db=$db; }//end function init function delete($id){ $querystatement="DELETE FROM usersearches WHERE id=".((int) $id); $queryresult = $this->db->query($querystatement); echo "success"; }//end function delete /** * saves current search * * @param string $name name to save search as * @param integer $tabledefid table definition's id * @param string $userid uuid of user */ function save($name,$tabledefid,$userid){ $uuid = getUuid($this->db, "tbld:5c9d645f-26ab-5003-b98e-89e9049f8ac3", $tabledefid); $querystatement = " SELECT `prefix` FROM `tabledefs` WHERE `uuid` = '".$uuid."'"; $queryresult = $this->db->query($querystatement); $therecord = $this->db->fetchArray($queryresult); $prefix = $therecord["prefix"]; $insertstatement = " INSERT INTO usersearches ( userid, tabledefid, name, `type`, sqlclause, `uuid` ) VALUES ( '".mysql_real_escape_string($userid)."', '".mysql_real_escape_string($uuid)."', '".mysql_real_escape_string($name)."', 'SCH', '".addslashes($_SESSION["tableparams"][$tabledefid]["querywhereclause"])."', '".uuid($prefix.":")."' )"; $this->db->query($insertstatement); echo "search saved"; }//endfunction save /** * displays sql clause for saved search * * @param integer $id savedsearch id */ function get($id){ $querystatement=" SELECT sqlclause FROM usersearches WHERE id=".((int) $id); $queryresult = $this->db->query($querystatement); $therecord = $this->db->fetchArray($queryresult); echo $therecord["sqlclause"]; }//end function /** * generates the select input of saved searches * * @param mysql query result $queryresult */ function showSavedSearchList($queryresult){ $numrows = $this->db->numRows($queryresult); ?> db, "tbld:5c9d645f-26ab-5003-b98e-89e9049f8ac3", $tabledefid); $querystatement = " SELECT id, name, userid FROM usersearches WHERE tabledefid = '".$uuid."' AND type='SCH' AND ( (userid = '' ".$securitywhere.") OR userid = '".$userid."') ORDER BY userid, name"; $queryresult = $this->db->query($querystatement); if(!$queryresult) $error = new appError(500,"Cannot retrieve saved search information"); $querystatement=" SELECT advsearchroleid FROM tabledefs WHERE id= '".$tabledefid."'"; $tabledefresult = $this->db->query($querystatement); if(!$tabledefresult) $error = new appError(500,"Cannot retrieve table definition information."); $tableinfo=$this->db->fetchArray($tabledefresult); ?>


showSavedSearchList($queryresult)?>



 
0){ $securitywhere = ""; foreach($_SESSION["userinfo"]["roles"] as $role) $securitywhere .= ", '".$role."'"; $securitywhere = " AND (`roleid` IN (''".$securitywhere.") OR `roleid` IS NULL)"; }//endif if(!isset($_GET["tid"])) $error = new appError(200, "passed parameters not set"); $thesearch->showLoad($_GET["tid"], $_SESSION["userinfo"]["uuid"], $securitywhere); break; case "getsearch": if(!isset($_GET["id"])) $error = new appError(200, "passed parameters not set"); $thesearch->get($_GET["id"]); break; case "savesearch": if(!isset($_GET["tid"]) || !isset($_GET["name"])) $error = new appError(200, "passed parameters not set"); $thesearch->save($_GET["name"] ,$_GET["tid"], $_SESSION["userinfo"]["uuid"]); break; case "deletesearch": if(!isset($_GET["id"])) $error = new appError(200, "passed parameters not set"); $thesearch->delete($_GET["id"]); break; }//end switch }//endif ?>