$item['root'] = $pageID;
}
}
}
} else {
if (CMS_tree::getPageByID($tag['attributes'][$name])) {
$item['root'] = $varAttributes['root'];
}
}
}
break;
default:
if (strpos($varAttributes['vartype'], 'fields') !== false) {
// Assume it's a polymod object field
$fieldId = io::substr($varAttributes['vartype'], strrpos($varAttributes['vartype'], 'fields') + 9, -2);
$objectId = CMS_poly_object_catalog::getObjectIDForField($fieldId);
if (io::isPositiveInteger($objectId)) {
$objectFields = CMS_poly_object_catalog::getFieldsDefinition($objectId);
if (sensitiveIO::isPositiveInteger($fieldId)) {
//subobjects
$field = $objectFields[$fieldId];
if (is_object($field)) {
//check if field has a method to provide a list of names
$objectType = $field->getTypeObject();
if (method_exists($objectType, 'getListOfNamesForObject')) {
//check if we can associate unused objects
$params = $objectType->getParamsValues();
if (method_exists($objectType, 'getParamsValues') && isset($params['associateUnused']) && $params['associateUnused']) {
$objectsNames = $objectType->getListOfNamesForObject(true, array(), false);
} else {
$objectsNames = $objectType->getListOfNamesForObject(true);
/**
* Get field search SQL request (used by class CMS_object_search)
*
* @param integer $fieldID : this field id in object (aka $this->_field->getID())
* @param integer $value : the category value to search
* @param string $operator : additionnal search operator
* @param string $where : where clauses to add to SQL
* @param boolean $public : values are public or edited ? (default is edited)
* @return string : the SQL request
* @access public
*/
function getFieldSearchSQL($fieldID, $value, $operator, $where, $public = false)
{
$statusSuffix = $public ? "_public" : "_edited";
$supportedOperator = array('editableOnly', 'strict', 'not in', 'not in strict');
if ($operator && !in_array($operator, $supportedOperator)) {
$this->raiseError("Unkown search operator : " . $operator . ", use default search instead");
$operator = false;
}
if ($operator == 'editableOnly') {
global $cms_user;
//get module codename
$moduleCodename = CMS_poly_object_catalog::getModuleCodenameForField($this->_field->getID());
//get a list of all viewvable categories for current user
$editableCats = array_keys(CMS_moduleCategories_catalog::getViewvableCategoriesForProfile($cms_user, $moduleCodename, true, true));
//if no viewvable categories, user has no rights to view anything
if (!$editableCats) {
return false;
}
//add previously found IDs to where clause
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t\tand value in (" . @implode(',', $editableCats) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t";
$q = new CMS_query($sql);
$IDs = array();
if (!$q->hasError()) {
while ($id = $q->getValue('objectID')) {
$IDs[$id] = $id;
}
}
//if no results, no need to continue
if (!$IDs) {
return false;
}
$where = $IDs ? ' and objectID in (' . implode(',', $IDs) . ')' : '';
}
if ($value == CMS_moduleCategory::LINEAGE_PARK_POSITION) {
//if it is a public search, and field is mandatory, no objects should be returned
if ($this->_field->getValue('required') && $public) {
return false;
}
$module = CMS_poly_object_catalog::getModuleCodenameForField($fieldID);
//add deleted cats to searchs
$viewvableCats = CMS_moduleCategories_catalog::getDeletedCategories($module);
//add zero value for objects without categories
$viewvableCats[] = 0;
//get object type id
$objectID = CMS_poly_object_catalog::getObjectIDForField($fieldID);
//first we get objects with deleted or no categories (value 0)
$sqlTmp = "\n\t\t\t\tselect\n\t\t\t\t\tdistinct objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\twhere\n\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\tand value in (" . implode(',', $viewvableCats) . ")\n\t\t\t\t\t{$where}\n\t\t\t\t";
$qTmp = new CMS_query($sqlTmp);
$deletedIDs = array();
while ($r = $qTmp->getArray()) {
if ($r['objectID']) {
$deletedIDs[$r['objectID']] = $r['objectID'];
}
}
//then if we get objects with no categories at all (not referenced in mod_subobject_integer table)
$sqlTmp = "\n\t\t\t\tselect\n\t\t\t\t\tdistinct objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_subobject_integer" . $statusSuffix . "\n\t\t\t\twhere\n\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t{$where}\n\t\t\t\t";
$qTmp = new CMS_query($sqlTmp);
$noCatsIDs = $catsIDs = array();
while ($r = $qTmp->getArray()) {
if ($r['objectID']) {
$catsIDs[$r['objectID']] = $r['objectID'];
}
}
$IDs = array();
if (preg_match_all('#\\d+#', $where, $IDs)) {
$IDs = array_shift($IDs);
}
$noCatsIDs = array_diff($IDs, $catsIDs);
$IDs = array_merge($deletedIDs, $noCatsIDs);
//if no results, no need to continue
if (!$IDs) {
return false;
}
//then we mix the too results and we return it as a fake SQL request to keep system compatibility
$sql = "\n\t\t\t\tselect\n\t\t\t\t\tdistinct id_moo as objectID\n\t\t\t\tfrom\n\t\t\t\t\tmod_object_polyobjects\n\t\t\t\twhere \n\t\t\t\t\tid_moo in (" . implode(',', $IDs) . ")\n\t\t\t\t";
} else {
if ($operator == 'strict') {
if (!is_array($value)) {
$value = array($value);
}
//get categories searched
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\tmodulesCategories\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t\tand id_mca = value\n\t\t\t\t\t\tand value in (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t";
} elseif ($operator == 'not in strict') {
if (!is_array($value)) {
$value = array($value);
}
//get categories searched
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\tmodulesCategories\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t\tand id_mca = value\n\t\t\t\t\t\tand value not in (" . implode(',', $value) . ")\n\t\t\t\t\t\t{$where}\n\t\t\t\t\t";
} else {
if (!is_array($value)) {
$value = array($value);
}
$lineages = array();
foreach ($value as $catID) {
if ($catID) {
//get lineage of category searched
$lineages[] = CMS_moduleCategories_catalog::getLineageOfCategoryAsString($catID);
}
}
$sql = '';
if ($operator == 'not in') {
foreach ($lineages as $lineage) {
$sql .= $sql ? ' and ' : '';
$sql .= "\n\t\t\t\t\t\tlineage_mca != '" . SensitiveIO::sanitizeSQLString($lineage) . "'\n\t\t\t\t\t\tand lineage_mca not like '" . SensitiveIO::sanitizeSQLString($lineage) . ";%' ";
}
} else {
foreach ($lineages as $lineage) {
$sql .= $sql ? ' or ' : '';
$sql .= "\n\t\t\t\t\t\tlineage_mca = '" . SensitiveIO::sanitizeSQLString($lineage) . "'\n\t\t\t\t\t\tor lineage_mca like '" . SensitiveIO::sanitizeSQLString($lineage) . ";%' ";
}
}
$sql = "\n\t\t\t\t\tselect\n\t\t\t\t\t\tdistinct objectID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tmod_subobject_integer" . $statusSuffix . ",\n\t\t\t\t\t\tmodulesCategories\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectFieldID = '" . $fieldID . "'\n\t\t\t\t\t\tand id_mca=value\n\t\t\t\t\t\t" . ($sql ? " and (" . $sql . ") " : '') . "\n\t\t\t\t\t\t{$where}";
}
}
return $sql;
}
