- Timestamp:
- 01/07/10 12:45:17 (2 years ago)
- Location:
- trunk/phpbms
- Files:
-
- 5 modified
-
common/javascript/queryfunctions.js (modified) (2 diffs)
-
include/relationships.php (modified) (1 diff)
-
include/search_class.php (modified) (1 diff)
-
loadsearch.php (modified) (2 diffs)
-
search.php (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/phpbms/common/javascript/queryfunctions.js
r707 r728 77 77 } else 78 78 ctrlkeydown = theevent.metaKey; 79 79 80 80 shiftkeydown=theevent.shiftKey; 81 81 } … … 610 610 } 611 611 612 function LSRunSearch(){613 var sqlbox=getObjectFromID("LSSQL");614 var advancedsearch=getObjectFromID("advancedsearch");615 advancedsearch.value=sqlbox.value616 advancedsearch.form.submit();617 }618 612 function LSDeleteSearch(base){ 619 613 var theselect=getObjectFromID("LSList"); -
trunk/phpbms/include/relationships.php
r703 r728 102 102 */ 103 103 foreach($theids as $theid) 104 $_SESSION["passedjoinwhere"] .= " OR ".$therecord["fromtable"].".id = ". $theid;104 $_SESSION["passedjoinwhere"] .= " OR ".$therecord["fromtable"].".id = ".((int) $theid); 105 105 106 106 $_SESSION["passedjoinwhere"] = substr($_SESSION["passedjoinwhere"], 3); -
trunk/phpbms/include/search_class.php
r720 r728 81 81 searchroleid, 82 82 advsearchroleid, 83 viewsqlroleid 83 viewsqlroleid, 84 editroleid, 85 addroleid 84 86 FROM 85 tabledefs inner joinmodules on tabledefs.moduleid = modules.uuid87 tabledefs INNER JOIN modules on tabledefs.moduleid = modules.uuid 86 88 WHERE 87 89 tabledefs.uuid= '".$id."'"; -
trunk/phpbms/loadsearch.php
r726 r728 249 249 </p> 250 250 <p> 251 <textarea id="LSSQL" rows="8" cols="10" <?php if(!hasRights($tableinfo["advsearchroleid"])) echo " readonly=\"readonly\""?>></textarea>251 <textarea id="LSSQL" name="LSSQL" rows="8" cols="10" <?php if(!hasRights($tableinfo["advsearchroleid"])) echo ' readonly="readonly"'?>></textarea> 252 252 </p> 253 253 </td> 254 254 <td valign="top"> 255 <p><br/><input id="LSLoad" type=" button" onclick="LSRunSearch()" class="Buttons" disabled="disabled" value="run search"/></p>255 <p><br/><input id="LSLoad" type="submit" name="command" class="Buttons" disabled="disabled" value="run search"/></p> 256 256 <p><input id="LSDelete" type="button" onclick="LSDeleteSearch('<?php echo APP_PATH ?>')" class="Buttons" disabled="disabled" value="delete"/></p> 257 257 <div id="LSResults"> </div> … … 270 270 if(isset($_GET["cmd"])){ 271 271 272 require_once("include/session.php"); 273 272 274 $thesearch = new savedSearch($db); 273 275 -
trunk/phpbms/search.php
r720 r728 41 41 42 42 if(!isset($_GET["id"])) 43 44 45 $_GET["id"] = mysql_real_escape_string($_GET["id"]);43 $error = new appError(100,"Passed Parameter not present."); 44 45 $_GET["id"] = mysql_real_escape_string($_GET["id"]); 46 46 47 47 $displayTable= new displaySearchTable($db); … … 109 109 $querystatement = " 110 110 SELECT 111 name 111 name, 112 roleid 112 113 FROM 113 114 tableoptions … … 169 170 // omit selected from current query 170 171 //===================================================================================================== 171 $displayTable->recordoffset=0; 172 $tempwhere=""; 173 $theids=explode(",",$_POST["theids"]); 174 foreach($theids as $theid){ 175 $tempwhere.=" or ".$displayTable->thetabledef["maintable"].".id=".$theid; 176 } 177 $tempwhere=substr($tempwhere,3); 178 $displayTable->querywhereclause="(".$displayTable->querywhereclause.") and not (".$tempwhere.")"; 172 $displayTable->recordoffset = 0; 173 $tempwhere = ""; 174 $theids = explode(",",$_POST["theids"]); 175 176 foreach($theids as $theid) 177 $tempwhere.=" OR ".$displayTable->thetabledef["maintable"].".id=".((int) $theid); 178 179 $tempwhere = substr($tempwhere,3); 180 181 $displayTable->querywhereclause="(".$displayTable->querywhereclause.") AND NOT (".$tempwhere.")"; 179 182 break; 180 183 … … 182 185 // keep only those ids 183 186 //===================================================================================================== 184 $displayTable->recordoffset=0; 185 $tempwhere=""; 186 $theids=explode(",",$_POST["theids"]); 187 foreach($theids as $theid){ 188 $tempwhere.=" or ".$displayTable->thetabledef["maintable"].".id=".$theid; 189 } 187 $displayTable->recordoffset = 0; 188 $tempwhere = ""; 189 $theids = explode(",",$_POST["theids"]); 190 191 foreach($theids as $theid) 192 $tempwhere.=" or ".$displayTable->thetabledef["maintable"].".id=".((int) $theid); 193 190 194 $tempwhere=substr($tempwhere,3); 191 $displayTable->querywhereclause=$tempwhere; 195 196 $displayTable->querywhereclause = $tempwhere; 197 192 198 break; 193 199 194 200 case "advanced search": 201 202 if(!hasRights($displayTable->thetabledef["advsearchroleid"])) 203 goURL(APP_PATH."noaccess.php"); 204 195 205 $displayTable->recordoffset=0; 196 206 $displayTable->querywhereclause=stripslashes($_POST["advancedsearch"]); 197 207 $displayTable->querytype="advanced search"; 198 208 break; 209 210 case "run search": 211 /** 212 * Run a loaded search 213 */ 214 215 if(!hasRights($displayTable->thetabledef["advsearchroleid"])){ 216 /** 217 * Need to load search from id, because the 218 * person does not have rights to override loaded 219 * searches 220 */ 221 222 $querystatement=" 223 SELECT 224 sqlclause 225 FROM 226 usersearches 227 WHERE id=".((int) $_POST["LSList"]); 228 229 $queryresult = $db->query($querystatement); 230 231 $therecord = $db->fetchArray($queryresult); 232 233 $_POST["LSSQL"] = $therecord["sqlclause"]; 234 235 }//endif 236 237 $displayTable->recordoffset=0; 238 $displayTable->querywhereclause=stripslashes($_POST["LSSQL"]); 239 $displayTable->querytype="advanced search"; 240 break; 241 break; 199 242 200 243 case "advanced sort": 201 244 $displayTable->showGroupings = 0; 202 245 $displayTable->recordoffset = 0; 203 $displayTable->querysortorder =$_POST["advancedsort"];246 $displayTable->querysortorder = $_POST["advancedsort"]; 204 247 break; 205 248
