robin.thoni
/
docker-roundcube-server
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 10 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
2 Branches
Tree: e2fe05faab
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e2fe05faab'
${ noResults }
docker-roundcube-server/roundcube/roundcubemail-1.2.2/program/steps/utils/save_pref.inc

save_pref.inc 2.7KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. <?php

  2. 

  3. /**

  4.  +-----------------------------------------------------------------------+

  5.  | program/steps/utils/save_pref.inc                                     |

  6.  |                                                                       |

  7.  | This file is part of the Roundcube Webmail client                     |

  8.  | Copyright (C) 2005-2013, The Roundcube Dev Team                       |

  9.  |                                                                       |

  10.  | Licensed under the GNU General Public License version 3 or            |

  11.  | any later version with exceptions for skins & plugins.                |

  12.  | See the README file for a full license statement.                     |

  13.  |                                                                       |

  14.  | PURPOSE:                                                              |

  15.  |   Save preferences setting in database                                |

  16.  |                                                                       |

  17.  +-----------------------------------------------------------------------+

  18.  | Author: Aleksander Machniak <alec@alec.pl>                            |

  19.  +-----------------------------------------------------------------------+

  20. */

  21. 

  22. $name     = rcube_utils::get_input_value('_name', rcube_utils::INPUT_POST);

  23. $value    = rcube_utils::get_input_value('_value', rcube_utils::INPUT_POST);

  24. $sessname = rcube_utils::get_input_value('_session', rcube_utils::INPUT_POST);

  25. 

  26. // Whitelisted preferences and session variables, others

  27. // can be added by plugins

  28. $whitelist = array(

  29.     'preview_pane',

  30.     'list_cols',

  31.     'collapsed_folders',

  32.     'collapsed_abooks',

  33. );

  34. $whitelist_sess = array(

  35.     'list_attrib/columns',

  36. );

  37. 

  38. $whitelist      = array_merge($whitelist, $RCMAIL->plugins->allowed_prefs);

  39. $whitelist_sess = array_merge($whitelist_sess, $RCMAIL->plugins->allowed_session_prefs);

  40. 

  41. if (!in_array($name, $whitelist) || ($sessname && !in_array($sessname, $whitelist_sess))) {

  42.     rcube::raise_error(array('code' => 500, 'type' => 'php',

  43.         'file' => __FILE__, 'line' => __LINE__,

  44.         'message' => sprintf("Hack attempt detected (user: %s)", $RCMAIL->get_user_name())),

  45.         true, false);

  46. 

  47.     $OUTPUT->reset();

  48.     $OUTPUT->send();

  49. }

  50. 

  51. // save preference value

  52. $RCMAIL->user->save_prefs(array($name => $value));

  53. 

  54. // update also session if requested

  55. if ($sessname) {

  56.     // Support multidimensional arrays...

  57.     $vars = explode('/', $sessname);

  58. 

  59.     // ... up to 3 levels

  60.     if (count($vars) == 1)

  61.         $_SESSION[$vars[0]] = $value;

  62.     else if (count($vars) == 2)

  63.         $_SESSION[$vars[0]][$vars[1]] = $value;

  64.     else if (count($vars) == 3)

  65.         $_SESSION[$vars[0]][$vars[1]][$vars[2]] = $value;

  66. }

  67. 

  68. $OUTPUT->reset();

  69. $OUTPUT->send();