Context Navigation

source: subversion/trunk/roundcubemail/program/steps/addressbook/copy.inc @ 2758

Last change on this file since 2758 was 2758, checked in by thomasb, 4 years ago
Force ajax calls to protect from CSRF
File size: 2.0 KB

Line
1	<?php
2
3	/*
4	+-----------------------------------------------------------------------+
5	\| program/steps/addressbook/copy.inc \|
6	\| \|
7	\| This file is part of the RoundCube Webmail client \|
8	\| Copyright (C) 2007, RoundCube Dev. - Switzerland \|
9	\| Licensed under the GNU GPL \|
10	\| \|
11	\| PURPOSE: \|
12	\| Copy a contact record from one direcotry to another \|
13	\| \|
14	+-----------------------------------------------------------------------+
15	\| Author: Thomas Bruederli <roundcube@gmail.com> \|
16	+-----------------------------------------------------------------------+
17
18	$Id: copy.inc 471 2007-02-09 21:25:50Z thomasb $
19
20	*/
21
22	// only process ajax requests
23	if (!$OUTPUT->ajax_call)
24	return;
25
26	$cid = get_input_value('_cid', RCUBE_INPUT_POST);
27	$target = get_input_value('_to', RCUBE_INPUT_POST);
28	if ($cid && preg_match('/^[a-z0-9\-_=]+(,[a-z0-9\-_=]+)*$/i', $cid) && strlen($target) && $target != $source)
29	{
30	$success = false;
31	$TARGET = $RCMAIL->get_address_book($target);
32
33	if ($TARGET && $TARGET->ready && !$TARGET->readonly) {
34	$plugin = $RCMAIL->plugins->exec_hook('create_contact', array('record' => $CONTACTS->search($CONTACTS->primary_key, $cid), 'source' => $target));
35	$a_record = $plugin['record'];
36
37	if (!$plugin['abort'])
38	$success = $TARGET->insert($CONTACTS->search($a_record, true));
39	}
40
41	if (empty($success))
42	$OUTPUT->show_message('copyerror', 'error');
43	else
44	$OUTPUT->show_message('copysuccess', 'notice', array('nr' => count($success)));
45
46	// close connection to second address directory
47	$TARGET->close();
48	}
49
50	// send response
51	$OUTPUT->send();
52
53	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format