</span> </div> <div class="field"> <label class="short">Subject:</label> <span class="field-container"><input type="text" size="60" name="subject" value="" /></span> </div> <div class="field"> <label class="short">Message:</label> <span class="field-container"><textarea name="message" id="message" class="tinymce"></textarea></span> </div> </div> </div> <div id="dialog-buttons"> <img src="images/activity-16x16.gif" height="16" width="16" border="0" title="Working..." /> <input type="submit" id="button-save" value="Send E-mail" /> <input type="button" id="dialog-button-cancel" value="Cancel" style="margin-left: 10px;" /> </div> <input type="hidden" name="search" value="<?php echo Request::GetSafe('search'); ?> " /> <input type="hidden" name="r" value="tbxGenericEmail(<?php echo $type; ?> )" /> </form>
function tbxGenericSearch() { $DB = GetDB(); $schema = GetDBSchema(); $_REQUEST['per_page'] = isset($_REQUEST['per_page']) && $_REQUEST['per_page'] > 0 ? $_REQUEST['per_page'] : 20; $_REQUEST['page'] = isset($_REQUEST['page']) && $_REQUEST['page'] > 0 ? $_REQUEST['page'] : 1; // Sanity checking $table = Request::GetSafe('table'); $xtable = $schema->el('//table[name="' . $table . '"]'); if (empty($xtable)) { throw new BaseException('The supplied database table does not exist', $table); } // Get custom and merge tables $custom_table = $xtable->custom->val(); $merge_tables = empty($custom_table) ? array() : array($custom_table); foreach ($xtable->xpath('./merge') as $xmerge) { $merge_tables[] = $xmerge->val(); } // Start building the SQL query $s = new SQL_SelectBuilder($table); // Fulltext searches if (isset($_REQUEST['text_search']) && !String::IsEmpty($_REQUEST['text_search'])) { $columns = array(); foreach ($xtable->xpath('.//fulltext[1]/column') as $xcolumn) { $columns[] = $table . '.' . $xcolumn->val(); } $s->AddFulltextWhere($columns, $_REQUEST['text_search_type'], $_REQUEST['text_search']); if ($_REQUEST['text_search_type'] == SQL::FULLTEXT) { $_REQUEST['sort_field'] = array(); } } // Standard search fields for ($i = 0; $i < count($_REQUEST['search_field']); $i++) { $s->AddWhere($_REQUEST['search_field'][$i], $_REQUEST['search_operator'][$i], $_REQUEST['search_term'][$i], $_REQUEST['search_connector'][$i], true); } // Sort fields for ($i = 0; $i < count($_REQUEST['sort_field']); $i++) { $s->AddOrder($_REQUEST['sort_field'][$i], $_REQUEST['sort_direction'][$i]); } $primary_key = $xtable->columns->primaryKey->val(); $result = $DB->QueryWithPagination($s->Generate(), $s->Binds(), $_REQUEST['page'], $_REQUEST['per_page'], $primary_key); if ($result['handle']) { $global_item_include_file = File::Sanitize('cp-' . $xtable->naming->type . '-search-item-global.php', 'php'); $item_include_file = File::Sanitize('cp-' . $xtable->naming->type . '-search-item.php', 'php'); if (!is_file("includes/{$item_include_file}")) { throw new BaseException('The required include file could not be found', $item_include_file); } ob_start(); if (is_file("includes/{$global_item_include_file}")) { include $global_item_include_file; } while ($original = $DB->NextRow($result['handle'])) { foreach ($merge_tables as $merge_table) { $row = $DB->Row('SELECT * FROM # WHERE #=?', array($merge_table, $primary_key, $original[$primary_key])); if (is_array($row)) { $original = array_merge($row, $original); } } $item = String::HtmlSpecialChars($original); include $item_include_file; } $result['html'] = ob_get_clean(); $DB->Free($result['handle']); unset($result['handle']); } JSON::Success($result); }