githubFork/roundcubemail.git

			@@ -67,7 +67,8 @@

			if ($id && !$sql_arr) {
			$sql_result = $this->db->query(
			"SELECT * FROM ".$this->db->table_name('users')." WHERE user_id = ?", $id);
			"SELECT * FROM " . $this->db->table_name('users', true)
			. " WHERE `user_id` = ?", $id);
			$sql_arr = $this->db->fetch_assoc($sql_result);
			}

			@@ -125,8 +126,10 @@
			*/
			function get_prefs()
			{
			$prefs = array();

			if (!empty($this->language))
			$prefs = array('language' => $this->language);
			$prefs['language'] = $this->language;

			if ($this->ID) {
			// Preferences from session (write-master is unavailable)
			@@ -187,10 +190,9 @@
			$save_prefs = serialize($save_prefs);

			$this->db->query(
			"UPDATE ".$this->db->table_name('users').
			" SET preferences = ?".
			", language = ?".
			" WHERE user_id = ?",
			"UPDATE ".$this->db->table_name('users', true).
			" SET `preferences` = ?, `language` = ?".
			" WHERE `user_id` = ?",
			$save_prefs,
			$_SESSION['language'],
			$this->ID);
			@@ -221,6 +223,14 @@
			return false;
			}

			/**
			* Generate a unique hash to identify this user which
			*/
			function get_hash()
			{
			$key = substr($this->rc->config->get('des_key'), 1, 4);
			return md5($this->data['user_id'] . $key . $this->data['username'] . '@' . $this->data['mail_host']);
			}

			/**
			* Get default identity of this user
			@@ -233,7 +243,7 @@
			$id = (int)$id;
			// cache identities for better performance
			if (!array_key_exists($id, $this->identities)) {
			$result = $this->list_identities($id ? 'AND identity_id = ' . $id : '');
			$result = $this->list_identities($id ? "AND `identity_id` = $id" : '');
			$this->identities[$id] = $result[0];
			}

			@@ -254,10 +264,10 @@
			$result = array();

			$sql_result = $this->db->query(
			"SELECT * FROM ".$this->db->table_name('identities').
			" WHERE del <> 1 AND user_id = ?".
			"SELECT * FROM ".$this->db->table_name('identities', true).
			" WHERE `del` <> 1 AND `user_id` = ?".
			($sql_add ? " ".$sql_add : "").
			" ORDER BY ".$this->db->quoteIdentifier('standard')." DESC, name ASC, identity_id ASC",
			" ORDER BY `standard` DESC, `name` ASC, `email` ASC, `identity_id` ASC",
			$this->ID);

			while ($sql_arr = $this->db->fetch_assoc($sql_result)) {
			@@ -292,17 +302,17 @@
			$query_cols = $query_params = array();

			foreach ((array)$data as $col => $value) {
			$query_cols[] = $this->db->quoteIdentifier($col) . ' = ?';
			$query_cols[] = $this->db->quote_identifier($col) . ' = ?';
			$query_params[] = $value;
			}
			$query_params[] = $iid;
			$query_params[] = $this->ID;

			$sql = "UPDATE ".$this->db->table_name('identities').
			" SET changed = ".$this->db->now().", ".join(', ', $query_cols).
			" WHERE identity_id = ?".
			" AND user_id = ?".
			" AND del <> 1";
			$sql = "UPDATE ".$this->db->table_name('identities', true).
			" SET `changed` = ".$this->db->now().", ".join(', ', $query_cols).
			" WHERE `identity_id` = ?".
			" AND `user_id` = ?".
			" AND `del` <> 1";

			call_user_func_array(array($this->db, 'query'),
			array_merge(array($sql), $query_params));
			@@ -328,14 +338,14 @@

			$insert_cols = $insert_values = array();
			foreach ((array)$data as $col => $value) {
			$insert_cols[] = $this->db->quoteIdentifier($col);
			$insert_cols[] = $this->db->quote_identifier($col);
			$insert_values[] = $value;
			}
			$insert_cols[] = 'user_id';
			$insert_cols[] = $this->db->quote_identifier('user_id');
			$insert_values[] = $this->ID;

			$sql = "INSERT INTO ".$this->db->table_name('identities').
			" (changed, ".join(', ', $insert_cols).")".
			$sql = "INSERT INTO ".$this->db->table_name('identities', true).
			" (`changed`, ".join(', ', $insert_cols).")".
			" VALUES (".$this->db->now().", ".join(', ', array_pad(array(), sizeof($insert_values), '?')).")";

			call_user_func_array(array($this->db, 'query'),
			@@ -359,8 +369,8 @@
			return false;

			$sql_result = $this->db->query(
			"SELECT count(*) AS ident_count FROM ".$this->db->table_name('identities').
			" WHERE user_id = ? AND del <> 1",
			"SELECT count(*) AS ident_count FROM ".$this->db->table_name('identities', true).
			" WHERE `user_id` = ? AND `del` <> 1",
			$this->ID);

			$sql_arr = $this->db->fetch_assoc($sql_result);
			@@ -370,10 +380,10 @@
			return -1;

			$this->db->query(
			"UPDATE ".$this->db->table_name('identities').
			" SET del = 1, changed = ".$this->db->now().
			" WHERE user_id = ?".
			" AND identity_id = ?",
			"UPDATE ".$this->db->table_name('identities', true).
			" SET `del` = 1, `changed` = ".$this->db->now().
			" WHERE `user_id` = ?".
			" AND `identity_id` = ?",
			$this->ID,
			$iid);

