From f06aa8058b7e32ba32d4551074b6e0b8a300f751 Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Mon, 21 Oct 2013 15:02:40 -0400
Subject: [PATCH] Bump version after security fix

---
 plugins/virtuser_query/virtuser_query.php |  119 +++++++++++++++++++++++++++++++++++++++++------------------
 1 files changed, 83 insertions(+), 36 deletions(-)

diff --git a/plugins/virtuser_query/virtuser_query.php b/plugins/virtuser_query/virtuser_query.php
index 0264bf8..21a869c 100644
--- a/plugins/virtuser_query/virtuser_query.php
+++ b/plugins/virtuser_query/virtuser_query.php
@@ -4,31 +4,45 @@
  * DB based User-to-Email and Email-to-User lookup
  *
  * Add it to the plugins list in config/main.inc.php and set
- * SQL query to resolve user names and e-mail addresses from the database
+ * SQL queries to resolve usernames, e-mail addresses and hostnames from the database
  * %u will be replaced with the current username for login.
- * The query should select the user's e-mail address as first column
- * and optional identity data columns in specified order:
+ * %m will be replaced with the current e-mail address for login.
+ *
+ * Queries should select the user's e-mail address, username or the imap hostname as first column
+ * The email query could optionally select identity data columns in specified order:
  *    name, organization, reply-to, bcc, signature, html_signature
  *
- * $rcmail_config['virtuser_query'] = '';
+ * $rcmail_config['virtuser_query'] = array('email' => '', 'user' => '', 'host' => '');
  *
- * @version 1.0
+ * @version @package_version@
  * @author Aleksander Machniak
+ * @author Steffen Vogel
  */
 class virtuser_query extends rcube_plugin
 {
-    private $query;
+    private $config;
     private $app;
 
     function init()
     {
-	$this->app = rcmail::get_instance();
-	$this->query = $this->app->config->get('virtuser_query');
+	    $this->app = rcmail::get_instance();
+	    $this->config = $this->app->config->get('virtuser_query');
 
-	if ($this->query) {
-	    $this->add_hook('user2email', array($this, 'user2email'));
-//	    $this->add_hook('email2user', array($this, 'email2user'));
-	}
+        if (!empty($this->config)) {
+            if (is_string($this->config)) {
+                $this->config = array('email' => $this->config);
+            }
+
+            if ($this->config['email']) {
+                $this->add_hook('user2email', array($this, 'user2email'));
+            }
+            if ($this->config['user']) {
+                $this->add_hook('email2user', array($this, 'email2user'));
+            }
+            if ($this->config['host']) {
+                $this->add_hook('authenticate', array($this, 'user2host'));
+            }
+        }
     }
 
     /**
@@ -36,35 +50,68 @@
      */
     function user2email($p)
     {
-	$dbh = $rcmail->get_dbh();
+	    $dbh = $this->app->get_dbh();
 
-	$sql_result = $dbh->query(preg_replace('/%u/', $dbh->escapeSimple($p['user']), $this->query));
+	    $sql_result = $dbh->query(preg_replace('/%u/', $dbh->escapeSimple($p['user']), $this->config['email']));
 
-	while ($sql_arr = $dbh->fetch_array($sql_result)) {
-	    if (strpos($sql_arr[0], '@')) {
-		if ($p['extended'] && count($sql_arr) > 1) {
-		    $result[] = array(
-			'email' 	=> $sql_arr[0],
-			'name' 		=> $sql_arr[1],
-			'organization'  => $sql_arr[2],
-			'reply-to' 	=> $sql_arr[3],
-			'bcc' 		=> $sql_arr[4],
-			'signature' 	=> $sql_arr[5],
-			'html_signature' => (int)$sql_arr[6],
-    		    );
-		}
-		else {
-		    $result[] = $sql_arr[0];
-		}
+	    while ($sql_arr = $dbh->fetch_array($sql_result)) {
+	        if (strpos($sql_arr[0], '@')) {
+		        if ($p['extended'] && count($sql_arr) > 1) {
+		            $result[] = array(
+			            'email' 	    => rcube_idn_to_ascii($sql_arr[0]),
+            			'name' 		    => $sql_arr[1],
+			            'organization'  => $sql_arr[2],
+            			'reply-to' 	    => rcube_idn_to_ascii($sql_arr[3]),
+			            'bcc' 		    => rcube_idn_to_ascii($sql_arr[4]),
+        			    'signature' 	=> $sql_arr[5],
+		            	'html_signature' => (int)$sql_arr[6],
+    		        );
+		        }
+		        else {
+		            $result[] = $sql_arr[0];
+		        }
 
-		if ($p['first'])
-		    break;
+		        if ($p['first'])
+		            break;
+	        }
 	    }
-	}
-	
-	$p['email'] = $result;
 
-	return $p;
+	    $p['email'] = $result;
+
+	    return $p;
+    }
+
+    /**
+     * EMail > User
+     */
+    function email2user($p)
+    {
+        $dbh = $this->app->get_dbh();
+
+        $sql_result = $dbh->query(preg_replace('/%m/', $dbh->escapeSimple($p['email']), $this->config['user']));
+
+        if ($sql_arr = $dbh->fetch_array($sql_result)) {
+            $p['user'] = $sql_arr[0];
+        }
+
+        return $p;
+    }
+
+    /**
+     * User > Host
+     */
+    function user2host($p)
+    {
+        $dbh = $this->app->get_dbh();
+
+        $sql_result = $dbh->query(preg_replace('/%u/', $dbh->escapeSimple($p['user']), $this->config['host']));
+
+        if ($sql_arr = $dbh->fetch_array($sql_result)) {
+            $p['host'] = $sql_arr[0];
+        }
+
+        return $p;
     }
 
 }
+

--
Gitblit v1.9.1