Context Navigation

smartsearch.php

Revision 702, 7.6 KB (checked in by brieb, 2 years ago)
Updated copyrights to 2010

Line
1	<?php
2	/*
3	$Rev: 375 $ \| $LastChangedBy: brieb $
4	$LastChangedDate: 2008-01-29 18:01:42 -0700 (Tue, 29 Jan 2008) $
5	+-------------------------------------------------------------------------+
6	\| Copyright (c) 2004 - 2010, Kreotek LLC \|
7	\| All rights reserved. \|
8	+-------------------------------------------------------------------------+
9	\| \|
10	\| Redistribution and use in source and binary forms, with or without \|
11	\| modification, are permitted provided that the following conditions are \|
12	\| met: \|
13	\| \|
14	\| - Redistributions of source code must retain the above copyright \|
15	\| notice, this list of conditions and the following disclaimer. \|
16	\| \|
17	\| - Redistributions in binary form must reproduce the above copyright \|
18	\| notice, this list of conditions and the following disclaimer in the \|
19	\| documentation and/or other materials provided with the distribution. \|
20	\| \|
21	\| - Neither the name of Kreotek LLC nor the names of its contributore may \|
22	\| be used to endorse or promote products derived from this software \|
23	\| without specific prior written permission. \|
24	\| \|
25	\| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \|
26	\| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT \|
27	\| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A \|
28	\| PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT \|
29	\| OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, \|
30	\| SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT \|
31	\| LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, \|
32	\| DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY \|
33	\| THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT \|
34	\| (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE \|
35	\| OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \|
36	\| \|
37	+-------------------------------------------------------------------------+
38	*/
39
40	session_cache_limiter('private');
41
42	include("include/session.php");
43
44	class smartSearch{
45
46	var $totalcount = 0;
47
48	function smartSearch($db, $sdbid){
49
50	$this->db = $db;
51
52	$this->getSearchParams($sdbid);
53
54	}//end method init
55
56
57	function getSearchParams($sdbid){
58
59	$querystatement = "
60	SELECT
61	*
62	FROM
63	smartsearches
64	WHERE
65	id = ".((int) $sdbid);
66
67	$this->searchParams = $this->db->fetchArray($this->db->query($querystatement));
68
69	}//end method - getSearchParams
70
71
72	function find($term, $offset=0){
73
74	$term = trim(mysql_real_escape_string($term));
75
76	// first we take the entered text and explode int by words
77	$terms = explode(" ",$term);
78
79	//next we take the list of fields to search and create an array
80	$searchFields = explode(",", $this->searchParams["searchfields"]);
81
82	$wheres="";
83	foreach($terms as $value){
84
85	// this series of foreachs builds a SQL OR clause to search
86	// the search fields to match things that start with the term
87	// or has words inside that start with the term.
88
89	$wheres .="AND (";
90
91	foreach($searchFields as $field)
92	$wheres .= trim($field)." LIKE '".$value."%' OR ".trim($field)." LIKE '% ".$value."%'\nOR ";
93
94	$wheres = substr($wheres,0,strlen($wheres)-3);
95	$wheres .= ")";
96
97	}//endforeach
98
99	if($wheres){
100
101	$finalsearch = "";
102	foreach($searchFields as $field)
103	$finalsearch .= trim($field)." LIKE '".$term."%'\nOR ";
104
105	$finalsearch = substr($finalsearch,0,strlen($finalsearch)-3);
106
107	$wheres = "AND ( (".$finalsearch.") OR (".substr($wheres,4)."))";
108
109	}//endif - where
110
111	$securityWhere = "";
112
113	if($this->searchParams["rolefield"]){
114