			@@ -392,11 +402,9 @@
			{
			if ($this->ID && $iid) {
			$this->db->query(
			"UPDATE ".$this->db->table_name('identities').
			" SET ".$this->db->quoteIdentifier('standard')." = '0'".
			" WHERE user_id = ?".
			" AND identity_id <> ?".
			" AND del <> 1",
			"UPDATE ".$this->db->table_name('identities', true).
			" SET `standard` = '0'".
			" WHERE `user_id` = ? AND `identity_id` <> ?",
			$this->ID,
			$iid);

			@@ -412,9 +420,9 @@
			{
			if ($this->ID) {
			$this->db->query(
			"UPDATE ".$this->db->table_name('users').
			" SET last_login = ".$this->db->now().
			" WHERE user_id = ?",
			"UPDATE ".$this->db->table_name('users', true).
			" SET `last_login` = ".$this->db->now().
			" WHERE `user_id` = ?",
			$this->ID);
			}
			}
			@@ -443,17 +451,17 @@
			$config = rcube::get_instance()->config;

			// query for matching user name
			$sql_result = $dbh->query("SELECT * FROM " . $dbh->table_name('users')
			." WHERE mail_host = ? AND username = ?", $host, $user);
			$sql_result = $dbh->query("SELECT * FROM " . $dbh->table_name('users', true)
			." WHERE `mail_host` = ? AND `username` = ?", $host, $user);

			$sql_arr = $dbh->fetch_assoc($sql_result);

			// username not found, try aliases from identities
			if (empty($sql_arr) && $config->get('user_aliases') && strpos($user, '@')) {
			$sql_result = $dbh->limitquery("SELECT u.*"
			." FROM " . $dbh->table_name('users') . " u"
			." JOIN " . $dbh->table_name('identities') . " i ON (i.user_id = u.user_id)"
			." WHERE email = ? AND del <> 1", 0, 1, $user);
			." FROM " . $dbh->table_name('users', true) . " u"
			." JOIN " . $dbh->table_name('identities', true) . " i ON (i.`user_id` = u.`user_id`)"
			." WHERE `email` = ? AND `del` <> 1", 0, 1, $user);

			$sql_arr = $dbh->fetch_assoc($sql_result);
			}
			@@ -500,8 +508,8 @@
			}

			$dbh->query(
			"INSERT INTO ".$dbh->table_name('users').
			" (created, last_login, username, mail_host, language)".
			"INSERT INTO ".$dbh->table_name('users', true).
			" (`created`, `last_login`, `username`, `mail_host`, `language`)".
			" VALUES (".$dbh->now().", ".$dbh->now().", ?, ?, ?)",
			$data['user'],
			$data['host'],
			@@ -633,11 +641,10 @@
			$result = array();

			$sql_result = $this->db->query(
			"SELECT search_id AS id, ".$this->db->quoteIdentifier('name')
			." FROM ".$this->db->table_name('searches')
			." WHERE user_id = ?"
			." AND ".$this->db->quoteIdentifier('type')." = ?"
			." ORDER BY ".$this->db->quoteIdentifier('name'),
			"SELECT `search_id` AS id, `name`"
			." FROM ".$this->db->table_name('searches', true)
			." WHERE `user_id` = ? AND `type` = ?"
			." ORDER BY `name`",
			(int) $this->ID, (int) $type);

			while ($sql_arr = $this->db->fetch_assoc($sql_result)) {
			@@ -665,12 +672,10 @@
			}

			$sql_result = $this->db->query(
			"SELECT ".$this->db->quoteIdentifier('name')
			.", ".$this->db->quoteIdentifier('data')
			.", ".$this->db->quoteIdentifier('type')
			." FROM ".$this->db->table_name('searches')
			." WHERE user_id = ?"
			." AND search_id = ?",
			"SELECT `name`, `data`, `type`"
			. " FROM ".$this->db->table_name('searches', true)
			. " WHERE `user_id` = ?"
			." AND `search_id` = ?",
			(int) $this->ID, (int) $id);

			while ($sql_arr = $this->db->fetch_assoc($sql_result)) {
			@@ -699,9 +704,9 @@
			return false;

			$this->db->query(
			"DELETE FROM ".$this->db->table_name('searches')
			." WHERE user_id = ?"
			." AND search_id = ?",
			"DELETE FROM ".$this->db->table_name('searches', true)
			." WHERE `user_id` = ?"
			." AND `search_id` = ?",
			(int) $this->ID, $sid);

			return $this->db->affected_rows();
			@@ -722,14 +727,14 @@

			$insert_cols[] = 'user_id';
			$insert_values[] = (int) $this->ID;
			$insert_cols[] = $this->db->quoteIdentifier('type');
			$insert_cols[] = $this->db->quote_identifier('type');
			$insert_values[] = (int) $data['type'];
			$insert_cols[] = $this->db->quoteIdentifier('name');
			$insert_cols[] = $this->db->quote_identifier('name');
			$insert_values[] = $data['name'];
			$insert_cols[] = $this->db->quoteIdentifier('data');
			$insert_cols[] = $this->db->quote_identifier('data');
			$insert_values[] = serialize($data['data']);

			$sql = "INSERT INTO ".$this->db->table_name('searches')
			$sql = "INSERT INTO ".$this->db->table_name('searches', true)
			." (".join(', ', $insert_cols).")"
			." VALUES (".join(', ', array_pad(array(), sizeof($insert_values), '?')).")";

			@@ -738,5 +743,4 @@

			return $this->db->insert_id('searches');
			}

			}