  734.      * @return array List of saved searches indexed by search ID

  735.      */

  736.     function list_searches($type)

  737.     {

  738.         $plugin = $this->rc->plugins->exec_hook('saved_search_list', array('type' => $type));

  739. 

  740.         if ($plugin['abort']) {

  741.             return (array) $plugin['result'];

  742.         }

  743. 

  744.         $result = array();

  745. 

  746.         $sql_result = $this->db->query(

  747.             "SELECT `search_id` AS id, `name`"

  748.             ." FROM ".$this->db->table_name('searches', true)

  749.             ." WHERE `user_id` = ? AND `type` = ?"

  750.             ." ORDER BY `name`",

  751.             (int) $this->ID, (int) $type);

  752. 

  753.         while ($sql_arr = $this->db->fetch_assoc($sql_result)) {

  754.             $sql_arr['data'] = unserialize($sql_arr['data']);

  755.             $result[$sql_arr['id']] = $sql_arr;

  756.         }

  757. 

  758.         return $result;

  759.     }

  760. 

  761.     /**

  762.      * Return saved search data.

  763.      *

  764.      * @param int  $id  Row identifier

  765.      *

  766.      * @return array Data

  767.      */

  768.     function get_search($id)

  769.     {

  770.         $plugin = $this->rc->plugins->exec_hook('saved_search_get', array('id' => $id));

  771. 

  772.         if ($plugin['abort']) {

  773.             return $plugin['result'];

  774.         }

  775. 

  776.         $sql_result = $this->db->query(

  777.             "SELECT `name`, `data`, `type`"

  778.             . " FROM ".$this->db->table_name('searches', true)

  779.             . " WHERE `user_id` = ?"

  780.                 ." AND `search_id` = ?",

  781.             (int) $this->ID, (int) $id);

  782. 

  783.         while ($sql_arr = $this->db->fetch_assoc($sql_result)) {

  784.             return array(

  785.                 'id'   => $id,

  786.                 'name' => $sql_arr['name'],

  787.                 'type' => $sql_arr['type'],

  788.                 'data' => unserialize($sql_arr['data']),

  789.             );

  790.         }

  791. 

  792.         return null;

  793.     }

  794. 

  795.     /**

  796.      * Deletes given saved search record

  797.      *

  798.      * @param  int  $sid  Search ID

  799.      *

  800.      * @return boolean True if deleted successfully, false if nothing changed

  801.      */

  802.     function delete_search($sid)

  803.     {

  804.         if (!$this->ID)

  805.             return false;

  806. 

  807.         $this->db->query(

  808.             "DELETE FROM ".$this->db->table_name('searches', true)

  809.             ." WHERE `user_id` = ?"

  810.                 ." AND `search_id` = ?",

  811.             (int) $this->ID, $sid);

  812. 

  813.         return $this->db->affected_rows();

  814.     }

  815. 

  816.     /**

  817.      * Create a new saved search record linked with this user

  818.      *

  819.      * @param array $data Hash array with col->value pairs to save

  820.      *

  821.      * @return int  The inserted search ID or false on error

  822.      */

  823.     function insert_search($data)

  824.     {

  825.         if (!$this->ID)

  826.             return false;

  827. 

  828.         $insert_cols[]   = 'user_id';

  829.         $insert_values[] = (int) $this->ID;

  830.         $insert_cols[]   = $this->db->quote_identifier('type');

  831.         $insert_values[] = (int) $data['type'];

  832.         $insert_cols[]   = $this->db->quote_identifier('name');

  833.         $insert_values[] = $data['name'];

  834.         $insert_cols[]   = $this->db->quote_identifier('data');

  835.         $insert_values[] = serialize($data['data']);

  836. 

  837.         $sql = "INSERT INTO ".$this->db->table_name('searches', true)

  838.             ." (".join(', ', $insert_cols).")"

  839.             ." VALUES (".join(', ', array_pad(array(), count($insert_values), '?')).")";

  840. 

  841.         $insert = $this->db->query($sql, $insert_values);

  842. 

  843.         return $this->db->affected_rows($insert) ? $this->db->insert_id('searches') : false;

  844.     }

  845. }