115	// If the rolefield is present, we need to make sure the rolefield
116	// of each record matches the logged in users array of roles
117
118	if ($_SESSION["userinfo"]["admin"] !=1 ){
119
120	if(count($_SESSION["userinfo"]["roles"])>0){
121
122	foreach($_SESSION["userinfo"]["roles"] as $role)
123	$securityWhere .= ", '".$role."'";
124
125	$securityWhere = " AND (".$this->searchParams["rolefield"]." IN ('', ".$securityWhere." ) OR ".$this->searchParams["rolefield"]." IS NULL)";
126	} else
127	$securityWhere = " AND (".$this->searchParams["rolefield"]." = '' OR ".$this->searchParams["rolefield"]." IS NULL)";
128
129	}//endif admin
130
131	}//endif rolefield
132
133	$querystatement = "
134	SELECT DISTINCT
135	".$this->searchParams["displayfield"]." AS display,
136	".$this->searchParams["valuefield"]." AS value,
137	".$this->searchParams["secondaryfield"]." AS secondary,
138	".$this->searchParams["classfield"]." AS classname
139	FROM
140	".$this->searchParams["fromclause"]."
141	WHERE
142	(".$this->subout($this->searchParams["filterclause"]).")
143	".$securityWhere."
144	".$wheres."
145	ORDER BY
146	".$this->searchParams["displayfield"]."
147	LIMIT ".((int) $offset).", 8";
148
149	//need to retireve count of all records so
150	// the JS can know wheher to put the show more results on.
151	$totalCountStatement = "
152	SELECT
153	COUNT(".$this->searchParams["displayfield"].") AS thecount
154	FROM
155	".$this->searchParams["fromclause"]."
156	WHERE
157	(".$this->searchParams["filterclause"].")
158	".$securityWhere."
159	".$wheres;
160
161	$countrecord = $this->db->fetchArray($this->db->query($totalCountStatement));
162	$this->totalcount = $countrecord["thecount"];
163
164	return $this->db->query($querystatement);
165
166	}//end method
167
168
169	function display($result){
170	// This function will spit out a JSON array of records
171
172	$output = "{totalRecords: ".$this->totalcount.", resultRecords: [";
173
174	while($therecord = $this->db->fetchArray($result)){
175
176	$output .= "{display: '".str_replace("'", "\'", formatVariable($therecord["display"],"bbcode"))."',";
177	$output .= "value: '".str_replace("'", "\'", formatVariable($therecord["value"]))."',";
178	$output .= "secondary: '".str_replace("'", "\'", formatVariable($therecord["secondary"],"bbcode"))."',";
179	$output .= "classname: '".str_replace("'", "\'", formatVariable($therecord["classname"]))."'},";
180
181	}//endwhile
182
183	if($output != "{totalRecords: ".$this->totalcount.", resultRecords: [")
184	$output = substr($output, 0, strlen($output)-1);
185
186	$output .= "] }";
187
188	header("Content-type: text/plain");
189	echo $output;
190
191	}//end method - display
192
193
194	// replace variables
195	// strings with entrys like " {{$ENTRY}} "
196	// get everything in the {{ }} evaluated
197	function subout($string){
198
199	while(strpos($string,"{{")){
200	$start=strpos($string,"{{");
201	$startsubout=$start+2;
202	$endsubout=strpos($string,"}}");
203	$end=$endsubout+2;
204	$temp="";
205	eval(stripslashes("\$temp=".substr($string,$startsubout,$endsubout-$startsubout).";"));
206	$string=substr($string,0,$start).$temp.substr($string,$end);
207	}
208
209	return $string;
210
211	}//end function
212
213	}//end class
214
215
216	//processing
217	//=========================================================================
218	if(isset($_GET["sdbid"]) && isset($_GET["t"])){
219
220	$smartSearch = new smartSearch($db, $_GET["sdbid"]);
221
222	if(!isset($_GET["o"]))
223	$_GET["o"] = 0;
224
225	$theresult = $smartSearch->find($_GET["t"],((int) $_GET["o"]));
226
227	if(isset($theresult))
228	$smartSearch->display($theresult);
229
230	}//end if
231	?>

Note: See TracBrowser for help on using the browser.

phpBMS

Context Navigation

root/trunk/phpbms/smartsearch.php

Download in other formats: