function _search($req) { global $thisstaff, $cfg; $result = array(); $select = 'SELECT ticket.ticket_id'; $from = ' FROM ' . TICKET_TABLE . ' ticket '; //Access control. $where = ' WHERE ( (ticket.staff_id=' . db_input($thisstaff->getId()) . ' AND ticket.status="open" )'; if (($teams = $thisstaff->getTeams()) && count(array_filter($teams))) { $where .= ' OR (ticket.team_id IN (' . implode(',', db_input(array_filter($teams))) . ' ) AND ticket.status="open")'; } if (!$thisstaff->showAssignedOnly() && ($depts = $thisstaff->getDepts())) { $where .= ' OR ticket.dept_id IN (' . implode(',', db_input($depts)) . ')'; } $where .= ' ) '; //Department if ($req['deptId']) { $where .= ' AND ticket.dept_id=' . db_input($req['deptId']); } //Help topic if ($req['topicId']) { $where .= ' AND ticket.topic_id=' . db_input($req['topicId']); } //Status switch (strtolower($req['status'])) { case 'open': $where .= ' AND ticket.status="open" '; break; case 'answered': $where .= ' AND ticket.status="open" AND ticket.isanswered=1 '; break; case 'overdue': $where .= ' AND ticket.status="open" AND ticket.isoverdue=1 '; break; case 'closed': $where .= ' AND ticket.status="closed" '; break; } //Assignee if (isset($req['assignee']) && strcasecmp($req['status'], 'closed')) { $id = preg_replace("/[^0-9]/", "", $req['assignee']); $assignee = $req['assignee']; $where .= ' AND ( ( ticket.status="open" '; if ($assignee[0] == 't') { $where .= ' AND ticket.team_id=' . db_input($id); } elseif ($assignee[0] == 's') { $where .= ' AND ticket.staff_id=' . db_input($id); } elseif (is_numeric($id)) { $where .= ' AND ticket.staff_id=' . db_input($id); } $where .= ')'; if ($req['staffId'] && !$req['status']) { //Assigned TO + Closed By $where .= ' OR (ticket.staff_id=' . db_input($req['staffId']) . ' AND ticket.status="closed") '; } elseif (isset($req['staffId'])) { // closed by any $where .= ' OR ticket.status="closed" '; } $where .= ' ) '; } elseif ($req['staffId']) { $where .= ' AND (ticket.staff_id=' . db_input($req['staffId']) . ' AND ticket.status="closed") '; } //dates $startTime = $req['startDate'] && strlen($req['startDate']) >= 8 ? strtotime($req['startDate']) : 0; $endTime = $req['endDate'] && strlen($req['endDate']) >= 8 ? strtotime($req['endDate']) : 0; if ($startTime && $startTime > time() or $startTime > $endTime && $endTime > 0) { $startTime = $endTime = 0; } if ($startTime) { $where .= ' AND ticket.created>=FROM_UNIXTIME(' . $startTime . ')'; } if ($endTime) { $where .= ' AND ticket.created<=FROM_UNIXTIME(' . $endTime . ')'; } //Query $joins = array(); if ($req['query']) { $queryterm = db_real_escape($req['query'], false); // Setup sets of joins and queries $joins[] = array('from' => 'LEFT JOIN ' . TICKET_THREAD_TABLE . ' thread ON (ticket.ticket_id=thread.ticket_id )', 'where' => "thread.title LIKE '%{$queryterm}%' OR thread.body LIKE '%{$queryterm}%'"); $joins[] = array('from' => 'LEFT JOIN ' . FORM_ENTRY_TABLE . ' tentry ON (tentry.object_id = ticket.ticket_id AND tentry.object_type="T") LEFT JOIN ' . FORM_ANSWER_TABLE . ' tans ON (tans.entry_id = tentry.id AND tans.value_id IS NULL)', 'where' => "tans.value LIKE '%{$queryterm}%'"); $joins[] = array('from' => 'LEFT JOIN ' . FORM_ENTRY_TABLE . ' uentry ON (uentry.object_id = ticket.user_id AND uentry.object_type="U") LEFT JOIN ' . FORM_ANSWER_TABLE . ' uans ON (uans.entry_id = uentry.id AND uans.value_id IS NULL) LEFT JOIN ' . USER_TABLE . ' user ON (ticket.user_id = user.id) LEFT JOIN ' . USER_EMAIL_TABLE . ' uemail ON (user.id = uemail.user_id)', 'where' => "uemail.address LIKE '%{$queryterm}%' OR user.name LIKE '%{$queryterm}%' OR uans.value LIKE '%{$queryterm}%'"); } // Dynamic fields $cdata_search = false; foreach (TicketForm::getInstance()->getFields() as $f) { if (isset($req[$f->getFormName()]) && ($val = $req[$f->getFormName()])) { $name = $f->get('name') ? $f->get('name') : 'field_' . $f->get('id'); if ($f->getImpl()->hasIdValue() && is_numeric($val)) { $cwhere = "cdata.`{$name}_id` = " . db_input($val); } else { $cwhere = "cdata.`{$name}` LIKE '%" . db_real_escape($val) . "%'"; } $where .= ' AND (' . $cwhere . ')'; $cdata_search = true; } } if ($cdata_search) { $from .= 'LEFT JOIN ' . TABLE_PREFIX . 'ticket__cdata ' . " cdata ON (cdata.ticket_id = ticket.ticket_id)"; } $sections = array(); foreach ($joins as $j) { $sections[] = "{$select} {$from} {$j['from']} {$where} AND ({$j['where']})"; } if (!$joins) { $sections[] = "{$select} {$from} {$where}"; } $sql = implode(' union ', $sections); if (!($res = db_query($sql))) { return TicketForm::dropDynamicDataView(); } $tickets = array(); while ($row = db_fetch_row($res)) { $tickets[] = $row[0]; } return $tickets; }
function _search($req) { global $thisstaff, $cfg, $ost; $result = array(); $criteria = array(); $select = 'SELECT ticket.ticket_id'; $from = ' FROM ' . TICKET_TABLE . ' ticket LEFT JOIN ' . TICKET_STATUS_TABLE . ' status ON (status.id = ticket.status_id) '; //Access control. $where = ' WHERE ( (ticket.staff_id=' . db_input($thisstaff->getId()) . ' AND status.state="open" )'; if (($teams = $thisstaff->getTeams()) && count(array_filter($teams))) { $where .= ' OR (ticket.team_id IN (' . implode(',', db_input(array_filter($teams))) . ' ) AND status.state="open" )'; } if (!$thisstaff->showAssignedOnly() && ($depts = $thisstaff->getDepts())) { $where .= ' OR ticket.dept_id IN (' . implode(',', db_input($depts)) . ')'; } $where .= ' ) '; //Department if ($req['deptId']) { $where .= ' AND ticket.dept_id=' . db_input($req['deptId']); $criteria['dept_id'] = $req['deptId']; } //Help topic if ($req['topicId']) { $where .= ' AND ticket.topic_id=' . db_input($req['topicId']); $criteria['topic_id'] = $req['topicId']; } // Status if ($req['statusId'] && ($status = TicketStatus::lookup($req['statusId']))) { $where .= sprintf(' AND status.id="%d" ', $status->getId()); $criteria['status_id'] = $status->getId(); } // Flags if ($req['flag']) { switch (strtolower($req['flag'])) { case 'answered': $where .= ' AND ticket.isanswered =1 '; $criteria['isanswered'] = 1; $criteria['state'] = 'open'; $where .= ' AND status.state="open" '; break; case 'overdue': $where .= ' AND ticket.isoverdue =1 '; $criteria['isoverdue'] = 1; $criteria['state'] = 'open'; $where .= ' AND status.state="open" '; break; } } //Assignee if ($req['assignee'] && strcasecmp($req['status'], 'closed')) { # assigned-to $id = preg_replace("/[^0-9]/", "", $req['assignee']); $assignee = $req['assignee']; $where .= ' AND ( ( status.state="open" '; if ($assignee[0] == 't') { $where .= ' AND ticket.team_id=' . db_input($id); $criteria['team_id'] = $id; } elseif ($assignee[0] == 's' || is_numeric($id)) { $where .= ' AND ticket.staff_id=' . db_input($id); $criteria['staff_id'] = $id; } $where .= ')'; if ($req['staffId'] && !$req['status']) { //Assigned TO + Closed By $where .= ' OR (ticket.staff_id=' . db_input($req['staffId']) . ' AND status.state IN("closed")) '; } elseif ($req['staffId']) { // closed by any $where .= ' OR status.state IN("closed") '; } $where .= ' ) '; } elseif ($req['staffId']) { # closed-by $where .= ' AND (ticket.staff_id=' . db_input($req['staffId']) . ' AND status.state IN("closed")) '; $criteria['state__in'] = array('closed'); $criteria['staff_id'] = $req['staffId']; } //dates $startTime = $req['startDate'] && strlen($req['startDate']) >= 8 ? strtotime($req['startDate']) : 0; $endTime = $req['endDate'] && strlen($req['endDate']) >= 8 ? strtotime($req['endDate']) : 0; if ($endTime) { // $endTime should be the last second of the day, not the first like $startTime $endTime += 60 * 60 * 24 - 1; } if ($startTime && $startTime > time() or $startTime > $endTime && $endTime > 0) { $startTime = $endTime = 0; } if ($startTime) { $where .= ' AND ticket.created>=FROM_UNIXTIME(' . $startTime . ')'; $criteria['created__gte'] = $startTime; } if ($endTime) { $where .= ' AND ticket.created<=FROM_UNIXTIME(' . $endTime . ')'; $criteria['created__lte'] = $startTime; } // Dynamic fields $cdata_search = false; foreach (TicketForm::getInstance()->getFields() as $f) { if (isset($req[$f->getFormName()]) && ($val = $req[$f->getFormName()])) { $name = $f->get('name') ? $f->get('name') : 'field_' . $f->get('id'); if (is_array($val)) { $cwhere = '(' . implode(' OR ', array_map(function ($k) use($name) { return sprintf('FIND_IN_SET(%s, `%s`)', db_input($k), $name); }, $val)) . ')'; $criteria["cdata.{$name}"] = $val; } else { $cwhere = "cdata.`{$name}` LIKE '%" . db_real_escape($val) . "%'"; $criteria["cdata.{$name}"] = $val; } $where .= ' AND (' . $cwhere . ')'; $cdata_search = true; } } if ($cdata_search) { $from .= 'LEFT JOIN ' . TABLE_PREFIX . 'ticket__cdata ' . " cdata ON (cdata.ticket_id = ticket.ticket_id)"; } //Query $joins = array(); if ($req['query']) { // Setup sets of joins and queries if ($s = $ost->searcher) { return $s->find($req['query'], $criteria, 'Ticket'); } } $sections = array(); foreach ($joins as $j) { $sections[] = "{$select} {$from} {$j['from']} {$where} AND ({$j['where']})"; } if (!$joins) { $sections[] = "{$select} {$from} {$where}"; } $sql = implode(' union ', $sections); if (!($res = db_query($sql))) { return TicketForm::dropDynamicDataView(); } $tickets = array(); while ($row = db_fetch_row($res)) { $tickets[] = $row[0]; } return $tickets; }